%define migtools_ver 39 Summary: The configuration files, libraries, and documentation for OpenLDAP. Name: openldap Version: 2.0.21 Release: 1s.1 License: OpenLDAP Group: System Environment/Daemons Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz Source2: ldap.init Source3: ftp://ftp.padl.com/pub/MigrationTools-%{migtools_ver}.tar.gz Source4: migration-tools.txt Source5: rfc822-MailMember.schema Source6: autofs.schema Source7: kerberosobject.schema Source8: README.upgrading Source9: README.sendbuf Source10: http://www.OpenLDAP.org/doc/admin/guide.html Patch0: openldap-2.0.16-config.patch Patch1: openldap-2.0.12-redhat.patch Patch2: openldap-1.2.11-cldap.patch Patch3: openldap-2.0.3-syslog.patch Patch6: openldap-2.0.7-sendbuf.patch Patch7: openldap-2.0.11-ldaprc.patch Patch8: openldap-2.0.11-debug.patch Patch9: openldap-2.0.11-libtool.patch Patch10: openldap-2.0.11-linkage.patch Patch21: MigrationTools-38-instdir.patch Patch22: MigrationTools-36-mktemp.patch Patch23: MigrationTools-27-simple.patch Patch24: MigrationTools-26-suffix.patch Patch25: MigrationTools-24-schema.patch URL: http://www.openldap.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildPreReq: cyrus-sasl-devel, gdbm-devel, krb5-devel, openssl-devel BuildPreReq: pam-devel BuildPreReq: perl, tcp_wrappers BuildPreReq: libtool >= 1.4 Requires: cyrus-sasl, cyrus-sasl-md5, mktemp %description OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. %package devel Summary: OpenLDAP development libraries and header files. Group: Development/Libraries Requires: openldap = %{version}-%{release} %description devel The openldap-devel package includes the development libraries and header files needed for compiling applications that use LDAP (Lightweight Directory Access Protocol) internals. LDAP is a set of protocols for enabling directory services over the Internet. Install this package only if you plan to develop or will need to compile customized LDAP clients. %package servers Summary: OpenLDAP servers and related files. Prereq: fileutils, make, openldap = %{version}-%{release}, openssl, /usr/sbin/useradd Group: System Environment/Daemons %description servers OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. This package contains the slapd and slurpd servers, migration scripts, and related files. %package clients Summary: Client programs for OpenLDAP. Prereq: openldap = %{version}-%{release} Group: Applications/Internet %description clients OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap-clients package contains the client programs needed for accessing and modifying OpenLDAP directories. %prep %setup -q -a 3 %patch0 -p1 -b .config %patch1 -p1 -b .redhat %patch2 -p1 -b .cldap %patch3 -p1 -b .syslog %patch6 -p1 -b .sendbuf %patch7 -p1 -b .ldaprc %patch8 -p1 -b .debug %patch9 -p1 -b .libtool %patch10 -p1 -b .linkage pushd MigrationTools-%{migtools_ver} %patch21 -p1 -b .instdir %patch22 -p1 -b .mktemp %patch23 -p1 -b .simple %patch24 -p1 -b .suffix %patch25 -p2 -b .schema popd %build %ifarch ia64 RPM_OPT_FLAGS="$RPM_OPT_FLAGS -O0" %endif CPPFLAGS="-I/usr/kerberos/include"; export CPPFLAGS CFLAGS="$CPPFLAGS $RPM_OPT_FLAGS -D_REENTRANT -DHAVE_KERBEROS_V -fPIC"; export CFLAGS LDFLAGS="-L/usr/kerberos/lib"; export LDFLAGS TARGET_PLATFORM=%{_target_platform} %define _target_platform --target=${TARGET_PLATFORM} libtoolize --force %configure \ --with-slapd --with-slurpd --without-ldapd \ --with-threads=posix --enable-shared --enable-static \ --enable-ldbm --with-ldbm-api=gdbm \ --enable-passwd \ --enable-shell \ \ --enable-local --enable-cldap --disable-rlookups \ \ --with-kerberos=k5only \ --with-tls \ --with-cyrus-sasl \ \ --enable-wrappers \ \ --enable-cleartext \ --enable-crypt \ --enable-kpasswd \ --enable-spasswd \ \ --libexecdir=%{_sbindir} \ --localstatedir=/%{_var}/run make depend make %install [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT mkdir $RPM_BUILD_ROOT # libtool loves relinking shared libraries rm -f libraries/*/*.la make %makeinstall \ datadir=$RPM_BUILD_ROOT%{_datadir}/openldap \ libexecdir=$RPM_BUILD_ROOT%{_sbindir} \ localstatedir=/%{_var}/run \ sysconfdir=$RPM_BUILD_ROOT%{_sysconfdir}/openldap $@ # hack the default config files perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT/etc/openldap/slapd.conf # we don't need the default files rm -f $RPM_BUILD_ROOT/etc/openldap/*.default # install init script mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d install -m 755 %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/ldap # install the migration tools mkdir -p $RPM_BUILD_ROOT%{_datadir}/openldap/migration install -m 755 MigrationTools-%{migtools_ver}/migrate_* \ $RPM_BUILD_ROOT%{_datadir}/openldap/migration install -m 644 MigrationTools-%{migtools_ver}/README %{SOURCE4} \ $RPM_BUILD_ROOT%{_datadir}/openldap/migration cp MigrationTools-%{migtools_ver}/README README.migration cp %{SOURCE4} TOOLS.migration # try to build saucer, but don't fret if we can't if make -C contrib/saucer ; then ./libtool install -m755 contrib/saucer/saucer $RPM_BUILD_ROOT%{_bindir}/ ./libtool install -m644 contrib/saucer/saucer.1 $RPM_BUILD_ROOT%{_mandir}/man1/ fi # create the data directory mkdir -p $RPM_BUILD_ROOT/var/lib/ldap # get the buildroot out of the man pages perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/*/*.* # if ldapadd and ldapmodify are the same, make them a hard link if cmp $RPM_BUILD_ROOT%{_bindir}/ldapadd $RPM_BUILD_ROOT%{_bindir}/ldapmodify ; then ln -f $RPM_BUILD_ROOT%{_bindir}/ldapadd $RPM_BUILD_ROOT%{_bindir}/ldapmodify fi # add some more schema for the sake of migration scripts install -d -m755 $RPM_BUILD_ROOT%{_sysconfdir}/openldap/schema/redhat install -m644 %{SOURCE5} %{SOURCE6} %{SOURCE7} $RPM_BUILD_ROOT%{_sysconfdir}/openldap/schema/redhat/ # tweak permissions chmod +rx $RPM_BUILD_ROOT/%{_libdir}/lib*.so* chmod +r $RPM_BUILD_ROOT/%{_libdir}/lib*.*a chmod -x $RPM_BUILD_ROOT/%{_libdir}/lib*.*a %clean rm -rf $RPM_BUILD_ROOT %post -p /sbin/ldconfig %postun -p /sbin/ldconfig %pre servers # Take care to only do ownership-changing if we're adding the user. if /usr/sbin/useradd -c "LDAP User" -u 55 \ -s /bin/false -r -d /var/lib/ldap ldap 2> /dev/null ; then if [ -d /var/lib/ldap ] ; then for dbfile in /var/lib/ldap/* ; do if [ -f $dbfile ] ; then chown ldap.ldap $dbfile fi done fi fi %post servers /sbin/chkconfig --add ldap exec > /dev/null 2> /dev/null if [ ! -f %{_datadir}/ssl/certs/slapd.pem ] ; then pushd %{_datadir}/ssl/certs umask 077 cat << EOF | make slapd.pem -- SomeState SomeCity SomeOrganization SomeOrganizationalUnit localhost.localdomain root@localhost.localdomain EOF chown root.ldap slapd.pem chmod 640 slapd.pem popd fi exit 0 %preun servers if [ "$1" = "0" ] ; then /sbin/service ldap stop > /dev/null 2>&1 || : /sbin/chkconfig --del ldap fi %postun servers /sbin/ldconfig if [ $1 -ge 1 ] ; then /sbin/service ldap condrestart > /dev/null 2>&1 || : fi %files %defattr(-,root,root) %doc ANNOUNCEMENT CHANGES COPYRIGHT LICENSE README doc/rfc %attr(0755,root,root) %dir /etc/openldap %attr(0644,root,root) %config(noreplace) /etc/openldap/ldap*.conf %attr(0755,root,root) %{_libdir}/lib*.so.