From 592c0aa45b3f79b64c5ae595dbc33f1a9710472a Mon Sep 17 00:00:00 2001 From: Silvan Calarco Date: Sat, 6 Jan 2024 08:13:21 +0100 Subject: [PATCH] legacy package [release 2.4.58-2mamba;Tue Jun 15 2021] --- README.md | 2 + openldap-2.2.15-conf | 89 ++++ openldap-2.4.24-default_config.patch | 22 + openldap-2.4.43-liblmdb-installdirs.patch | 24 + openldap-2.4.44-liblmdb-soname.patch | 28 + openldap-2.4.6-evolution-ntlm.patch | 192 +++++++ openldap-initscript | 83 +++ openldap-logrotate | 8 + openldap.service | 14 + openldap.tmpfiles | 2 + openldap24.spec | 618 ++++++++++++++++++++++ 11 files changed, 1082 insertions(+) create mode 100644 openldap-2.2.15-conf create mode 100644 openldap-2.4.24-default_config.patch create mode 100644 openldap-2.4.43-liblmdb-installdirs.patch create mode 100644 openldap-2.4.44-liblmdb-soname.patch create mode 100644 openldap-2.4.6-evolution-ntlm.patch create mode 100644 openldap-initscript create mode 100644 openldap-logrotate create mode 100644 openldap.service create mode 100644 openldap.tmpfiles create mode 100644 openldap24.spec diff --git a/README.md b/README.md index 36e3e9d..9302c1e 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,4 @@ # openldap24 +OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol. + diff --git a/openldap-2.2.15-conf b/openldap-2.2.15-conf new file mode 100644 index 0000000..c9f5b5a --- /dev/null +++ b/openldap-2.2.15-conf @@ -0,0 +1,89 @@ +# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $ +# +# See slapd.conf(5) for details on configuration options. +# This file should NOT be world readable. +# +include %SYSCONFDIR%/schema/core.schema +include %SYSCONFDIR%/schema/cosine.schema +include %SYSCONFDIR%/schema/inetorgperson.schema +include %SYSCONFDIR%/schema/corba.schema +include %SYSCONFDIR%/schema/java.schema +include %SYSCONFDIR%/schema/nis.schema +include %SYSCONFDIR%/schema/openldap.schema + +# Define global ACLs to disable default read access. + +# Do not enable referrals until AFTER you have a working directory +# service AND an understanding of referrals. +#referral ldap://root.openldap.org + +pidfile /run/ldap/slapd.pid +argsfile /run/ldap/slapd.args + +# Load dynamic backend modules: +# modulepath %MODULEDIR% +# moduleload back_bdb.la +# moduleload back_ldap.la +# moduleload back_ldbm.la +# moduleload back_passwd.la +# moduleload back_shell.la + +# Sample security restrictions +# Require integrity protection (prevent hijacking) +# Require 112-bit (3DES or better) encryption for updates +# Require 63-bit encryption for simple bind +# security ssf=1 update_ssf=112 simple_bind=64 + +# Sample access control policy: +# Root DSE: allow anyone to read it +# Subschema (sub)entry DSE: allow anyone to read it +# Other DSEs: +# Allow self write access +# Allow authenticated users read access +# Allow anonymous users to authenticate +# Directives needed to implement policy: +# access to dn.base="" by * read +# access to dn.base="cn=Subschema" by * read +# access to * +# by self write +# by users read +# by anonymous auth +# +# if no access controls are present, the default policy is: +# Allow read by all +# +# rootdn can always write! + +####################################################################### +# ldbm database definitions +####################################################################### + +database bdb +suffix "dc=my-domain,dc=com" +rootdn "cn=Manager,dc=my-domain,dc=com" +# Cleartext passwords, especially for the rootdn, should +# be avoid. See slappasswd(8) and slapd.conf(5) for details. +# Use of strong authentication encouraged. +rootpw secret +# The database directory MUST exist prior to running slapd AND +# should only be accessible by the slapd and slap tools. +# Mode 700 recommended. +directory %LOCALSTATEDIR%/lib/ldap/openldap-data +# Indices to maintain +index objectClass eq +# +# Allow users to change own password +# - Manager can change any password +# - Any users who have valid username+password may login +# +access to attr=userPassword + by self write + by dn="cn=Manager,$DND" write + by * auth +access to * + by dn="cn=Manager,$DND" write + by * read +# +# Hash password by default +# +password-hash {SSHA} diff --git a/openldap-2.4.24-default_config.patch b/openldap-2.4.24-default_config.patch new file mode 100644 index 0000000..14d9d04 --- /dev/null +++ b/openldap-2.4.24-default_config.patch @@ -0,0 +1,22 @@ +diff -Nru openldap-2.4.24.orig//servers/slapd/slapd.conf openldap-2.4.24/servers/slapd/slapd.conf +--- openldap-2.4.24.orig//servers/slapd/slapd.conf 2007-02-13 21:22:22.000000000 +0100 ++++ openldap-2.4.24/servers/slapd/slapd.conf 2011-03-09 20:38:55.822787816 +0100 +@@ -10,8 +10,8 @@ + # service AND an understanding of referrals. + #referral ldap://root.openldap.org + +-pidfile %LOCALSTATEDIR%/run/slapd.pid +-argsfile %LOCALSTATEDIR%/run/slapd.args ++pidfile %LOCALSTATEDIR%/run/openldap/slapd.pid ++argsfile %LOCALSTATEDIR%/run/openldap/slapd.args + + # Load dynamic backend modules: + # modulepath %MODULEDIR% +@@ -60,6 +60,6 @@ + # The database directory MUST exist prior to running slapd AND + # should only be accessible by the slapd and slap tools. + # Mode 700 recommended. +-directory %LOCALSTATEDIR%/openldap-data ++directory %LOCALSTATEDIR%/lib/openldap-data + # Indices to maintain + index objectClass eq diff --git a/openldap-2.4.43-liblmdb-installdirs.patch b/openldap-2.4.43-liblmdb-installdirs.patch new file mode 100644 index 0000000..eb4e983 --- /dev/null +++ b/openldap-2.4.43-liblmdb-installdirs.patch @@ -0,0 +1,24 @@ +--- openldap-2.4.43/libraries/liblmdb/Makefile.orig 2016-01-01 21:06:16.297023647 +0100 ++++ openldap-2.4.43/libraries/liblmdb/Makefile 2016-01-01 21:07:02.919683678 +0100 +@@ -28,7 +28,9 @@ + SOLIBS = + SONAME = liblmdb.so.0 + prefix = /usr/local +-mandir = $(prefix)/man ++libdir = $(prefix)/lib ++datadir = $(prefix)/share ++mandir = $(datadir)/man + + ######################################################################## + +@@ -45,8 +47,8 @@ + mkdir -p $(DESTDIR)$(prefix)/include + mkdir -p $(DESTDIR)$(prefix)/man/man1 + for f in $(IPROGS); do cp $$f $(DESTDIR)$(prefix)/bin; done +- for f in $(ILIBS); do cp $$f $(DESTDIR)$(prefix)/lib; done +- for f in $(IHDRS); do cp $$f $(DESTDIR)$(prefix)/include; done ++ for f in $(ILIBS); do cp $$f $(DESTDIR)$(libdir); done ++ for f in $(IHDRS); do cp $$f $(DESTDIR)$(prefix)/include; done + for f in $(IDOCS); do cp $$f $(DESTDIR)$(mandir)/man1; done + + clean: diff --git a/openldap-2.4.44-liblmdb-soname.patch b/openldap-2.4.44-liblmdb-soname.patch new file mode 100644 index 0000000..cf92a37 --- /dev/null +++ b/openldap-2.4.44-liblmdb-soname.patch @@ -0,0 +1,28 @@ +--- openldap-2.4.44/libraries/liblmdb/Makefile.orig 2016-02-06 00:57:45.000000000 +0100 ++++ openldap-2.4.44/libraries/liblmdb/Makefile 2016-06-18 14:03:44.434349219 +0200 +@@ -26,6 +26,7 @@ + CFLAGS = $(THREADS) $(OPT) $(W) $(XCFLAGS) + LDLIBS = + SOLIBS = ++SONAME = liblmdb.so.0 + prefix = /usr/local + exec_prefix = $(prefix) + bindir = $(exec_prefix)/bin +@@ -37,7 +38,7 @@ + ######################################################################## + + IHDRS = lmdb.h +-ILIBS = liblmdb.a liblmdb.so ++ILIBS = liblmdb.a $(SONAME) + IPROGS = mdb_stat mdb_copy mdb_dump mdb_load + IDOCS = mdb_stat.1 mdb_copy.1 mdb_dump.1 mdb_load.1 + PROGS = $(IPROGS) mtest mtest2 mtest3 mtest4 mtest5 +@@ -63,7 +64,7 @@ + liblmdb.a: mdb.o midl.o + $(AR) rs $@ mdb.o midl.o + +-liblmdb.so: mdb.lo midl.lo ++$(SONAME): mdb.lo midl.lo + # $(CC) $(LDFLAGS) -pthread -shared -Wl,-Bsymbolic -o $@ mdb.o midl.o $(SOLIBS) + $(CC) $(LDFLAGS) -pthread -shared -o $@ mdb.lo midl.lo $(SOLIBS) + diff --git a/openldap-2.4.6-evolution-ntlm.patch b/openldap-2.4.6-evolution-ntlm.patch new file mode 100644 index 0000000..33ff29e --- /dev/null +++ b/openldap-2.4.6-evolution-ntlm.patch @@ -0,0 +1,192 @@ +diff -up evo-openldap-2.4.14/include/ldap.h.evolution-ntlm evo-openldap-2.4.14/include/ldap.h +--- evo-openldap-2.4.14/include/ldap.h.evolution-ntlm 2009-01-27 00:29:53.000000000 +0100 ++++ evo-openldap-2.4.14/include/ldap.h 2009-02-17 10:10:00.000000000 +0100 +@@ -2461,5 +2461,26 @@ ldap_parse_deref_control LDAP_P(( + LDAPControl **ctrls, + LDAPDerefRes **drp )); + ++/* ++ * hacks for NTLM ++ */ ++#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU) ++#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU) ++LDAP_F( int ) ++ldap_ntlm_bind LDAP_P(( ++ LDAP *ld, ++ LDAP_CONST char *dn, ++ ber_tag_t tag, ++ struct berval *cred, ++ LDAPControl **sctrls, ++ LDAPControl **cctrls, ++ int *msgidp )); ++LDAP_F( int ) ++ldap_parse_ntlm_bind_result LDAP_P(( ++ LDAP *ld, ++ LDAPMessage *res, ++ struct berval *challenge)); ++ ++ + LDAP_END_DECL + #endif /* _LDAP_H */ +diff -up evo-openldap-2.4.14/libraries/libldap/Makefile.in.evolution-ntlm evo-openldap-2.4.14/libraries/libldap/Makefile.in +--- evo-openldap-2.4.14/libraries/libldap/Makefile.in.evolution-ntlm 2009-01-27 00:29:53.000000000 +0100 ++++ evo-openldap-2.4.14/libraries/libldap/Makefile.in 2009-02-17 10:10:00.000000000 +0100 +@@ -20,7 +20,7 @@ PROGRAMS = apitest dntest ftest ltest ur + SRCS = bind.c open.c result.c error.c compare.c search.c \ + controls.c messages.c references.c extended.c cyrus.c \ + modify.c add.c modrdn.c delete.c abandon.c \ +- sasl.c gssapi.c sbind.c unbind.c cancel.c \ ++ sasl.c ntlm.c gssapi.c sbind.c unbind.c cancel.c \ + filter.c free.c sort.c passwd.c whoami.c \ + getdn.c getentry.c getattr.c getvalues.c addentry.c \ + request.c os-ip.c url.c pagectrl.c sortctrl.c vlvctrl.c \ +@@ -33,7 +33,7 @@ SRCS = bind.c open.c result.c error.c co + OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \ + controls.lo messages.lo references.lo extended.lo cyrus.lo \ + modify.lo add.lo modrdn.lo delete.lo abandon.lo \ +- sasl.lo gssapi.lo sbind.lo unbind.lo cancel.lo \ ++ sasl.lo ntlm.lo gssapi.lo sbind.lo unbind.lo cancel.lo \ + filter.lo free.lo sort.lo passwd.lo whoami.lo \ + getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \ + request.lo os-ip.lo url.lo pagectrl.lo sortctrl.lo vlvctrl.lo \ +diff -up /dev/null evo-openldap-2.4.14/libraries/libldap/ntlm.c +--- /dev/null 2009-02-17 09:19:52.829004420 +0100 ++++ evo-openldap-2.4.14/libraries/libldap/ntlm.c 2009-02-17 10:10:00.000000000 +0100 +@@ -0,0 +1,137 @@ ++/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */ ++/* ++ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. ++ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file ++ */ ++ ++/* Mostly copied from sasl.c */ ++ ++#include "portable.h" ++ ++#include ++#include ++ ++#include ++#include ++#include ++#include ++ ++#include "ldap-int.h" ++ ++int ++ldap_ntlm_bind( ++ LDAP *ld, ++ LDAP_CONST char *dn, ++ ber_tag_t tag, ++ struct berval *cred, ++ LDAPControl **sctrls, ++ LDAPControl **cctrls, ++ int *msgidp ) ++{ ++ BerElement *ber; ++ int rc; ++ ber_int_t id; ++ ++ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 ); ++ ++ assert( ld != NULL ); ++ assert( LDAP_VALID( ld ) ); ++ assert( msgidp != NULL ); ++ ++ if( msgidp == NULL ) { ++ ld->ld_errno = LDAP_PARAM_ERROR; ++ return ld->ld_errno; ++ } ++ ++ /* create a message to send */ ++ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { ++ ld->ld_errno = LDAP_NO_MEMORY; ++ return ld->ld_errno; ++ } ++ ++ assert( LBER_VALID( ber ) ); ++ ++ LDAP_NEXT_MSGID( ld, id ); ++ rc = ber_printf( ber, "{it{istON}" /*}*/, ++ id, LDAP_REQ_BIND, ++ ld->ld_version, dn, tag, ++ cred ); ++ ++ /* Put Server Controls */ ++ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) { ++ ber_free( ber, 1 ); ++ return ld->ld_errno; ++ } ++ ++ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) { ++ ld->ld_errno = LDAP_ENCODING_ERROR; ++ ber_free( ber, 1 ); ++ return ld->ld_errno; ++ } ++ ++ /* send the message */ ++ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id ); ++ ++ if(*msgidp < 0) ++ return ld->ld_errno; ++ ++ return LDAP_SUCCESS; ++} ++ ++int ++ldap_parse_ntlm_bind_result( ++ LDAP *ld, ++ LDAPMessage *res, ++ struct berval *challenge) ++{ ++ ber_int_t errcode; ++ ber_tag_t tag; ++ BerElement *ber; ++ ber_len_t len; ++ ++ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 ); ++ ++ assert( ld != NULL ); ++ assert( LDAP_VALID( ld ) ); ++ assert( res != NULL ); ++ ++ if ( ld == NULL || res == NULL ) { ++ return LDAP_PARAM_ERROR; ++ } ++ ++ if( res->lm_msgtype != LDAP_RES_BIND ) { ++ ld->ld_errno = LDAP_PARAM_ERROR; ++ return ld->ld_errno; ++ } ++ ++ if ( ld->ld_error ) { ++ LDAP_FREE( ld->ld_error ); ++ ld->ld_error = NULL; ++ } ++ if ( ld->ld_matched ) { ++ LDAP_FREE( ld->ld_matched ); ++ ld->ld_matched = NULL; ++ } ++ ++ /* parse results */ ++ ++ ber = ber_dup( res->lm_ber ); ++ ++ if( ber == NULL ) { ++ ld->ld_errno = LDAP_NO_MEMORY; ++ return ld->ld_errno; ++ } ++ ++ tag = ber_scanf( ber, "{ioa" /*}*/, ++ &errcode, challenge, &ld->ld_error ); ++ ber_free( ber, 0 ); ++ ++ if( tag == LBER_ERROR ) { ++ ld->ld_errno = LDAP_DECODING_ERROR; ++ return ld->ld_errno; ++ } ++ ++ ld->ld_errno = errcode; ++ ++ return( ld->ld_errno ); ++} diff --git a/openldap-initscript b/openldap-initscript new file mode 100644 index 0000000..5d999d3 --- /dev/null +++ b/openldap-initscript @@ -0,0 +1,83 @@ +#!