git: ea9ee3986cfc - main - net/openldap24-server: Upon shutdown, backup database in LDIF form.
Xin LI
delphij at FreeBSD.org
Mon Aug 2 08:05:14 UTC 2021
The branch main has been updated by delphij:
URL: https://cgit.FreeBSD.org/ports/commit/?id=ea9ee3986cfc009c8e463a5c0f2db796371c3cb4
commit ea9ee3986cfc009c8e463a5c0f2db796371c3cb4
Author: Xin LI <delphij at FreeBSD.org>
AuthorDate: 2021-08-02 07:59:27 +0000
Commit: Xin LI <delphij at FreeBSD.org>
CommitDate: 2021-08-02 07:59:54 +0000
net/openldap24-server: Upon shutdown, backup database in LDIF form.
The upcoming OpenLDAP 2.5 update requires a format change to mdb
databases. It is mandatory for existing slapd-mdb(5) databases to
be exported via an OpenLDAP 2.4 slapcat prior to upgrade, then
reloaded via an OpenLDAP 2.5 slapadd after upgrade.
To make sure that the user always have a backup somewhere, introduce
a backup mechanism (enabled by default, and may be disabled by setting
rc.conf variable slapd_autobackup_enable to "NO") in the slapd rc.d
script upon shutdown.
By default, the backups will be stored at /var/backups/openldap and
a total of 8 backups will be kept, with the oldest backup overwritten
as needed. Backups are compressed using zstd, or, when zstd is not
available, using gzip. The compression can be disabled by setting
slapd_autobackup_compress to "NO", if desirable (e.g. if /var/backups
is located on a file system that is capable of doing compression,
like ZFS).
---
net/openldap24-server/Makefile | 4 +-
net/openldap24-server/files/slapd.in | 71 ++++++++++++++++++++++++++++++++++++
2 files changed, 74 insertions(+), 1 deletion(-)
diff --git a/net/openldap24-server/Makefile b/net/openldap24-server/Makefile
index 6146a8c82b34..afbf8a4a3d2d 100644
--- a/net/openldap24-server/Makefile
+++ b/net/openldap24-server/Makefile
@@ -46,7 +46,7 @@ BROKEN= incompatible OpenLDAP version: ${WANT_OPENLDAP_VER}
.endif
PORTREVISION_CLIENT= 1
-PORTREVISION_SERVER= 2
+PORTREVISION_SERVER= 3
OPENLDAP_SHLIB_MAJOR= 2
OPENLDAP_SHLIB_MINOR= 11.7
OPENLDAP_MAJOR= ${DISTVERSION:R}
@@ -394,10 +394,12 @@ SCHEMATA= collective corba core cosine duaconf dyngroup \
LDAP_RUN_DIR?= /var/run/openldap
LOCALSTATEDIR?= /var/db
DATABASEDIR?= ${LOCALSTATEDIR}/openldap-data
+BACKUPDIR?= /var/backups/openldap
SUB_LIST+= LDAP_RUN_DIR=${LDAP_RUN_DIR} \
LDAP_USER=${LDAP_USER} \
LDAP_GROUP=${LDAP_GROUP} \
+ BACKUPDIR=${BACKUPDIR} \
DATABASEDIR=${DATABASEDIR} \
PORTNAME=${PORTNAME} \
PKGNAME=${PKGNAME} \
diff --git a/net/openldap24-server/files/slapd.in b/net/openldap24-server/files/slapd.in
index 9c9cb7779ca6..620c2f4d255c 100644
--- a/net/openldap24-server/files/slapd.in
+++ b/net/openldap24-server/files/slapd.in
@@ -30,6 +30,18 @@
#
#slapd_krb5_ktname="/path/to/ldap.keytab"
#
+#slapd_autobackup_enable="YES"
+# To enable automatic backup of OpenLDAP data after successful shutdown
+# in the form of LDIF.
+#
+#slapd_autobackup_num="8"
+# How many automatic backups should this script keep.
+#
+#slapd_autobackup_compress="YES"
+# Compress backup data with zstd (if present) or gzip.
+#
+#slapd_autobackup_name="backup"
+# Name to be used for backups
. /etc/rc.subr
@@ -47,6 +59,10 @@ fi
: ${slapd_owner="%%LDAP_USER%%:%%LDAP_GROUP%%"}
: ${slapd_sockets_mode="666"}
: ${slapd_cn_config="NO"}
+: ${slapd_autobackup_enable="YES"}
+: ${slapd_autobackup_num="8"}
+: ${slapd_autobackup_compress="YES"}
+: ${slapd_autobackup_name="backup"}
command="%%PREFIX%%/libexec/slapd"
pidfile="%%LDAP_RUN_DIR%%/slapd.pid"
@@ -63,6 +79,7 @@ fi
start_precmd=start_precmd
start_postcmd=start_postcmd
+stop_postcmd=stop_postcmd
# extract user and group, adjust ownership of directories and database
@@ -143,4 +160,58 @@ start_postcmd()
done
}
+stop_postcmd()
+{
+ local compress_program compress_suffix
+
+ if checkyesno slapd_autobackup_enable; then
+ if checkyesno slapd_autobackup_compress; then
+ if [ -x /usr/bin/zstd ]; then
+ compress_program="/usr/bin/zstd"
+ compress_suffix=".zstd"
+ else
+ compress_program="/usr/bin/gzip"
+ compress_suffix=".gz"
+ fi
+ else
+ compress_program="cat"
+ compress_suffix=""
+ fi
+
+ umask 077
+ mkdir -p %%BACKUPDIR%%
+ chmod 700 %%BACKUPDIR%%
+
+ n=0
+ while [ ${n} -lt ${slapd_autobackup_num} ]; do
+ backup_file="%%BACKUPDIR%%/${slapd_autobackup_name}.ldif.${n}${compress_suffix}"
+ if [ ! -e "${backup_file}" -o -f "${backup_file}" ]; then
+ break
+ fi
+ n=$(( ${n} + 1 ))
+ done
+ if [ -f "${backup_file}" ]; then
+ n=$(( ${n} + 1 ))
+ while [ ${n} -lt ${slapd_autobackup_num} ]; do
+ next_backup_file="%%BACKUPDIR%%/${slapd_autobackup_name}.ldif.${n}${compress_suffix}"
+ if [ -f "${next_backup_file}" ]; then
+ [ "${next_backup_file}" -ot "${backup_file}" ] && \
+ backup_file=${next_backup_file}
+ elif [ ! -e "${next_backup_file}" ]; then
+ backup_file=${next_backup_file}
+ break
+ fi
+ n=$(( ${n} + 1 ))
+ done
+ fi
+ if [ -e "${backup_file}" -a ! -f "${backup_file}" ]; then
+ err 1 "Unable to backup OpenLDAP data"
+ else
+ info "Backing up OpenLDAP data to ${backup_file}"
+ fi
+
+ %%PREFIX%%/sbin/slapcat | ${compress_program} > ${backup_file}
+ fi
+}
+
run_rc_command "$1"
More information about the dev-commits-ports-all
mailing list