Zhang Huangbin avatar Zhang Huangbin committed 00987f9

OpenBSD ldapd(8) now works. Still need to add ACL in /etc/ldapd.conf.

Comments (0)

Files changed (14)

iRedMail/conf/core

     else
         SLAPPASSWD='/usr/sbin/slappasswd'
     fi
-    ${SLAPPASSWD} -h {SSHA} -s "${1}"
+
+    password="${1}"
+    if [ -x ${SLAPPASSWD} ]; then
+        ${SLAPPASSWD} -h {SSHA} -s "${password}"
+    else
+        python ${TOOLS_DIR}/generate_ssha_password.py ${password}
+    fi
 }
 
 # Create SSL certs/private files.

iRedMail/conf/ldapd

+#!/usr/bin/env bash
+
+# Author:   Zhang Huangbin (zhb _at_ iredmail.org)
+
+#---------------------------------------------------------------------
+# This file is part of iRedMail, which is an open source mail server
+# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
+#
+# iRedMail is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# iRedMail is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with iRedMail.  If not, see <http://www.gnu.org/licenses/>.
+#---------------------------------------------------------------------
+
+# Variables for OpenBSD ldapd(8).
+
+# RC script
+export LDAPD_RC_SCRIPT_NAME='ldapd'
+
+# Config file
+export LDAPD_CONF='/etc/ldapd.conf'
+
+# Schema directory
+export LDAPD_SCHEMA_DIR='/etc/ldap'
+
+# Data directory.
+export LDAPD_DATA_DIR='/var/db/ldap'

iRedMail/conf/openldap

 export OPENLDAP_DAEMON_USER='ldap'
 export OPENLDAP_DAEMON_GROUP='ldap'
 
-export LDAP_RC_SCRIPT_NAME='slapd'
+export OPENLDAP_RC_SCRIPT_NAME='slapd'
 
 # Configuration files.
 export OPENLDAP_CONF_ROOT='/etc/openldap'
     # OpenLDAP version.
     if [ X"${DISTRO_VERSION}" == X"5" ]; then
         export OPENLDAP_VERSION='2.3'
-        export LDAP_RC_SCRIPT_NAME='ldap'
+        export OPENLDAP_RC_SCRIPT_NAME='ldap'
     else
         export OPENLDAP_VERSION='2.4'
     fi
     export OPENLDAP_SYSCONFIG_CONF="${ETC_SYSCONFIG_DIR}/openldap"
 
     # RC script
-    export LDAP_RC_SCRIPT_NAME='ldap'
+    export OPENLDAP_RC_SCRIPT_NAME='ldap'
 
 elif [ X"${DISTRO}" == X"DEBIAN" -o X"${DISTRO}" == X"UBUNTU" ]; then
     # OpenLDAP version.
 fi
 
 # RC script.
-export LDAP_RC_SCRIPT="${DIR_RC_SCRIPTS}/${LDAP_RC_SCRIPT_NAME}"
+export OPENLDAP_RC_SCRIPT="${DIR_RC_SCRIPTS}/${OPENLDAP_RC_SCRIPT_NAME}"
 
 export OPENLDAP_SCHEMA_DIR="${OPENLDAP_CONF_ROOT}/schema"
 export OPENLDAP_SLAPD_CONF="${OPENLDAP_CONF_ROOT}/slapd.conf"

iRedMail/functions/backend.sh

 # -------------------------------------------------------
 backend_install()
 {
-    if [ X"${BACKEND}" == X"OPENLDAP" ]; then
-        # Install, config and initialize OpenLDAP.
-        check_status_before_run openldap_config && \
-        check_status_before_run openldap_data_initialize
+    if [ X"${BACKEND}" == X'OPENLDAP' ]; then
+        # Install, config and initialize LDAP server
+        check_status_before_run ldap_server_config
 
