mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
allow tools to syslog
This commit is contained in:
parent
3f3d1e48b6
commit
cff53d4867
@ -5,13 +5,14 @@
|
||||
slapacl \- Check access to a list of attributes.
|
||||
.SH SYNOPSIS
|
||||
.B SBINDIR/slapacl
|
||||
.B [\-v]
|
||||
.B \-b DN
|
||||
.B [\-d level]
|
||||
.B [\-D authcDN | \-U authcID]
|
||||
.B [\-f slapd.conf]
|
||||
.B [\-F confdir]
|
||||
.B [\-D authcDN | \-U authcID]
|
||||
.B \-b DN
|
||||
.B [\-o name[=value]
|
||||
.B [\-u]
|
||||
.B [\-v]
|
||||
.B [\-X authzID | \-o authzDN=DN]
|
||||
.B [attr[/access][:value]] [...]
|
||||
.LP
|
||||
@ -35,13 +36,25 @@ pseudo-attribute is tested.
|
||||
.LP
|
||||
.SH OPTIONS
|
||||
.TP
|
||||
.B \-v
|
||||
enable verbose mode.
|
||||
.BI \-b " DN"
|
||||
specify the
|
||||
.B DN
|
||||
which access is requested to; the corresponding entry is fetched
|
||||
from the database, and thus it must exist.
|
||||
The DN is also used to determine what rules apply; thus, it must be
|
||||
in the naming context of a configured database. See also
|
||||
.BR \-u .
|
||||
.TP
|
||||
.BI \-d " level"
|
||||
enable debugging messages as defined by the specified
|
||||
.IR level .
|
||||
.TP
|
||||
.BI \-D " authcDN"
|
||||
specify a DN to be used as identity through the test session
|
||||
when selecting appropriate
|
||||
.B <by>
|
||||
clauses in access lists.
|
||||
.TP
|
||||
.BI \-f " slapd.conf"
|
||||
specify an alternative
|
||||
.BR slapd.conf (5)
|
||||
@ -60,62 +73,42 @@ default config directory will be made before trying to use the default
|
||||
config file. If a valid config directory exists then the
|
||||
default config file is ignored.
|
||||
.TP
|
||||
.BI \-D " authcDN"
|
||||
specify a DN to be used as identity through the test session
|
||||
when selecting appropriate
|
||||
.B <by>
|
||||
clauses in access lists.
|
||||
.TP
|
||||
.BI \-U " authcID"
|
||||
specify an ID to be mapped to a
|
||||
.B DN
|
||||
as by means of
|
||||
.B authz-regexp
|
||||
or
|
||||
.B authz-rewrite
|
||||
rules (see
|
||||
.BR slapd.conf (5)
|
||||
for details); mutually exclusive with
|
||||
.BR \-D .
|
||||
.TP
|
||||
.BI \-X " authzID"
|
||||
specify an authorization ID to be mapped to a
|
||||
.B DN
|
||||
as by means of
|
||||
.B authz-regexp
|
||||
or
|
||||
.B authz-rewrite
|
||||
rules (see
|
||||
.BR slapd.conf (5)
|
||||
for details); mutually exclusive with \fB\-o\fP \fIauthzDN=DN\fP.
|
||||
.TP
|
||||
.BI \-o " option[=value]"
|
||||
Specify an
|
||||
.BR option
|
||||
with a(n optional)
|
||||
.BR value .
|
||||
Possible options/values are:
|
||||
Possible generic options/values are:
|
||||
.LP
|
||||
.nf
|
||||
sockurl
|
||||
syslog=<subsystems> (see `\-s' in slapd(8))
|
||||
syslog-level=<level> (see `\-S' in slapd(8))
|
||||
syslog-user=<user> (see `\-l' in slapd(8))
|
||||
|
||||
.fi
|
||||
.RS
|
||||
Possible options/values specific to
|
||||
.B slapacl
|
||||
are:
|
||||
.RE
|
||||
.nf
|
||||
|
||||
authzDN
|
||||
domain
|
||||
peername
|
||||
sockname
|
||||
ssf
|
||||
transport_ssf
|
||||
tls_ssf
|
||||
sasl_ssf
|
||||
authzDN
|
||||
sockname
|
||||
sockurl
|
||||
ssf
|
||||
tls_ssf
|
||||
transport_ssf
|
||||
|
||||
.fi
|
||||
.TP
|
||||
.BI \-b " DN"
|
||||
specify the
|
||||
.B DN
|
||||
which access is requested to; the corresponding entry is fetched
|
||||
from the database, and thus it must exist.
|
||||
The DN is also used to determine what rules apply; thus, it must be
|
||||
in the naming context of a configured database. See also
|
||||
.BR \-u .
|
||||
.RS
|
||||
See the related fields in
|
||||
.BR slapd.access (5)
|
||||
for details.
|
||||
.RE
|
||||
.TP
|
||||
.BI \-u
|
||||
do not fetch the entry from the database.
