# # spec file for package openldap2 (Version 2.4.23) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild %define run_test_suite 1 Name: openldap2 BuildRequires: cyrus-sasl-devel libopenssl-devel %if %sles_version == 9 || %sles_version == 10 BuildRequires: -libopenssl-devel -pwdutils openssl-devel %endif Version: 2.4.23 Release: 1 Url: http://www.openldap.org License: BSD3c(or similar) ; openldap 2.8 %if "%{name}" == "openldap2" BuildRequires: db-devel openslp-devel tcpd-devel unixODBC-devel %if %sles_version == 9 || %sles_version == 10 BuildRequires: -db-devel libdb-4_5-devel %endif Group: Productivity/Networking/LDAP/Clients Conflicts: openldap Requires: libldap-2_4-2 = %{version} PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd /usr/sbin/groupadd /usr/bin/grep Summary: The OpenLDAP commandline client tools %else Group: Productivity/Networking/LDAP/Clients Conflicts: openldap-client Requires: libldap-2_4-2 = %{version} Summary: The OpenLDAP commandline client tools %endif AutoReqProv: on Source: openldap-%{version}.tar.bz2 Source1: openldap-rc.tgz Source2: addonschema.tar.gz Source3: DB_CONFIG Source4: sasl-slapd.conf Source5: README.update Source6: schema2ldif Source100: openldap-2.3.37.tar.bz2 Patch1: 0001-build-adjustments.dif Patch2: 0002-slapd.conf.dif Patch3: 0003-LDAPI-socket-location.dif Patch4: 0004-libldap-use-gethostbyname_r.dif Patch5: 0005-pie-compile.dif Patch6: 0006-assorted-fixes-for-back-config-DELETE-support.dif Patch100: openldap-2.3.37.dif Patch200: slapd_getaddrinfo_dupl.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build %if "%{name}" == "openldap2" %description The Lightweight Directory Access Protocol (LDAP) is used to access online directory services. It runs directly over TCP and can be used to access a stand-alone LDAP directory service or to access a directory service that has an X.500 back-end. Authors: -------- The OpenLDAP Project %package -n openldap2-back-perl License: BSD3c(or similar) Summary: OpenLDAP Perl Back-End Requires: openldap2 = %{version} perl = %{perl_version} AutoReqProv: on Group: Productivity/Networking/LDAP/Servers %description -n openldap2-back-perl The OpenLDAP Perl back-end allows you to execute Perl code specific to different LDAP operations. Authors: -------- The OpenLDAP Project %package -n openldap2-back-meta License: BSD3c(or similar) Summary: OpenLDAP Meta Back-End Requires: openldap2 = %{version} AutoReqProv: on Group: Productivity/Networking/LDAP/Servers Provides: openldap2:/usr/share/man/man5/slapd-meta.5.gz %description -n openldap2-back-meta The OpenLDAP Meta back-end is able to perform basic LDAP proxying with respect to a set of remote LDAP servers. The information contained in these servers can be presented as belonging to a single Directory Information Tree (DIT). Authors: -------- The OpenLDAP Project %package -n openldap2-back-sql License: BSD3c(or similar) Summary: OpenLDAP SQL Back-End Requires: openldap2 = %{version} AutoReqProv: on Group: Productivity/Networking/LDAP/Servers %description -n openldap2-back-sql The primary purpose of this OpenLDAP backend is to present information stored in a Relational (SQL) Database as an LDAP subtree without the need to do any programming. Authors: -------- The OpenLDAP Project %else %description This package contains the OpenLDAP client utilities. Authors: -------- The OpenLDAP Project %package -n