/bin/bash +# +# ldap This shell script takes care of starting and stopping ldap server (slapd). +# +# chkconfig: 2345 35 65 +# description: LDAP stands for Lightweight Directory Access Protocol, used \ +# for implementing the industry standard directory services. +# processname: slapd +# config: /etc/openldap/slapd.conf +# pidfile: /var/run/slapd.pid + +# source function library +. /etc/init.d/functions + +[ -x /usr/bin/db_recover-51 ] && DB_RECOVER=db_recover-51 || DB_RECOVER=db_recover + +# source an auxiliary options file if we have one, and pick up OPTIONS, +# SLAPD_OPTIONS, and SLURPD_OPTIONS +[ -r /etc/sysconfig/ldap ] && . /etc/sysconfig/ldap + +slapd=/usr/sbin/slapd +[ -x ${slapd} ] || exit 0 + +RETVAL=0 + +function start() { + # fix bdb errors + [ -e "/var/lib/ldap/openldap-data/__db.001" ] && \ + $DB_RECOVER -h /var/lib/ldap/openldap-data + # start daemons + prog=`basename ${slapd}` + echo -n $"Starting $prog: " + if grep -q ^TLS /etc/openldap/slapd.conf; then + ${slapd} -u ldap -h "ldaps:/// ldap:///" $OPTIONS $SLAPD_OPTIONS + else + ${slapd} -u ldap $OPTIONS $SLAPD_OPTIONS + fi + evaluate_retval + echo + [ $RETVAL -eq 0 ] && touch /var/lock/subsys/ldap + return $RETVAL +} + +function stop() { + # stop daemons + prog=`basename ${slapd}` + echo -n $"Stopping $prog: " + killproc ${slapd} + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && + rm -f /var/lock/subsys/ldap /var/run/ldap/slapd.args + return $RETVAL +} + +# See how we were called. +case "$1" in + start) + start + ;; + stop) + stop + ;; + status) + status ${slapd} + ;; + restart) + stop + start + ;; + condrestart) + if [ -f /var/lock/subsys/ldap ]; then + stop + start + fi + ;; + *) + echo $"Usage: $0 {start|stop|restart|status|condrestart}" + RETVAL=1 +esac + +exit $RETVAL + diff --git a/openldap-logrotate b/openldap-logrotate new file mode 100644 index 0000000..bccb0c9 --- /dev/null +++ b/openldap-logrotate @@ -0,0 +1,8 @@ +/var/log/ldap.log { + weekly + rotate 5 + copytruncate + compress + notifempty + missingok +} diff --git a/openldap.service b/openldap.service new file mode 100644 index 0000000..ebc49af --- /dev/null +++ b/openldap.service @@ -0,0 +1,14 @@ +[Unit] +Description=OpenLDAP Server Daemon +After=syslog.target network.target + +[Service] +Type=forking +PIDFile=/run/openldap/slapd.pid +Environment="SLAPD_URLS=ldap:/// ldapi:///" "SLAPD_OPTIONS=" +EnvironmentFile=/etc/sysconfig/ldap +#ExecStartPre=/usr/libexec/slapd/check-config.sh +ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS + +[Install] +WantedBy=multi-user.target diff --git a/openldap.tmpfiles b/openldap.tmpfiles new file mode 100644 index 0000000..634cea1 --- /dev/null +++ b/openldap.tmpfiles @@ -0,0 +1,2 @@ +# openldap runtime directory for slapd.arg and slapd.pid +d /run/openldap 0755 ldap ldap - diff --git a/openldap24.spec b/openldap24.spec new file mode 100644 index 0000000..0d7278e --- /dev/null +++ b/openldap24.spec @@ -0,0 +1,618 @@ +Name: openldap24 +Version: 2.4.58 +Release: 2mamba +Group: System/Servers +Summary: An open source implementation of the Lightweight Directory Access Protocol +Vendor: openmamba +Distribution: openmamba +Packager: Silvan Calarco +URL: https://www.openldap.org +Source0: ftp://ftp.openldap.org/pub/OpenLDAP/%{name}-release/openldap-%{version}.tgz +Source1: openldap-initscript +Source2: openldap-logrotate +Source3: openldap-2.2.15-conf +Source4: openldap.service +Source5: openldap.tmpfiles +# patch from Novell developers (evolution-exchange-2.4.0/docs/openldap-ntlm.diff) +Patch0: openldap-2.4.6-evolution-ntlm.patch +Patch2: openldap-2.4.24-default_config.patch +Patch3: openldap-2.4.44-liblmdb-soname.patch +Patch4: openldap-2.4.43-liblmdb-installdirs.patch +License: OpenLDAP Public License +## AUTOBUILDREQ-BEGIN +BuildRequires: glibc-devel +BuildRequires: libdb53-devel +BuildRequires: libe2fs-devel +BuildRequires: libkrb5-devel +BuildRequires: libltdl-devel +BuildRequires: libopenssl-devel +BuildRequires: libsasl2-devel +BuildRequires: libuuid-devel +## AUTOBUILDREQ-END +BuildRequires: libsasl-devel >= 2.1.26 +BuildRequires: libreadline-devel >= 4.3 +BuildRequires: systemd-devel +Requires: