Initial commit

11 files changed, 973 insertions, 0 deletions

diff --git a/overlay/app-admin/diradm/ChangeLog b/overlay/app-admin/diradm/ChangeLog
new file mode 100644
index 0000000..314977d
--- /dev/null
+++ b/overlay/app-admin/diradm/ChangeLog
@@ -0,0 +1,136 @@
+# ChangeLog for app-admin/diradm
+# Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/diradm/ChangeLog,v 1.32 2008/02/20 23:03:36 robbat2 Exp $
+
+  30 Jun 2008; Eric Thibodeau <kyron@neuralbs.com> diradm-2.9.3-r1.ebuild:
+  Add diradm-2.9.3-emptyUID.patch to fix empty UID bug.
+
+  20 Feb 2008; Robin H. Johnson <robbat2@gentoo.org> diradm-2.9.3.ebuild:
+  Stable on amd64 per misplaced bug #181562.
+
+  14 Jun 2007; Tobias Scherbaum <dertobi123@gentoo.org> diradm-2.9.3.ebuild:
+  ppc stable, bug #181562
+
+  12 Jun 2007; Markus Ullmann <jokey@gentoo.org> diradm-2.9.3.ebuild:
+  Stable on x86 wrt bug #181562
+
+  11 Jun 2007; Markus Rothe <corsair@gentoo.org> diradm-2.9.3.ebuild:
+  Stable on ppc64; bug #181562
+
+  07 Jun 2007; Christian Faulhammer <opfer@gentoo.org> ChangeLog:
+  modified ChangeLog to meet common standards
+
+  26 Apr 2007; Robin H. Johnson <robbat2@gentoo.org> diradm-2.1.ebuild,
+  diradm-2.2.ebuild, diradm-2.3.ebuild, diradm-2.4.ebuild,
+  diradm-2.5.ebuild, diradm-2.8.2.ebuild, diradm-2.9.ebuild,
+  diradm-2.9.1.ebuild, diradm-2.9.3.ebuild:
+  Clean up all usage of HOMEPAGE in SRC_URI, as well as not installing COPYING.
+
+  10 Apr 2007; Robin H. Johnson <robbat2@gentoo.org> diradm-2.9.ebuild:
+  Refix #172174.
+
+*diradm-2.9.3 (30 Mar 2007)
+
+  30 Mar 2007; Robin H. Johnson <robbat2@gentoo.org> diradm-2.9.1.ebuild,
+  +diradm-2.9.3.ebuild:
+  Bump for new upstream version, and also fix bug #172174 for IUSE.
+
+*diradm-2.9.1 (22 Mar 2007)
+
+  22 Mar 2007; Robin H. Johnson <robbat2@gentoo.org> diradm-2.9.ebuild,
+  +diradm-2.9.1.ebuild:
+  Add 2.9.1 release with a last minute upstream fix.
+
+*diradm-2.9 (22 Mar 2007)
+
+  22 Mar 2007; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.9.ebuild:
+  Add 2.9 version to the tree, read the release notes and changelog!.
+
+*diradm-2.8.2 (22 Mar 2007)
+	
+  22 Mar 2007; Robin H. Johnson <robbat2@gentoo.org> diradm-2.5.ebuild,
+  +diradm-2.8.2.ebuild:
+  Add ~amd64 and bump diradm to 2.8.2, after a long series of private-use
+  releases. 2.8 and later releases bring in an automated test suite. Also read
+  KNOWN-BUGS for places where LDAP is just plain incompatible with POSIX, and
+  workarounds for this.
+
+  24 Jan 2007; Marius Mauch <genone@gentoo.org> diradm-1.1.ebuild,
+  diradm-1.1-r1.ebuild, diradm-1.2.ebuild, diradm-2.1.ebuild,
+  diradm-2.2.ebuild, diradm-2.3.ebuild, diradm-2.4.ebuild,
+  diradm-2.5.ebuild:
+  Replacing einfo with elog
+
+  04 Jan 2007; Steve Dibb <beandog@gentoo.org> diradm-1.1.ebuild,
+  diradm-1.1-r1.ebuild, diradm-1.2.ebuild, diradm-2.1.ebuild,
+  diradm-2.2.ebuild, diradm-2.3.ebuild, diradm-2.4.ebuild,
+  diradm-2.5.ebuild:
+  ebuild cleanup, bug 157661
+
+  11 Feb 2006; Michael Cummings <mcummings@gentoo.org> diradm-2.1.ebuild,
+  diradm-2.2.ebuild, diradm-2.3.ebuild, diradm-2.4.ebuild,
+  diradm-2.5.ebuild:
+  Setting virtual for MIME-Base64
+
+*diradm-2.5 (30 Aug 2005)
+
+  30 Aug 2005; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.5.ebuild:
+  New upstream version.
+
+  13 Aug 2005; Michael Hanselmann <hansmi@gentoo.org> diradm-2.4.ebuild:
+  Stable on ppc.
+
+  12 Aug 2005; Robin H. Johnson <robbat2@gentoo.org> diradm-1.2.ebuild,
+  diradm-2.4.ebuild:
+  Stabilize 1.2 and 2.4 on x86.
+
+*diradm-2.4 (04 Jul 2005)
+
+  04 Jul 2005; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.4.ebuild:
+  Version bump.
+
+  25 May 2005; Michael Cummings <mcummings@gentoo.org> diradm-2.3.ebuild:
+  dev-perl/MIME-Base64 => perl-core/MIME-Base64 migration
+
+  25 May 2005; Michael Cummings <mcummings@gentoo.org> diradm-2.2.ebuild:
+  dev-perl/MIME-Base64 => perl-core/MIME-Base64 migration
+
+  25 May 2005; Michael Cummings <mcummings@gentoo.org> diradm-2.1.ebuild:
+  dev-perl/MIME-Base64 => perl-core/MIME-Base64 migration
+
+*diradm-2.3 (09 Jan 2005)
+
+  09 Jan 2005; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.3.ebuild:
+  new version.
