openldap-vl.spec 44 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250
  1. %bcond_with systemd
  2. %bcond_with sql
  3. %define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
  4. %define __perl_requires %{SOURCE11}
  5. %global check_password_version 1.1
  6. Summary: The configuration files, libraries and documentation for OpenLDAP.
  7. Summary(ja): OpenLDAP の設定ファイル,ライブラリ,ドキュメント.
  8. Name: openldap
  9. Version: 2.4.59
  10. Release: 2%{?_dist_release}%{?with_systemd:.systemd}
  11. Group: system
  12. Vendor: Project Vine
  13. Distribution: Vine Linux
  14. License: OpenLDAP
  15. URL: https://www.openldap.org/
  16. Source0: https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version}.tgz
  17. Source2: ldap.init
  18. Source4: slapd.ldif
  19. Source5: ldap.conf
  20. Source10: ldap.sysconfig
  21. Source11: filter-requires-openldap.sh
  22. Source12: ltb-project-openldap-ppolicy-check-password-%{check_password_version}.tar.gz
  23. Source50: libexec-functions
  24. Source52: libexec-check-config.sh
  25. Source53: libexec-upgrade-db.sh
  26. Source101: slapd.service
  27. Source102: slapd.tmpfiles
  28. # Patches for 2.4
  29. Patch0: openldap-manpages.patch
  30. Patch2: openldap-reentrant-gethostby.patch
  31. Patch3: openldap-smbk5pwd-overlay.patch
  32. Patch5: openldap-ai-addrconfig.patch
  33. Patch17: openldap-allop-overlay.patch
  34. # fix back_perl problems with lt_dlopen()
  35. # might cause crashes because of symbol collisions
  36. # the proper fix is to link all perl modules against libperl
  37. # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327585
  38. Patch19: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch
  39. # ldapi sasl fix pending upstream inclusion
  40. Patch24: openldap-openssl-manpage-defaultCA.patch
  41. # The below patches come from upstream master and are necessary for Channel Binding
  42. # (both tls-unique and tls-server-end-point) to work properly.
  43. # Additionally, for Samba to be able to implement Channel Binding, the PEERCERT option
  44. # is being included as well.
  45. Patch50: openldap-cbinding-Add-channel-binding-support.patch
  46. Patch51: openldap-cbinding-ITS-8573-allow-all-libldap-options-in-tools-o-option.patch
  47. Patch52: openldap-cbinding-ITS-8573-TLS-option-test-suite.patch
  48. Patch53: openldap-cbinding-ITS-8573-Add-missing-URI-variables-for-tests.patch
  49. Patch54: openldap-cbinding-auth-add-SASL-GSSAPI-tests.patch
  50. Patch55: openldap-cbinding-ITS-7398-add-LDAP_OPT_X_TLS_PEERCERT.patch
  51. Patch56: openldap-cbinding-Make-prototypes-available-where-needed.patch
  52. Patch57: openldap-cbinding-ITS-9189_1-rework-sasl-cbinding-support.patch
  53. Patch58: openldap-cbinding-ITS-9189_2-add-channel-bindings-tests.patch
  54. Patch59: openldap-cbinding-ITS-9189_3-initialize-ldo_sasl_cbinding-in-LDAP_LDO_SA.patch
  55. Patch60: openldap-cbinding-Fix-slaptest-in-test077.patch
  56. Patch61: openldap-cbinding-Convert-test077-to-LDIF-config.patch
  57. Patch62: openldap-cbinding-Update-keys-to-RSA-4096.patch
  58. Patch63: openldap-cbinding-ITS-9215-fix-for-glibc-again.patch
  59. Patch64: openldap-add-tls-sni-support-to-libldap.patch
  60. # check-password module specific patches
  61. Patch90: check-password-makefile.patch
  62. Patch91: check-password.patch
  63. # Vine Patches
  64. # security fixes
  65. BuildRoot: %{_tmppath}/%{name}-%{version}-root
  66. BuildRequires: autoconf, automake, libtool >= 2.2.6a
  67. BuildRequires: libxcrypt-devel, libnsl2-devel
  68. BuildRequires: cyrus-sasl-devel, openssl-devel, perl
  69. BuildRequires: libdb-devel, pam-devel, pkgconfig, tcp_wrappers
  70. BuildRequires: unixODBC-devel, bind-devel, libtool-ltdl-devel >= 2.2.6a
  71. BuildRequires: krb5-devel
  72. BuildRequires: groff
  73. %if %{with systemd}
  74. BuildRequires: systemd
  75. %endif
  76. #BuildConflicts: libicu-devel
  77. Requires: cyrus-sasl, mktemp
  78. %description
  79. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
  80. Protocol) applications and development tools. LDAP is a set of
  81. protocols for accessing directory services (usually phone book style
  82. information, but other information is possible) over the Internet,
  83. similar to the way DNS (Domain Name System) information is propagated
  84. over the Internet. The openldap package contains configuration files,
  85. libraries and documentation for OpenLDAP.
  86. %description -l ja
  87. OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス(電話帳の様な情報や他の情報)にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た方式でInternetに伝えられます。opanldapパッケージはOpanLDAP用の設定ファイルやライブラリ、ドキュメントを含んでいます。
  88. %package devel
  89. Summary: OpenLDAP development libraries and header files.
  90. Summary(ja): OpenLDAP の開発用ライブラリおよびヘッダファイル.
  91. Group: programming
  92. Requires: openldap = %{version}-%{release}, cyrus-sasl-devel >= 2.1
  93. Provides: openldap-evolution-devel = %{version}-%{release}
  94. %description devel
  95. The openldap-devel package includes the development libraries and
  96. header files needed for compiling applications that use LDAP
  97. (Lightweight Directory Access Protocol) internals. LDAP is a set of
  98. protocols for enabling directory services over the Internet. Install
  99. this package only if you plan to develop or will need to compile
  100. customized LDAP clients.
  101. %description devel -l ja
  102. openldap-develパッケージはLDAP(Lightweight Directory Access Protocol)を使うためにコンパイルするアプリケーションに必要な開発用ライブラリやヘッダファイルを含んでいます。LDAPはInternet上にディレクトリサービスを可能にするプロトコルです。LDAPクライアントを開発したりカスタマイズする場合には、このパッケージをインストールしてください。
  103. %package servers
  104. Summary: OpenLDAP servers and related files.
  105. Summary(ja): OpenLDAP サーバおよび関連ファイル.
  106. Group: servers
  107. Requires(pre): fileutils, make, openldap = %{version}-%{release}, openssl, shadow-utils, coreutils
  108. Requires(post): fileutils, make, openldap = %{version}-%{release}, openssl, shadow-utils, coreutils
  109. %if %{with systemd}
  110. %{?systemd_requires}
  111. %else
  112. Requires(pre): chkconfig
  113. Requires(post): chkconfig
  114. %endif
  115. %description servers
  116. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
  117. Protocol) applications and development tools. LDAP is a set of
  118. protocols for accessing directory services (usually phone book style
  119. information, but other information is possible) over the Internet,
  120. similar to the way DNS (Domain Name System) information is propagated
  121. over the Internet. This package contains the slapd and slurpd servers,
  122. migration scripts and related files.
