openldap-vl.spec 41 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141
  1. %bcond_with sql
  2. %define _unpackaged_files_terminate_build 1
  3. %define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
  4. %define __perl_requires %{SOURCE11}
  5. %global check_password_version 1.1
  6. Summary: The configuration files, libraries and documentation for OpenLDAP.
  7. Summary(ja): OpenLDAP の設定ファイル,ライブラリ,ドキュメント.
  8. Name: openldap
  9. Version: 2.4.46
  10. Release: 3%{?_dist_release}
  11. License: OpenLDAP
  12. Group: System Environment/Libraries
  13. URL: http://www.openldap.org/
  14. Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz
  15. Source2: ldap.init
  16. Source4: slapd.ldif
  17. Source5: ldap.conf
  18. Source10: ldap.sysconfig
  19. Source11: filter-requires-openldap.sh
  20. Source12: ltb-project-openldap-ppolicy-check-password-%{check_password_version}.tar.gz
  21. Source50: libexec-functions
  22. Source52: libexec-check-config.sh
  23. Source53: libexec-upgrade-db.sh
  24. # Patches for 2.4
  25. Patch0: openldap-manpages.patch
  26. Patch2: openldap-reentrant-gethostby.patch
  27. Patch3: openldap-smbk5pwd-overlay.patch
  28. Patch5: openldap-ai-addrconfig.patch
  29. Patch17: openldap-allop-overlay.patch
  30. # fix back_perl problems with lt_dlopen()
  31. # might cause crashes because of symbol collisions
  32. # the proper fix is to link all perl modules against libperl
  33. # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327585
  34. Patch19: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch
  35. # ldapi sasl fix pending upstream inclusion
  36. Patch20: openldap-ldapi-sasl.patch
  37. Patch22: openldap-openssl-ITS7595-Add-EC-support-1.patch
  38. Patch23: openldap-openssl-ITS7595-Add-EC-support-2.patch
  39. # check-password module specific patches
  40. Patch90: check-password-makefile.patch
  41. Patch91: check-password.patch
  42. # Vine Patches
  43. # security fixes
  44. # CVE-2015-1545
  45. # Patch1000: its8027.patch
  46. # CVE-2015-1546
  47. # Patch1001: its8046.patch
  48. BuildRoot: %{_tmppath}/%{name}-%{version}-root
  49. BuildRequires: autoconf, automake, libtool >= 2.2.6a
  50. BuildRequires: libxcrypt-devel, libnsl2-devel
  51. BuildRequires: cyrus-sasl-devel, openssl-devel, perl
  52. BuildRequires: libdb-devel, pam-devel, pkgconfig, tcp_wrappers
  53. BuildRequires: unixODBC-devel, bind-devel, libtool-ltdl-devel >= 2.2.6a
  54. BuildRequires: krb5-devel
  55. BuildRequires: groff
  56. #BuildConflicts: libicu-devel
  57. Requires: cyrus-sasl, mktemp
  58. Vendor: Project Vine
  59. Distribution: Vine Linux
  60. %description
  61. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
  62. Protocol) applications and development tools. LDAP is a set of
  63. protocols for accessing directory services (usually phone book style
  64. information, but other information is possible) over the Internet,
  65. similar to the way DNS (Domain Name System) information is propagated
  66. over the Internet. The openldap package contains configuration files,
  67. libraries and documentation for OpenLDAP.
  68. %description -l ja
  69. OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス(電話帳の様な情報や他の情報)にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た方式でInternetに伝えられます。opanldapパッケージはOpanLDAP用の設定ファイルやライブラリ、ドキュメントを含んでいます。
  70. %package devel
  71. Summary: OpenLDAP development libraries and header files.
  72. Summary(ja): OpenLDAP の開発用ライブラリおよびヘッダファイル.
  73. Group: Development/Libraries
  74. Requires: openldap = %{version}-%{release}, cyrus-sasl-devel >= 2.1
  75. Provides: openldap-evolution-devel = %{version}-%{release}
  76. %description devel
  77. The openldap-devel package includes the development libraries and
  78. header files needed for compiling applications that use LDAP
  79. (Lightweight Directory Access Protocol) internals. LDAP is a set of
  80. protocols for enabling directory services over the Internet. Install
  81. this package only if you plan to develop or will need to compile
  82. customized LDAP clients.
  83. %description devel -l ja
  84. openldap-develパッケージはLDAP(Lightweight Directory Access Protocol)を使うためにコンパイルするアプリケーションに必要な開発用ライブラリやヘッダファイルを含んでいます。LDAPはInternet上にディレクトリサービスを可能にするプロトコルです。LDAPクライアントを開発したりカスタマイズする場合には、このパッケージをインストールしてください。
  85. %package servers
  86. Summary: OpenLDAP servers and related files.
  87. Summary(ja): OpenLDAP サーバおよび関連ファイル.
  88. Requires(post): fileutils, make, openldap = %{version}-%{release}, openssl, shadow-utils, chkconfig, coreutils
  89. Requires(pre): fileutils, make, openldap = %{version}-%{release}, openssl, shadow-utils, chkconfig, coreutils
  90. Group: System Environment/Daemons
  91. %description servers
  92. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
  93. Protocol) applications and development tools. LDAP is a set of
  94. protocols for accessing directory services (usually phone book style
  95. information, but other information is possible) over the Internet,
  96. similar to the way DNS (Domain Name System) information is propagated
  97. over the Internet. This package contains the slapd and slurpd servers,
  98. migration scripts and related files.
  99. %description servers -l ja
  100. OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス(電話帳の様な情報や他の情報)にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た\方式でInternetに伝えられます。このパッケージはslapdやslurpdサーバ、移行スクリプトや関連するファイルを含んでいます。
  101. %if %{with sql}
  102. %package servers-sql
  103. Summary: OpenLDAP server SQL support module.
  104. Summary(ja): SQLサポートモジュールを含んだOpenLDAPサーバ
  105. Requires(post): openldap-servers = %{version}-%{release}
  106. Group: System Environment/Daemons
  107. %description servers-sql
  108. OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
  109. Protocol) applications and development tools. LDAP is a set of
  110. protocols for accessing directory services (usually phone book style
  111. information, but other information is possible) over the Internet,
  112. similar to the way DNS (Domain Name System) information is propagated
  113. over the Internet. This package contains a loadable module which the
  114. slapd server can use to read data from an RDBMS.
