From d8aedf8bed2dd93bef55fb0685c37f5967234dea Mon Sep 17 00:00:00 2001
From: fenlason <fenlason@fedoraproject.org>
Date: Jan 31 2006 21:47:36 +0000
Subject: - Upgrade to 2.3.19, which upstream now considers stable

- Modify the -config.patch, ldap.init, and this spec file to put the
  pid file and args file in an ldap-owned openldap subdirectory under
  /var/run.
- Move back_sql* out of %{_sbindir}/openldap , which requires
  hand-moving slapd and slurpd to _sbindir, and recreating symlinks
  by hand.
- Retire openldap-2.3.11-ads.patch, which went upstream.
- Update the ldap.init script to run slaptest as the ldap user rather
  than as root.  This solves
  bz#150172 Startup failure after database problem
- Add to the servers post and preun scriptlets so that on preun, the
  database is slapcatted to /var/lib/ldap/upgrade.ldif and the
  database files are saved to /var/lib/ldap/rpmorig.  On post, if
  /var/lib/ldap/upgrade.ldif exists, it is slapadded.  This means that
  on upgrades from 2.3.16-2 to higher versions, the database files may
  be automatically upgraded.  Unfortunatly, because of the changes to
  the preun scriptlet, users have to do the slapcat, etc by hand when
  upgrading to 2.3.16-2.  Also note that the /var/lib/ldap/rpmorig
  files need to be removed by hand because automatically removing your
  emergency fallback files is a bad idea.
- Upgrade internal bdb to db-4.4.20.  For a clean upgrade, this will
  require that users slapcat their databases into a temp file, move
  /var/lib/ldap someplace safe, upgrade the openldap rpms, then
  slapadd the temp file.

---

diff --git a/.cvsignore b/.cvsignore
index 99215ad..976b86e 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1,4 +1,6 @@
 openldap-2.2.29.tgz
-openldap-2.3.11.tgz
 MigrationTools-46.tar.gz
-openldap-2.3.16.tgz
+openldap-2.3.19.tgz
+db-4.4.20.tar.gz
+autoconf-2.13.1.tar.gz
+automake-1.4a.tar.gz
diff --git a/ldap.init b/ldap.init
index 7471380..868c5f1 100644
--- a/ldap.init
+++ b/ldap.init
@@ -8,7 +8,7 @@
 #              for implementing the industry standard directory services.
 # processname: slapd
 # config: /etc/openldap/slapd.conf
-# pidfile: /var/run/slapd.pid
+# pidfile: /var/run/openldap/slapd.pid
 
 # Source function library.
 . /etc/init.d/functions
@@ -121,8 +121,8 @@ function configtest() {
 		fi
 	done
 	# Check the configuration file.
-	if ! action $"Checking configuration files for $prog: " $slaptest $slaptestflags ; then
-		if $slaptest -u > /dev/null 2> /dev/null ; then
+	if ! action $"Checking configuration files for $prog: " /sbin/runuser -f -m -s /bin/sh -c "$slaptest $slaptestflags" -- "$user" ; then
+		if /sbin/runuser -f -m -s /bin/sh -c "$slaptest  -u" -- "$user" > /dev/null 2> /dev/null ; then
 			dirs=`LANG=C egrep '^directory[[:space:]]+[[:print:]]+$' /etc/openldap/slapd.conf | awk '{print $2}'`
 			for directory in $dirs ; do
 				if test -r $directory/__db.001 ; then
diff --git a/openldap-2.3.11-config.patch b/openldap-2.3.11-config.patch
index 921e67a..978cfc4 100644
--- a/openldap-2.3.11-config.patch
+++ b/openldap-2.3.11-config.patch
@@ -1,6 +1,6 @@
---- openldap-2.2.13/servers/slapd/slapd.conf	2003-12-29 13:10:40.000000000 -0500
-+++ openldap-2.2.13/servers/slapd/slapd.conf	2004-06-15 11:44:23.000000000 -0400
-@@ -3,8 +3,12 @@
+--- openldap-2.3.17/servers/slapd/slapd.conf.config	2004-06-17 22:49:08.000000000 -0400
++++ openldap-2.3.17/servers/slapd/slapd.conf	2006-01-12 15:33:04.000000000 -0500
+@@ -3,15 +3,19 @@
  # This file should NOT be world readable.
  #
  include		%SYSCONFDIR%/schema/core.schema
@@ -14,6 +14,15 @@
  
