1 #! /bin/sh 2 # $OpenLDAP$ 3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 ## 5 ## Copyright 1998-2024 The OpenLDAP Foundation. 6 ## All rights reserved. 7 ## 8 ## Redistribution and use in source and binary forms, with or without 9 ## modification, are permitted only as authorized by the OpenLDAP 10 ## Public License. 11 ## 12 ## A copy of this license is available in the file LICENSE in the 13 ## top-level directory of the distribution or, alternatively, at 14 ## <http://www.OpenLDAP.org/license.html>. 15 16 echo "running defines.sh" 17 . $SRCDIR/scripts/defines.sh 18 19 if test $SYNCPROV = syncprovno; then 20 echo "Syncrepl provider overlay not available, test skipped" 21 exit 0 22 fi 23 24 CFPRO=$TESTDIR/cfpro.d 25 CFCON=$TESTDIR/cfcon.d 26 27 mkdir -p $TESTDIR $DBDIR1A $DBDIR1B $DBDIR2A $CFPRO $CFCON 28 29 $SLAPPASSWD -g -n >$CONFIGPWF 30 31 if test x"$SYNCMODE" = x ; then 32 SYNCMODE=rp 33 fi 34 case "$SYNCMODE" in 35 ro) 36 SYNCTYPE="type=refreshOnly interval=00:00:00:03" 37 ;; 38 rp) 39 SYNCTYPE="type=refreshAndPersist" 40 ;; 41 *) 42 echo "unknown sync mode $SYNCMODE" 43 exit 1; 44 ;; 45 esac 46 47 # 48 # Test replication of dynamic config with alternate consumer config: 49 # - start provider 50 # - start consumer 51 # - configure over ldap 52 # - populate over ldap 53 # - configure syncrepl over ldap 54 # - retrieve database over ldap and compare against expected results 55 # 56 57 echo "Starting provider slapd on TCP/IP port $PORT1..." 58 . $CONFFILTER $BACKEND < $DYNAMICCONF > $CONFLDIF 59 $SLAPADD -F $CFPRO -n 0 -l $CONFLDIF 60 RC=$? 61 if test $RC != 0 ; then 62 echo "slapadd failed ($RC)!" 63 exit $RC 64 fi 65 66 $SLAPD -F $CFPRO -h $URI1 -d $LVL > $LOG1 2>&1 & 67 PID=$! 68 if test $WAIT != 0 ; then 69 echo PID $PID 70 read foo 71 fi 72 KILLPIDS="$PID" 73 74 sleep 1 75 76 echo "Using ldapsearch to check that provider slapd is running..." 77 for i in 0 1 2 3 4 5; do 78 $LDAPSEARCH -s base -b "" -H $URI1 \ 79 'objectclass=*' > /dev/null 2>&1 80 RC=$? 81 if test $RC = 0 ; then 82 break 83 fi 84 echo "Waiting 5 seconds for slapd to start..." 85 sleep 5 86 done 87 88 if test $RC != 0 ; then 89 echo "ldapsearch failed ($RC)!" 90 test $KILLSERVERS != no && kill -HUP $KILLPIDS 91 exit $RC 92 fi 93 94 echo "Inserting syncprov overlay on provider..." 95 if [ "$SYNCPROV" = syncprovmod ]; then 96 $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1 97 dn: cn=module,cn=config 98 objectClass: olcModuleList 99 cn: module 100 olcModulePath: ../servers/slapd/overlays 101 olcModuleLoad: syncprov.la 102 EOF 103 RC=$? 104 if test $RC != 0 ; then 105 echo "ldapadd failed for moduleLoad ($RC)!" 106 test $KILLSERVERS != no && kill -HUP $KILLPIDS 107 exit $RC 108 fi 109 fi 110 read CONFIGPW < $CONFIGPWF 111 $LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 112 dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config 113 changetype: add 114 objectClass: olcOverlayConfig 115 objectClass: olcSyncProvConfig 116 olcOverlay: syncprov 117 EOF 118 RC=$? 119 if test $RC != 0 ; then 120 echo "ldapmodify failed for syncprov config ($RC)!" 121 test $KILLSERVERS != no && kill -HUP $KILLPIDS 122 exit $RC 123 fi 124 125 # Consumers will not replicate the provider's actual cn=config. 