OpenLDAP/BackSQL: Difference between revisions
Jump to navigation
Jump to search
Line 26: | Line 26: | ||
apt-get update | apt-get update | ||
apt-get install -y postgresql-client odbc-postgresql | apt-get install -y postgresql-client odbc-postgresql | ||
apt-get clean | |||
EXE | EXE | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 83: | Line 84: | ||
cat <<'EXE' | lxc exec openldap -- bash | cat <<'EXE' | lxc exec openldap -- bash | ||
apt-get update | apt-get update | ||
apt-get install -y slapd ldap-utils | echo 'slapd slapd/password1 password sadaqah!' | debconf-set-selections | ||
echo 'slapd slapd/password2 password sadaqah!' | debconf-set-selections | |||
DEBIAN_FRONTEND=noninteractive apt-get install -y slapd ldap-utils | |||
ls -lah /usr/lib/ldap | grep back_sql | |||
apt-get clean | |||
EXE | |||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| colspan="3" | | |||
<syntaxhighlight lang="bash"> | |||
cat <<'EXE' | lxc exec openldap -- bash | |||
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=module{0},cn=config | |||
printf '\n=============================================================\n' | |||
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=module{0},cn=config | grep -i back_sql | |||
EXE | |||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| colspan="3" | | |||
<syntaxhighlight lang="bash"> | |||
cat <<'EXE' | lxc exec openldap -- bash | |||
BACK_SQL_INI=$(mktemp -u) | |||
cat <<'INI' | tee ${BACK_SQL_INI} >/dev/null | |||
dn: cn=module{0},cn=config | |||
changetype: modify | |||
add: olcModuleLoad | |||
olcModuleLoad: back_sql.la | |||
INI | |||
ldapadd -Y EXTERNAL -H ldapi:/// -f ${BACK_SQL_INI} | |||
EXE | EXE | ||
</syntaxhighlight> | </syntaxhighlight> |
Revision as of 22:00, 8 January 2025
SQL Schema
cat << DDL | psql -U ${USER}
CREATE DATABASE openldap;
CREATE USER openldap WITH ENCRYPTED PASSWORD 'sadaqah!';
GRANT ALL PRIVILEGES ON DATABASE openldap TO openldap;
ALTER DATABASE openldap OWNER TO openldap;
DDL
SQL Backend
lxc launch ubuntu:24.04 openldap
lxc list -c=n -f=json|jq -r '.[]|select(.name=="openldap")|.status'
| ||
| ||
cat <<'EXE' | lxc exec openldap -- bash
apt-get update
apt-get install -y postgresql-client odbc-postgresql
apt-get clean
EXE
| ||
| ||
# extract lxd bridge network ip using `ip address show` command
LXD_BRIDGE_IP="$(ip addr show lxdbr0 | awk '/inet / {print $2}' | cut -d '/' -f 1)"
cat << EXE | lxc exec openldap -- bash
echo "${LXD_BRIDGE_IP} host.lxd.internal"|tee -a /etc/hosts
ping -c5 host.lxd.internal
EXE
| ||
| ||
lxc exec openldap -- bash
echo -n 'password: ';read -s PGPASSWORD;export PGPASSWORD;echo
# password: sadaqah!
psql -d openldap -U openldap -h host.lxd.internal
| ||
| ||
lxc snapshot openldap base:2.6.7
|
lxc publish openldap/base:2.6.7 --alias openldap/base:2.6.7
|
lxc restore openldap base:2.6.7
|
| ||
cat <<'EXE' | lxc exec openldap -- bash
apt-get update
echo 'slapd slapd/password1 password sadaqah!' | debconf-set-selections
echo 'slapd slapd/password2 password sadaqah!' | debconf-set-selections
DEBIAN_FRONTEND=noninteractive apt-get install -y slapd ldap-utils
ls -lah /usr/lib/ldap | grep back_sql
apt-get clean
EXE
| ||
| ||
cat <<'EXE' | lxc exec openldap -- bash
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=module{0},cn=config
printf '\n=============================================================\n'
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=module{0},cn=config | grep -i back_sql
EXE
| ||
| ||
cat <<'EXE' | lxc exec openldap -- bash
BACK_SQL_INI=$(mktemp -u)
cat <<'INI' | tee ${BACK_SQL_INI} >/dev/null
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: back_sql.la
INI
ldapadd -Y EXTERNAL -H ldapi:/// -f ${BACK_SQL_INI}
EXE
| ||
| ||
| ||
lxc snapshot openldap ldap:2.6.7
|
lxc publish openldap/slapd:2.6.7 --alias openldap/ldap:2.6.7
|
lxc restore openldap ldap:2.6.7
|
Playground
lxc image info ubuntu:noble --vm|yq .Aliases
lxc image info ubuntu:24.04 --vm|yq .Aliases
lxc image info ubuntu:noble |yq .Aliases
lxc image info ubuntu:24.04 |yq .Aliases
|
lxc image list ubuntu: os=ubuntu release=noble type=virtual-machine
lxc image list ubuntu: os=ubuntu release=noble type=virtual-machine
lxc image list ubuntu: os=ubuntu release=noble type=container
lxc image list ubuntu: os=ubuntu release=noble type=container
| |
| ||
lxc image list ubuntu:24.04
lxc launch ubuntu:24.04 openldap
lxc launch ubuntu:40d8df642812 openldap
|
lxc list status=running name=openldap --format=json |jq -r '.[].state.network.[].addresses'
lxc list status=running name=openldap --format=yaml |yq -r '.[].state.network.[].addresses'
lxc info openldap|yq '.Resources.["Network usage"][]["IP addresses"].inet'
| |
| ||
systemctl list-dependencies graphical.target
dpkg -l | grep 'gnome-shell-extension'
apt list --installed|grep linux-image
|
lxc snapshot openldap base:2.6.7
lxc publish openldap/base:2.6.7 --alias openldap/base:2.6.7
lxc restore openldap base:2.6.7
| |
| ||
cat <<-'EXE'|sudo bash
umount /var/snap/firefox/common/host-hunspell
snap remove firefox
EXE
|
cat <<-'EXE'|sudo bash
snap disable lxd
snap remove --purge lxd
EXE
|
systemctl list-dependencies --type=service --state=running systemctl list-dependencies --type=service --state=active systemctl list-dependencies docker.service systemctl list-dependencies --all |
| ||
LXD_BRIDGE_IP="$(lxc network ls --format=json|jq -r '.[]|select(.name=="lxdbr0")|.config."ipv4.address"|split("/")[0]')"
LXD_BRIDGE_IP="$(ip addr show lxdbr0 | awk '/inet / {print $2}' | cut -d '/' -f 1)"
|
References
| ||
| ||