forked from jengelh/openldap2
617ae2b561
- bsc#1175568 CVE-2020-8027 openldap_update_modules_path.sh has a number of issues in it's design that lead to security issues. This file has been removed, from the package, and the %post execution of the install. The function is replaced by /usr/sbin/slapd-ldif-update-crc and /usr/lib/openldap/fixup-modulepath, through the addition of the source files: * fixup-modulepath.sh * slapd-ldif-update-crc.sh * update-crc.sh OBS-URL: https://build.opensuse.org/request/show/844183 OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=278
34 lines
758 B
Bash
34 lines
758 B
Bash
#!/bin/bash
|
|
# Script to fix the crc of openldap slapd.d ldifs.
|
|
source /usr/lib/openldap/update-crc
|
|
|
|
if [ -z ${1} ]; then
|
|
echo "Usage: ${0} /etc/openldap/slapd.d/<config ldif to update>"
|
|
exit 1
|
|
fi
|
|
|
|
if [ ! -f "${1}" ]; then
|
|
echo "File ${1} does not exist?"
|
|
echo "Usage: ${0} /etc/openldap/slapd.d/<config ldif to update>"
|
|
exit 1
|
|
fi
|
|
|
|
# Make sure slapd.service is not running.
|
|
slapd_running=1
|
|
|
|
# Don't check if no systemd, we could be in a container.
|
|
if [ -f "/usr/bin/systemctl" ]; then
|
|
/usr/bin/systemctl is-active --quiet slapd.service
|
|
slapd_running=$?
|
|
fi
|
|
|
|
if [ $slapd_running -eq 0 ]; then
|
|
echo "Unable to update crc of '${1}' while slapd.service is running ..."
|
|
exit 1
|
|
fi
|
|
|
|
do_update_crc ${1}
|
|
|
|
echo "Updated crc of ${1}"
|
|
|