Deploy an OpenLDAP server in a zc.buildout
Project description
What is z3c.recipe.ldap ?
This recipe can be used to deploy an OpenLDAP server in a zc.buildout. More specifically it provides for initializing an LDAP database from an LDIF file and for setting up an LDAP instance in the buildout. This recipe can also be used to provide an isolated LDAP instance as a test fixture.
How to use z3c.recipe.ldap ?
Installing slapd instance
The default recipe in z3c.recipe.ldap can be used to deploy a slapd LDAP server in the buildout. Options in the slapd part not used by the recipe itself will be used to create and populate a slapd.conf file.
The only required option is the suffix argupent. Specifying the suffix with a dc requires that the “dc” LDAP attribute type configuration. Write a buildout.cfg with a suffix and include core.schema for the attribute type configuration. Also specify that the server should use a socket instead of a network port:
>>> write(sample_buildout, 'buildout.cfg', ... """ ... [buildout] ... parts = slapd ... find-links = http://download.zope.org/ppix/ ... ... [slapd] ... recipe = z3c.recipe.ldap ... slapd = %(openldap)s/libexec/slapd ... use-socket = True ... allow = bind_v2 ... include = ... %(openldap)s/etc/openldap/schema/core.schema ... foo.schema ... bar.conf ... modulepath = ... moduleload = ... suffix = "dc=localhost" ... """ % globals())
Create the files to be included:
>>> write(sample_buildout, 'foo.schema', '\n') >>> write(sample_buildout, 'bar.conf', '\n')
Run the buildout:
>>> print system(buildout), Installing slapd. Generated script '/sample-buildout/bin/slapd'.
The configuration file is created in the part by default. Note that keys that can be specified multiple times in slapd.conf, such as include, will be constitued from multiple line separated values when present. Also note that keys that contain file paths in slapd.conf, such as include, will be expanded from the buildout directory. Finally note that options specified with blank values will be excluded:
>>> ls(sample_buildout, 'parts', 'slapd') - slapd.conf >>> cat(sample_buildout, 'parts', 'slapd', 'slapd.conf') include .../etc/openldap/schema/core.schema include /sample-buildout/foo.schema include /sample-buildout/bar.conf pidfile /sample-buildout/parts/slapd/slapd.pid allow bind_v2 database bdb suffix "dc=localhost" directory /sample-buildout/var/slapd dbconfig set_cachesize 0 268435456 1 dbconfig set_lg_regionmax 262144 dbconfig set_lg_bsize 2097152 index objectClass eq
The socket path is properly escaped in the configuration:
>>> cat(sample_buildout, '.installed.cfg') [buildout]... [slapd]... urls = ldapi://...%2Fsample-buildout%2Fparts%2Fslapd%2Fslapd.socket ...
An empty directory is created for the LDAP database:
>>> ls(sample_buildout, 'var') d slapd >>> ls(sample_buildout, 'var', 'slapd')
A script is also created for starting and stopping the slapd server:
>>> ls(sample_buildout, 'bin') - buildout - slapd
Start the slapd server:
>>> bin = join(sample_buildout, 'bin', 'slapd') >>> print system(bin+' start'),
On first run, the LDAP database is created:
>>> ls(sample_buildout, 'var', 'slapd') - DB_CONFIG - __db.001...
While the server is running a pid file is created and also a socket in this case:
>>> ls(sample_buildout, 'parts', 'slapd') - slapd.conf - slapd.pid - slapd.socket
Stop the slapd server:
>>> print system(bin+' stop'),
When the slapd server finishes shutting down the pid file is deleted:
>>> ls(sample_buildout, 'parts', 'slapd') - slapd.conf
The slapd binary
The slapd binary to be used can be specified as we did above when we specified the slapd binary from the buildout OpenLDAP CMMI part:
>>> cat(sample_buildout, '.installed.cfg') [buildout]... [slapd]... slapd = .../parts/openldap/libexec/slapd ...
If no binary is specified, it’s left up to the environment. Write a buildout.cfg with no slapd specified:
>>> write(sample_buildout, 'buildout.cfg', ... """ ... [buildout] ... parts = slapd ... ... [slapd] ... recipe = z3c.recipe.ldap ... use-socket = True ... """)
Run the buildout:
>>> print system(buildout), Uninstalling slapd. Installing slapd. Generated script '/sample-buildout/bin/slapd'.
Now it will find the binary on the system path:
>>> cat(sample_buildout, '.installed.cfg') [buildout]... [slapd]... slapd = slapd ...
Initalizing an LDAP database
The z3c.recipe.ldap.Slapadd can be used initialize an LDAP database from an LDIF file. In the simplest form, simply provide an “ldif” option in the part with one or more filenames.
Write a buildout.cfg that lists some LDIF files:
>>> write(sample_buildout, 'buildout.cfg',
... """
... [buildout]
... parts = slapd slapadd
...
... [slapd]
... recipe = z3c.recipe.ldap
... include =
... %(openldap)s/etc/openldap/schema/core.schema
... %(openldap)s/etc/openldap/schema/cosine.schema
... modulepath =
... moduleload =
... suffix = "dc=localhost"
...
... [slapadd]
... recipe = z3c.recipe.ldap:slapadd
... slapadd = %(openldap)s/sbin/slapadd
... conf = ${slapd:conf}
... ldif =
... dc.ldif
... admin.ldif
... """ % globals())
Write the LDIF files:
>>> write(sample_buildout, 'dc.ldif', ... """ ... dn: dc=localhost ... dc: localhost ... objectClass: top ... objectClass: domain ... """) >>> write(sample_buildout, 'admin.ldif', ... """ ... dn: cn=admin,dc=localhost ... objectClass: person ... cn: admin ... sn: Manager ... """)
Run the buildout:
>>> print system(buildout), Uninstalling slapd. Installing slapd. Generated script '/sample-buildout/bin/slapd'. Installing slapadd.
The entries have been added to the LDAP database:
>>> print system(os.path.join(openldap, 'sbin', 'slapcat')+' -f '+ ... os.path.join(sample_buildout, ... 'parts', 'slapd', 'slapd.conf')), dn: dc=localhost dc: localhost objectClass: top objectClass: domain... dn: cn=admin,dc=localhost objectClass: person cn: admin sn: Manager...
The LDIF files are added on update also.
Remove the existing LDAP database:
>>> rmdir(sample_buildout, 'var', 'slapd') >>> mkdir(sample_buildout, 'var', 'slapd')
Run the Buildout to add the LDIF files again:
>>> print system(buildout), Updating slapd. Updating slapadd.
The entries have been added to the LDAP database:
>>> print system(os.path.join(openldap, 'sbin', 'slapcat')+' -f '+ ... os.path.join(sample_buildout, ... 'parts', 'slapd', 'slapd.conf')), dn: dc=localhost dc: localhost objectClass: top objectClass: domain... dn: cn=admin,dc=localhost objectClass: person cn: admin sn: Manager...
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
