diff --git a/openldap-2.3.34-config-include.patch b/openldap-2.3.34-config-include.patch deleted file mode 100644 index e2bd19b..0000000 --- a/openldap-2.3.34-config-include.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- openldap-2.3.34/servers/slapd/slapd.conf.orig 2007-05-24 15:35:51.000000000 +0200 -+++ openldap-2.3.34/servers/slapd/slapd.conf 2007-05-24 15:36:53.000000000 +0200 -@@ -6,6 +6,7 @@ - include %SYSCONFDIR%/schema/cosine.schema - include %SYSCONFDIR%/schema/inetorgperson.schema - include %SYSCONFDIR%/schema/nis.schema -+include %SYSCONFDIR%/schema/misc.schema - - # Allow LDAPv2 client connections. This is NOT the default. - allow bind_v2 diff --git a/openldap-2.3.11-config.patch b/openldap-2.3.34-config.patch similarity index 62% rename from openldap-2.3.11-config.patch rename to openldap-2.3.34-config.patch index 978cfc4..58f5d63 100644 --- a/openldap-2.3.11-config.patch +++ b/openldap-2.3.34-config.patch @@ -1,12 +1,13 @@ ---- openldap-2.3.17/servers/slapd/slapd.conf.config 2004-06-17 22:49:08.000000000 -0400 -+++ openldap-2.3.17/servers/slapd/slapd.conf 2006-01-12 15:33:04.000000000 -0500 -@@ -3,15 +3,19 @@ +--- openldap-2.3.34/servers/slapd/slapd.conf.orig 2007-06-29 09:01:50.000000000 +0200 ++++ openldap-2.3.34/servers/slapd/slapd.conf 2007-06-29 09:03:50.000000000 +0200 +@@ -3,23 +3,48 @@ # This file should NOT be world readable. # include %SYSCONFDIR%/schema/core.schema +include %SYSCONFDIR%/schema/cosine.schema +include %SYSCONFDIR%/schema/inetorgperson.schema +include %SYSCONFDIR%/schema/nis.schema ++include %SYSCONFDIR%/schema/misc.schema -# Define global ACLs to disable default read access. +# Allow LDAPv2 client connections. This is NOT the default. @@ -23,10 +24,28 @@ # Load dynamic backend modules: # modulepath %MODULEDIR% -@@ -21,6 +25,15 @@ - # moduleload back_passwd.la - # moduleload back_shell.la - +-# moduleload back_bdb.la +-# moduleload back_ldap.la +-# moduleload back_ldbm.la +-# moduleload back_passwd.la +-# moduleload back_shell.la ++# moduleload accesslog.la ++# moduleload auditlog.la ++# moduleload back_sql.la ++# moduleload denyop.la ++# moduleload dyngroup.la ++# moduleload dynlist.la ++# moduleload lastmod.la ++# moduleload pcache.la ++# moduleload ppolicy.la ++# moduleload refint.la ++# moduleload retcode.la ++# moduleload rwm.la ++# moduleload syncprov.la ++# moduleload translucent.la ++# moduleload unique.la ++# moduleload valsort.la ++ +# The next three lines allow use of TLS for encrypting connections using a +# dummy test certificate which you can generate by changing to +# /etc/pki/tls/certs, running "make slapd.pem", and fixing permissions on @@ -35,11 +54,10 @@ +# TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt +# TLSCertificateFile /etc/pki/tls/certs/slapd.pem +# TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem -+ + # Sample security restrictions # Require integrity protection (prevent hijacking) - # Require 112-bit (3DES or better) encryption for updates -@@ -49,19 +62,32 @@ +@@ -49,19 +74,32 @@ # rootdn can always read and write EVERYTHING! ####################################################################### @@ -78,34 +96,3 @@ +#replica host=ldap-1.example.com:389 starttls=critical +# bindmethod=sasl saslmech=GSSAPI +# authcId=host/ldap-master.example.com@EXAMPLE.COM ---- openldap-2.2.13/servers/slurpd/slurp.h 2004-01-01 13:16:42.000000000 -0500 -+++ openldap-2.2.13/servers/slurpd/slurp.h 2004-06-15 11:40:04.000000000 -0400 -@@ -66,7 +66,7 @@ - #define SERVICE_NAME OPENLDAP_PACKAGE "-slurpd" - - /* Default directory for slurpd's private copy of replication logs */ --#define DEFAULT_SLURPD_REPLICA_DIR LDAP_RUNDIR LDAP_DIRSEP "openldap-slurp" -+#define DEFAULT_SLURPD_REPLICA_DIR "/var/lib/ldap" - - /* Default name for slurpd's private copy of the replication log */ - #define DEFAULT_SLURPD_REPLOGFILE "slurpd.replog" -@@ -75,7 +75,7 @@ - #define DEFAULT_SLURPD_STATUS_FILE "slurpd.status" - - /* slurpd dump file - contents of rq struct are written here (debugging) */ --#define SLURPD_DUMPFILE LDAP_TMPDIR LDAP_DIRSEP "slurpd.dump" -+#define SLURPD_DUMPFILE DEFAULT_SLURPD_REPLICA_DIR "/slurpd.dump" - - /* Amount of time to sleep if no more work to do */ - #define DEFAULT_NO_WORK_INTERVAL 3 ---- openldap-2.3.11/doc/man/man8/slurpd.8.config 2005-07-10 00:36:41.000000000 -0400 -+++ openldap-2.3.11/doc/man/man8/slurpd.8 2005-10-28 21:07:54.000000000 -0400 -@@ -120,7 +120,7 @@ - temporary files may contain sensitive information. - This option allows you to specify the location of these temporary files. - The default is --.BR LOCALSTATEDIR/openldap-slurp . -+.BR /var/lib/ldap . - .SH EXAMPLES - To start - .I slurpd diff --git a/openldap.spec b/openldap.spec index 5c17e3a..400e483 100644 --- a/openldap.spec +++ b/openldap.spec @@ -31,7 +31,7 @@ Source11: nptl-abi-note.S Source12: README.evolution # Patches that are still valid for 2.3 -Patch0: openldap-2.3.11-config.patch +Patch0: openldap-2.3.34-config.patch Patch1: openldap-1.2.11-cldap.patch Patch2: openldap-2.0.11-ldaprc.patch Patch3: openldap-2.2.13-setugid.patch @@ -42,7 +42,6 @@ Patch6: openldap-2.3.11-nosql.patch Patch8: openldap-2.3.19-gethostbyXXXX_r.patch Patch9: openldap-2.3.34-quiet-slaptest.patch Patch10: openldap-2.3.34-pthread.patch -Patch11: openldap-2.3.34-config-include.patch # Patches for 2.2.29 for the compat-openldap package. Patch100: openldap-2.2.13-tls-fix-connection-test.patch @@ -181,7 +180,6 @@ pushd openldap-%{version_23} %patch8 -p1 -b .gethostbyname_r %patch9 -p1 -b .quiet-slaptest %patch10 -p1 -b .pthread -%patch11 -p1 -b .config-include cp %{_datadir}/libtool/config.{sub,guess} build/ popd @@ -375,11 +373,14 @@ build \ --enable-null \ --enable-shell \ --enable-sql=mod \ + --enable-passwd \ --disable-perl \ + --enable-relay \ --disable-shared \ --disable-dynamic \ --enable-static \ - --with-kerberos=k5only + --with-kerberos=k5only \ + --enable-overlays=mod unset LIBS popd @@ -701,6 +702,8 @@ fi %attr(0700,ldap,ldap) %dir /var/lib/ldap %attr(0755,ldap,ldap) %dir /var/run/openldap %attr(0755,root,root) %{_libdir}/libslapd_db-*.*.so +%attr(0755,root,root) %dir %{_libdir}/openldap +%attr(0755,root,root) %{_libdir}/openldap/* %ifarch %{nptl_arches} %ifnarch %{ix86} %attr(0755,root,root) %{_libdir}/tls/libslapd_db-*.*.so @@ -740,6 +743,8 @@ fi %changelog * Mon Jun 25 2007 Jan Safranek - Fix initscript return codes (#242667) +- Provide overlays (as modules; #246036, #245896) +- Add available modules to config file * Tue May 22 2007 Jan Safranek 2.3.34-3%{?dist} - do not create script in /tmp on startup (bz#188298)