diff options
| author | Xin LI <delphij@FreeBSD.org> | 2021-08-02 07:59:27 +0000 |
|---|---|---|
| committer | Xin LI <delphij@FreeBSD.org> | 2021-08-02 07:59:54 +0000 |
| commit | ea9ee3986cfc009c8e463a5c0f2db796371c3cb4 (patch) | |
| tree | 8103bacf43ca0d97b8265b41638ba8829886cb7a | |
| parent | fc3d3e68179b106b6698f771d463dcf1a5647217 (diff) | |
| download | ports-ea9ee3986cfc009c8e463a5c0f2db796371c3cb4.tar.gz ports-ea9ee3986cfc009c8e463a5c0f2db796371c3cb4.zip | |
net/openldap24-server: Upon shutdown, backup database in LDIF form.
The upcoming OpenLDAP 2.5 update requires a format change to mdb
databases. It is mandatory for existing slapd-mdb(5) databases to
be exported via an OpenLDAP 2.4 slapcat prior to upgrade, then
reloaded via an OpenLDAP 2.5 slapadd after upgrade.
To make sure that the user always have a backup somewhere, introduce
a backup mechanism (enabled by default, and may be disabled by setting
rc.conf variable slapd_autobackup_enable to "NO") in the slapd rc.d
script upon shutdown.
By default, the backups will be stored at /var/backups/openldap and
a total of 8 backups will be kept, with the oldest backup overwritten
as needed. Backups are compressed using zstd, or, when zstd is not
available, using gzip. The compression can be disabled by setting
slapd_autobackup_compress to "NO", if desirable (e.g. if /var/backups
is located on a file system that is capable of doing compression,
like ZFS).
| -rw-r--r-- | net/openldap24-server/Makefile | 4 | ||||
| -rw-r--r-- | net/openldap24-server/files/slapd.in | 71 |
2 files changed, 74 insertions, 1 deletions
diff --git a/net/openldap24-server/Makefile b/net/openldap24-server/Makefile index 6146a8c82b34..afbf8a4a3d2d 100644 --- a/net/openldap24-server/Makefile +++ b/net/openldap24-server/Makefile @@ -46,7 +46,7 @@ BROKEN= incompatible OpenLDAP version: ${WANT_OPENLDAP_VER} .endif PORTREVISION_CLIENT= 1 -PORTREVISION_SERVER= 2 +PORTREVISION_SERVER= 3 OPENLDAP_SHLIB_MAJOR= 2 OPENLDAP_SHLIB_MINOR= 11.7 OPENLDAP_MAJOR= ${DISTVERSION:R} @@ -394,10 +394,12 @@ SCHEMATA= collective corba core cosine duaconf dyngroup \ LDAP_RUN_DIR?= /var/run/openldap LOCALSTATEDIR?= /var/db DATABASEDIR?= ${LOCALSTATEDIR}/openldap-data +BACKUPDIR?= /var/backups/openldap SUB_LIST+= LDAP_RUN_DIR=${LDAP_RUN_DIR} \ LDAP_USER=${LDAP_USER} \ LDAP_GROUP=${LDAP_GROUP} \ + BACKUPDIR=${BACKUPDIR} \ DATABASEDIR=${DATABASEDIR} \ PORTNAME=${PORTNAME} \ PKGNAME=${PKGNAME} \ diff --git a/net/openldap24-server/files/slapd.in b/net/openldap24-server/files/slapd.in index 9c9cb7779ca6..620c2f4d255c 100644 --- a/net/openldap24-server/files/slapd.in +++ b/net/openldap24-server/files/slapd.in @@ -30,6 +30,18 @@ # #slapd_krb5_ktname="/path/to/ldap.keytab" # +#slapd_autobackup_enable="YES" +# To enable automatic backup of OpenLDAP data after successful shutdown +# in the form of LDIF. +# +#slapd_autobackup_num="8" +# How many automatic backups should this script keep. +# +#slapd_autobackup_compress="YES" +# Compress backup data with zstd (if present) or gzip. +# +#slapd_autobackup_name="backup" +# Name to be used for backups . /etc/rc.subr @@ -47,6 +59,10 @@ fi : ${slapd_owner="%%LDAP_USER%%:%%LDAP_GROUP%%"} : ${slapd_sockets_mode="666"} : ${slapd_cn_config="NO"} +: ${slapd_autobackup_enable="YES"} +: ${slapd_autobackup_num="8"} +: ${slapd_autobackup_compress="YES"} +: ${slapd_autobackup_name="backup"} command="%%PREFIX%%/libexec/slapd" pidfile="%%LDAP_RUN_DIR%%/slapd.pid" @@ -63,6 +79,7 @@ fi start_precmd=start_precmd start_postcmd=start_postcmd +stop_postcmd=stop_postcmd # extract user and group, adjust ownership of directories and database @@ -143,4 +160,58 @@ start_postcmd() done } +stop_postcmd() +{ + local compress_program compress_suffix + + if checkyesno slapd_autobackup_enable; then + if checkyesno slapd_autobackup_compress; then + if [ -x /usr/bin/zstd ]; then + compress_program="/usr/bin/zstd" + compress_suffix=".zstd" + else + compress_program="/usr/bin/gzip" + compress_suffix=".gz" + fi + else + compress_program="cat" + compress_suffix="" + fi + + umask 077 + mkdir -p %%BACKUPDIR%% + chmod 700 %%BACKUPDIR%% + + n=0 + while [ ${n} -lt ${slapd_autobackup_num} ]; do + backup_file="%%BACKUPDIR%%/${slapd_autobackup_name}.ldif.${n}${compress_suffix}" + if [ ! -e "${backup_file}" -o -f "${backup_file}" ]; then + break + fi + n=$(( ${n} + 1 )) + done + if [ -f "${backup_file}" ]; then + n=$(( ${n} + 1 )) + while [ ${n} -lt ${slapd_autobackup_num} ]; do + next_backup_file="%%BACKUPDIR%%/${slapd_autobackup_name}.ldif.${n}${compress_suffix}" + if [ -f "${next_backup_file}" ]; then + [ "${next_backup_file}" -ot "${backup_file}" ] && \ + backup_file=${next_backup_file} + elif [ ! -e "${next_backup_file}" ]; then + backup_file=${next_backup_file} + break + fi + n=$(( ${n} + 1 )) + done + fi + if [ -e "${backup_file}" -a ! -f "${backup_file}" ]; then + err 1 "Unable to backup OpenLDAP data" + else + info "Backing up OpenLDAP data to ${backup_file}" + fi + + %%PREFIX%%/sbin/slapcat | ${compress_program} > ${backup_file} + fi +} + run_rc_command "$1" |