  123. %description servers -l ja
  124. OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス(電話帳の様な情報や他の情報)にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た\方式でInternetに伝えられます。このパッケージはslapdやslurpdサーバ、移行スクリプトや関連するファイルを含んでいます。
  125. %if %{with sql}
  126. %package servers-sql
  127. Summary: OpenLDAP server SQL support module.
  128. Summary(ja): SQLサポートモジュールを含んだOpenLDAPサーバ
  129. Group: servers
  130. Requires(post): openldap-servers = %{version}-%{release}
  131. %description servers-sql
  132. OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
  133. Protocol) applications and development tools. LDAP is a set of
  134. protocols for accessing directory services (usually phone book style
  135. information, but other information is possible) over the Internet,
  136. similar to the way DNS (Domain Name System) information is propagated
  137. over the Internet. This package contains a loadable module which the
  138. slapd server can use to read data from an RDBMS.
  139. %description servers-sql -l ja
  140. OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケー
  141. ションと開発ツール集です。LDAPはディレクトリサービス(電話帳の様な情報や他の情報
  142. )にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た
  143. 方式でInternetに伝えられます。
  144. このパッケージはslapdサーバがRDBMSからデータを読み込むためのモジュールを含んでいます。
  145. %endif
  146. %package clients
  147. Summary: Client programs for OpenLDAP.
  148. Summary(ja): OpenLDAP のクライアントプログラム.
  149. Requires(post): openldap = %{version}-%{release}
  150. Group: admin-tools
  151. %description clients
  152. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
  153. Protocol) applications and development tools. LDAP is a set of
  154. protocols for accessing directory services (usually phone book style
  155. information, but other information is possible) over the Internet,
  156. similar to the way DNS (Domain Name System) information is propagated
  157. over the Internet. The openldap-clients package contains the client
  158. programs needed for accessing and modifying OpenLDAP directories.
  159. %description clients -l ja
  160. OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス(電話帳の様な情報や他の情報)にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た\方式でInternetに伝えられます。openldap-clientsパッケージはOpenLDAPディレクトリにアクセスしたり、修正したりするためのクライアントプログラムを含んでいます。
  161. ## to build compat32 for x86_64 architecture support
  162. %package -n compat32-%{name}
  163. Summary: libraries for OpenLDAP.
  164. Group: system
  165. %description -n compat32-%{name}
  166. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
  167. Protocol) applications and development tools. LDAP is a set of
  168. protocols for accessing directory services (usually phone book style
  169. information, but other information is possible) over the Internet,
  170. similar to the way DNS (Domain Name System) information is propagated
  171. over the Internet. The openldap package contains configuration files,
  172. libraries and documentation for OpenLDAP.
  173. # %package -n compat32-%{name}-servers-sql
  174. # Summary: OpenLDAP server SQL support module.
  175. # Group: System Environment/Libraries
  176. # %description -n compat32-%{name}-servers-sql
  177. # OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
  178. # Protocol) applications and development tools. LDAP is a set of
  179. # protocols for accessing directory services (usually phone book style
  180. # information, but other information is possible) over the Internet,
  181. # similar to the way DNS (Domain Name System) information is propagated
  182. # over the Internet. This package contains a loadable module which the
  183. # slapd server can use to read data from an RDBMS.
  184. %package -n compat32-%{name}-devel
  185. Summary: OpenLDAP development libraries and header files.
  186. Group: programming
  187. %description -n compat32-%{name}-devel
  188. The openldap-devel package includes the development libraries and
  189. header files needed for compiling applications that use LDAP
  190. (Lightweight Directory Access Protocol) internals. LDAP is a set of
  191. protocols for enabling directory services over the Internet. Install
  192. this package only if you plan to develop or will need to compile
  193. customized LDAP clients.
  194. %debug_package
  195. %prep
  196. %setup -q -c -a 0 -a 12
  197. pushd openldap-%{version}
  198. #AUTOMAKE=/bin/true autoreconf -fiv
  199. autoreconf -fiv ||:
  200. %patch0 -p1
  201. %patch2 -p1
  202. %patch3 -p1
  203. %patch5 -p1
  204. %patch17 -p1
  205. %patch19 -p1
  206. %patch24 -p1
  207. %patch50 -p1
  208. %patch51 -p1
  209. %patch52 -p1
  210. %patch53 -p1
  211. %patch54 -p1
  212. %patch55 -p1
  213. %patch56 -p1
  214. %patch57 -p1
  215. %patch58 -p1
  216. %patch59 -p1
  217. %patch60 -p1
  218. %patch61 -p1
  219. %patch62 -p1
  220. %patch63 -p1
  221. %patch64 -p1
  222. # security
  223. # build smbk5pwd with other overlays
  224. ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
  225. mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
  226. # build allop with other overlays
  227. ln -s ../../../contrib/slapd-modules/allop/allop.c servers/slapd/overlays
  228. mv contrib/slapd-modules/allop/README contrib/slapd-modules/allop/README.allop
  229. mv contrib/slapd-modules/allop/slapo-allop.5 doc/man/man5/slapo-allop.5
  230. mv servers/slapd/back-perl/README{,.back_perl}
  231. # fix documentation encoding
  232. for filename in doc/drafts/draft-ietf-ldapext-acl-model-xx.txt; do
  233. iconv -f iso-8859-1 -t utf-8 "$filename" > "$filename.utf8"
  234. mv "$filename.utf8" "$filename"
  235. done
  236. popd
  237. pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
  238. %patch90 -p1
  239. %patch91 -p1
  240. popd
  241. %build
  242. export CFLAGS="-fpie %{optflags} -Wl,-z,relro,-z,now,--as-needed -DLDAP_CONNECTIONLESS -DLDAP_USE_NON_BLOCKING_TLS"
  243. export LDFLAGS="-pie"
  244. pushd openldap-%{version}
  245. %configure \
  246. --enable-debug \
  247. --enable-dynamic \
  248. \
  249. --enable-dynacl \
  250. --enable-cleartext \
  251. --enable-crypt \
  252. --enable-lmpasswd \
  253. --enable-spasswd \
  254. --enable-modules \
  255. --enable-rewrite \
  256. --enable-rlookups \
  257. --enable-slapi \
  258. --disable-slp \
  259. \
  260. --enable-backends=mod \
  261. --enable-bdb=yes \
  262. --enable-hdb=yes \
  263. --enable-mdb=yes \
  264. --enable-monitor=yes \
  265. --disable-ndb \
  266. %if %{with sql}
  267. --enable-sql=yes \
  268. %else
  269. --disable-sql \
  270. %endif
  271. \
  272. --enable-overlays=mod \
  273. \
  274. --disable-static \
  275. \
  276. --with-cyrus-sasl \
  277. --without-fetch \
  278. --with-threads \
  279. --with-pic \
  280. --with-gnu-ld \
  281. \
  282. --libexecdir=%{_libdir}
  283. make %{_smp_mflags}
  284. popd
  285. pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
  286. make LDAP_INC="-I../openldap-%{version}/include \
  287. -I../openldap-%{version}/servers/slapd \
  288. -I../openldap-%{version}/build-servers/include"
  289. popd
  290. %install
  291. [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
  292. mkdir -p %{buildroot}%{_libdir}/
  293. pushd openldap-%{version}
  294. make install DESTDIR=%{buildroot} STRIP=""
  295. popd
  296. # install check_password module
  297. pushd ltb-project-openldap-ppolicy-check-password-%{check_password_version}
  298. mv check_password.so check_password.so.%{check_password_version}
  299. ln -s check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/check_password.so
  300. install -m 755 check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/
  301. # install -m 644 README %{buildroot}%{_libdir}/openldap
  302. install -d -m 755 %{buildroot}%{_sysconfdir}/openldap
  303. cat > %{buildroot}%{_sysconfdir}/openldap/check_password.conf <<EOF
  304. # OpenLDAP pwdChecker library configuration
  305. #useCracklib 1
  306. #minPoints 3
  307. #minUpper 0
  308. #minLower 0
  309. #minDigit 0
  310. #minPunct 0
  311. EOF
  312. mv README{,.check_pwd}
  313. popd
  314. # setup directories for TLS certificates
  315. mkdir -p %{buildroot}%{_sysconfdir}/openldap/certs
  316. # Create the data directory.
