Raskas’ blog

For every svn project you have a <Location> section in your apache configuration. Whenever you add a svn project you have to manually add a section in that configuration file.
The configuration file gets very long and whenever you have to change something you have to change it for every project.

You can write a script that generates the big file, but when you add a repositorie you have to run the script and restart apache.

This can be solved by adding a “perl script” inside the apache configuration. First you have to install the mod_perl which allows you to use the module “mod_perl.c”.
Now you can write some perl scripts inside your apache configuration, these scripts will be executed whenever the configuration file is parsed (with a restart/reload).

This is how the mod_perl section in my configuration looks like:

<IfModule mod_perl.c>
<Perl>
#!/usr/bin/perl

sub loop_dir {

  my $base = shift;
  my $sub  = shift;
  if($sub) { $sub .= "/";}

  opendir(DIR, "$base$sub")
    or die "Unable to open SVN repository base '$base$sub'\n";

  foreach $project (readdir(DIR)) {
    next unless $project =~ /^[[:alnum:]_\-]+$/;
    next unless -d "$base$sub$project";

    if( -e "$base$sub$project/format"){

      print "\nHandling project: $sub$project";

      $Location{"/$sub$project"} = {
        DAV => 'svn',
        SVNPath => "$base$sub$project",

        AuthType => 'Basic',
        AuthName => "'Cronos CVSVN server'",

        AuthLDAPAuthoritative => 'on',
        AuthLDAPURL => ' ldap://localhost/ou=users,dc=cronos,dc=be?uid',
        AuthLDAPGroupAttribute => 'memberUid',
        AuthLDAPGroupAttributeIsDN => 'off',

        Require => "group cn=$project,ou=groups,dc=cronos,dc=be",
      }
    } else {
      &loop_dir("$base", "$sub$project");
    }
  }
  closedir(DIR);
}

&loop_dir ('/var/lib/svn/');

</Perl>
</IfModule>

This part of the configuration file will create a <Location> section for every svn-project inside /var/lib/svn it will also looks inside the subdirectories (if the directory is not a project).

I really don’t like the configuration of perdition…

The configuration file (/etc/perdition/perdition.conf) is a collection of arguments the daemon will use when it is started. Seems pretty easy unless you start 4 daemons with that configuration file and every daemon has an other protocol to process (imap, imaps, pop3, pop3s).

This is what I want to accomplish:
From the outside you can connect through imap, imaps, pop3 or pop3s and perdition will make connection to the real server through imap or pop3. This way you only have to configure 1 certificate, and the traffic on the internel network is secure so it doesn’t have to be encrypted.

How I accomplished it:
I created my configuration file but very general, the specific stuff is placed in /etc/sysconfig/perdition. With specific stuff I mean the ssl_mode and the outgoing_port and maybe some others will folow. This makes it able to say that imap doesn’t need ssl (–ssl_mod none) and that the outgoing connection may not be secure (–outgoing_port 143).

This is not really documented, I found it in the mailinglist. So if you’re stuck with something, check the mailinglist maybe your answer is already there.

note to the developers: Isn’t it possible to split the configuration. 1 section for the general stuff and 4 sections for the daemon specific stuff. Or just 4 seperate configurationfiles, 1 file for each daemon… eg. perdition.imap.conf, …
It would make it much easier to configure.

Yesterday I worked with perdition. My mission was to let it get its information from an existing ldap tree.

There is not much documentation about the ldap configuration of perdition. ok it’s not much to configure, but if it doesn’t work it’s hard to find the problem.
There is this pdf document and this man page (scroll down till the LDAP part).

I included the perdition schema in my openldap configuration but I wasn’t able to add the perdition objectClass to my already configured objectClasses. It seems that the perditionPopmap objectClass is STRUCTURAL just like inetOrgPerson objectClass, and it is not possible to have 2 STRUCTURAL objectClasses. The solution is to change the perdition.schema and put AUXILIARY in stead of STRUCTURAL.

I got it all configured but I didn’t see any connection with my ldap. I put on the debugging and saw this message appearing in my log file.

dbserver_get: ldap_initialize: No such file or directory

If found in this mailinglist post that it is a bug, and it will be fixed in the next release, but it isn’t!
So let’s fix it ourself.

I downloaded the .src.rpm and installed it. Unpacked the perdition archive in the SOURCES directory, edited perdition/db/ldap/perditiondb_ldap.c and repacked the archive. Finally I’ve build the rpms from the .spec file.
This is the important part in the changed file, only the #IF line has changed.

        /* Open LDAP connection */
#if 0
// #if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
        if (ldap_initialize(&connection, pldap_filter) != LDAP_SUCCESS) {
                VANESSA_LOGGER_DEBUG_ERRNO("ldap_initialize");
                goto leave;
        }
#else
        connection = ldap_init(lud->lud_host, lud->lud_port);
        if (!connection) {
                VANESSA_LOGGER_DEBUG_ERRNO("ldap_init");
                goto leave;
        }
#endif

When the new rpm’s are installed it just worked!

This is how my ldap-specific configuration looks like in the perdition.conf

M /usr/lib/libperditiondb_ldap.so
m "ldap://localhost/dc=x-tend,dc=be?uid,mailhost?sub?(uid=%s)?!BINDNAME=cn=Manager%2cdc=x-tend%2cdc=be,X-BINDPW=xxXXxx"