+
+*diradm-2.2 (09 Jan 2005)
+
+  09 Jan 2005; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.2.ebuild:
+  New version.
+
+*diradm-2.1 (23 Dec 2004)
+
+  23 Dec 2004; Robin H. Johnson <robbat2@gentoo.org> +diradm-2.1.ebuild:
+  New major revision, from a forked tree (by myself).
+
+  05 Oct 2004; Pieter Van den Abeele <pvdabeel@gentoo.org> diradm-1.2.ebuild:
+  Masked diradm-1.2.ebuild stable for ppc
+
+  21 Jul 2004; David Holm <dholm@gentoo.org> diradm-1.2.ebuild:
+  Added to ~ppc.
+
+*diradm-1.2 (19 Jul 2004)
+*diradm-1.1-r1 (19 Jul 2004)
+
+  19 Jul 2004; Robin H. Johnson <robbat2@gentoo.org> diradm-1.1-r1.ebuild,
+  diradm-1.2.ebuild, metadata.xml:
+  ebuild cleanup, version bump.
+
+  12 Mar 2004; Michael Sterrett <mr_bones_@gentoo.org> diradm-1.1.ebuild:
+  Don't assign default to S; header fix
+
+*diradm-1.1 (05 Jul 2003)
+
+  05 Jul 2003; Robin H. Johnson <robbat2@gentoo.org> diradm-1.1.ebuild:
+  Initial commit
+
diff --git a/overlay/app-admin/diradm/Manifest b/overlay/app-admin/diradm/Manifest
new file mode 100644
index 0000000..024d868
--- /dev/null
+++ b/overlay/app-admin/diradm/Manifest
@@ -0,0 +1,4 @@
+AUX diradm-2.9.3-emptyUID.patch 402 RMD160 67d06408d2dea38a8fe27cab30ce1338ebf8c66f SHA1 45103f49c5bbbed4703bd3548181c10c6b138a12 SHA256 3f08354844e55a0fe0d7d05806244be4efd9158afd709c0038af8ac8ed0395aa
+DIST diradm-2.9.3.tar.bz2 105362 RMD160 b4c24bbcecfd8f092f510663eb512b600f1c4ce2 SHA1 8451ff3023bd18c7b29200bc495db8a22f1f8935 SHA256 4bd8261c11916caab989b596c78f648510225de4d52af3c9a425ef92bf6a096d
+EBUILD diradm-2.9.3-r1.ebuild 2133 RMD160 545f71372e8c529e44d635822045202dbebcdf7d SHA1 e0b4ab6e49f639dfc00eb4a31a87fda13b55567a SHA256 51fbd7ab8eb2d116903c0ad65a85dbf6ced1edf20817237e7383ef4bedc860b4
+MISC ChangeLog 4760 RMD160 378e53d71a636caad2aced83a0b883bef8a9be2f SHA1 749ef3669fa410e7d8a918eb3aaee4a5a680e544 SHA256 8ec5a9d29de2fa9b08f4564b25844d5553944c03f5591abf1e8f0a741dbc148e
diff --git a/overlay/app-admin/diradm/diradm-2.9.3-r1.ebuild b/overlay/app-admin/diradm/diradm-2.9.3-r1.ebuild
new file mode 100644
index 0000000..954e0c9
--- /dev/null
+++ b/overlay/app-admin/diradm/diradm-2.9.3-r1.ebuild
@@ -0,0 +1,74 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/diradm/diradm-2.9.3.ebuild,v 1.6 2008/02/20 23:03:36 robbat2 Exp $
+
+inherit eutils
+
+DESCRIPTION="diradm is a nearly complete nss/shadow suite for managing POSIX users/groups/data in LDAP."
+#HOMEPAGE="http://research.iat.sfu.ca/custom-software/diradm/"
+#SRC_URI="${HOMEPAGE}/${P}.tar.bz2"
+HOMEPAGE="http://orbis-terrarum.net/~robbat2/"
+SRC_URI="http://orbis-terrarum.net/~robbat2/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ppc ppc64 x86"
+IUSE="samba irixpasswd automount test"
+DEPEND="net-nds/openldap
+	sys-apps/gawk
+	sys-apps/coreutils
+	sys-apps/grep
+	dev-lang/perl
+	app-shells/bash
+	sys-apps/sed
+	virtual/perl-MIME-Base64
+	samba? (
+		dev-perl/Crypt-SmbHash
+		>=net-fs/samba-3.0.6
+	)
+	test? ( dev-perl/Crypt-SmbHash >=net-fs/samba-3.0.6 dev-util/dejagnu )"
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}/src"
+	epatch "${FILESDIR}"/diradm-2.9.3-emptyUID.patch
+}
+pkg_setup() {
+	if use test; then
+		if built_with_use net-nds/openldap minimal ; then
+			die "You MUST have a non-minimal build of OpenLDAP to use the testcases!"
+		fi
+		elog "Warning, for test usage, diradm is built with all optional features!"
+	fi
+}
+
+src_compile() {
+	local myconf
+	if use test; then
+		myconf="--enable-samba --enable-automount --enable-irixpasswd"
+	else
+		myconf="`use_enable samba` `use_enable automount` `use_enable irixpasswd`"
+	fi
+	econf ${myconf} || die "econf failed"
+	emake || die "emake failed"
+}
+
+src_install() {
+	emake install DESTDIR="${D}" || die "emake install failed"
+	dodoc CHANGES* README AUTHORS ChangeLog NEWS README.prefork THANKS TODO KNOWN-BUGS
+	if use irixpasswd; then
+		insinto /etc/openldap/schema
+		doins irixpassword.schema
+	fi
+}
+
+pkg_postinst() {
+	elog "The new diradm pulls many settings from your LDAP configuration."