  115. %description servers-sql -l ja
  116. OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケー
  117. ションと開発ツール集です。LDAPはディレクトリサービス(電話帳の様な情報や他の情報
  118. )にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た
  119. 方式でInternetに伝えられます。
  120. このパッケージはslapdサーバがRDBMSからデータを読み込むためのモジュールを含んでいます。
  121. %endif
  122. %package clients
  123. Summary: Client programs for OpenLDAP.
  124. Summary(ja): OpenLDAP のクライアントプログラム.
  125. Requires(post): openldap = %{version}-%{release}
  126. Group: Applications/Internet
  127. %description clients
  128. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
  129. Protocol) applications and development tools. LDAP is a set of
  130. protocols for accessing directory services (usually phone book style
  131. information, but other information is possible) over the Internet,
  132. similar to the way DNS (Domain Name System) information is propagated
  133. over the Internet. The openldap-clients package contains the client
  134. programs needed for accessing and modifying OpenLDAP directories.
  135. %description clients -l ja
  136. OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス(電話帳の様な情報や他の情報)にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た\方式でInternetに伝えられます。openldap-clientsパッケージはOpenLDAPディレクトリにアクセスしたり、修正したりするためのクライアントプログラムを含んでいます。
  137. ## to build compat32 for x86_64 architecture support
  138. %package -n compat32-%{name}
  139. Summary: libraries for OpenLDAP.
  140. Group: System Environment/Libraries
  141. %description -n compat32-%{name}
  142. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
  143. Protocol) applications and development tools. LDAP is a set of
  144. protocols for accessing directory services (usually phone book style
  145. information, but other information is possible) over the Internet,
  146. similar to the way DNS (Domain Name System) information is propagated
  147. over the Internet. The openldap package contains configuration files,
  148. libraries and documentation for OpenLDAP.
  149. # %package -n compat32-%{name}-servers-sql
  150. # Summary: OpenLDAP server SQL support module.
  151. # Group: System Environment/Libraries
  152. # %description -n compat32-%{name}-servers-sql
  153. # OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
  154. # Protocol) applications and development tools. LDAP is a set of
  155. # protocols for accessing directory services (usually phone book style
  156. # information, but other information is possible) over the Internet,
  157. # similar to the way DNS (Domain Name System) information is propagated
  158. # over the Internet. This package contains a loadable module which the
  159. # slapd server can use to read data from an RDBMS.
  160. %package -n compat32-%{name}-devel
  161. Summary: OpenLDAP development libraries and header files.
  162. Group: Development/Libraries
  163. %description -n compat32-%{name}-devel
  164. The openldap-devel package includes the development libraries and
  165. header files needed for compiling applications that use LDAP
  166. (Lightweight Directory Access Protocol) internals. LDAP is a set of
  167. protocols for enabling directory services over the Internet. Install
  168. this package only if you plan to develop or will need to compile
  169. customized LDAP clients.
  170. %prep
  171. %setup -q -c -a 0 -a 12
  172. pushd openldap-%{version}
  173. AUTOMAKE=/bin/true autoreconf -fi
  174. %patch0 -p1
  175. %patch2 -p1
  176. %patch3 -p1
  177. %patch5 -p1
  178. %patch17 -p1
  179. %patch19 -p1
  180. %patch20 -p1
  181. %patch22 -p1
  182. %patch23 -p1
  183. # security
  184. # %patch1000 -p1 -b .CVE-2015-1545
  185. # %patch1001 -p1 -b .CVE-2015-1546
  186. # build smbk5pwd with other overlays
  187. ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
  188. mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
  189. # build allop with other overlays
  190. ln -s ../../../contrib/slapd-modules/allop/allop.c servers/slapd/overlays
  191. mv contrib/slapd-modules/allop/README contrib/slapd-modules/allop/README.allop
  192. mv contrib/slapd-modules/allop/slapo-allop.5 doc/man/man5/slapo-allop.5
  193. mv servers/slapd/back-perl/README{,.back_perl}
  194. # fix documentation encoding
  195. for filename in doc/drafts/draft-ietf-ldapext-acl-model-xx.txt; do
  196. iconv -f iso-8859-1 -t utf-8 "$filename" > "$filename.utf8"
  197. mv "$filename.utf8" "$filename"
  198. done
  199. popd
  200. pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
  201. %patch90 -p1
  202. %patch91 -p1
  203. popd
  204. %build
  205. export CFLAGS="-fpie %{optflags} -Wl,-z,relro,-z,now,--as-needed -DLDAP_CONNECTIONLESS"
  206. export LDFLAGS="-pie"
  207. pushd openldap-%{version}
  208. %configure \
  209. --enable-debug \
  210. --enable-dynamic \
  211. \
  212. --enable-dynacl \
  213. --enable-cleartext \
  214. --enable-crypt \
  215. --enable-lmpasswd \
  216. --enable-spasswd \
  217. --enable-modules \
  218. --enable-rewrite \
  219. --enable-rlookups \
  220. --enable-slapi \
  221. --disable-slp \
  222. \
  223. --enable-backends=mod \
  224. --enable-bdb=yes \
  225. --enable-hdb=yes \
  226. --enable-mdb=yes \
  227. --enable-monitor=yes \
  228. --disable-ndb \
  229. %if %{with sql}
  230. --enable-sql=yes \
  231. %else
  232. --disable-sql \
  233. %endif
  234. \
  235. --enable-overlays=mod \
  236. \
  237. --disable-static \
  238. \
  239. --with-cyrus-sasl \
  240. --without-fetch \
  241. --with-threads \
  242. --with-pic \
  243. --with-gnu-ld \
  244. \
  245. --libexecdir=%{_libdir}
  246. make %{_smp_mflags}
  247. popd
  248. pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
  249. make LDAP_INC="-I../openldap-%{version}/include \
  250. -I../openldap-%{version}/servers/slapd \
  251. -I../openldap-%{version}/build-servers/include"
  252. popd
  253. %install
  254. [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
  255. mkdir -p %{buildroot}%{_libdir}/
  256. pushd openldap-%{version}
  257. make install DESTDIR=%{buildroot} STRIP=""
  258. popd
  259. # install check_password module
  260. pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
  261. mv check_password.so check_password.so.%{check_password_version}
  262. ln -s check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/check_password.so
  263. install -m 755 check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/
  264. # install -m 644 README %{buildroot}%{_libdir}/openldap
  265. install -d -m 755 %{buildroot}%{_sysconfdir}/openldap
  266. cat > %{buildroot}%{_sysconfdir}/openldap/check_password.conf <<EOF
  267. # OpenLDAP pwdChecker library configuration
  268. #useCracklib 1
  269. #minPoints 3
  270. #minUpper 0
  271. #minLower 0
  272. #minDigit 0
  273. #minPunct 0
  274. EOF
  275. mv README{,.check_pwd}
  276. popd
  277. # setup directories for TLS certificates
  278. mkdir -p %{buildroot}%{_sysconfdir}/openldap/certs
  279. # Create the data directory.