126 # Instead, they will use an alternate DB so that they may be 127 # configured differently from the provider. This alternate DB 128 # will also be a consumer for the real cn=schema,cn=config tree. 129 # It has multi-provider enabled so that it can be written directly 130 # while being a consumer of the main schema. 131 echo "Configuring consumer config DB on provider..." 132 $LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1 133 dn: cn=config 134 changetype: modify 135 add: olcServerID 136 olcServerID: 1 137 138 dn: olcDatabase={1}ldif,cn=config 139 changetype: add 140 objectClass: olcDatabaseConfig 141 objectClass: olcLdifConfig 142 olcDatabase: {1}ldif 143 olcDbDirectory: $DBDIR1A 144 olcSuffix: cn=config,cn=consumer 145 olcRootDN: cn=config,cn=consumer 146 olcRootPW: repsecret 147 olcAccess: to * by dn.base="cn=config" write 148 149 dn: olcOverlay=syncprov,olcDatabase={1}ldif,cn=config 150 changetype: add 151 objectClass: olcOverlayConfig 152 objectClass: olcSyncProvConfig 153 olcOverlay: syncprov 154 155 dn: cn=config,cn=consumer 156 changetype: add 157 objectClass: olcGlobal 158 cn: consumerconfig 159 160 dn: olcDatabase={0}config,cn=config,cn=consumer 161 changetype: add 162 objectClass: olcDatabaseConfig 163 olcDatabase: {0}config 164 olcRootPW: topsecret 165 olcSyncrepl: {0}rid=001 provider=$URI1 binddn="cn=config,cn=consumer" 166 bindmethod=simple credentials=repsecret searchbase="cn=config,cn=consumer" 167 $SYNCTYPE retry="3 5 300 5" timeout=3 suffixmassage="cn=config" 168 olcUpdateRef: $URI1 169 170 dn: olcDatabase={1}ldif,cn=config 171 changetype: modify 172 add: olcSyncrepl 173 olcSyncrepl: {0}rid=001 provider=$URI1 binddn="cn=config" 174 bindmethod=simple credentials=$CONFIGPW searchbase="cn=schema,cn=config" 175 $SYNCTYPE retry="3 5 300 5" timeout=3 176 suffixmassage="cn=schema,cn=config,cn=consumer" 177 - 178 add: olcMultiProvider 179 olcMultiProvider: TRUE 180 181 EOF 182 RC=$? 183 if test $RC != 0 ; then 184 echo "ldapmodify failed for consumer DB config ($RC)!" 185 test $KILLSERVERS != no && kill -HUP $KILLPIDS 186 exit $RC 187 fi 188 189 echo "Starting consumer slapd on TCP/IP port $PORT2..." 190 $SLAPADD -F $CFCON -n 0 -l $CONFLDIF 191 RC=$? 192 if test $RC != 0 ; then 193 echo "slapadd failed ($RC)!" 194 test $KILLSERVERS != no && kill -HUP $KILLPIDS 195 exit $RC 196 fi 197 198 $SLAPD -F $CFCON -h $URI2 -d $LVL > $LOG2 2>&1 & 199 CONSUMERPID=$! 200 if test $WAIT != 0 ; then 201 echo CONSUMERPID $CONSUMERPID 202 read foo 203 fi 204 KILLPIDS="$KILLPIDS $CONSUMERPID" 205 206 sleep 1 207 208 echo "Using ldapsearch to check that consumer slapd is running..." 209 for i in 0 1 2 3 4 5; do 210 $LDAPSEARCH -s base -b "" -H $URI2 \ 211 'objectclass=*' > /dev/null 2>&1 212 RC=$? 213 if test $RC = 0 ; then 214 break 215 fi 216 echo "Waiting 5 seconds for slapd to start..." 217 sleep 5 218 done 219 220 if test $RC != 0 ; then 221 echo "ldapsearch failed ($RC)!" 222 test $KILLSERVERS != no && kill -HUP $KILLPIDS 223 exit $RC 224 fi 225 226 echo "Configuring syncrepl on consumer..." 227 $LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1 228 dn: olcDatabase={0}config,cn=config 229 changetype: modify 230 add: olcSyncRepl 231 olcSyncRepl: rid=001 provider=$URI1 binddn="cn=config,cn=consumer" 232 bindmethod=simple credentials=repsecret searchbase="cn=config,cn=consumer" 233 $SYNCTYPE retry="3 5 300 5" timeout=3 234 suffixmassage="cn=config" 235 - 236 add: olcUpdateRef 237 olcUpdateRef: $URI1 238 EOF 239 240 sleep 1 241 242 echo "Using ldapsearch to check that syncrepl received config changes..." 