openldap: load client config from /etc, not the nix store

We want Openldap clients to load /etc/ldap.conf at runtime, not
${pkgs.openldap}/etc/ldap.conf which is always a sample config.

Pass sysconfdir=/etc at compile time, so that /etc/krb5.conf is embedded
in the library as the path of its config file.

Pass sysconfdir=${out}/etc at install time, so that the sample configs
and schema files are correctly included in the build output.

This hack works because the Makefiles are not smart enough to notice
that the sysconfdir variable has changed across invocations -- because
nobody ever writes their Makefiles to be that smart. :-)

Fixes #181937.
This commit is contained in:
Dan Callaghan 2022-07-19 22:31:11 +10:00
parent d2db10786f
commit be2175dc94
No known key found for this signature in database
GPG key ID: 26B5AA2FDAF2F30A
2 changed files with 13 additions and 2 deletions

View file

@ -13,10 +13,17 @@ let
objectClass: organizationalUnit
ou: users
'';
ldapClientConfig = {
enable = true;
loginPam = false;
nsswitch = false;
server = "ldap://";
base = "dc=example";
};
testScript = ''
machine.wait_for_unit("openldap.service")
machine.succeed(
'ldapsearch -LLL -D "cn=root,dc=example" -w notapassword -b "dc=example"',
'ldapsearch -LLL -D "cn=root,dc=example" -w notapassword',
)
'';
in {
@ -57,6 +64,7 @@ in {
};
declarativeContents."dc=example" = dbContents;
};
users.ldap = ldapClientConfig;
};
}) { inherit pkgs system; };
@ -76,6 +84,7 @@ in {
rootpw = "notapassword";
declarativeContents."dc=example" = dbContents;
};
users.ldap = ldapClientConfig;
};
}) { inherit system pkgs; };
@ -88,6 +97,7 @@ in {
enable = true;
configDir = "/var/db/slapd.d";
};
users.ldap = ldapClientConfig;
};
testScript = let

View file

@ -97,7 +97,7 @@ stdenv.mkDerivation rec {
"CC=${stdenv.cc.targetPrefix}cc"
"STRIP=" # Disable install stripping as it breaks cross-compiling. We strip binaries anyway in fixupPhase.
"prefix=${placeholder "out"}"
"sysconfdir=${placeholder "out"}/etc"
"sysconfdir=/etc"
"systemdsystemunitdir=${placeholder "out"}/lib/systemd/system"
# contrib modules require these
"moduledir=${placeholder "out"}/lib/modules"
@ -134,6 +134,7 @@ stdenv.mkDerivation rec {
installFlags = [
"prefix=${placeholder "out"}"
"sysconfdir=${placeholder "out"}/etc"
"moduledir=${placeholder "out"}/lib/modules"
"INSTALL=install"
];