[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Debian-sf-devel] Re: [Debian-sf-users] how to configure ldap password?
|
From: |
Soon-Son Kwon |
|
Subject: |
[Debian-sf-devel] Re: [Debian-sf-users] how to configure ldap password? |
|
Date: |
Sun, 24 Mar 2002 11:20:20 +0900 |
|
User-agent: |
Mutt/1.2.5i |
Hello, I managed to install sf package on my sid box
but not sure if ldap stuff installed successfully.
Here is the steps that I followed.
1. install sourceforge from dselect
2. installation exits with error in ldap
3. comment out install-ldap.sh from /var/lib/dpkg/info/sourceforge.postinst
4. run dselect and install the broken sf package again
5. installation finishes without error because I skip install-ldap.sh
by step 4. :-P
6. run /usr/lib/sourceforge/bin/install-ldap.sh configure manually.
When doing step 6, the script showed me some debugging message(?)
but I couldn't see any error-like message.
If you encounter error while installing sf, I'd recommend to
follow the above steps(especially step 3).
By doing so, you will focus on ldap without caring for
the other stuffs.
Right now I can do the following:
I can see the main webpage
I can login via admin account
I can subscribe to sf as a normal user
Here is the output when doing install-ldap.sh configure after running
install-ldap.sh purge
Could anyone please let me know how to check if the ldap
installed correctly?
-------
www:/usr/lib/sourceforge/bin# ./install-ldap.sh configure
Modifying /etc/ldap/slapd.conf
WARNING: Please check referal line in /etc/ldap/slapd.conf
Commenting /etc/ldap/schema/core.schema
Adding /etc/ldap/schema/core.schema
Adding /etc/ldap/schema/cosine.schema
Adding /etc/ldap/schema/inetorgperson.schema
Adding /etc/ldap/schema/nis.schema
Adding /etc/sourceforge/sourceforge.schema
Modifying /etc/libnss-ldap.conf
Modifying /etc/nsswitch.conf
Stopping OpenLDAP: slapd.
Starting OpenLDAP: slapd.
Load ldap
Distinguished Name is dc=myhome,dc=lan
Creating ldif file from database
Filling LDAP with database
Setup SF_robot account
LDAP Server OK : dn=dc=myhome,dc=lan
Adding robot accounts
adding new entry "cn=Replicator,dc=myhome,dc=lan"
ldap_add: Already exists
ldif_record() = 68
adding new entry "cn=SF_robot,dc=myhome,dc=lan"
ldap_add: Already exists
ldif_record() = 68
LDAP Server OK : dn=dc=myhome,dc=lan
Changing SF_robot passwd using admin account
ldap_initialize( <DEFAULT> )
replace userPassword:
{CRYPT}wQ8nmdxQ.ZEFY
modifying entry "cn=SF_robot,dc=myhome,dc=lan"
modify complete
LDAP Server OK : dn=dc=myhome,dc=lan
Testing LDAP
Changing dummy cn using SF_robot account
ldap_initialize( <DEFAULT> )
replace cn:
Dummy User Tested
modifying entry "uid=dummy,ou=People,dc=myhome,dc=lan"
modify complete
---------
Thanks very much...
On Thu, Mar 21, 2002 at 09:44:54AM +0100, Christian BAYLE wrote:
>
> Here is my working installed laptop config, i develop the package with
>
> Soon-Son Kwon wrote:
> >
> > Can anyone please send me a working copy of
> > slapd.conf and local.inc after installing sourceforge correctly?
> > (The up-to-date version is preferred of course. :-))
> >
> > The default slapd/sourceforge combination seems to have
> > some configuration problem and I want to root cause it.
> >
> > Thanks very much....
> >
>
> local.inc
> ===============================================================================
> <?php
> // SourceForge Universal Site Modifications
> // by David HM Spector <address@hidden>
> //
> // Really Important Safety Tip: --> DO NOT LEAVE ANY WHITE
> // SPACE AFTER THE CLOSING PHP TAG AT THE END OF THIS FILE!