  317. install -m 0700 -d $RPM_BUILD_ROOT/var/lib/ldap
  318. # Create the new run directory
  319. install -m 0755 -d $RPM_BUILD_ROOT/var/run/openldap
  320. # install default ldap.conf (customized)
  321. rm -f %{buildroot}%{_sysconfdir}/openldap/ldap.conf
  322. install -m 0644 %SOURCE5 %{buildroot}%{_sysconfdir}/openldap/ldap.conf
  323. # setup maintainance scripts
  324. mkdir -p %{buildroot}%{_libexecdir}
  325. install -m 0755 -d %{buildroot}%{_libexecdir}/openldap
  326. install -m 0644 %SOURCE50 %{buildroot}%{_libexecdir}/openldap/functions
  327. install -m 0755 %SOURCE52 %{buildroot}%{_libexecdir}/openldap/check-config.sh
  328. install -m 0755 %SOURCE53 %{buildroot}%{_libexecdir}/openldap/upgrade-db.sh
  329. # remove build root from config files and manual pages
  330. perl -pi -e "s|%{buildroot}||g" %{buildroot}%{_sysconfdir}/openldap/*.conf
  331. perl -pi -e "s|%{buildroot}||g" %{buildroot}%{_mandir}/*/*.*
  332. # we don't need the default files -- RPM handles changes
  333. rm -f %{buildroot}%{_sysconfdir}/openldap/*.default
  334. rm -f %{buildroot}%{_sysconfdir}/openldap/schema/*.default
  335. %if %{with systemd}
  336. # install an init script for the servers
  337. mkdir -p %{buildroot}%{_unitdir}
  338. install -m 0644 %{SOURCE101} %{buildroot}%{_unitdir}/slapd.service
  339. # setup autocreation of runtime directories on tmpfs
  340. mkdir -p %{buildroot}%{_tmpfilesdir}
  341. install -m 0644 %{SOURCE102} %{buildroot}%{_tmpfilesdir}/slapd.conf
  342. %else
  343. # Install an init script for the servers.
  344. mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d
  345. install -m 755 $RPM_SOURCE_DIR/ldap.init $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/ldap
  346. # install syconfig/ldap
  347. mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
  348. install -m 644 %SOURCE2 %{buildroot}%{_sysconfdir}/sysconfig/slapd
  349. %endif
  350. # move slapd out of _libdir
  351. mv %{buildroot}%{_libdir}/slapd %{buildroot}%{_sbindir}/
  352. # setup tools as symlinks to slapd
  353. rm -f %{buildroot}%{_sbindir}/slap{acl,add,auth,cat,dn,index,passwd,test,schema}
  354. rm -f %{buildroot}%{_libdir}/slap{acl,add,auth,cat,dn,index,passwd,test,schema}
  355. for X in acl add auth cat dn index passwd test schema; do ln -s slapd %{buildroot}%{_sbindir}/slap$X ; done
  356. # tweak permissions on the libraries to make sure they're correct
  357. chmod 0755 %{buildroot}%{_libdir}/lib*.so*
  358. chmod 0644 %{buildroot}%{_libdir}/lib*.*a
  359. # slapd.conf(5) is obsoleted since 2.3, see slapd-config(5)
  360. # new configuration will be generated in %%post
  361. mkdir -p %{buildroot}%{_datadir}
  362. install -m 0755 -d %{buildroot}%{_datadir}/openldap-servers
  363. install -m 0644 %SOURCE4 %{buildroot}%{_datadir}/openldap-servers/slapd.ldif
  364. install -m 0750 -d %{buildroot}%{_sysconfdir}/openldap/slapd.d
  365. rm -f %{buildroot}%{_sysconfdir}/openldap/slapd.conf
  366. rm -f %{buildroot}%{_sysconfdir}/openldap/slapd.ldif
  367. # move doc files out of _sysconfdir
  368. mv %{buildroot}%{_sysconfdir}/openldap/schema/README README.schema
  369. mv %{buildroot}%{_sysconfdir}/openldap/DB_CONFIG.example %{buildroot}%{_datadir}/openldap-servers/DB_CONFIG.example
  370. chmod 0644 openldap-%{version}/servers/slapd/back-sql/rdbms_depend/timesten/*.sh
  371. chmod 0644 %{buildroot}%{_datadir}/openldap-servers/DB_CONFIG.example
  372. # remove files which we don't want packaged
  373. rm -f %{buildroot}%{_libdir}/*.la # because we do not want files in %{_libdir}/openldap/ removed, yet
  374. rm -f %{buildroot}%{_localstatedir}/openldap-data/DB_CONFIG.example
  375. rmdir %{buildroot}%{_localstatedir}/openldap-data
  376. %clean
  377. rm -rf $RPM_BUILD_ROOT
  378. %pre servers
  379. # create ldap user and group
  380. getent group ldap &>/dev/null || groupadd -r -g 55 ldap
  381. getent passwd ldap &>/dev/null || \
  382. useradd -r -g ldap -u 55 -d %{_sharedstatedir}/ldap -s /sbin/nologin -c "OpenLDAP server" ldap
  383. if [ $1 -eq 2 ]; then
  384. # package upgrade
  385. old_version=$(rpm -q --qf=%%{version} openldap-servers)
  386. new_version=%{version}
  387. if [ "$old_version" != "$new_version" ]; then
  388. touch %{_sharedstatedir}/ldap/rpm_upgrade_openldap &>/dev/null
  389. fi
  390. fi
  391. exit 0
  392. %post servers
  393. %if %{with systemd}
  394. %systemd_post slapd.service
  395. %endif
  396. # generate configuration if necessary
  397. if [[ ! -f %{_sysconfdir}/openldap/slapd.d/cn=config.ldif && \
  398. ! -f %{_sysconfdir}/openldap/slapd.conf
  399. ]]; then
  400. # if there is no configuration available, generate one from the defaults
  401. mkdir -p %{_sysconfdir}/openldap/slapd.d/ &>/dev/null || :
  402. /usr/sbin/slapadd -F %{_sysconfdir}/openldap/slapd.d/ -n0 -l %{_datadir}/openldap-servers/slapd.ldif
  403. chown -R ldap:ldap %{_sysconfdir}/openldap/slapd.d/
  404. %if %{with systemd}
