The init script slapd provide start, stop and other commands for OpenLDAP daemon. It requires:
Configuration of this script can be done in an external file, with the same name as the init script in /etc/default.
A backup feature allows to save all data in an LDIF file, compressed or not.
Run the script like that:
# /etc/init.d/slapd action
With action in:
start:stop:slapd and save data if neededslurpd if neededforcestop:kill -KILL PIDkillall -KILL on binaries namerestart:stopstartforce-realod:configtest: test configurationdb_recover: data recover (slapd must be stopped)reindex: data index (slapd must be stopped)removelogs: archive old BerkeleyDB logs (slapd must be stopped)backup: LDIF export of all datastatus: Display running status and naming contexts
Copy script in /etc/init.d:
# mv slapd /etc/init.d # chmod +x /etc/init.d/slapd
Configure the service in init levels:
# ln -s /etc/init.d/slapd /etc/rc3.d/S90slapd # ln -s /etc/init.d/slapd /etc/rc4.d/S90slapd # ln -s /etc/init.d/slapd /etc/rc5.d/S90slapd # ln -s /etc/init.d/slapd /etc/rc0.d/K10slapd # ln -s /etc/init.d/slapd /etc/rc6.d/K10slapd
For RedHat based systems:
# chkconfig --add slapd
For Debian base systems:
# update-rc.d slapd defaults
Configuration file must be installed in /etc/default:
# mkdir -p /etc/default # mv slapd.default /etc/default/slapd # chmod 600 /etc/default/slapd
You can run several OpenLDAP daemons on the same server, and use different init scripts. For example to have a “slapd2” init script:
# cp /etc/init.d/slapd /etc/init.d/slapd2 # cp /etc/default/slapd /etc/default/slapd2
Use the external file in /etc/default rather than editing directly the script.
| Parameter | Description |
IP | Listen address for standard LDAP requests. Meta character * can be used for all interfaces |
PORT | Listen port for standard LDAP requests. Use SLAPD_SERVICES if you need several ports |
SSLIP | Listen address for LDAPS requests. Meta character * can be used for all interfaces |
SSLPORT | Listen port for LDAPS requests. Use SLAPD_SERVICES if you need several ports |
| - | |
SLAPD_PATH | OpenLDAP main directory |
DATA_PATH | Data directory. You can set auto to get directories configured in slapd.conf |
SLAPD_PID_FILE | The pidfile parameter of slapd.conf |
SLAPD_CONF | Main configuration file |
SLAPD_SERVICES | Listen URI LDAP list, separated by spaces |
SLAPD_BIN | slapd binary path |
| - | |
SLAPCAT_BIN | slapcat binary path |
SLAPINDEX_BIN | slapindex binary path |
SLAPTEST_BIN | slaptest binary path |
| - | |
SLURPD_PID_FILE | The replica-pidfile parameter of slapd.conf |
SLURPD_BIN | slurpd binary path |
| - | |
BDB_PATH | BerkeleyDB main directory |
DB_ARCHIVE_BIN | db_archive binary path |
DB_RECOVER_BIN | db_recover binary path |
RECOVER_AT_STARTUP | Force data recover on startup. Should not be used for OpenLDAP > 2.2 |
| - | |
BACKUP_AT_SHUTDOWN | Backup data when slapd is stopped |
BACKUP_PATH | Backup directory |
BACKUP_FILE | Backup file path |
BACKUP_SUFFIX | Backup file suffix |
| - | |
TIMEOUT | Stop slapd timeout. After that, you need to use the forcestop rule |
FD_LIMIT | Maximum opened file descriptor |
””) :| Parameter | Description |
SLAPD_PARAMS | Additional options forslapd. options -h, -f, -u et -g are already managed |
SLAPD_CONF_DIR | Main configuration dir (cancel SLAPD_CONF parameter) |
SLAPD_USER | Owner user of slapd andslurpd process |
SLAPD_GROUP | Owner group of slapd andslurpd process |
| - | |
SLURPD_PARAMS | Additional options for slurpd. Option -f is already managed |
| - | |
BACKUP_COMPRESS_EXT | Extension of LDIF compressed file. No compression is done if this is empty |
BACKUP_COMPRESS_BIN | Binary used to compress LDIF file |