Attachment 42214 Details for Bug 67932 – README.gentoo.easy-setup.asc

README.gentoo.easy-setup.asc

README.gentoo.easy-setup.asc (text/plain), 3.28 KB, created by Steve-o on 2004-10-19 12:39:32 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Steve-o

Created: 2004-10-19 12:39:32 UTC

Size: 3.28 KB

patch

obsolete

>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Gentoo quick setup instructions
>- -------------------------------
>
>The following command is used to configure ldapdns, note that there
>are no entries in /etc/conf.d or /etc/init.d
>
>ldapdns-conf acct logacct /dir myip ldaphost dn [suffix]
>
>for example
>
>$ ldapdns-conf \
>	ldapdns \
>	dnslog \
>	/var/lib/ldapdns \
>	127.0.0.1 \
>	ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock \
>	cn=Manager,dc=example,dc=com \
>	ou=Machines,dc=example,dc=com
>
>acct - the account which ldapdns will run as
>logacct - the account which log files will be written as
>/dir - the chrooted home directory for ldapdns
>myip - the ip address to listen for dns requests
>ldaphost - the address of the ldap server
>dn - the ldap bind dn, i.e. ldap login credentials
>suffix - an optional default ldap path to add on all queries
>
>Set the ldap login password with:
>
>$ echo secret > /var/lib/ldapdns/root/password
>$ chmod 0400 /var/lib/ldapdns/root/password
>
>You will also want to set the following
>
>$ echo simple > /var/lib/ldapdns/env/LDAP_AUTH
>
>and
>
>$ echo cosine > /var/lib/ldapdns/env/SCHEMA
>
>optionally set email address
>
>$ echo hostmaster@example.com > /var/lib/ldapdns/env/HOSTMASTER
>
>then add the service to svgscan
>
>$ ln -s /var/lib/ldapdns /service
>
>
>and if not already running startup the service supervisor
>
>$ /etc/init.d/svscan start
>
>
>install to run at boot time
>
>$ rc-update add svscan default
>
>
>OpenLDAP configuration
>- ----------------------
>
>Configure LDAP with DNS schema, edit /etc/openldap/sldap.conf:
>
>include         /etc/openldap/schema/cosine.schema
>include         /etc/openldap/schema/inetorgperson.schema
>include         /etc/openldap/schema/nis.schema
>
>
>Bootstrap LDAP with base dn:
>
>ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f bootstrap.ldif
>
>With bootstrap.ldif looking similar to the following:
>
>dn: dc=example,dc=com
>objectclass: dcObject
>objectclass: organization
>o: Example company
>dc: example
>
>dn: cn=Manager,dc=example,dc=com
>objectclass: organizationalRole
>cn: Manager
>
>
>Add DNS entries to build up a tree like this:
>
>dc=example,dc=com
>	ou=Machines
>		dc=com
>			dc=example
>
>set dc=example,dc=com,ou=Machines,dc=example,dc=com to have the following
>attributes:
>
>associatedDomain = example.com
>nSRecord = ns1.example.com
>sOARecord = ns1.example.com hostmaster@example.com 2004101701 1800 3600 604800 84600
>
>The first number is the serial number as is of the form YYYYMMDDNN where NN is a counter
>used for multiple updates per day.
>
>That gives a base tree for the domain example.com, now add an entry for
>the first machine, the name server itself ns1.example.com:
>
>dn=ns1,dc=example,dc=com,ou=Machines,dc=example,dc=com
>
>add the following extra attributes:
>
>aRecord = <ip address of server>
>associatedDomain = ns1.example.com
>
>
>To test you can use nslookup (emerge bind-utils)
>
>$ nslookup ns1.example.com
> Note:  nslookup is deprecated and may be removed from future releases.
> Consider using the `dig' or `host' programs instead.  Run nslookup with
> the `-sil[ent]' option to prevent this message from appearing.
> Server:         127.0.0.1
> Address:        127.0.0.1#53
>
> Name:   ns1.example.com
> Address: <ip address>
>
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.4 (GNU/Linux)
>
>iD8DBQFBdWym6nZmbba5YgMRAveBAJwPoxrn0JMnpz/2gQ7NnK3xHdGQCwCeOdbe
>5ddlVcnw/7xuYEkTidw3gdY=
>=mcqR
>-----END PGP SIGNATURE-----

Actions: View

Attachments on bug 67932: 42056 | 42057 | 42058 | 42214 | 68054