|
||||
@ -131,6 +124,32 @@ option is still used to select what rules apply; thus, it must be
|
||||
in the naming context of a configured database.
|
||||
See also
|
||||
.BR \-b .
|
||||
.TP
|
||||
.BI \-U " authcID"
|
||||
specify an ID to be mapped to a
|
||||
.B DN
|
||||
as by means of
|
||||
.B authz-regexp
|
||||
or
|
||||
.B authz-rewrite
|
||||
rules (see
|
||||
.BR slapd.conf (5)
|
||||
for details); mutually exclusive with
|
||||
.BR \-D .
|
||||
.TP
|
||||
.B \-v
|
||||
enable verbose mode.
|
||||
.TP
|
||||
.BI \-X " authzID"
|
||||
specify an authorization ID to be mapped to a
|
||||
.B DN
|
||||
as by means of
|
||||
.B authz-regexp
|
||||
or
|
||||
.B authz-rewrite
|
||||
rules (see
|
||||
.BR slapd.conf (5)
|
||||
for details); mutually exclusive with \fB\-o\fP \fIauthzDN=DN\fP.
|
||||
.SH EXAMPLES
|
||||
The command
|
||||
.LP
|
||||
|
@ -6,18 +6,19 @@
|
||||
slapadd \- Add entries to a SLAPD database
|
||||
.SH SYNOPSIS
|
||||
.B SBINDIR/slapadd
|
||||
.B [\-v]
|
||||
.B [\-b suffix]
|
||||
.B [\-c]
|
||||
.B [\-g]
|
||||
.B [\-u]
|
||||
.B [\-q]
|
||||
.B [\-w]
|
||||
.B [\-d level]
|
||||
.B [\-b suffix]
|
||||
.B [\-n dbnum]
|
||||
.B [\-f slapd.conf]
|
||||
.B [\-F confdir]
|
||||
.B [\-l ldif-file]
|
||||
.B [\-n dbnum]
|
||||
.B [\-o name[=value]
|
||||
.B [\-q]
|
||||
.B [\-u]
|
||||
.B [\-v]
|
||||
.B [\-w]
|
||||
.SH DESCRIPTION
|
||||
.LP
|
||||
.B Slapadd
|
||||
@ -43,40 +44,6 @@ schema checks, and does not maintain operational
|
||||
attributes (such as createTimeStamp and modifiersName).
|
||||
.SH OPTIONS
|
||||
.TP
|
||||
.B \-v
|
||||
enable verbose mode.
|
||||
.TP
|
||||
.B \-c
|
||||
enable continue (ignore errors) mode.
|
||||
.TP
|
||||
.B \-g
|
||||
disable subordinate gluing. Only the specified database will be
|
||||
processed, and not its glued subordinates (if any).
|
||||
.TP
|
||||
.B -s
|
||||
disable schema checking. This option is intended to be used when loading
|
||||
databases containing special objects, such as fractional objects on a
|
||||
partial replica. Loading normal objects which do not conform to
|
||||
schema may result in unexpected and ill behavior.
|
||||
.TP
|
||||
.B \-u
|
||||
enable dry-run (don't write to backend) mode.
|
||||
.TP
|
||||
.B \-q
|
||||
enable quick (fewer integrity checks) mode. Does fewer consistency checks
|
||||
on the input data, and no consistency checks when writing the database.
|
||||
Improves the load time but if any errors or interruptions occur the resulting
|
||||
database will be unusable.
|
||||
.TP
|
||||
.BI \-w
|
||||
write syncrepl context information.
|
||||
After all entries are added, the contextCSN
|
||||
will be updated with the greatest CSN in the database.
|
||||
.TP
|
||||
.BI \-d " level"
|
||||
enable debugging messages as defined by the specified
|
||||
.IR level .
|
||||
.TP
|
||||
.BI \-b " suffix"
|
||||
Use the specified \fIsuffix\fR to determine which database to
|
||||
add entries to. The \-b cannot be used in conjunction
|
||||
@ -84,13 +51,12 @@ with the
|
||||
.B \-n
|
||||
option.
|
||||
.TP
|
||||
.BI \-n " dbnum"
|
||||
Add entries to the \fIdbnum\fR\-th database listed in the
|
||||
configuration file. The
|
||||
.B \-n
|
||||
cannot be used in conjunction with the
|
||||
.B \-b
|
||||
option.
|
||||
.B \-c
|
||||
enable continue (ignore errors) mode.
|
||||
.TP
|
||||
.BI \-d " level"
|
||||
enable debugging messages as defined by the specified
|
||||
.IR level .
|
||||
.TP
|
||||
.BI \-f " slapd.conf"
|
||||
specify an alternative
|
||||
@ -111,8 +77,57 @@ config file. If a valid config directory exists then the
|
||||
default config file is ignored. If dryrun mode is also specified,
|
||||
no conversion will occur.
|
||||
.TP
|
||||
.B \-g
|
||||
disable subordinate gluing. Only the specified database will be
|
||||
processed, and not its glued subordinates (if any).