libopenldap = %{version}-%{release} + +%description +OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol. + +%package -n lib%{name} +Summary: OpenLDAP libraries +Group: System/Libraries +# requires latest SASL libraries +Requires: libsasl >= 2.1.25 + +%description -n lib%{name} +OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol. +This package contains the OpenLDAP libraries. + +%package -n lib%{name}-devel +Summary: OpenLDAP development files +Group: Development/Libraries +Requires: lib%{name} = %{version}-%{release} + +%description -n lib%{name}-devel +OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol. +This package contains static libraries and header files need for development. + +%package clients +Summary: OpenLDAP clients +Group: System/Libraries +Requires: lib%{name} = %{version}-%{release} + +%description clients +OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol. +This package contains the OpenLDAP clients and related files. + +%package server +Summary: OpenLDAP server +Group: System/Libraries +Requires: lib%{name} = %{version}-%{release} + +%description server +OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol. +This package contains the OpenLDAP server and related files. + +%package -n liblmdb +Summary: OpenLDAP lmdb library +Group: System/Libraries + +%description -n liblmdb +OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol. +This package contains the lmdb library. + +%package -n liblmdb-tools +Summary: OpenLDAP lmdb library tools +Group: System/Tools +Requires: liblmdb = %{version}-%{release} + +%description -n liblmdb-tools +OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol. +This package contains the lmdb library tools. + +%package -n liblmdb-devel +Summary: liblmdb development files +Group: Development/Libraries +Requires: liblmdb = %{version}-%{release} + +%description -n liblmdb-devel +OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol. +This package contains static libraries and header files needed for development. + +%debug_package + +%prep +%setup -q -n openldap-%{version} +#-D -T +#:<< _EOF +#cp %{SOURCE3} servers/slapd/slapd.conf +%patch0 -p1 -b .ntlm +%patch2 -p1 +#%patch3 -p1 +#%patch4 -p1 + +%build +#:<< _EOF +%configure \ + --libexecdir=%{_sbindir} \ + --localstatedir=%{_localstatedir} \ + --with-cyrus-sasl \ + --enable-slapd \ + --enable-crypt \ + --enable-lmpasswd \ + --enable-spasswd \ + --enable-passwd \ + --enable-modules \ + --enable-rewrite \ + --enable-dynamic \ + --enable-mdb + +# --enable-rlookups \ + +%make CC=%{_host}-gcc + +%make + +#-C libraries/liblmdb SOLIBS="-Wl,-soname,liblmdb.so.0" + +%install +[ "%{buildroot}" != / ] && rm -rf "%{buildroot}" +%makeinstall +# Fix missing -x permission +chmod +x %{buildroot}%{_libdir}/lib*.so.* + +install -d %{buildroot}/var/lib/openldap-data +#install -d %{buildroot}/var/run/openldap/ + +#install -D -m 755 %{SOURCE1} %{buildroot}%{_initrddir}/%{name} +install -D -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/openldap +install -D -m 644 %{SOURCE4} %{buildroot}%{_unitdir}/openldap.service +install -D -m 644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/openldap.conf + +rm -f %{buildroot}%{_sysconfdir}/openldap/*.default +rm -f %{buildroot}%{_sysconfdir}/openldap/schema/*.default + +# allow client requests without client certificate +echo "TLS_REQCERT allow" >> \ + %{buildroot}%{_sysconfdir}/openldap/ldap.conf + +#ln -s liblber.so %{buildroot}%{_libdir}/liblber.so.2 +#ln -s libldap.so %{buildroot}%{_libdir}/libldap.so.2 +#ln -s libldap_r.so %{buildroot}%{_libdir}/libldap_r.so.2 +#chmod 755 %{buildroot}%{_libdir}/*.so.* + +cat > %{buildroot}/var/lib/openldap-data/DB_CONFIG << _EOF +set_cachesize 0 150000000 1 +set_lg_regionmax 262144 +set_lg_bsize 2097152 +#set_lg_dir /var/log/bdb +set_flags DB_LOG_AUTOREMOVE +_EOF + +rm -f %{buildroot}/var/openldap-data/DB_CONFIG.example + +#% makeinstall -C libraries/liblmdb prefix=%{_prefix} libdir=%{_libdir} +#ln -s liblmdb.so.0 %{buildroot}%{_libdir}/liblmdb.so + +%clean +[ "%{buildroot}" != / ] && rm -rf "%{buildroot}" + +%post -n lib%{name} -p /sbin/ldconfig +%postun -n lib%{name} -p /sbin/ldconfig + +%pre -n %{name}-server +if [ $1 -eq 2 ]; then +# upgrade + # make a backup of the existing tree + ldapadd -VV 2>&1 | grep "ldapmodify 2.1" >/dev/null + if [ $? -eq 0 ]; then + echo "Backing up current ldap tree" + [ -e /run/openldap/slapd.pid ] && service openldap stop + slapcat > /var/lib/ldap/openldap-data/ldap-backup.rpm_update + fi +fi +if [ $1 -eq 1 ]; then +# new install + groupadd ldap 2>/dev/null || true + useradd -g ldap -c "LDAP user" -d /var/lib/ldap \ + -s /bin/false ldap 2>/dev/null || true +fi +exit 0 + +%post -n %{name}-server +# new install +if [ $1 -eq 1 ]; then + if [ -e /etc/sysconfig/hostname ]; then + HOSTNAME=`cat /etc/sysconfig/hostname` + else + . %{_sysconfdir}/sysconfig/network + fi + ldap_hostname=${HOSTNAME/.