+	elog "But don't forget to customize /etc/diradm.conf for other settings."
+	elog "Please see the README to instructions if you problems."
+}
+
+src_test() {
+	use test || die "You must build diradm with USE=test to run the testcases!"
+	emake -j1 check
+}
diff --git a/overlay/app-admin/diradm/files/diradm-2.9.3-emptyUID.patch b/overlay/app-admin/diradm/files/diradm-2.9.3-emptyUID.patch
new file mode 100644
index 0000000..6bc86c2
--- /dev/null
+++ b/overlay/app-admin/diradm/files/diradm-2.9.3-emptyUID.patch
@@ -0,0 +1,12 @@
+--- src/diradm.user.sh.in	2007-03-30 06:44:10.000000000 -0400
++++ src.new/diradm.user.sh.in	2008-06-30 12:31:53.986106620 -0400
+@@ -59,8 +59,8 @@
+ 			exit 4
+ 		fi
+ 	else
+-		UIDNUMBER="${UIDNUMBERMIN}"
+ 		UIDNUMBER="$(usernextfreeuid)"
++		[ -z "${UIDNUMBER}" ] && UIDNUMBER="${UIDNUMBERMIN}"
+ 		if [ "${UIDNUMBER}" -gt "${UIDNUMBERMAX}" ]; then
+ 			echo "${modulename}: Can't get unique uid"
+ 			exit 4
diff --git a/overlay/net-nds/lat/Manifest b/overlay/net-nds/lat/Manifest
new file mode 100644
index 0000000..b826451
--- /dev/null
+++ b/overlay/net-nds/lat/Manifest
@@ -0,0 +1,2 @@
+DIST lat-1.2.3.tar.gz 463225 RMD160 56fad3d30ad19bfc267403368547c4d53a481b87 SHA1 52e2de528d2fa35519b2d67cd2937d4d524001de SHA256 8071bcacb3f5be5b10f7a154cf64f007670b67415f986e0794202643ab52e16e
+EBUILD lat-1.2.3.ebuild 1249 RMD160 8b602a71c213def241788ba14f48dab549c18a12 SHA1 840c3049d082e141fd7291d3b114db698754eb2c SHA256 e6a905b2519160d390f8cb0a302fb6512ad29e352325a4cf3431ade27a97d085
diff --git a/overlay/net-nds/lat/lat-1.2.3.ebuild b/overlay/net-nds/lat/lat-1.2.3.ebuild
new file mode 100644
index 0000000..7e1db14
--- /dev/null
+++ b/overlay/net-nds/lat/lat-1.2.3.ebuild
@@ -0,0 +1,45 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-nds/lat/lat-1.2.2.ebuild,v 1.1 2007/04/08 18:38:31 bass Exp $
+
+inherit gnome2 mono versionator
+
+KEYWORDS="~amd64 x86"
+
+DESCRIPTION="LDAP Administration Tool, allows you to browse LDAP-based directories and add/edit/delete entries."
+HOMEPAGE="http://dev.mmgsecurity.com/projects/lat"
+SRC_URI="http://dev.mmgsecurity.com/downloads/${PN}/$(get_version_component_range 1-2)/${P}.tar.gz"
+LICENSE="GPL-2"
+IUSE="avahi dbus"
+SLOT="0"
+
+RDEPEND=">=dev-lang/mono-1.1.13
+	>=dev-dotnet/gtk-sharp-2.8
+	>=dev-dotnet/gnome-sharp-2.8
+	>=dev-dotnet/glade-sharp-2.8
+	>=dev-dotnet/gconf-sharp-2.8
+	>=gnome-base/gnome-keyring-0.4
+	sys-apps/dbus
+	avahi? ( net-dns/avahi )"
+DEPEND="${RDEPEND}
+	app-text/scrollkeeper
+	dev-util/pkgconfig"
+
+src_compile() {
+	econf \
+		$(use_enable avahi) \
+		|| die "econf failed"
+	emake || die "emake failed"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed"
+	dodoc AUTHORS ChangeLog NEWS README TODO
+}
+
+pkg_postinst() {
+	if use avahi ; then
+		ewarn "You've enabled avahi support."
+		ewarn "Make sure the avahi daemon is running before you try to start ${PN}"
+	fi
+}
diff --git a/overlay/net-nds/ldap-auth/Manifest b/overlay/net-nds/ldap-auth/Manifest
new file mode 100644
index 0000000..caab865
--- /dev/null
+++ b/overlay/net-nds/ldap-auth/Manifest
@@ -0,0 +1,2 @@
+AUX cluster_ldap_skel.conf 3737 RMD160 eb82a475caa338f29dbd7bc64d0de659829d52f7 SHA1 bf5cbca83cec4633442523506123c92862d27623 SHA256 d03ddca79b751e182c44d346c555c7bd08f411cd87c32608915964de9664810b
+EBUILD ldap-auth-0.1.ebuild 12734 RMD160 cc4869546234d9496beff0318afa22a037e7b734 SHA1 bacacc1425cdd63fd5a5140f1d445c795734d8e8 SHA256 5b18dc255b9c96fc26422ef96bd9d73d36b13934b713a4342ba18413d41b2b0a
diff --git a/overlay/net-nds/ldap-auth/files/cluster_ldap_skel.conf b/overlay/net-nds/ldap-auth/files/cluster_ldap_skel.conf
new file mode 100644
index 0000000..83c2e42
--- /dev/null
+++ b/overlay/net-nds/ldap-auth/files/cluster_ldap_skel.conf
@@ -0,0 +1,91 @@
+#!/bin/bash
+# By Eric Thibodeau
+# 01 July 2008
+#
+# NOTES: 
+#	* it is usually suggested to keep all LDAP definitions in 
+#	_lower case_... but do as youi wish!