  280. install -m 0700 -d $RPM_BUILD_ROOT/var/lib/ldap
  281. # Create the new run directory
  282. install -m 0755 -d $RPM_BUILD_ROOT/var/run/openldap
  283. # install default ldap.conf (customized)
  284. rm -f %{buildroot}%{_sysconfdir}/openldap/ldap.conf
  285. install -m 0644 %SOURCE5 %{buildroot}%{_sysconfdir}/openldap/ldap.conf
  286. # setup maintainance scripts
  287. mkdir -p %{buildroot}%{_libexecdir}
  288. install -m 0755 -d %{buildroot}%{_libexecdir}/openldap
  289. install -m 0644 %SOURCE50 %{buildroot}%{_libexecdir}/openldap/functions
  290. install -m 0755 %SOURCE52 %{buildroot}%{_libexecdir}/openldap/check-config.sh
  291. install -m 0755 %SOURCE53 %{buildroot}%{_libexecdir}/openldap/upgrade-db.sh
  292. # remove build root from config files and manual pages
  293. perl -pi -e "s|%{buildroot}||g" %{buildroot}%{_sysconfdir}/openldap/*.conf
  294. perl -pi -e "s|%{buildroot}||g" %{buildroot}%{_mandir}/*/*.*
  295. # we don't need the default files -- RPM handles changes
  296. rm -f %{buildroot}%{_sysconfdir}/openldap/*.default
  297. rm -f %{buildroot}%{_sysconfdir}/openldap/schema/*.default
  298. # Install an init script for the servers.
  299. mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d
  300. install -m 755 $RPM_SOURCE_DIR/ldap.init $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/ldap
  301. # install syconfig/ldap
  302. mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
  303. install -m 644 %SOURCE2 %{buildroot}%{_sysconfdir}/sysconfig/slapd
  304. # move slapd out of _libdir
  305. mv %{buildroot}%{_libdir}/slapd %{buildroot}%{_sbindir}/
  306. # setup tools as symlinks to slapd
  307. rm -f %{buildroot}%{_sbindir}/slap{acl,add,auth,cat,dn,index,passwd,test,schema}
  308. rm -f %{buildroot}%{_libdir}/slap{acl,add,auth,cat,dn,index,passwd,test,schema}
  309. for X in acl add auth cat dn index passwd test schema; do ln -s slapd %{buildroot}%{_sbindir}/slap$X ; done
  310. # tweak permissions on the libraries to make sure they're correct
  311. chmod 0755 %{buildroot}%{_libdir}/lib*.so*
  312. chmod 0644 %{buildroot}%{_libdir}/lib*.*a
  313. # slapd.conf(5) is obsoleted since 2.3, see slapd-config(5)
  314. # new configuration will be generated in %%post
  315. mkdir -p %{buildroot}%{_datadir}
  316. install -m 0755 -d %{buildroot}%{_datadir}/openldap-servers
  317. install -m 0644 %SOURCE4 %{buildroot}%{_datadir}/openldap-servers/slapd.ldif
  318. install -m 0750 -d %{buildroot}%{_sysconfdir}/openldap/slapd.d
  319. rm -f %{buildroot}%{_sysconfdir}/openldap/slapd.conf
  320. rm -f %{buildroot}%{_sysconfdir}/openldap/slapd.ldif
  321. # move doc files out of _sysconfdir
  322. mv %{buildroot}%{_sysconfdir}/openldap/schema/README README.schema
  323. mv %{buildroot}%{_sysconfdir}/openldap/DB_CONFIG.example %{buildroot}%{_datadir}/openldap-servers/DB_CONFIG.example
  324. chmod 0644 openldap-%{version}/servers/slapd/back-sql/rdbms_depend/timesten/*.sh
  325. chmod 0644 %{buildroot}%{_datadir}/openldap-servers/DB_CONFIG.example
  326. # remove files which we don't want packaged
  327. rm -f %{buildroot}%{_libdir}/*.la # because we do not want files in %{_libdir}/openldap/ removed, yet
  328. rm -f %{buildroot}%{_localstatedir}/openldap-data/DB_CONFIG.example
  329. rmdir %{buildroot}%{_localstatedir}/openldap-data
  330. %clean
  331. rm -rf $RPM_BUILD_ROOT
  332. %post
  333. /sbin/ldconfig
  334. %postun
  335. #update only on package erase
  336. if [ $1 == 0 ]; then
  337. /sbin/ldconfig
  338. fi
  339. %pre servers
  340. # create ldap user and group
  341. getent group ldap &>/dev/null || groupadd -r -g 55 ldap
  342. getent passwd ldap &>/dev/null || \
  343. useradd -r -g ldap -u 55 -d %{_sharedstatedir}/ldap -s /sbin/nologin -c "OpenLDAP server" ldap
  344. if [ $1 -eq 2 ]; then
  345. # package upgrade
  346. old_version=$(rpm -q --qf=%%{version} openldap-servers)
  347. new_version=%{version}
  348. if [ "$old_version" != "$new_version" ]; then
  349. touch %{_sharedstatedir}/ldap/rpm_upgrade_openldap &>/dev/null
  350. fi
  351. fi
  352. exit 0
  353. %post servers
  354. /sbin/ldconfig -n %{_libdir}/openldap
  355. # generate configuration if necessary
  356. if [[ ! -f %{_sysconfdir}/openldap/slapd.d/cn=config.ldif && \
  357. ! -f %{_sysconfdir}/openldap/slapd.conf
  358. ]]; then
  359. # if there is no configuration available, generate one from the defaults
  360. mkdir -p %{_sysconfdir}/openldap/slapd.d/ &>/dev/null || :
  361. /usr/sbin/slapadd -F %{_sysconfdir}/openldap/slapd.d/ -n0 -l %{_datadir}/openldap-servers/slapd.ldif
  362. chown -R ldap:ldap %{_sysconfdir}/openldap/slapd.d/
  363. /sbin/service ldap condrestart > /dev/null 2>&1 || :
  364. fi
  365. start_slapd=0
  366. # upgrade the database
  367. running=`/sbin/service ldap status >/dev/null; echo $?`
  368. if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap ]; then
  369. if [ $running -eq 0 ]; then
  370. /sbin/service ldap stop > /dev/null 2>&1 || :
  371. start_slapd=1
  372. fi
  373. %{_libexecdir}/openldap/upgrade-db.sh &>/dev/null
  374. rm -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap
  375. fi
  376. # restart after upgrade
  377. if [ $1 -ge 1 ]; then
  378. if [ $start_slapd -eq 1 ]; then
  379. /sbin/service ldap start > /dev/null 2>&1 || :
  380. else
  381. /sbin/service ldap condrestart > /dev/null 2>&1 || :
  382. fi
  383. fi
  384. exit 0
  385. %preun servers
  386. if [ "$1" = "0" ] ; then
  387. /sbin/service ldap stop > /dev/null 2>&1 || :
  388. /sbin/chkconfig --del ldap
  389. # Openldap-servers are being removed from system.