  405. systemctl try-restart slapd.service &>/dev/null
  406. %else
  407. /sbin/service ldap condrestart > /dev/null 2>&1 || :
  408. %endif
  409. fi
  410. start_slapd=0
  411. # upgrade the database
  412. if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap ]; then
  413. %if %{with systemd}
  414. systemctl stop slapd.service
  415. start_slapd=1
  416. %else
  417. running=`/sbin/service ldap status >/dev/null; echo $?`
  418. if [ $running -eq 0 ]; then
  419. /sbin/service ldap stop > /dev/null 2>&1 || :
  420. start_slapd=1
  421. fi
  422. %endif
  423. %{_libexecdir}/openldap/upgrade-db.sh &>/dev/null
  424. rm -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap
  425. fi
  426. # restart after upgrade
  427. if [ $1 -ge 1 ]; then
  428. %if %{with systemd}
  429. if [ $start_slapd -eq 1 ]; then
  430. systemctl start slapd.service &>/dev/null || :
  431. else
  432. systemctl condrestart slapd.service &>/dev/null || :
  433. fi
  434. %else
  435. if [ $start_slapd -eq 1 ]; then
  436. /sbin/service ldap start > /dev/null 2>&1 || :
  437. else
  438. /sbin/service ldap condrestart > /dev/null 2>&1 || :
  439. fi
  440. %endif
  441. fi
  442. exit 0
  443. %preun servers
  444. %if %{with systemd}
  445. %systemd_preun slapd.service
  446. %else
  447. if [ "$1" = "0" -o -x /bin/systemctl ] ; then
  448. /sbin/service ldap stop > /dev/null 2>&1 || :
  449. /sbin/chkconfig --del ldap
  450. # Openldap-servers are being removed from system.
  451. # Do not touch the database! Older versions of this
  452. # package attempted to store database in LDIF format, so
  453. # it can be restored later - but it's up to the administrator
  454. # to save the database, if he/she wants so.
  455. fi
  456. %endif
  457. %postun servers
  458. %if %{with systemd}
  459. %systemd_postun_with_restart slapd.service
  460. %else
  461. if [ $1 -ge 1 ] ; then
  462. /sbin/service ldap condrestart > /dev/null 2>&1 || :
  463. fi
  464. %endif
  465. %triggerin servers -- libdb
  466. # libdb upgrade (setup for %%triggerun)
  467. if [ $2 -eq 2 ]; then
  468. # we are interested in minor version changes (both versions of libdb are installed at this moment)
  469. if [ "$(rpm -q --qf="%%{version}\n" libdb | sed 's/\.[0-9]*$//' | sort -u | wc -l)" != "1" ]; then
  470. touch %{_sharedstatedir}/ldap/rpm_upgrade_libdb
  471. else
  472. rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
  473. fi
  474. fi
  475. exit 0
  476. %triggerun servers -- libdb
  477. # libdb upgrade (finish %%triggerin)
  478. %if %{with systemd}
  479. if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb ]; then
  480. if /bin/systemctl --quiet is-active slapd.service; then
  481. /bin/systemctl stop slapd.service
  482. start=1
  483. else
  484. start=0
  485. fi
  486. %{_libexecdir}/openldap/upgrade-db.sh &>/dev/null
  487. rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
  488. [ $start -eq 1 ] && /bin/systemctl start slapd.service &>/dev/null
  489. fi
  490. %else
  491. running=`/sbin/service ldap status >/dev/null; echo $?`
  492. if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb ]; then
  493. if [ $running -eq 0 ]; then
  494. /sbin/service ldap stop > /dev/null 2>&1 || :
  495. start=1
  496. else
  497. start=0
  498. fi
  499. %{_libexecdir}/openldap/upgrade-db.sh &>/dev/null
  500. rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
  501. [ $start -eq 1 ] && /sbin/service ldap condrestart > /dev/null 2>&1 || :
  502. fi
  503. %endif
  504. exit 0
  505. %files
  506. %defattr(-,root,root)
  507. %license openldap-%{version}/{COPYRIGHT,LICENSE}
  508. %doc openldap-%{version}/{ANNOUNCEMENT,CHANGES,README}
  509. %dir %{_sysconfdir}/openldap
  510. %dir %{_sysconfdir}/openldap/certs
  511. %config(noreplace) %{_sysconfdir}/openldap/ldap.conf
  512. %dir %{_libexecdir}/openldap/
  513. %{_libdir}/liblber-2.4*.so.*
  514. %{_libdir}/libldap-2.4*.so.*
  515. %{_libdir}/libldap_r-2.4*.so.*
  516. %{_libdir}/libslapi-2.4*.so.*
  517. %{_mandir}/man5/ldif.5*
  518. %{_mandir}/man5/ldap.conf.5*
  519. %files servers
  520. %defattr(-,root,root)
  521. %doc openldap-%{version}/contrib/slapd-modules/smbk5pwd/README.smbk5pwd
  522. %doc openldap-%{version}/doc/guide/admin/*.html
  523. %doc openldap-%{version}/doc/guide/admin/*.png
  524. %doc openldap-%{version}/servers/slapd/back-perl/SampleLDAP.pm
  525. %doc openldap-%{version}/servers/slapd/back-perl/README.back_perl
  526. %doc openldap-%{version}/servers/slapd/back-perl/README.back_perl
  527. %doc ltb-project-openldap-ppolicy-check-password-%{check_password_version}/README.check_pwd
  528. %doc README.schema
  529. %config(noreplace) %dir %attr(0750,ldap,ldap) %{_sysconfdir}/openldap/slapd.d
  530. %config(noreplace) %{_sysconfdir}/openldap/schema
  531. %config(noreplace) %{_sysconfdir}/openldap/check_password.conf
  532. %if %{with systemd}
  533. %{_unitdir}/slapd.service
  534. %{_tmpfilesdir}/slapd.conf
