automatic version update by autodist [release 2.4.39-1mamba;Tue Jan 28 2014]
This commit is contained in:
parent
d6cdaf3110
commit
993bab3f9a
@ -1,2 +1,4 @@
|
||||
# openldap
|
||||
|
||||
OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
|
||||
|
||||
|
89
openldap-2.2.15-conf
Normal file
89
openldap-2.2.15-conf
Normal file
@ -0,0 +1,89 @@
|
||||
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $
|
||||
#
|
||||
# See slapd.conf(5) for details on configuration options.
|
||||
# This file should NOT be world readable.
|
||||
#
|
||||
include %SYSCONFDIR%/schema/core.schema
|
||||
include %SYSCONFDIR%/schema/cosine.schema
|
||||
include %SYSCONFDIR%/schema/inetorgperson.schema
|
||||
include %SYSCONFDIR%/schema/corba.schema
|
||||
include %SYSCONFDIR%/schema/java.schema
|
||||
include %SYSCONFDIR%/schema/nis.schema
|
||||
include %SYSCONFDIR%/schema/openldap.schema
|
||||
|
||||
# Define global ACLs to disable default read access.
|
||||
|
||||
# Do not enable referrals until AFTER you have a working directory
|
||||
# service AND an understanding of referrals.
|
||||
#referral ldap://root.openldap.org
|
||||
|
||||
pidfile /run/ldap/slapd.pid
|
||||
argsfile /run/ldap/slapd.args
|
||||
|
||||
# Load dynamic backend modules:
|
||||
# modulepath %MODULEDIR%
|
||||
# moduleload back_bdb.la
|
||||
# moduleload back_ldap.la
|
||||
# moduleload back_ldbm.la
|
||||
# moduleload back_passwd.la
|
||||
# moduleload back_shell.la
|
||||
|
||||
# Sample security restrictions
|
||||
# Require integrity protection (prevent hijacking)
|
||||
# Require 112-bit (3DES or better) encryption for updates
|
||||
# Require 63-bit encryption for simple bind
|
||||
# security ssf=1 update_ssf=112 simple_bind=64
|
||||
|
||||
# Sample access control policy:
|
||||
# Root DSE: allow anyone to read it
|
||||
# Subschema (sub)entry DSE: allow anyone to read it
|
||||
# Other DSEs:
|
||||
# Allow self write access
|
||||
# Allow authenticated users read access
|
||||
# Allow anonymous users to authenticate
|
||||
# Directives needed to implement policy:
|
||||
# access to dn.base="" by * read
|
||||
# access to dn.base="cn=Subschema" by * read
|
||||
# access to *
|
||||
# by self write
|
||||
# by users read
|
||||
# by anonymous auth
|
||||
#
|
||||
# if no access controls are present, the default policy is:
|
||||
# Allow read by all
|
||||
#
|
||||
# rootdn can always write!
|
||||
|
||||
#######################################################################
|
||||
# ldbm database definitions
|
||||
#######################################################################
|
||||
|
||||
database bdb
|
||||
suffix "dc=my-domain,dc=com"
|
||||
rootdn "cn=Manager,dc=my-domain,dc=com"
|
||||
# Cleartext passwords, especially for the rootdn, should
|
||||
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
|
||||
# Use of strong authentication encouraged.
|
||||
rootpw secret
|
||||
# The database directory MUST exist prior to running slapd AND
|
||||
# should only be accessible by the slapd and slap tools.
|
||||
# Mode 700 recommended.
|
||||
directory %LOCALSTATEDIR%/lib/ldap/openldap-data
|
||||
# Indices to maintain
|
||||
index objectClass eq
|
||||
#
|
||||
# Allow users to change own password
|
||||
# - Manager can change any password
|
||||
# - Any users who have valid username+password may login
|
||||
#
|
||||
access to attr=userPassword
|
||||
by self write
|
||||
by dn="cn=Manager,$DND" write
|
||||
by * auth
|
||||
access to *
|
||||
by dn="cn=Manager,$DND" write
|
||||
by * read
|
||||
#
|
||||
# Hash password by default
|
||||
#
|
||||
password-hash {SSHA}
|
22
openldap-2.4.24-default_config.patch
Normal file
22
openldap-2.4.24-default_config.patch
Normal file
@ -0,0 +1,22 @@
|
||||
diff -Nru openldap-2.4.24.orig//servers/slapd/slapd.conf openldap-2.4.24/servers/slapd/slapd.conf
|
||||
--- openldap-2.4.24.orig//servers/slapd/slapd.conf 2007-02-13 21:22:22.000000000 +0100
