|
@@ -1,5 +1,6 @@
|
|
|
+%bcond_with systemd
|
|
|
%bcond_with sql
|
|
|
-%define _unpackaged_files_terminate_build 1
|
|
|
+
|
|
|
%define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
|
|
|
%define __perl_requires %{SOURCE11}
|
|
|
|
|
@@ -8,13 +9,15 @@
|
|
|
Summary: The configuration files, libraries and documentation for OpenLDAP.
|
|
|
Summary(ja): OpenLDAP の設定ファイル,ライブラリ,ドキュメント.
|
|
|
Name: openldap
|
|
|
-Version: 2.4.46
|
|
|
-Release: 3%{?_dist_release}
|
|
|
-License: OpenLDAP
|
|
|
-Group: System Environment/Libraries
|
|
|
-URL: http://www.openldap.org/
|
|
|
+Version: 2.4.53
|
|
|
+Release: 1%{?_dist_release}%{?with_systemd:.systemd}
|
|
|
+Group: system
|
|
|
+Vendor: Project Vine
|
|
|
+Distribution: Vine Linux
|
|
|
|
|
|
-Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz
|
|
|
+License: OpenLDAP
|
|
|
+URL: https://www.openldap.org/
|
|
|
+Source0: https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version}.tgz
|
|
|
Source2: ldap.init
|
|
|
Source4: slapd.ldif
|
|
|
Source5: ldap.conf
|
|
@@ -24,6 +27,8 @@ Source12: ltb-project-openldap-ppolicy-check-password-%{check_password_version}.
|
|
|
Source50: libexec-functions
|
|
|
Source52: libexec-check-config.sh
|
|
|
Source53: libexec-upgrade-db.sh
|
|
|
+Source101: slapd.service
|
|
|
+Source102: slapd.tmpfiles
|
|
|
|
|
|
# Patches for 2.4
|
|
|
Patch0: openldap-manpages.patch
|
|
@@ -41,6 +46,7 @@ Patch19: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch
|
|
|
Patch20: openldap-ldapi-sasl.patch
|
|
|
Patch22: openldap-openssl-ITS7595-Add-EC-support-1.patch
|
|
|
Patch23: openldap-openssl-ITS7595-Add-EC-support-2.patch
|
|
|
+Patch24: openldap-openssl-manpage-defaultCA.patch
|
|
|
|
|
|
# check-password module specific patches
|
|
|
Patch90: check-password-makefile.patch
|
|
@@ -49,10 +55,6 @@ Patch91: check-password.patch
|
|
|
# Vine Patches
|
|
|
|
|
|
# security fixes
|
|
|
-# CVE-2015-1545
|
|
|
-# Patch1000: its8027.patch
|
|
|
-# CVE-2015-1546
|
|
|
-# Patch1001: its8046.patch
|
|
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
|
BuildRequires: autoconf, automake, libtool >= 2.2.6a
|
|
@@ -62,12 +64,12 @@ BuildRequires: libdb-devel, pam-devel, pkgconfig, tcp_wrappers
|
|
|
BuildRequires: unixODBC-devel, bind-devel, libtool-ltdl-devel >= 2.2.6a
|
|
|
BuildRequires: krb5-devel
|
|
|
BuildRequires: groff
|
|
|
+%if %{with systemd}
|
|
|
+BuildRequires: systemd
|
|
|
+%endif
|
|
|
#BuildConflicts: libicu-devel
|
|
|
Requires: cyrus-sasl, mktemp
|
|
|
|
|
|
-Vendor: Project Vine
|
|
|
-Distribution: Vine Linux
|
|
|
-
|
|
|
%description
|
|
|
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
|
|
|
Protocol) applications and development tools. LDAP is a set of
|
|
@@ -80,10 +82,11 @@ libraries and documentation for OpenLDAP.
|
|
|
%description -l ja
|
|
|
OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス(電話帳の様な情報や他の情報)にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た方式でInternetに伝えられます。opanldapパッケージはOpanLDAP用の設定ファイルやライブラリ、ドキュメントを含んでいます。
|
|
|
|
|
|
+
|
|
|
%package devel
|
|
|
Summary: OpenLDAP development libraries and header files.
|
|
|
Summary(ja): OpenLDAP の開発用ライブラリおよびヘッダファイル.