         # Initialize MySQL database server.
         check_status_before_run mysql_initialize

iRedMail/functions/ldap_server.sh

+
+ldap_generate_populate_ldif()
+{
+    ECHO_DEBUG "Generate LDIF file used to populate LDAP tree."
+    cat > ${LDAP_INIT_LDIF} <<EOF
+dn: ${LDAP_SUFFIX}
+objectclass: dcObject
+objectclass: organization
+dc: ${LDAP_SUFFIX_MAJOR}
+o: ${LDAP_SUFFIX_MAJOR}
+
+dn: ${LDAP_BINDDN}
+objectClass: person
+objectClass: shadowAccount
+objectClass: top
+cn: ${VMAIL_USER_NAME}
+sn: ${VMAIL_USER_NAME}
+uid: ${VMAIL_USER_NAME}
+${LDAP_ATTR_USER_PASSWD}: $(gen_ldap_passwd "${LDAP_BINDPW}")
+
+dn: ${LDAP_ADMIN_DN}
+objectClass: person
+objectClass: shadowAccount
+objectClass: top
+cn: ${VMAIL_DB_ADMIN_USER}
+sn: ${VMAIL_DB_ADMIN_USER}
+uid: ${VMAIL_DB_ADMIN_USER}
+${LDAP_ATTR_USER_PASSWD}: $(gen_ldap_passwd "${LDAP_ADMIN_PW}")
+
+dn: ${LDAP_BASEDN}
+objectClass: Organization
+o: ${LDAP_BASEDN_NAME}
+
+dn: ${LDAP_ADMIN_BASEDN}
+objectClass: Organization
+o: ${LDAP_ATTR_DOMAINADMIN_DN_NAME}
+
+dn: ${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
+objectClass: ${LDAP_OBJECTCLASS_MAILDOMAIN}
+${LDAP_ATTR_DOMAIN_RDN}: ${FIRST_DOMAIN}
+${LDAP_ATTR_MTA_TRANSPORT}: ${TRANSPORT}
+${LDAP_ATTR_ACCOUNT_STATUS}: ${LDAP_STATUS_ACTIVE}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_MAIL}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SENDER_BCC}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_RECIPIENT_BCC}
+
+dn: ${LDAP_ATTR_GROUP_RDN}=${LDAP_ATTR_GROUP_USERS},${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
+objectClass: ${LDAP_OBJECTCLASS_OU}
+objectClass: top
+ou: ${LDAP_ATTR_GROUP_USERS}
+
+dn: ${LDAP_ATTR_GROUP_RDN}=${LDAP_ATTR_GROUP_GROUPS},${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
+objectClass: ${LDAP_OBJECTCLASS_OU}
+objectClass: top
+ou: ${LDAP_ATTR_GROUP_GROUPS}
+
+dn: ${LDAP_ATTR_GROUP_RDN}=${LDAP_ATTR_GROUP_ALIASES},${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
+objectClass: ${LDAP_OBJECTCLASS_OU}
+objectClass: top
+ou: ${LDAP_ATTR_GROUP_ALIASES}
+
+dn: ${LDAP_ATTR_GROUP_RDN}=${LDAP_ATTR_GROUP_EXTERNALS},${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
+objectClass: ${LDAP_OBJECTCLASS_OU}
+objectClass: top
+ou: ${LDAP_ATTR_GROUP_EXTERNALS}
+
+dn: ${LDAP_ATTR_USER_RDN}=${FIRST_USER}@${FIRST_DOMAIN},${LDAP_ATTR_GROUP_RDN}=${LDAP_ATTR_GROUP_USERS},${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
+objectClass: inetOrgPerson
+objectClass: shadowAccount
+objectClass: amavisAccount
+objectClass: ${LDAP_OBJECTCLASS_MAILUSER}
+objectClass: top
+cn: ${FIRST_USER}
+sn: ${FIRST_USER}
+uid: ${FIRST_USER}
+givenName: ${FIRST_USER}
+${LDAP_ATTR_USER_RDN}: ${FIRST_USER}@${FIRST_DOMAIN}
+${LDAP_ATTR_ACCOUNT_STATUS}: ${LDAP_STATUS_ACTIVE}
+${LDAP_ATTR_USER_STORAGE_BASE_DIRECTORY}: ${STORAGE_BASE_DIR}
+mailMessageStore: ${STORAGE_NODE}/$( hash_domain ${FIRST_DOMAIN})/$( hash_maildir ${FIRST_USER} )
+homeDirectory: ${STORAGE_MAILBOX_DIR}/$( hash_domain ${FIRST_DOMAIN})/$( hash_maildir ${FIRST_USER} )
+${LDAP_ATTR_USER_QUOTA}: 104857600
+${LDAP_ATTR_USER_PASSWD}: $(gen_ldap_passwd "${FIRST_USER_PASSWD}")
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_MAIL}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_INTERNAL}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_DOVEADM}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SMTP}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SMTPS}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_POP3}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_POP3S}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_IMAP}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_IMAPS}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_DELIVER}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_LDA}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_FORWARD}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SENDER_BCC}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_RECIPIENT_BCC}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_MANAGESIEVE}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_MANAGESIEVES}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SIEVE}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SIEVES}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_DISPLAYED_IN_ADDRBOOK}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SHADOW_ADDRESS}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_LIB_STORAGE}
+${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_DOMAIN_ADMIN}
+${LDAP_ATTR_DOMAIN_GLOBALADMIN}: yes
+EOF
+}
+
+ldap_server_config()
+{
+    ldap_generate_populate_ldif
+    export LDAP_ROOTPW_SSHA="$(gen_ldap_passwd ${LDAP_ROOTPW})"
+
+    if [ X"${BACKEND_ORIG}" == X'OPENLDAP' ]; then
+        . ${FUNCTIONS_DIR}/openldap.sh
+
+        check_status_before_run openldap_config && \
+        check_status_before_run openldap_data_initialize
+
+    elif [ X"${BACKEND_ORIG}" == X'LDAPD' ]; then
+        . ${FUNCTIONS_DIR}/ldapd.sh
+
+        check_status_before_run ldapd_config
+    fi
+}