|
||||
+++ openldap-2.4.24/servers/slapd/slapd.conf 2011-03-09 20:38:55.822787816 +0100
|
||||
@@ -10,8 +10,8 @@
|
||||
# service AND an understanding of referrals.
|
||||
#referral ldap://root.openldap.org
|
||||
|
||||
-pidfile %LOCALSTATEDIR%/run/slapd.pid
|
||||
-argsfile %LOCALSTATEDIR%/run/slapd.args
|
||||
+pidfile %LOCALSTATEDIR%/run/openldap/slapd.pid
|
||||
+argsfile %LOCALSTATEDIR%/run/openldap/slapd.args
|
||||
|
||||
# Load dynamic backend modules:
|
||||
# modulepath %MODULEDIR%
|
||||
@@ -60,6 +60,6 @@
|
||||
# The database directory MUST exist prior to running slapd AND
|
||||
# should only be accessible by the slapd and slap tools.
|
||||
# Mode 700 recommended.
|
||||
-directory %LOCALSTATEDIR%/openldap-data
|
||||
+directory %LOCALSTATEDIR%/lib/openldap-data
|
||||
# Indices to maintain
|
||||
index objectClass eq
|
192
openldap-2.4.6-evolution-ntlm.patch
Normal file
192
openldap-2.4.6-evolution-ntlm.patch
Normal file
@ -0,0 +1,192 @@
|
||||
diff -up evo-openldap-2.4.14/include/ldap.h.evolution-ntlm evo-openldap-2.4.14/include/ldap.h
|
||||
--- evo-openldap-2.4.14/include/ldap.h.evolution-ntlm 2009-01-27 00:29:53.000000000 +0100
|
||||
+++ evo-openldap-2.4.14/include/ldap.h 2009-02-17 10:10:00.000000000 +0100
|
||||
@@ -2461,5 +2461,26 @@ ldap_parse_deref_control LDAP_P((
|
||||
LDAPControl **ctrls,
|
||||
LDAPDerefRes **drp ));
|
||||
|
||||
+/*
|
||||
+ * hacks for NTLM
|
||||
+ */
|
||||
+#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU)
|
||||
+#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU)
|
||||
+LDAP_F( int )
|
||||
+ldap_ntlm_bind LDAP_P((
|
||||
+ LDAP *ld,
|
||||
+ LDAP_CONST char *dn,
|
||||
+ ber_tag_t tag,
|
||||
+ struct berval *cred,
|
||||
+ LDAPControl **sctrls,
|
||||
+ LDAPControl **cctrls,
|
||||
+ int *msgidp ));
|
||||
+LDAP_F( int )
|
||||
+ldap_parse_ntlm_bind_result LDAP_P((
|
||||
+ LDAP *ld,
|
||||
+ LDAPMessage *res,
|
||||
+ struct berval *challenge));
|
||||
+
|
||||
+
|
||||
LDAP_END_DECL
|
||||
#endif /* _LDAP_H */
|
||||
diff -up evo-openldap-2.4.14/libraries/libldap/Makefile.in.evolution-ntlm evo-openldap-2.4.14/libraries/libldap/Makefile.in
|
||||
--- evo-openldap-2.4.14/libraries/libldap/Makefile.in.evolution-ntlm 2009-01-27 00:29:53.000000000 +0100
|
||||
+++ evo-openldap-2.4.14/libraries/libldap/Makefile.in 2009-02-17 10:10:00.000000000 +0100
|
||||
@@ -20,7 +20,7 @@ PROGRAMS = apitest dntest ftest ltest ur
|
||||
SRCS = bind.c open.c result.c error.c compare.c search.c \
|
||||
controls.c messages.c references.c extended.c cyrus.c \
|
||||
modify.c add.c modrdn.c delete.c abandon.c \
|
||||
- sasl.c gssapi.c sbind.c unbind.c cancel.c \
|
||||
+ sasl.c ntlm.c gssapi.c sbind.c unbind.c cancel.c \
|
||||
filter.c free.c sort.c passwd.c whoami.c \
|
||||
getdn.c getentry.c getattr.c getvalues.c addentry.c \
|
||||
request.c os-ip.c url.c pagectrl.c sortctrl.c vlvctrl.c \
|
||||
@@ -33,7 +33,7 @@ SRCS = bind.c open.c result.c error.c co
|
||||
OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \
|
||||
controls.lo messages.lo references.lo extended.lo cyrus.lo \
|
||||
modify.lo add.lo modrdn.lo delete.lo abandon.lo \
|
||||
- sasl.lo gssapi.lo sbind.lo unbind.lo cancel.lo \
|
||||
+ sasl.lo ntlm.lo gssapi.lo sbind.lo unbind.lo cancel.lo \
|
||||
filter.lo free.lo sort.lo passwd.lo whoami.lo \
|
||||
getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
|
||||
request.lo os-ip.lo url.lo pagectrl.lo sortctrl.lo vlvctrl.lo \
|
||||
diff -up /dev/null evo-openldap-2.4.14/libraries/libldap/ntlm.c
|
||||
--- /dev/null 2009-02-17 09:19:52.829004420 +0100
|
||||
+++ evo-openldap-2.4.14/libraries/libldap/ntlm.c 2009-02-17 10:10:00.000000000 +0100
|
||||
@@ -0,0 +1,137 @@
|
||||
+/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
|
||||
+/*
|
||||