> //
> // Doing so will really confuse the software and cause
> // 1) cookies to fail and 2) HTML page headers to fail
> // which will give you some preally hard-to-debug problems.
> // Why? PHP is a *pre-processor* -- anything that's not PHP gets
> // emitted as part of the HTML stream and processed by the browser,
> // so white space is meaningful!
> //
> //
> // PART I - SourceForge hostnames
> //
> // Hostnames should be fully qualified domain names (FQDNs); using short
> names
> // would be prettier but would stop you from distributing your
> SourceForge
> // implementation across multiple domains.
> //
> // Of course, if you have a lot of machines serving a particular purpose
> // such as FTP or for shell accounts, the "hostname" here might be in
> // reality an addr_list of machines that is serviced by a round-robin
> // mechanism or something fancy like a local-director.
> //
> // The default SourceForge domain
> // this is used where ever the "naked" form of the SourceForge domain
> // might be used. E.g., "mailto:address@hidden";
> $sys_default_domain = "g-tt.rd.francetelecom.fr";
>
> // Machine that hosts CVS
> $sys_cvs_host = "cvs.g-tt.rd.francetelecom.fr";
>
> // Machine used for downloading sources/packages
> $sys_download_host = "download.g-tt.rd.francetelecom.fr";
>
> // Machine used for downloading sources/packages
> $sys_upload_host = "upload.g-tt.rd.francetelecom.fr";
>
> // Machine(s) that host users' shell accounts
> // N.B. to the SourceForge Crew: What's the difference between the user
> // host and the shell host? They are clearly two different hostnames
> // in the source code, but they seem to serve the same purpose..?
> $sys_shell_host = "g-tt.rd.francetelecom.fr";
> $sys_users_host = "g-tt.rd.francetelecom.fr";
>
> // Machine that hosts docs (such as the FAQs and the various software
> // licenses (*BSD, [L]GPL, etc.). You REALLY want this to be the same
> // machine that the SourceForge code is running on because all of the
> // PHP makes reference to these documents in terms of relative paths
> that
> // are part of the SourceForge code tree.
> $sys_docs_host = "g-tt.rd.francetelecom.fr";
>
> // Machine that hosts the SourceForge mailing lists (This could also be
> // the mail host if you have enough horsepower & bandwidth)
> $sys_lists_host = "lists.g-tt.rd.francetelecom.fr";
>
> // Domain Name Servers
> // N.B.: Use terminated FQDNs here (with the final ".") so the
> resolver
> // doesn't attempt to recurse in the case of a slightly broken DNS
> // configuration
> $sys_dns1_host = "ns1.g-tt.rd.francetelecom.fr";
> $sys_dns2_host = "ns2.g-tt.rd.francetelecom.fr";
>
> // Part II - Databases, html/php/other paths
> if (getenv ('SERVER_SOFTWARE')) { // We're on the web
> $sys_dbhost=getenv('sys_dbhost');
> $sys_dbname=getenv('sys_dbname');
> $sys_dbuser=getenv('sys_dbuser');
> $sys_dbpasswd=getenv('sys_dbpasswd');
> $sys_ldap_passwd=getenv('sys_ldap_passwd');
> } else {
> require ('/etc/sourceforge/database.inc');
> }
> //whether or not to use replication
> //$sys_db_use_replication=false;
> //$sys_dbreadhost='localhost';
> //$sys_dbreaddb='stats';
> //$sys_server="pgsql";
>
> //
> // LDAP configuration
> //
> // enable ldap use altogether
> $sys_use_ldap=1;
> $sys_ldap_host="g-tt.rd.francetelecom.fr";
> $sys_ldap_port=389;
> // this is dn under which all information stored
> $sys_ldap_base_dn="dc=g-tt,dc=rd,dc=francetelecom,dc=fr";
> // and this, how we do access it (add permission required)
> $sys_ldap_bind_dn="cn=SF_robot,dc=g-tt,dc=rd,dc=francetelecom,dc=fr";
> // admin dn - login dn which has permissions to delete entries
