[Mageia-sysadm] [211] - replace hardcoded domain by a variable, to ease reuse of the module

root at mageia.org root at mageia.org
Tue Nov 9 03:21:57 CET 2010 

Revision: 211
Author:   misc
Date:     2010-11-09 03:21:57 +0100 (Tue, 09 Nov 2010)
Log Message:
-----------
- replace hardcoded domain by a variable, to ease reuse of the module 

Modified Paths:
--------------
    puppet/modules/openldap/templates/slapd.conf

Modified: puppet/modules/openldap/templates/slapd.conf
===================================================================
--- puppet/modules/openldap/templates/slapd.conf	2010-11-08 23:18:50 UTC (rev 210)
+++ puppet/modules/openldap/templates/slapd.conf	2010-11-09 02:21:57 UTC (rev 211)
@@ -1,3 +1,9 @@
+<%
+dc_suffix = 'dc=' + domain.gsub('.',',dc=')
+path_module_directory = "/usr/lib" + ( architecture == "x86_64" ? '64' : '') + "/openldap"
+
+%>
+
 # slapd.conf template
 include	/usr/share/openldap/schema/core.schema
 include	/usr/share/openldap/schema/cosine.schema
@@ -26,10 +32,6 @@
 pidfile		/var/run/ldap/slapd.pid
 argsfile	/var/run/ldap/slapd.args
 
-<%
-path_module_directory = "/usr/lib" + ( architecture == "x86_64" ? '64' : '') + "/openldap"
-%>
-
 modulepath	<%= path_module_directory %>
 moduleload	back_monitor.la
 moduleload	syncprov.la
@@ -51,9 +53,9 @@
 loglevel 256
 
 database	bdb
-suffix		"dc=mageia,dc=org"
+suffix		"<%= dc_suffix %>"
 directory	/var/lib/ldap
-rootdn		"cn=manager,dc=mageia,dc=org"
+rootdn		"cn=manager,<%= dc_suffix %>"
 
 checkpoint 256 5
 # 32Mbytes, can hold about 10k posixAccount entries
@@ -81,7 +83,7 @@
 syncprov-sessionlog 100
 
 overlay ppolicy
-ppolicy_default "cn=default,ou=Password Policies,dc=mageia,dc=org"
+ppolicy_default "cn=default,ou=Password Policies,<%= dc_suffix %>"
 ppolicy_hash_cleartext yes
 ppolicy_use_lockout yes
 
@@ -94,15 +96,15 @@
 #refint_nothing "uid=LDAP Admin,ou=System Accounts,dc=example,dc=com"
 
 authz-regexp "gidNumber=0\\\+uidNumber=0,cn=peercred,cn=external,cn=auth"
-	"uid=Account Admin,ou=System Accounts,dc=mageia,dc=org"
-authz-regexp ^uid=([^,]+),cn=[^,]+,cn=auth$ uid=$1,ou=People,dc=mageia,dc=org
+	"uid=Account Admin,ou=System Accounts,<%= dc_suffix %>"
+authz-regexp ^uid=([^,]+),cn=[^,]+,cn=auth$ uid=$1,ou=People,<%= dc_suffix %>
 
 include /etc/openldap/mandriva-dit-access.conf
 
 
 database monitor
 access to dn.subtree="cn=Monitor"
-	by group.exact="cn=LDAP Monitors,ou=System Groups,dc=mageia,dc=org" read
-	by group.exact="cn=LDAP Admins,ou=System Groups,dc=mageia,dc=org" read
+	by group.exact="cn=LDAP Monitors,ou=System Groups,<%= dc_suffix %>" read
+	by group.exact="cn=LDAP Admins,ou=System Groups,<%= dc_suffix %>" read
 	by * none
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-sysadm/attachments/20101109/3dd92efc/attachment.html>

More information about the Mageia-sysadm mailing list