  390. # Do not touch the database! Older versions of this
  391. # package attempted to store database in LDIF format, so
  392. # it can be restored later - but it's up to the administrator
  393. # to save the database, if he/she wants so.
  394. fi
  395. %postun servers
  396. /sbin/ldconfig ${_libdir}/openldap
  397. if [ $1 -ge 1 ] ; then
  398. /sbin/service ldap condrestart > /dev/null 2>&1 || :
  399. fi
  400. %post devel -p /sbin/ldconfig
  401. %postun devel -p /sbin/ldconfig
  402. %triggerin servers -- libdb
  403. # libdb upgrade (setup for %%triggerun)
  404. if [ $2 -eq 2 ]; then
  405. # we are interested in minor version changes (both versions of libdb are installed at this moment)
  406. if [ "$(rpm -q --qf="%%{version}\n" libdb | sed 's/\.[0-9]*$//' | sort -u | wc -l)" != "1" ]; then
  407. touch %{_sharedstatedir}/ldap/rpm_upgrade_libdb
  408. else
  409. rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
  410. fi
  411. fi
  412. exit 0
  413. %triggerun servers -- libdb
  414. # libdb upgrade (finish %%triggerin)
  415. running=`/sbin/service ldap status >/dev/null; echo $?`
  416. if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb ]; then
  417. if [ $running -eq 0 ]; then
  418. /sbin/service ldap stop > /dev/null 2>&1 || :
  419. start=1
  420. else
  421. start=0
  422. fi
  423. %{_libexecdir}/openldap/upgrade-db.sh &>/dev/null
  424. rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
  425. [ $start -eq 1 ] && /sbin/service ldap condrestart > /dev/null 2>&1 || :
  426. fi
  427. exit 0
  428. %files
  429. %defattr(-,root,root)
  430. %license openldap-%{version}/{COPYRIGHT,LICENSE}
  431. %doc openldap-%{version}/{ANNOUNCEMENT,CHANGES,README}
  432. %dir %{_sysconfdir}/openldap
  433. %dir %{_sysconfdir}/openldap/certs
  434. %config(noreplace) %{_sysconfdir}/openldap/ldap.conf
  435. %dir %{_libexecdir}/openldap/
  436. %{_libdir}/liblber-2.4*.so.*
  437. %{_libdir}/libldap-2.4*.so.*
  438. %{_libdir}/libldap_r-2.4*.so.*
  439. %{_libdir}/libslapi-2.4*.so.*
  440. %{_mandir}/man5/ldif.5*
  441. %{_mandir}/man5/ldap.conf.5*
  442. %files servers
  443. %defattr(-,root,root)
  444. %doc openldap-%{version}/contrib/slapd-modules/smbk5pwd/README.smbk5pwd
  445. %doc openldap-%{version}/doc/guide/admin/*.html
  446. %doc openldap-%{version}/doc/guide/admin/*.png
  447. %doc openldap-%{version}/servers/slapd/back-perl/SampleLDAP.pm
  448. %doc openldap-%{version}/servers/slapd/back-perl/README.back_perl
  449. %doc openldap-%{version}/servers/slapd/back-perl/README.back_perl
  450. %doc ltb-project-openldap-ppolicy-check-password-%{check_password_version}/README.check_pwd
  451. %doc README.schema
  452. %config(noreplace) %dir %attr(0750,ldap,ldap) %{_sysconfdir}/openldap/slapd.d
  453. %config(noreplace) %{_sysconfdir}/openldap/schema
  454. %config(noreplace) %{_sysconfdir}/sysconfig/slapd
  455. %config(noreplace) %{_sysconfdir}/openldap/check_password.conf
  456. %attr(0755,root,root) %config %{_sysconfdir}/rc.d/init.d/ldap
  457. %attr(0700,ldap,ldap) %dir /var/lib/ldap
  458. %attr(0755,ldap,ldap) %dir /var/run/openldap
  459. %{_datadir}/openldap-servers/
  460. %{_libdir}/openldap/accesslog*
  461. %{_libdir}/openldap/auditlog*
  462. %{_libdir}/openldap/allop*
  463. %{_libdir}/openldap/back_dnssrv*
  464. %{_libdir}/openldap/back_ldap*
  465. %{_libdir}/openldap/back_meta*
  466. %{_libdir}/openldap/back_null*
  467. %{_libdir}/openldap/back_passwd*
  468. %{_libdir}/openldap/back_relay*
  469. %{_libdir}/openldap/back_shell*
  470. %{_libdir}/openldap/back_sock*
  471. %{_libdir}/openldap/back_perl*
  472. %{_libdir}/openldap/collect*
  473. %{_libdir}/openldap/constraint*
  474. %{_libdir}/openldap/dds*
  475. %{_libdir}/openldap/deref*
  476. %{_libdir}/openldap/dyngroup*
  477. %{_libdir}/openldap/dynlist*
  478. %{_libdir}/openldap/memberof*
  479. %{_libdir}/openldap/pcache*
  480. %{_libdir}/openldap/ppolicy*
  481. %{_libdir}/openldap/refint*
  482. %{_libdir}/openldap/retcode*
  483. %{_libdir}/openldap/rwm*
  484. %{_libdir}/openldap/seqmod*
  485. %{_libdir}/openldap/smbk5pwd*
  486. %{_libdir}/openldap/sssvlv*
  487. %{_libdir}/openldap/syncprov*
  488. %{_libdir}/openldap/translucent*
  489. %{_libdir}/openldap/unique*
  490. %{_libdir}/openldap/valsort*
  491. %{_libdir}/openldap/check_password*
  492. %{_libexecdir}/openldap/functions
  493. %{_libexecdir}/openldap/check-config.sh
  494. %{_libexecdir}/openldap/upgrade-db.sh
  495. %{_sbindir}/sl*
  496. %{_mandir}/man8/*
  497. %{_mandir}/man5/slapd*.5*
  498. %{_mandir}/man5/slapo-*.5*
  499. # obsolete configuration
  500. %ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf
  501. %if %{with sql}
  502. %files servers-sql
  503. %defattr(-,root,root)
  504. %doc openldap-%{version}/servers/slapd/back-sql/docs/*
  505. %doc openldap-%{version}/servers/slapd/back-sql/rdbms_depend
  506. %{_libdir}/openldap/back_sql*
  507. %endif
  508. %files clients
  509. %defattr(-,root,root)
  510. %{_bindir}/*
  511. %{_mandir}/man1/*
  512. %files devel
  513. %defattr(-,root,root)
  514. %doc openldap-%{version}/doc/drafts openldap-%{version}/doc/rfc
  515. %{_libdir}/lib*.so
  516. %{_includedir}/*
  517. %{_mandir}/man3/*
  518. ## to build compat32 for x86_64 architecture support
  519. %if %{build_compat32}
  520. %files -n compat32-%{name}
  521. %defattr(-,root,root)
  522. %{_libdir}/libl*-2.4*.so.*
  523. # %files -n compat32-%{name}-servers-sql
  524. # %defattr(-,root,root)
  525. # %attr(0755,root,root) %{_libdir}/openldap/back_sql.la
  526. # %attr(0755,root,root) %{_libdir}/openldap/back_sql*.so.*
  527. %files -n compat32-%{name}-devel
  528. %defattr(-,root,root)
  529. %{_libdir}/lib*.so
  530. %endif
  531. %changelog
  532. * Sat May 18 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.46-3
  533. - rebuilt with perl-5.26.