iRedMail/functions/ldapd.sh

+#!/usr/bin/env bash
+
+# Author:   Zhang Huangbin (zhb _at_ iredmail.org)
+
+#---------------------------------------------------------------------
+# This file is part of iRedMail, which is an open source mail server
+# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
+#
+# iRedMail is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# iRedMail is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with iRedMail.  If not, see <http://www.gnu.org/licenses/>.
+#---------------------------------------------------------------------
+
+
+ldapd_config()
+{
+    ECHO_INFO "Configure ldapd(8) daemon"
+
+    # Enable ldapd in rc.conf.local
+    cat >> ${RC_CONF_LOCAL} <<EOF
+ldapd_flags=''
+EOF
+
+    ECHO_DEBUG "Copy schema files"
+    cp -f ${SAMPLE_DIR}/iredmail.schema ${LDAPD_SCHEMA_DIR}
+    cp -f /usr/local/share/doc/amavisd-new/LDAP.schema ${LDAPD_SCHEMA_DIR}/${AMAVISD_LDAP_SCHEMA_NAME}
+
+    ECHO_DEBUG "Copy sample config file: ${SAMPLE_DIR}/ldapd.conf -> ${LDAPD_CONF}"
+    backup_file ${LDAPD_CONF}
+    cp -f ${SAMPLE_DIR}/ldapd.conf ${LDAPD_CONF}
+    chmod 0600 ${LDAPD_CONF}
+
+    ECHO_DEBUG "Update config file: ${LDAPD_CONF}"
+    perl -pi -e 's#PH_LDAP_SUFFIX#$ENV{LDAP_SUFFIX}#g' ${LDAPD_CONF}
+    perl -pi -e 's#PH_LDAP_ROOTDN#$ENV{LDAP_ROOTDN}#g' ${LDAPD_CONF}
+    perl -pi -e 's#PH_LDAP_ROOTPW#$ENV{LDAP_ROOTPW_SSHA}#g' ${LDAPD_CONF}
+
+    ECHO_DEBUG "Start ldapd"
+    ${DIR_RC_SCRIPTS}/${LDAPD_RC_SCRIPT_NAME} restart &>/dev/null
+
+    ECHO_DEBUG "Populate LDAP tree"
+    ldapadd -x -D "${LDAP_ROOTDN}" -w "${LDAP_ROOTPW}" -f ${LDAP_INIT_LDIF} >/dev/null
+
+    echo 'export status_ldapd_config="DONE"' >> ${STATUS_FILE}
+}

iRedMail/functions/openldap.sh

     ECHO_INFO "Configure OpenLDAP server (Storing mail accounts)."
 