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
|
||||
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
|
||||
+ */
|
||||
+
|
||||
+/* Mostly copied from sasl.c */
|
||||
+
|
||||
+#include "portable.h"
|
||||
+
|
||||
+#include <stdlib.h>
|
||||
+#include <stdio.h>
|
||||
+
|
||||
+#include <ac/socket.h>
|
||||
+#include <ac/string.h>
|
||||
+#include <ac/time.h>
|
||||
+#include <ac/errno.h>
|
||||
+
|
||||
+#include "ldap-int.h"
|
||||
+
|
||||
+int
|
||||
+ldap_ntlm_bind(
|
||||
+ LDAP *ld,
|
||||
+ LDAP_CONST char *dn,
|
||||
+ ber_tag_t tag,
|
||||
+ struct berval *cred,
|
||||
+ LDAPControl **sctrls,
|
||||
+ LDAPControl **cctrls,
|
||||
+ int *msgidp )
|
||||
+{
|
||||
+ BerElement *ber;
|
||||
+ int rc;
|
||||
+ ber_int_t id;
|
||||
+
|
||||
+ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 );
|
||||
+
|
||||
+ assert( ld != NULL );
|
||||
+ assert( LDAP_VALID( ld ) );
|
||||
+ assert( msgidp != NULL );
|
||||
+
|
||||
+ if( msgidp == NULL ) {
|
||||
+ ld->ld_errno = LDAP_PARAM_ERROR;
|
||||
+ return ld->ld_errno;
|
||||
+ }
|
||||
+
|
||||
+ /* create a message to send */
|
||||
+ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
|
||||
+ ld->ld_errno = LDAP_NO_MEMORY;
|
||||
+ return ld->ld_errno;
|
||||
+ }
|
||||
+
|
||||
+ assert( LBER_VALID( ber ) );
|
||||
+
|
||||
+ LDAP_NEXT_MSGID( ld, id );
|
||||
+ rc = ber_printf( ber, "{it{istON}" /*}*/,
|
||||
+ id, LDAP_REQ_BIND,
|
||||
+ ld->ld_version, dn, tag,
|
||||
+ cred );
|
||||
+
|
||||
+ /* Put Server Controls */
|
||||
+ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
|
||||
+ ber_free( ber, 1 );
|
||||
+ return ld->ld_errno;
|
||||
+ }
|
||||
+
|
||||
+ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
|
||||
+ ld->ld_errno = LDAP_ENCODING_ERROR;
|
||||
+ ber_free( ber, 1 );
|
||||
+ return ld->ld_errno;
|
||||
+ }
|
||||
+
|
||||
+ /* send the message */
|
||||
+ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id );
|
||||
+
|
||||
+ if(*msgidp < 0)
|
||||
+ return ld->ld_errno;
|
||||
+
|
||||
+ return LDAP_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+int
|
||||
+ldap_parse_ntlm_bind_result(
|
||||
+ LDAP *ld,
|
||||
+ LDAPMessage *res,
|
||||
+ struct berval *challenge)
|
||||
+{
|
||||
+ ber_int_t errcode;
|
||||
+ ber_tag_t tag;
|
||||
+ BerElement *ber;
|
||||
+ ber_len_t len;
|
||||
+
|
||||
+ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 );
|
||||
+
|
||||
+ assert( ld != NULL );
|
||||
+ assert( LDAP_VALID( ld ) );
|
||||
+ assert( res != NULL );
|
||||
+
|
||||
+ if ( ld == NULL || res == NULL ) {
|
||||
+ return LDAP_PARAM_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ if( res->lm_msgtype != LDAP_RES_BIND ) {
|
||||
+ ld->ld_errno = LDAP_PARAM_ERROR;
|
||||
+ return ld->ld_errno;
|
||||
+ }
|
||||
+
|
||||
+ if ( ld->ld_error ) {
|
||||
+ LDAP_FREE( ld->ld_error );
|
||||
+ ld->ld_error = NULL;
|
||||
+ }
|
||||
+ if ( ld->ld_matched ) {
|
||||
+ LDAP_FREE( ld->ld_matched );
|
||||
+ ld->ld_matched = NULL;
|
||||
+ }
|
||||
+
|
||||
+ /* parse results */
|
||||
+
|
||||
+ ber = ber_dup( res->lm_ber );
|
||||
+
|
||||
+ if( ber == NULL ) {
|
||||
+ ld->ld_errno = LDAP_NO_MEMORY;
|
||||
+ return ld->ld_errno;
|
||||
+ }
|
||||
+
|
||||
+ tag = ber_scanf( ber, "{ioa" /*}*/,
|
||||
+ &errcode, challenge, &ld->ld_error );
|
||||
+ ber_free( ber, 0 );
|
||||
+
|
||||
+ if( tag == LBER_ERROR ) {
|
||||
+ ld->ld_errno = LDAP_DECODING_ERROR;
|
||||
+ return ld->ld_errno;
|
||||
+ }
|
||||
+
|
||||
+ ld->ld_errno = errcode;
|
||||
+
|
||||
+ return( ld->ld_errno );
|
||||
+}
|
83
openldap-initscript
Normal file
83
openldap-initscript
Normal file
@ -0,0 +1,83 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# ldap This shell script takes care of starting and stopping ldap server (slapd).
