with some modifications to the port itself and utilizing a patch from Brian Masney (http://www.newwave.net/~masneyb/) it is possible to use an LDAP backend to store the configuration for dhcpd, the different network and host entries. dynamic leases are also written to the LDAP backend. this is very useful in a dhcp failover environment, as it is no longer necessary to sync the dhcpd.conf file manually to the backup system if one has changed something on the dhcp master. two lookup methods are implemented. - static lookup: on dhcpd startup one LDAP lookup for all entries is done. no further lookups will be made. dhcpd must be restarted for every configuration change. - dynamic lookup: for every client request an LDAP lookup will be made. every configuration change kicks in when the next client request is recieved and the lookup is made.
State Changed From-To: open->feedback To maintainer: do you approve of this patch? http://www.freebsd.org/cgi/query-pr.cgi?pr=71030 Adding to audit trail from misfiled PR 71187: Date: Tue, 31 Aug 2004 12:45:10 +0200 (CEST)
the same as above related to the current revision. Index: Makefile =================================================================== RCS file: /home/ncvs/ports/net/isc-dhcp3-server/Makefile,v retrieving revision 1.101 diff -u -I$Id.*$ -I$.+BSD.*$ -r1.101 Makefile --- Makefile 20 Aug 2004 11:52:33 -0000 1.101 +++ Makefile 14 Sep 2004 15:45:52 -0000 @@ -8,7 +8,7 @@ PORTNAME= dhcp PORTVERSION= 3.0.1.r14 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_ISC} MASTER_SITE_SUBDIR= dhcp dhcp/dhcp-3.0-history @@ -30,11 +30,31 @@ .endif .if ${SUBSYS} == server OPTIONS= DHCP_PARANOIA "add -user, -group and -chroot options" on \ - DHCP_JAIL "add -chroot and -jail options" on + DHCP_JAIL "add -chroot and -jail options" on \ + DHCP_LDAP "add experimental LDAP backend support" off \ + DHCP_LDAP_SSL "support LDAP connection over SSL/TLS" on \ + OPENSSL_BASE "use the base system OpenSSL (required by TLS)" on \ + OPENSSL_PORT "use OpenSSL from ports (requires by TLS)" off .endif .include <bsd.port.pre.mk> +.if ${SUBSYS} == server && defined(WITH_DHCP_LDAP) +# Based on patch from Brian Masney : +PATCH_SITES= http://www.newwave.net/~masneyb/ +PATCHFILES= ${PORTNAME}-${RELEASE}${VERSION}${PATCHLEVEL}-ldap-patch +PATCH_DIST_STRIP= -p1 + +USE_PERL5_RUN= yes +USE_OPENLDAP= yes + +.if !defined(WITHOUT_DHCP_LDAP_SSL) +USE_OPENSSL= yes +# hack to get bsd.openssl.mk included at this late state +.include "${PORTSDIR}/Mk/bsd.openssl.mk" +.endif +.endif + # Global variables # @@ -102,6 +122,9 @@ PATCH_SUBDIRS+= omshell .endif +.if !defined(NOPORTDOCS) +PORTDOCS= LICENSE README RELNOTES +.endif .if ${SUBSYS} == client BIN_FILES= dhclient CONF_FILES= dhclient.conf @@ -112,21 +135,30 @@ RC_FILES= isc-dhcpd SAMP_FILES= server/dhcpd.conf DATA_FILES= dhcpd.leases +.if defined(WITH_DHCP_LDAP) +PORTDOCS+= README.ldap +LDAP_SCRIPT= contrib/dhcpd-conf-to-ldap.pl +LDAP_SCHEMA= contrib/dhcp.schema +.endif .elif ${SUBSYS} == relay BIN_FILES= dhcrelay RC_FILES= isc-dhcrelay .endif -.if !defined(NOPORTDOCS) -PORTDOCS= LICENSE README RELNOTES -.endif SAMP_SUFX= .sample CONF_DIR= ${PREFIX}/etc RC_DIR= ${PREFIX}/etc/rc.d +SCHEMA_DIR= ${PREFIX}/share/${PKGBASE} DOCSDIR= ${PREFIX}/share/doc/${PKGBASE} DATADIR= /var/db +PLIST_SUB+= SCHEMA_DIR="${SCHEMA_DIR:S,^${PREFIX}/,,}" +.if defined(WITH_DHCP_LDAP) +PLIST_SUB+= LDAP="" +.else +PLIST_SUB+= LDAP="@comment " +.endif REINPLACE_SUB= PREFIX=${PREFIX} RCSCRIPTS_SUB= PREFIX=${PREFIX} RC_SUBR=${RC_SUBR} .if !defined(WITHOUT_DHCP_PARANOIA) @@ -139,7 +171,8 @@ .else RCSCRIPTS_SUB+= JAIL=NO .endif -PKGMESSAGE_SUB= PREFIX=${PREFIX} MAN1PREFIX=${MAN1PREFIX} +PKGMESSAGE_SUB= PREFIX="${PREFIX}" MAN1PREFIX="${MAN1PREFIX}" \ + DOCSDIR="${DOCSDIR}" SCHEMA_DIR="${SCHEMA_DIR}" # Post-extract # @@ -179,6 +212,15 @@ .if !defined(WITHOUT_DHCP_JAIL) @${ECHO_CMD} CFLAGS += -DJAIL >> ${WRKSRC}/site.conf .endif +.if defined(WITH_DHCP_LDAP) + @${ECHO_CMD} CFLAGS += -I${LOCALBASE}/include >> ${WRKSRC}/site.conf + @${ECHO_CMD} LIBS += -L${LOCALBASE}/lib >> ${WRKSRC}/site.conf +.if !defined(WITHOUT_DHCP_LDAP_SSL) + @${ECHO_CMD} CFLAGS += -DUSE_SSL -I${OPENSSLINC} >> ${WRKSRC}/site.conf + @${ECHO_CMD} LIBS += -L${OPENSSLLIB} >> ${WRKSRC}/site.conf + @${ECHO_CMD} LIBS += -lcrypto -lssl >> ${WRKSRC}/site.conf +.endif +.endif .endif patch-makefile-conf: @@ -205,6 +247,11 @@ .if ${SUBSYS} != devel @${SED} ${PKGMESSAGE_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ ${MSG_FILE} > ${PKGMESSAGE} +.if defined(WITH_DHCP_LDAP) + @${REINPLACE_CMD} -e 's|^%%LDAP%%||g' ${PKGMESSAGE} +.else + @${REINPLACE_CMD} -e '/^%%LDAP%%/d' ${PKGMESSAGE} +.endif .endif # Post-install @@ -216,7 +263,7 @@ parallel-post-install: \ strip-binary-files install-startup-files \ - install-doc-files install-sample-files \ + install-doc-files install-ldap-files install-sample-files \ create-conf-files create-data-files strip-binary-files: @@ -240,6 +287,13 @@ .for f in ${PORTDOCS} @${INSTALL_DATA} ${WRKSRC}/${f} ${DOCSDIR} .endfor +.endif + +install-ldap-files: +.if ${SUBSYS} == server && defined(WITH_DHCP_LDAP) + @${INSTALL_SCRIPT} ${WRKSRC}/${LDAP_SCRIPT} ${PREFIX}/bin + @${MKDIR} ${SCHEMA_DIR} + @${INSTALL_DATA} ${WRKSRC}/${LDAP_SCHEMA} ${SCHEMA_DIR} .endif install-sample-files: Index: distinfo =================================================================== RCS file: /home/ncvs/ports/net/isc-dhcp3-server/distinfo,v retrieving revision 1.47 diff -u -I$Id.*$ -I$.+BSD.*$ -r1.47 distinfo --- distinfo 25 Jun 2004 18:50:13 -0000 1.47 +++ distinfo 14 Sep 2004 15:45:52 -0000 @@ -1,2 +1,4 @@ MD5 (dhcp-3.0.1rc14.tar.gz) = a68074d9ebdeb355c293d9b3645b3c2c SIZE (dhcp-3.0.1rc14.tar.gz) = 842712 +MD5 (dhcp-3.0.1rc14-ldap-patch) = 38fde70e0f27758da2be70ce46c17f8b +SIZE (dhcp-3.0.1rc14-ldap-patch) = 152494 Index: pkg-message =================================================================== RCS file: /home/ncvs/ports/net/isc-dhcp3-server/pkg-message,v retrieving revision 1.7 diff -u -I$Id.*$ -I$.+BSD.*$ -r1.7 pkg-message --- pkg-message 18 Aug 2004 09:31:58 -0000 1.7 +++ pkg-message 14 Sep 2004 15:45:52 -0000 @@ -39,3 +39,7 @@ variables are still read there but should be moved /etc/rc.conf or /etc/rc.conf.d/dhcpd instead. Also, the dhcpd_options variable must be renamed dhcpd_flags if any. +%%LDAP%% +%%LDAP%%**** You have requested support for the LDAP configuration backend. +%%LDAP%% The OpenLDAP schema file is installed as %%SCHEMA_DIR%%/dhcp.schema. +%%LDAP%% See %%DOCSDIR%%/README.ldap for further LDAP configuration details. Index: pkg-plist =================================================================== RCS file: /home/ncvs/ports/net/isc-dhcp3-server/pkg-plist,v retrieving revision 1.29 diff -u -I$Id.*$ -I$.+BSD.*$ -r1.29 pkg-plist --- pkg-plist 26 Jun 2004 14:32:40 -0000 1.29 +++ pkg-plist 14 Sep 2004 15:45:52 -0000 @@ -1,5 +1,8 @@ @comment $FreeBSD: ports/net/isc-dhcp3-server/pkg-plist,v 1.29 2004/06/26 14:32:40 eik Exp $ bin/omshell +%%LDAP%%bin/dhcpd-conf-to-ldap.pl etc/dhcpd.conf.sample etc/rc.d/isc-dhcpd.sh sbin/dhcpd +%%LDAP%%%%SCHEMA_DIR%%/dhcp.schema +%%LDAP%%@dirrm %%SCHEMA_DIR%% Cyrille Lefevre -- mailto:cyrille.lefevre@laposte.net
State Changed From-To: feedback->closed Committed, thanks!