Installed prerequisite software
I have installed a fresh copy of Solaris 10 (http://www.sun.com/software/solaris) OS (SPARC) on a Sun Ultra Enterprise 450 server on Jan 2008. Before building and installing OpenLDAP, I have downloaded and installed the below prerequisite software from http://sunfreeware.com/:
- gcc-3.3.2 (GNU C compiler and related programs)
- sasl-2.1.21 (Simple Authentication and Security Layer)
Sasl plugins are installed at /usr/local/lib/sasl2, but the library will look for them in /usr/lib/sasl2. We need to make sure that the plugins will eventually be in /usr/lib/sasl2 by creating a symbolic link as shown below after installing the sasl package:
# ln –s /usr/local/lib/sasl2 /usr/lib/sasl2 - db-4.2.52.NC (Berkeley Database software)
- tcp_wrappers-7.6 (tcp_wrappers package)
Kindly edit the /etc/hosts.allow and /etc/hosts.deny files to monitor and filter incoming requests for the SYSTAT, FINGER, FTP, TELNET, RLOGIN, RSH, EXEC, TFTP, TALK, and other network services. Below are some examples:
/etc/hosts.allow
sshd:<hostname>,<IP_address>,<xxx.xxx.>, <xxx.xxx.xxx.>
where xxx refers to the IP address numbers
/etc/hosts.deny
ALL: ALL@ALL, PARANOID
I use the original SUNWopensslr v11.10.0 (/usr/sfw/bin/openssl) that comes with Solaris 10 OS to provide the Transport Layer Security services. I did not install the Kerberos Authentication Service as we did not use it.
Building and installing OpenLDAP
1. Get the OpenLDAP software and unpack it
Please download the software from http://www.openldap.org/software/download/. It is recommended that new users start with the latest release:
# gunzip -c openldap-VERSION.tgz tar xvf -
# cd openldap-VERSION
2. Running configure
In Solaris 10, please modify your PATH to use the /usr/local/bin/gcc first instead of the /usr/sfw/bin/gcc. I set my environment (env) settings as shown below before running configure:
# env CFLAGS=”-D_AVL_H” CPPFLAGS=”-I/usr/local/include
–I/usr/local/BerkeleyDB.4.2/include
–I/usr/local/include/sasl –I/usr/sfw/include” LDFLAGS=”-L/usr/local/lib
–L/usr/local/BerkeleyDB.4.2/lib –L/usr/local/lib/sasl2 –L/usr/sfw/lib” CC=”/usr/local/bin/gcc”
The CFLAGS=”-D_AVL_H” is used to solve the
make error:make: Fatal error: Command failed for target ‘all-common’
The setting of env on “–I/usr/local/BerkeleyDB.4.2/include” in CPPFLAGS and “–L/usr/local/BerkeleyDB.4.2/lib” in LDFLAGS are used to solve the error:
configure: error: BDB/HDB: BerkeleyDB not available
The setting of env on “–I/usr/sfw/include” in CPPFLAGS and “–L/usr/sfw/lib” in LDFLAGS are used to solve the SUNWopensslr error:
tls.c: syntax error
The setting of env on CC=”/usr/local/bin/gcc” is used to solve the error:
configure: error: C compiler cannot create executables
Then, I ran the below configure options:
# ./configure –with-wrappers –with-tls –with-cyrus-sasl –prefix=/opt/openldap
This will configure openLDAP with TCP Wrappers, Transport Layer Security, Simple Authentication and Security Layer and BDB backend (default) support. I use the –prefix option because I want the openLDAP software to be installed at the /opt directory instead of the default /usr/local directory.
3. Building the software
After running the configure script, the last line of output should be
Please "make depend" to build dependencies
If the last line of output does not match, configure has failed. You will need to review its output to determine what went wrong. You should not proceed until configure completes successfully.
To build dependencies, please run:
# make depend
Now compile OpenLDAP:
# make
This command builds the LDAP libraries and associated clients as well as slapd(8).
4. Testing the software
After openLDAP is properly configured and compiled, before testing the software in Solaris 10, please ensure that you have added the /usr/sfw/bin in the PATH and /usr/sfw/lib in the LD_LIBRARY_PATH to solve the libssl.so.0.9.7 not found error.
You can run the test suite to verify the build:
# make test
5. Installing the software
After you have successfully tested the software, before installing the software in Solaris 10, please ensure that you have added the /usr/ccs/bin in the PATH for root.
Login as root to install the software:
# cd openldap-VERSION
# make install
By default OpenLDAP Software is installed in the /usr/local directory. If you changed this setting with the --prefix configure option, it will be installed in the location you provided. You will find the configuration files for slapd(8) in /usr/local/etc/openldap by default.
References:
No comments:
Post a Comment