|
||||
#
|
||||
# chkconfig: 2345 35 65
|
||||
# description: LDAP stands for Lightweight Directory Access Protocol, used \
|
||||
# for implementing the industry standard directory services.
|
||||
# processname: slapd
|
||||
# config: /etc/openldap/slapd.conf
|
||||
# pidfile: /var/run/slapd.pid
|
||||
|
||||
# source function library
|
||||
. /etc/init.d/functions
|
||||
|
||||
[ -x /usr/bin/db_recover-51 ] && DB_RECOVER=db_recover-51 || DB_RECOVER=db_recover
|
||||
|
||||
# source an auxiliary options file if we have one, and pick up OPTIONS,
|
||||
# SLAPD_OPTIONS, and SLURPD_OPTIONS
|
||||
[ -r /etc/sysconfig/ldap ] && . /etc/sysconfig/ldap
|
||||
|
||||
slapd=/usr/sbin/slapd
|
||||
[ -x ${slapd} ] || exit 0
|
||||
|
||||
RETVAL=0
|
||||
|
||||
function start() {
|
||||
# fix bdb errors
|
||||
[ -e "/var/lib/ldap/openldap-data/__db.001" ] && \
|
||||
$DB_RECOVER -h /var/lib/ldap/openldap-data
|
||||
# start daemons
|
||||
prog=`basename ${slapd}`
|
||||
echo -n $"Starting $prog: "
|
||||
if grep -q ^TLS /etc/openldap/slapd.conf; then
|
||||
${slapd} -u ldap -h "ldaps:/// ldap:///" $OPTIONS $SLAPD_OPTIONS
|
||||
else
|
||||
${slapd} -u ldap $OPTIONS $SLAPD_OPTIONS
|
||||
fi
|
||||
evaluate_retval
|
||||
echo
|
||||
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/ldap
|
||||
return $RETVAL
|
||||
}
|
||||
|
||||
function stop() {
|
||||
# stop daemons
|
||||
prog=`basename ${slapd}`
|
||||
echo -n $"Stopping $prog: "
|
||||
killproc ${slapd}
|
||||
RETVAL=$?
|
||||
echo
|
||||
[ $RETVAL -eq 0 ] &&
|
||||
rm -f /var/lock/subsys/ldap /var/run/ldap/slapd.args
|
||||
return $RETVAL
|
||||
}
|
||||
|
||||
# See how we were called.
|
||||
case "$1" in
|
||||
start)
|
||||
start
|
||||
;;
|
||||
stop)
|
||||
stop
|
||||
;;
|
||||
status)
|
||||
status ${slapd}
|
||||
;;
|
||||
restart)
|
||||
stop
|
||||
start
|
||||
;;
|
||||
condrestart)
|
||||
if [ -f /var/lock/subsys/ldap ]; then
|
||||
stop
|
||||
start
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo $"Usage: $0 {start|stop|restart|status|condrestart}"
|
||||
RETVAL=1
|
||||
esac
|
||||
|
||||
exit $RETVAL
|
||||
|
8
openldap-logrotate
Normal file
8
openldap-logrotate
Normal file
@ -0,0 +1,8 @@
|
||||
/var/log/ldap.log {
|
||||
weekly
|
||||
rotate 5
|
||||
copytruncate
|
||||
compress
|
||||
notifempty
|
||||
missingok
|
||||
}
|
14
openldap.service
Normal file
14
openldap.service
Normal file
@ -0,0 +1,14 @@
|
||||
[Unit]
|
||||
Description=OpenLDAP Server Daemon
|
||||
After=syslog.target network.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
PIDFile=/run/openldap/slapd.pid
|
||||
Environment="SLAPD_URLS=ldap:/// ldapi:///" "SLAPD_OPTIONS="
|
||||
EnvironmentFile=/etc/sysconfig/ldap
|
||||
#ExecStartPre=/usr/libexec/slapd/check-config.sh
|
||||
ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
494
openldap.spec
Normal file
494
openldap.spec
Normal file
@ -0,0 +1,494 @@
|
||||
Name: openldap
|
||||
Version: 2.4.39
|
||||
Release: 1mamba
|
||||
Group: System/Servers
|
||||
Summary: An open source implementation of the Lightweight Directory Access Protocol
|
||||
Vendor: openmamba
|
||||
Distribution: openmamba
|
||||
Packager: Silvan Calarco <silvan.calarco@mambasoft.it>
|
||||
URL: http://www.openldap.org
|
||||
Source0: ftp://ftp.openldap.org/pub/OpenLDAP/%{name}-release/%{name}-%{version}.tgz
|
||||
Source1: %{name}-initscript
|
||||
Source2: %{name}-logrotate
|
||||
Source3: %{name}-2.2.15-conf
|
||||
Source4: openldap.service
|
||||
Source5: openldap.tmpfiles
|
||||
# patch from Novell developers (evolution-exchange-2.4.0/docs/openldap-ntlm.diff)
|
||||
Patch0: %{name}-2.4.6-evolution-ntlm.patch
|
||||
Patch2: %{name}-2.4.24-default_config.patch
|
||||
License: OpenLDAP Public License
|
||||
## AUTOBUILDREQ-BEGIN
|
||||
BuildRequires: glibc-devel
|
||||
BuildRequires: libdb51-devel
|
||||
BuildRequires: libicu-devel
|
||||
BuildRequires: libopenssl-devel
|
||||
BuildRequires: libsasl-devel
|
||||
## AUTOBUILDREQ-END
|
||||
BuildRequires: libsasl-devel >= 2.1.25
|
||||
BuildRequires: libltdl-devel
|
||||
BuildRequires: libreadline-devel >= 4.3
|
||||
BuildRequires: systemd-devel
|
||||
Requires: libopenldap = %{version}-%{release}
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
|
||||
%description
|
||||
OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
|
||||
|
||||
%package -n lib%{name}
|
||||
Summary: OpenLDAP libraries
|
||||
Group: System/Libraries
|
||||
# requires latest SASL libraries
|
||||
Requires: libsasl >= 2.1.25
|
||||
Provides: liblber.so.2
|
||||
Provides: libldap.so.2
|
||||
Provides: libldap_r.so.2
|
||||
|
||||
%description -n lib%{name}
|
||||
OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
|
||||
This package contains the OpenLDAP libraries.
