Posted by Après qu’un collègue et ami m’ait vanté les mérites de fusion directory, j’ai eu envie d’y jeter un oeil à nouveau. La dernière fois que j’avais joué avec, le projet portait encore le nom de Gosa2. Il s’avère que FD n’est pas packagé pour Ubuntu 14.04 (bien que je soupçonne les paquets Debian d’être compatibles), du coup je suis parti des sources. La doc étant un peu imprécise, j’ai souhaité en faire une version succincte mais actualisée.
Tout d’abord, on installe les dépendances de FD, à savoir du Perl et un environnement d’exécution Apache/PHP :
apt-get -y install libpath-class-perl libnet-ldap-perl libcrypt-passwdmd5-perl libcrypt-cbc-perl libfile-copy-recursive-perl libarchive-extract-perl libxml-twig-perl libterm-readkey-perl apt-get -y install libapache2-mod-php5 php5-curl php5-imap php5-imagick php5-ldap php5-gd php5enmod imap apt-get install libjs-scriptaculous libjs-prototype apt-get install smarty3 smarty3-i18n php-mdb2
On récupère les packages FD :
wget http://repos.fusiondirectory.org/sources/1.0/schema2ldif/schema2ldif-1.1.tar.gz tar -zxvf schema2ldif-1.1.tar.gz cp schema2ldif-1.1/bin/schema2ldif /usr/local/bin/ wget http://repos.fusiondirectory.org/sources/1.0/fusiondirectory/fusiondirectory-plugins-1.0.9.1.tar.gz wget http://repos.fusiondirectory.org/sources/1.0/fusiondirectory/fusiondirectory-1.0.9.1.tar.gz
Que l’on extrait dans le répertoire par défaut de FD, /var/www/fusiondirectory :
tar -zxvf fusiondirectory-1.0.9.1.tar.gz mv fusiondirectory-1.0.9.1 /var/www/fusiondirectory mv /var/www/fusiondirectory/contrib/bin/* /usr/local/bin/ chmod 774 /usr/local/bin/* cp /var/www/fusiondirectory/contrib/fusiondirectory.conf /var/cache/fusiondirectory/template/
On dispatche les plugins du moteur de template PHP Smarty :
mv /var/www/fusiondirectory/contrib/smarty/plugins/block.render.php /usr/share/php/smarty3/plugins/block.render.php mv /var/www/fusiondirectory/contrib/smarty/plugins/function.msgPool.php /usr/share/php/smarty3/plugins/function.msgPool.php mv /var/www/fusiondirectory/contrib/smarty/plugins/function.filePath.php /usr/share/php/smarty3/plugins/function.filePath.php mv /var/www/fusiondirectory/contrib/smarty/plugins/function.iconPath.php /usr/share/php/smarty3/plugins/function.iconPath.php
Eventuellement, on installe les pages de man :
cd /var/www/fusiondirectory gzip contrib/man/fusiondirectory.conf.5 gzip contrib/man/fusiondirectory-encrypt-passwords.1 gzip contrib/man/fusiondirectory-setup.1 gzip contrib/man/fusiondirectory-insert-schema.1 mv contrib/man/fusiondirectory-encrypt-passwords.1.gz /usr/local/man/man1 mv contrib/man/fusiondirectory-setup.1.gz /usr/local/man/man1 mv contrib/man/fusiondirectory-insert-schema.1.gz /usr/local/man/man1/ mv contrib/man/fusiondirectory.conf.5.gz /usr/local/man/man5
Pour faire bonne figure, on installe un serveur LDAP. Le base DN est construit tout seul depuis le suffixe DNS de la machine. Seule question posée, le mot de passe de l’admin LDAP.
apt-get -y install slapd ldap-utils
Puis on intègre les schémas FD, la commande fusiondirectory-insert-schema servant à les intégrer au format LDIF dans OpenLDAP.
