From 7a9fffc895b8f7942b005235d8795664bacc2e1d Mon Sep 17 00:00:00 2001 From: Ben Klang Date: Wed, 7 Dec 2005 23:38:01 +0000 Subject: [PATCH] + Modified ldap2dns-conf to behave more like tinydns-conf + Altered default behavior (via ldap2dns-conf) to run ldap2dns as non-root + Updated FAQ git-svn-id: https://svn.alkaloid.net/gpl/ldap2dns/trunk@129 06cd67b6-e706-0410-b29e-9de616bca6e9 --- ChangeLog | 3 +++ FAQ | 17 ++++++++++++++++ ldap2tinydns-conf | 49 ++++++++++++++++++++++++++++++----------------- 3 files changed, 51 insertions(+), 18 deletions(-) diff --git a/ChangeLog b/ChangeLog index f005f0a..81ba2c0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -15,6 +15,9 @@ Version 0.3.6 (latest) + Removed old index.html + Removed TODO.schema + Updated Makefile ++ Modified ldap2dns-conf to behave more like tinydns-conf ++ Altered default behavior (via ldap2dns-conf) to run ldap2dns as non-root ++ Updated FAQ Version 0.3.5 - 2005/11/30 + Added support for DNS SRV records diff --git a/FAQ b/FAQ index 0945ca8..5693fb4 100644 --- a/FAQ +++ b/FAQ @@ -1,3 +1,20 @@ +1) What happened to the webadmin directory? + +2005-12-07 bklang +I have deprecated that code in favor of another project I am working on. It +is called Beatnik and is a Horde framework module. The status of the webadmin +code was unclear and I was not willing to support it so I deprecated it. I +left it as part of the tarball release and in version control in case others +out there felt differently and/or it ever needed to be modified or even revived. + +As far as I'm concerned you are welcome to use it but consequently are on your +own. You might also contact the author, Jacob Rief (jacob.rief@tiscover.com) +for more information but he is no longer interested in maintaing this work +so do not depend on him. + + +-- Old FAQ entry below (meaning is unclear to me -- 2005/12/07 bklang -- + From: Steven Dossett Right after I mailed you, I patched the schema :) I moved from IA5 Strings to Numeric Strings in that section of the schema: diff --git a/ldap2tinydns-conf b/ldap2tinydns-conf index 7dc07bb..b2fd758 100755 --- a/ldap2tinydns-conf +++ b/ldap2tinydns-conf @@ -1,32 +1,45 @@ #!/bin/sh +LDAP2DNSUSER=$1 +LDAP2DNSLOGUSER=$2 +LDAP2DNSDIR=$3 +TINYDNSDIR=$4 -mkdir ldap2tinydns -mkdir ldap2tinydns/env -mkdir ldap2tinydns/log -mkdir ldap2tinydns/log/main -touch ldap2tinydns/log/status +if [ -z "$LDAP2DNSUSER" -o -z "$LDAP2DNSLOGUSER" -o -z "$LDAP2DNSDIR" -o \ + -z "$TINYDNSDIR" ]; then + echo "usage: $0 acct logacct /path/to/supervise /path/to/tinydns-supervise" >&2 + exit 1 +fi -cat << EOF_run > ldap2tinydns/run +set -e # Err out immediately if any of the following fails + +mkdir $LDAP2DNSDIR +mkdir $LDAP2DNSDIR/env +mkdir $LDAP2DNSDIR/log +mkdir $LDAP2DNSDIR/log/main +touch $LDAP2DNSDIR/log/status + +cat << EOF_run > $LDAP2DNSDIR/run #!/bin/sh exec 2>&1 -exec envdir ./env softlimit -d250000 /usr/bin/ldap2dns -e "cd /var/tinydns/root && /usr/bin/tinydns-data" +exec setuidgid $LDAP2DNSUSER envdir ./env softlimit -d250000 /usr/bin/ldap2dns -e "cd $TINYDNSDIR && tinydns-data" EOF_run -chmod +t ldap2tinydns -chmod 755 ldap2tinydns/run -echo "/var/tinydns/root" > ldap2tinydns/env/TINYDNSDIR -echo "60" > ldap2tinydns/env/LDAP2DNS_UPDATE -echo "data" > ldap2tinydns/env/LDAP2DNS_OUTPUT +chmod +t $LDAP2DNSDIR +chmod 755 $LDAP2DNSDIR/run +echo "$TINYDNSDIR" > $LDAP2DNSDIR/env/TINYDNSDIR +echo "60" > $LDAP2DNSDIR/env/LDAP2DNS_UPDATE +echo "data" > $LDAP2DNSDIR/env/LDAP2DNS_OUTPUT -cat << EOF_logrun > ldap2tinydns/log/run +cat << EOF_logrun > $LDAP2DNSDIR/log/run #!/bin/sh -exec setuidgid nobody multilog t ./main +exec setuidgid $LDAP2DNSLOGUSER multilog t ./main EOF_logrun -chown nobody.nobody ldap2tinydns/log/main -chmod g+s ldap2tinydns/log/main -chmod 755 ldap2tinydns/log/run -chown nobody.nobody ldap2tinydns/log/status +chown $LDAP2DNSLOGUSER:$LDAP2DNSLOGUSER $LDAP2DNSDIR/log/main +chmod g+s $LDAP2DNSDIR/log/main +chmod 755 $LDAP2DNSDIR/log/run +chown $LDAP2DNSLOGUSER:$LDAP2DNSLOGUSER $LDAP2DNSDIR/log/status echo "To supervise ldap2dns do a symbolic link from /service onto ldap2dns" +echo "For proper operation, ensure $LDAP2DNSUSER has write access to $TINYDNSDIR"