xcat-core/xCAT/postscripts/setupLDAP

#!/bin/sh
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
#
#---------------------------------------------------------------------------
# setup LDAP client configuration on the compute nodes
#
#---------------------------------------------------------------------------

if [ -r /etc/ldap.conf -a -r /etc/resolv.conf ]
        then
            echo -n "         LDAP: "
	     logger -t xcat -p local4.info "         LDAP: "
            DC=$(
                cat /etc/resolv.conf | \
                egrep '(domain|search)' | \
                head -1 | \
                awk '{print $2}' | \
                sed 's/\./,dc=/g' | \
                sed 's/^/dc=/'
            )

            echo "uri ldap://$MASTER/
  base $DC
  timelimit 120
  bind_timelimit 120
  idle_timelimit 3600
  nss_base_passwd ou=People,$DC
  nss_base_shadow ou=People,$DC
  nss_base_group  ou=Group,$DC
  nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd
  ssl no
  tls_cacertdir /etc/openldap/cacerts
  pam_password md5" >/etc/ldap.conf

            echo "URI ldap://$MASTER
  BASE $DC
  TLS_CACERTDIR /etc/openldap/cacerts" >/etc/openldap/ldap.conf

  cd /etc
  cp nsswitch.conf nsswitch.conf.ORIG
  sed -r 's/^((passwd|shadow|group):.*)/\1 ldap/' <nsswitch.conf.ORIG >nsswitch.conf

  cd /etc/pam.d
  cp system-auth system-auth.ORIG
  sed -r 's/(account\s+required\s+pam_unix.so)/account     sufficient    pam_ldap.so\n\1/' <system-auth.ORIG >system-auth

fi
        exit 0
LDAP client setup postinstall script git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@1590 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd 2008-06-05 13:03:01 +00:00			`#!/bin/sh`
			`# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html`
			`#`
			`#---------------------------------------------------------------------------`
			`# setup LDAP client configuration on the compute nodes`
			`#`
			`#---------------------------------------------------------------------------`

			`if [ -r /etc/ldap.conf -a -r /etc/resolv.conf ]`
			`then`
			`echo -n " LDAP: "`
fix defect :change all logger calls to put xcat msgs into local4 - ID: 3513525 git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@12694 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd 2012-05-15 07:02:26 +00:00			`logger -t xcat -p local4.info " LDAP: "`
LDAP client setup postinstall script git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@1590 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd 2008-06-05 13:03:01 +00:00			`DC=$(`
			`cat /etc/resolv.conf \| \`
			`egrep '(domain\|search)' \| \`
			`head -1 \| \`
			`awk '{print $2}' \| \`
			`sed 's/\./,dc=/g' \| \`
			`sed 's/^/dc=/'`
			`)`

			`echo "uri ldap://$MASTER/`
			`base $DC`
			`timelimit 120`
			`bind_timelimit 120`
			`idle_timelimit 3600`
			`nss_base_passwd ou=People,$DC`
			`nss_base_shadow ou=People,$DC`
			`nss_base_group ou=Group,$DC`
			`nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd`
			`ssl no`
			`tls_cacertdir /etc/openldap/cacerts`
			`pam_password md5" >/etc/ldap.conf`

			`echo "URI ldap://$MASTER`
			`BASE $DC`
			`TLS_CACERTDIR /etc/openldap/cacerts" >/etc/openldap/ldap.conf`

			`cd /etc`
			`cp nsswitch.conf nsswitch.conf.ORIG`
			`sed -r 's/^((passwd\|shadow\|group):.*)/\1 ldap/' <nsswitch.conf.ORIG >nsswitch.conf`

			`cd /etc/pam.d`
			`cp system-auth system-auth.ORIG`
			`sed -r 's/(account\s+required\s+pam_unix.so)/account sufficient pam_ldap.so\n\1/' <system-auth.ORIG >system-auth`

			`fi`
			`exit 0`