openldap: load client config from /etc, not the nix store

We want Openldap clients to load /etc/ldap.conf at runtime, not
${pkgs.openldap}/etc/ldap.conf which is always a sample config.

Pass sysconfdir=/etc at compile time, so that /etc/krb5.conf is embedded
in the library as the path of its config file.

Pass sysconfdir=${out}/etc at install time, so that the sample configs
and schema files are correctly included in the build output.

This hack works because the Makefiles are not smart enough to notice
that the sysconfdir variable has changed across invocations -- because
nobody ever writes their Makefiles to be that smart. :-)

Fixes #181937.

1 files changed, 11 insertions, 1 deletions

diff --git a/nixos/tests/openldap.nix b/nixos/tests/openldap.nix
index 3c388119d5d24..96459d21a5efd 100644
--- a/nixos/tests/openldap.nix
+++ b/nixos/tests/openldap.nix
@@ -13,10 +13,17 @@ let
     objectClass: organizationalUnit
     ou: users
   '';
+  ldapClientConfig = {
+    enable = true;
+    loginPam = false;
+    nsswitch = false;
+    server = "ldap://";
+    base = "dc=example";
+  };
   testScript = ''
     machine.wait_for_unit("openldap.service")
     machine.succeed(
-        'ldapsearch -LLL -D "cn=root,dc=example" -w notapassword -b "dc=example"',
+        'ldapsearch -LLL -D "cn=root,dc=example" -w notapassword',
     )
   '';
 in {
@@ -57,6 +64,7 @@ in {
         };
         declarativeContents."dc=example" = dbContents;
       };
+      users.ldap = ldapClientConfig;
     };
   }) { inherit pkgs system; };
 
@@ -76,6 +84,7 @@ in {
         rootpw = "notapassword";
         declarativeContents."dc=example" = dbContents;
       };
+      users.ldap = ldapClientConfig;
     };
   }) { inherit system pkgs; };
 
@@ -88,6 +97,7 @@ in {
         enable = true;
         configDir = "/var/db/slapd.d";
       };
+      users.ldap = ldapClientConfig;
     };
 
     testScript = let