  534. * Mon May 13 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.46-2
  535. - added BR:libxcrypt-devel.
  536. - added BR:libnsl2-devel.
  537. - gdbm is no longer needed.
  538. * Fri Nov 02 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.46-1
  539. - new upstream release.
  540. - rebuilt with openssl-1.1.1.
  541. - dropped too old MigrationTools.
  542. - dropped all patches and imported from rawhide.
  543. * Mon Mar 14 2016 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.44-1
  544. - new upstream release and built with openssl 1.0.2g
  545. - update patch0
  546. - drop patch1000,1001 (are included in new release)
  547. * Fri Mar 6 2015 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.40-2
  548. - added patch1000,1001 to fix CVE-2015-1545,1546.
  549. * Sat Feb 28 2015 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.40-1
  550. - new upstream release.
  551. * Fri Feb 27 2015 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 2.4.23-6
  552. - add patch1146 for fix CVE-2013-4449
  553. * Tue Dec 16 2014 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 2.4.23-5
  554. - added Patch700 to build with libdb 5.3.28
  555. * Thu Jan 9 2014 IWAI, Masaharu <iwaim.sub@gmail.com> 2.4.23-4
  556. - build with cyrus-sasl 2.1.26
  557. * Sun Dec 9 2012 IWAI, Masaharu <iwai@alib.jp> 2.4.23-3
  558. - SECURITY FIX, #2501
  559. - patches from CentOS 6.3; openldap 2.4.23-26.el6_3.2
  560. - CVE-2011-1024: add openldap-cve-ppolicy-forward-updates.patch (Patch1112)
  561. - CVE-2011-1025: add openldap-cve-ndb-bind-rootdn.patch (Patch1113)
  562. - CVE-2012-1164: add openldap-cve-relay-rwm-translucent.patch (Patch1141)
  563. - CVE-2012-2668: add openldap-cve-nss-cipher-suite-ignored.patch (Patch1144)
  564. - patch based CentOS 6.3; openldap 2.4.23-26.el6_3.2
  565. - CVE-2012-2668: add openldap-cve-nss-default-cipher-suite-always-selected.patch (Patch1145)
  566. - fix document file path for servers sub package
  567. * Sat Apr 9 2011 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.4.23-2
  568. - added --with-odbc=unixodbc to configure
  569. * Wed Apr 6 2011 IWAI, Masaharu <iwai@alib.jp> 2.4.23-1
  570. - new upstream release
  571. - update MigrationTools 47
  572. * Wed Jan 12 2011 Yoji TOYODA <bsyamato@sea.plala.or.jp> - 2.4.21-5
  573. - change %%define __perl_requires instead of __find_requires
  574. * Tue Jan 11 2011 Yoji TOYODA <bsyamato@sea.plala.or.jp> - 2.4.21-4
  575. - rebuild with openssl-1.0.0c
  576. * Fri Feb 12 2010 MATSUBAYASHI Kohji <shaolin@vinelinux.org> - 2.4.21-3
  577. - rebuilt with gcc-4.4.3-3 on ppc
  578. * Fri Feb 5 2010 MATSUBAYASHI Kohji <shaolin@vinelinux.org> - 2.4.21-2
  579. - rebuilt with rpm-4.8.0-3 (on ppc)
  580. * Tue Feb 02 2010 Daisuke SUZUKI <daisuke@linux.or.jp> 2.4.21-1
  581. - new upstream release
  582. - rebuild with db4-4.8.0
  583. - use Requires(post/pre) instead of Prereq
  584. * Sun Dec 20 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-4
  585. - rebuild
  586. * Tue Nov 3 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-3
  587. - add BuildConflicts: libicu-devel
  588. * Mon Nov 2 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-2
  589. - add Patch1000 for fix CVE-2009-3767 (openssl null char)
  590. - add --with-gssapi into configure
  591. - drop --without-kerberos (it is old configure option)
  592. * Wed Aug 05 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.16-1
  593. - new upstream release
  594. * Sun Jul 05 2009 Munehiro Yamamoto <munepi@cg8.so-net.ne.jp> 2.4.11-6
  595. - dropped compat32-%%{name}-servers-sql
  596. * Sat Jul 04 2009 Munehiro Yamamoto <munepi@cg8.so-net.ne.jp> 2.4.11-5
  597. - added compat32 subpackages
  598. * Wed Apr 15 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 2.4.11-4
  599. - rebuild with libtool-2.2.6a
  600. * Sat Apr 04 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-3
  601. - use filter-requires-openldap.sh instead of find-requires
  602. * Wed Apr 01 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-2
  603. - reverted a scriptlet that dropped in 2.3.24-0vl4
  604. * Sun Mar 01 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-1
  605. - new upstream release
  606. - applied patches from fedora's package (openldap-2.4.12-1)
  607. * Sun Mar 30 2008 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.41-1vl5
  608. - updated to 2.3.41 (Patch10 and 11 were merged into upstream)
  609. * Fri May 18 2007 Daisuke SUZUKI <daisuke@linux.or.jp> 2.3.27-0vl5
  610. - rebuild with new openssl
  611. * Sat May 12 2007 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.27-0vl4
  612. - rebuilt with new toolchain/bdb 4.3
  613. * Tue Dec 26 2006 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.27-0vl3
  614. - rebuilt for VineSeed
  615. * Thu Dec 21 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.3
  616. - add Vendor/Distribution tag
  617. * Wed Dec 13 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.2
  618. - add patch11 for fix krbv4_ldap_auth issue
  619. * Fri Nov 24 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.1
  620. - add patch10 for fix CVE-2006-5779
  621. * Sun Sep 03 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.27-0vl2
  622. - use filter-requires-openldap.sh instead of find-requires
  623. * Sun Aug 27 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.27-0vl1
  624. - new upstream release
  625. * Sat Aug 26 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl4
  626. - restored rfc822-MailMember.schema
  627. - update config.patch
  628. - removed a scriptlet that save and restore the database
  629. * Sat Aug 19 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl3
  630. - removed internal bdb
  631. - removed autoconf-2.13.1 and automake-1.4a
  632. * Tue Jul 11 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl2
  633. - removed compat-openldap subpackage
