rpms/openldap
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

specfile: handle upgrades with new maintainance scripts

Browse Source
This commit is contained in:
Jan Vcelak 2011-10-25 19:42:14 +02:00
parent 2d2d8a4c8a
commit 05cb2507b0
1 changed files with 54 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

193
openldap.spec
View File

@ -391,91 +391,24 @@ rm -rf %{buildroot}
%pre servers %pre servers
# create ldap user and group # create ldap user and group
getent group ldap >/dev/null || groupadd -r -g 55 ldap getent group ldap &>/dev/null || groupadd -r -g 55 ldap
if ! getent passwd ldap >/dev/null; then getent passwd ldap &>/dev/null || \
useradd -r -g ldap -u 55 -d %{_sharedstatedir}/ldap -s /sbin/nologin -c "LDAP User" ldap useradd -r -g ldap -u 55 -d %{_sharedstatedir}/ldap -s /sbin/nologin -c "OpenLDAP server" ldap
# setup ownership of database files
if [ -d /var/lib/ldap ] ; then
for dbfile in /var/lib/ldap/* ; do
if [ -f $dbfile ] ; then
chown ldap:ldap $dbfile
fi
done
fi
fi
# upgrade
if [ $1 -eq 2 ]; then if [ $1 -eq 2 ]; then
# safe way to migrate the database if version number changed # package upgrade
# http://www.openldap.org/doc/admin24/maintenance.html
old_version=$(rpm -q --qf=%%{version} openldap-servers) old_version=$(rpm -q --qf=%%{version} openldap-servers)
new_version=%{version} new_version=%{version}
if [ "$old_version" != "$new_version" ]; then if [ "$old_version" != "$new_version" ]; then
pushd %{_sharedstatedir}/ldap &>/dev/null touch %{_sharedstatedir}/ldap/rpm_upgrade_openldap &>/dev/null
# stop the service
if /sbin/service slapd status &>/dev/null; then
touch need_start
/sbin/service slapd stop
else
rm -f need_start
fi
if ls *.bdb &>/dev/null; then
# symlink to last backup
rm -f upgrade.ldif
# backup location
backupdir=backup.$(date +%%s)
backupfile=${backupdir}/backup.ldif
backupcmd="cp -a"
mkdir -p ${backupdir}
# database recovery tool
# (this is necessary to handle upgrade from old openldap, which had embedded db4)
if [ -f /usr/sbin/slapd_db_recover ]; then
db_recover=/usr/sbin/slapd_db_recover
else
db_recover=/usr/bin/db_recover
fi
# make sure the database is consistent
runuser -m -s $db_recover -- "ldap" -h %{_sharedstatedir}/ldap &>/dev/null
# export the database if possible
if [ $? -eq 0 ]; then
if [ -f %{_sysconfdir}/openldap/slapd.conf ]; then
slapcat -f %{_sysconfdir}/openldap/slapd.conf -l $backupfile &>/dev/null
else
slapcat -F %{_sysconfdir}/openldap/slapd.d -l $backupfile &>/dev/null
fi
if [ $? -eq 0 ]; then
chmod 0400 $backupfile
ln -sf $backupfile upgrade.ldif
backupcmd=mv
fi
fi
# move or copy to backup directory
find -maxdepth 1 -type f \( -name alock -o -name "*.bdb" -o -name "__db.*" -o -name "log.*" \) \
| xargs -I '{}' $backupcmd '{}' $backupdir
cp -af DB_CONFIG $backupdir &>/dev/null
# fix permissions
chown -R ldap: $backupdir
chmod -R a-w $backupdir
fi
popd &>/dev/null
fi fi
fi fi
exit 0 exit 0
%post servers %post servers
/sbin/ldconfig /sbin/ldconfig
@ -503,43 +436,37 @@ chmod 640 slapd.pem
popd popd
fi fi
# generate configuration in slapd.d # generate/upgrade configuration
if ! ls -d %{_sysconfdir}/openldap/slapd.d/* &>/dev/null; then if [ ! -f %{_sysconfdir}/openldap/slapd.d/cn=config.ldif ]; then
if [ -f %{_sysconfdir}/openldap/slapd.conf ]; then
# fresh installation %{_libexecdir}/slapd/convert-config.sh &>/dev/null
[ ! -f %{_sysconfdir}/openldap/slapd.conf ] mv %{_sysconfdir}/openldap/slapd.conf %{_sysconfdir}/openldap/slapd.conf.bak
fresh_install=$? else
%{_libexecdir}/slapd/convert-config.sh -f %{_datadir}/openldap-servers/slapd.conf.obsolete &>/dev/null
[ $fresh_install -eq 0 ] && \ fi
cp %{_datadir}/openldap-servers/slapd.conf.obsolete %{_sysconfdir}/openldap/slapd.conf
# convert from old style config slapd.conf
mv %{_sysconfdir}/openldap/slapd.conf %{_sysconfdir}/openldap/slapd.conf.bak
mkdir -p %{_sysconfdir}/openldap/slapd.d/
slaptest -f %{_sysconfdir}/openldap/slapd.conf.bak -F %{_sysconfdir}/openldap/slapd.d &>/dev/null
chown -R ldap:ldap %{_sysconfdir}/openldap/slapd.d