> // NOT used by web code, only by support utilities
> // note that password NOT stored here
> $sys_ldap_admin_dn="cn=admin,dc=g-tt,dc=rd,dc=francetelecom,dc=fr";
>
> // If you change something here don't forget to update fileforge
> // Where files are placed when uploaded
> $FTPINCOMING_DIR =
> "/var/lib/sourceforge/chroot/home/users/<USER>/incoming";
>
> // Where the released files are located
> $FTPFILES_DIR = "/var/lib/sourceforge/download/<GROUP>";
>
> // groups and homes dir prefix
> $homedir_prefix="/var/lib/sourceforge/chroot/home/users";
> $groupdir_prefix="/var/lib/sourceforge/chroot/home/groups";
>
> // Where the SourceForge files are placed
> // *** IMPORTANT: sys_urlroot *MUST* be an ABSOLUTE FILEYSTEM PATH NAME
> // that points to the www directory of the SourceForge
> // installation. If you use ANY form of relative path
> // you will break the html_image function in
> include/html.php
> //
> $sys_urlroot="/usr/lib/sourceforge/www/";
>
> // Cache location -- this is needed by include/cache.php
> // This directory must be world reachable, but writable only by the
> web-server
> $sf_cache_dir = "/var/cache/sourceforge";
> // Name of the system as a whole (needed by various utils and titles)
> $sys_name="Sourceforge";
>
> // session cookie settings
> //
> $sys_session_key = "foobar";
> $sys_session_expire = 60 * 60 * 24 * 7;
> $sys_session_cypher = MCRYPT_TWOFISH;
> // Temporary workaround for libmcrypt if MCRYPT_TWOFISH segfault
> //$sys_session_cypher = MCRYPT_TripleDES;
> $sys_session_cyphermode = MCRYPT_MODE_ECB;
>
> // username cookie settings
> //
> $sys_username_cookie_key = "frobaz";
> $sys_username_cookie_urlspace = ".g-tt.rd.francetelecom.fr";
> $sys_username_cookie_expiration = 60 * 60 * 24 * 7;
> $sys_username_cookie_plaintext = true;
> $sys_username_cookie_cypher = MCRYPT_BLOWFISH;
> $sys_username_cookie_cyphermode = MCRYPT_MODE_ECB;
>
> // Require that user give unique (not yet existent in db) email upon
> // registration
> $sys_require_unique_email=0;
>
> // Part III - GUI modifications (menu colors, etc.)
> // See the top of the file include/html.php, this is where the menu
> colors
> // and colors used throughout SourceForge are defined.
>
> // Themeing related vars... Some of this needs to change in the session
> stuff
> // The theme base directory, everything else is handled by
> theme_sysinit()
> $sys_themeroot=$sys_urlroot."themes/";
>
> // Akamization of images
> $sys_images_url="//g-tt.rd.francetelecom.fr/";
>
> // Part IV - Groups
> // The SourceForge permission model is based on groups
> // certain parts of the site, like news, stats, etc
> // are based on special group_id numbers
> // group_id #1 is the super-user group of sitewide admins
> $sys_news_group = 2;
> $sys_stats_group = 3;
>
> // Part V - Stuff added by Debian-SF
> $sys_show_banner_1 = 0 ;
> $sys_show_banner_2 = 1 ;
>
> // End of customizations -- place nothing after the closing PHP tag!
> ?>
> ===============================================================================
>
> slapd.conf
> ===============================================================================
> include /etc/ldap/schema/core.schema #Added by Sourceforge install
> include /etc/ldap/schema/cosine.schema #Added by Sourceforge install
> include /etc/ldap/schema/inetorgperson.schema #Added by Sourceforge
> install
> include /etc/ldap/schema/nis.schema #Added by Sourceforge install
> include /etc/sourceforge/sourceforge.schema #Added by Sourceforge
> install
> # This is the main ldapd configuration file. See slapd.conf(5) for more
> # info on the configuration options.