mkdir /etc/ldap/schema/fusiondirectory cp /var/www/fusiondirectory/contrib/openldap/*.schema /etc/ldap/schema/fusiondirectory fusiondirectory-insert-schema /etc/ldap/schema/fusiondirectory/ SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory//core-fd.ldif' SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 adding new entry "cn=core-fd,cn=schema,cn=config" SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory//core-fd-conf.ldif' SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 adding new entry "cn=core-fd-conf,cn=schema,cn=config" SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory//ldapns.ldif' SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 adding new entry "cn=ldapns,cn=schema,cn=config" SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory//template-fd.ldif' SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 adding new entry "cn=template-fd,cn=schema,cn=config" root@fusiondirectory:~# fusiondirectory-insert-schema -l core cosine nis inetorgperson core-fd core-fd-conf ldapns template-fd
On finalise l’installation :
fusiondirectory-setup --check-directories --update-cache --update-locales Checking FusionDirectory's directories /var/www/fusiondirectory exists… /var/www/fusiondirectory is not set properly, do you want to fix it ?: [Yes/No]? Yes Directory /etc/fusiondirectory doesn't exists, do you want to create it ?: [Yes/No]? Yes Directory /var/spool/fusiondirectory doesn't exists, do you want to create it ?: [Yes/No]? Yes Directory /var/cache/fusiondirectory doesn't exists, do you want to create it ?: [Yes/No]? Yes Directory /var/cache/fusiondirectory/tmp doesn't exists, do you want to create it ?: [Yes/No]? Yes Directory /var/cache/fusiondirectory/fai doesn't exists, do you want to create it ?: [Yes/No]? Yes Directory /var/cache/fusiondirectory/template doesn't exists, do you want to create it ?: [Yes/No]? Yes Updating class.cache Updating translations
Puis la configuration Apache.
echo "Alias /fusiondirectory /var/www/fusiondirectory/html" > /etc/apache2/conf-available/fusiondirectory.conf sed -i 's/#ServerName www.example.com/ServerName fusiondirectory.morot.test/g' sites-available/000-default.conf 2enconf fusiondirectory.conf Enabling conf fusiondirectory. To activate the new configuration, you need to run: service apache2 reload root@fusiondirectory:/etc/apache2/conf-available# service apache2 reload * Reloading web server apache2 *
Finalement, il ne reste plus qu’à suivre les étapes fournies en se connectant via un navigateur via http://
Je vous recommande une petite correction des droits et de votre LDAP ensuite :
fusiondirectory-setup --check-config Checking FusionDirectory's config file /etc/fusiondirectory/fusiondirectory.conf exists… /etc/fusiondirectory/fusiondirectory.conf is not set properly, do you want to fix it ?: [Yes/No]? Y fusiondirectory-setup --check-ldap Checking your LDAP tree Role cn=admin,ou=aclroles,dc=morot,dc=test is an admin ACL role uid=fd-admin,ou=people,dc=morot,dc=test is a valid admin ! ou=groups,dc=nodomain not found in your LDAP directory Do you want to create it ?: [Yes/No]? Yes fusiondirectory-setup --check-directories Checking FusionDirectory's directories /var/www/fusiondirectory exists… Rights on /var/www/fusiondirectory are correct /etc/fusiondirectory exists… Rights on /etc/fusiondirectory are correct /var/spool/fusiondirectory exists… Rights on /var/spool/fusiondirectory are correct /var/cache/fusiondirectory exists… Rights on /var/cache/fusiondirectory are correct /var/cache/fusiondirectory/tmp exists… Rights on /var/cache/fusiondirectory/tmp are correct /var/cache/fusiondirectory/fai exists… Rights on /var/cache/fusiondirectory/fai are correct /var/cache/fusiondirectory/template exists… Rights on /var/cache/fusiondirectory/template are correct
FusionDirectory sans ses plugins ne vaut pas beaucoup mieux qu’un apache directory studio. Je vous propose donc d’installer très salement tout les plugins. Note, la commande attend l’archive TGZ et non l’archive extraite. Il faut également penser à adjoindre les schémas de chacun de ces plugins.
fusiondirectory-setup --install-plugins Installing FusionDirectory's plugins Where is your plugins archive ?: /root/fusiondirectory-plugins-1.0.9.1.tar.gz Installing plugins into /var/www/fusiondirectory, please wait.. tar -zxvf fusiondirectory-1.0.9.1.tar.gz cd fusiondirectory-plugins-1.0.9.1/ for i in ` find . -name *.schema ` ; do cp $i /etc/ldap/schema/fusiondirectory/; done for schema in ` ls /etc/ldap/schema/fusiondirectory/*.schema ` ; do fusiondirectory-insert-schema -i $schema; done fusiondirectory-setup --update-cache
Have Fun!
Bonsoir,
Effectivement tes soupçons sont bien fondés. Les paquets Debian sont bien supportés.
Pour Ubuntu 14.04, il faut ajouter les repositories suivants :
deb http://repos.fusiondirectory.org/debian-wheezy wheezy main
deb http://repos.fusiondirectory.org/debian-extra wheezy main
Enjoy