*} + ldap_domain=${HOSTNAME/*.} + if [ "$ldap_hostname" ]; then + [ "$ldap_domain" ] || ldap_domain=local + suffix="dc=${ldap_hostname},dc=${ldap_domain}" + rootdn="cn=Manager,${suffix}" + sed -i "s|cn=Manager,dc=my-domain,dc=com|${rootdn}| + s|dc=my-domain,dc=com|${suffix}|" \ + %{_sysconfdir}/openldap/slapd.conf + fi + chkconfig --add openldap + systemctl enable openldap.service -q +fi +if [ $1 -gt 1 ]; then +# update + sed -i "s|/var/run/openldap|/run/openldap|" %{_sysconfdir}/openldap/slapd.conf + if [ -f /var/lib/ldap/openldap-data/ldap-backup.rpm_update ]; then + # update from previous LDAP version (rebuild database) + echo "Backing up current ldap bdb files into /var/lib/ldap/openldap-data/backup-2.1" + mkdir -p /var/lib/ldap/openldap-data/backup-2.1 + mv /var/lib/ldap/openldap-data/*.bdb /var/lib/ldap/openldap-data/backup-2.1 + mv /var/lib/ldap/openldap-data/log* /var/lib/ldap/openldap-data/backup-2.1 + mv /var/lib/ldap/openldap-data/__db.* /var/lib/ldap/openldap-data/backup-2.1 + echo "Restoring ldap information into new ldap server" + slapadd < /var/lib/ldap/openldap-data/ldap-backup.rpm_update + chown ldap.ldap /var/lib/ldap/openldap-data/* + mv /var/lib/ldap/openldap-data/ldap-backup.rpm_update /var/lib/ldap/openldap-data/backup-2.1 + fi +fi +if [ $1 -ge 1 ]; then + systemctl daemon-reload -q +fi +exit 0 + +%preun -n %{name}-server +#erase +if [ $1 -eq 0 ]; then + service openldap stop + chkconfig --del openldap + systemctl disable openldap.service -q + systemctl daemon-reload -q +fi +exit 0 + +fi +exit 0 + +%postun -n %{name}-server +#update +if [ $1 -eq 1 ]; then + service openldap condrestart +fi +exit 0 + +%files -n lib%{name} +%defattr(-,root,root) +%{_libdir}/liblber-*.so.* +%{_libdir}/libldap-*.so.* +%{_libdir}/libldap_r-*.so.* +%doc COPYRIGHT LICENSE + +%files -n lib%{name}-devel +%defattr(-,root,root) +%{_includedir}/openldap.h +%{_includedir}/lber.h +%{_includedir}/lber_types.h +%{_includedir}/ldap.h +%{_includedir}/ldap_cdefs.h +%{_includedir}/ldap_features.h +%{_includedir}/ldap_schema.h +%{_includedir}/ldap_utf8.h +%{_includedir}/ldif.h +%{_includedir}/slapi-plugin.h +%{_libdir}/liblber.a +%{_libdir}/liblber.la +%{_libdir}/liblber.so +%{_libdir}/libldap.a +%{_libdir}/libldap.la +%{_libdir}/libldap.so +%{_libdir}/libldap_r.a +%{_libdir}/libldap_r.la +%{_libdir}/libldap_r.so +%doc doc/devel/* doc/drafts/draft*.txt doc/rfc/rfc*.txt +%doc ANNOUNCEMENT CHANGES README + +%files clients +%defattr(-,root,root) +%config(noreplace) %{_sysconfdir}/openldap/ldap.conf +%{_bindir}/ldapexop +%{_bindir}/ldapadd +%{_bindir}/ldapdelete +%{_bindir}/ldapmodify +%{_bindir}/ldapmodrdn +%{_bindir}/ldappasswd +%{_bindir}/ldapsearch +%{_bindir}/ldapurl +#%{_bindir}/saucer +#%{_bindir}/ud +%{_mandir}/man1/* +%{_mandir}/man5/* + +%files server +%defattr(-,root,root) +%dir %{_sysconfdir}/openldap +%{_sysconfdir}/openldap/DB_CONFIG.example +%{_sysconfdir}/openldap/slapd.ldif +%config(noreplace) %attr(640,root,ldap) %{_sysconfdir}/openldap/slapd.conf +%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/openldap +%dir %{_sysconfdir}/openldap/schema +%{_sysconfdir}/openldap/schema/* +#%{_initrddir}/openldap +%{_bindir}/ldapcompare +%{_bindir}/ldapwhoami +%{_sbindir}/slapacl +%{_sbindir}/slapadd +%{_sbindir}/slapauth +%{_sbindir}/slapcat +%{_sbindir}/slapd +%{_sbindir}/slapdn +%{_sbindir}/slapindex +%{_sbindir}/slappasswd +%{_sbindir}/slapschema +%{_sbindir}/slaptest +#%{_sbindir}/slurpd +%{_unitdir}/openldap.service +%_tmpfilesdir/openldap.conf +#%{_datadir}/openldap/ucdata/* +%dir %attr(700,ldap,ldap) /var/lib/openldap-data +#%dir %attr(700,ldap,ldap) /var/run/openldap +%config(noreplace) /var/lib/openldap-data/DB_CONFIG +%{_mandir}/man3/* +%{_mandir}/man8/* + +%changelog +* Tue Jun 15 