243 RC=32 244 for i in 0 1 2 3 4 5; do 245 RESULT=`$LDAPSEARCH -H $URI2 -D cn=config -y $CONFIGPWF \ 246 -s base -b "olcDatabase={0}config,cn=config" \ 247 '(olcUpdateRef=*)' 2>&1 | awk '/^dn:/ {print "OK"}'` 248 if test "x$RESULT" = "xOK" ; then 249 RC=0 250 break 251 fi 252 echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 253 sleep $SLEEP1 254 done 255 256 if test $RC != 0 ; then 257 echo "ldapsearch failed ($RC)!" 258 test $KILLSERVERS != no && kill -HUP $KILLPIDS 259 exit $RC 260 fi 261 262 echo "Adding schema and databases on provider..." 263 $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1 264 include: file://$ABS_SCHEMADIR/core.ldif 265 266 include: file://$ABS_SCHEMADIR/cosine.ldif 267 268 include: file://$ABS_SCHEMADIR/inetorgperson.ldif 269 270 include: file://$ABS_SCHEMADIR/openldap.ldif 271 272 include: file://$ABS_SCHEMADIR/nis.ldif 273 EOF 274 RC=$? 275 if test $RC != 0 ; then 276 echo "ldapadd failed for schema config ($RC)!" 277 test $KILLSERVERS != no && kill -HUP $KILLPIDS 278 exit $RC 279 fi 280 281 echo "Using ldapsearch to check that syncrepl received the schema changes..." 282 RC=32 283 for i in 0 1 2 3 4 5; do 284 RESULT=`$LDAPSEARCH -H $URI2 -D cn=config -y $CONFIGPWF \ 285 -s sub -b "cn=schema,cn=config" \ 286 '(cn=*openldap)' 2>&1 | awk '/^dn:/ {print "OK"}'` 287 if test "x$RESULT" = "xOK" ; then 288 RC=0 289 break 290 fi 291 echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 292 sleep $SLEEP1 293 done 294 295 nullExclude="" nullOK="" 296 test $BACKEND = null && nullExclude="# " nullOK="OK" 297 298 if [ "$BACKENDTYPE" = mod ]; then 299 $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1 300 dn: cn=module,cn=config 301 objectClass: olcModuleList 302 cn: module 303 olcModulePath: ../servers/slapd/back-$BACKEND 304 olcModuleLoad: back_$BACKEND.la 305 306 dn: cn=module,cn=config,cn=consumer 307 objectClass: olcModuleList 308 cn: module 309 olcModulePath: ../servers/slapd/back-$BACKEND 310 olcModuleLoad: back_$BACKEND.la 311 EOF 312 RC=$? 313 if test $RC != 0 ; then 314 echo "ldapadd failed for backend config ($RC)!" 315 test $KILLSERVERS != no && kill -HUP $KILLPIDS 316 exit $RC 317 fi 318 fi 319 320 $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1 321 dn: olcDatabase={2}$BACKEND,cn=config 322 objectClass: olcDatabaseConfig 323 ${nullExclude}objectClass: olc${BACKEND}Config 324 olcDatabase: {2}$BACKEND 325 olcSuffix: $BASEDN 326 ${nullExclude}olcDbDirectory: $DBDIR1B 327 olcRootDN: $MANAGERDN 328 olcRootPW: $PASSWD 329 olcSyncRepl: rid=002 provider=$URI1 binddn="$MANAGERDN" bindmethod=simple 330 credentials=$PASSWD searchbase="$BASEDN" $SYNCTYPE 331 retry="3 5 300 5" timeout=3 332 olcUpdateRef: $URI1 333 334 dn: olcOverlay=syncprov,olcDatabase={2}${BACKEND},cn=config 335 changetype: add 336 objectClass: olcOverlayConfig 337 objectClass: olcSyncProvConfig 338 olcOverlay: syncprov 339 340 dn: olcDatabase={1}$BACKEND,cn=config,cn=consumer 341 objectClass: olcDatabaseConfig 342 ${nullExclude}objectClass: olc${BACKEND}Config 343 olcDatabase: {1}$BACKEND 344 olcSuffix: $BASEDN 345 ${nullExclude}olcDbDirectory: $DBDIR2A 346 olcRootDN: $MANAGERDN 347 olcRootPW: $PASSWD 348 olcSyncRepl: rid=002 provider=$URI1 binddn="$MANAGERDN" bindmethod=simple 349 credentials=$PASSWD searchbase="$BASEDN" $SYNCTYPE 350 retry="3 5 300 5" timeout=3 351 olcUpdateRef: $URI1 352 353 EOF 354 RC=$? 