  535. %else
  536. %attr(0755,root,root) %config %{_sysconfdir}/rc.d/init.d/ldap
  537. %config(noreplace) %{_sysconfdir}/sysconfig/slapd
  538. %endif
  539. %attr(0700,ldap,ldap) %dir /var/lib/ldap
  540. %attr(0755,ldap,ldap) %dir /var/run/openldap
  541. %{_datadir}/openldap-servers/
  542. %{_libdir}/openldap/accesslog*
  543. %{_libdir}/openldap/auditlog*
  544. %{_libdir}/openldap/allop*
  545. %{_libdir}/openldap/back_dnssrv*
  546. %{_libdir}/openldap/back_ldap*
  547. %{_libdir}/openldap/back_meta*
  548. %{_libdir}/openldap/back_null*
  549. %{_libdir}/openldap/back_passwd*
  550. %{_libdir}/openldap/back_relay*
  551. %{_libdir}/openldap/back_shell*
  552. %{_libdir}/openldap/back_sock*
  553. %{_libdir}/openldap/back_perl*
  554. %{_libdir}/openldap/collect*
  555. %{_libdir}/openldap/constraint*
  556. %{_libdir}/openldap/dds*
  557. %{_libdir}/openldap/deref*
  558. %{_libdir}/openldap/dyngroup*
  559. %{_libdir}/openldap/dynlist*
  560. %{_libdir}/openldap/memberof*
  561. %{_libdir}/openldap/pcache*
  562. %{_libdir}/openldap/ppolicy*
  563. %{_libdir}/openldap/refint*
  564. %{_libdir}/openldap/retcode*
  565. %{_libdir}/openldap/rwm*
  566. %{_libdir}/openldap/seqmod*
  567. %{_libdir}/openldap/smbk5pwd*
  568. %{_libdir}/openldap/sssvlv*
  569. %{_libdir}/openldap/syncprov*
  570. %{_libdir}/openldap/translucent*
  571. %{_libdir}/openldap/unique*
  572. %{_libdir}/openldap/valsort*
  573. %{_libdir}/openldap/check_password*
  574. %{_libexecdir}/openldap/functions
  575. %{_libexecdir}/openldap/check-config.sh
  576. %{_libexecdir}/openldap/upgrade-db.sh
  577. %{_sbindir}/sl*
  578. %{_mandir}/man8/*
  579. %{_mandir}/man5/slapd*.5*
  580. %{_mandir}/man5/slapo-*.5*
  581. # obsolete configuration
  582. %ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf
  583. %if %{with sql}
  584. %files servers-sql
  585. %defattr(-,root,root)
  586. %doc openldap-%{version}/servers/slapd/back-sql/docs/*
  587. %doc openldap-%{version}/servers/slapd/back-sql/rdbms_depend
  588. %{_libdir}/openldap/back_sql*
  589. %endif
  590. %files clients
  591. %defattr(-,root,root)
  592. %{_bindir}/*
  593. %{_mandir}/man1/*
  594. %files devel
  595. %defattr(-,root,root)
  596. %doc openldap-%{version}/doc/drafts openldap-%{version}/doc/rfc
  597. %{_libdir}/lib*.so
  598. %{_includedir}/*
  599. %{_mandir}/man3/*
  600. ## to build compat32 for x86_64 architecture support
  601. %if %{build_compat32}
  602. %files -n compat32-%{name}
  603. %defattr(-,root,root)
  604. %{_libdir}/libl*-2.4*.so.*
  605. # %files -n compat32-%{name}-servers-sql
  606. # %defattr(-,root,root)
  607. # %attr(0755,root,root) %{_libdir}/openldap/back_sql.la
  608. # %attr(0755,root,root) %{_libdir}/openldap/back_sql*.so.*
  609. %files -n compat32-%{name}-devel
  610. %defattr(-,root,root)
  611. %{_libdir}/lib*.so
  612. %endif
  613. %changelog
  614. * Sun Nov 21 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.59-2
  615. - rebuilt with perl-5.34.0.
  616. * Tue Oct 05 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.59-1
  617. - new upstream release.
  618. - built with openssl-3.0.0.
  619. - imported Patch50-64 from rawhide.
  620. * Thu Jun 03 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.58-1
  621. - new upstream release.
  622. - dropped ldconfig scriptlets.
  623. - dropped Patch2000: fixed in upstream.
  624. * Thu Mar 04 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.57-2
  625. - imported Patch2000 from rawhide to fix CVE-2021-27212.
  626. * Sat Jan 30 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.57-1
  627. - new upstream release.
  628. * Sat Dec 12 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.56-1
  629. - new upstream release.
  630. * Sun Sep 13 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.53-1
  631. - new upstream release.
  632. - added systemd support (disabled as default).
  633. * Sat May 18 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.46-3
  634. - rebuilt with perl-5.26.
  635. * Mon May 13 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.46-2
  636. - added BR:libxcrypt-devel.
  637. - added BR:libnsl2-devel.
  638. - gdbm is no longer needed.
  639. * Fri Nov 02 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.46-1
  640. - new upstream release.
  641. - rebuilt with openssl-1.1.1.
  642. - dropped too old MigrationTools.
  643. - dropped all patches and imported from rawhide.
  644. * Mon Mar 14 2016 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.44-1
  645. - new upstream release and built with openssl 1.0.2g
  646. - update patch0
  647. - drop patch1000,1001 (are included in new release)
  648. * Fri Mar 6 2015 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.40-2
  649. - added patch1000,1001 to fix CVE-2015-1545,1546.
  650. * Sat Feb 28 2015 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.4.40-1
  651. - new upstream release.