2021 Silvan Calarco 2.4.58-2mamba +- legacy package + +* Wed Mar 17 2021 Automatic Build System 2.4.58-1mamba +- automatic version update by autodist + +* Tue Jan 19 2021 Automatic Build System 2.4.57-1mamba +- automatic version update by autodist + +* Wed Nov 11 2020 Automatic Build System 2.4.56-1mamba +- automatic version update by autodist + +* Tue Oct 27 2020 Automatic Build System 2.4.55-1mamba +- automatic version update by autodist + +* Tue Oct 13 2020 Automatic Build System 2.4.54-1mamba +- automatic version update by autodist + +* Tue Sep 08 2020 Automatic Build System 2.4.53-1mamba +- automatic version update by autodist + +* Sat Aug 29 2020 Automatic Build System 2.4.52-1mamba +- automatic version update by autodist + +* Wed Aug 12 2020 Automatic Build System 2.4.51-1mamba +- automatic version update by autodist + +* Wed Apr 29 2020 Automatic Build System 2.4.50-1mamba +- automatic version update by autodist + +* Fri Jan 31 2020 Automatic Build System 2.4.49-1mamba +- automatic version update by autodist + +* Fri Nov 22 2019 Silvan Calarco 2.4.48-2mamba +- added debug package + +* Thu Aug 01 2019 Automatic Build System 2.4.48-1mamba +- automatic version update by autodist + +* Thu May 02 2019 Automatic Build System 2.4.47-1mamba +- automatic version update by autodist + +* Sat Jun 18 2016 Automatic Build System 2.4.44-1mamba +- automatic version update by autodist + +* Sat Jan 02 2016 Silvan Calarco 2.4.43-3mamba +- fix soname of liblmdb.so.0 + +* Fri Jan 01 2016 Silvan Calarco 2.4.43-2mamba +- build and provide liblmdb + +* Tue Dec 01 2015 Automatic Build System 2.4.43-1mamba +- automatic version update by autodist + +* Sun Aug 16 2015 Automatic Build System 2.4.42-1mamba +- automatic version update by autodist + +* Wed Jul 01 2015 Automatic Build System 2.4.41-1mamba +- automatic version update by autodist + +* Thu May 14 2015 Silvan Calarco 2.4.40-2mamba +- rebuilt with libsasl 2.1.26 + +* Tue Sep 30 2014 Automatic Build System 2.4.40-1mamba +- automatic version update by autodist + +* Tue Jan 28 2014 Automatic Build System 2.4.39-1mamba +- automatic version update by autodist + +* Mon Nov 18 2013 Automatic Build System 2.4.38-1mamba +- automatic version update by autodist + +* Mon Oct 28 2013 Automatic Build System 2.4.37-1mamba +- automatic version update by autodist + +* Mon Aug 19 2013 Automatic Build System 2.4.36-1mamba +- automatic version update by autodist + +* Sat Apr 27 2013 Silvan Calarco 2.4.35-3mamba +- move pid to /run, remove timeout in service file, add tmpfiles.d file for /run/openldap + +* Fri Apr 12 2013 Silvan Calarco 2.4.35-2mamba +- added systemd service file + +* Mon Apr 01 2013 Automatic Build System 2.4.35-1mamba +- automatic version update by autodist + +* Thu Mar 07 2013 Automatic Build System 2.4.34-1mamba +- automatic version update by autodist + +* Wed Oct 10 2012 Automatic Build System 2.4.33-1mamba +- automatic version update by autodist + +* Wed Aug 01 2012 Automatic Build System 2.4.32-1mamba +- automatic version update by autodist + +* Wed May 02 2012 Silvan Calarco 2.4.31-2mamba +- rebuilt with libsasl 2.1.25 + +* Tue Apr 24 2012 Automatic Build System 2.4.31-1mamba +- automatic version update by autodist + +* Mon Mar 12 2012 Automatic Build System 2.4.30-1mamba +- automatic version update by autodist + +* Mon Jul 25 2011 Automatic Build System 2.4.26-1mamba +- automatic version update by autodist + +* Sun Jun 19 2011 Automatic Build System 2.4.25-1mamba +- automatic update by autodist + +* Wed Mar 09 2011 Silvan Calarco 2.4.24-1mamba +- update to 2.4.24 +- remove slurpd support in initscript +- restore upstream slapd.conf + +* Mon Jul 19 2010 Automatic Build System 2.4.23-1mamba +- automatic update to 2.4.23 by autodist + +* Tue Jun 29 2010 Automatic Build System 2.4.22-2mamba +- automatic rebuild by autodist + +* Mon Jun 21 2010 Automatic Build System 2.4.22-1mamba +- automatic update by autodist + +* Tue Feb 09 2010 Automatic Build System 2.4.21-1mamba +- automatic update by autodist + +* Fri Nov 06 2009 Silvan Calarco 2.4.19-2mamba +- rebuilt with evolution patch for ntlm support + +* Fri Oct 23 2009 Automatic Build System 2.4.19-1mamba +- automatic update by autodist + +* Thu Oct 01 2009 Automatic Build System 2.4.18-1mamba +- automatic update by autodist + +* Wed Jul 29 2009 Automatic