Accepting request 828345 from home:kukuk:container

- Switch from shadow to sysusers to generate ldap account
- Remove if's for code older than SLE12 (Even SLE12 builds no longer)
- Remove 12 years old sasl2 migration code

OBS-URL: https://build.opensuse.org/request/show/828345
OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=270
This commit is contained in:
Michael Ströder 2020-08-21 07:12:10 +00:00 committed by Git OBS Bridge
parent 4754d1883c
commit 37de44c207
4 changed files with 23 additions and 29 deletions

2
ldap-user.conf Normal file
View File

@ -0,0 +1,2 @@
# Type Name ID GECOS [HOME]
u ldap - "User for OpenLDAP" /var/lib/ldap

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Aug 20 16:39:54 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>
- Switch from shadow to sysusers to generate ldap account
- Remove if's for code older than SLE12 (Even SLE12 builds no longer)
- Remove 12 years old sasl2 migration code
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Aug 15 06:56:27 UTC 2020 - Thorsten Kukuk <kukuk@suse.com> Sat Aug 15 06:56:27 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>

View File

@ -23,16 +23,10 @@
%define run_test_suite 0 %define run_test_suite 0
%define version_main 2.4.51 %define version_main 2.4.51
%if %{suse_version} >= 1310 && %{suse_version} != 1315
%define _rundir /run/slapd
%else
%define _rundir /var/run/slapd
%endif
%define name_ppolicy_check_module ppolicy-check-password %define name_ppolicy_check_module ppolicy-check-password
%define version_ppolicy_check_module 1.2 %define version_ppolicy_check_module 1.2
%define ppolicy_docdir %{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module} %define ppolicy_docdir %{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module}
%define slapdrundir %{_rundir}/slapd
Name: openldap2 Name: openldap2
Summary: An open source implementation of the Lightweight Directory Access Protocol Summary: An open source implementation of the Lightweight Directory Access Protocol
@ -55,6 +49,7 @@ Source14: slapd.service
Source16: sysconfig.openldap Source16: sysconfig.openldap
Source17: openldap_update_modules_path.sh Source17: openldap_update_modules_path.sh
Source18: openldap2.conf Source18: openldap2.conf
Source19: ldap-user.conf
Patch1: 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch Patch1: 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch
Patch3: 0003-LDAPI-socket-location.dif Patch3: 0003-LDAPI-socket-location.dif
Patch5: 0005-pie-compile.dif Patch5: 0005-pie-compile.dif
@ -77,19 +72,19 @@ BuildRequires: libopenssl-devel
BuildRequires: libsodium-devel BuildRequires: libsodium-devel
BuildRequires: libtool BuildRequires: libtool
BuildRequires: openslp-devel BuildRequires: openslp-devel
BuildRequires: sysuser-tools
BuildRequires: unixODBC-devel BuildRequires: unixODBC-devel
%if %{suse_version} >= 1310 && %{suse_version} != 1315
# avoid cycle with krb5 # avoid cycle with krb5
BuildRequires: pkgconfig(krb5) BuildRequires: pkgconfig(krb5)
BuildRequires: pkgconfig(systemd) BuildRequires: pkgconfig(systemd)
%if %{suse_version} < 1500 %if %{suse_version} < 1500
%{?systemd_requires} %{?systemd_requires}
%endif %endif
%endif
Requires: libldap-2_4-2 = %{version_main} Requires: libldap-2_4-2 = %{version_main}
Recommends: cyrus-sasl Recommends: cyrus-sasl
Conflicts: openldap Conflicts: openldap
PreReq: %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep PreReq: %fillup_prereq
%sysusers_requires
%description %description
OpenLDAP is a client and server reference implementation of the OpenLDAP is a client and server reference implementation of the
@ -142,9 +137,7 @@ to do any programming.
%package -n libldap-data %package -n libldap-data
Summary: Configuration file for system-wide defaults for all uses of libldap Summary: Configuration file for system-wide defaults for all uses of libldap
Group: Productivity/Networking/LDAP/Clients Group: Productivity/Networking/LDAP/Clients
%if 0%{?suse_version} != 1110
BuildArch: noarch BuildArch: noarch
%endif
%description -n libldap-data %description -n libldap-data
The subpackage contains a configuration file used to set system-wide defaults The subpackage contains a configuration file used to set system-wide defaults
@ -175,9 +168,7 @@ trace traces overlay invocation
Summary: OpenLDAP Documentation Summary: OpenLDAP Documentation
Group: Documentation/Other Group: Documentation/Other
Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README Provides: openldap2:/usr/share/doc/packages/openldap2/drafts/README
%if 0%{?suse_version} > 1110
BuildArch: noarch BuildArch: noarch
%endif
%description doc %description doc
