getconf passwordfile
getconf binddn
getconf ldaphost
-getconf tls yes
+getconf ssl yes
+getconf tls no
-if [ $tls = 'yes' ]; then
+if [ $ssl = 'yes' ]; then
URLBASE="ldaps"
else
URLBASE="ldap"
[ -d $backupdir ] || mkdir -p $backupdir
[ -d $backupdir ] || fatal "Backup directory '$backupdir'"
-dbsuffixes=(`@AWK@ 'BEGIN {OFS=":"} /[:space:]*^database[:space:]*\w*/ {db=$2}; /^[:space:]*suffix[:space:]*\w*/ {if (db=="bdb"||db=="ldbm") print db,$2}' $conf|@SED@ -e 's/[" ]//g'`)
+dbsuffixes=(`@AWK@ 'BEGIN {OFS=":"} /[:space:]*^database[:space:]*\w*/ {db=$2}; /^[:space:]*suffix[:space:]*\w*/ {if (db=="bdb"||db=="hdb"||db="ldbm") print db,$2}' $conf|@SED@ -e 's/[" ]//g'`)
## LDIF DUMP
fi
for db in $databases; do
- if [ `expr index "$dbnum" "="` == "0" ]; then
+ if [ `expr index "$db" "="` == "0" ]; then
# db is a number, get the suffix.
dbsuffix=${dbsuffixes[$db]/*:/}
else
if [ "$method" == "slapcat" ]; then
execstr="$SLAPCAT -f $conf -b $dbsuffix"
- debug "$execstr"
else
+ LDAPARGS=""
+ if [ "$tls" == "yes" ]; then
+ LDAPARGS="-ZZ"
+ fi
if [ -n "$ldaphost" ]; then
- execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
+ execstr="$LDAPSEARCH $LDAPARGS -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
else
- execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
+ execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
fi
[ -f "$passwordfile" ] || fatal "Password file $passwordfile not found. When method is set to ldapsearch, you must also specify a password file."
debug "$execstr"
fi
if [ "$compress" == "yes" ]; then
- output=`$execstr | $GZIP > $dumpdir/$dbsuffix.ldif.gz`
+ execstr="$execstr | $GZIP > $dumpdir/$dbsuffix.ldif.gz"
else
- output=`$execstr > $dumpdir/$dbsuffix.ldif`
+ execstr="$execstr > $dumpdir/$dbsuffix.ldif"
fi
+ debug "$execstr"
+ output=`su root -c "$execstr" 2>&1`
code=$?
if [ "$code" == "0" ]; then
debug $output