openldap2-devel License: BSD3c(or similar) ; openldap 2.8 Summary: Libraries, Header Files and Documentation for OpenLDAP AutoReqProv: on # bug437293 %ifarch ppc64 Obsoletes: openldap2-devel-64bit %endif # Conflicts: openldap-devel %if %suse_version >= 1110 Requires: libldap-2_4-2 = %{version} cyrus-sasl-devel libopenssl-devel %else Requires: libldap-2_4-2 = %{version} cyrus-sasl-devel openssl-devel %endif Group: Development/Libraries/C and C++ %description -n openldap2-devel This package provides the OpenLDAP libraries, header files, and documentation. Authors: -------- The OpenLDAP Project %package -n libldap-2_4-2 License: BSD3c(or similar) ; openldap 2.8 Summary: OpenLDAP Client Libraries AutoReqProv: on Group: Productivity/Networking/LDAP/Clients %description -n libldap-2_4-2 This package contains the OpenLDAP client libraries. Authors: -------- The OpenLDAP Project %endif %prep %setup -q -n openldap-%{version} -a1 -a2 -b100 %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %if %suse_version > 920 %patch5 -p1 %endif %patch6 -p1 %if %suse_version == 1100 %patch200 -p1 %endif cp %{SOURCE5} . cd ../openldap-2.3.37 %patch100 %build %{?suse_update_config:%{suse_update_config -f build}} libtoolize --force autoreconf export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -DLDAP_CONNECTIONLESS -DSLAP_CONFIG_DELETE" export STRIP="" %configure \ --localstatedir=/var/run/slapd \ --libexecdir=/usr/lib/openldap \ --enable-wrappers \ --enable-aclgroups \ --enable-spasswd \ --enable-modules \ --enable-shared \ --enable-dynamic \ --with-tls \ --with-cyrus-sasl \ --enable-crypt \ --enable-ipv6=yes \ %if "%{name}" == "openldap2" --enable-aci \ --enable-bdb \ --enable-hdb \ --enable-rewrite \ --enable-ldap=yes \ --enable-meta=mod \ --enable-monitor=yes \ --enable-perl=mod \ --enable-sql=mod \ --enable-slp \ --enable-overlays=yes \ %else --disable-slapd \ %endif --enable-lmpasswd \ --with-yielding-select make depend make %{?jobs:-j%jobs} %if "%{name}" == "openldap2" # build a static slapcat binary from the OpenLDAP 2.3 release # to be able to update existing databases cd ../openldap-2.3.37 %{?suse_update_config:%{suse_update_config -f build}} libtoolize --force #aclocal -I build autoreconf export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED" ./configure --prefix=/usr --exec-prefix=/usr --sysconfdir=/etc \ --localstatedir=/var/run/slapd --libexecdir=/usr/lib/openldap \ --libdir=%{_libdir} --mandir=%{_mandir} --enable-aci \ --enable-hdb --enable-bdb --enable-ldbm --enable-crypt \ --enable-ipv6=no \ --enable-ldap --enable-monitor --enable-meta --enable-rewrite \ --enable-dynamic=no --enable-shared=no make depend make %{?jobs:-j%jobs} %endif %check %if %run_test_suite # calculate the base port to be use in the test-suite SLAPD_BASEPORT=10000 if [ -f /.buildenv ] ; then . /.buildenv SLAPD_BASEPORT=$(($SLAPD_BASEPORT + ${BUILD_INCARNATION:-0} * 10)) fi export SLAPD_BASEPORT %ifnarch %arm alpha rm -f tests/scripts/test019-syncreplication-cascade rm -f tests/scripts/test022-ppolicy rm -f tests/scripts/test023-refint rm -f tests/scripts/test033-glue-syncrepl #rm -f tests/scripts/test036-meta-concurrency #rm -f tests/scripts/test039-glue-ldap-concurrency rm -f tests/scripts/test043-delta-syncrepl #rm -f tests/scripts/test045-syncreplication-proxied rm -f tests/scripts/test048-syncrepl-multiproxy rm -f tests/scripts/test050-syncrepl-multimaster