|
||||
|
||||
%package -n lib%{name}-devel
|
||||
Summary: OpenLDAP development files
|
||||
Group: Development/Libraries
|
||||
Requires: libopenldap = %{version}-%{release}
|
||||
|
||||
%description -n lib%{name}-devel
|
||||
OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
|
||||
This package contains static libraries and header files need for development.
|
||||
|
||||
%package clients
|
||||
Summary: OpenLDAP clients
|
||||
Group: System/Libraries
|
||||
Requires: libopenldap = %{version}-%{release}
|
||||
|
||||
%description clients
|
||||
OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
|
||||
This package contains the OpenLDAP clients and related files.
|
||||
|
||||
%package server
|
||||
Summary: OpenLDAP server
|
||||
Group: System/Libraries
|
||||
Requires: libopenldap = %{version}-%{release}
|
||||
Provides: openldap-servers
|
||||
Obsoletes: openldap-servers
|
||||
|
||||
%description server
|
||||
OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.
|
||||
This package contains the OpenLDAP server and related files.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
#cp %{SOURCE3} servers/slapd/slapd.conf
|
||||
%patch0 -p1 -b .ntlm
|
||||
%patch2 -p1
|
||||
|
||||
%build
|
||||
%configure \
|
||||
--libexecdir=%{_sbindir} \
|
||||
--localstatedir=%{_localstatedir} \
|
||||
--with-cyrus-sasl \
|
||||
--enable-slapd \
|
||||
--enable-crypt \
|
||||
--enable-lmpasswd \
|
||||
--enable-spasswd \
|
||||
--enable-passwd \
|
||||
--enable-modules \
|
||||
--enable-rewrite \
|
||||
--enable-dynamic
|
||||
|
||||
# --enable-rlookups \
|
||||
|
||||
%make CC=%{_host}-gcc
|
||||
|
||||
%install
|
||||
[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
|
||||
%makeinstall
|
||||
|
||||
install -d %{buildroot}/var/lib/%{name}-data
|
||||
install -d %{buildroot}/var/run/openldap/
|
||||
|
||||
install -D -m 755 %{SOURCE1} %{buildroot}%{_initrddir}/%{name}
|
||||
install -D -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
|
||||
install -D -m 644 %{SOURCE4} %{buildroot}/lib/systemd/system/openldap.service
|
||||
install -D -m 644 %{SOURCE5} %{buildroot}%_tmpfilesdir/openldap.conf
|
||||
|
||||
rm -f %{buildroot}%{_sysconfdir}/%{name}/*.default
|
||||
rm -f %{buildroot}%{_sysconfdir}/%{name}/schema/*.default
|
||||
|
||||
# allow client requests without client certificate
|
||||
echo "TLS_REQCERT allow" >> \
|
||||
%{buildroot}%{_sysconfdir}/openldap/ldap.conf
|
||||
|
||||
#ln -s liblber.so %{buildroot}%{_libdir}/liblber.so.2
|
||||
#ln -s libldap.so %{buildroot}%{_libdir}/libldap.so.2
|
||||
#ln -s libldap_r.so %{buildroot}%{_libdir}/libldap_r.so.2
|
||||
#chmod 755 %{buildroot}%{_libdir}/*.so.*
|
||||
|
||||
cat > %{buildroot}/var/lib/openldap-data/DB_CONFIG << _EOF
|
||||
set_cachesize 0 150000000 1
|
||||
set_lg_regionmax 262144
|
||||
set_lg_bsize 2097152
|
||||
#set_lg_dir /var/log/bdb
|
||||
set_flags DB_LOG_AUTOREMOVE
|
||||
_EOF
|
||||
|
||||
rm -f %{buildroot}/var/openldap-data/DB_CONFIG.example
|
||||
|
||||
%clean
|
||||
[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
|
||||
|
||||
%post -n lib%{name} -p /sbin/ldconfig
|
||||
%postun -n lib%{name} -p /sbin/ldconfig
|
||||
|
||||
%pre -n %{name}-server
|
||||
if [ $1 -eq 2 ]; then
|
||||
# upgrade
|
||||
# make a backup of the existing tree
|
||||
ldapadd -VV 2>&1 | grep "ldapmodify 2.1" >/dev/null
|
||||
if [ $? -eq 0 ]; then
|
||||
echo "Backing up current ldap tree"
|
||||
[ -e /run/openldap/slapd.pid ] && service openldap stop
|
||||
slapcat > /var/lib/ldap/openldap-data/ldap-backup.rpm_update
|
||||
fi
|
||||
fi
|
||||
if [ $1 -eq 1 ]; then
|
||||
# new install
|
||||
groupadd ldap 2>/dev/null || true
|
||||
useradd -g ldap -c "LDAP user" -d /var/lib/ldap \
|
||||
-s /bin/false ldap 2>/dev/null || true
|
||||
fi
|
||||
exit 0
|
||||
|
||||
%post -n %{name}-server
|
||||
# new install
|
||||
if [ $1 -eq 1 ]; then
|
||||
if [ -e /etc/sysconfig/hostname ]; then
|
||||
HOSTNAME=`cat /etc/sysconfig/hostname`
|
||||
else
|
||||
. %{_sysconfdir}/sysconfig/network
|
||||
fi
|
||||
ldap_hostname=${HOSTNAME/.*}
|
||||
ldap_domain=${HOSTNAME/*.}
|
||||
if [ "$ldap_hostname" ]; then
|
||||
[ "$ldap_domain" ] || ldap_domain=local
|
||||
suffix="dc=${ldap_hostname},dc=${ldap_domain}"
|
||||
rootdn="cn=Manager,${suffix}"
|
||||
sed -i "s|cn=Manager,dc=my-domain,dc=com|${rootdn}|
|
||||
s|dc=my-domain,dc=com|${suffix}|" \
|
||||
%{_sysconfdir}/openldap/slapd.conf
