在zc.buildout中部署OpenLDAP服务器
z3c.recipe.ldap的Python项目详细描述
内容
What is z3c.recipe.ldap ?
此配方可用于在 ZC.建筑。更具体地说,它提供了初始化LDAP的功能 ldif文件中的数据库,用于在 建造。此配方还可用于提供独立的LDAP 实例作为测试夹具。
How to use z3c.recipe.ldap ?
Installing slapd instance
z3c.recipe.ldap中的默认配方可用于部署slapd 构建中的LDAP服务器。拍打部分中的选项不由使用 配方本身将用于创建和填充slapd.conf 文件。
唯一需要的选项是后缀argupent。指定 带有dc的后缀要求“dc”ldap属性类型 配置。编写一个带有后缀和include的buildout.cfg 属性类型配置的core.schema。也要说明 服务器应使用套接字而不是网络端口:
>>> write(sample_buildout, 'buildout.cfg', ... """ ... [buildout] ... parts = slapd ... find-links = http://download.zope.org/ppix/ ... ... [slapd] ... recipe = z3c.recipe.ldap ... slapd = %(openldap)s/libexec/slapd ... use-socket = True ... allow = bind_v2 ... include = ... %(openldap)s/etc/openldap/schema/core.schema ... foo.schema ... bar.conf ... modulepath = ... moduleload = ... suffix = "dc=localhost" ... """ % globals())
创建要包含的文件:
>>> write(sample_buildout, 'foo.schema', '\n') >>> write(sample_buildout, 'bar.conf', '\n')
运行构建:
>>> print system(buildout), Installing slapd. Generated script '/sample-buildout/bin/slapd'.
默认情况下,在零件中创建配置文件。请注意 可以在slapd.conf中多次指定的键,例如 当 现在。还要注意,slapd.conf中包含文件路径的键, 例如include,将从buildout目录展开。 最后请注意,用空值指定的选项将是 不包括:
>>> ls(sample_buildout, 'parts', 'slapd') - slapd.conf >>> cat(sample_buildout, 'parts', 'slapd', 'slapd.conf') include .../etc/openldap/schema/core.schema include /sample-buildout/foo.schema include /sample-buildout/bar.conf pidfile /sample-buildout/parts/slapd/slapd.pid allow bind_v2 database bdb suffix "dc=localhost" directory /sample-buildout/var/slapd dbconfig set_cachesize 0 268435456 1 dbconfig set_lg_regionmax 262144 dbconfig set_lg_bsize 2097152 index objectClass eq
套接字路径在配置中正确转义:
>>> cat(sample_buildout, '.installed.cfg') [buildout]... [slapd]... urls = ldapi://...%2Fsample-buildout%2Fparts%2Fslapd%2Fslapd.socket ...
为LDAP数据库创建一个空目录:
>>> ls(sample_buildout, 'var') d slapd >>> ls(sample_buildout, 'var', 'slapd')
还将创建用于启动和停止slapd服务器的脚本:
>>> ls(sample_buildout, 'bin') - buildout - slapd
启动slapd服务器:
>>> bin = join(sample_buildout, 'bin', 'slapd') >>> print system(bin+' start'),
首次运行时,将创建LDAP数据库:
>>> ls(sample_buildout, 'var', 'slapd') - DB_CONFIG - __db.001...
当服务器运行时,将创建一个pid文件,并在 本案例:
>>> ls(sample_buildout, 'parts', 'slapd') - slapd.conf - slapd.pid - slapd.socket
停止slapd服务器:
>>> print system(bin+' stop'),
当slapd服务器完成关闭时,将删除pid文件:
>>> ls(sample_buildout, 'parts', 'slapd') - slapd.conf
The slapd binary
要使用的slapd二进制文件可以像上面我们在 从buildout openldap cmmi部分指定slapd二进制文件:
>>> cat(sample_buildout, '.installed.cfg') [buildout]... [slapd]... slapd = .../parts/openldap/libexec/slapd ...
如果没有指定二进制文件,则由环境决定。 编写一个没有指定slapd的buildout.cfg:
>>> write(sample_buildout, 'buildout.cfg', ... """ ... [buildout] ... parts = slapd ... ... [slapd] ... recipe = z3c.recipe.ldap ... use-socket = True ... """)
运行构建:
>>> print system(buildout), Uninstalling slapd. Installing slapd. Generated script '/sample-buildout/bin/slapd'.
现在它将在系统路径上找到二进制文件:
>>> cat(sample_buildout, '.installed.cfg') [buildout]... [slapd]... slapd = slapd ...
Initalizing an LDAP database
z3c.recipe.ldap.slapadd可用于初始化LDAP数据库 从ldif文件。以最简单的形式,只需提供一个“ldif” 具有一个或多个文件名的部件中的选项。
编写一个buildout.cfg,列出一些ldif文件:
>>> write(sample_buildout, 'buildout.cfg', ... """ ... [buildout] ... parts = slapd slapadd ... ... [slapd] ... recipe = z3c.recipe.ldap ... include = ... %(openldap)s/etc/openldap/schema/core.schema ... %(openldap)s/etc/openldap/schema/cosine.schema ... modulepath = ... moduleload = ... suffix = "dc=localhost" ... ... [slapadd] ... recipe = z3c.recipe.ldap:slapadd ... slapadd = %(openldap)s/sbin/slapadd ... conf = ${slapd:conf} ... ldif = ... dc.ldif ... admin.ldif ... """ % globals())
写入ldif文件:
>>> write(sample_buildout, 'dc.ldif', ... """ ... dn: dc=localhost ... dc: localhost ... objectClass: top ... objectClass: domain ... """) >>> write(sample_buildout, 'admin.ldif', ... """ ... dn: cn=admin,dc=localhost ... objectClass: person ... cn: admin ... sn: Manager ... """)
运行构建:
>>> print system(buildout), Uninstalling slapd. Installing slapd. Generated script '/sample-buildout/bin/slapd'. Installing slapadd.
条目已添加到LDAP数据库:
>>> print system(os.path.join(openldap, 'sbin', 'slapcat')+' -f '+ ... os.path.join(sample_buildout, ... 'parts', 'slapd', 'slapd.conf')), dn: dc=localhost dc: localhost objectClass: top objectClass: domain... dn: cn=admin,dc=localhost objectClass: person cn: admin sn: Manager...
ldif文件也会在更新时添加。
删除现有LDAP数据库:
>>> rmdir(sample_buildout, 'var', 'slapd') >>> mkdir(sample_buildout, 'var', 'slapd')
运行buildout再次添加ldif文件:
>>> print system(buildout), Updating slapd. Updating slapadd.
条目已添加到LDAP数据库:
>>> print system(os.path.join(openldap, 'sbin', 'slapcat')+' -f '+ ... os.path.join(sample_buildout, ... 'parts', 'slapd', 'slapd.conf')), dn: dc=localhost dc: localhost objectClass: top objectClass: domain... dn: cn=admin,dc=localhost objectClass: person cn: admin sn: Manager...