+#	* all *_DESC variables are optionnal and are simply used
+#	in the description field of the LDAP db.
+
+# The following is to tell pkg_config that this files has been revised
+# Set it to "yes" once you're done
+CONFIG_OK="no"
+
+# What is the name you want to give the LDAP domain?
+# say we wanted the domain to be gentoo.local you would
+# put the following:
+#DOMAIN="gentoo.local"
+# or, in a more automated-generally-speaking sense:
+#DOMAIN=$(hostname -d)
+# Since this is the Clustering template, our Domain Context
+# is actually more like : "machine.domain.com". ASSuming
+# the machine is set up right, we can pull that in autmatically
+# using the following:
+DOMAIN=$(hostname -f)
+DOMAIN_DESC="This the LDAP server residing on $DOMAIN"
+
+# Which part of your organisation is this machine filling in
+# for? In the present example, this is the cluster so we'll call
+# this Organizational Unit (ou) cluster:
+OU="cluster"
+OU_DESC="Clustering department branch. All units defined under this branch are for use by the cluster"
+
+# We will create some specific branches under that cluster,
+# logically, we'll have users and groups to manage these, so
+# we will minimally impose the definition of these two:
+USERS_OU="users"
+USERS_OU_DESC="Cluster specific Users"
+GROUPS_OU="groups"
+GROUPS_OU_DESC="Cluster specific Groups"
+
+# OUTHER_OU is parsed to automatically create other sub-OU under
+# the one defined above (as OU). This could be, for example:
+#OTHER_OU="aliases networks hosts"
+
+# if you want descriptions to be added to each of these groups
+# automatically in the LDAP database, dedine a separate _DESC
+# vairable for each. For example:
+#aliases_DESC="This is the container for user aliases"
+#hosts_DESC="This is the container for static host descriptions"
+
+# Although this is often a philosophical debate, we'll stick 
+# with having an admin for the ldap user database and one
+# for managing it's contents. Here is the dirrerence in their
+# role:
+#
+# The ADMIN_DN will be the user used to create the ldap db
+# and have total control over it. This user is typically useful
+# only at creation and dumping/migration of the database. This
+# user _always_ has TOTAL access to the LDAP db where it's 
+# defined. One typically _doesn't_ use this user to mange the
+# LDAP database, the user defined in ADMIN_DN is the one to use.
+#
+LDAP_ADMIN_DN="admin"
+# This is the paswsord to use for LDAP management tasks and is the
+# one that is stored in /etc/openldap/slapd.conf (but we at least
+# hash it ;) 
+LDAP_ADMIN_DN_PWD="default"
+
+# The following user will essentially be identical to root, you're better
+# off not renaming him.
+ADMIN_DN="root"
+ADMIN_DN_DESC="root account (under LDAP)"
+
+# The following is the name of the group used to identify people
+# with full access to the LDAP db. One advantage is that the members
+# of this group can be dynamically changed within the LDAP db. NOTE: 
+# Since it's given the same gid as wheel, it's functionnaly equivalent!!!
+ADMIN_GROUP_DN="wheel"
+ADMIN_GROUP_DN_DESC="Users in this group can freely modify the LDAP directory at will"
+
+# The following is the place to put the resulting generated files
+# usually we'd want this to be ROOT="/" ...if you trust the script 
+# entirely ;). We use the environment's $ROOT if one is available...
+[[ -z $ROOT ]] && ROOT="/"
+
+# The LDIF_OUT defines the name of the ldif file that will be automatically
+# created by the script. It's only really useful if you want to keep that file 
+# afterwards for xyz reason (obviously, LDIF_OUT_KEEP has to be set to yes):
+LDIF_OUT="./create_db.ldif"
+LDIF_OUT_KEEP="yes"
diff --git a/overlay/net-nds/ldap-auth/ldap-auth-0.1.ebuild b/overlay/net-nds/ldap-auth/ldap-auth-0.1.ebuild
new file mode 100644
index 0000000..459c4e7
--- /dev/null
+++ b/overlay/net-nds/ldap-auth/ldap-auth-0.1.ebuild
@@ -0,0 +1,435 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+DESCRIPTION="This meta ebuild automates the configuration of OpenLDAP as the authentification backend"
+HOMEPAGE="http://code.google.com/soc/2008/gentoo/appinfo.html?csaid=79DB497BA0D95148"
+SRC_URI=""
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ~x86"
+IUSE="autoconfigure authmaster"
+
+DEPEND=""
+RDEPEND="sys-auth/nss_ldap
+    sys-auth/pam_ldap
+    app-admin/diradm"
+
+inherit confutils
+
+CONFIG_FILE="/etc/conf.d/ldap_auth.conf"
+TEMPLATE_FILE="${FILESDIR}/cluster_ldap_skel.conf"
+
+pkg_setup() {
+	if use authmaster; then
+		if built_with_use net-nds/openldap minimal ; then
+			die "You MUST have a non-minimal build of OpenLDAP to use ${P}!"