     ECHO_DEBUG "Stoping OpenLDAP."
-    ${LDAP_RC_SCRIPT} stop &>/dev/null
+    ${OPENLDAP_RC_SCRIPT} stop &>/dev/null
 
     backup_file ${OPENLDAP_SLAPD_CONF} ${OPENLDAP_LDAP_CONF}
 
 directory   ${LDAP_DATA_DIR}
 
 rootdn      ${LDAP_ROOTDN}
-rootpw      $(gen_ldap_passwd "${LDAP_ROOTPW}")
+rootpw      ${LDAP_ROOTPW_SSHA}
 
 sizelimit   10000
 cachesize   10000
     chmod -R 0700 ${OPENLDAP_DATA_DIR}
 
     ECHO_DEBUG "Starting OpenLDAP."
-    ${LDAP_RC_SCRIPT} restart &>/dev/null
+    ${OPENLDAP_RC_SCRIPT} restart &>/dev/null
 
     ECHO_DEBUG "Sleep 5 seconds for LDAP daemon initialize ..."
     sleep 5
 
-    ECHO_DEBUG "Initialize LDAP tree."
-    # home_mailbox format is 'maildir/' by default.
-    cat > ${LDAP_INIT_LDIF} <<EOF
-dn: ${LDAP_SUFFIX}
-objectclass: dcObject
-objectclass: organization
-dc: ${LDAP_SUFFIX_MAJOR}
-o: ${LDAP_SUFFIX_MAJOR}
-
-dn: ${LDAP_BINDDN}
-objectClass: person
-objectClass: shadowAccount
-objectClass: top
-cn: ${VMAIL_USER_NAME}
-sn: ${VMAIL_USER_NAME}
-uid: ${VMAIL_USER_NAME}
-${LDAP_ATTR_USER_PASSWD}: $(gen_ldap_passwd "${LDAP_BINDPW}")
-
-dn: ${LDAP_ADMIN_DN}
-objectClass: person
-objectClass: shadowAccount
-objectClass: top
-cn: ${VMAIL_DB_ADMIN_USER}
-sn: ${VMAIL_DB_ADMIN_USER}
-uid: ${VMAIL_DB_ADMIN_USER}
-${LDAP_ATTR_USER_PASSWD}: $(gen_ldap_passwd "${LDAP_ADMIN_PW}")
-
-dn: ${LDAP_BASEDN}
-objectClass: Organization
-o: ${LDAP_BASEDN_NAME}
-
-dn: ${LDAP_ADMIN_BASEDN}
-objectClass: Organization
-o: ${LDAP_ATTR_DOMAINADMIN_DN_NAME}
-
-dn: ${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
-objectClass: ${LDAP_OBJECTCLASS_MAILDOMAIN}
-${LDAP_ATTR_DOMAIN_RDN}: ${FIRST_DOMAIN}
-${LDAP_ATTR_MTA_TRANSPORT}: ${TRANSPORT}
-${LDAP_ATTR_ACCOUNT_STATUS}: ${LDAP_STATUS_ACTIVE}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_MAIL}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SENDER_BCC}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_RECIPIENT_BCC}
-
-dn: ${LDAP_ATTR_GROUP_RDN}=${LDAP_ATTR_GROUP_USERS},${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
-objectClass: ${LDAP_OBJECTCLASS_OU}
-objectClass: top
-ou: ${LDAP_ATTR_GROUP_USERS}
-
-dn: ${LDAP_ATTR_GROUP_RDN}=${LDAP_ATTR_GROUP_GROUPS},${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
-objectClass: ${LDAP_OBJECTCLASS_OU}
-objectClass: top
-ou: ${LDAP_ATTR_GROUP_GROUPS}
-
-dn: ${LDAP_ATTR_GROUP_RDN}=${LDAP_ATTR_GROUP_ALIASES},${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
-objectClass: ${LDAP_OBJECTCLASS_OU}
-objectClass: top
-ou: ${LDAP_ATTR_GROUP_ALIASES}
-
-dn: ${LDAP_ATTR_GROUP_RDN}=${LDAP_ATTR_GROUP_EXTERNALS},${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
-objectClass: ${LDAP_OBJECTCLASS_OU}
-objectClass: top
-ou: ${LDAP_ATTR_GROUP_EXTERNALS}
-
-dn: ${LDAP_ATTR_USER_RDN}=${FIRST_USER}@${FIRST_DOMAIN},${LDAP_ATTR_GROUP_RDN}=${LDAP_ATTR_GROUP_USERS},${LDAP_ATTR_DOMAIN_RDN}=${FIRST_DOMAIN},${LDAP_BASEDN}
-objectClass: inetOrgPerson
-objectClass: shadowAccount
-objectClass: amavisAccount
-objectClass: ${LDAP_OBJECTCLASS_MAILUSER}
-objectClass: top
-cn: ${FIRST_USER}
-sn: ${FIRST_USER}
-uid: ${FIRST_USER}
-givenName: ${FIRST_USER}
-${LDAP_ATTR_USER_RDN}: ${FIRST_USER}@${FIRST_DOMAIN}
-${LDAP_ATTR_ACCOUNT_STATUS}: ${LDAP_STATUS_ACTIVE}
-${LDAP_ATTR_USER_STORAGE_BASE_DIRECTORY}: ${STORAGE_BASE_DIR}
-mailMessageStore: ${STORAGE_NODE}/$( hash_domain ${FIRST_DOMAIN})/$( hash_maildir ${FIRST_USER} )
-homeDirectory: ${STORAGE_MAILBOX_DIR}/$( hash_domain ${FIRST_DOMAIN})/$( hash_maildir ${FIRST_USER} )
-${LDAP_ATTR_USER_QUOTA}: 104857600
-${LDAP_ATTR_USER_PASSWD}: $(gen_ldap_passwd "${FIRST_USER_PASSWD}")
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_MAIL}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_INTERNAL}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_DOVEADM}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SMTP}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SMTPS}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_POP3}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_POP3S}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_IMAP}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_IMAPS}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_DELIVER}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_LDA}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_FORWARD}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SENDER_BCC}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_RECIPIENT_BCC}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_MANAGESIEVE}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_MANAGESIEVES}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SIEVE}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SIEVES}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_DISPLAYED_IN_ADDRBOOK}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_SHADOW_ADDRESS}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_LIB_STORAGE}
-${LDAP_ENABLED_SERVICE}: ${LDAP_SERVICE_DOMAIN_ADMIN}
-${LDAP_ATTR_DOMAIN_GLOBALADMIN}: yes
-EOF
-
+    ECHO_DEBUG "Populate LDAP tree."
     ldapadd -x -D "${LDAP_ROOTDN}" -w "${LDAP_ROOTPW}" -f ${LDAP_INIT_LDIF} >/dev/null
 