|
||||
.TP
|
||||
.BI \-l " ldif-file"
|
||||
Read LDIF from the specified file instead of standard input.
|
||||
.TP
|
||||
.BI \-n " dbnum"
|
||||
Add entries to the \fIdbnum\fR\-th database listed in the
|
||||
configuration file. The
|
||||
.B \-n
|
||||
cannot be used in conjunction with the
|
||||
.B \-b
|
||||
option.
|
||||
.TP
|
||||
.BI \-o " option[=value]"
|
||||
Specify an
|
||||
.BR option
|
||||
with a(n optional)
|
||||
.BR value .
|
||||
Possible generic options/values are:
|
||||
.LP
|
||||
.nf
|
||||
syslog=<subsystems> (see `\-s' in slapd(8))
|
||||
syslog-level=<level> (see `\-S' in slapd(8))
|
||||
syslog-user=<user> (see `\-l' in slapd(8))
|
||||
|
||||
.fi
|
||||
.TP
|
||||
.B \-q
|
||||
enable quick (fewer integrity checks) mode. Does fewer consistency checks
|
||||
on the input data, and no consistency checks when writing the database.
|
||||
Improves the load time but if any errors or interruptions occur the resulting
|
||||
database will be unusable.
|
||||
.TP
|
||||
.B -s
|
||||
disable schema checking. This option is intended to be used when loading
|
||||
databases containing special objects, such as fractional objects on a
|
||||
partial replica. Loading normal objects which do not conform to
|
||||
schema may result in unexpected and ill behavior.
|
||||
.TP
|
||||
.B \-u
|
||||
enable dry-run (don't write to backend) mode.
|
||||
.TP
|
||||
.B \-v
|
||||
enable verbose mode.
|
||||
.TP
|
||||
.BI \-w
|
||||
write syncrepl context information.
|
||||
After all entries are added, the contextCSN
|
||||
will be updated with the greatest CSN in the database.
|
||||
.SH LIMITATIONS
|
||||
Your
|
||||
.BR slapd (8)
|
||||
|
@ -5,13 +5,14 @@
|
||||
slapauth \- Check a list of string-represented IDs for authc/authz.
|
||||
.SH SYNOPSIS
|
||||
.B SBINDIR/slapauth
|
||||
.B [\-v]
|
||||
.B [\-d level]
|
||||
.B [\-f slapd.conf]
|
||||
.B [\-F confdir]
|
||||
.B [\-M mech]
|
||||
.B [\-o name[=value]
|
||||
.B [\-R realm]
|
||||
.B [\-U authcID]
|
||||
.B [\-v]
|
||||
.B [\-X authzID]
|
||||
.B ID [...]
|
||||
.LP
|
||||
@ -33,9 +34,6 @@ list given on the command-line.
|
||||
.LP
|
||||
.SH OPTIONS
|
||||
.TP
|
||||
.B \-v
|
||||
enable verbose mode.
|
||||
.TP
|
||||
.BI \-d " level"
|
||||
enable debugging messages as defined by the specified
|
||||
.IR level .
|
||||
@ -61,6 +59,20 @@ default config file is ignored.
|
||||
.BI \-M " mech"
|
||||
specify a mechanism.
|
||||
.TP
|
||||
.BI \-o " option[=value]"
|
||||
Specify an
|
||||
.BR option
|
||||
with a(n optional)
|
||||
.BR value .
|
||||
Possible generic options/values are:
|
||||
.LP
|
||||
.nf
|
||||
syslog=<subsystems> (see `\-s' in slapd(8))
|
||||
syslog-level=<level> (see `\-S' in slapd(8))
|
||||
syslog-user=<user> (see `\-l' in slapd(8))
|
||||
|
||||
.fi
|
||||
.TP
|
||||
.BI \-R " realm"
|
||||
specify a realm.
|
||||
.TP
|
||||
@ -86,6 +98,9 @@ If both
|
||||
and
|
||||
.I authzID
|
||||
are given via command line switch, the ID list cannot be present.
|
||||
.TP
|
||||
.B \-v
|
||||
enable verbose mode.
|
||||
.SH EXAMPLES
|
||||
The command
|
||||
.LP
|
||||
|
@ -6,17 +6,18 @@
|
||||
slapcat \- SLAPD database to LDIF utility
|
||||
.SH SYNOPSIS
|
||||
.B SBINDIR/slapcat
|
||||
.B [\-v]
|
||||
.B [\-c]
|
||||
.B [\-g]
|
||||
.B [\-d level]
|
||||
.B [\-b suffix]
|
||||
.B [\-n dbnum]
|
||||
.B [\-a filter]
|
||||
.B [\-s subtree-dn]
|
||||
.B [\-b suffix]
|
||||
.B [\-c]
|
||||
.B [\-d level]
|
||||
.B [\-f slapd.conf]
|
||||
.B [\-F confdir]
|
||||
.B [\-g]
|
||||
.B [\-l ldif-file]
|
||||
.B [\-n dbnum]
|
||||
.B [\-o name[=value]
|
||||
.B [\-s subtree-dn]
|
||||
.B [\-v]
|
||||
.B
|
||||
.LP
|
||||
.SH DESCRIPTION
|
||||
@ -48,35 +49,6 @@ into superior first order and removing no-user-modification
|
||||
operational attributes.