+		fi
+	fi
+}
+
+src_install()
+{
+	if use authmaster; then
+		cp $TEMPLATE_FILE ./ldap_auth.conf
+		doconfd ./ldap_auth.conf
+		if ! use autoconfigure; then
+		    elog "You need to edit $CONFIG_FILE to your likings"
+		    elog "Once you are done, set CONFIG_OK=\"yes\" in there and"
+		    elog "call emerge --config =${CATEGORY}/${PF}"
+		fi
+	fi
+}
+
+parse_config()
+{
+	. $1
+	# Derived VARs:
+	DC="dc=${DOMAIN//\./,dc=}"
+	BASE_DN="ou=$OU,$DC"
+	BASE_DN_DESC="$OU_DESC"
+	USR_DN="ou=$USERS_OU,$BASE_DN"
+	GRP_DN="ou=$GROUPS_OU,$BASE_DN"
+	ROOTDN="cn=$LDAP_ADMIN_DN,$DC"
+	ROOTDNPWD="$LDAP_ADMIN_DN_PWD"
+	DBDIR="/var/lib/openldap-${DOMAIN}-data"
+
+	# Config Files:
+	SLAPDCONF="${ROOT}/etc/openldap/slapd.conf"
+	ETCSLAP="${ROOT}/etc/ldap.conf"
+	[ -f $SLAPDCONF ] || mkdir -p $(dirname $SLAPDCONF)
+	[ -f $ETCSLAP   ] || mkdir -p $(dirname $ETCSLAP)
+
+}
+
+make_slapd_conf()
+{
+	[ -f $SLAPDCONF ] && mv $SLAPDCONF ${SLAPDCONF}.${PN}.bak
+	cat > $SLAPDCONF <<-EOF
+	#
+	# Based on instructoins from: http://www.gentoo.org/doc/en/ldap-howto.xml
+	# See slapd.conf(5) for details on configuration options.
+	# This file should NOT be world readable.
+	#
+
+	# Schema definitions, these are order sensitive
+	include         /etc/openldap/schema/core.schema
+	include         /etc/openldap/schema/cosine.schema
+	include         /etc/openldap/schema/inetorgperson.schema
+	include         /etc/openldap/schema/nis.schema
+
+
+	# Do not enable referrals until AFTER you have a working directory
+	# service AND an understanding of referrals.
+	#referral       ldap://root.openldap.org
+
+	pidfile         /var/run/openldap/slapd.pid
+	argsfile        /var/run/openldap/slapd.args
+
+	# Define global ACLs to disable default read access.
+
+	# Sample security restrictions
+	#       Require integrity protection (prevent hijacking)
+	#       Require 112-bit (3DES or better) encryption for updates
+	#       Require 63-bit encryption for simple bind
+	# security ssf=1 update_ssf=112 simple_bind=64
+
+	# Sample access control policy:
+	#       Root DSE: allow anyone to read it
+	#       Subschema (sub)entry DSE: allow anyone to read it
+	#       Other DSEs:
+	#               Allow self write access
+	#               Allow authenticated users read access
+	#               Allow anonymous users to authenticate
+	#       Directives needed to implement policy:
+	# access to dn.base="" by * read
+	# access to dn.base="cn=Subschema" by * read
+	# access to *
+	#       by self write
+	#       by users read
+	#       by anonymous auth
+	#
+	# if no access controls are present, the default policy
+	# allows anyone and everyone to read anything but restricts
+	# updates to rootdn.  (e.g., "access to * by * read")
+	#
+	# rootdn can always read and write EVERYTHING!
+	
+	# We define ACLs on a per-DB basis below, so no access as a default:
+	access to * by * none
+
+	# Database definitions (only have one here but you could have more than 1):
+
+	database        hdb
+	suffix          "$DC"
+	#               <kbyte> <min>
+	checkpoint      32      30
+	rootdn          "$ROOTDN"
+	# Cleartext passwords, especially for the rootdn, should
+	# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
+	# Use of strong authentication encouraged.
+	rootpw		$(slappasswd -s $ROOTDNPWD)
+	# The database directory MUST exist prior to running slapd AND
+	# should only be accessible by the slapd and slap tools.
+	# Mode 700 recommended.
+	directory	$DBDIR
+	# Indices to maintain
+	index   objectClass,uid,uidNumber     eq
+
+	# Auto-Generated ACL definitions:
+
+	access to attrs=userPassword
+	  by set="[cn=$ADMIN_GROUP_DN,$GRP_DN]/member* & user" write
+	  by dn="uid=$ADMIN_DN,$USR_DN" write
+	  by self write
+	  by anonymous auth
+	  by * none
+	
+	access to *
+	  by set="[cn=$ADMIN_GROUP_DN,$GRP_DN]/member* & user" write
+	  by dn="uid=$ADMIN_DN,$USR_DN" write
+	  by * read
+
+	EOF
+
+}
+
+make_lapd_confs()
+{
+	# etc/openldap/ldap.conf file:
+	cat > ${ROOT}/etc/openldap/ldap.conf <<-EOF
+		# Autogenerated by $0
+		base		$BASE_DN
+		uri			ldap://$(hostname -f):389/
+		rootbinddn	$ROOTDN
+	EOF
+	
+	# etc/ldap.conf file:
+	[[ -f ${ROOT}/etc/ldap.conf ]] && cp ${ROOT}/etc/ldap.conf ${ROOT}/etc/ldap.conf.orig
+	cat > ${ROOT}/etc/ldap.conf <<-EOF
+		host    $(hostname -f)
+		base    $BASE_DN
+		uri     ldap://$(hostname -f):389/
+
+		# The distinguished name to bind to the server with
+		# if the effective user ID is root. Password is
+		# stored in /etc/ldap.secret (mode 600)
+		#rootbinddn $ROOTDN
+
+		# The search scope.
+		scope sub
+		#scope one
+		#scope base
+
+		# Reconnect policy:
+		#  hard_open: reconnect to DSA with exponential backoff if
+		#             opening connection failed
+		#  hard_init: reconnect to DSA with exponential backoff if
+		#             initializing connection failed
+		#  hard:      alias for hard_open
+		#  soft:      return immediately on server failure
+		bind_policy hard
+
+		ldap_version 3
+
+		# Use the OpenLDAP password change
+		# extended operation to update the password.
