dup: added option --force to cleanup and remove-older-than commands, else they actual...

[matthijs/upstream/backupninja.git] / handlers / ldap.in

diff --git a/handlers/ldap.in b/handlers/ldap.in
index 5f9040a32ebe056f3f3c24050aa4ada9ab2a2d5f..8ff1ccf097105d527071e793371494c8b8911120 100644 (file)
--- a/handlers/ldap.in
+++ b/handlers/ldap.in
@@ -13,9 +13,10 @@ getconf method ldapsearch
 getconf passwordfile
 getconf binddn
 getconf ldaphost
-getconf tls yes
+getconf ssl yes
+getconf tls no
 
-if [ $tls = 'yes' ]; then
+if [ $ssl = 'yes' ]; then
    URLBASE="ldaps"
 else
    URLBASE="ldap"
@@ -27,7 +28,7 @@ status="ok"
 [ -d $backupdir ] || mkdir -p $backupdir
 [ -d $backupdir ] || fatal "Backup directory '$backupdir'"
 
-dbsuffixes=(`@AWK@ 'BEGIN {OFS=":"} /[:space:]*^database[:space:]*\w*/ {db=$2}; /^[:space:]*suffix[:space:]*\w*/ {if (db=="bdb"||db=="ldbm") print db,$2}' $conf|@SED@ -e 's/[" ]//g'`)
+dbsuffixes=(`@AWK@ 'BEGIN {OFS=":"} /[:space:]*^database[:space:]*\w*/ {db=$2}; /^[:space:]*suffix[:space:]*\w*/ {if (db=="bdb"||db=="hdb"||db="ldbm") print db,$2}' $conf|@SED@ -e 's/[" ]//g'`)
 
 ## LDIF DUMP
 
@@ -42,7 +43,7 @@ if [ "$ldif" == "yes" ]; then
    fi  
    
    for db in $databases; do
-      if [ `expr index "$dbnum" "="` == "0" ]; then
+      if [ `expr index "$db" "="` == "0" ]; then
                        # db is a number, get the suffix.
          dbsuffix=${dbsuffixes[$db]/*:/}
       else
@@ -55,12 +56,15 @@ if [ "$ldif" == "yes" ]; then
       
       if [ "$method" == "slapcat" ]; then
          execstr="$SLAPCAT -f $conf -b $dbsuffix"
-         debug "$execstr"
       else
+         LDAPARGS=""
+         if [ "$tls" == "yes" ]; then
+            LDAPARGS="-ZZ"
+         fi
          if [ -n "$ldaphost" ]; then
-            execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
+            execstr="$LDAPSEARCH $LDAPARGS -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
          else
-            execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
+            execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
          fi
          [ -f "$passwordfile" ] || fatal "Password file $passwordfile not found. When method is set to ldapsearch, you must also specify a password file."
          debug "$execstr"
@@ -81,10 +85,12 @@ if [ "$ldif" == "yes" ]; then
          fi
          
          if [ "$compress" == "yes" ]; then
-            output=`$execstr | $GZIP > $dumpdir/$dbsuffix.ldif.gz`
+            execstr="$execstr | $GZIP > $dumpdir/$dbsuffix.ldif.gz"
          else
-            output=`$execstr > $dumpdir/$dbsuffix.ldif`
+            execstr="$execstr > $dumpdir/$dbsuffix.ldif"
          fi
+         debug "$execstr"
+         output=`su root -c "$execstr" 2>&1`
          code=$?
          if [ "$code" == "0" ]; then
             debug $output