|
||||
.SH OPTIONS
|
||||
.TP
|
||||
.B \-v
|
||||
Enable verbose mode.
|
||||
.TP
|
||||
.B \-c
|
||||
Enable continue (ignore errors) mode.
|
||||
.TP
|
||||
.B \-g
|
||||
disable subordinate gluing. Only the specified database will be
|
||||
processed, and not its glued subordinates (if any).
|
||||
.TP
|
||||
.BI \-d " level"
|
||||
Enable debugging messages as defined by the specified
|
||||
.IR level .
|
||||
.TP
|
||||
.BI \-b " suffix"
|
||||
Use the specified \fIsuffix\fR to determine which database to
|
||||
generate output for. The \-b cannot be used in conjunction
|
||||
with the
|
||||
.B \-n
|
||||
option.
|
||||
.TP
|
||||
.BI \-n " dbnum"
|
||||
Generate output for the \fIdbnum\fR\-th database listed in the
|
||||
configuration file. The
|
||||
.B \-n
|
||||
cannot be used in conjunction with the
|
||||
.B \-b
|
||||
option.
|
||||
.TP
|
||||
.BI \-a " filter"
|
||||
Only dump entries matching the asserted filter.
|
||||
For example
|
||||
@ -87,13 +59,19 @@ slapcat -a \\
|
||||
will dump all but the "ou=People,dc=example,dc=com" subtree
|
||||
of the "dc=example,dc=com" database.
|
||||
.TP
|
||||
.BI \-s " subtree-dn"
|
||||
Only dump entries in the subtree specified by this DN.
|
||||
Implies `-b subtree-dn' if no
|
||||
.B \-b
|
||||
or
|
||||
.BI \-b " suffix"
|
||||
Use the specified \fIsuffix\fR to determine which database to
|
||||
generate output for. The \-b cannot be used in conjunction
|
||||
with the
|
||||
.B \-n
|
||||
option is given.
|
||||
option.
|
||||
.TP
|
||||
.B \-c
|
||||
Enable continue (ignore errors) mode.
|
||||
.TP
|
||||
.BI \-d " level"
|
||||
Enable debugging messages as defined by the specified
|
||||
.IR level .
|
||||
.TP
|
||||
.BI \-f " slapd.conf"
|
||||
Specify an alternative
|
||||
@ -113,8 +91,45 @@ default config directory will be made before trying to use the default
|
||||
config file. If a valid config directory exists then the
|
||||
default config file is ignored.
|
||||
.TP
|
||||
.B \-g
|
||||
disable subordinate gluing. Only the specified database will be
|
||||
processed, and not its glued subordinates (if any).
|
||||
.TP
|
||||
.BI \-l " ldif-file"
|
||||
Write LDIF to specified file instead of standard output.
|
||||
.TP
|
||||
.BI \-n " dbnum"
|
||||
Generate output for the \fIdbnum\fR\-th database listed in the
|
||||
configuration file. The
|
||||
.B \-n
|
||||
cannot be used in conjunction with the
|
||||
.B \-b
|
||||
option.
|
||||
.TP
|
||||
.BI \-o " option[=value]"
|
||||
Specify an
|
||||
.BR option
|
||||
with a(n optional)
|
||||
.BR value .
|
||||
Possible generic options/values are:
|
||||
.LP
|
||||
.nf
|
||||
syslog=<subsystems> (see `\-s' in slapd(8))
|
||||
syslog-level=<level> (see `\-S' in slapd(8))
|
||||
syslog-user=<user> (see `\-l' in slapd(8))
|
||||
|
||||
.fi
|
||||
.TP
|
||||
.BI \-s " subtree-dn"
|
||||
Only dump entries in the subtree specified by this DN.
|
||||
Implies `-b subtree-dn' if no
|
||||
.B \-b
|
||||
or
|
||||
.B \-n
|
||||
option is given.
|
||||
.TP
|
||||
.B \-v
|
||||
Enable verbose mode.
|
||||
.SH LIMITATIONS
|
||||
In general, your
|
||||
.BR slapd (8)
|
||||
|
@ -5,11 +5,12 @@
|
||||
slapdn \- Check a list of string-represented DNs based on schema syntax.
|
||||
.SH SYNOPSIS
|
||||
.B SBINDIR/slapdn
|
||||
.B [\-v]
|
||||
.B [\-d level]
|
||||
.B [\-f slapd.conf]
|
||||
.B [\-F confdir]
|
||||
.B [\-N | \-P]
|
||||
.B [\-o name[=value]
|
||||
.B [\-v]
|
||||
.B DN [...]