The OpenLDAP Admin Guide plus a set of OpenLDAP related IETF internet drafts. The OpenLDAP Admin Guide plus a set of OpenLDAP related IETF internet drafts.
@ -274,7 +265,7 @@ export STRIP=""
--sysconfdir=%{_sysconfdir} \ --sysconfdir=%{_sysconfdir} \
--libdir=%{_libdir} \ --libdir=%{_libdir} \
--libexecdir=%{_libdir} \ --libexecdir=%{_libdir} \
--localstatedir=%{_rundir} \ --localstatedir=%{slapdrundir} \
--enable-wrappers=no \ --enable-wrappers=no \
--enable-spasswd \ --enable-spasswd \
--enable-modules \ --enable-modules \
@ -315,6 +306,8 @@ make -C contrib/slapd-modules/smbk5pwd %{?_smp_mflags} "sysconfdir=%{_sysconfdir
# Build ppolicy-check-password module # Build ppolicy-check-password module
make -C contrib/slapd-modules/%{name_ppolicy_check_module} %{?_smp_mflags} "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libdir}" make -C contrib/slapd-modules/%{name_ppolicy_check_module} %{?_smp_mflags} "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libdir}"
# Create ldap user
%sysusers_generate_pre %{SOURCE19} ldap
%check %check
%if %run_test_suite %if %run_test_suite
@ -368,6 +361,8 @@ install -m 755 %{SOURCE6} %{buildroot}%{_sbindir}/schema2ldif
install -m 755 %{SOURCE17} %{buildroot}%{_sbindir} install -m 755 %{SOURCE17} %{buildroot}%{_sbindir}
mkdir -p %{buildroot}%{_tmpfilesdir}/ mkdir -p %{buildroot}%{_tmpfilesdir}/
install -m 644 %{SOURCE18} %{buildroot}%{_tmpfilesdir}/ install -m 644 %{SOURCE18} %{buildroot}%{_tmpfilesdir}/
mkdir -p %{buildroot}%{_sysusersdir}
install -m 644 %{SOURCE19} %{buildroot}%{_sysusersdir}/
# Install ppolicy check module # Install ppolicy check module
make -C contrib/slapd-modules/ppolicy-check-password STRIP="" DESTDIR="%{buildroot}" "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libexecdir}" install make -C contrib/slapd-modules/ppolicy-check-password STRIP="" DESTDIR="%{buildroot}" "sysconfdir=%{_sysconfdir}/openldap" "libdir=%{_libdir}" "libexecdir=%{_libexecdir}" install
@ -412,7 +407,7 @@ install -m 644 servers/slapd/slapd.ldif \
rm -f %{buildroot}/etc/openldap/DB_CONFIG.example rm -f %{buildroot}/etc/openldap/DB_CONFIG.example
rm -f %{buildroot}/etc/openldap/schema/README rm -f %{buildroot}/etc/openldap/schema/README
rm -f %{buildroot}/etc/openldap/slapd.ldif* rm -f %{buildroot}/etc/openldap/slapd.ldif*
rm -f %{buildroot}%{_rundir}/openldap-data/DB_CONFIG.example rm -f %{buildroot}%{slapdrundir}/openldap-data/DB_CONFIG.example
mv servers/slapd/back-sql/rdbms_depend servers/slapd/back-sql/examples mv servers/slapd/back-sql/rdbms_depend servers/slapd/back-sql/examples
ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcslapd ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcslapd
@ -434,17 +429,10 @@ ln -fs libldap_r.so "%{buildroot}%{_libdir}/libldap.so"
gcc -shared -o "%{buildroot}%{_libdir}/libldap-2.4.so.2" -Wl,--no-as-needed \ gcc -shared -o "%{buildroot}%{_libdir}/libldap-2.4.so.2" -Wl,--no-as-needed \
-Wl,-soname -Wl,libldap-2.4.so.2 -L "%{buildroot}%{_libdir}" -lldap_r -Wl,-soname -Wl,libldap-2.4.so.2 -L "%{buildroot}%{_libdir}" -lldap_r
%pre %pre -f ldap.pre
getent group ldap >/dev/null || /usr/sbin/groupadd -g 70 -o -r ldap
getent passwd ldap >/dev/null || /usr/sbin/useradd -r -o -g ldap -u 76 -s /bin/false -c "User for OpenLDAP" -d /var/lib/ldap ldap
%service_add_pre slapd.service %service_add_pre slapd.service
%post %post
if [ ${1:-0} -gt 1 ] && [ -f %{_libdir}/sasl2/slapd.conf ] ; then
cp /etc/sasl2/slapd.conf /etc/sasl2/slapd.conf.rpmnew
cp %{_libdir}/sasl2/slapd.conf /etc/sasl2/slapd.conf
fi
if [ ${1:-0} -gt 1 ] && [ ! -f /var/adm/openldap_modules_path_updated ] ; then if [ ${1:-0} -gt 1 ] && [ ! -f /var/adm/openldap_modules_path_updated ] ; then
/usr/sbin/openldap_update_modules_path.sh /usr/sbin/openldap_update_modules_path.sh
fi fi
@ -512,8 +500,9 @@ fi
/usr/lib/openldap/start /usr/lib/openldap/start
%{_unitdir}/slapd.service %{_unitdir}/slapd.service
%{_tmpfilesdir}/%{name}.conf %{_tmpfilesdir}/%{name}.conf
%{_sysusersdir}/ldap-user.conf
%dir %attr(0750, ldap, ldap) %{_sharedstatedir}/ldap %dir %attr(0750, ldap, ldap) %{_sharedstatedir}/ldap
%ghost %attr(0750, ldap, ldap) %{_rundir} %ghost %attr(0750, ldap, ldap) %{slapdrundir}
%doc %{_mandir}/man8/sl* %doc %{_mandir}/man8/sl*
%doc %{_mandir}/man5/slapd.* %doc %{_mandir}/man5/slapd.*
%doc %{_mandir}/man5/slapd-bdb.* %doc %{_mandir}/man5/slapd-bdb.*

4
start
View File

@ -7,10 +7,6 @@
# Ralf Haferkamp # Ralf Haferkamp
# #
# Determine the base and follow a runlevel link name.
base=${0##*/}
link=${base#*[SK][0-9][0-9]}
test -f /etc/sysconfig/openldap && . /etc/sysconfig/openldap test -f /etc/sysconfig/openldap && . /etc/sysconfig/openldap
SLAPD_BIN=/usr/sbin/slapd SLAPD_BIN=/usr/sbin/slapd