r23189: Work towards a totally scripted setup of LDAP backends, so others can
[samba.git] / source4 / setup / provision-backend
1 #!/bin/sh
2 exec smbscript "$0" ${1+"$@"}
3 /*
4         provision a Samba4 server
5         Copyright Andrew Tridgell 2005
6         Released under the GNU GPL v2 or later
7 */
8
9 options = GetOptions(ARGV,
10                 "POPT_AUTOHELP",
11                 "POPT_COMMON_SAMBA",
12                 "POPT_COMMON_VERSION",
13                 "POPT_COMMON_CREDENTIALS",
14                 'realm=s',
15                 'host-name=s',
16                 'ldap-manager-pass=s',
17                 'root=s',
18                 'quiet',
19                 'ldap-backend-type=s',
20                 'ldap-backend-port=i');
21
22 if (options == undefined) {
23    println("Failed to parse options");
24    return -1;
25 }
26
27 sys = sys_init();
28
29 libinclude("base.js");
30 libinclude("provision.js");
31
32 /*
33   print a message if quiet is not set
34 */
35 function message()
36 {
37         if (options["quiet"] == undefined) {
38                 print(vsprintf(arguments));
39         }
40 }
41
42 /*
43  show some help
44 */
45 function ShowHelp()
46 {
47         print("
48 Samba4 provisioning
49
50 provision [options]
51  --realm        REALM           set realm
52  --host-name    HOSTNAME        set hostname
53  --ldap-manager-pass    PASSWORD        choose LDAP Manager password (otherwise random)
54  --root         USERNAME        choose 'root' unix username
55  --quiet                        Be quiet
56  --ldap-backend-type LDAPSERVER Select either \"openldap\" or \"fedora-ds\" as a target to configure
57  --ldap-backend-port PORT       Select the TCP port (if any) that the LDAP backend should listen on (Fedora DS only)
58 You must provide at least a realm and ldap-backend-type
59
60 ");
61         exit(1);
62 }
63
64 if (options['host-name'] == undefined) {
65         options['host-name'] = hostname();
66 }
67
68 /*
69    main program
70 */
71 if (options["realm"] == undefined ||
72     options["ldap-backend-type"] == undefined ||
73     options["host-name"] == undefined) {
74         ShowHelp();
75 }
76
77 /* cope with an initially blank smb.conf */
78 var lp = loadparm_init();
79 lp.set("realm", options.realm);
80 lp.reload();
81
82 var subobj = provision_guess();
83 for (r in options) {
84         var key = strupper(join("", split("-", r)));
85         subobj[key] = options[r];
86 }
87
88
89
90 var paths = provision_default_paths(subobj);
91 provision_fix_subobj(subobj, message, paths);
92 message("Provisioning LDAP backend for %s in realm %s into %s\n", subobj.HOSTNAME, subobj.REALM, subobj.LDAPDIR);
93 message("Using LDAP Manager password: %s\n", subobj.LDAPMANAGERPASS);
94 var tmp_schema_ldb = subobj.LDAPDIR + "/schema-tmp.ldb";
95 sys.mkdir(subobj.LDAPDIR, 0700);
96
97 provision_schema(subobj, message, tmp_schema_ldb, paths);
98
99 var mapping;
100 var ext;
101 if (options["ldap-backend-type"] == "fedora-ds") {
102         mapping = "schema-map-fedora-ds-1.0";
103         ext = "ldif";
104         if (options["ldap-backend-port"] != undefined) {
105                 message("Will listen on TCP port " + options["ldap-backend-port"] + "\n");
106                 subobj.SERVERPORT="ServerPort = " + options["ldap-backend-port"];
107         } else {
108                 message("Will listen on LDAPI only\n");
109                 subobj.SERVERPORT="";
110         }
111         setup_file("fedorads.inf", message, subobj.LDAPDIR + "/fedorads.inf", subobj);
112         setup_file("fedorads-partitions.ldif", message, subobj.LDAPDIR + "/fedorads-partitions.ldif", subobj);
113 } else if (options["ldap-backend-type"] == "openldap") {
114         provision_ldapbase(subobj, message, paths);
115         mapping = "schema-map-openldap-2.3";
116         ext = "schema";
117         setup_file("slapd.conf", message, subobj.LDAPDIR + "/slapd.conf", subobj);
118         setup_file("modules.conf", message, subobj.LDAPDIR + "/modules.conf", subobj);
119         sys.mkdir(subobj.LDAPDIR + "/db", 0700);
120         subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/user";
121         sys.mkdir(subobj.LDAPDBDIR, 0700);
122         sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
123         sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
124         setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
125         subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/config";
126         sys.mkdir(subobj.LDAPDBDIR, 0700);
127         sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
128         sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
129         setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
130         subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/schema";
131         sys.mkdir(subobj.LDAPDBDIR, 0700);
132         sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
133         sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
134         setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
135         if (options["ldap-backend-port"] != undefined) {
136                 message("NOTE: OpenLDAP TCP ports are controlled on the command line, not in the generated config file\n");
137         }
138 }
139 message("ad2oLschema --option=convert:target=" + options["ldap-backend-type"] + " -I " + lp.get("setup directory") + "/" + mapping + " -H tdb://" + tmp_schema_ldb + " -O " + subobj.LDAPDIR + "/backend-schema." + ext + "\n");
140
141 message("All OK\n");
142 return 0;