|
||||
.LP
|
||||
.SH DESCRIPTION
|
||||
@ -29,9 +30,6 @@ list given on the command-line.
|
||||
.LP
|
||||
.SH OPTIONS
|
||||
.TP
|
||||
.B \-v
|
||||
enable verbose mode.
|
||||
.TP
|
||||
.BI \-d " level"
|
||||
enable debugging messages as defined by the specified
|
||||
.IR level .
|
||||
@ -59,10 +57,27 @@ only output a normalized form of the DN, suitable to be used
|
||||
in a normalization tool; incompatible with
|
||||
.BR \-P .
|
||||
.TP
|
||||
.BI \-o " option[=value]"
|
||||
Specify an
|
||||
.BR option
|
||||
with a(n optional)
|
||||
.BR value .
|
||||
Possible generic options/values are:
|
||||
.LP
|
||||
.nf
|
||||
syslog=<subsystems> (see `\-s' in slapd(8))
|
||||
syslog-level=<level> (see `\-S' in slapd(8))
|
||||
syslog-user=<user> (see `\-l' in slapd(8))
|
||||
|
||||
.fi
|
||||
.TP
|
||||
.BI \-P
|
||||
only output a prettified form of the DN, suitable to be used
|
||||
in a check and beautification tool; incompatible with
|
||||
.BR \-N .
|
||||
.TP
|
||||
.B \-v
|
||||
enable verbose mode.
|
||||
.SH EXAMPLES
|
||||
To check a
|
||||
.B DN
|
||||
|
@ -6,15 +6,16 @@
|
||||
slapindex \- SLAPD index to LDIF utility
|
||||
.SH SYNOPSIS
|
||||
.B SBINDIR/slapindex
|
||||
.B [\-v]
|
||||
.B [\-c]
|
||||
.B [\-g]
|
||||
.B [\-q]
|
||||
.B [\-d level]
|
||||
.B [\-b suffix]
|
||||
.B [\-n dbnum]
|
||||
.B [\-c]
|
||||
.B [\-d level]
|
||||
.B [\-f slapd.conf]
|
||||
.B [\-F confdir]
|
||||
.B [\-g]
|
||||
.B [\-n dbnum]
|
||||
.B [\-o name[=value]
|
||||
.B [\-q]
|
||||
.B [\-v]
|
||||
.B
|
||||
.LP
|
||||
.SH DESCRIPTION
|
||||
@ -31,27 +32,6 @@ Databases configured as
|
||||
of this one are also re-indexed, unless \fB-g\fP is specified.
|
||||
.SH OPTIONS
|
||||
.TP
|
||||
.B \-v
|
||||
enable verbose mode.
|
||||
.TP
|
||||
.B \-c
|
||||
enable continue (ignore errors) mode.
|
||||
.TP
|
||||
.B \-g
|
||||
disable subordinate gluing. Only the specified database will be
|
||||
processed, and not its glued subordinates (if any).
|
||||
.TP
|
||||
.B \-q
|
||||
enable quick (fewer integrity checks) mode. Performs no consistency checks
|
||||
when writing the database. Improves indexing time,
|
||||
.B however
|
||||
the database will most likely be unusable if any errors or
|
||||
interruptions occur.
|
||||
.TP
|
||||
.BI \-d " level"
|
||||
enable debugging messages as defined by the specified
|
||||
.IR level .
|
||||
.TP
|
||||
.BI \-b " suffix"
|
||||
Use the specified \fIsuffix\fR to determine which database to
|
||||
generate output for. The \-b cannot be used in conjunction
|
||||
@ -59,13 +39,12 @@ with the
|
||||
.B \-n
|
||||
option.
|
||||
.TP
|
||||
.BI \-n " dbnum"
|
||||
Generate output for the \fIdbnum\fR\-th database listed in the
|
||||
configuration file. The
|
||||
.B \-n
|
||||
cannot be used in conjunction with the
|
||||
.B \-b
|
||||
option.
|
||||
.B \-c
|
||||
enable continue (ignore errors) mode.
|
||||
.TP
|
||||
.BI \-d " level"
|
||||
enable debugging messages as defined by the specified
|
||||
.IR level .
|
||||
.TP
|
||||
.BI \-f " slapd.conf"
|
||||
specify an alternative
|
||||
@ -84,6 +63,42 @@ If neither option is specified, an attempt to read the
|
||||
default config directory will be made before trying to use the default
|
||||
config file. If a valid config directory exists then the
|
||||
default config file is ignored.
|
||||
.TP
|
||||
.B \-g
|
||||
disable subordinate gluing. Only the specified database will be
|
||||
processed, and not its glued subordinates (if any).
|
||||
.TP
|
||||
.BI \-n " dbnum"
|
||||
Generate output for the \fIdbnum\fR\-th database listed in the
|
||||
configuration file. The
|
||||
.B \-n
|
||||
cannot be used in conjunction with the
|
||||
.B \-b
|
||||
option.