|
|
|
-Group: Development/Libraries
|
|
|
+Group: programming
|
|
|
Requires: openldap = %{version}-%{release}, cyrus-sasl-devel >= 2.1
|
|
|
Provides: openldap-evolution-devel = %{version}-%{release}
|
|
|
|
|
@@ -98,12 +101,19 @@ customized LDAP clients.
|
|
|
%description devel -l ja
|
|
|
openldap-develパッケージはLDAP(Lightweight Directory Access Protocol)を使うためにコンパイルするアプリケーションに必要な開発用ライブラリやヘッダファイルを含んでいます。LDAPはInternet上にディレクトリサービスを可能にするプロトコルです。LDAPクライアントを開発したりカスタマイズする場合には、このパッケージをインストールしてください。
|
|
|
|
|
|
+
|
|
|
%package servers
|
|
|
Summary: OpenLDAP servers and related files.
|
|
|
Summary(ja): OpenLDAP サーバおよび関連ファイル.
|
|
|
-Requires(post): fileutils, make, openldap = %{version}-%{release}, openssl, shadow-utils, chkconfig, coreutils
|
|
|
-Requires(pre): fileutils, make, openldap = %{version}-%{release}, openssl, shadow-utils, chkconfig, coreutils
|
|
|
-Group: System Environment/Daemons
|
|
|
+Group: servers
|
|
|
+Requires(pre): fileutils, make, openldap = %{version}-%{release}, openssl, shadow-utils, coreutils
|
|
|
+Requires(post): fileutils, make, openldap = %{version}-%{release}, openssl, shadow-utils, coreutils
|
|
|
+%if %{with systemd}
|
|
|
+%{?systemd_requires}
|
|
|
+%else
|
|
|
+Requires(pre): chkconfig
|
|
|
+Requires(post): chkconfig
|
|
|
+%endif
|
|
|
|
|
|
%description servers
|
|
|
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
|
|
@@ -122,8 +132,8 @@ OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)
|
|
|
%package servers-sql
|
|
|
Summary: OpenLDAP server SQL support module.
|
|
|
Summary(ja): SQLサポートモジュールを含んだOpenLDAPサーバ
|
|
|
+Group: servers
|
|
|
Requires(post): openldap-servers = %{version}-%{release}
|
|
|
-Group: System Environment/Daemons
|
|
|
|
|
|
%description servers-sql
|
|
|
OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
|
|
@@ -142,11 +152,12 @@ OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)
|
|
|
このパッケージはslapdサーバがRDBMSからデータを読み込むためのモジュールを含んでいます。
|
|
|
%endif
|
|
|
|
|
|
+
|
|
|
%package clients
|
|
|
Summary: Client programs for OpenLDAP.
|
|
|
Summary(ja): OpenLDAP のクライアントプログラム.
|
|
|
Requires(post): openldap = %{version}-%{release}
|
|
|
-Group: Applications/Internet
|
|
|
+Group: admin-tools
|
|
|
|
|
|
%description clients
|
|
|
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
|
|
@@ -160,10 +171,11 @@ programs needed for accessing and modifying OpenLDAP directories.
|
|
|
%description clients -l ja
|
|
|
OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス(電話帳の様な情報や他の情報)にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た\方式でInternetに伝えられます。openldap-clientsパッケージはOpenLDAPディレクトリにアクセスしたり、修正したりするためのクライアントプログラムを含んでいます。
|
|
|
|
|
|
+
|
|
|
## to build compat32 for x86_64 architecture support
|
|
|
%package -n compat32-%{name}
|
|
|
Summary: libraries for OpenLDAP.
|
|
|
-Group: System Environment/Libraries
|
|
|
+Group: system
|
|
|
|
|
|
%description -n compat32-%{name}
|
|
|
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
|
|
@@ -189,7 +201,7 @@ libraries and documentation for OpenLDAP.
|
|
|
|
|
|
%package -n compat32-%{name}-devel
|
|
|
Summary: OpenLDAP development libraries and header files.
|
|
|
-Group: Development/Libraries
|
|
|
+Group: programming
|
|
|
|
|
|
%description -n compat32-%{name}-devel
|
|
|
The openldap-devel package includes the development libraries and
|
|
@@ -200,6 +212,9 @@ this package only if you plan to develop or will need to compile
|
|
|
customized LDAP clients.