355 if test $RC != 0 ; then 356 echo "ldapadd failed for database config ($RC)!" 357 test $KILLSERVERS != no && kill -HUP $KILLPIDS 358 exit $RC 359 fi 360 361 if test $INDEXDB = indexdb ; then 362 $LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1 363 dn: olcDatabase={2}$BACKEND,cn=config 364 changetype: modify 365 add: olcDbIndex 366 olcDbIndex: objectClass,entryUUID,entryCSN eq 367 olcDbIndex: cn,uid pres,eq,sub 368 EOF 369 RC=$? 370 if test $RC != 0 ; then 371 echo "ldapadd modify for database config ($RC)!" 372 test $KILLSERVERS != no && kill -HUP $KILLPIDS 373 exit $RC 374 fi 375 fi 376 377 echo "Using ldapadd to populate provider..." 378 $LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD -f $LDIFORDERED \ 379 >> $TESTOUT 2>&1 380 RC=$? 381 if test $RC != 0 ; then 382 echo "ldapadd failed for database config ($RC)!" 383 test $KILLSERVERS != no && kill -HUP $KILLPIDS 384 exit $RC 385 fi 386 387 echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 388 sleep $SLEEP1 389 390 echo "Using ldapsearch to check that syncrepl received database changes..." 391 RC=32 392 for i in 0 1 2 3 4 5; do 393 RESULT=`$LDAPSEARCH -H $URI2 \ 394 -s base -b "cn=Ursula Hampster,ou=Alumni Association,ou=People,dc=example,dc=com" \ 395 '(objectClass=*)' 2>&1 | awk '/^dn:/ {print "OK"}'` 396 if test "x$RESULT$nullOK" = "xOK" ; then 397 RC=0 398 break 399 fi 400 echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 401 sleep $SLEEP1 402 done 403 404 if test $RC != 0 ; then 405 echo "ldapsearch failed ($RC)!" 406 test $KILLSERVERS != no && kill -HUP $KILLPIDS 407 exit $RC 408 fi 409 410 echo "Using ldapsearch to read all the entries from the provider..." 411 $LDAPSEARCH -S "" -b "$BASEDN" -D "$MANAGERDN" -H $URI1 -w $PASSWD \ 412 'objectclass=*' > $PROVIDEROUT 2>&1 413 RC=$? 414 415 if test $RC != 0 ; then 416 echo "ldapsearch failed at provider ($RC)!" 417 test $KILLSERVERS != no && kill -HUP $KILLPIDS 418 exit $RC 419 fi 420 421 echo "Using ldapsearch to read all the entries from the consumer..." 422 $LDAPSEARCH -S "" -b "$BASEDN" -D "$MANAGERDN" -H $URI2 -w $PASSWD \ 423 'objectclass=*' > $CONSUMEROUT 2>&1 424 RC=$? 425 426 if test $RC != 0 ; then 427 echo "ldapsearch failed at consumer ($RC)!" 428 test $KILLSERVERS != no && kill -HUP $KILLPIDS 429 exit $RC 430 fi 431 432 test $KILLSERVERS != no && kill -HUP $KILLPIDS 433 434 echo "Filtering provider results..." 435 $LDIFFILTER < $PROVIDEROUT > $PROVIDERFLT 436 echo "Filtering consumer results..." 437 $LDIFFILTER < $CONSUMEROUT > $CONSUMERFLT 438 439 echo "Comparing retrieved entries from provider and consumer..." 440 $CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT 441 442 if test $? != 0 ; then 443 echo "test failed - provider and consumer databases differ" 444 exit 1 445 fi 446 447 echo ">>>>> Test succeeded" 448 449 test $KILLSERVERS != no && wait 450 451 exit 0 452
Indexes created Fri Apr 17 00:22:50 UTC 2026