  # Do not enable referrals until AFTER you have a working directory
  # service AND an understanding of referrals.
+ #referral	ldap://root.openldap.org
+ 
+-pidfile		%LOCALSTATEDIR%/run/slapd.pid
+-argsfile	%LOCALSTATEDIR%/run/slapd.args
++pidfile		%LOCALSTATEDIR%/run/openldap/slapd.pid
++argsfile	%LOCALSTATEDIR%/run/openldap/slapd.args
+ 
+ # Load dynamic backend modules:
+ # modulepath	%MODULEDIR%
 @@ -21,6 +25,15 @@
  # moduleload	back_passwd.la
  # moduleload	back_shell.la
@@ -53,10 +62,10 @@
  # should only be accessible by the slapd and slap tools.
  # Mode 700 recommended.
 -directory	%LOCALSTATEDIR%/openldap-data
-+directory	/var/lib/ldap
-+
 -# Indices to maintain
 -index	objectClass	eq
++directory	/var/lib/ldap
++
 +# Indices to maintain for this database
 +index objectClass                       eq,pres
 +index ou,cn,mail,surname,givenname      eq,pres,sub
diff --git a/openldap.spec b/openldap.spec
index a233e92..6cedacb 100644
--- a/openldap.spec
+++ b/openldap.spec
@@ -1,8 +1,8 @@
 %define migtools_version 46
-%define db_version 4.3.27
+%define db_version 4.4.20
 %define ldbm_backend berkeley
 %define version_22 2.2.29
-%define version_23 2.3.16
+%define version_23 2.3.19
 %define evolution_connector_prefix %{_libdir}/evolution-openldap
 %define evolution_connector_includedir %{evolution_connector_prefix}/include
 %define evolution_connector_libdir %{evolution_connector_prefix}/%{_lib}
@@ -29,6 +29,7 @@ Source9: README.upgrading
 Source10: http://www.OpenLDAP.org/doc/admin/guide.html
 Source11: nptl-abi-note.S
 Source12: README.evolution
+
 # Patches that are still valid for 2.3
 Patch0: openldap-2.3.11-config.patch
 Patch1: openldap-1.2.11-cldap.patch
@@ -37,13 +38,17 @@ Patch3: openldap-2.2.13-setugid.patch
 Patch4: openldap-2.2.13-pie.patch
 Patch5: openldap-2.3.11-toollinks.patch
 Patch6: openldap-2.3.11-nosql.patch
-Patch7: openldap-2.3.11-ads.patch
+#Patch7: openldap-2.3.19-nostrip.patch
+
 # Patches for 2.2.29 for the compat-openldap package.
 Patch100: openldap-2.2.13-tls-fix-connection-test.patch
 Patch101: openldap-2.2.23-resolv.patch
 Patch102: openldap-2.2.29-ads.patch
-# patch for the evolution library
+#Patch103: openldap-2.2.29-nostrip.patch
+
+# Patches for the evolution library
 Patch200: openldap-ntlm.diff
+
 # Patches for the MigrationTools package
 Patch300: MigrationTools-38-instdir.patch
 Patch301: MigrationTools-36-mktemp.patch
@@ -52,6 +57,7 @@ Patch303: MigrationTools-26-suffix.patch
 Patch304: MigrationTools-46-schema.patch
 Patch305: MigrationTools-45-noaliases.patch
 
+
 URL: http://www.openldap.org/
 BuildRoot: %{_tmppath}/%{name}-%{version_23}-root
 BuildPreReq: cyrus-sasl-devel >= 2.1, gdbm-devel, libtool >= 1.5.6-2, krb5-devel
@@ -157,7 +163,7 @@ pushd openldap-%{version_23}
 %patch4 -p1 -b .pie
 %patch5 -p1 -b .toollinks
 %patch6 -p1 -b .nosql
-%patch7 -p1 -b .ads
+#%patch7 -p1 -b .nostrip
 cp %{_datadir}/libtool/config.{sub,guess} build/
 popd
 
@@ -196,6 +202,7 @@ pushd openldap-%{version_22}
 %patch100 -p1 -b .resolv
 %patch101 -p1 -b .CAN-2005-2069
 %patch102 -p1 -b .ads
+#%patch103 -p1 -b .nostrip
         for subdir in build-servers build-compat ; do
                 mkdir $subdir
                 ln -s ../configure $subdir
@@ -324,7 +331,7 @@ build() {
 	--enable-modules \
 	--disable-sql \
 	\
-	--libexecdir=%{_sbindir} \
+	--libexecdir=%{_libdir} \
 	$@
 make %{_smp_mflags} LIBTOOL="$libtool"
 }
@@ -469,6 +476,8 @@ cp $RPM_SOURCE_DIR/migration-tools.txt TOOLS.migration
 
