handlers/ldap.in

   1 # -*- mode: sh; sh-basic-offset: 3; indent-tabs-mode: nil; -*-
   2 #
   3 # openldap backup handler script for backupninja
   4 #
   5
   6 getconf backupdir /var/backups/ldap
   7 getconf conf /etc/ldap/slapd.conf
   8 getconf databases all
   9 getconf compress yes
  10 getconf ldif yes
  11 getconf restart no
  12 getconf method ldapsearch
  13 getconf passwordfile
  14 getconf binddn
  15 getconf ldaphost
  16 getconf ssl yes
  17 getconf tls no
  18 getconf vsnames
  19
  20 if [ $ssl = 'yes' ]; then
  21    URLBASE="ldaps"
  22 else
  23    URLBASE="ldap"
  24 fi
  25
  26 ### VServers
  27 # If vservers are configured, check that the ones listed in $vsnames do exist.
  28 local usevserver=no
  29 if [ $vservers_are_available = yes -a -n "$vsnames" ]; then
  30    if [ "$vsnames" = all ]; then
  31       vsnames="$found_vservers"
  32    else
  33       if ! vservers_exist "$vsnames" ; then
  34             fatal "At least one of the vservers listed in vsnames ($vsnames) does not exist."
  35       fi
  36    fi
  37    info "Using vservers '$vsnames'"
  38    usevserver=yes
  39 else
  40    [ -z "$vsnames" ] || warning 'vservers support disabled in backupninja.conf, vsnames configuration line will be ignored'
  41 fi
  42
  43 [ "$restart" = yes -a "$method" = ldapsearch ] && warning 'restart option should not be used with the ldapsearch method.'
  44
  45 status="ok"
  46
  47 function make_backup() {
  48    vsname="$1"
  49    if [ -z "$vsname" ]; then
  50       info "Running on host"
  51       vdir=""
  52       vexec=""
  53    else
  54       if ! vservers_running "$vsname"; then
  55          error "vserver $vsname is not running!"
  56          return 1
  57       fi
  58       info "Running on vserver $vsname"
  59       vdir="$VROOTDIR/$vsname"
  60       vexec="$VSERVER $vsname exec"
  61    fi
  62
  63    dumpdir="`interpolate "$backupdir" "$vsname"`"
  64    info "Backing up to dir '$dumpdir'"
  65
  66    [ -f "$vdir$conf" ] || fatal "slapd config file ($conf) not found"
  67    [ -d "$dumpdir" ] || mkdir -p "$dumpdir"
  68    [ -d "$dumpdir" ] || fatal "Backup directory '$dumpdir'"
  69
  70    dbsuffixes=(`@AWK@ 'BEGIN {OFS=":"} /[:space:]*^database[:space:]*\w*/ {db=$2}; /^[:space:]*suffix[:space:]*\w*/ {if (db=="bdb"||db=="hdb"||db="ldbm") print db,$2}' $vdir$conf|@SED@ -e 's/[" ]//g'`)
  71
  72    ## LDIF DUMP
  73
  74    if [ "$ldif" == "yes" ]; then
  75       if [ "$databases" == 'all' ]; then
  76          dbcount=`grep '^database' "$vdir$conf" | wc -l`
  77          let "dbcount = dbcount - 1"
  78          databases=`seq 0 $dbcount`;
  79       fi
  80
  81       for db in $databases; do
  82          if [ `expr index "$db" "="` == "0" ]; then
  83                            # db is a number, get the suffix.
  84             dbsuffix=${dbsuffixes[$db]/*:/}
  85          else
  86             dbsuffix=$db
  87          fi
  88                    # some databases don't have suffix (like monitor), skip these
  89          if [ "$dbsuffix" == "" ]; then
  90             continue;
  91          fi
  92
  93          if [ "$method" == "slapcat" ]; then
  94             execstr="$SLAPCAT -f $conf -b $dbsuffix"
  95          else
  96             LDAPARGS=""
  97             if [ "$tls" == "yes" ]; then
  98                LDAPARGS="-ZZ"
  99             fi
 100             if [ -n "$ldaphost" ]; then
 101                execstr="$LDAPSEARCH $LDAPARGS -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
 102             else
 103                execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
 104             fi
 105             [ -f "$vdir$passwordfile" ] || fatal "Password file $vdir$passwordfile not found. When method is set to ldapsearch, you must also specify a password file."
 106             debug "$execstr"
 107          fi
 108          if [ ! $test ]; then
 109             if [ "$restart" == "yes" ]; then
 110                debug "Shutting down ldap server..."
 111                $vexec /etc/init.d/slapd stop
 112             fi
 113
 114             ext=
 115             if [ "$compress" == "yes" ]; then
 116                ext=".gz"
 117             fi
 118             touch "$dumpdir/$dbsuffix.ldif$ext"
 119             if [ ! -f "$dumpdir/$dbsuffix.ldif$ext" ]; then
 120                fatal "Couldn't create ldif dump file: $dumpdir/$dbsuffix.ldif$ext"
 121             fi
 122
 123             if [ "$compress" == "yes" ]; then
 124                execstr="$execstr | $GZIP > \"$dumpdir/$dbsuffix.ldif.gz\""
 125             else
 126                execstr="$execstr > \"$dumpdir/$dbsuffix.ldif\""
 127             fi
 128             # Run inside the vserver if needed
 129             execstr="$vexec $execstr"
 130             debug "$execstr"
 131             output=`su root -c "$execstr" 2>&1`
 132             code=$?
 133             if [ "$code" == "0" ]; then
 134                debug $output
 135                info "Successfully finished ldif export of $dbsuffix"
 136             else
 137                warning $output
 138                warning "Failed ldif export of $dbsuffix"
 139             fi
 140
 141             if [ "$restart" == "yes" ]; then
 142                debug "Starting ldap server..."
 143                $vexec /etc/init.d/slapd start
 144             fi
 145          fi
 146       done
 147    fi
 148 }
 149
 150 if [ $usevserver = yes ]; then
 151    for vserver in $vsnames; do
 152       make_backup "$vserver"
 153    done
 154 else
 155    make_backup ""
 156 fi
 157
 158 return 0