  634. * Sun Jul 02 2006 Satoshi MACHINO <machino@vinelinux.org> 2.3.24-0vl1
  635. - New upstream release
  636. - merged to fedora's package(openldap-2.3.24-2)
  637. -- build sql backend as a loadable module
  638. -- move ucdata to the -servers subpackage where it belongs
  639. -- add compat-openldap subpackage
  640. -- update administrator guide
  641. -- build a separate, static set of libraries for openldap-devel with the
  642. non-standard ntlm bind patch applied, for use by
  643. the evolution-connector package (#125579), and installing them under
  644. %%{evolution_connector_prefix} (%{evolution_connector_prefix})
  645. -- add libtool-ltdl-devel buildprereqs
  646. -- Upgrade internal bdb to db-4.4.20. For a clean upgrade, this will
  647. require that users slapcat their databases into a temp file, move
  648. /var/lib/ldap someplace safe, upgrade the openldap rpms, then
  649. slapadd the temp file.
  650. -- fix ldap.init
  651. -- add two upstream patches for db-4.4.20
  652. * Wed Nov 2 2005 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.1.30-0vl2
  653. - rebuild for VineSeed Plus
  654. - added Japanese summary
  655. * Sat Apr 17 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.30-0vl1
  656. - new upstream version (openldap-2.1.30)
  657. -- Fixed slapd userdb checkpass bub (ITS#3048)
  658. -- Fixed back-ldbm IDL delete bug (ITS#3048)
  659. -- Fixed libldap schema parsing bug (ITS#2920, ITS#3065)
  660. -- Fixed liblutil NS MTA MD5 passwd len bug (ITS#2899)
  661. -- Removed lint (ITS#3086)
  662. -- Documentation updated slapd.conf(5) manpage (ITS#2525)
  663. * Thu Apr 08 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.29-0vl2
  664. - fixed ldap.ini
  665. * Sun Mar 28 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.29-0vl1
  666. - new upstream version (openldap-2.1.29)
  667. * Wed Mar 24 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.28-0vl1
  668. - new upstream version (openldap-2.1.28)
  669. * Mon Mar 22 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.27-0vl1
  670. - new upstream version (openldap-2.1.27)
  671. * Sat Jan 24 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.26-0vl1
  672. - new upstream version (openldap-2.1.26)
  673. - don't use libtool in make
  674. * Sun Oct 26 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.23-0vl1
  675. - new upstream version (openldap-2.1.23)
  676. - updated migration tools to version 45
  677. - used libtool
  678. * Sun Jul 20 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.22-0vl2
  679. - for VineSeedPlus
  680. - fixed BuildPreReq
  681. * Sat Jul 19 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.22-0vl1
  682. - for VinePlus
  683. - new upstream version (openldap-2.1.22)
  684. * Thu May 29 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.21-0vl1
  685. - new upstream version (openldap-2.1.21)
  686. * Tue May 20 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.20-0vl1
  687. - new upstream version
  688. * Thu May 15 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.19-1vl1
  689. - new upstream version
  690. - merged spec file to 2.1.19-1
  691. -- switch to db with crypto
  692. -- install the db utils for the bundled libdb as %%{_sbindir}/slapd_db_*
  693. -- install slapcat/slapadd from 2.0.x for migration purposes
  694. * Mon Jan 27 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.12-0vl1
  695. - updated to openldap-2.1.12
  696. -- dropped ldapfriendly
  697. * Fri Sep 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.1.4-0vl1
  698. - updated to openldap-2.1.4
  699. - updated guide.html
  700. * Fri Sep 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.1.3-4vl1
  701. - updated to openldap-2.1.3
  702. - added db-4.0.14
  703. - updated migration tools to version 44
  704. - merged openldap-2.1.3-4
  705. -- updated patch0, patch1, patch3 and patch6
  706. -- dropped patch7 and patch10
  707. -- enable the ldbm/berkeley backend as well
  708. -- use an ldbm/berkeley database as the default
  709. -- don't install slapadd-gdbm
  710. -- allow ldapv2 binds by default
  711. -- set TLS_CACERTFILE in the default ldap.conf file
  712. * Tue Jun 11 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.25-0vl1
  713. - updated to openldap-2.0.25
  714. * Mon Jun 10 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.24-0vl1
  715. - updated to openldap-2.0.24
  716. - updated migration tools to version 40
  717. - dropped autoconf source
  718. - dropped some patches
  719. * Sat Feb 16 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.23-0vl1
  720. - updated openldap-2.0.23
  721. * Wed Feb 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.22-0vl1
  722. - updated openldap-2.0.22
  723. * Mon Jan 21 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.21-0vl1
  724. - updated openldap-2.0.21
  725. * Wed Nov 07 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.18-0vl1
  726. - updated openldap-2.0.18
  727. * Sun Oct 14 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.17-0vl1
  728. - updated openldap-2.0.17
  729. - updated MigrationTools-38-instdir.patch
  730. - updated openldap-2.0.17-config.patch
  731. - removed openldap-2.0.3-krb5-1.1.patch
  732. * Sat Sep 22 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.14-1vl1
  733. - update to migration tools 39
  734. - removed patch libtool.patch and linkage.patch
  735. * Wed Sep 19 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.14-0vl0
  736. - updated openldap-2.0.14
  737. * Mon Jul 16 2001 MATSUBAYASHI 'Shaolin' Kohji <shaolin@vinelinux.org>
  738. - 2.0.11-0vl2
  739. - rebuilt with openssl-0.9.6b
  740. * Sun May 27 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.11-0vl1
  741. - updated
  742. * Thu Apr 12 2001 Akira TAGOH <tagoh@gnome.gr.jp> 2.0.7-14vl3
  743. - Fixed resolve libraries path.
