source: trunk/server/common/oursrc/accountadm/ldap-backup @ 1400

Last change on this file since 1400 was 1376, checked in by quentin, 16 years ago
A (more) correct LDAP backup script
  • Property svn:executable set to *
File size: 5.1 KB
Line 
1#!/usr/bin/perl
2#
3# BEGIN COPYRIGHT BLOCK
4# This Program is free software; you can redistribute it and/or modify it under
5# the terms of the GNU General Public License as published by the Free Software
6# Foundation; version 2 of the License.
7#
8# This Program is distributed in the hope that it will be useful, but WITHOUT
9# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
10# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
11#
12# You should have received a copy of the GNU General Public License along with
13# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
14# Place, Suite 330, Boston, MA 02111-1307 USA.
15#
16# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
17# Copyright (C) 2005 Red Hat, Inc.
18# All rights reserved.
19# END COPYRIGHT BLOCK
20#
21
22@instances = qw(userRoot);
23@included = qw();
24@excluded = qw();
25
26our $nowrap = 1; # output LDIF is not folded
27our $nobase64 = 0; # avoid base64 encoding
28our $noversion = 0; # don't print version line
29our $nouniqueid = 0; # don't export unique id
30our $useid2entry = 0; # use main db file only
31our $onefile = 1; # one file (MUST BE 1)
32our $printkey = 1; # print key
33our $ldiffile; # override LDIF output file location
34
35$doreplica = 0;
36$ldifdir = "/var/lib/dirsrv/slapd-scripts/ldif";
37$servid = "scripts";
38$verbose = 0;
39$rootdn = "cn=Directory Manager";
40our $passwd;
41our $passwdfile = "/etc/signup-ldap-pw";
42$i = 0;
43$insti = 0;
44$incli = 0;
45$excli = 0;
46$decrypt_on_export = 0;
47
48foreach (@ARGV) {
49    $verbose++ if ($_ eq "-v");
50}
51
52if ((!@instances && !@included) || !$rootdn || !($passwd || $passwdfile)) { &usage; exit(1); }
53
54($s, $m, $h, $dy, $mn, $yr, $wdy, $ydy, $r) = localtime(time);
55$mn++; $yr += 1900;
56$taskname = "export_${yr}_${mn}_${dy}_${h}_${m}_${s}";
57$dn = "dn: cn=$taskname, cn=export, cn=tasks, cn=config\n";
58$misc = "changetype: add\nobjectclass: top\nobjectclass: extensibleObject\n";
59$cn =  "cn: $taskname\n";
60$i = 0;
61$be = "";
62$nsinstance = "";
63foreach my $instance (@instances) {
64        $nsinstance .= "nsInstance: $instance\n";
65        if ( !$be ) {
66                $be = "$instance";
67        } else {
68                $be = "${be}-$instance";
69        }
70        $i++;
71}
72$i = 0;
73$nsincluded = "";
74foreach my $include (@included) {
75        $nsincluded .= "nsIncludeSuffix: $include\n";
76        my ($rdn, $rest) = split(/,/, $include);
77        my ($rest, $tmpbe) = split(/=/, $rdn);
78        if ( !$be ) {
79                $be = "$tmpbe";
80        } else {
81                $be = "${be}-$tmpbe";
82        }
83        $i++;
84}
85$i = 0;
86$nsexcluded = "";
87foreach my $exclude (@excluded) {
88        $nsexcluded .= "nsExcludeSuffix: $exclude\n";
89        $i++;
90}
91if ($ldiffile eq "") {
92        if ($onefile == 0) {
93                $ldiffile = "${ldifdir}/${servid}-${yr}_${mn}_${dy}_${h}_${m}_${s}.ldif";
94        } else {
95                $ldiffile = "${ldifdir}/${servid}-${be}-${yr}_${mn}_${dy}_${h}_${m}_${s}.ldif";
96        }
97}
98
99$nsreplica = "";
100if ($doreplica != 0) { $nsreplica = "nsExportReplica: true\n"; }
101$nsnobase64 = "";
102if ($nobase64 != 0) { $nsnobase64 = "nsMinimalEncoding: true\n"; }
103$nsnowrap = "";
104if ($nowrap != 0) { $nsnowrap = "nsNoWrap: true\n"; }
105$nsnoversion = "";
106if ($noversion != 0) { $nsnoversion = "nsNoVersionLine: true\n"; }
107$nsnouniqueid = "";
108if ($nouniqueid != 0) { $nsnouniqueid = "nsDumpUniqId: false\n"; }
109$nsuseid2entry = "";
110if ($useid2entry != 0) { $nsuseid2entry = "nsUseId2Entry: true\n"; }
111$nsonefile = "";
112if ($onefile != 0) { $nsonefile = "nsUseOneFile: true\n"; }
113if ($onefile == 0) { $nsonefile = "nsUseOneFile: false\n"; }
114$nsexportdecrypt = "";
115if ($decrypt_on_export != 0) { $nsexportdecrypt = "nsExportDecrypt: true\n"; }
116$nsprintkey = "";
117if ($printkey == 0) { $nsprintkey = "nsPrintKey: false\n"; }
118$nsldiffile = "nsFilename: ${ldiffile}\n";
119$entry = "${dn}${misc}${cn}${nsinstance}${nsincluded}${nsexcluded}${nsreplica}${nsnobase64}${nsnowrap}${nsnoversion}${nsnouniqueid}${nsuseid2entry}${nsonefile}${nsexportdecrypt}${nsprintkey}${nsldiffile}";
120my @vstr = ();
121if ($verbose != 0) { @vstr = ("-v"); }
122my @qstr = ("-q");
123if ($verbose) { @qstr = (); }
124$ENV{'PATH'} = "/usr/lib64/mozldap:/usr/bin:";
125print STDERR ("Exporting to ldif file: ${ldiffile}\n") if ($verbose);
126
127my @pass;
128if ($passwdfile) {
129    @pass = ("-j", $passwdfile);
130} elsif ($passwd) {
131    @pass = ("-w", $passwd);
132}
133
134my @cmd = ("ldapmodify", @vstr, @qstr, qw(-h localhost -p 389), "-D", $rootdn, @pass, "-a");
135
136print STDERR "@cmd\n" if ($verbose);
137print STDERR "$entry\n" if ($verbose);
138
139open(FOO, "|-", @cmd) or die "Couldn't start ldapmodify: $!";
140print(FOO "$entry");
141close(FOO);
142
143die "Couldn't successfully execute ldapmodify: $!" if $?;
144
145my @statuscmd = ("ldapsearch", @vstr, qw(-h localhost -p 389), "-D", $rootdn, @pass, qw(-T -b cn=export,cn=tasks,cn=config), "cn=$taskname", qw(nstaskstatus nstaskexitcode));
146
147print STDERR "Status command: @statuscmd\n" if ($verbose);
148
149my $exitstatus=255;
150
151STATUS: while (1) {
152    sleep(1);
153    open(FOO, "-|", @statuscmd) or die "Couldn't start ldapsearch: $!";
154    while (<FOO>) {
155        chomp;
156        my ($key, $value) = split(": ", $_, 2);
157        if ($key eq "nstaskstatus" && $verbose) {
158            print STDERR "Status: $value\n";
159        }
160        if ($key eq "nstaskexitcode") {
161            $exitstatus = $value;
162            last STATUS;
163        }
164    }
165    close(FOO);
166}
167
168open(OUTPUT, "<", $ldiffile) or die "Couldn't open output file: $!";
169print while (<OUTPUT>);
170close(OUTPUT);
171
172exit $exitstatus;
Note: See TracBrowser for help on using the repository browser.