Accepting request 828345 from home:kukuk:container
- Switch from shadow to sysusers to generate ldap account - Remove if's for code older than SLE12 (Even SLE12 builds no longer) - Remove 12 years old sasl2 migration code OBS-URL: https://build.opensuse.org/request/show/828345 OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=270
This commit is contained in:
parent
4754d1883c
commit
37de44c207
2
ldap-user.conf
Normal file
2
ldap-user.conf
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
# Type Name ID GECOS [HOME]
|
||||||
|
u ldap - "User for OpenLDAP" /var/lib/ldap
|
@ -1,3 +1,10 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Aug 20 16:39:54 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>
|
||||||
|
|
||||||
|
- Switch from shadow to sysusers to generate ldap account
|
||||||
|
- Remove if's for code older than SLE12 (Even SLE12 builds no longer)
|
||||||
|
- Remove 12 years old sasl2 migration code
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sat Aug 15 06:56:27 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>
|
Sat Aug 15 06:56:27 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>
|
||||||
|
|
||||||
|
@ -23,16 +23,10 @@
|
|||||||
|
|
||||||
%define run_test_suite 0
|
%define run_test_suite 0
|
||||||
%define version_main 2.4.51
|
%define version_main 2.4.51
|
||||||
|
|
||||||
%if %{suse_version} >= 1310 && %{suse_version} != 1315
|
|
||||||
%define _rundir /run/slapd
|
|
||||||
%else
|
|
||||||
%define _rundir /var/run/slapd
|
|
||||||
%endif
|
|
||||||
|
|
||||||
%define name_ppolicy_check_module ppolicy-check-password
|
%define name_ppolicy_check_module ppolicy-check-password
|
||||||
%define version_ppolicy_check_module 1.2
|
%define version_ppolicy_check_module 1.2
|
||||||
%define ppolicy_docdir %{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module}
|
%define ppolicy_docdir %{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module}
|
||||||
|
%define slapdrundir %{_rundir}/slapd
|
||||||
|
|
||||||
Name: openldap2
|
Name: openldap2
|
||||||
Summary: An open source implementation of the Lightweight Directory Access Protocol
|
Summary: An open source implementation of the Lightweight Directory Access Protocol
|
||||||
@ -55,6 +49,7 @@ Source14: slapd.service
|
|||||||
Source16: sysconfig.openldap
|
Source16: sysconfig.openldap
|
||||||
Source17: openldap_update_modules_path.sh
|
Source17: openldap_update_modules_path.sh
|
||||||
Source18: openldap2.conf
|
Source18: openldap2.conf
|
||||||
|
Source19: ldap-user.conf
|
||||||
Patch1: 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch
|
Patch1: 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch
|
||||||
Patch3: 0003-LDAPI-socket-location.dif
|
Patch3: 0003-LDAPI-socket-location.dif
|
||||||
Patch5: 0005-pie-compile.dif
|
Patch5: 0005-pie-compile.dif
|
||||||
@ -77,19 +72,19 @@ BuildRequires: libopenssl-devel
|
|||||||
BuildRequires: libsodium-devel
|
BuildRequires: libsodium-devel
|
||||||
BuildRequires: libtool
|
BuildRequires: libtool
|
||||||
BuildRequires: openslp-devel
|
BuildRequires: openslp-devel
|
||||||
|
BuildRequires: sysuser-tools
|
||||||
BuildRequires: unixODBC-devel
|
BuildRequires: unixODBC-devel
|
||||||
%if %{suse_version} >= 1310 && %{suse_version} != 1315
|
|
||||||
# avoid cycle with krb5
|
# avoid cycle with krb5
|
||||||
BuildRequires: pkgconfig(krb5)
|
BuildRequires: pkgconfig(krb5)
|
||||||
BuildRequires: pkgconfig(systemd)
|
BuildRequires: pkgconfig(systemd)
|
||||||
%if %{suse_version} < 1500
|
%if %{suse_version} < 1500
|
||||||
%{?systemd_requires}
|
%{?systemd_requires}
|
||||||
%endif
|
%endif
|
||||||
%endif
|
|
||||||
Requires: libldap-2_4-2 = %{version_main}
|
Requires: libldap-2_4-2 = %{version_main}
|
||||||
Recommends: cyrus-sasl
|
Recommends: cyrus-sasl
|
||||||
Conflicts: openldap
|
Conflicts: openldap
|
||||||
PreReq: %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep
|
PreReq: %fillup_prereq
|
||||||
|
%sysusers_requires
|
||||||
|
|
||||||
%description
|
%description
|
||||||
OpenLDAP is a client and server reference implementation of the
|
OpenLDAP is a client and server reference implementation of the
|
||||||
@ -142,9 +137,7 @@ to do any programming.