 # Create the data directory.
 mkdir -p $RPM_BUILD_ROOT/var/lib/ldap
+# Create the new run directory
+mkdir -p $RPM_BUILD_ROOT/var/run/openldap
 
 # Hack the build root out of the default config files.
 perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/*.conf
@@ -490,6 +499,12 @@ install -m644 \
 	$RPM_SOURCE_DIR/autofs.schema \
 	$RPM_BUILD_ROOT%{_sysconfdir}/openldap/schema/redhat/
 
+# Move slapd and slurpd out of _libdir
+mv $RPM_BUILD_ROOT/%{_libdir}/sl{apd,urpd} $RPM_BUILD_ROOT/%{_sbindir}/
+rm -f $RPM_BUILD_ROOT/%{_sbindir}/slap{acl,add,auth,cat,dn,index,passwd,test}
+rm -f $RPM_BUILD_ROOT/%{_libdir}/slap{acl,add,auth,cat,dn,index,passwd,test}
+for X in acl add auth cat dn index passwd test; do ln -s slapd $RPM_BUILD_ROOT/%{_sbindir}/slap$X ; done
+
 # Tweak permissions on the libraries to make sure they're correct.
 chmod 755 $RPM_BUILD_ROOT/%{_libdir}/lib*.so*
 chmod 644 $RPM_BUILD_ROOT/%{_libdir}/lib*.*a
@@ -499,8 +514,8 @@ rm -f $RPM_BUILD_ROOT/%{_datadir}/openldap/migration/*.{instdir,simple,schema,mk
 rm -f $RPM_BUILD_ROOT/%{_libdir}/*.la
 rm -f $RPM_BUILD_ROOT/%{evolution_connector_libdir}/*.la
 rm -f $RPM_BUILD_ROOT/%{evolution_connector_libdir}/*.so*
-rm -f $RPM_BUILD_ROOT/%{_sbindir}/openldap/*.a
-rm -f $RPM_BUILD_ROOT/%{_sbindir}/openldap/*.so
+rm -f $RPM_BUILD_ROOT/%{_libdir}/openldap/*.a
+rm -f $RPM_BUILD_ROOT/%{_libdir}/openldap/*.so
 
 rm -f $RPM_BUILD_ROOT/var/openldap-data/DB_CONFIG.example
 rmdir $RPM_BUILD_ROOT/var/openldap-slurp $RPM_BUILD_ROOT/var/openldap-data
@@ -528,6 +543,12 @@ fi
 %post servers
 /sbin/ldconfig
 /sbin/chkconfig --add ldap
+# If there's a /var/lib/ldap/upgrade.ldif file, slapadd it and delete it.
+# It was created by the uninstall of the previous version.
+if [ -f /var/lib/ldap/upgrade.ldif ] ; then
+	/sbin/runuser -f -m -s /bin/sh -c "/usr/sbin/slapadd" -- "ldap" < /var/lib/ldap/upgrade.ldif
+	rm /var/lib/ldap/upgrade.ldif
+fi
 exec > /dev/null 2> /dev/null
 if [ ! -f %{_sysconfdir}/pki/tls/certs/slapd.pem ] ; then
 pushd %{_sysconfdir}/pki/tls/certs
@@ -552,6 +573,17 @@ if [ "$1" = "0" ] ; then
 	/sbin/service ldap stop > /dev/null 2>&1 || :
 	/sbin/chkconfig --del ldap
 fi
+# Save an ldif of the database where the "% post servers" scriptlet can
+# restore it.  Also save the database files to a "rpmorig" directory
+# Just In Case (TM)
+if slapcat -l /dev/null > /dev/null 2>&1 ; then
+	/sbin/service ldap stop > /dev/null 2>&1 || :
+	/usr/sbin/slapcat -l /var/lib/ldap/upgrade.ldif
+	rm -fr /var/lib/ldap/rpmorig > /dev/null 2>&1 || :
+	mkdir /var/lib/ldap/rpmorig
+	mv /var/lib/ldap/{alock,*.bdb,__db.*,log.*} /var/lib/ldap/rpmorig > /dev/null 2>&1 || :
+	cp -f /var/lib/ldap/DB_CONFIG /var/lib/ldap/rpmorig > /dev/null 2>&1 || :
+fi
 