  652. * Fri Feb 27 2015 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 2.4.23-6
  653. - add patch1146 for fix CVE-2013-4449
  654. * Tue Dec 16 2014 Ryoichi INAGAKI <ryo1@toki.waseda.jp> 2.4.23-5
  655. - added Patch700 to build with libdb 5.3.28
  656. * Thu Jan 9 2014 IWAI, Masaharu <iwaim.sub@gmail.com> 2.4.23-4
  657. - build with cyrus-sasl 2.1.26
  658. * Sun Dec 9 2012 IWAI, Masaharu <iwai@alib.jp> 2.4.23-3
  659. - SECURITY FIX, #2501
  660. - patches from CentOS 6.3; openldap 2.4.23-26.el6_3.2
  661. - CVE-2011-1024: add openldap-cve-ppolicy-forward-updates.patch (Patch1112)
  662. - CVE-2011-1025: add openldap-cve-ndb-bind-rootdn.patch (Patch1113)
  663. - CVE-2012-1164: add openldap-cve-relay-rwm-translucent.patch (Patch1141)
  664. - CVE-2012-2668: add openldap-cve-nss-cipher-suite-ignored.patch (Patch1144)
  665. - patch based CentOS 6.3; openldap 2.4.23-26.el6_3.2
  666. - CVE-2012-2668: add openldap-cve-nss-default-cipher-suite-always-selected.patch (Patch1145)
  667. - fix document file path for servers sub package
  668. * Sat Apr 9 2011 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.4.23-2
  669. - added --with-odbc=unixodbc to configure
  670. * Wed Apr 6 2011 IWAI, Masaharu <iwai@alib.jp> 2.4.23-1
  671. - new upstream release
  672. - update MigrationTools 47
  673. * Wed Jan 12 2011 Yoji TOYODA <bsyamato@sea.plala.or.jp> - 2.4.21-5
  674. - change %%define __perl_requires instead of __find_requires
  675. * Tue Jan 11 2011 Yoji TOYODA <bsyamato@sea.plala.or.jp> - 2.4.21-4
  676. - rebuild with openssl-1.0.0c
  677. * Fri Feb 12 2010 MATSUBAYASHI Kohji <shaolin@vinelinux.org> - 2.4.21-3
  678. - rebuilt with gcc-4.4.3-3 on ppc
  679. * Fri Feb 5 2010 MATSUBAYASHI Kohji <shaolin@vinelinux.org> - 2.4.21-2
  680. - rebuilt with rpm-4.8.0-3 (on ppc)
  681. * Tue Feb 02 2010 Daisuke SUZUKI <daisuke@linux.or.jp> 2.4.21-1
  682. - new upstream release
  683. - rebuild with db4-4.8.0
  684. - use Requires(post/pre) instead of Prereq
  685. * Sun Dec 20 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-4
  686. - rebuild
  687. * Tue Nov 3 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-3
  688. - add BuildConflicts: libicu-devel
  689. * Mon Nov 2 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-2
  690. - add Patch1000 for fix CVE-2009-3767 (openssl null char)
  691. - add --with-gssapi into configure
  692. - drop --without-kerberos (it is old configure option)
  693. * Wed Aug 05 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.16-1
  694. - new upstream release
  695. * Sun Jul 05 2009 Munehiro Yamamoto <munepi@cg8.so-net.ne.jp> 2.4.11-6
  696. - dropped compat32-%%{name}-servers-sql
  697. * Sat Jul 04 2009 Munehiro Yamamoto <munepi@cg8.so-net.ne.jp> 2.4.11-5
  698. - added compat32 subpackages
  699. * Wed Apr 15 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 2.4.11-4
  700. - rebuild with libtool-2.2.6a
  701. * Sat Apr 04 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-3
  702. - use filter-requires-openldap.sh instead of find-requires
  703. * Wed Apr 01 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-2
  704. - reverted a scriptlet that dropped in 2.3.24-0vl4
  705. * Sun Mar 01 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-1
  706. - new upstream release
  707. - applied patches from fedora's package (openldap-2.4.12-1)
  708. * Sun Mar 30 2008 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.41-1vl5
  709. - updated to 2.3.41 (Patch10 and 11 were merged into upstream)
  710. * Fri May 18 2007 Daisuke SUZUKI <daisuke@linux.or.jp> 2.3.27-0vl5
  711. - rebuild with new openssl
  712. * Sat May 12 2007 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.27-0vl4
  713. - rebuilt with new toolchain/bdb 4.3
  714. * Tue Dec 26 2006 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.27-0vl3
  715. - rebuilt for VineSeed
  716. * Thu Dec 21 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.3
  717. - add Vendor/Distribution tag
  718. * Wed Dec 13 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.2
  719. - add patch11 for fix krbv4_ldap_auth issue
  720. * Fri Nov 24 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.1
  721. - add patch10 for fix CVE-2006-5779
  722. * Sun Sep 03 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.27-0vl2
  723. - use filter-requires-openldap.sh instead of find-requires
  724. * Sun Aug 27 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.27-0vl1
  725. - new upstream release
  726. * Sat Aug 26 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl4
  727. - restored rfc822-MailMember.schema
  728. - update config.patch
  729. - removed a scriptlet that save and restore the database
  730. * Sat Aug 19 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl3
  731. - removed internal bdb
  732. - removed autoconf-2.13.1 and automake-1.4a
  733. * Tue Jul 11 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl2
  734. - removed compat-openldap subpackage
  735. * Sun Jul 02 2006 Satoshi MACHINO <machino@vinelinux.org> 2.3.24-0vl1
  736. - New upstream release
  737. - merged to fedora's package(openldap-2.3.24-2)
  738. -- build sql backend as a loadable module
  739. -- move ucdata to the -servers subpackage where it belongs
  740. -- add compat-openldap subpackage
  741. -- update administrator guide
  742. -- build a separate, static set of libraries for openldap-devel with the
  743. non-standard ntlm bind patch applied, for use by
  744. the evolution-connector package (#125579), and installing them under
  745. %%{evolution_connector_prefix} (%{evolution_connector_prefix})
  746. -- add libtool-ltdl-devel buildprereqs
  747. -- Upgrade internal bdb to db-4.4.20. For a clean upgrade, this will
  748. require that users slapcat their databases into a temp file, move
  749. /var/lib/ldap someplace safe, upgrade the openldap rpms, then
  750. slapadd the temp file.