|
||||
fi
|
||||
chkconfig --add openldap
|
||||
systemctl enable openldap.service -q
|
||||
fi
|
||||
if [ $1 -gt 1 ]; then
|
||||
# update
|
||||
sed -i "s|/var/run/openldap|/run/openldap|" %{_sysconfdir}/openldap/slapd.conf
|
||||
if [ -f /var/lib/ldap/openldap-data/ldap-backup.rpm_update ]; then
|
||||
# update from previous LDAP version (rebuild database)
|
||||
echo "Backing up current ldap bdb files into /var/lib/ldap/openldap-data/backup-2.1"
|
||||
mkdir -p /var/lib/ldap/openldap-data/backup-2.1
|
||||
mv /var/lib/ldap/openldap-data/*.bdb /var/lib/ldap/openldap-data/backup-2.1
|
||||
mv /var/lib/ldap/openldap-data/log* /var/lib/ldap/openldap-data/backup-2.1
|
||||
mv /var/lib/ldap/openldap-data/__db.* /var/lib/ldap/openldap-data/backup-2.1
|
||||
echo "Restoring ldap information into new ldap server"
|
||||
slapadd < /var/lib/ldap/openldap-data/ldap-backup.rpm_update
|
||||
chown ldap.ldap /var/lib/ldap/openldap-data/*
|
||||
mv /var/lib/ldap/openldap-data/ldap-backup.rpm_update /var/lib/ldap/openldap-data/backup-2.1
|
||||
fi
|
||||
fi
|
||||
if [ $1 -ge 1 ]; then
|
||||
systemctl daemon-reload -q
|
||||
fi
|
||||
exit 0
|
||||
|
||||
%preun -n %{name}-server
|
||||
#erase
|
||||
if [ $1 -eq 0 ]; then
|
||||
service openldap stop
|
||||
chkconfig --del openldap
|
||||
systemctl disable openldap.service -q
|
||||
systemctl daemon-reload -q
|
||||
fi
|
||||
exit 0
|
||||
|
||||
fi
|
||||
exit 0
|
||||
|
||||
%postun -n %{name}-server
|
||||
#update
|
||||
if [ $1 -eq 1 ]; then
|
||||
service openldap condrestart
|
||||
fi
|
||||
exit 0
|
||||
|
||||
%files -n lib%{name}
|
||||
%defattr(-,root,root)
|
||||
%config(noreplace) %{_sysconfdir}/openldap/ldap.conf
|
||||
%{_bindir}/ldapurl
|
||||
%{_libdir}/*.so.*
|
||||
%doc COPYRIGHT LICENSE
|
||||
|
||||
%files -n lib%{name}-devel
|
||||
%defattr(-,root,root)
|
||||
%{_includedir}/*
|
||||
%{_libdir}/*.so
|
||||
%{_libdir}/*.a
|
||||
%{_libdir}/*.la
|
||||
%doc doc/devel/* doc/drafts/draft*.txt doc/rfc/rfc*.txt
|
||||
%doc ANNOUNCEMENT CHANGES README
|
||||
|
||||
%files clients
|
||||
%defattr(-,root,root)
|
||||
%{_bindir}/ldapexop
|
||||
%{_bindir}/ldapadd
|
||||
%{_bindir}/ldapdelete
|
||||
%{_bindir}/ldapmodify
|
||||
%{_bindir}/ldapmodrdn
|
||||
%{_bindir}/ldappasswd
|
||||
%{_bindir}/ldapsearch
|
||||
#%{_bindir}/saucer
|
||||
#%{_bindir}/ud
|
||||
%{_mandir}/man1/*
|
||||
%{_mandir}/man5/*
|
||||
|
||||
%files server
|
||||
%defattr(-,root,root)
|
||||
%dir %{_sysconfdir}/openldap
|
||||
%{_sysconfdir}/openldap/DB_CONFIG.example
|
||||
%{_sysconfdir}/openldap/slapd.ldif
|
||||
%config(noreplace) %attr(640,root,ldap) %{_sysconfdir}/openldap/slapd.conf
|
||||
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/openldap
|
||||
%dir %{_sysconfdir}/openldap/schema
|
||||
%{_sysconfdir}/openldap/schema/*
|
||||
%{_initrddir}/openldap
|
||||
%{_bindir}/ldapcompare
|
||||
%{_bindir}/ldapwhoami
|
||||
%{_sbindir}/slapacl
|
||||
%{_sbindir}/slapadd
|
||||
%{_sbindir}/slapauth
|
||||
%{_sbindir}/slapcat
|
||||
%{_sbindir}/slapd
|
||||
%{_sbindir}/slapdn
|
||||
%{_sbindir}/slapindex
|
||||
%{_sbindir}/slappasswd
|
||||
%{_sbindir}/slapschema
|
||||
%{_sbindir}/slaptest
|
||||
#%{_sbindir}/slurpd
|
||||
/lib/systemd/system/openldap.service
|
||||
%_tmpfilesdir/openldap.conf
|
||||
#%{_datadir}/openldap/ucdata/*
|
||||
%dir %attr(700,ldap,ldap) /var/lib/openldap-data
|
||||
#%dir %attr(700,ldap,ldap) /var/run/openldap
|
||||
%config(noreplace) /var/lib/openldap-data/DB_CONFIG
|
||||
%{_mandir}/man3/*
|
||||
%{_mandir}/man8/*
|
||||
|
||||
%changelog
|
||||
* Tue Jan 28 2014 Automatic Build System <autodist@mambasoft.it> 2.4.39-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Mon Nov 18 2013 Automatic Build System <autodist@mambasoft.it> 2.4.38-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Mon Oct 28 2013 Automatic Build System <autodist@mambasoft.it> 2.4.37-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Mon Aug 19 2013 Automatic Build System <autodist@mambasoft.it> 2.4.36-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Sat Apr 27 2013 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.35-3mamba
|
||||
- move pid to /run, remove timeout in service file, add tmpfiles.d file for /run/openldap
|
||||
|
||||
* Fri Apr 12 2013 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.35-2mamba
|
||||
- added systemd service file
|
||||
|
||||