* %attr(0644,root,root) %{_mandir}/man5/* %attr(0755,root,root) %dir %{_datadir}/openldap %attr(0644,root,root) %{_datadir}/openldap/ldapfriendly %files servers %defattr(-,root,root) %doc README.migration TOOLS.migration %doc $RPM_SOURCE_DIR/README.upgrading $RPM_SOURCE_DIR/README.sendbuf $RPM_SOURCE_DIR/guide.html %attr(0755,root,root) %config /etc/rc.d/init.d/ldap %attr(0600,ldap,ldap) %config(noreplace) /etc/openldap/slapd.conf %attr(0755,root,root) %dir /etc/openldap/schema %attr(0644,root,root) %config(noreplace) /etc/openldap/schema/*.schema* %attr(0755,root,root) %dir /etc/openldap/schema/redhat %attr(0644,root,root) %config(noreplace) /etc/openldap/schema/redhat/*.schema* %attr(0755,root,root) %{_sbindir}/* %attr(0644,root,root) %{_mandir}/man8/* %attr(0644,root,root) %{_datadir}/openldap/*.help %attr(0755,root,root) %dir %{_datadir}/openldap/migration %attr(0644,root,root) %{_datadir}/openldap/migration/README %attr(0644,root,root) %config(noreplace) %{_datadir}/openldap/migration/*.ph %attr(0755,root,root) %{_datadir}/openldap/migration/*.pl %attr(0755,root,root) %{_datadir}/openldap/migration/*.sh %attr(0644,root,root) %{_datadir}/openldap/migration/*.txt %attr(0700,ldap,ldap) %dir /var/lib/ldap %files clients %defattr(-,root,root) %attr(0755,root,root) %{_bindir}/* %attr(0644,root,root) %{_mandir}/man1/* %files devel %defattr(-,root,root) %doc doc/drafts %attr(0755,root,root) %{_libdir}/lib*.so %attr(0644,root,root) %{_libdir}/lib*.a %attr(0644,root,root) %{_includedir}/* %attr(0644,root,root) %{_mandir}/man3/* %changelog * Wed Mar 18 2003 D. Marlin - new s390 release number and rebuild for s390 (bug #85960) * Wed Jan 16 2002 Nalin Dahyabhai 2.0.21-1 - build for RHL 7.2 errata * Wed Jan 16 2002 Nalin Dahyabhai 2.0.21-2 - update to 2.0.21, now earmarked as STABLE * Wed Jan 16 2002 Nalin Dahyabhai 2.0.20-2 - temporarily disable optimizations for ia64 arches - specify pthreads at configure-time instead of letting configure guess * Mon Jan 14 2002 Nalin Dahyabhai - and one for Raw Hide * Mon Jan 14 2002 Nalin Dahyabhai 2.0.20-0.7 - build for RHL 7/7.1 * Mon Jan 14 2002 Nalin Dahyabhai 2.0.20-1 - update to 2.0.20 (security errata) * Thu Dec 20 2001 Nalin Dahyabhai 2.0.19-1 - update to 2.0.19 * Wed Nov 6 2001 Nalin Dahyabhai 2.0.18-2 - fix the commented-out replication example in slapd.conf * Fri Oct 26 2001 Nalin Dahyabhai 2.0.18-1 - update to 2.0.18 * Mon Oct 15 2001 Nalin Dahyabhai 2.0.17-1 - update to 2.0.17 * Wed Oct 10 2001 Nalin Dahyabhai - disable kbind support (deprecated, and I suspect unused) - configure with --with-kerberos=k5only instead of --with-kerberos=k5 - build slapd with threads * Thu Sep 27 2001 Nalin Dahyabhai 2.0.15-2 - rebuild, 2.0.15 is now designated stable * Fri Sep 21 2001 Nalin Dahyabhai 2.0.15-1 - update to 2.0.15 * Mon Sep 10 2001 Nalin Dahyabhai 2.0.14-1 - update to 2.0.14 * Fri Aug 31 2001 Nalin Dahyabhai 2.0.12-1 - update to 2.0.12 to pull in fixes for setting of default TLS options, among other things - update to migration tools 39 - drop tls patch, which was fixed better in this release * Tue Aug 21 2001 Nalin Dahyabhai 2.0.11-13 - install saucer correctly * Thu Aug 16 2001 Nalin Dahyabhai - try to fix ldap_set_options not being able to set global options related to TLS correctly * Thu Aug 9 2001 Nalin Dahyabhai - don't attempt to create a cert at install-time, it's usually going to get the wrong CN (#51352) * Mon Aug 6 2001 Nalin Dahyabhai - add a build-time requirement on pam-devel - add a build-time requirement on a sufficiently-new libtool to link shared libraries to other shared libraries (which is needed in order for prelinking to work) * Fri Aug 3 2001 Nalin Dahyabhai - require cyrus-sasl-md5 (support for DIGEST-MD5 is required for RFC compliance) by name (follows from #43079, which split cyrus-sasl's cram-md5 and digest-md5 modules out into cyrus-sasl-md5) * Fri Jul 20 2001 Nalin Dahyabhai - enable passwd back-end (noted by Alan Sparks and Sergio Kessler) * Wed Jul 18 2001 Nalin Dahyabhai - start to prep for errata release * Fri Jul 6 2001 Nalin Dahyabhai - link libldap with liblber * Wed Jul 4 2001 Than Ngo 2.0.11-6 - add symlink liblber.so libldap.so and libldap_r.so in /usr/lib * Tue Jul 3 2001 Nalin Dahyabhai - move shared libraries to /lib - redo init script for better internationalization (#26154) - don't use ldaprc files in the current directory (#38402) (patch from hps@intermeta.de) - add BuildPrereq on tcp wrappers since we configure with --enable-wrappers (#43707) - don't overflow debug buffer in mail500 (#41751) - don't call krb5_free_creds instead of krb5_free_cred_contents any more (#43159) * Mon Jul 2 2001 Nalin Dahyabhai - make config files noreplace (#42831) * Tue Jun 26 2001 Nalin Dahyabhai - actually change the default config to use the dummy cert - update to MigrationTools 38 * Mon Jun 25 2001 Nalin Dahyabhai - build dummy certificate in %%post, use it in default config - configure-time shenanigans to help a confused configure script * Wed Jun 20 2001 Nalin Dahyabhai - tweak migrate_automount and friends so that they can be run from anywhere * Thu May 24 2001 Nalin Dahyabhai - update to 2.0.11 * Wed May 23 2001 Nalin Dahyabhai - update to 2.0.10 * Mon May 21 2001 Nalin Dahyabhai - update to 2.0.9 * Tue May 15 2001 Nalin Dahyabhai - update to 2.0.8 - drop patch which came from upstream * Fri Mar 2 2001 Nalin Dahyabhai - rebuild in new environment * Thu Feb 8 2001 Nalin Dahyabhai - back out pidfile patches, which interact weirdly with Linux threads - mark non-standard schema as such by moving them to a different directory * Mon Feb 5 2001 Nalin Dahyabhai - update to MigrationTools 36, adds netgroup support * Fri Jan 29 2001 Nalin Dahyabhai - fix thinko in that last patch * Thu Jan 25 2001 Nalin Dahyabhai - try to work around some buffering problems * Tue Jan 23 2001 Nalin Dahyabhai - gettextize the init script * Thu Jan 18 2001 Nalin Dahyabhai - gettextize the init script * Fri Jan 12 2001 Nalin Dahyabhai - move the RFCs to the base package (#21701) - update to MigrationTools 34 * Wed Jan 10 2001 Nalin Dahyabhai - add support for additional OPTIONS, SLAPD_OPTIONS, and SLURPD_OPTIONS in a /etc/sysconfig/ldap file (#23549) * Fri Dec 29 2000 Nalin Dahyabhai - change automount object OID from 1.3.6.1.1.1.2.9 to 1.3.6.1.1.1.2.13, per mail from the ldap-nis mailing list * Tue Dec 5 2000 Nalin Dahyabhai - force -fPIC so that shared libraries don't fall over * Mon Dec 4 2000 Nalin Dahyabhai - add Norbert Klasen's patch (via Del) to fix searches using ldaps URLs (OpenLDAP ITS #889) - add "-h ldaps:///" to server init when TLS is enabled, in order to support ldaps in addition to the regular STARTTLS (suggested by Del) * Mon Nov 27 2000 Nalin Dahyabhai - correct mismatched-dn-cn bug in migrate_automount.pl * Mon Nov 20 2000 Nalin Dahyabhai - update to the correct OIDs for automount and automountInformation - add notes on upgrading * Tue Nov 7 2000 Nalin Dahyabhai - update to 2.0.7 - drop chdir patch (went mainstream) * Thu Nov 2 2000 Nalin Dahyabhai - change automount object classes from auxiliary to structural * Tue Oct 31 2000 Nalin Dahyabhai - update to Migration Tools 27 - change the sense of the last simple patch * Wed Oct 25 2000 Nalin Dahyabhai - reorganize the patch list to separate MigrationTools and OpenLDAP patches - switch to Luke Howard's rfc822MailMember schema instead of the aliases.schema - configure slapd to run as the non-root user "ldap" (#19370) - chdir() before chroot() (we don't use chroot, though) (#19369) - disable saving of the pid file because the parent thread which saves it and the child thread which listens have different pids * Wed Oct 11 2000 Nalin Dahyabhai - add missing required attributes to conversion scripts to comply with schema - add schema for mail aliases, autofs, and kerberosSecurityObject rooted in our own OID tree to define attributes and classes migration scripts expect - tweak automounter migration script * Mon Oct 9 2000 Nalin Dahyabhai - try adding the suffix first when doing online migrations - force ldapadd to use simple authentication in migration scripts - add indexing of a few attributes to the default configuration - add commented-out section on using TLS to default configuration * Thu Oct 5 2000 Nalin Dahyabhai - update to 2.0.6 - add buildprereq on cyrus-sasl-devel, krb5-devel, openssl-devel - take the -s flag off of slapadd invocations in migration tools - add the cosine.schema to the default server config, needed by inetorgperson * Wed Oct 4 2000 Nalin Dahyabhai - add the nis.schema and inetorgperson.schema to the default server config - make ldapadd a hard link to ldapmodify because they're identical binaries * Fri Sep 22 2000 Nalin Dahyabhai - update to 2.0.4 * Fri Sep 15 2000 Nalin Dahyabhai - remove prereq on /etc/init.d (#17531) - update to 2.0.3 - add saucer to the included clients * Wed Sep 6 2000 Nalin Dahyabhai - update to 2.0.1 * Fri Sep 1 2000 Nalin Dahyabhai - update to 2.0.0 - patch to build against MIT Kerberos 1.1 and later instead of 1.0.x * Tue Aug 22 2000 Nalin Dahyabhai - remove that pesky default password - change "Copyright:" to "License:" * Sun Aug 13 2000 Nalin Dahyabhai - adjust permissions in files lists - move libexecdir from %%{_prefix}/sbin to %%{_sbindir} * Fri Aug 11 2000 Nalin Dahyabhai - add migrate_automount.pl to the migration scripts set * Tue Aug 8 2000 Nalin Dahyabhai - build a semistatic slurpd with threads, everything else without - disable reverse lookups, per email on OpenLDAP mailing lists - make sure