  751. -- fix ldap.init
  752. -- add two upstream patches for db-4.4.20
  753. * Wed Nov 2 2005 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.1.30-0vl2
  754. - rebuild for VineSeed Plus
  755. - added Japanese summary
  756. * Sat Apr 17 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.30-0vl1
  757. - new upstream version (openldap-2.1.30)
  758. -- Fixed slapd userdb checkpass bub (ITS#3048)
  759. -- Fixed back-ldbm IDL delete bug (ITS#3048)
  760. -- Fixed libldap schema parsing bug (ITS#2920, ITS#3065)
  761. -- Fixed liblutil NS MTA MD5 passwd len bug (ITS#2899)
  762. -- Removed lint (ITS#3086)
  763. -- Documentation updated slapd.conf(5) manpage (ITS#2525)
  764. * Thu Apr 08 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.29-0vl2
  765. - fixed ldap.ini
  766. * Sun Mar 28 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.29-0vl1
  767. - new upstream version (openldap-2.1.29)
  768. * Wed Mar 24 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.28-0vl1
  769. - new upstream version (openldap-2.1.28)
  770. * Mon Mar 22 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.27-0vl1
  771. - new upstream version (openldap-2.1.27)
  772. * Sat Jan 24 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.26-0vl1
  773. - new upstream version (openldap-2.1.26)
  774. - don't use libtool in make
  775. * Sun Oct 26 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.23-0vl1
  776. - new upstream version (openldap-2.1.23)
  777. - updated migration tools to version 45
  778. - used libtool
  779. * Sun Jul 20 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.22-0vl2
  780. - for VineSeedPlus
  781. - fixed BuildPreReq
  782. * Sat Jul 19 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.22-0vl1
  783. - for VinePlus
  784. - new upstream version (openldap-2.1.22)
  785. * Thu May 29 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.21-0vl1
  786. - new upstream version (openldap-2.1.21)
  787. * Tue May 20 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.20-0vl1
  788. - new upstream version
  789. * Thu May 15 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.19-1vl1
  790. - new upstream version
  791. - merged spec file to 2.1.19-1
  792. -- switch to db with crypto
  793. -- install the db utils for the bundled libdb as %%{_sbindir}/slapd_db_*
  794. -- install slapcat/slapadd from 2.0.x for migration purposes
  795. * Mon Jan 27 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.12-0vl1
  796. - updated to openldap-2.1.12
  797. -- dropped ldapfriendly
  798. * Fri Sep 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.1.4-0vl1
  799. - updated to openldap-2.1.4
  800. - updated guide.html
  801. * Fri Sep 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.1.3-4vl1
  802. - updated to openldap-2.1.3
  803. - added db-4.0.14
  804. - updated migration tools to version 44
  805. - merged openldap-2.1.3-4
  806. -- updated patch0, patch1, patch3 and patch6
  807. -- dropped patch7 and patch10
  808. -- enable the ldbm/berkeley backend as well
  809. -- use an ldbm/berkeley database as the default
  810. -- don't install slapadd-gdbm
  811. -- allow ldapv2 binds by default
  812. -- set TLS_CACERTFILE in the default ldap.conf file
  813. * Tue Jun 11 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.25-0vl1
  814. - updated to openldap-2.0.25
  815. * Mon Jun 10 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.24-0vl1
  816. - updated to openldap-2.0.24
  817. - updated migration tools to version 40
  818. - dropped autoconf source
  819. - dropped some patches
  820. * Sat Feb 16 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.23-0vl1
  821. - updated openldap-2.0.23
  822. * Wed Feb 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.22-0vl1
  823. - updated openldap-2.0.22
  824. * Mon Jan 21 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.21-0vl1
  825. - updated openldap-2.0.21
  826. * Wed Nov 07 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.18-0vl1
  827. - updated openldap-2.0.18
  828. * Sun Oct 14 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.17-0vl1
  829. - updated openldap-2.0.17
  830. - updated MigrationTools-38-instdir.patch
  831. - updated openldap-2.0.17-config.patch
  832. - removed openldap-2.0.3-krb5-1.1.patch
  833. * Sat Sep 22 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.14-1vl1
  834. - update to migration tools 39
  835. - removed patch libtool.patch and linkage.patch
  836. * Wed Sep 19 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.14-0vl0
  837. - updated openldap-2.0.14
  838. * Mon Jul 16 2001 MATSUBAYASHI 'Shaolin' Kohji <shaolin@vinelinux.org>
  839. - 2.0.11-0vl2
  840. - rebuilt with openssl-0.9.6b
  841. * Sun May 27 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.11-0vl1
  842. - updated
  843. * Thu Apr 12 2001 Akira TAGOH <tagoh@gnome.gr.jp> 2.0.7-14vl3
  844. - Fixed resolve libraries path.
  845. * Wed Apr 11 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-14vl2
  846. - added openldap-2.0.7-config-vine.patch
  847. - removed openldap-2.0.7-config.patch
  848. * Tue Apr 10 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-14vl1
  849. - merged Rawhide's OpenLDAP Package
  850. back out pidfile patches, which interact weirdly with Linux threads
  851. mark non-standard schema as such by moving them to a different directory
  852. update to MigrationTools 36, adds netgroup support
  853. fix thinko in that last patch
  854. try to work around some buffering problems
  855. gettextize the init script
  856. move the RFCs to the base package (#21701)
  857. add support for additional OPTIONS, SLAPD_OPTIONS, and SLURPD_OPTIONS in
  858. a /etc/sysconfig/ldap file (#23549)
  859. change automount object OID from 1.3.6.1.1.1.2.9 to 1.3.6.1.1.1.2.13,
  860. per mail from the ldap-nis mailing list
  861. force -fPIC so that shared libraries don't fall over
  862. add Norbert Klasen's patch (via Del) to fix searches using ldaps URLs
  863. (OpenLDAP ITS #889)
  864. add "-h ldaps:///" to server init when TLS is enabled, in order to support
  865. ldaps in addition to the regular STARTTLS (suggested by Del)
  866. correct mismatched-dn-cn bug in migrate_automount.pl
  867. update to the correct OIDs for automount and automountInformation
  868. add notes on upgrading
  869. * Sat Nov 25 2000 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-1vl2
  870. - fixed VersionedDependencies to used _noVersionedDependencies 1 in .rpmmacros
  871. * Sat Nov 18 2000 MACHINO, satoshi <machino@vinelinux.org> 2.0.7-1vl1
  872. - build for Vine Linux
  873. - removed kerberos
  874. - fixed config dir
  875. - fixed _sysconfdir
  876. * Tue Nov 7 2000 Nalin Dahyabhai <nalin@redhat.com>
  877. - update to 2.0.7
  878. - drop chdir patch (went mainstream)
  879. * Thu Nov 2 2000 Nalin Dahyabhai <nalin@redhat.com>
  880. - change automount object classes from auxiliary to structural
  881. * Tue Oct 31 2000 Nalin Dahyabhai <nalin@redhat.com>
  882. - update to Migration Tools 27
  883. - change the sense of the last simple patch
  884. * Wed Oct 25 2000 Nalin Dahyabhai <nalin@redhat.com>
  885. - reorganize the patch list to separate MigrationTools and OpenLDAP patches