     cat >> ${TIP_FILE} <<EOF
         - ${LDAP_DATA_DIR}
         - ${LDAP_DATA_DIR}/DB_CONFIG
     * RC script:
-        - ${LDAP_RC_SCRIPT}
+        - ${OPENLDAP_RC_SCRIPT}
     * See also:
         - ${LDAP_INIT_LDIF}
 

iRedMail/functions/packages.sh

     #
     if [ X"${BACKEND}" == X"OPENLDAP" ]; then
         # OpenLDAP server & client.
-        ENABLED_SERVICES="${ENABLED_SERVICES} ${LDAP_RC_SCRIPT_NAME} ${MYSQL_RC_SCRIPT_NAME}"
+        ENABLED_SERVICES="${ENABLED_SERVICES} ${OPENLDAP_RC_SCRIPT_NAME} ${MYSQL_RC_SCRIPT_NAME}"
 
         if [ X"${DISTRO}" == X"RHEL" ]; then
             ALL_PKGS="${ALL_PKGS} openldap${PKG_ARCH} openldap-clients${PKG_ARCH} openldap-servers${PKG_ARCH} mysql-server${PKG_ARCH} mysql${PKG_ARCH}"
             ALL_PKGS="${ALL_PKGS} openldap mysql"
 
         elif [ X"${DISTRO}" == X'OPENBSD' ]; then
-            ALL_PKGS="${ALL_PKGS} cyrus-sasl--ldap openldap-server openldap-client mysql-server mysql-client"
-            PKG_SCRIPTS="${PKG_SCRIPTS} ${LDAP_RC_SCRIPT_NAME} ${MYSQL_RC_SCRIPT_NAME}"
+            if [ X"${BACKEND_ORIG}" == X'OPENLDAP' ]; then
+                ALL_PKGS="${ALL_PKGS} openldap-server"
+                PKG_SCRIPTS="${PKG_SCRIPTS} ${OPENLDAP_RC_SCRIPT_NAME}"
+            fi
+
+            ALL_PKGS="${ALL_PKGS} cyrus-sasl--ldap openldap-client mysql-server mysql-client"
+            PKG_SCRIPTS="${PKG_SCRIPTS} ${MYSQL_RC_SCRIPT_NAME}"
 