|
||||
.TP
|
||||
.BI \-o " option[=value]"
|
||||
Specify an
|
||||
.BR option
|
||||
with a(n optional)
|
||||
.BR value .
|
||||
Possible generic options/values are:
|
||||
.LP
|
||||
.nf
|
||||
syslog=<subsystems> (see `\-s' in slapd(8))
|
||||
syslog-level=<level> (see `\-S' in slapd(8))
|
||||
syslog-user=<user> (see `\-l' in slapd(8))
|
||||
|
||||
.fi
|
||||
.TP
|
||||
.B \-q
|
||||
enable quick (fewer integrity checks) mode. Performs no consistency checks
|
||||
when writing the database. Improves indexing time,
|
||||
.B however
|
||||
the database will most likely be unusable if any errors or
|
||||
interruptions occur.
|
||||
.TP
|
||||
.B \-v
|
||||
enable verbose mode.
|
||||
.SH LIMITATIONS
|
||||
Your
|
||||
.BR slapd (8)
|
||||
|
@ -8,6 +8,7 @@ slaptest \- Check the suitability of the slapd.conf file.
|
||||
.B [\-d level]
|
||||
.B [\-f slapd.conf]
|
||||
.B [\-F confdir]
|
||||
.B [\-o name[=value]
|
||||
.B [\-u]
|
||||
.B [\-v]
|
||||
.LP
|
||||
@ -47,6 +48,20 @@ config file. If a valid config directory exists then the
|
||||
default config file is ignored. If dryrun mode is also specified,
|
||||
no conversion will occur.
|
||||
.TP
|
||||
.BI \-o " option[=value]"
|
||||
Specify an
|
||||
.BR option
|
||||
with a(n optional)
|
||||
.BR value .
|
||||
Possible generic options/values are:
|
||||
.LP
|
||||
.nf
|
||||
syslog=<subsystems> (see `\-s' in slapd(8))
|
||||
syslog-level=<level> (see `\-S' in slapd(8))
|
||||
syslog-user=<user> (see `\-l' in slapd(8))
|
||||
|
||||
.fi
|
||||
.TP
|
||||
.B \-u
|
||||
enable dryrun mode (i.e. don't fail if databases cannot be opened,
|
||||
but config is fine).
|
||||
|
@ -106,10 +106,6 @@ static int version = 0;
|
||||
void *slap_tls_ctx;
|
||||
LDAP *slap_tls_ld;
|
||||
|
||||
#ifdef LOG_LOCAL4
|
||||
#define DEFAULT_SYSLOG_USER LOG_LOCAL4
|
||||
#endif /* LOG_LOCAL4 */
|
||||
|
||||
static int
|
||||
slapd_opt_slp( const char *val, void *arg )
|
||||
{
|
||||
@ -162,7 +158,7 @@ struct option_helper {
|
||||
|
||||
#if defined(LDAP_DEBUG) && defined(LDAP_SYSLOG)
|
||||
#ifdef LOG_LOCAL4
|
||||
static int
|
||||
int
|
||||
parse_syslog_user( const char *arg, int *syslogUser )
|
||||
{
|
||||
static slap_verbmasks syslogUsers[] = {
|
||||
@ -182,12 +178,12 @@ parse_syslog_user( const char *arg, int *syslogUser )
|
||||
#endif /* LOG_DAEMON */
|
||||
{ BER_BVNULL, 0 }
|
||||
};
|
||||
int i = verb_to_mask( optarg, syslogUsers );
|
||||
int i = verb_to_mask( arg, syslogUsers );
|
||||
|
||||
if ( BER_BVISNULL( &syslogUsers[ i ].word ) ) {
|
||||
Debug( LDAP_DEBUG_ANY,
|
||||
"unrecognized syslog user \"%s\".\n",
|
||||
optarg, 0, 0 );
|
||||
arg, 0, 0 );
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -197,7 +193,7 @@ parse_syslog_user( const char *arg, int *syslogUser )
|
||||
}
|
||||
#endif /* LOG_LOCAL4 */
|
||||
|
||||
static int
|
||||
int
|
||||
parse_syslog_level( const char *arg, int *levelp )
|
||||
{
|
||||
static slap_verbmasks str2syslog_level[] = {
|
||||
@ -352,7 +348,7 @@ int main( int argc, char **argv )
|
||||
char *sandbox = NULL;
|
||||
#endif
|
||||
#ifdef LOG_LOCAL4
|
||||
int syslogUser = DEFAULT_SYSLOG_USER;
|
||||
int syslogUser = SLAP_DEFAULT_SYSLOG_USER;
|
||||
#endif
|
||||
|
||||
int g_argc = argc;
|
||||
|
@ -1021,6 +1021,10 @@ LDAP_SLAPD_F (int) lock_fclose LDAP_P(( FILE *fp, FILE *lfp ));
|
||||
LDAP_SLAPD_F (int)
|
||||
