From 2c2348a13a6252355716a0717bfe89de79e1f4f9 Mon Sep 17 00:00:00 2001
From: Stef Walter <stef@thewalter.net>
Date: Mon, 9 Jun 2008 15:40:26 +0000
Subject: Put the socket file, unix user and group in the conf file

---
 files/slapd-pivot.conf.sample |  7 +++++--
 slapd-pivot.py                | 35 ++++++++++++++---------------------
 2 files changed, 19 insertions(+), 23 deletions(-)

diff --git a/files/slapd-pivot.conf.sample b/files/slapd-pivot.conf.sample
index 6ecd263..a5d3054 100644
--- a/files/slapd-pivot.conf.sample
+++ b/files/slapd-pivot.conf.sample
@@ -8,10 +8,13 @@ rdn-attribute: cn
 ref-objectclass: group
 access-attribute: access
 
-storage-file = /var/db/pivot.ldif
+unix-user = ldap
+unix-group = ldap
+sock-file = /var/run/slapd-pivot.sock
+storage-file = /var/db/slapd-pivot.ldif
 
 ldap-base: dc=fam
 ldap-root: cn=root,dc=fam
 ldap-password: barn
-ldap-host: ldap://localhost:3890
+ldap-host: ldap://localhost:389
 
diff --git a/slapd-pivot.py b/slapd-pivot.py
index 704c16e..c27ee2e 100644
--- a/slapd-pivot.py
+++ b/slapd-pivot.py
@@ -7,8 +7,6 @@ import pwd, grp
 import Backend, Pivot, Config
 
 SCRIPT = "slapd-pivot"
-USER = None
-GROUP = None
 PIDFILE = None
 
 class Log:
@@ -30,12 +28,12 @@ def failure(msg, details = None):
 
 
 def usage():
-	print >> sys.stderr, "usage: %s -f config [-d level] [-g group] [-p pidfile] [-u user]" % SCRIPT
+	print >> sys.stderr, "usage: %s -f config [-d level] [-p pidfile]" % SCRIPT
 	sys.exit(2)
 
 
 def run_server():
-	server = Backend.Server("/tmp/pivot-slapd.sock", Pivot.Database)
+	server = Backend.Server(Config.require("sock-file"), Pivot.Database)
 	try:
 		print >> sys.stderr, "%s starting up..." % SCRIPT
 		server.serve_forever()
@@ -44,27 +42,28 @@ def run_server():
 
 
 def drop_privileges():
-	global GROUP, USER
 
-	if GROUP:
+	group = Config.option("unix-group")
+	if group:
 		try:
-			GROUP = int(GROUP)
+			group = int(group)
 		except ValueError:
 			try:
-				GROUP = grp.getgrgid(GROUP)[2]
+				group = grp.getgrgid(group)[2]
 			except KeyError:
-				failure("invalid group: %s" % GROUP)
-		os.setegid(GROUP)
+				failure("invalid group: %s" % group)
+		os.setegid(group)
 
-	if USER:
+	user = Config.option("unix-user")
+	if user:
 		try:
-			USER = int(USER)
+			user = int(user)
 		except ValueError:
 			try:
-				USER = pwd.getpwnam(USER)[2]
+				user = pwd.getpwnam(user)[2]
 			except KeyError:
-				failure("invalid user: %s" % USER)
-		os.seteuid(USER)
+				failure("invalid user: %s" % user)
+		os.seteuid(user)
 
 
 def daemon():
@@ -119,15 +118,9 @@ if __name__ == '__main__':
 		elif opt == '-f':
 			config = oarg
 
-		elif opt == '-g':
-			GROUP = oarg
-
 		elif opt == '-p':
 			PIDFILE = oarg
 
-		elif opt == '-u':
-			USER = oarg
-
 	# No extra arguments
 	if args:
 		usage()
-- 
cgit v1.2.3