>
> # Schema and objectClass definitions
> #Comment by Sourceforge install#include /etc/ldap/schema/core.schema
> #Comment by Sourceforge install#include /etc/ldap/schema/cosine.schema
> #Comment by Sourceforge install#include /etc/ldap/schema/nis.schema
> #Comment by Sourceforge install#include
> /etc/ldap/schema/inetorgperson.schema
>
> # Schema check allows for forcing entries to
> # match schemas for their objectClasses's
> schemacheck on
>
> # Where the pid file is put. The init.d script
> # will not stop the server if you change this.
> pidfile /var/run/slapd.pid
>
> # List of arguments that were passed to the server
> argsfile /var/run/slapd.args
>
> # Where to store the replica logs
> replogfile /var/lib/ldap/replog
>
> # Read slapd.conf(5) for possible values
> loglevel 0
>
> #######################################################################
> # ldbm database definitions
> #######################################################################
>
> # The backend type, ldbm, is the default standard
> database ldbm
>
> # The base of your directory
> suffix "dc=g-tt,dc=rd,dc=francetelecom,dc=fr"
>
> # Where the database file are physically stored
> directory "/var/lib/ldap"
>
> # Indexing options
> index objectClass eq
>
> # Save the time that the entry gets modified
> lastmod on
>
> # The userPassword by default can be changed
> # by the entry owning it if they are authenticated.
> # Others should not be able to see it, except the
> # admin entry below
> # Next second line added by Sourceforge install
> access to attribute=userPassword
> by dn="cn=SF_robot,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by dn="cn=admin,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by anonymous auth
> by self write
> by * none
>
> # The admin dn has full write access
> # Next lines added by Sourceforge install
> access to dn=".*,ou=People,dc=g-tt,dc=rd,dc=francetelecom,dc=fr"
> by dn="cn=admin,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by dn="cn=SF_robot,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by * read
> access to dn="ou=People,dc=g-tt,dc=rd,dc=francetelecom,dc=fr"
> by dn="cn=admin,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by dn="cn=SF_robot,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by * read
> access to dn="ou=Group,dc=g-tt,dc=rd,dc=francetelecom,dc=fr"
> by dn="cn=admin,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by dn="cn=SF_robot,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by * read
> access to dn="ou=cvsGroup,dc=g-tt,dc=rd,dc=francetelecom,dc=fr"
> by dn="cn=admin,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by dn="cn=SF_robot,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by * read
> # End of sourceforge add
> access to *
> by dn="cn=admin,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by * read
>
> # For Netscape Roaming support, each user gets a roaming
> # profile for which they have write access to
> access to dn=".*,ou=Roaming,o=morsnet"
> by dn="cn=admin,dc=g-tt,dc=rd,dc=francetelecom,dc=fr" write
> by dnattr=owner write
>
>
> --
> Christian Bayle
> ===============================================================================
> E-mail: address@hidden
--
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
(o_ **WTFM**
(o_ (o_ //\
(/)_ (/)_ V_/_ http://kldp.org
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
- [Debian-sf-devel] Re: [Debian-sf-users] how to configure ldap password?, Christian BAYLE, 2002/03/21
- [Debian-sf-devel] Re: [Debian-sf-users] how to configure ldap password?,
Soon-Son Kwon <=
- Message not available
- Message not available
- [Debian-sf-devel] Re: [Debian-sf-users] how to configure ldap password?, Christian BAYLE, 2002/03/25
- Re: [Debian-sf-devel] Re: [Debian-sf-users] how to configure ldap password?, Soon-Son Kwon, 2002/03/25
- Re: [Debian-sf-devel] Re: [Debian-sf-users] how to configure ldap password?, Roland Mas, 2002/03/25
- Re: [Debian-sf-devel] Re: [Debian-sf-users] how to configure ldap password?, Soon-Son Kwon, 2002/03/25
- Re: [Debian-sf-devel] Re: [Debian-sf-users] how to configure ldap password?, Roland Mas, 2002/03/26