  744. * Wed Apr 11 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-14vl2
  745. - added openldap-2.0.7-config-vine.patch
  746. - removed openldap-2.0.7-config.patch
  747. * Tue Apr 10 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-14vl1
  748. - merged Rawhide's OpenLDAP Package
  749. back out pidfile patches, which interact weirdly with Linux threads
  750. mark non-standard schema as such by moving them to a different directory
  751. update to MigrationTools 36, adds netgroup support
  752. fix thinko in that last patch
  753. try to work around some buffering problems
  754. gettextize the init script
  755. move the RFCs to the base package (#21701)
  756. add support for additional OPTIONS, SLAPD_OPTIONS, and SLURPD_OPTIONS in
  757. a /etc/sysconfig/ldap file (#23549)
  758. change automount object OID from 1.3.6.1.1.1.2.9 to 1.3.6.1.1.1.2.13,
  759. per mail from the ldap-nis mailing list
  760. force -fPIC so that shared libraries don't fall over
  761. add Norbert Klasen's patch (via Del) to fix searches using ldaps URLs
  762. (OpenLDAP ITS #889)
  763. add "-h ldaps:///" to server init when TLS is enabled, in order to support
  764. ldaps in addition to the regular STARTTLS (suggested by Del)
  765. correct mismatched-dn-cn bug in migrate_automount.pl
  766. update to the correct OIDs for automount and automountInformation
  767. add notes on upgrading
  768. * Sat Nov 25 2000 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-1vl2
  769. - fixed VersionedDependencies to used _noVersionedDependencies 1 in .rpmmacros
  770. * Sat Nov 18 2000 MACHINO, satoshi <machino@vinelinux.org> 2.0.7-1vl1
  771. - build for Vine Linux
  772. - removed kerberos
  773. - fixed config dir
  774. - fixed _sysconfdir
  775. * Tue Nov 7 2000 Nalin Dahyabhai <nalin@redhat.com>
  776. - update to 2.0.7
  777. - drop chdir patch (went mainstream)
  778. * Thu Nov 2 2000 Nalin Dahyabhai <nalin@redhat.com>
  779. - change automount object classes from auxiliary to structural
  780. * Tue Oct 31 2000 Nalin Dahyabhai <nalin@redhat.com>
  781. - update to Migration Tools 27
  782. - change the sense of the last simple patch
  783. * Wed Oct 25 2000 Nalin Dahyabhai <nalin@redhat.com>
  784. - reorganize the patch list to separate MigrationTools and OpenLDAP patches
  785. - switch to Luke Howard's rfc822MailMember schema instead of the aliases.schema
  786. - configure slapd to run as the non-root user "ldap" (#19370)
  787. - chdir() before chroot() (we don't use chroot, though) (#19369)
  788. - disable saving of the pid file because the parent thread which saves it and
  789. the child thread which listens have different pids
  790. * Wed Oct 11 2000 Nalin Dahyabhai <nalin@redhat.com>
  791. - add missing required attributes to conversion scripts to comply with schema
  792. - add schema for mail aliases, autofs, and kerberosSecurityObject rooted in
  793. our own OID tree to define attributes and classes migration scripts expect
  794. - tweak automounter migration script
  795. * Mon Oct 9 2000 Nalin Dahyabhai <nalin@redhat.com>
  796. - try adding the suffix first when doing online migrations
  797. - force ldapadd to use simple authentication in migration scripts
  798. - add indexing of a few attributes to the default configuration
  799. - add commented-out section on using TLS to default configuration
  800. * Thu Oct 5 2000 Nalin Dahyabhai <nalin@redhat.com>
  801. - update to 2.0.6
  802. - add buildprereq on cyrus-sasl-devel, krb5-devel, openssl-devel
  803. - take the -s flag off of slapadd invocations in migration tools
  804. - add the cosine.schema to the default server config, needed by inetorgperson
  805. * Wed Oct 4 2000 Nalin Dahyabhai <nalin@redhat.com>
  806. - add the nis.schema and inetorgperson.schema to the default server config
  807. - make ldapadd a hard link to ldapmodify because they're identical binaries
  808. * Fri Sep 22 2000 Nalin Dahyabhai <nalin@redhat.com>
  809. - update to 2.0.4
  810. * Fri Sep 15 2000 Nalin Dahyabhai <nalin@redhat.com>
  811. - remove prereq on /etc/init.d (#17531)
  812. - update to 2.0.3
  813. - add saucer to the included clients
  814. * Wed Sep 6 2000 Nalin Dahyabhai <nalin@redhat.com>
  815. - update to 2.0.1
  816. * Fri Sep 1 2000 Nalin Dahyabhai <nalin@redhat.com>
  817. - update to 2.0.0
  818. - patch to build against MIT Kerberos 1.1 and later instead of 1.0.x
  819. * Tue Aug 22 2000 Nalin Dahyabhai <nalin@redhat.com>
  820. - remove that pesky default password
  821. - change "Copyright:" to "License:"
  822. * Sun Aug 13 2000 Nalin Dahyabhai <nalin@redhat.com>
  823. - adjust permissions in files lists
  824. - move libexecdir from %%{_prefix}/sbin to %%{_sbindir}
  825. * Fri Aug 11 2000 Nalin Dahyabhai <nalin@redhat.com>