|
|
|
|
|
|
|
|
|
+%debug_package
|
|
|
+
|
|
|
+
|
|
|
%prep
|
|
|
%setup -q -c -a 0 -a 12
|
|
|
|
|
@@ -213,9 +228,10 @@ AUTOMAKE=/bin/true autoreconf -fi
|
|
|
%patch5 -p1
|
|
|
%patch17 -p1
|
|
|
%patch19 -p1
|
|
|
-%patch20 -p1
|
|
|
-%patch22 -p1
|
|
|
-%patch23 -p1
|
|
|
+#%patch20 -p1
|
|
|
+#%patch22 -p1
|
|
|
+#%patch23 -p1
|
|
|
+%patch24 -p1
|
|
|
|
|
|
# security
|
|
|
# %patch1000 -p1 -b .CVE-2015-1545
|
|
@@ -299,7 +315,6 @@ popd
|
|
|
|
|
|
%install
|
|
|
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
|
|
|
-
|
|
|
mkdir -p %{buildroot}%{_libdir}/
|
|
|
|
|
|
pushd openldap-%{version}
|
|
@@ -353,13 +368,21 @@ perl -pi -e "s|%{buildroot}||g" %{buildroot}%{_mandir}/*/*.*
|
|
|
rm -f %{buildroot}%{_sysconfdir}/openldap/*.default
|
|
|
rm -f %{buildroot}%{_sysconfdir}/openldap/schema/*.default
|
|
|
|
|
|
+%if %{with systemd}
|
|
|
+# install an init script for the servers
|
|
|
+mkdir -p %{buildroot}%{_unitdir}
|
|
|
+install -m 0644 %{SOURCE101} %{buildroot}%{_unitdir}/slapd.service
|
|
|
+# setup autocreation of runtime directories on tmpfs
|
|
|
+mkdir -p %{buildroot}%{_tmpfilesdir}
|
|
|
+install -m 0644 %{SOURCE102} %{buildroot}%{_tmpfilesdir}/slapd.conf
|
|
|
+%else
|
|
|
# Install an init script for the servers.
|
|
|
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d
|
|
|
install -m 755 $RPM_SOURCE_DIR/ldap.init $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/ldap
|
|
|
-
|
|
|
# install syconfig/ldap
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
|
|
|
install -m 644 %SOURCE2 %{buildroot}%{_sysconfdir}/sysconfig/slapd
|
|
|
+%endif
|
|
|
|
|
|
# move slapd out of _libdir
|
|
|
mv %{buildroot}%{_libdir}/slapd %{buildroot}%{_sbindir}/
|
|
@@ -427,8 +450,10 @@ fi
|
|
|
exit 0
|
|
|
|
|
|
%post servers
|
|
|
-
|
|
|
/sbin/ldconfig -n %{_libdir}/openldap
|
|
|
+%if %{with systemd}
|
|
|
+%systemd_post slapd.service
|
|
|
+%endif
|
|
|
|
|
|
# generate configuration if necessary
|
|
|
if [[ ! -f %{_sysconfdir}/openldap/slapd.d/cn=config.ldif && \
|
|
@@ -438,18 +463,27 @@ if [[ ! -f %{_sysconfdir}/openldap/slapd.d/cn=config.ldif && \
|
|
|
mkdir -p %{_sysconfdir}/openldap/slapd.d/ &>/dev/null || :
|
|
|
/usr/sbin/slapadd -F %{_sysconfdir}/openldap/slapd.d/ -n0 -l %{_datadir}/openldap-servers/slapd.ldif
|
|
|
chown -R ldap:ldap %{_sysconfdir}/openldap/slapd.d/
|
|
|
+%if %{with systemd}
|
|
|
+ systemctl try-restart slapd.service &>/dev/null
|
|
|
+%else
|
|
|
/sbin/service ldap condrestart > /dev/null 2>&1 || :
|
|
|
+%endif
|
|
|
fi
|
|
|
|
|
|
start_slapd=0
|
|
|
|
|
|
# upgrade the database
|
|
|
-running=`/sbin/service ldap status >/dev/null; echo $?`
|
|
|
if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap ]; then
|
|
|
- if [ $running -eq 0 ]; then
|
|
|
+%if %{with systemd}
|
|
|
+ systemctl stop slapd.service
|
|
|
+ start_slapd=1
|
|
|
+%else
