From: Matthijs Kooijman Date: Thu, 1 Jan 2009 12:05:34 +0000 (+0100) Subject: ldap: Add support for vservers. X-Git-Url: https://git.stderr.nl/gitweb?p=matthijs%2Fupstream%2Fbackupninja.git;a=commitdiff_plain;h=f1fa36165a9160da7ddd0f0a9647d238e731e65f ldap: Add support for vservers. This adds the vsnames configuration directive, which backups ldap data from within the specified vservers. The backupdir is still external to the vserver (ie, it isn't prefixed with the vserver's root dir). This means that currently backups from multiple vservers will overwrite each other, but I plan to correct that with another new feature. --- diff --git a/examples/example.ldap b/examples/example.ldap index ee7c57d..66a0aa3 100644 --- a/examples/example.ldap +++ b/examples/example.ldap @@ -48,4 +48,8 @@ ## tls (default yes): if set to 'yes' then TLS connection will be ## attempted to your ldaphost by using the URI base ldaps: otherwise ldap: will be used -# tls = yes \ No newline at end of file +# tls = yes +# +# vsnames (no default): What vservers to run in (only used if vservers are +# enabled in /etc/backupninja.conf). If this is left empty, run in the host. +# vsnames = all | diff --git a/handlers/ldap.in b/handlers/ldap.in index 8ff1ccf..c667ce5 100644 --- a/handlers/ldap.in +++ b/handlers/ldap.in @@ -15,6 +15,7 @@ getconf binddn getconf ldaphost getconf ssl yes getconf tls no +getconf vsnames if [ $ssl = 'yes' ]; then URLBASE="ldaps" @@ -22,90 +23,130 @@ else URLBASE="ldap" fi +### VServers +# If vservers are configured, check that the ones listed in $vsnames do exist. +local usevserver=no +if [ $vservers_are_available = yes ]; then + if [ "$vsnames" = all ]; then + vsnames="$found_vservers" + else + if ! vservers_exist "$vsnames" ; then + fatal "At least one of the vservers listed in vsnames ($vsnames) does not exist." + fi + fi + info "Using vservers '$vsnames'" + usevserver=yes +else + [ -z "$vsnames" ] || warning 'vservers support disabled in backupninja.conf, vsnames configuration line will be ignored' +fi + status="ok" -[ -f $conf ] || fatal "slapd config file ($conf) not found" -[ -d $backupdir ] || mkdir -p $backupdir -[ -d $backupdir ] || fatal "Backup directory '$backupdir'" +make_backup() { + vsname=$1 + if [ -z "$vsname" ]; then + info "Running on host" + vdir="" + vexec="" + else + info "Running on vserver $vsname" + vdir="$VROOTDIR/$vsname" + vexec="$VSERVER $vsname exec" + fi -dbsuffixes=(`@AWK@ 'BEGIN {OFS=":"} /[:space:]*^database[:space:]*\w*/ {db=$2}; /^[:space:]*suffix[:space:]*\w*/ {if (db=="bdb"||db=="hdb"||db="ldbm") print db,$2}' $conf|@SED@ -e 's/[" ]//g'`) + [ -f $vdir$conf ] || fatal "slapd config file ($conf) not found" + [ -d $backupdir ] || mkdir -p $backupdir + [ -d $backupdir ] || fatal "Backup directory '$backupdir'" -## LDIF DUMP + dbsuffixes=(`@AWK@ 'BEGIN {OFS=":"} /[:space:]*^database[:space:]*\w*/ {db=$2}; /^[:space:]*suffix[:space:]*\w*/ {if (db=="bdb"||db=="hdb"||db="ldbm") print db,$2}' $vdir$conf|@SED@ -e 's/[" ]//g'`) -if [ "$ldif" == "yes" ]; then - dumpdir="$backupdir" - [ -d $dumpdir ] || mkdir -p $dumpdir - - if [ "$databases" == 'all' ]; then - dbcount=`grep '^database' $conf | wc -l` - let "dbcount = dbcount - 1" - databases=`seq 0 $dbcount`; - fi - - for db in $databases; do - if [ `expr index "$db" "="` == "0" ]; then - # db is a number, get the suffix. - dbsuffix=${dbsuffixes[$db]/*:/} - else - dbsuffix=$db - fi - # some databases don't have suffix (like monitor), skip these - if [ "$dbsuffix" == "" ]; then - continue; - fi + ## LDIF DUMP + + if [ "$ldif" == "yes" ]; then + dumpdir="$backupdir" + [ -d $dumpdir ] || mkdir -p $dumpdir - if [ "$method" == "slapcat" ]; then - execstr="$SLAPCAT -f $conf -b $dbsuffix" - else - LDAPARGS="" - if [ "$tls" == "yes" ]; then - LDAPARGS="-ZZ" - fi - if [ -n "$ldaphost" ]; then - execstr="$LDAPSEARCH $LDAPARGS -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile" + if [ "$databases" == 'all' ]; then + dbcount=`grep '^database' $vdir$conf | wc -l` + let "dbcount = dbcount - 1" + databases=`seq 0 $dbcount`; + fi + + for db in $databases; do + if [ `expr index "$db" "="` == "0" ]; then + # db is a number, get the suffix. + dbsuffix=${dbsuffixes[$db]/*:/} else - execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile" + dbsuffix=$db fi - [ -f "$passwordfile" ] || fatal "Password file $passwordfile not found. When method is set to ldapsearch, you must also specify a password file." - debug "$execstr" - fi - if [ ! $test ]; then - if [ "$restart" == "yes" ]; then - debug "Shutting down ldap server..." - /etc/init.d/slapd stop - fi - - ext= - if [ "$compress" == "yes" ]; then - ext=".gz" - fi - touch $dumpdir/$dbsuffix.ldif$ext - if [ ! -f $dumpdir/$dbsuffix.ldif$ext ]; then - fatal "Couldn't create ldif dump file: $dumpdir/$dbsuffix.ldif$ext" + # some databases don't have suffix (like monitor), skip these + if [ "$dbsuffix" == "" ]; then + continue; fi - if [ "$compress" == "yes" ]; then - execstr="$execstr | $GZIP > $dumpdir/$dbsuffix.ldif.gz" + if [ "$method" == "slapcat" ]; then + execstr="$SLAPCAT -f $conf -b $dbsuffix" else - execstr="$execstr > $dumpdir/$dbsuffix.ldif" + LDAPARGS="" + if [ "$tls" == "yes" ]; then + LDAPARGS="-ZZ" + fi + if [ -n "$ldaphost" ]; then + execstr="$LDAPSEARCH $LDAPARGS -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile" + else + execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile" + fi + [ -f "$vdir$passwordfile" ] || fatal "Password file $vdir$passwordfile not found. When method is set to ldapsearch, you must also specify a password file." + debug "$execstr" fi - debug "$execstr" - output=`su root -c "$execstr" 2>&1` - code=$? - if [ "$code" == "0" ]; then - debug $output - info "Successfully finished ldif export of $dbsuffix" - else - warning $output - warning "Failed ldif export of $dbsuffix" + if [ ! $test ]; then + if [ "$restart" == "yes" ]; then + debug "Shutting down ldap server..." + $vexec /etc/init.d/slapd stop + fi + + ext= + if [ "$compress" == "yes" ]; then + ext=".gz" + fi + touch $dumpdir/$dbsuffix.ldif$ext + if [ ! -f $dumpdir/$dbsuffix.ldif$ext ]; then + fatal "Couldn't create ldif dump file: $dumpdir/$dbsuffix.ldif$ext" + fi + + if [ "$compress" == "yes" ]; then + execstr="$execstr | $GZIP > $dumpdir/$dbsuffix.ldif.gz" + else + execstr="$execstr > $dumpdir/$dbsuffix.ldif" + fi + # Run inside the vserver if needed + execstr="$vexec $execstr" + debug "$execstr" + output=`su root -c "$execstr" 2>&1` + code=$? + if [ "$code" == "0" ]; then + debug $output + info "Successfully finished ldif export of $dbsuffix" + else + warning $output + warning "Failed ldif export of $dbsuffix" + fi + + if [ "$restart" == "yes" ]; then + debug "Starting ldap server..." + $vexec /etc/init.d/slapd start + fi fi - - if [ "$restart" == "yes" ]; then - debug "Starting ldap server..." - /etc/init.d/slapd start - fi - fi - done + done + fi +} + +if [ $usevserver = yes ]; then + for vserver in $vsnames; do + make_backup $vserver + done +else + make_backup "" fi return 0