  886. - switch to Luke Howard's rfc822MailMember schema instead of the aliases.schema
  887. - configure slapd to run as the non-root user "ldap" (#19370)
  888. - chdir() before chroot() (we don't use chroot, though) (#19369)
  889. - disable saving of the pid file because the parent thread which saves it and
  890. the child thread which listens have different pids
  891. * Wed Oct 11 2000 Nalin Dahyabhai <nalin@redhat.com>
  892. - add missing required attributes to conversion scripts to comply with schema
  893. - add schema for mail aliases, autofs, and kerberosSecurityObject rooted in
  894. our own OID tree to define attributes and classes migration scripts expect
  895. - tweak automounter migration script
  896. * Mon Oct 9 2000 Nalin Dahyabhai <nalin@redhat.com>
  897. - try adding the suffix first when doing online migrations
  898. - force ldapadd to use simple authentication in migration scripts
  899. - add indexing of a few attributes to the default configuration
  900. - add commented-out section on using TLS to default configuration
  901. * Thu Oct 5 2000 Nalin Dahyabhai <nalin@redhat.com>
  902. - update to 2.0.6
  903. - add buildprereq on cyrus-sasl-devel, krb5-devel, openssl-devel
  904. - take the -s flag off of slapadd invocations in migration tools
  905. - add the cosine.schema to the default server config, needed by inetorgperson
  906. * Wed Oct 4 2000 Nalin Dahyabhai <nalin@redhat.com>
  907. - add the nis.schema and inetorgperson.schema to the default server config
  908. - make ldapadd a hard link to ldapmodify because they're identical binaries
  909. * Fri Sep 22 2000 Nalin Dahyabhai <nalin@redhat.com>
  910. - update to 2.0.4
  911. * Fri Sep 15 2000 Nalin Dahyabhai <nalin@redhat.com>
  912. - remove prereq on /etc/init.d (#17531)
  913. - update to 2.0.3
  914. - add saucer to the included clients
  915. * Wed Sep 6 2000 Nalin Dahyabhai <nalin@redhat.com>
  916. - update to 2.0.1
  917. * Fri Sep 1 2000 Nalin Dahyabhai <nalin@redhat.com>
  918. - update to 2.0.0
  919. - patch to build against MIT Kerberos 1.1 and later instead of 1.0.x
  920. * Tue Aug 22 2000 Nalin Dahyabhai <nalin@redhat.com>
  921. - remove that pesky default password
  922. - change "Copyright:" to "License:"
  923. * Sun Aug 13 2000 Nalin Dahyabhai <nalin@redhat.com>
  924. - adjust permissions in files lists
  925. - move libexecdir from %%{_prefix}/sbin to %%{_sbindir}
  926. * Fri Aug 11 2000 Nalin Dahyabhai <nalin@redhat.com>
  927. - add migrate_automount.pl to the migration scripts set
  928. * Tue Aug 8 2000 Nalin Dahyabhai <nalin@redhat.com>
  929. - build a semistatic slurpd with threads, everything else without
  930. - disable reverse lookups, per email on OpenLDAP mailing lists
  931. - make sure the execute bits are set on the shared libraries
  932. * Mon Jul 31 2000 Nalin Dahyabhai <nalin@redhat.com>
  933. - change logging facility used from local4 to daemon (#11047)
  934. * Thu Jul 27 2000 Nalin Dahyabhai <nalin@redhat.com>
  935. - split off clients and servers to shrink down the package and remove the
  936. base package's dependency on Perl
  937. - make certain that the binaries have sane permissions
  938. * Mon Jul 17 2000 Nalin Dahyabhai <nalin@redhat.com>
  939. - move the init script back
  940. * Thu Jul 13 2000 Nalin Dahyabhai <nalin@redhat.com>
  941. - tweak the init script to only source /etc/sysconfig/network if it's found
  942. * Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
  943. - automatic rebuild
  944. * Mon Jul 10 2000 Nalin Dahyabhai <nalin@redhat.com>
  945. - switch to gdbm; I'm getting off the db merry-go-round
  946. - tweak the init script some more
  947. - add instdir to @INC in migration scripts
  948. * Thu Jul 6 2000 Nalin Dahyabhai <nalin@redhat.com>
  949. - tweak init script to return error codes properly
  950. - change initscripts dependency to one on /etc/init.d
  951. * Tue Jul 4 2000 Nalin Dahyabhai <nalin@redhat.com>
  952. - prereq initscripts
  953. - make migration scripts use mktemp
  954. * Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com>
  955. - do condrestart in post and stop in preun
  956. - move init script to /etc/init.d
  957. * Fri Jun 16 2000 Nalin Dahyabhai <nalin@redhat.com>
  958. - update to 1.2.11
  959. - add condrestart logic to init script
  960. - munge migration scripts so that you don't have to be
  961. /usr/share/openldap/migration to run them
  962. - add code to create pid files in /var/run
  963. * Mon Jun 5 2000 Nalin Dahyabhai <nalin@redhat.com>
  964. - FHS tweaks
  965. - fix for compiling with libdb2
  966. * Thu May 4 2000 Bill Nottingham <notting@redhat.com>
  967. - minor tweak so it builds on ia64
  968. * Wed May 3 2000 Nalin Dahyabhai <nalin@redhat.com>
  969. - more minimalistic fix for bug #11111 after consultation with OpenLDAP team
  970. - backport replacement for the ldapuser patch
  971. * Tue May 2 2000 Nalin Dahyabhai <nalin@redhat.com>
  972. - fix segfaults from queries with commas in them in in.xfingerd (bug #11111)
  973. * Tue Apr 25 2000 Nalin Dahyabhai <nalin@redhat.com>
  974. - update to 1.2.10
  975. - add revamped version of patch from kos@bastard.net to allow execution as
  976. any non-root user
  977. - remove test suite from %%build because of weirdness in the build system
  978. * Wed Apr 12 2000 Nalin Dahyabhai <nalin@redhat.com>
  979. - move the defaults for databases and whatnot to /var/lib/ldap (bug #10714)
  980. - fix some possible string-handling problems
  981. * Mon Feb 14 2000 Bill Nottingham <notting@redhat.com>
  982. - start earlier, stop later.
  983. * Thu Feb 3 2000 Nalin Dahyabhai <nalin@redhat.com>
  984. - auto rebuild in new environment (release 4)
  985. * Tue Feb 1 2000 Nalin Dahyabhai <nalin@redhat.com>
  986. - add -D_REENTRANT to make threaded stuff more stable, even though it looks
  987. like the sources define it, too
  988. - mark *.ph files in migration tools as config files
  989. * Fri Jan 21 2000 Nalin Dahyabhai <nalin@redhat.com>
  990. - update to 1.2.9
  991. * Mon Sep 13 1999 Bill Nottingham <notting@redhat.com>
  992. - strip files
  993. * Sat Sep 11 1999 Bill Nottingham <notting@redhat.com>
  994. - update to 1.2.7
  995. - fix some bugs from bugzilla (#4885, #4887, #4888, #4967)
  996. - take include files out of base package
  997. * Fri Aug 27 1999 Jeff Johnson <jbj@redhat.com>
  998. - missing ;; in init script reload) (#4734).
  999. * Tue Aug 24 1999 Cristian Gafton <gafton@redhat.com>
  1000. - move stuff from /usr/libexec to /usr/sbin
  1001. - relocate config dirs to /etc/openldap
  1002. * Mon Aug 16 1999 Bill Nottingham <notting@redhat.com>
  1003. - initscript munging
  1004. * Wed Aug 11 1999 Cristian Gafton <gafton@redhat.com>
  1005. - add the migration tools to the package
  1006. * Fri Aug 06 1999 Cristian Gafton <gafton@redhat.com>
  1007. - upgrade to 1.2.6
  1008. - add rc.d script
  1009. - split -devel package
  1010. * Sun Feb 07 1999 Preston Brown <pbrown@redhat.com>
  1011. - upgrade to latest stable (1.1.4), it now uses configure macro.
  1012. * Fri Jan 15 1999 Bill Nottingham <notting@redhat.com>
  1013. - build on arm, glibc2.1
  1014. * Wed Oct 28 1998 Preston Brown <pbrown@redhat.com>
  1015. - initial cut.
  1016. - patches for signal handling on the alpha