         fi
     elif [ X"${BACKEND}" == X"MYSQL" ]; then

iRedMail/functions/packages_freebsd.sh

 
     if [ X"${BACKEND}" == X"OPENLDAP" ]; then
         ALL_PORTS="${ALL_PORTS} net/openldap${WANT_OPENLDAP_VER}-server databases/mysql${WANT_MYSQL_VER}-server"
-        ENABLED_SERVICES="${ENABLED_SERVICES} ${LDAP_RC_SCRIPT_NAME} ${MYSQL_RC_SCRIPT_NAME}"
+        ENABLED_SERVICES="${ENABLED_SERVICES} ${OPENLDAP_RC_SCRIPT_NAME} ${MYSQL_RC_SCRIPT_NAME}"
     elif [ X"${BACKEND}" == X'MYSQL' ]; then
         ALL_PORTS="${ALL_PORTS} databases/mysql${WANT_MYSQL_VER}-server"
         ENABLED_SERVICES="${ENABLED_SERVICES} ${MYSQL_RC_SCRIPT_NAME}"

iRedMail/functions/policy_server.sh

 # along with iRedMail.  If not, see <http://www.gnu.org/licenses/>.
 #---------------------------------------------------------------------
 
-spamd_config()
+openbsd_spamd_config()
 {
     # Enable PF, spamd, spamlogd.
     cat >> ${RC_CONF_LOCAL} <<EOF
 
     # OpenBSD special
     if [ X"${USE_SPAMD}" == X'YES' ]; then
-        check_status_before_run spamd_config
+        check_status_before_run openbsd_spamd_config
     fi
 
     echo 'export status_policy_server_config="DONE"' >> ${STATUS_FILE}

iRedMail/functions/roundcubemail.sh

     # after message delete/move, the next message will be displayed
     perl -pi -e 's#(.*display_next.*=).*#${1} true;#' main.inc.php
 
-    if [ X"${BACKEND}" == X"OPENLDAP" ]; then
+    if [ X"${BACKEND}" == X'OPENLDAP' ]; then
         export LDAP_SERVER_HOST LDAP_SERVER_PORT LDAP_BIND_VERSION LDAP_BASEDN LDAP_ATTR_DOMAIN_RDN LDAP_ATTR_USER_RDN
         cd ${RCM_HTTPD_ROOT}/config/
         ECHO_DEBUG "Setting global LDAP address book in Roundcube."

iRedMail/iRedMail.sh

 # defined in it.
 . ${CONF_DIR}/apache_php
 . ${CONF_DIR}/openldap
+. ${CONF_DIR}/ldapd
 . ${CONF_DIR}/phpldapadmin
 . ${CONF_DIR}/mysql
 . ${CONF_DIR}/postgresql
 . ${FUNCTIONS_DIR}/system_accounts.sh
 
 . ${FUNCTIONS_DIR}/apache_php.sh
-. ${FUNCTIONS_DIR}/openldap.sh
+. ${FUNCTIONS_DIR}/ldap_server.sh
 . ${FUNCTIONS_DIR}/mysql.sh
 . ${FUNCTIONS_DIR}/postgresql.sh
 

iRedMail/samples/ldapd.conf

 schema "/etc/ldap/core.schema"
 schema "/etc/ldap/inetorgperson.schema"
 schema "/etc/ldap/nis.schema"
+schema "/etc/ldap/amavisd.schema"
 schema "/etc/ldap/iredmail.schema"
 
-listen on lo0
+listen on lo0 secure
+#listen on 127.0.0.1 secure
 listen on "/var/run/ldapi"
 
 namespace "PH_LDAP_SUFFIX" {

iRedMail/tools/generate_ssha_password.py

+import os
+import sys
+from base64 import b64encode
+
+def generate_ssha_password(p):
+    p = str(p).strip()
+    salt = os.urandom(8)
+    try:
+        from hashlib import sha1
+        pw = sha1(p)
+    except ImportError:
+        import sha
+        pw = sha.new(p)
+    pw.update(salt)
+    return "{SSHA}" + b64encode(pw.digest() + salt)
+
+print generate_ssha_password(sys.argv[1])
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.