SHA256
1
0
forked from pool/openldap2
openldap2/slapd-ldif-update-crc.sh
Michael Ströder 617ae2b561 Accepting request 844183 from home:firstyear:branches:network:ldap
- bsc#1175568 CVE-2020-8027
  openldap_update_modules_path.sh has a number of issues in it's
  design that lead to security issues. This file has been removed,
  from the package, and the %post execution of the install. The
  function is replaced by /usr/sbin/slapd-ldif-update-crc and
  /usr/lib/openldap/fixup-modulepath, through the addition of the
  source files:
  * fixup-modulepath.sh
  * slapd-ldif-update-crc.sh
  * update-crc.sh

OBS-URL: https://build.opensuse.org/request/show/844183
OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=278
2020-10-27 01:14:55 +00:00

34 lines
758 B
Bash

#!/bin/bash
# Script to fix the crc of openldap slapd.d ldifs.
source /usr/lib/openldap/update-crc
if [ -z ${1} ]; then
echo "Usage: ${0} /etc/openldap/slapd.d/<config ldif to update>"
exit 1
fi
if [ ! -f "${1}" ]; then
echo "File ${1} does not exist?"
echo "Usage: ${0} /etc/openldap/slapd.d/<config ldif to update>"
exit 1
fi
# Make sure slapd.service is not running.
slapd_running=1
# Don't check if no systemd, we could be in a container.
if [ -f "/usr/bin/systemctl" ]; then
/usr/bin/systemctl is-active --quiet slapd.service
slapd_running=$?
fi
if [ $slapd_running -eq 0 ]; then
echo "Unable to update crc of '${1}' while slapd.service is running ..."
exit 1
fi
do_update_crc ${1}
echo "Updated crc of ${1}"