File openldap_update_modules_path.sh of Package openldap2

#!/bin/bash
# This script has been created to update the OpenLDAP modules path in cn=config
# For details of changing the configuration items' location read these:
# https://www.openldap.org/lists/openldap-software/200812/msg00080.html
# This script writes over the config entry of backend databases location, which files are necessary to run LDAP. The procedure has been created upon this description:
# https://serverfault.com/questions/863274/modify-openldap-cn-config-without-slapd-running

# Author: Zsolt KALMAR (SUSE Linux GmbH) zkalmar@suse.com

# define variables
conf_dir='/etc/openldap/slapd.d'
if [ ! -d ${conf_dir} ] || [ ! -f ${conf_dir}/cn=config.ldif ]
then
	exit 0
fi


tmp_file='/tmp/ldap_conf_tmp.ldif'
backup='/tmp/slapd.d'
res=0

# common functions
create_symlinks () {
if [ ! -f /usr/lib/openldap/back_bdb.so ]; then ln -s /usr/lib64/openldap/back_bdb.so /usr/lib/openldap/back_bdb.so; fi
if [ ! -f /usr/lib/openldap/back_hdb.so ]; then ln -s /usr/lib64/openldap/back_hdb.so /usr/lib/openldap/back_hdb.so; fi
if [ ! -f /usr/lib/openldap/back_mdb.so ]; then ln -s /usr/lib64/openldap/back_mdb.so /usr/lib/openldap/back_mdb.so; fi
if [ ! -f /usr/lib/openldap/syncprov.so ]; then ln -s /usr/lib64/openldap/syncprov.so /usr/lib/openldap/syncprov.so; fi
#logger -p user.info "Update openLDAP: symlinks have been created."
}

cleanup () {
rm -f /usr/lib/openldap/back_bdb.so
rm -f /usr/lib/openldap/back_hdb.so
rm -f /usr/lib/openldap/back_mdb.so
rm -f /usr/lib/openldap/syncprov.so
rm -f ${tmp_file}
#logger -p user.info "Update openLDAP: symlinks have been removed."
}

rm -f ${tmp_file}

# Check if the configuration is containing the inappropriate entry
create_symlinks
res=0
if [ -f /usr/sbin/slapcat ]
then
    /usr/sbin/slapcat -n0 -F ${conf_dir} -l ${tmp_file} -o ldif-wrap=no
    res=$?
fi

if [ $res -ne 0 ]
then
    #logger -p user.error "LDAP Update script: Creating ${tmp_file} has failed during the search of faulty openLDAP entry."
    exit 1
#else
    #logger -p user.info "LDAP Update script: ${tmp_file} has been created."
fi

entry_cnt=`cat ${tmp_file} | grep ^[^#\;] | grep olcModulePath | wc -l`

if [ $entry_cnt -eq 0 ]
then
    #logger -p user.info "LDAP Update script: The current LDAP configuration does not contain the wrong item. Stop applying this script. Bye."
    cleanup
    exit 0
fi

rm -rf ${tmp_file}

# Make sure the LDAP is not running:
/usr/bin/systemctl stop slapd.service
#logger -p user.info "LDAP Update script: openLDAP has been stopped."

# Creating symlinks for the modules required for the slapcat and slapadd
create_symlinks

# Export the config to a text
res=0
if [ -f /usr/sbin/slapcat ]
then
    /usr/sbin/slapcat -n0 -F ${conf_dir} -l ${tmp_file} -o ldif-wrap=no
    res=$?
fi

if [ $res -ne 0 ]
then
    #logger -p user.error "LDAP Update script: Creating ${tmp_file} has failed."
    cleanup
    exit 1
fi

# Create a backup of LDAP config
mkdir ${backup}
cp -r ${conf_dir}/* ${backup}/
res=$?

if [ $res -ne 0 ]
then
    #logger -p user.error "LDAP Update script: Backing up ${conf_dir} has failed."
    exit 1
#else
    #logger -p user.info "LDAP Update script: Back up has been created of openLDAP configuration."
fi

# Remove the configuration item "olcModulePath"
sed -n -i '/olcModulePath/!p'  ${tmp_file}
res=$?

if [ $res -ne 0 ]
then
    #logger -p user.error "LDAP Update script: Removing of entry in ${tmp_file} has failed."
    exit 1
#else
    #logger -p user.info "LDAP Update script: olcModulesPath entry has been removed."
fi

# Remove the current configuration
rm -rf ${conf_dir}/*

# Load the modified configuration
/usr/sbin/slapadd -n0 -F ${conf_dir} -l ${tmp_file}
res=$?

# Catch result code of slapadd
if [ $res -ne 0 ]
then
    #logger -p user.error "LDAP Update script: Implementing new configuration has failed."
    exit 1
else
    #logger -p user.info "LDAP Update script: Implementing new configuration has been succeeded."
    cleanup
fi

# Start the SLAPD with the new configuration
/usr/bin/systemctl start slapd.service
res=$?

if [ $res -ne 0 ]
then
 #logger -p user.error "LDAP Update script: Starting updated LDAP server has been failed."
    exit 1
else
    #logger -p user.info "LDAP Update script: Updated LDAP server has been successfully started."
    # Remove backups
    rm -rf ${backup}
    rm -rf ${tmp_file}
    # Create "/var/adm/openldap_update_modules"
    touch /var/adm/openldap_update_modules
    exit 0
fi