+		pam_password			exop
+		#pam_filter 				objectclass=posixAccount
+		pam_login_attribute		uid
+		pam_member_attribute 	gid
+		pam_password            md5
+
+		#RFC2307bis naming contexts
+		# Syntax:
+		# nss_base_XXX          base?scope?filter
+		# where scope is {base,one,sub}
+		# and filter is a filter to be &'d with the
+		# default filter.
+		# You can omit the suffix eg:
+		# nss_base_passwd       ou=People,
+		# to append the default base DN but this
+		# may incur a small performance impact.
+		nss_base_passwd		ou=users,$BASE_DN?one
+		nss_base_shadow		ou=users,$BASE_DN?one
+		nss_base_group		ou=groups,$BASE_DN?one
+		#nss_base_hosts		ou=Hosts,$BASE_DN?one
+		#nss_base_services	ou=Services,$BASE_DN?one
+		#nss_base_networks	ou=Networks,$BASE_DN?one
+		#nss_base_protocols	ou=Protocols,$BASE_DN?one
+		#nss_base_rpc		ou=Rpc,$BASE_DN?one
+		#nss_base_ethers	ou=Ethers,$BASE_DN?one
+		#nss_base_netmasks	ou=Networks,$BASE_DN?ne
+		#nss_base_bootparams	ou=Ethers,$BASE_DN?one
+		#nss_base_aliases	ou=Aliases,$BASE_DN?one
+		#nss_base_netgroup	ou=Netgroup,$BASE_DN?one
+
+		# For Gentoo's distribution of nss_ldap, as of 250-r1, we use these values
+		# (The hardwired constants in the code are changed to them as well):
+		#nss_reconnect_tries 4           # number of times to double the sleep time
+		#nss_reconnect_sleeptime 1       # initial sleep value
+		#nss_reconnect_maxsleeptime 16   # max sleep value to cap at
+		#nss_reconnect_maxconntries 2    # how many tries before sleeping
+		# This leads to a delay of 15 seconds (1+2+4+8=15)
+
+		# If you are impatient, and know your LDAP server is reliable, fast or local,
+		# you may wish to use these values instead:
+		nss_reconnect_tries 1          # number of times to double the sleep time
+		nss_reconnect_sleeptime 1      # initial sleep value
+		nss_reconnect_maxsleeptime 1   # max sleep value to cap at
+		nss_reconnect_maxconntries 3   # how many tries before sleeping
+		# This leads to a delay of 1 second.
+	EOF
+}
+
+install_pam_auth()
+{
+	SYSAUTH="${ROOT}/etc/pam.d/system-auth"
+	if [[ ! -f $SYSAUTH ]]
+	then
+		mkdir -p $(dirname $SYSAUTH)
+		cp /etc/pam.d/system-auth $SYSAUTH
+	fi
+	cp $SYSAUTH ${SYSAUTH}.${PN}.bak
+
+	einfo "OVERWRITING $SYSAUTH"
+	cat > $SYSAUTH <<-EOF
+	#%PAM-1.0
+	# Savagely copied over from http://gentoo-wiki.com/HOWTO_LDAPv3#Configuration :P
+
+	auth    required     pam_env.so
+	auth    [success=ignore default=1] pam_localuser.so
+	auth    [success=done new_authtok_reqd=done default=1]  pam_unix.so likeauth nullok try_first_pass
+	auth    sufficient pam_ldap.so try_first_pass
+	auth    required     pam_deny.so
+
+	account    sufficient   pam_unix.so
+	account    sufficient   pam_ldap.so
+
+	password   required     pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
+	password   sufficient   pam_unix.so nullok md5 shadow use_authtok
+	password   sufficient   pam_ldap.so use_authtok
+	password   required     pam_deny.so
+
+	session    required     pam_limits.so
+	session    required     pam_unix.so
+	#Creates the home directories if they do not exist
+	session    required     pam_mkhomedir.so skel=/etc/skel/ umask=0022
+	session    optional     pam_ldap.so
+	EOF
+}
+
+install_nssswitch()
+{
+	NNSSWITCH="${ROOT}/etc/nsswitch.conf"
+	if [[ ! -f $NNSSWITCH ]] 
+	then
+		mkdir -p $(dirname $NNSSWITCH)
+		cp /etc/nsswitch.conf $NNSSWITCH
+	fi
+	cp $NNSSWITCH ${NNSSWITCH}.${PN}.bak
+	einfo "Modifying $NNSSWITCH"
+	for I in passwd shadow group $OTHER_OU
+	do
+		sed -i -e"s:\(^${I}.*\):\1 ldap:" $NNSSWITCH
+	done
+}
+
+make_ldif()
+{
+	# NOTE: LDIF_OUT is defined in the config file
+	cat > $LDIF_OUT <<-EOF
+	dn: $DC
+	o: $DOMAIN
+	objectClass: organization
+	objectClass: dcObject
+	description: $DOMAIN_DESC
+
+	dn: $BASE_DN
+	ou: $OU
+	objectClass: top
+	objectClass: organizationalUnit
+	description: $BASE_DN_DESC
+
+	#dn: cn=${LDAP_ADMIN_DN},$DC
+	#objectClass: person
+	#cn: $LDAP_ADMIN_DN
+	#sn: $LDAP_ADMIN_DN
+	EOF
+
+	for OU in $USERS_OU $GROUPS_OU $OTHER_OU
+	do
+		DESC=$(eval echo "$"${I}_DESC)
+		cat >> $LDIF_OUT <<-EOF
+
+			dn: ou=${OU},$BASE_DN
+			ou: $OU
+			objectClass: top
+			objectClass: organizationalUnit
+		EOF
+		[[ ! -z $DESC ]] && echo "	description: $DESC" >> $LDIF_OUT
+	done
+
+	# We need to define at least one user with GODlike rights :)
+	cat >> $LDIF_OUT <<-EOF
+		
+		dn: cn=${ADMIN_DN},$USR_DN
+		cn: $ADMIN_DN
+		sn: $ADMIN_DN
+		gidNumber: 0
+		uid: $ADMIN_DN
+		uidNumber: 0
+		homeDirectory: /home/root
+		loginShell: /bin/bash
+		# we need at least one STRUCTURAL objectClass: so we choose inetOrgPerson
+		# as it is the most popular in such a context and will require less fscking 
+		# around of the management tools (such as lat)
+		objectClass: inetOrgPerson
+		objectClass: posixAccount
+		objectClass: shadowAccount
+		description: $ADMIN_DN_DESC
+	EOF
+
+	# Let's provide for multiple diety possibilies O_o!