* Mon Apr 01 2013 Automatic Build System <autodist@mambasoft.it> 2.4.35-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Thu Mar 07 2013 Automatic Build System <autodist@mambasoft.it> 2.4.34-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Wed Oct 10 2012 Automatic Build System <autodist@mambasoft.it> 2.4.33-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Wed Aug 01 2012 Automatic Build System <autodist@mambasoft.it> 2.4.32-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Wed May 02 2012 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.31-2mamba
|
||||
- rebuilt with libsasl 2.1.25
|
||||
|
||||
* Tue Apr 24 2012 Automatic Build System <autodist@mambasoft.it> 2.4.31-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Mon Mar 12 2012 Automatic Build System <autodist@mambasoft.it> 2.4.30-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Mon Jul 25 2011 Automatic Build System <autodist@mambasoft.it> 2.4.26-1mamba
|
||||
- automatic version update by autodist
|
||||
|
||||
* Sun Jun 19 2011 Automatic Build System <autodist@mambasoft.it> 2.4.25-1mamba
|
||||
- automatic update by autodist
|
||||
|
||||
* Wed Mar 09 2011 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.24-1mamba
|
||||
- update to 2.4.24
|
||||
- remove slurpd support in initscript
|
||||
- restore upstream slapd.conf
|
||||
|
||||
* Mon Jul 19 2010 Automatic Build System <autodist@mambasoft.it> 2.4.23-1mamba
|
||||
- automatic update to 2.4.23 by autodist
|
||||
|
||||
* Tue Jun 29 2010 Automatic Build System <autodist@mambasoft.it> 2.4.22-2mamba
|
||||
- automatic rebuild by autodist
|
||||
|
||||
* Mon Jun 21 2010 Automatic Build System <autodist@mambasoft.it> 2.4.22-1mamba
|
||||
- automatic update by autodist
|
||||
|
||||
* Tue Feb 09 2010 Automatic Build System <autodist@mambasoft.it> 2.4.21-1mamba
|
||||
- automatic update by autodist
|
||||
|
||||
* Fri Nov 06 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.19-2mamba
|
||||
- rebuilt with evolution patch for ntlm support
|
||||
|
||||
* Fri Oct 23 2009 Automatic Build System <autodist@mambasoft.it> 2.4.19-1mamba
|
||||
- automatic update by autodist
|
||||
|
||||
* Thu Oct 01 2009 Automatic Build System <autodist@mambasoft.it> 2.4.18-1mamba
|
||||
- automatic update by autodist
|
||||
|
||||
* Wed Jul 29 2009 Automatic Build System <autodist@mambasoft.it> 2.4.17-1mamba
|
||||
- automatic update by autodist
|
||||
|
||||
* Sun Apr 12 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.16-1mamba
|
||||
- automatic update to 2.4.16 by autodist
|
||||
|
||||
* Mon Mar 02 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.15-1mamba
|
||||
- automatic update by autodist
|
||||
|
||||
* Tue Dec 30 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.13-1mamba
|
||||
- automatic update by autodist
|
||||
|
||||
* Sun Sep 07 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.11-1mamba
|
||||
- automatic update to 2.4.11 by autodist
|
||||
|
||||
* Tue Jun 17 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.10-1mamba
|
||||
- update to 2.4.10
|
||||
- libopenldap: removed strict requirement for libsasl with version
|
||||
|
||||
* Fri Feb 15 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.7-2mamba
|
||||
- remove libopenldap dependency on initscripts
|
||||
|
||||
* Mon Jan 21 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.7-1mamba
|
||||
- update to 2.4.7
|
||||
- /etc/ldap.conf moved from server to library package
|
||||
|
||||
* Wed May 24 2006 Davide Madrisan <davide.madrisan@qilinux.it> 2.2.30-2qilnx
|
||||
- fixed a stack-based buffer overflow discovered by Secunia (qibug#175)
|
||||
|
||||
* Wed Dec 21 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.30-1qilnx
|
||||
- update to version 2.2.30 by autospec
|
||||
|
||||
* Mon Nov 07 2005 Stefano Cotta Ramusino <stefano.cotta@qilinux.it> 2.2.29-1qilnx
|
||||
- update to version 2.2.29 by autospec
|
||||
|
||||
* Fri Sep 16 2005 Davide Madrisan <davide.madrisan@qilinux.it> 2.2.27-3qilnx
|
||||
- patch for NTLM support
|
||||
|
||||
* Thu Sep 15 2005 Davide Madrisan <davide.madrisan@qilinux.it> 2.2.27-2qilnx
|
||||
- rebuilt to fix: libldap_r.so: undefined reference to `pthread_kill'
|
||||
|
||||
* Wed Jun 15 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.27-1qilnx
|
||||
- update to version 2.2.27 by autospec
|
||||
|
||||
* Tue Jan 11 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.20-1qilnx
|
||||
- update to version 2.2.20 by autospec
