在zc.buildout中部署OpenLDAP服务器
项目描述
什么是z3c.recipe.ldap?
此食谱可用于在zc.buildout中部署OpenLDAP服务器。更具体地说,它提供了从LDIF文件初始化LDAP数据库和在buildout中设置LDAP实例的功能。此食谱还可以用于提供一个隔离的LDAP实例作为测试夹具。
如何使用z3c.recipe.ldap?
安装slapd实例
z3c.recipe.ldap中的默认食谱可用于在buildout中部署slapd LDAP服务器。未由食谱本身使用的slapd部分选项将用于创建和填充slapd.conf文件。
唯一的必需选项是后缀参数。指定dc后缀需要配置“dc”LDAP属性类型。编写包含后缀和包含core.schema以进行属性类型配置的buildout.cfg。还指定服务器应使用套接字而不是网络端口。
>>> write(sample_buildout, 'buildout.cfg', ... """ ... [buildout] ... parts = slapd ... find-links = http://download.zope.org/ppix/ ... ... [slapd] ... recipe = z3c.recipe.ldap ... slapd = %(openldap)s/libexec/slapd ... use-socket = True ... allow = bind_v2 ... include = ... %(openldap)s/etc/openldap/schema/core.schema ... foo.schema ... bar.conf ... modulepath = ... moduleload = ... suffix = "dc=localhost" ... """ % globals())
创建要包含的文件
>>> write(sample_buildout, 'foo.schema', '\n') >>> write(sample_buildout, 'bar.conf', '\n')
运行buildout
>>> print system(buildout), Installing slapd. Generated script '/sample-buildout/bin/slapd'.
默认情况下,配置文件将在部分中创建。请注意,在slapd.conf中可以指定多次的键(如include),当存在时,将构成多行分隔的值。另外,请注意,包含文件路径的键(如include)将展开为buildout目录。最后,请注意,指定空白值的选项将被排除。
>>> ls(sample_buildout, 'parts', 'slapd') - slapd.conf >>> cat(sample_buildout, 'parts', 'slapd', 'slapd.conf') include .../etc/openldap/schema/core.schema include /sample-buildout/foo.schema include /sample-buildout/bar.conf pidfile /sample-buildout/parts/slapd/slapd.pid allow bind_v2 database bdb suffix "dc=localhost" directory /sample-buildout/var/slapd dbconfig set_cachesize 0 268435456 1 dbconfig set_lg_regionmax 262144 dbconfig set_lg_bsize 2097152 index objectClass eq
配置文件中套接字路径已正确转义
>>> cat(sample_buildout, '.installed.cfg') [buildout]... [slapd]... urls = ldapi://...%2Fsample-buildout%2Fparts%2Fslapd%2Fslapd.socket ...
为LDAP数据库创建一个空目录
>>> ls(sample_buildout, 'var') d slapd >>> ls(sample_buildout, 'var', 'slapd')
同时创建一个脚本用于启动和停止slapd服务器
>>> ls(sample_buildout, 'bin') - buildout - slapd
启动slapd服务器
>>> bin = join(sample_buildout, 'bin', 'slapd') >>> print system(bin+' start'),
在第一次运行时,创建LDAP数据库
>>> ls(sample_buildout, 'var', 'slapd') - DB_CONFIG - __db.001...
在服务器运行期间,创建一个pid文件,在这种情况下还创建一个套接字
>>> ls(sample_buildout, 'parts', 'slapd') - slapd.conf - slapd.pid - slapd.socket
停止slapd服务器
>>> print system(bin+' stop'),
当slapd服务器完成关闭时,pid文件被删除
>>> ls(sample_buildout, 'parts', 'slapd') - slapd.conf
slapd二进制文件
要使用的slapd二进制文件可以指定为我们在从buildout OpenLDAP CMMI部分指定slapd二进制文件时所做的
>>> cat(sample_buildout, '.installed.cfg') [buildout]... [slapd]... slapd = .../parts/openldap/libexec/slapd ...
如果没有指定二进制文件,则由环境决定。编写一个没有指定slapd的buildout.cfg
>>> write(sample_buildout, 'buildout.cfg', ... """ ... [buildout] ... parts = slapd ... ... [slapd] ... recipe = z3c.recipe.ldap ... use-socket = True ... """)
运行buildout
>>> print system(buildout), Uninstalling slapd. Installing slapd. Generated script '/sample-buildout/bin/slapd'.
现在它将在系统路径上找到二进制文件
>>> cat(sample_buildout, '.installed.cfg') [buildout]... [slapd]... slapd = slapd ...
初始化LDAP数据库
可以使用z3c.recipe.ldap.Slapadd从LDIF文件初始化LDAP数据库。在 simplest形式,只需在部分中提供一个“ldif”选项,其中包含一个或多个文件名。
编写一个列出一些LDIF文件的buildout.cfg
>>> write(sample_buildout, 'buildout.cfg',
... """
... [buildout]
... parts = slapd slapadd
...
... [slapd]
... recipe = z3c.recipe.ldap
... include =
... %(openldap)s/etc/openldap/schema/core.schema
... %(openldap)s/etc/openldap/schema/cosine.schema
... modulepath =
... moduleload =
... suffix = "dc=localhost"
...
... [slapadd]
... recipe = z3c.recipe.ldap:slapadd
... slapadd = %(openldap)s/sbin/slapadd
... conf = ${slapd:conf}
... ldif =
... dc.ldif
... admin.ldif
... """ % globals())
编写LDIF文件
>>> write(sample_buildout, 'dc.ldif', ... """ ... dn: dc=localhost ... dc: localhost ... objectClass: top ... objectClass: domain ... """) >>> write(sample_buildout, 'admin.ldif', ... """ ... dn: cn=admin,dc=localhost ... objectClass: person ... cn: admin ... sn: Manager ... """)
运行buildout
>>> print system(buildout), Uninstalling slapd. Installing slapd. Generated script '/sample-buildout/bin/slapd'. Installing slapadd.
条目已添加到LDAP数据库中
>>> print system(os.path.join(openldap, 'sbin', 'slapcat')+' -f '+ ... os.path.join(sample_buildout, ... 'parts', 'slapd', 'slapd.conf')), dn: dc=localhost dc: localhost objectClass: top objectClass: domain... dn: cn=admin,dc=localhost objectClass: person cn: admin sn: Manager...
在更新时也会添加LDIF文件。
删除现有的LDAP数据库
>>> rmdir(sample_buildout, 'var', 'slapd') >>> mkdir(sample_buildout, 'var', 'slapd')
运行Buildout再次添加LDIF文件
>>> print system(buildout), Updating slapd. Updating slapadd.
条目已添加到LDAP数据库中
>>> print system(os.path.join(openldap, 'sbin', 'slapcat')+' -f '+ ... os.path.join(sample_buildout, ... 'parts', 'slapd', 'slapd.conf')), dn: dc=localhost dc: localhost objectClass: top objectClass: domain... dn: cn=admin,dc=localhost objectClass: person cn: admin sn: Manager...
关闭
z3c.recipe.ldap-0.1.tar.gz的哈希值
| 算法 | 哈希摘要 | |
|---|---|---|
| SHA256 | 0599b5235c8d9e838e6764284f2de1306c723ecfb1349def5ddb335b6b880a71 |
|
| MD5 | 3ec4acb5556403ca4cb2f21b20ab0f95 |
|
| BLAKE2b-256 | dad62907103314d0fa6e769c01949258b0f4be8d687ea9e621d0660fbb16a15e |