Andrew Bartlett wrote:
In working to have the Samba4 test environment configure fedora-ds. I'musing ds_newinst.pl, but it starts the DS once it is created.According to that script, I could modify it, but: # if for some reason you do not want the server started after instance creation # the following line can be commented out - NOTE that if you are creating the # Configuration DS, it will be started anyway $cgiargs{start_server} = 1; As I understand it, a new standalone install will create the configuration DS.
No, it won't.I'm going to add a start_server option to the .inf file so you won't have to hack ds_newinst.pl anymore.
Is it a problem that the server is started as a consequence of creating the instance?
Aside from wanting a separate configure/start sequence, I would like to be able to modify the dse.ldif to fix up some parameters, and redo the schema, before the slapd process starts.
You could do all of this with ldapmodify after the server starts, but . . .
. . . this would be quite hard to do with the existing .inf file + ds_newinst.pl + ds_newinst (binary). The intention of ds_newinst.pl was to just convert the .inf file format into the format used by the ds_newinst binary (C code) which has a lot of code shared with ds_create which is used to do a lot of admin server/console related stuff, in addition to configuring the instance.For the parameter modification, another option might be to have a 'modify ldif' in addition to the 'initial ldif', but I still need a way to clean out the schema.
I understand where you are coming from. With openldap, you just have to provide your own hand tuned slapd.conf file - nothing else really is required. That also controls what schema is loaded.Thoughts?
It's not so easy to do the same thing with fedora ds. For starters, the dse.ldif file is much more complex (but in your case, there are only a few options required to be tweaked). And the schema handling (i.e. include /path/to/core.schema ; include /path/to/posix.schema) is completely out of band with this process (well, not quite - you can override the nsslapd-schemadir in cn=config).
So how would you like for this to work? What would be easiest for you?
Andrew Bartlett-------------------------------------------------------------------------- Fedora-directory-devel mailing list Fedora-directory-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-devel mailing list Fedora-directory-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