+	# This is a group explicitly linked to wheel
+	cat >> $LDIF_OUT <<-EOF
+
+		dn: cn=${ADMIN_GROUP_DN},$GRP_DN
+		gidNumber: $(getent group wheel | cut -f3 -d:)
+		cn: $ADMIN_GROUP_DN
+		# RFCs will eventually define posixGroup as an AUXILIARY class and
+		# not a STRUCTURAL class, then we'll have to uncomment groupOfNames
+		#objectClass: groupOfNames
+		objectClass: posixGroup
+		description: $DESC NOTE: This group OVERLAPS the local wheel account
+	EOF
+}
+
+creade_db()
+{
+	# NOTE: setting ${ROOT} here is irrelevant since this function should not be 
+	# called unless ROOT=/
+
+	# This is bad, I know...all of this should be done using the installed
+	# openldap version (don't know how to get the installed version from portage)
+	einfo "Adding default DB_CONFIG file do DB directory."
+	mkdir -p $DBDIR
+	bzcat /usr/share/doc/openldap-*/DB_CONFIG.fast.example.bz2 > /$DBDIR/DB_CONFIG
+
+	einfo "Initiating the database"
+	slapadd -v -b $ROOTDN -l $LDIF_OUT
+	# had ldap been online:
+	#ldapadd -x -D $ROOTDN -w $ROOTDNPWD -f $LDIF_OUT
+
+	einfo "Ensuring proper permissions are set for the data dir."
+	#chown -R ldap: `awk '/^directory/  {print $2}' $SLAPDCONF`
+	chown -R ldap: $DBDIR
+
+	einfo "Starting slapd"
+	/etc/init.d/slapd start || ewarn "Failed to start slapd, check /var/log/messages"; 
+
+	einfo "Adding slapd to default runlevel"
+	rc-update add slapd default
+}
+
+config_diradm()
+{
+	# diradm has questionnable defaults, we bring them back to
+	# what most users will expect:
+	sed -i -e's:HOMEBASE="/home/users":HOMEBASE="/home":' \
+	-e 's:DEFAULT_LOGINSHELL="/bin/localshell":DEFAULT_LOGINSHELL="/bin/bash":' \
+	${ROOT}/etc/diradm.conf
+
+	# When we enable automount, we'll add the stuff here
+}
+
+
+pkg_config()
+{
+	[[ -f ${CONFIG_FILE} ]] || die "${CONFIG_FILE} missing!!! re-emerge ${PF}"
+	if ! use autoconfigure; then
+		. ${CONFIG_FILE}
+		[[ $CONFIG_OK != "yes" ]] && die "You need to edit ${CONFIG_FILE} and set CONFIG_OK=\"yes\""
+	fi
+	parse_config ${CONFIG_FILE}
+	if use authmaster; then
+		make_slapd_conf
+		make_ldif
+		config_diradm
+		# Don't create the DB on a live system if that's not
+		# where we want to install
+		[[ ${ROOT} == "/" ]] && creade_db
+		[[ $LDIF_OUT_KEEP != "yes" ]] && rm $LDIF_OUT
+	fi
+	make_lapd_confs
+
+	# commented for irrelevancy in this ebuild.
+	#if [[ $LDAP_AS_AUTH == "yes" ]]
+	#then
+		install_pam_auth
+		install_nssswitch
+	#fi
+
+}
+
diff --git a/overlay/sys-cluster/beowulf-head/beowulf-head-0.1.ebuild b/overlay/sys-cluster/beowulf-head/beowulf-head-0.1.ebuild
new file mode 100644
index 0000000..6f223ca
--- /dev/null
+++ b/overlay/sys-cluster/beowulf-head/beowulf-head-0.1.ebuild
@@ -0,0 +1,136 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+DESCRIPTION="This is a meta ebuild that pulls in the packages and some config
+scripts/files for building the Gentoo Clustering Master node"
+HOMEPAGE="http://code.google.com/soc/2008/gentoo/appinfo.html?csaid=79DB497BA0D95148"
+SRC_URI=""
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ~x86"
+IUSE=""
+
+DEPEND=""
+RDEPEND="net-nds/ldap-auth
+    sys-boot/syslinux
+    net-dns/dnsmasq
+    app-admin/sudo
+    net-misc/sipcalc
+	net-fs/nfs-utils"
+
+gent_ip_config()
+{
+	CLUSTER_ETH_IP=$(sipcalc $CLUSTER_ETH | egrep 'Host address\W*-' | cut -d- -f2)
+	RANGE_START=$(sipcalc $CLUSTER_ETH | egrep 'Host address\W*-' | cut -d- -f2)
+	IPSTART="${RANGE_START#*.}.$(( ${RANGE_START##*.} +1 ))"
+	IPSTOP=$(sipcalc $CLUSTER_ETH | egrep 'Usable range\W*-' | cut -d- -f3)
+	SUBNET=$(sipcalc $CLUSTER_ETH | egrep 'Network mask\W*-' | cut -d- -f2)
+	NETADDR=$(sipcalc $CLUSTER_ETH | egrep 'Network address' | cut -d- -f2)
+}
+
+dnsmasq_conf()
+{
+	cat > ${ROOT}/etc/dnsmasq.conf <<-EOF	
+
+	# Public interface
+	except-interface=$ETH
+
+	# Set up the local-only domain
+	local=/${LOCALDOMAINNAME}/
+	domain=$LOCALDOMAINNAME
+	expand-hosts
+
+	# Some netiquette:
+	domain-needed
+	bogus-priv
+	
+	# Send RFC-3397 DNS domain search DHCP option. WARNING: Your DHCP client
+	# probably doesn't support this...... (option 119)
+	dhcp-option=119,$LOCALDOMAINNAME
+	# Domain DNS name
+	dhcp-option=15,$LOCALDOMAINNAME
+
+	enable-tftp
+	tftp-root=${TFTPROOT}
+
+	dhcp-authoritative
+	
+	### Node definitions, this could be in a separate file
+	# Turn on the DHCP server, pass out addresses from $IPSTART to $IPSTOP
+	# with subnet mask of $SUBNET with a 12-hour lease
+	dhcp-range=nodes,$IPSTART,$IPSTOP,$SUBNET,12h
+
+	# Override the default route supplied by dnsmasq, which assumes the
+	# router is the same machine as the one running dnsmasq.