the execute bits are set on the shared libraries * Mon Jul 31 2000 Nalin Dahyabhai - change logging facility used from local4 to daemon (#11047) * Thu Jul 27 2000 Nalin Dahyabhai - split off clients and servers to shrink down the package and remove the base package's dependency on Perl - make certain that the binaries have sane permissions * Mon Jul 17 2000 Nalin Dahyabhai - move the init script back * Thu Jul 13 2000 Nalin Dahyabhai - tweak the init script to only source /etc/sysconfig/network if it's found * Wed Jul 12 2000 Prospector - automatic rebuild * Mon Jul 10 2000 Nalin Dahyabhai - switch to gdbm; I'm getting off the db merry-go-round - tweak the init script some more - add instdir to @INC in migration scripts * Thu Jul 6 2000 Nalin Dahyabhai - tweak init script to return error codes properly - change initscripts dependency to one on /etc/init.d * Tue Jul 4 2000 Nalin Dahyabhai - prereq initscripts - make migration scripts use mktemp * Tue Jun 27 2000 Nalin Dahyabhai - do condrestart in post and stop in preun - move init script to /etc/init.d * Fri Jun 16 2000 Nalin Dahyabhai - update to 1.2.11 - add condrestart logic to init script - munge migration scripts so that you don't have to be /usr/share/openldap/migration to run them - add code to create pid files in /var/run * Mon Jun 5 2000 Nalin Dahyabhai - FHS tweaks - fix for compiling with libdb2 * Thu May 4 2000 Bill Nottingham - minor tweak so it builds on ia64 * Wed May 3 2000 Nalin Dahyabhai - more minimalistic fix for bug #11111 after consultation with OpenLDAP team - backport replacement for the ldapuser patch * Tue May 2 2000 Nalin Dahyabhai - fix segfaults from queries with commas in them in in.xfingerd (bug #11111) * Tue Apr 25 2000 Nalin Dahyabhai - update to 1.2.10 - add revamped version of patch from kos@bastard.net to allow execution as any non-root user - remove test suite from %%build because of weirdness in the build system * Wed Apr 12 2000 Nalin Dahyabhai - move the defaults for databases and whatnot to /var/lib/ldap (bug #10714) - fix some possible string-handling problems * Mon Feb 14 2000 Bill Nottingham - start earlier, stop later. * Thu Feb 3 2000 Nalin Dahyabhai - auto rebuild in new environment (release 4) * Tue Feb 1 2000 Nalin Dahyabhai - add -D_REENTRANT to make threaded stuff more stable, even though it looks like the sources define it, too - mark *.ph files in migration tools as config files * Fri Jan 21 2000 Nalin Dahyabhai - update to 1.2.9 * Mon Sep 13 1999 Bill Nottingham - strip files * Sat Sep 11 1999 Bill Nottingham - update to 1.2.7 - fix some bugs from bugzilla (#4885, #4887, #4888, #4967) - take include files out of base package * Fri Aug 27 1999 Jeff Johnson - missing ;; in init script reload) (#4734). * Tue Aug 24 1999 Cristian Gafton - move stuff from /usr/libexec to /usr/sbin - relocate config dirs to /etc/openldap * Mon Aug 16 1999 Bill Nottingham - initscript munging * Wed Aug 11 1999 Cristian Gafton - add the migration tools to the package * Fri Aug 06 1999 Cristian Gafton - upgrade to 1.2.6 - add rc.d script - split -devel package * Sun Feb 07 1999 Preston Brown - upgrade to latest stable (1.1.4), it now uses configure macro. * Fri Jan 15 1999 Bill Nottingham - build on arm, glibc2.1 * Wed Oct 28 1998 Preston Brown - initial cut. - patches for signal handling on the alpha