|
|
|
+ running=`/sbin/service ldap status >/dev/null; echo $?`
|
|
|
+ if [ $running -eq 0 ]; then
|
|
|
/sbin/service ldap stop > /dev/null 2>&1 || :
|
|
|
start_slapd=1
|
|
|
fi
|
|
|
+%endif
|
|
|
|
|
|
%{_libexecdir}/openldap/upgrade-db.sh &>/dev/null
|
|
|
rm -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap
|
|
@@ -457,17 +491,28 @@ fi
|
|
|
|
|
|
# restart after upgrade
|
|
|
if [ $1 -ge 1 ]; then
|
|
|
+%if %{with systemd}
|
|
|
+ if [ $start_slapd -eq 1 ]; then
|
|
|
+ systemctl start slapd.service &>/dev/null || :
|
|
|
+ else
|
|
|
+ systemctl condrestart slapd.service &>/dev/null || :
|
|
|
+ fi
|
|
|
+%else
|
|
|
if [ $start_slapd -eq 1 ]; then
|
|
|
/sbin/service ldap start > /dev/null 2>&1 || :
|
|
|
else
|
|
|
/sbin/service ldap condrestart > /dev/null 2>&1 || :
|
|
|
fi
|
|
|
+%endif
|
|
|
fi
|
|
|
|
|
|
exit 0
|
|
|
|
|
|
%preun servers
|
|
|
-if [ "$1" = "0" ] ; then
|
|
|
+%if %{with systemd}
|
|
|
+%systemd_preun slapd.service
|
|
|
+%else
|
|
|
+if [ "$1" = "0" -o -x /bin/systemctl ] ; then
|
|
|
/sbin/service ldap stop > /dev/null 2>&1 || :
|
|
|
/sbin/chkconfig --del ldap
|
|
|
# Openldap-servers are being removed from system.
|
|
@@ -476,16 +521,19 @@ if [ "$1" = "0" ] ; then
|
|
|
# it can be restored later - but it's up to the administrator
|
|
|
# to save the database, if he/she wants so.
|
|
|
fi
|
|
|
+%endif
|
|
|
|
|
|
%postun servers
|
|
|
/sbin/ldconfig ${_libdir}/openldap
|
|
|
-
|
|
|
+%if %{with systemd}
|
|
|
+%systemd_postun_with_restart slapd.service
|
|
|
+%else
|
|
|
if [ $1 -ge 1 ] ; then
|
|
|
/sbin/service ldap condrestart > /dev/null 2>&1 || :
|
|
|
fi
|
|
|
+%endif
|
|
|
|
|
|
%post devel -p /sbin/ldconfig
|
|
|
-
|
|
|
%postun devel -p /sbin/ldconfig
|
|
|
|
|
|
%triggerin servers -- libdb
|
|
@@ -551,9 +599,14 @@ exit 0
|
|
|
%doc README.schema
|
|
|
%config(noreplace) %dir %attr(0750,ldap,ldap) %{_sysconfdir}/openldap/slapd.d
|
|
|
%config(noreplace) %{_sysconfdir}/openldap/schema
|
|
|
-%config(noreplace) %{_sysconfdir}/sysconfig/slapd
|
|
|
%config(noreplace) %{_sysconfdir}/openldap/check_password.conf
|
|
|
+%if %{with systemd}
|
|
|
+%{_unitdir}/slapd.service
|
|
|
+%{_tmpfilesdir}/slapd.conf
|
|
|
+%else
|
|
|
%attr(0755,root,root) %config %{_sysconfdir}/rc.d/init.d/ldap
|
|
|
+%config(noreplace) %{_sysconfdir}/sysconfig/slapd
|
|
|
+%endif
|
|
|
%attr(0700,ldap,ldap) %dir /var/lib/ldap
|
|
|
%attr(0755,ldap,ldap) %dir /var/run/openldap
|
|
|
%{_datadir}/openldap-servers/
|
|
@@ -638,6 +691,10 @@ exit 0
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
+* Sun Sep 13 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.53-1
|
|
|
+- new upstream release.
|
|
|
+- added systemd support (disabled as default).
|
|
|
+
|
|
|
* Sat May 18 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.46-3
|
|
|
- rebuilt with perl-5.26.
|
|
|
|