chmod -R 000 %{_sysconfdir}/openldap/slapd.d
chmod -R u+rwX %{_sysconfdir}/openldap/slapd.d
rm -f %{_sysconfdir}/openldap/slapd.conf
rm -f %{_sharedstatedir}/ldap/__db* %{_sharedstatedir}/ldap/alock
[ $fresh_install -eq 0 ] && rm -f %{_sysconfdir}/openldap/slapd.conf.bak
fi fi
# finish database migration (see %pre) # upgrade the database
if [ -f %{_sharedstatedir}/ldap/upgrade.ldif ]; then if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap ]; then
runuser -m -s /usr/sbin/slapadd -- ldap -q -l %{_sharedstatedir}/ldap/upgrade.ldif &>/dev/null if /bin/systemctl --quiet is-active slapd.service; then
rm -f %{_sharedstatedir}/ldap/upgrade.ldif /bin/systemctl stop slapd.service
start=1
else
start=0
fi
%{_libexecdir}/slapd/upgrade-db.sh &>/dev/null
rm -f %{_sharedstatedir}/ldap/rpm_upgrade_openldap
[ $start -eq 1 ] && /bin/systemctl start slapd.service &>/dev/null
skip_restart=1
else
skip_restart=0
fi fi
# restart after upgrade # restart after upgrade
if [ $1 -ge 1 ]; then if [ $1 -ge 1 -a $skip_restart -ne 1 ]; then
if [ -f %{_sharedstatedir}/ldap/need_start ]; then /bin/systemctl condrestart slapd.service &>/dev/null || :
/sbin/service slapd start
rm -f %{_sharedstatedir}/ldap/need_start
else
/sbin/service slapd condrestart
fi
fi fi
exit 0 exit 0
@ -560,10 +487,15 @@ if [ $1 -ge 1 ]; then
/bin/systemctl try-restart slapd.service &>/dev/null || : /bin/systemctl try-restart slapd.service &>/dev/null || :
fi fi
exit 0
%post devel -p /sbin/ldconfig %post devel -p /sbin/ldconfig
%postun devel -p /sbin/ldconfig %postun devel -p /sbin/ldconfig
%triggerun servers -- openldap-servers < 2.4.26-6 %triggerun servers -- openldap-servers < 2.4.26-6
# migration from SysV to systemd # migration from SysV to systemd
@ -572,58 +504,41 @@ fi
/bin/systemctl try-restart slapd.service &>/dev/null || : /bin/systemctl try-restart slapd.service &>/dev/null || :
%triggerin servers -- db4 %triggerin servers -- libdb
# db4 upgrade (see %triggerun) # libdb upgrade (setup for %triggerun)
if [ $2 -eq 2 ]; then if [ $2 -eq 2 ]; then
pushd %{_sharedstatedir}/ldap &>/dev/null
# we are interested in minor version changes (both versions of db4 are installed at this moment) # we are interested in minor version changes (both versions of db4 are installed at this moment)
if [ "$(rpm -q --qf="%%{version}\n" db4 | sed 's/\.[0-9]*$//' | sort -u | wc -l)" != "1" ]; then if [ "$(rpm -q --qf="%%{version}\n" libdb | sed 's/\.[0-9]*$//' | sort -u | wc -l)" != "1" ]; then
# stop the service touch %{_sharedstatedir}/ldap/rpm_upgrade_libdb
if /sbin/service slapd status &>/dev/null; then
touch need_start
/sbin/service slapd stop
fi
# ensure the database is consistent
runuser -m -s /usr/bin/db_recover -- "ldap" -h %{_sharedstatedir}/ldap &>/dev/null
# upgrade will be performed after removing old db4
touch upgrade_db4
else else
rm -f upgrade_db4 rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
fi fi
popd &>/dev/null
fi fi
exit 0 exit 0
%triggerun servers -- db4
# db4 upgrade (see %triggerin) %triggerun servers -- libdb
if [ -f %{_sharedstatedir}/ldap/upgrade_db4 ]; then
pushd %{_sharedstatedir}/ldap &>/dev/null
# perform the upgrade # libdb upgrade (finish %triggerin)
if ls *.bdb &>/dev/null; then if [ -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb ]; then
runuser -m -s /usr/bin/db_upgrade -- "ldap" -h %{_sharedstatedir}/ldap %{_sharedstatedir}/ldap/*.bdb if /bin/systemctl --quiet is-active slapd.service; then
runuser -m -s /usr/bin/db_checkpoint -- "ldap" -h %{_sharedstatedir}/ldap -1 /bin/systemctl stop slapd.service
start=1
else
start=0
fi fi
# start the service %{_libexecdir}/slapd/upgrade-db.sh &>/dev/null
if [ -f need_start ]; then rm -f %{_sharedstatedir}/ldap/rpm_upgrade_libdb
/sbin/service slapd start
rm -f need_start
fi
rm -f upgrade_db4 [ $start -eq 1 ] && /bin/systemctl start slapd.service &>/dev/null
popd &>/dev/null
fi fi
exit 0 exit 0
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%doc openldap-%{version}/ANNOUNCEMENT %doc openldap-%{version}/ANNOUNCEMENT