|
|||||||
%package -n libldap-data
|
%package -n libldap-data
|
||||||
Summary: Configuration file for system-wide defaults for all uses of libldap
|
Summary: Configuration file for system-wide defaults for all uses of libldap
|
||||||
Group: Productivity/Networking/LDAP/Clients
|
Group: Productivity/Networking/LDAP/Clients
|
||||||
%if 0%{?suse_version} != 1110
|
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
%endif
|
|
||||||
|
|
||||||
%description -n libldap-data
|
%description -n libldap-data
|
||||||
The subpackage contains a configuration file used to set system-wide defaults
|
The subpackage contains a configuration file used to set system-wide defaults
|
||||||
@ -175,9 +168,7 @@ trace traces overlay invocation
|
|||||||
Summary: OpenLDAP Documentation
|
Summary: OpenLDAP Documentation
|
||||||
Group: Documentation/Other
|
Group: Documentation/Other
|
||||||
Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README
|
Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README
|
||||||
%if 0%{?suse_version} > 1110
|
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
%endif
|
|
||||||
|
|
||||||
%description doc
|
%description doc
|
||||||
The OpenLDAP Admin Guide plus a set of OpenLDAP related IETF internet drafts.
|
The OpenLDAP Admin Guide plus a set of OpenLDAP related IETF internet drafts.
|
||||||
@ -274,7 +265,7 @@ export STRIP=""
|
|||||||
--sysconfdir=%{_sysconfdir} \
|
--sysconfdir=%{_sysconfdir} \
|
||||||
--libdir=%{_libdir} \
|
--libdir=%{_libdir} \
|
||||||
--libexecdir=%{_libdir} \
|
--libexecdir=%{_libdir} \
|
||||||
--localstatedir=%{_rundir} \
|
--localstatedir=%{slapdrundir} \
|
||||||
--enable-wrappers=no \
|
--enable-wrappers=no \
|
||||||
--enable-spasswd \
|
--enable-spasswd \
|
||||||
--enable-modules \
|
--enable-modules \
|
||||||
@ -315,6 +306,8 @@ make -C contrib/slapd-modules/smbk5pwd %{?_smp_mflags} "sysconfdir=%{_sysconfdir
|
|||||||
|
|
||||||
# Build ppolicy-check-password module
|
# Build ppolicy-check-password module
|
||||||
make -C contrib/slapd-modules/%{name_ppolicy_check_module} %{?_smp_mflags} "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libdir}"
|
make -C contrib/slapd-modules/%{name_ppolicy_check_module} %{?_smp_mflags} "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libdir}"
|
||||||
|
# Create ldap user
|
||||||
|
%sysusers_generate_pre %{SOURCE19} ldap
|
||||||
|
|
||||||
%check
|
%check
|
||||||
%if %run_test_suite
|
%if %run_test_suite
|
||||||
@ -368,6 +361,8 @@ install -m 755 %{SOURCE6} %{buildroot}%{_sbindir}/schema2ldif
|
|||||||
install -m 755 %{SOURCE17} %{buildroot}%{_sbindir}
|
install -m 755 %{SOURCE17} %{buildroot}%{_sbindir}
|
||||||
mkdir -p %{buildroot}%{_tmpfilesdir}/
|
mkdir -p %{buildroot}%{_tmpfilesdir}/
|
||||||
install -m 644 %{SOURCE18} %{buildroot}%{_tmpfilesdir}/
|
install -m 644 %{SOURCE18} %{buildroot}%{_tmpfilesdir}/
|
||||||
|
mkdir -p %{buildroot}%{_sysusersdir}
|
||||||
|
install -m 644 %{SOURCE19} %{buildroot}%{_sysusersdir}/
|
||||||
|
|
||||||
# Install ppolicy check module
|
# Install ppolicy check module
|
||||||
make -C contrib/slapd-modules/ppolicy-check-password STRIP="" DESTDIR="%{buildroot}" "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libexecdir}" install
|
make -C contrib/slapd-modules/ppolicy-check-password STRIP="" DESTDIR="%{buildroot}" "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libexecdir}" install