+	dhcp-option=3,$CLUSTER_ETH_IP
+
+	# This tells the clients the hostname and IP of the TFTP server
+	dhcp-boot=${PXELINUX},$(hostname),$CLUSTER_ETH_IP
+
+	# We are the authoritative DHCP server for this network
+	dhcp-authoritative
+
+	# address and root path of NFS server
+	dhcp-option=17,$CLUSTER_ETH_IP:${NFSROOT}
+	
+	EOF
+}
+
+pxe_conf()
+{
+	PROFNAME="$(uname -m)_node"
+	BOOTPATH="${NFSROOT##$TFTPROOT}"
+	BOOTPATH="${BOOTPATH#/}/boot"
+
+	mkdir -p ${TFTPROOT}/pxelinux.cfg
+	cat >> ${TFTPROOT}/pxelinux.cfg/default <<-EOF
+	prompt 1
+	timeout 50
+	say Press F1 for boot profiles, default is $PROFNAME  in 5 seconds...
+	F1 BootProfiles
+	default $PROFNAME
+
+	label $PROFNAME
+	  kernel ${BOOTPATH}/vmlinuz
+	  append initrd=/initramfs ramdisk=8192 ip=dhcp root=nfs;tmpfs
+
+	label local
+	  localboot 0
+	
+	EOF
+
+	cat >> ${TFTPROOT}/BootProfiles <<-EOF
+	^L
+	Type $PROFNAME for regular bootup (default after 5 seconds)
+	Type local to boot on the local HDD
+	EOF
+
+	ln -s ${ROOT}/usr/lib/syslinux/pxelinux.0 ${TFTPROOT}/pxelinux.0
+
+}
+
+nfs_root_conf()
+{
+	cat >> ${ROOT}/etc/exportfs <<-EOF
+    ${NFSROOT} $NETADDR/$SUBNET(ro,no_root_squash,async,no_subtree_check)
+    EOF
+
+	mkdir -p ${NFSROOT}
+	einfo "${NFSROOT} has been populated, all configs point to this root"
+	einfo "to boot, firthermore, the fonfigs expect the kernel to be"
+	einfo "${NFSROOT}/boot/vmlinuz"
+}
+
+pkg_config()
+{
+	dnsmasq_conf
+	pxe_conf
+	nfs_root_conf
+	
+	for I in dnsmasq netmount;
+	do
+		rc-update add $I
+	done
+}
diff --git a/overlay/sys-cluster/beowulf-head/files/beowulf_cluster.conf b/overlay/sys-cluster/beowulf-head/files/beowulf_cluster.conf
new file mode 100644
index 0000000..7b223d5
--- /dev/null
+++ b/overlay/sys-cluster/beowulf-head/files/beowulf_cluster.conf
@@ -0,0 +1,36 @@
+# Clustering template configuration file
+# Eric Thibodeau June 2008
+
+# PUBETH is the public-side ETH, which means dnsmasq won't listen on this
+# interfaces, any other interface will be taken in charge by dnsmasq.
+PUBETH="eth0"
+
+# CLUSTER_ETH defines the interface connected to the cluster's
+# _PRIVATE_ network. All relevant information is derived automatically
+# from this interface's configuration to create the proper address
+# mapping using net-misc/sipcalc
+# IMPORTANT, it is ASSumed the interface has an address of NETWORKSADDR+1
+# this means that, if the cluster network base is 10.0.0.0/24, we assume
+# eth1 to be 10.0.0.1, other configurations are beyond the scope of this
+# automation script and you shouldn't even be using it in this case ;)
+CLUSTER_ETH="eth1"
+
+# Not sure we want this to be (auto)configurable since
+# we are building an isolated (true) Beowulf cluster
+# where the nodes aren't supposed to be accessible from
+# the outside. For the same reason, we don't set up
+# routing on the head server.
+LOCALDOMAINNAME="cluster.local"
+
+# This is where the boot images and boot files are stored,
+# including pxelinux and kernel stuff.
+TFTPROOT="/tftproot"
+
+# This is the location of the pxelinux.0 file used for booting.
+# The file is provided by sys-boot/syslinux.
+PXELINUX="${TFTPROOT}/pxelinux.0"
+
+# This is where the NFS booted image resides, for practical reasons,
+# this is kept within TFTPROOT:
+NFSROOT="${TFTPROOT}/nfsroot/$(uname -m)"
+