|
||||
|
||||
* Thu Dec 09 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.19-3qilnx
|
||||
- don't start service on install
|
||||
- use <service> condrestart instead of restart on update
|
||||
|
||||
* Mon Dec 06 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.19-2qilnx
|
||||
- test build for upgrade
|
||||
|
||||
* Mon Dec 06 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.19-1qilnx
|
||||
- new version build
|
||||
|
||||
* Thu Oct 28 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.18-2qilnx
|
||||
- added ldap update scripts for update from version 2.1 to 2.2 (=libdb4 to libdb42)
|
||||
|
||||
* Thu Oct 28 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.2.18-1qilnx
|
||||
- new version build
|
||||
|
||||
* Fri Jul 09 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.30-2qilnx
|
||||
- require user authentication to read passwords
|
||||
|
||||
* Thu Apr 22 2004 Davide Madrisan <davide.madrisan@qilinux.it> 2.1.30-1qilnx
|
||||
- new version rebuild
|
||||
|
||||
* Mon Apr 05 2004 Davide Madrisan <davide.madrisan@qilinux.it> 2.1.29-1qilnx
|
||||
- new version rebuild
|
||||
|
||||
* Sat Mar 20 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.27-1qilnx
|
||||
- new version build
|
||||
- logrotate added
|
||||
|
||||
* Wed Feb 11 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.26-2qilnx
|
||||
- added initscript code to execute db_recover before ldap server
|
||||
|
||||
* Tue Feb 03 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.26-1qilnx
|
||||
- new version rebuild
|
||||
- added initscript code to remove bdb cache files on service startup
|
||||
|
||||
* Wed Jan 21 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.25-1qilnx
|
||||
- new version rebuild
|
||||
|
||||
* Mon Nov 24 2003 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.23-3qilnx
|
||||
- changed default password scheme to SSHA (was cleartext)
|
||||
- removed initscript reload (not supported by slapd)
|
||||
|
||||
* Fri Nov 21 2003 Davide Madrisan <davide.madrisan@qilinux.it> 2.1.23-2qilnx
|
||||
- added missing 'Requires'; specfile updates; added documentation and
|
||||
OpenLDAP license files
|
||||
|
||||
* Thu Nov 13 2003 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.23-1qilnx
|
||||
- new version rebuild
|
||||
- added compilation flags for features including sasl
|
||||
|
||||
* Mon Sep 29 2003 Silvan Calarco <silvan.calarco@mambasoft.it> 2.1.22-4qilnx
|
||||
- added configure and make C_INCLUDE_PATH to support db4 includes
|
||||
- removed ldap log dir waiting for a way that doesn't use syslog but its own directory
|
||||
|
||||
* Mon Sep 15 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.22-3qilnx
|
||||
- added support for crypt password
|
||||
|
||||
* Fri Jul 25 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.22-2qilnx
|
||||
- modified ldap.conf and initscript to correctly support TLS connections
|
||||
|
||||
* Thu Jul 24 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.22-1qilnx
|
||||
- first build for 2.1.22
|
||||
|
||||
* Fri Jun 27 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-8qilnx
|
||||
- deactivated misc.schema from default configuration
|
||||
|
||||
* Wed Jun 25 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-7qilnx
|
||||
- added "new-style" %%post and %%pre scripts
|
||||
|
||||
* Wed Jun 11 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-6qilnx
|
||||
- fixed initscript chkconfig configuration
|
||||
|
||||
* Tue Jun 06 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-5qilnx
|
||||
- added schema includes in slapd.conf
|
||||
- removed .orig config files
|
||||
|
||||
* Tue May 27 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-4qilnx
|
||||
- added ldap user creation
|
||||
|
||||
* Tue May 27 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-3qilnx
|
||||
- added configuration file patch to support pid dir and lib dir (logdir
|
||||
doesn't work yet!)
|
||||
|
||||
* Tue May 06 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.1.17-2qilnx
|
||||
- added build requirements
|
||||
- fixed sysconfdir location
|
||||
|
||||
* Tue Apr 22 2003 Luca Tinelli <luca.tinelli@qinet.it>
|
||||
- first build
|
2
openldap.tmpfiles
Normal file
2
openldap.tmpfiles
Normal file
@ -0,0 +1,2 @@
|
||||
# openldap runtime directory for slapd.arg and slapd.pid
|
||||
d /run/openldap 0755 ldap ldap -
|
Loading…
Reference in New Issue
Block a user