-#ifdef HAVE_LDAP
-/*
- * If we're in the middle of an Easy Install, we might just be able to
- * auto-configure a standalone OpenLDAP server.
- */
-void contemplate_ldap(void) {
- char question[SIZ];
- char slapd_init_entry[SIZ];
- FILE *fp;
-
- /* If conditions are not ideal, give up on this idea... */
- if (!have_sysv_init) return;
- if (using_web_installer == 0) return;
- if (getenv("LDAP_CONFIG") == NULL) return;
- if (getenv("SUPPORT") == NULL) return;
- if (getenv("SLAPD_BINARY") == NULL) return;
- if (getenv("CITADEL") == NULL) return;
-
- /* And if inittab is already starting slapd, bail out... */
- locate_init_entry(slapd_init_entry, getenv("SLAPD_BINARY"));
- if (strlen(slapd_init_entry) > 0) {
- important_message("Citadel Setup",
- "You appear to already have a standalone LDAP "
- "service\nconfigured for use with Citadel. No "
- "changes will be made.\n");
- /* set_init_entry(slapd_init_entry, "off"); */
- return;
- }
-
- /* Generate a unique entry name for slapd if we don't have one. */
- else {
- generate_entry_name(slapd_init_entry);
- }
-
- /* Ask the user if it's ok to set up slapd automatically. */
- snprintf(question, sizeof question,
- "\n"
- "Do you want this computer configured to start a standalone\n"
- "LDAP service automatically? (If you answer yes, a new\n"
- "slapd.conf will be written, and an /etc/inittab entry\n"
- "pointing to %s will be added.)\n"
- "\n",
- getenv("SLAPD_BINARY")
- );
- if (yesno(question) == 0)
- return;
-
- strcpy(config.c_ldap_base_dn, "dc=example,dc=com");
- strprompt("Base DN",
- "\n"
- "Please enter the Base DN for your directory. This will\n"
- "generally be something based on the primary DNS domain in\n"
- "which you receive mail, but it does not have to be. Your\n"
- "LDAP tree will be built using this Distinguished Name.\n"
- "\n",
- config.c_ldap_base_dn
- );
-
- strcpy(config.c_ldap_host, "localhost");
- config.c_ldap_port = 389;
- sprintf(config.c_ldap_bind_dn, "cn=manager,%s", config.c_ldap_base_dn);
-
- /*
- * Generate a bind password. If you're some grey hat hacker who
- * is just dying to get some street cred on Bugtraq, and you think
- * this password generation scheme is too weak, please submit a patch
- * instead of just whining about it, ok?
- */
- sprintf(config.c_ldap_bind_pw, "%d%ld", getpid(), (long)time(NULL));
-
- write_config_to_disk();
-
- fp = fopen(getenv("LDAP_CONFIG"), "w");
- if (fp == NULL) {
- sprintf(question, "\nCannot create %s:\n%s\n\n"
- "Citadel will still function, but you will "
- "not have an LDAP service.\n\n",
- getenv("LDAP_CONFIG"),
- strerror(errno)
- );
- important_message("Error", question);
- return;
- }
-
- fprintf(fp, "include %s/citadel-openldap.schema\n",
- getenv("CITADEL"));
- fprintf(fp, "pidfile %s/openldap-data/slapd.pid\n",
- getenv("CITADEL"));
- fprintf(fp, "argsfile %s/openldap-data/slapd.args\n",
- getenv("CITADEL"));
- fprintf(fp, "allow bind_v2\n"
- "database bdb\n"
- "schemacheck off\n"
- );
- fprintf(fp, "suffix \"%s\"\n", config.c_ldap_base_dn);
- fprintf(fp, "rootdn \"%s\"\n", config.c_ldap_bind_dn);
- fprintf(fp, "rootpw %s\n", config.c_ldap_bind_pw);
- fprintf(fp, "directory %s/openldap-data\n",
- getenv("CITADEL"));
- fprintf(fp, "index objectClass eq\n");
-
- fclose(fp);
-
- /* This is where our OpenLDAP server will keep its data. */
- mkdir("openldap-data", 0700);
-
- /* Now write it out to /etc/inittab.
- * FIXME make it run as some non-root user.
- * The "-d 0" seems superfluous, but it's actually a way to make
- * slapd run in the foreground without spewing messages to the console.
- */
- fp = fopen("/etc/inittab", "a");
- if (fp == NULL) {
- display_error(strerror(errno));
- } else {
- fprintf(fp, "# Start the OpenLDAP server for Citadel...\n");
- fprintf(fp, "%s:2345:respawn:%s -d 0 -f %s\n",
- slapd_init_entry,
- getenv("SLAPD_BINARY"),
- getenv("LDAP_CONFIG")
- );
- fclose(fp);
- }
-
-}
-#endif /* HAVE_LDAP */