Add test_ldap with minimal ldap configuration for dev

test_ldap/.gitignore

@@ -0,0 +1 @@
+dir/*

test_ldap/init.ldif

@@ -0,0 +1,17 @@
+dn: dc=example,dc=com
+dc: example
+description: My wonderful FAI
+objectClass: dcObject
+objectClass: organization
+o: FAI, Inc.
+
+dn: ou=people, dc=example,dc=com
+ou: people
+description: All people in organisation
+objectclass: organizationalunit
+
+dn: ou=groups, dc=example,dc=com
+ou: groups
+description: All groups in organisation
+objectclass: organizationalunit
+

test_ldap/ldapPublicKey.ldif

@@ -0,0 +1,11 @@
+dn: cn=openssh-lpk,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: openssh-lpk
+olcAttributeTypes: ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey'
+    DESC 'MANDATORY: OpenSSH Public key'
+    EQUALITY octetStringMatch
+    SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+olcObjectClasses: ( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY
+    DESC 'MANDATORY: OpenSSH LPK objectclass'
+    MAY ( sshPublicKey $ uid )
+    )

test_ldap/slapd.conf

@@ -0,0 +1,85 @@
+#
+###### SAMPLE 1 - SIMPLE DIRECTORY ############
+#
+# NOTES: inetorgperson picks up attributes and objectclasses
+#        from all three schemas
+#
+# NB: RH Linux schemas in /etc/openldap
+#
+include		/etc/openldap/schema/core.schema
+include		/etc/openldap/schema/cosine.schema
+include		/etc/openldap/schema/inetorgperson.schema
+include		/etc/openldap/schema/nis.schema
+
+
+# NO SECURITY - no access clause
+# defaults to anonymous access for read
+# only rootdn can write
+
+# NO REFERRALS
+
+# DON'T bother with ARGS file unless you feel strongly
+# slapd scripts stop scripts need this to work
+pidfile dir/slapd.pid
+
+# enable a lot of logging - we might need it
+# but generates huge logs
+loglevel 	-1 
+
+# MODULELOAD definitions
+# not required (comment out) before version 2.3
+moduleload back_bdb.la
+
+# NO TLS-enabled connections
+
+# backend definition not required
+
+database config
+
+rootdn "cn=admin,cn=config"
+rootpw config
+
+#######################################################################
+# bdb database definitions
+# 
+# replace example and com below with a suitable domain
+# 
+# If you don't have a domain you can leave it since example.com
+# is reserved for experimentation or change them to my and inc
+#
+#######################################################################
+
+database bdb
+suffix "dc=example, dc=com"
+
+# root or superuser
+rootdn "cn=jimbob, dc=example, dc=com"
+rootpw dirtysecret
+
+# The database directory MUST exist prior to running slapd AND 
+# change path as necessary
+directory	dir/
+
+# Indices to maintain for this directory
+# unique id so equality match only
+index	uid	eq
+# allows general searching on commonname, givenname and email
+index	cn,gn,mail eq,sub
+# allows multiple variants on surname searching
+index sn eq,sub
+# sub above includes subintial,subany,subfinal
+# optimise department searches
+index ou eq
+# if searches will include objectClass uncomment following
+# index objectClass eq
+# shows use of default index parameter
+index default eq,sub
+# indices missing - uses default eq,sub
+index telephonenumber
+
+# other database parameters
+# read more in slapd.conf reference section
+cachesize 10000
+checkpoint 128 15
+
+sasl-secprops none

test_ldap/start_ldap.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+mkdir -p dir/
+rm -rf dir/*                    # clean temp file + ldap database
+
+# Start slapd daemon
+/usr/local/libexec/slapd -d -1 -h "ldap://localhost:10389" -f slapd.conf
+
+# Populate base
+ldapadd -H ldap://localhost:10389 -D "cn=jimbob,dc=example,dc=com" -w dirtysecret -f init.ldif
+ldapadd -H "ldap://localhost:10389/" -D "cn=admin,cn=config" -w config -f ldapPublicKey.ldif