# -*- mode: sh; sh-basic-offset: 3; indent-tabs-mode: nil; -*- # # openldap backup handler script for backupninja # getconf backupdir /var/backups/ldap getconf conf /etc/ldap/slapd.conf getconf databases all getconf compress yes getconf ldif yes getconf restart no getconf method ldapsearch getconf passwordfile getconf binddn getconf ldaphost getconf ssl yes getconf tls no getconf vsnames if [ $ssl = 'yes' ]; then URLBASE="ldaps" else URLBASE="ldap" fi ### VServers # If vservers are configured, check that the ones listed in $vsnames do exist. local usevserver=no if [ $vservers_are_available = yes -a -n "$vsnames" ]; then if [ "$vsnames" = all ]; then vsnames="$found_vservers" else if ! vservers_exist "$vsnames" ; then fatal "At least one of the vservers listed in vsnames ($vsnames) does not exist." fi fi info "Using vservers '$vsnames'" usevserver=yes else [ -z "$vsnames" ] || warning 'vservers support disabled in backupninja.conf, vsnames configuration line will be ignored' fi [ "$restart" = yes -a "$method" = ldapsearch ] && warning 'restart option should not be used with the ldapsearch method.' status="ok" function make_backup() { vsname="$1" if [ -z "$vsname" ]; then info "Running on host" vdir="" vexec="" else if ! vservers_running "$vsname"; then error "vserver $vsname is not running!" return 1 fi info "Running on vserver $vsname" vdir="$VROOTDIR/$vsname" vexec="$VSERVER $vsname exec" fi dumpdir="`interpolate "$backupdir" "$vsname"`" info "Backing up to dir '$dumpdir'" [ -f "$vdir$conf" ] || fatal "slapd config file ($conf) not found" [ -d "$dumpdir" ] || mkdir -p "$dumpdir" [ -d "$dumpdir" ] || fatal "Backup directory '$dumpdir'" dbsuffixes=(`@AWK@ 'BEGIN {OFS=":"} /[:space:]*^database[:space:]*\w*/ {db=$2}; /^[:space:]*suffix[:space:]*\w*/ {if (db=="bdb"||db=="hdb"||db="ldbm") print db,$2}' $vdir$conf|@SED@ -e 's/[" ]//g'`) ## LDIF DUMP if [ "$ldif" == "yes" ]; then if [ "$databases" == 'all' ]; then dbcount=`grep '^database' "$vdir$conf" | wc -l` let "dbcount = dbcount - 1" databases=`seq 0 $dbcount`; fi for db in $databases; do if [ `expr index "$db" "="` == "0" ]; then # db is a number, get the suffix. dbsuffix=${dbsuffixes[$db]/*:/} else dbsuffix=$db fi # some databases don't have suffix (like monitor), skip these if [ "$dbsuffix" == "" ]; then continue; fi if [ "$method" == "slapcat" ]; then execstr="$SLAPCAT -f $conf -b $dbsuffix" else LDAPARGS="" if [ "$tls" == "yes" ]; then LDAPARGS="-ZZ" fi if [ -n "$ldaphost" ]; then execstr="$LDAPSEARCH $LDAPARGS -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile" else execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile" fi [ -f "$vdir$passwordfile" ] || fatal "Password file $vdir$passwordfile not found. When method is set to ldapsearch, you must also specify a password file." debug "$execstr" fi if [ ! $test ]; then if [ "$restart" == "yes" ]; then debug "Shutting down ldap server..." $vexec /etc/init.d/slapd stop fi ext= if [ "$compress" == "yes" ]; then ext=".gz" fi touch "$dumpdir/$dbsuffix.ldif$ext" if [ ! -f "$dumpdir/$dbsuffix.ldif$ext" ]; then fatal "Couldn't create ldif dump file: $dumpdir/$dbsuffix.ldif$ext" fi if [ "$compress" == "yes" ]; then execstr="$execstr | $GZIP > \"$dumpdir/$dbsuffix.ldif.gz\"" else execstr="$execstr > \"$dumpdir/$dbsuffix.ldif\"" fi # Run inside the vserver if needed execstr="$vexec $execstr" debug "$execstr" output=`su root -c "$execstr" 2>&1` code=$? if [ "$code" == "0" ]; then debug $output info "Successfully finished ldif export of $dbsuffix" else warning $output warning "Failed ldif export of $dbsuffix" fi if [ "$restart" == "yes" ]; then debug "Starting ldap server..." $vexec /etc/init.d/slapd start fi fi done fi } if [ $usevserver = yes ]; then for vserver in $vsnames; do make_backup "$vserver" done else make_backup "" fi return 0