 %postun servers
 /sbin/ldconfig
@@ -613,6 +645,7 @@ fi
 %attr(0755,root,root) %dir %{_datadir}/openldap/ucdata
 %attr(0644,root,root) %dir %{_datadir}/openldap/ucdata/*
 %attr(0700,ldap,ldap) %dir /var/lib/ldap
+%attr(0755,ldap,ldap) %dir /var/run/openldap
 %attr(0755,root,root) %{_libdir}/libslapd_db-*.*.so
 %ifarch %{nptl_arches}
 %ifnarch %{ix86}
@@ -627,8 +660,9 @@ fi
 %defattr(-,root,root)
 %doc openldap-%{version_23}/servers/slapd/back-sql/docs/*
 %doc openldap-%{version_23}/servers/slapd/back-sql/rdbms_depend
-%attr(0755,root,root) %{_sbindir}/openldap/back_sql.la
-%attr(0755,root,root) %{_sbindir}/openldap/back_sql*.so.*
+%attr(0755,root,root) %{_libdir}/openldap
+%attr(0755,root,root) %{_libdir}/openldap/back_sql.la
+%attr(0755,root,root) %{_libdir}/openldap/back_sql*.so.*
 
 %files clients
 %defattr(-,root,root)
@@ -650,8 +684,33 @@ fi
 %attr(0644,root,root)      %{evolution_connector_libdir}/*.a
 
 %changelog
-* Tue Jan 10 2006 Jay Fenlason <fenlason@redhat.com> 2.3.16-2
-- Upgrade to 2.3.16, which upstream will consider stable soon
+* Tue Jan 10 2006 Jay Fenlason <fenlason@redhat.com> 2.3.19-2
+- Upgrade to 2.3.19, which upstream now considers stable
+- Modify the -config.patch, ldap.init, and this spec file to put the
+  pid file and args file in an ldap-owned openldap subdirectory under
+  /var/run.
+- Move back_sql* out of %{_sbindir}/openldap , which requires
+  hand-moving slapd and slurpd to _sbindir, and recreating symlinks
+  by hand.
+- Retire openldap-2.3.11-ads.patch, which went upstream.
+- Update the ldap.init script to run slaptest as the ldap user rather
+  than as root.  This solves
+  bz#150172 Startup failure after database problem
+- Add to the servers post and preun scriptlets so that on preun, the
+  database is slapcatted to /var/lib/ldap/upgrade.ldif and the
+  database files are saved to /var/lib/ldap/rpmorig.  On post, if
+  /var/lib/ldap/upgrade.ldif exists, it is slapadded.  This means that
+  on upgrades from 2.3.16-2 to higher versions, the database files may
+  be automatically upgraded.  Unfortunatly, because of the changes to
+  the preun scriptlet, users have to do the slapcat, etc by hand when
+  upgrading to 2.3.16-2.  Also note that the /var/lib/ldap/rpmorig
+  files need to be removed by hand because automatically removing your
+  emergency fallback files is a bad idea.
+- Upgrade internal bdb to db-4.4.20.  For a clean upgrade, this will
+  require that users slapcat their databases into a temp file, move
+  /var/lib/ldap someplace safe, upgrade the openldap rpms, then
+  slapadd the temp file.
+
 
 * Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
 - rebuilt
diff --git a/sources b/sources
index a0ed671..ac3510d 100644
--- a/sources
+++ b/sources
@@ -1,6 +1,6 @@
 5a9e617c1d5339d3c90c545c93e30949  autoconf-2.13.1.tar.gz
 0faee50993f7e4fe00f4b921b640b84d  automake-1.4a.tar.gz
-fcc481d52c3b80e20a328f8c0cb042bd  db-4.3.27.tar.gz
 6c4c72a1336aa45b463e738034c078d6  openldap-2.2.29.tgz
 dc80548f76d6aeba2b51b15751e08b21  MigrationTools-46.tar.gz
-adb793bea93db1a56840e5c0c7a647f2  openldap-2.3.16.tgz
+867ee197df0e4432fa00f2439e6094f6  openldap-2.3.19.tgz
+33851f01b455cca48aa601956de93c6f  db-4.4.20.tar.gz