Date: Mon, 2 Aug 2021 08:05:14 GMT From: Xin LI <delphij@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: ea9ee3986cfc - main - net/openldap24-server: Upon shutdown, backup database in LDIF form. Message-ID: <202108020805.17285EVQ008938@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by delphij: URL: https://cgit.FreeBSD.org/ports/commit/?id=ea9ee3986cfc009c8e463a5c0f2db796371c3cb4 commit ea9ee3986cfc009c8e463a5c0f2db796371c3cb4 Author: Xin LI <delphij@FreeBSD.org> AuthorDate: 2021-08-02 07:59:27 +0000 Commit: Xin LI <delphij@FreeBSD.org> CommitDate: 2021-08-02 07:59:54 +0000 net/openldap24-server: Upon shutdown, backup database in LDIF form. The upcoming OpenLDAP 2.5 update requires a format change to mdb databases. It is mandatory for existing slapd-mdb(5) databases to be exported via an OpenLDAP 2.4 slapcat prior to upgrade, then reloaded via an OpenLDAP 2.5 slapadd after upgrade. To make sure that the user always have a backup somewhere, introduce a backup mechanism (enabled by default, and may be disabled by setting rc.conf variable slapd_autobackup_enable to "NO") in the slapd rc.d script upon shutdown. By default, the backups will be stored at /var/backups/openldap and a total of 8 backups will be kept, with the oldest backup overwritten as needed. Backups are compressed using zstd, or, when zstd is not available, using gzip. The compression can be disabled by setting slapd_autobackup_compress to "NO", if desirable (e.g. if /var/backups is located on a file system that is capable of doing compression, like ZFS). --- net/openldap24-server/Makefile | 4 +- net/openldap24-server/files/slapd.in | 71 ++++++++++++++++++++++++++++++++++++ 2 files changed, 74 insertions(+), 1 deletion(-) diff --git a/net/openldap24-server/Makefile b/net/openldap24-server/Makefile index 6146a8c82b34..afbf8a4a3d2d 100644 --- a/net/openldap24-server/Makefile +++ b/net/openldap24-server/Makefile @@ -46,7 +46,7 @@ BROKEN= incompatible OpenLDAP version: ${WANT_OPENLDAP_VER} .endif PORTREVISION_CLIENT= 1 -PORTREVISION_SERVER= 2 +PORTREVISION_SERVER= 3 OPENLDAP_SHLIB_MAJOR= 2 OPENLDAP_SHLIB_MINOR= 11.7 OPENLDAP_MAJOR= ${DISTVERSION:R} @@ -394,10 +394,12 @@ SCHEMATA= collective corba core cosine duaconf dyngroup \ LDAP_RUN_DIR?= /var/run/openldap LOCALSTATEDIR?= /var/db DATABASEDIR?= ${LOCALSTATEDIR}/openldap-data +BACKUPDIR?= /var/backups/openldap SUB_LIST+= LDAP_RUN_DIR=${LDAP_RUN_DIR} \ LDAP_USER=${LDAP_USER} \ LDAP_GROUP=${LDAP_GROUP} \ + BACKUPDIR=${BACKUPDIR} \ DATABASEDIR=${DATABASEDIR} \ PORTNAME=${PORTNAME} \ PKGNAME=${PKGNAME} \ diff --git a/net/openldap24-server/files/slapd.in b/net/openldap24-server/files/slapd.in index 9c9cb7779ca6..620c2f4d255c 100644 --- a/net/openldap24-server/files/slapd.in +++ b/net/openldap24-server/files/slapd.in @@ -30,6 +30,18 @@ # #slapd_krb5_ktname="/path/to/ldap.keytab" # +#slapd_autobackup_enable="YES" +# To enable automatic backup of OpenLDAP data after successful shutdown +# in the form of LDIF. +# +#slapd_autobackup_num="8" +# How many automatic backups should this script keep. +# +#slapd_autobackup_compress="YES" +# Compress backup data with zstd (if present) or gzip. +# +#slapd_autobackup_name="backup" +# Name to be used for backups . /etc/rc.subr @@ -47,6 +59,10 @@ fi : ${slapd_owner="%%LDAP_USER%%:%%LDAP_GROUP%%"} : ${slapd_sockets_mode="666"} : ${slapd_cn_config="NO"} +: ${slapd_autobackup_enable="YES"} +: ${slapd_autobackup_num="8"} +: ${slapd_autobackup_compress="YES"} +: ${slapd_autobackup_name="backup"} command="%%PREFIX%%/libexec/slapd" pidfile="%%LDAP_RUN_DIR%%/slapd.pid" @@ -63,6 +79,7 @@ fi start_precmd=start_precmd start_postcmd=start_postcmd +stop_postcmd=stop_postcmd # extract user and group, adjust ownership of directories and database @@ -143,4 +160,58 @@ start_postcmd() done } +stop_postcmd() +{ + local compress_program compress_suffix + + if checkyesno slapd_autobackup_enable; then + if checkyesno slapd_autobackup_compress; then + if [ -x /usr/bin/zstd ]; then + compress_program="/usr/bin/zstd" + compress_suffix=".zstd" + else + compress_program="/usr/bin/gzip" + compress_suffix=".gz" + fi + else + compress_program="cat" + compress_suffix="" + fi + + umask 077 + mkdir -p %%BACKUPDIR%% + chmod 700 %%BACKUPDIR%% + + n=0 + while [ ${n} -lt ${slapd_autobackup_num} ]; do + backup_file="%%BACKUPDIR%%/${slapd_autobackup_name}.ldif.${n}${compress_suffix}" + if [ ! -e "${backup_file}" -o -f "${backup_file}" ]; then + break + fi + n=$(( ${n} + 1 )) + done + if [ -f "${backup_file}" ]; then + n=$(( ${n} + 1 )) + while [ ${n} -lt ${slapd_autobackup_num} ]; do + next_backup_file="%%BACKUPDIR%%/${slapd_autobackup_name}.ldif.${n}${compress_suffix}" + if [ -f "${next_backup_file}" ]; then + [ "${next_backup_file}" -ot "${backup_file}" ] && \ + backup_file=${next_backup_file} + elif [ ! -e "${next_backup_file}" ]; then + backup_file=${next_backup_file} + break + fi + n=$(( ${n} + 1 )) + done + fi + if [ -e "${backup_file}" -a ! -f "${backup_file}" ]; then + err 1 "Unable to backup OpenLDAP data" + else + info "Backing up OpenLDAP data to ${backup_file}" + fi + + %%PREFIX%%/sbin/slapcat | ${compress_program} > ${backup_file} + fi +} + run_rc_command "$1"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202108020805.17285EVQ008938>