  826. - add migrate_automount.pl to the migration scripts set
  827. * Tue Aug 8 2000 Nalin Dahyabhai <nalin@redhat.com>
  828. - build a semistatic slurpd with threads, everything else without
  829. - disable reverse lookups, per email on OpenLDAP mailing lists
  830. - make sure the execute bits are set on the shared libraries
  831. * Mon Jul 31 2000 Nalin Dahyabhai <nalin@redhat.com>
  832. - change logging facility used from local4 to daemon (#11047)
  833. * Thu Jul 27 2000 Nalin Dahyabhai <nalin@redhat.com>
  834. - split off clients and servers to shrink down the package and remove the
  835. base package's dependency on Perl
  836. - make certain that the binaries have sane permissions
  837. * Mon Jul 17 2000 Nalin Dahyabhai <nalin@redhat.com>
  838. - move the init script back
  839. * Thu Jul 13 2000 Nalin Dahyabhai <nalin@redhat.com>
  840. - tweak the init script to only source /etc/sysconfig/network if it's found
  841. * Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
  842. - automatic rebuild
  843. * Mon Jul 10 2000 Nalin Dahyabhai <nalin@redhat.com>
  844. - switch to gdbm; I'm getting off the db merry-go-round
  845. - tweak the init script some more
  846. - add instdir to @INC in migration scripts
  847. * Thu Jul 6 2000 Nalin Dahyabhai <nalin@redhat.com>
  848. - tweak init script to return error codes properly
  849. - change initscripts dependency to one on /etc/init.d
  850. * Tue Jul 4 2000 Nalin Dahyabhai <nalin@redhat.com>
  851. - prereq initscripts
  852. - make migration scripts use mktemp
  853. * Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com>
  854. - do condrestart in post and stop in preun
  855. - move init script to /etc/init.d
  856. * Fri Jun 16 2000 Nalin Dahyabhai <nalin@redhat.com>
  857. - update to 1.2.11
  858. - add condrestart logic to init script
  859. - munge migration scripts so that you don't have to be
  860. /usr/share/openldap/migration to run them
  861. - add code to create pid files in /var/run
  862. * Mon Jun 5 2000 Nalin Dahyabhai <nalin@redhat.com>
  863. - FHS tweaks
  864. - fix for compiling with libdb2
  865. * Thu May 4 2000 Bill Nottingham <notting@redhat.com>
  866. - minor tweak so it builds on ia64
  867. * Wed May 3 2000 Nalin Dahyabhai <nalin@redhat.com>
  868. - more minimalistic fix for bug #11111 after consultation with OpenLDAP team
  869. - backport replacement for the ldapuser patch
  870. * Tue May 2 2000 Nalin Dahyabhai <nalin@redhat.com>
  871. - fix segfaults from queries with commas in them in in.xfingerd (bug #11111)
  872. * Tue Apr 25 2000 Nalin Dahyabhai <nalin@redhat.com>
  873. - update to 1.2.10
  874. - add revamped version of patch from kos@bastard.net to allow execution as
  875. any non-root user
  876. - remove test suite from %%build because of weirdness in the build system
  877. * Wed Apr 12 2000 Nalin Dahyabhai <nalin@redhat.com>
  878. - move the defaults for databases and whatnot to /var/lib/ldap (bug #10714)
  879. - fix some possible string-handling problems
  880. * Mon Feb 14 2000 Bill Nottingham <notting@redhat.com>
  881. - start earlier, stop later.
  882. * Thu Feb 3 2000 Nalin Dahyabhai <nalin@redhat.com>
  883. - auto rebuild in new environment (release 4)
  884. * Tue Feb 1 2000 Nalin Dahyabhai <nalin@redhat.com>
  885. - add -D_REENTRANT to make threaded stuff more stable, even though it looks
  886. like the sources define it, too
  887. - mark *.ph files in migration tools as config files
  888. * Fri Jan 21 2000 Nalin Dahyabhai <nalin@redhat.com>
  889. - update to 1.2.9
  890. * Mon Sep 13 1999 Bill Nottingham <notting@redhat.com>
  891. - strip files
  892. * Sat Sep 11 1999 Bill Nottingham <notting@redhat.com>
  893. - update to 1.2.7
  894. - fix some bugs from bugzilla (#4885, #4887, #4888, #4967)
  895. - take include files out of base package
  896. * Fri Aug 27 1999 Jeff Johnson <jbj@redhat.com>
  897. - missing ;; in init script reload) (#4734).
  898. * Tue Aug 24 1999 Cristian Gafton <gafton@redhat.com>
  899. - move stuff from /usr/libexec to /usr/sbin
  900. - relocate config dirs to /etc/openldap
  901. * Mon Aug 16 1999 Bill Nottingham <notting@redhat.com>
  902. - initscript munging
  903. * Wed Aug 11 1999 Cristian Gafton <gafton@redhat.com>
  904. - add the migration tools to the package
  905. * Fri Aug 06 1999 Cristian Gafton <gafton@redhat.com>
  906. - upgrade to 1.2.6
  907. - add rc.d script
  908. - split -devel package
  909. * Sun Feb 07 1999 Preston Brown <pbrown@redhat.com>
  910. - upgrade to latest stable (1.1.4), it now uses configure macro.
  911. * Fri Jan 15 1999 Bill Nottingham <notting@redhat.com>
  912. - build on arm, glibc2.1
  913. * Wed Oct 28 1998 Preston Brown <pbrown@redhat.com>
  914. - initial cut.
  915. - patches for signal handling on the alpha