rm -f tests/scripts/test058-syncrepl-asymmetric make SLAPD_DEBUG=0 test %endif %endif %install mkdir -p $RPM_BUILD_ROOT/etc/init.d mkdir -p $RPM_BUILD_ROOT/usr/sbin make STRIP="" DESTDIR=$RPM_BUILD_ROOT install install -m 755 rc.ldap $RPM_BUILD_ROOT/etc/init.d/ldap ln -sf ../../etc/init.d/ldap $RPM_BUILD_ROOT/usr/sbin/rcldap mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/slapd.d mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sasl2 install -m 644 %{SOURCE4} $RPM_BUILD_ROOT/%{_sysconfdir}/sasl2/slapd.conf install -m 755 -d $RPM_BUILD_ROOT/var/lib/ldap chmod a+x $RPM_BUILD_ROOT/%{_libdir}/liblber.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap_r.so* chmod a+x $RPM_BUILD_ROOT/%{_libdir}/libldap.so* install -m 755 %{SOURCE6} $RPM_BUILD_ROOT/usr/sbin/schema2ldif %if "%{name}" == "openldap2" mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates install -m 644 sysconfig.openldap $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.openldap install -m 644 *.schema $RPM_BUILD_ROOT/etc/openldap/schema install -m 644 %{SOURCE3} $RPM_BUILD_ROOT/var/lib/ldap/DB_CONFIG install -m 644 $RPM_BUILD_ROOT/etc/openldap/DB_CONFIG.example $RPM_BUILD_ROOT/var/lib/ldap/DB_CONFIG.example install -d $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/ install -m 644 SuSEfirewall2.openldap $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/openldap rm -f `find doc/guide ! -name *.html -a ! -name *.gif -a ! -name *.png -a ! -type d` rm -rf doc/guide/release rm -f $RPM_BUILD_ROOT/etc/openldap/DB_CONFIG.example rm -f $RPM_BUILD_ROOT/etc/openldap/schema/README rm -f $RPM_BUILD_ROOT/var/run/slapd/openldap-data/DB_CONFIG.example # install 2.3 slapcat install -m 755 ../openldap-2.3.37/servers/slapd/slapcat $RPM_BUILD_ROOT/usr/sbin/openldap-2.3-slapcat %endif rm -f $RPM_BUILD_ROOT/usr/lib/openldap/modules/*.a rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-dnssrv.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-ndb.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-null.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-passwd.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-shell.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-sock.5 rm -f $RPM_BUILD_ROOT/usr/share/man/man5/slapd-tcl.5 # Remove *.la files, libtool does not handle this correct rm -f $RPM_BUILD_ROOT%{_libdir}/lib*.la #put filelists into files cat >openldap2.filelist < openldap2-client.filelist < libldap.filelist < openldap2-devel.filelist < openldap2-back-perl.filelist < openldap2-back-meta.filelist < openldap2-back-sql.filelist < /dev/null || : /usr/sbin/useradd -r -o -g ldap -u 76 -s /bin/bash -c "User for OpenLDAP" -d \ /var/lib/ldap ldap 2> /dev/null || : # try to figure out if a db update is needed if [ ${1:-0} -gt 1 ] && [ -f /usr/lib/openldap/slapd ] && /usr/bin/strings /usr/lib/openldap/slapd | \ grep "slapd 2.3" 2>&1 > /dev/null; then # create a backup of the schema shipped with 2.3 # at least core.schema changed between 2.3 and 2.4 TEMPDIR=`mktemp -d /etc/openldap/schema.backup.XXXXXX` echo "Schema backup created in $TEMPDIR" cp -p --remove-destination /etc/openldap/schema/* $TEMPDIR echo $TEMPDIR > /etc/openldap/UPDATE_NEEDED ; fi %post if [ ${1:-0} -gt 1 ] && [ -f %{_libdir}/sasl2/slapd.conf ] ; then cp /etc/sasl2/slapd.conf /etc/sasl2/slapd.conf.rpmnew cp %{_libdir}/sasl2/slapd.conf /etc/sasl2/slapd.conf