|
||||||
@ -412,7 +407,7 @@ install -m 644 servers/slapd/slapd.ldif \
|
|||||||
rm -f %{buildroot}/etc/openldap/DB_CONFIG.example
|
rm -f %{buildroot}/etc/openldap/DB_CONFIG.example
|
||||||
rm -f %{buildroot}/etc/openldap/schema/README
|
rm -f %{buildroot}/etc/openldap/schema/README
|
||||||
rm -f %{buildroot}/etc/openldap/slapd.ldif*
|
rm -f %{buildroot}/etc/openldap/slapd.ldif*
|
||||||
rm -f %{buildroot}%{_rundir}/openldap-data/DB_CONFIG.example
|
rm -f %{buildroot}%{slapdrundir}/openldap-data/DB_CONFIG.example
|
||||||
mv servers/slapd/back-sql/rdbms_depend servers/slapd/back-sql/examples
|
mv servers/slapd/back-sql/rdbms_depend servers/slapd/back-sql/examples
|
||||||
|
|
||||||
ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcslapd
|
ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcslapd
|
||||||
@ -434,17 +429,10 @@ ln -fs libldap_r.so "%{buildroot}%{_libdir}/libldap.so"
|
|||||||
gcc -shared -o "%{buildroot}%{_libdir}/libldap-2.4.so.2" -Wl,--no-as-needed \
|
gcc -shared -o "%{buildroot}%{_libdir}/libldap-2.4.so.2" -Wl,--no-as-needed \
|
||||||
-Wl,-soname -Wl,libldap-2.4.so.2 -L "%{buildroot}%{_libdir}" -lldap_r
|
-Wl,-soname -Wl,libldap-2.4.so.2 -L "%{buildroot}%{_libdir}" -lldap_r
|
||||||
|
|
||||||
%pre
|
%pre -f ldap.pre
|
||||||
getent group ldap >/dev/null || /usr/sbin/groupadd -g 70 -o -r ldap
|
|
||||||
getent passwd ldap >/dev/null || /usr/sbin/useradd -r -o -g ldap -u 76 -s /bin/false -c "User for OpenLDAP" -d /var/lib/ldap ldap
|
|
||||||
%service_add_pre slapd.service
|
%service_add_pre slapd.service
|
||||||
|
|
||||||
%post
|
%post
|
||||||
if [ ${1:-0} -gt 1 ] && [ -f %{_libdir}/sasl2/slapd.conf ] ; then
|
|
||||||
cp /etc/sasl2/slapd.conf /etc/sasl2/slapd.conf.rpmnew
|
|
||||||
cp %{_libdir}/sasl2/slapd.conf /etc/sasl2/slapd.conf
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ ${1:-0} -gt 1 ] && [ ! -f /var/adm/openldap_modules_path_updated ] ; then
|
if [ ${1:-0} -gt 1 ] && [ ! -f /var/adm/openldap_modules_path_updated ] ; then
|
||||||
/usr/sbin/openldap_update_modules_path.sh
|
/usr/sbin/openldap_update_modules_path.sh
|
||||||
fi
|
fi
|
||||||
@ -512,8 +500,9 @@ fi
|
|||||||
/usr/lib/openldap/start
|
/usr/lib/openldap/start
|
||||||
%{_unitdir}/slapd.service
|
%{_unitdir}/slapd.service
|
||||||
%{_tmpfilesdir}/%{name}.conf
|
%{_tmpfilesdir}/%{name}.conf
|
||||||
|
%{_sysusersdir}/ldap-user.conf
|
||||||
%dir %attr(0750, ldap, ldap) %{_sharedstatedir}/ldap
|
%dir %attr(0750, ldap, ldap) %{_sharedstatedir}/ldap
|
||||||
%ghost %attr(0750, ldap, ldap) %{_rundir}
|
%ghost %attr(0750, ldap, ldap) %{slapdrundir}
|
||||||
%doc %{_mandir}/man8/sl*
|
%doc %{_mandir}/man8/sl*
|
||||||
%doc %{_mandir}/man5/slapd.*
|
%doc %{_mandir}/man5/slapd.*
|
||||||
%doc %{_mandir}/man5/slapd-bdb.*
|
%doc %{_mandir}/man5/slapd-bdb.*
|
||||||
|
4
start
4
start
@ -7,10 +7,6 @@
|
|||||||
# Ralf Haferkamp
|
# Ralf Haferkamp
|
||||||
#
|
#
|
||||||
|
|
||||||
# Determine the base and follow a runlevel link name.
|
|
||||||
base=${0##*/}
|
|
||||||
link=${base#*[SK][0-9][0-9]}
|
|
||||||
|
|
||||||
test -f /etc/sysconfig/openldap && . /etc/sysconfig/openldap
|
test -f /etc/sysconfig/openldap && . /etc/sysconfig/openldap
|
||||||
|
|
||||||
SLAPD_BIN=/usr/sbin/slapd
|
SLAPD_BIN=/usr/sbin/slapd
|
||||||
|
Loading…
Reference in New Issue
Block a user