1 files changed, 105 insertions, 0 deletions

diff --git a/handlers/ldap.in b/handlers/ldap.in
new file mode 100644
index 0000000..5f9040a
--- /dev/null
+++ b/handlers/ldap.in
@@ -0,0 +1,105 @@
+# -*- mode: sh; sh-basic-offset: 3; indent-tabs-mode: nil; -*-
+#
+# openldap backup handler script for backupninja
+#
+
+getconf backupdir /var/backups/ldap
+getconf conf /etc/ldap/slapd.conf
+getconf databases all
+getconf compress yes
+getconf ldif yes
+getconf restart no
+getconf method ldapsearch
+getconf passwordfile
+getconf binddn
+getconf ldaphost
+getconf tls yes
+
+if [ $tls = 'yes' ]; then
+   URLBASE="ldaps"
+else
+   URLBASE="ldap"
+fi
+
+status="ok"
+
+[ -f $conf ] || fatal "slapd config file ($conf) not found"
+[ -d $backupdir ] || mkdir -p $backupdir
+[ -d $backupdir ] || fatal "Backup directory '$backupdir'"
+
+dbsuffixes=(`@AWK@ 'BEGIN {OFS=":"} /[:space:]*^database[:space:]*\w*/ {db=$2}; /^[:space:]*suffix[:space:]*\w*/ {if (db=="bdb"||db=="ldbm") print db,$2}' $conf|@SED@ -e 's/[" ]//g'`)
+
+## LDIF DUMP
+
+if [ "$ldif" == "yes" ]; then
+   dumpdir="$backupdir"
+   [ -d $dumpdir ] || mkdir -p $dumpdir
+   
+   if [ "$databases" == 'all' ]; then
+      dbcount=`grep '^database' $conf | wc -l`
+      let "dbcount = dbcount - 1"
+      databases=`seq 0 $dbcount`;
+   fi	
+   
+   for db in $databases; do
+      if [ `expr index "$dbnum" "="` == "0" ]; then
+			# db is a number, get the suffix.
+         dbsuffix=${dbsuffixes[$db]/*:/}
+      else
+         dbsuffix=$db
+      fi
+		# some databases don't have suffix (like monitor), skip these
+      if [ "$dbsuffix" == "" ]; then
+         continue;
+      fi
+      
+      if [ "$method" == "slapcat" ]; then
+         execstr="$SLAPCAT -f $conf -b $dbsuffix"
+         debug "$execstr"
+      else
+         if [ -n "$ldaphost" ]; then
+            execstr="$LDAPSEARCH -H $URLBASE://$ldaphost -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
+         else
+            execstr="$LDAPSEARCH -x -L -b ""$dbsuffix"" -D ""$binddn"" -y $passwordfile"
+         fi
+         [ -f "$passwordfile" ] || fatal "Password file $passwordfile not found. When method is set to ldapsearch, you must also specify a password file."
+         debug "$execstr"
+      fi
+      if [ ! $test ]; then
+         if [ "$restart" == "yes" ]; then
+            debug "Shutting down ldap server..."
+            /etc/init.d/slapd stop
+         fi
+         
+	 ext=
+	 if [ "$compress" == "yes" ]; then
+	    ext=".gz"
+	 fi
+         touch $dumpdir/$dbsuffix.ldif$ext
+         if [ ! -f $dumpdir/$dbsuffix.ldif$ext ]; then
+            fatal "Couldn't create ldif dump file: $dumpdir/$dbsuffix.ldif$ext"
+         fi
+         
+         if [ "$compress" == "yes" ]; then
+            output=`$execstr | $GZIP > $dumpdir/$dbsuffix.ldif.gz`
+         else
+            output=`$execstr > $dumpdir/$dbsuffix.ldif`
+         fi
+         code=$?
+         if [ "$code" == "0" ]; then
+            debug $output
+            info "Successfully finished ldif export of $dbsuffix"
+         else
+            warning $output
+            warning "Failed ldif export of $dbsuffix"
+         fi
+         
+         if [ "$restart" == "yes" ]; then
+            debug "Starting ldap server..."
+            /etc/init.d/slapd start
+         fi
+      fi
+   done	
+fi
+
+return 0