fi %{fillup_and_insserv -n openldap ldap} %{remove_and_set -n openldap OPENLDAP_RUN_DB_RECOVER} # convert database if needed if [ -f /etc/openldap/UPDATE_NEEDED ] ; then read SCHEMA_BACKUP < /etc/openldap/UPDATE_NEEDED SLAPD_CONF=/etc/openldap/slapd.conf sed -e "s;/etc/openldap/schema/;$SCHEMA_BACKUP/;g" \ < $SLAPD_CONF > $SCHEMA_BACKUP/slapd.conf.update LOGFILE="slaptool.log" BACKENDS=`grep ^database $SLAPD_CONF | awk '{print $2}'` DIRECTORIES=(`grep ^directory $SLAPD_CONF | awk '{print $2}'`) MSG="" db_num=0 dir_num=0 restart="" /etc/init.d/ldap status 2&>1 > /dev/null if [ "$?" = "0" ]; then /etc/init.d/ldap stop restart="1" fi for i in $BACKENDS; do db_num=$((db_num+1)); if [ "x$i" = "xbdb" ] || [ "x$i" = "xhdb" ] || [ "x$i" = "xldbm" ] ; then db_dir=${DIRECTORIES[$dir_num]}; if [ -f $db_dir/id2entry.bdb ] || [ -f $db_dir/id2entry.dbb ] ; then rm $db_dir/__db* ; mkdir $db_dir/db_bak ; echo "Dumping database to: $db_dir/ldapbak.ldif.$db_num" ; /usr/sbin/openldap-2.3-slapcat -T c \ -f $SCHEMA_BACKUP/slapd.conf.update \ -n $db_num -l $db_dir/ldapbak.ldif.$db_num 2>> $db_dir/$LOGFILE; if [ "x$i" = "xldbm" ] ; then mv $db_dir/*.dbb $db_dir/db_bak/ ; else mv $db_dir/*.bdb $db_dir/db_bak/ ; mv $db_dir/log.* $db_dir/db_bak/ ; fi mv $db_dir/alock $db_dir/db_bak/ ; rm -f $db_dir/__db* ; fi dir_num=$((dir_num+1)); fi done db_num=0 dir_num=0 sed -i -e "s;ldbm;bdb;g" $SLAPD_CONF for i in $BACKENDS; do db_num=$((db_num+1)); if [ "x$i" = "xbdb" ] || [ "x$i" = "xhdb" ] || [ "x$i" = "xldbm" ] ; then db_dir=${DIRECTORIES[$dir_num]}; if [ -s $db_dir/ldapbak.ldif.$db_num ] ; then if [ `wc -l $db_dir/ldapbak.ldif.$db_num | awk '{print $1}'` -lt 2500000 ]; then if [ "x$i" = "xldbm" ] ; then echo "Converting $i database to bdb in $db_dir" ; # Create default DB_CONFIG for better performance echo "set_cachesize 0 15000000 1" > $db_dir/DB_CONFIG echo "set_lg_regionmax 262144" >> $db_dir/DB_CONFIG echo "set_lg_bsize 2097152" >> $db_dir/DB_CONFIG echo "set_flags DB_LOG_AUTOREMOVE" >> $db_dir/DB_CONFIG else echo "Restoring $i database in $db_dir" ; fi slapadd -q -n $db_num -f $SLAPD_CONF -l $db_dir/ldapbak.ldif.$db_num 2>> $db_dir/$LOGFILE ; if [ $? -ne 0 ]; then MSG="$MSG\nFailed to restore database in $db_dir"; MSG="$MSG\nPlease restore manually from the LDIF dump $db_dir/ldapbak.ldif.$db_num\n"; else rm -f $db_dir/ldapbak.ldif.$db_num rm -rf $db_dir/db_bak/ fi else MSG="$MSG\nPlease restore the database in $db_dir manually by using"; MSG="$MSG\nslapadd with the LDIF dump $db_dir/ldapbak.ldif.$db_num\n"; fi fi dir_num=$((dir_num+1)); fi done if [ "$MSG" ] ; then echo -e "$MSG"; else rm -f /etc/openldap/UPDATE_NEEDED ; if [ $restart ]; then /etc/init.d/ldap start fi fi fi %preun %stop_on_removal ldap %postun %restart_on_update ldap %insserv_cleanup %files -f openldap2.filelist %defattr(-,root,root) %files -n openldap2-back-perl -f openldap2-back-perl.filelist %defattr(-,root,root) %files -n openldap2-back-meta -f openldap2-back-meta.filelist %defattr(-,root,root) %files -n openldap2-back-sql -f openldap2-back-sql.filelist %defattr(-,root,root) %else %post -n libldap-2_4-2 -p /sbin/ldconfig %postun -n libldap-2_4-2 -p /sbin/ldconfig %files -f openldap2-client.filelist %defattr(-,root,root) %files -n libldap-2_4-2 -f libldap.filelist %defattr(-,root,root) %files -n openldap2-devel -f openldap2-devel.filelist %defattr(-,root,root) %endif %changelog