parse_debug_level LDAP_P(( const char *arg, int *levelp, char ***unknowns ));
|
||||
LDAP_SLAPD_F (int)
|
||||
parse_syslog_level LDAP_P(( const char *arg, int *levelp ));
|
||||
LDAP_SLAPD_F (int)
|
||||
parse_syslog_user LDAP_P(( const char *arg, int *syslogUser ));
|
||||
LDAP_SLAPD_F (int)
|
||||
parse_debug_unknowns LDAP_P(( char **unknowns, int *levelp ));
|
||||
|
||||
/*
|
||||
|
@ -2681,21 +2681,27 @@ typedef struct slap_conn {
|
||||
SEND_LDAP_INTERMEDIATE *c_send_ldap_intermediate;
|
||||
} Connection;
|
||||
|
||||
#if defined(LDAP_SYSLOG) && defined(LDAP_DEBUG)
|
||||
#ifdef LDAP_DEBUG
|
||||
#ifdef LDAP_SYSLOG
|
||||
#ifdef LOG_LOCAL4
|
||||
#define SLAP_DEFAULT_SYSLOG_USER LOG_LOCAL4
|
||||
#endif /* LOG_LOCAL4 */
|
||||
|
||||
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
|
||||
Log5( (level), ldap_syslog_level, (fmt), (connid), (opid), (arg1), (arg2), (arg3) )
|
||||
#define StatslogTest( level ) ((ldap_debug | ldap_syslog) & (level))
|
||||
#elif defined(LDAP_DEBUG)
|
||||
#else /* !LDAP_SYSLOG */
|
||||
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
|
||||
do { \
|
||||
if ( ldap_debug & (level) ) \
|
||||
fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
|
||||
} while (0)
|
||||
#define StatslogTest( level ) (ldap_debug & (level))
|
||||
#else
|
||||
#endif /* !LDAP_SYSLOG */
|
||||
#else /* !LDAP_DEBUG */
|
||||
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) ((void) 0)
|
||||
#define StatslogTest( level ) (0)
|
||||
#endif
|
||||
#endif /* !LDAP_DEBUG */
|
||||
|
||||
/*
|
||||
* listener; need to access it from monitor backend
|
||||
|
@ -47,18 +47,26 @@ static FILE *leakfile;
|
||||
|
||||
static LDIFFP dummy;
|
||||
|
||||
#ifdef LDAP_SYSLOG
|
||||
int start_syslog;
|
||||
static char **syslog_unknowns;
|
||||
#ifdef LOG_LOCAL4
|
||||
static int syslogUser = SLAP_DEFAULT_SYSLOG_USER;
|
||||
#endif /* LOG_LOCAL4 */
|
||||
#endif /* LDAP_SYSLOG */
|
||||
|
||||
static void
|
||||
usage( int tool, const char *progname )
|
||||
{
|
||||
char *options = NULL;
|
||||
fprintf( stderr,
|
||||
"usage: %s [-v] [-d debuglevel] [-f configfile] [-F configdir]",
|
||||
"usage: %s [-v] [-d debuglevel] [-f configfile] [-F configdir] [-o <name>[=<value>]]",
|
||||
progname );
|
||||
|
||||
switch( tool ) {
|
||||
case SLAPACL:
|
||||
options = "\n\t[-U authcID | -D authcDN] [-X authzID | -o authzDN=<DN>]"
|
||||
"\n\t-b DN -o <var>[=<val>] [-u] [attr[/access][:value]] [...]\n";
|
||||
"\n\t-b DN [-u] [attr[/access][:value]] [...]\n";
|
||||
break;
|
||||
|
||||
case SLAPADD:
|
||||
@ -95,18 +103,16 @@ usage( int tool, const char *progname )
|
||||
}
|
||||
|
||||
static int
|
||||
parse_slapacl( void )
|
||||
parse_slapopt( void )
|
||||
{
|
||||
size_t len;
|
||||
size_t len = 0;
|
||||
char *p;
|
||||
|
||||
p = strchr( optarg, '=' );
|
||||
if ( p == NULL ) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
if ( p != NULL ) {
|
||||
len = p - optarg;
|
||||
p++;
|
||||
}
|
||||
|
||||
if ( strncasecmp( optarg, "sockurl", len ) == 0 ) {
|
||||
if ( !BER_BVISNULL( &listener_url ) ) {
|
||||
@ -159,6 +165,28 @@ parse_slapacl( void )
|
||||
} else if ( strncasecmp( optarg, "authzDN", len ) == 0 ) {
|
||||
ber_str2bv( p, 0, 1, &authzDN );
|
||||
|
||||
#ifdef LDAP_SYSLOG
|
||||
} else if ( strncasecmp( optarg, "syslog", len ) == 0 ) {
|
||||
if ( parse_debug_level( p, &ldap_syslog, &syslog_unknowns ) ) {