Build System 2.4.17-1mamba +- automatic update by autodist + +* Sun Apr 12 2009 Silvan Calarco 2.4.16-1mamba +- automatic update to 2.4.16 by autodist + +* Mon Mar 02 2009 Silvan Calarco 2.4.15-1mamba +- automatic update by autodist + +* Tue Dec 30 2008 Silvan Calarco 2.4.13-1mamba +- automatic update by autodist + +* Sun Sep 07 2008 Silvan Calarco 2.4.11-1mamba +- automatic update to 2.4.11 by autodist + +* Tue Jun 17 2008 Silvan Calarco 2.4.10-1mamba +- update to 2.4.10 +- libopenldap: removed strict requirement for libsasl with version + +* Fri Feb 15 2008 Silvan Calarco 2.4.7-2mamba +- remove libopenldap dependency on initscripts + +* Mon Jan 21 2008 Silvan Calarco 2.4.7-1mamba +- update to 2.4.7 +- /etc/ldap.conf moved from server to library package + +* Wed May 24 2006 Davide Madrisan 2.2.30-2qilnx +- fixed a stack-based buffer overflow discovered by Secunia (qibug#175) + +* Wed Dec 21 2005 Silvan Calarco 2.2.30-1qilnx +- update to version 2.2.30 by autospec + +* Mon Nov 07 2005 Stefano Cotta Ramusino 2.2.29-1qilnx +- update to version 2.2.29 by autospec + +* Fri Sep 16 2005 Davide Madrisan 2.2.27-3qilnx +- patch for NTLM support + +* Thu Sep 15 2005 Davide Madrisan 2.2.27-2qilnx +- rebuilt to fix: libldap_r.so: undefined reference to `pthread_kill' + +* Wed Jun 15 2005 Silvan Calarco 2.2.27-1qilnx +- update to version 2.2.27 by autospec + +* Tue Jan 11 2005 Silvan Calarco 2.2.20-1qilnx +- update to version 2.2.20 by autospec + +* Thu Dec 09 2004 Silvan Calarco 2.2.19-3qilnx +- don't start service on install +- use condrestart instead of restart on update + +* Mon Dec 06 2004 Silvan Calarco 2.2.19-2qilnx +- test build for upgrade + +* Mon Dec 06 2004 Silvan Calarco 2.2.19-1qilnx +- new version build + +* Thu Oct 28 2004 Silvan Calarco 2.2.18-2qilnx +- added ldap update scripts for update from version 2.1 to 2.2 (=libdb4 to libdb42) + +* Thu Oct 28 2004 Silvan Calarco 2.2.18-1qilnx +- new version build + +* Fri Jul 09 2004 Silvan Calarco 2.1.30-2qilnx +- require user authentication to read passwords + +* Thu Apr 22 2004 Davide Madrisan 2.1.30-1qilnx +- new version rebuild + +* Mon Apr 05 2004 Davide Madrisan 2.1.29-1qilnx +- new version rebuild + +* Sat Mar 20 2004 Silvan Calarco 2.1.27-1qilnx +- new version build +- logrotate added + +* Wed Feb 11 2004 Silvan Calarco 2.1.26-2qilnx +- added initscript code to execute db_recover before ldap server + +* Tue Feb 03 2004 Silvan Calarco 2.1.26-1qilnx +- new version rebuild +- added initscript code to remove bdb cache files on service startup + +* Wed Jan 21 2004 Silvan Calarco 2.1.25-1qilnx +- new version rebuild + +* Mon Nov 24 2003 Silvan Calarco 2.1.23-3qilnx +- changed default password scheme to SSHA (was cleartext) +- removed initscript reload (not supported by slapd) + +* Fri Nov 21 2003 Davide Madrisan 2.1.23-2qilnx +- added missing 'Requires'; specfile updates; added documentation and + OpenLDAP license files + +* Thu Nov 13 2003 Silvan Calarco 2.1.23-1qilnx +- new version rebuild +- added compilation flags for features including sasl + +* Mon Sep 29 2003 Silvan Calarco 2.1.22-4qilnx +- added configure and make C_INCLUDE_PATH to support db4 includes +- removed ldap log dir waiting for a way that doesn't use syslog but its own directory + +* Mon Sep 15 2003 Silvan Calarco 2.1.22-3qilnx +- added support for crypt password + +* Fri Jul 25 2003 Silvan Calarco 2.1.22-2qilnx +- modified ldap.conf and initscript to correctly support TLS connections + +* Thu Jul 24 2003 Silvan Calarco 2.1.22-1qilnx +- first build for 2.1.22 + +* Fri Jun 27 2003 Silvan Calarco 2.1.17-8qilnx +- deactivated misc.schema from default configuration + +* Wed Jun 25 2003 Silvan Calarco 2.1.17-7qilnx +- added "new-style" %%post and %%pre scripts + +* Wed Jun 11 2003 Silvan Calarco 2.1.17-6qilnx +- fixed initscript chkconfig configuration + +* Fri Jun 06 2003 Silvan Calarco 2.1.17-5qilnx +- added schema includes in slapd.conf +- removed .orig config files + +* Tue May 27 2003 Silvan Calarco 2.1.17-4qilnx +- added ldap user creation + +* Tue May 27 2003 Silvan Calarco 2.1.17-3qilnx +- added configuration file patch to support pid dir and lib dir (logdir + doesn't work yet!) + +* Tue May 06 2003 Silvan Calarco 2.1.17-2qilnx +- added build requirements +- fixed sysconfdir location + +* Tue Apr 22 2003 Luca Tinelli +- first build