|
||||
return -1;
|
||||
}
|
||||
start_syslog = 1;
|
||||
|
||||
} else if ( strncasecmp( optarg, "syslog-level", len ) == 0 ) {
|
||||
if ( parse_syslog_level( p, &ldap_syslog_level ) ) {
|
||||
return -1;
|
||||
}
|
||||
start_syslog = 1;
|
||||
|
||||
#ifdef LOG_LOCAL4
|
||||
} else if ( strncasecmp( optarg, "syslog-user", len ) == 0 ) {
|
||||
if ( parse_syslog_user( p, &syslogUser ) ) {
|
||||
return -1;
|
||||
}
|
||||
start_syslog = 1;
|
||||
#endif /* LOG_LOCAL4 */
|
||||
#endif /* LDAP_SYSLOG */
|
||||
|
||||
} else {
|
||||
return -1;
|
||||
}
|
||||
@ -200,6 +228,7 @@ slap_tool_init(
|
||||
* messages show up; use -d 0 to reset */
|
||||
slap_debug = LDAP_DEBUG_NONE;
|
||||
#endif
|
||||
ldap_syslog = 0;
|
||||
|
||||
#ifdef CSRIMALLOC
|
||||
leakfilename = malloc( strlen( progname ) + STRLENOF( ".leak" ) + 1 );
|
||||
@ -212,31 +241,31 @@ slap_tool_init(
|
||||
|
||||
switch( tool ) {
|
||||
case SLAPADD:
|
||||
options = "b:cd:f:F:gl:n:qstuvw";
|
||||
options = "b:cd:f:F:gl:n:o:qstuvw";
|
||||
break;
|
||||
|
||||
case SLAPCAT:
|
||||
options = "a:b:cd:f:F:gl:n:s:v";
|
||||
options = "a:b:cd:f:F:gl:n:o:s:v";
|
||||
mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
|
||||
break;
|
||||
|
||||
case SLAPDN:
|
||||
options = "d:f:F:NPv";
|
||||
options = "d:f:F:No:Pv";
|
||||
mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
|
||||
break;
|
||||
|
||||
case SLAPTEST:
|
||||
options = "d:f:F:uv";
|
||||
options = "d:f:F:o:uv";
|
||||
mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
|
||||
break;
|
||||
|
||||
case SLAPAUTH:
|
||||
options = "d:f:F:M:R:U:vX:";
|
||||
options = "d:f:F:M:o:R:U:vX:";
|
||||
mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
|
||||
break;
|
||||
|
||||
case SLAPINDEX:
|
||||
options = "b:cd:f:F:gn:qv";
|
||||
options = "b:cd:f:F:gn:o:qv";
|
||||
mode |= SLAP_TOOL_READMAIN;
|
||||
break;
|
||||
|
||||
@ -324,7 +353,7 @@ slap_tool_init(
|
||||
break;
|
||||
|
||||
case 'o':
|
||||
if ( parse_slapacl() ) {
|
||||
if ( parse_slapopt() ) {
|
||||
usage( tool, progname );
|
||||
}
|
||||
break;
|
||||
@ -382,6 +411,27 @@ slap_tool_init(
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef LDAP_SYSLOG
|
||||
if ( start_syslog ) {
|
||||
char *logName;
|
||||
#ifdef HAVE_EBCDIC
|
||||
logName = ch_strdup( progname );
|
||||
__atoe( logName );
|
||||
#else
|
||||
logName = (char *)progname;
|
||||
#endif
|
||||
|
||||
#ifdef LOG_LOCAL4
|
||||
openlog( logName, OPENLOG_OPTIONS, syslogUser );
|
||||
#elif LOG_DEBUG
|
||||
openlog( logName, OPENLOG_OPTIONS );
|
||||
#endif
|
||||
#ifdef HAVE_EBCDIC
|
||||
free( logName );
|
||||
#endif
|
||||
}
|
||||
#endif /* LDAP_SYSLOG */
|
||||
|
||||
switch ( tool ) {
|
||||
case SLAPADD:
|
||||
case SLAPCAT:
|
||||
@ -424,8 +474,6 @@ slap_tool_init(
|
||||
break;
|
||||
}
|
||||
|
||||
ldap_syslog = 0;
|
||||
|
||||
if ( ldiffile == NULL ) {
|
||||
dummy.fp = tool == SLAPCAT ? stdout : stdin;
|
||||
ldiffp = &dummy;
|
||||
@ -463,6 +511,14 @@ slap_tool_init(
|
||||
exit( EXIT_FAILURE );
|
||||
}
|
||||
|
||||
if ( syslog_unknowns ) {
|
||||
rc = parse_debug_unknowns( syslog_unknowns, &ldap_syslog );
|
||||
ldap_charray_free( syslog_unknowns );
|
||||
syslog_unknowns = NULL;
|
||||
if ( rc )
|
||||
exit( EXIT_FAILURE );
|
||||
}
|
||||
|
||||
at_oc_cache = 1;
|
||||
|
||||
switch ( tool ) {
|
||||
|
Loading…
Reference in New Issue
Block a user