diff --git a/.cvsignore b/.cvsignore index 748cb04..63a920c 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ -MigrationTools-24.tar.gz -openldap-1.2.11.tgz +MigrationTools-36.tar.gz +openldap-2.0.7.tgz diff --git a/MigrationTools-26-suffix.patch b/MigrationTools-26-suffix.patch new file mode 100644 index 0000000..4951a57 --- /dev/null +++ b/MigrationTools-26-suffix.patch @@ -0,0 +1,33 @@ +--- MigrationTools-26/migrate_all_online.sh.suffix Wed Oct 25 16:27:02 2000 ++++ MigrationTools-26/migrate_all_online.sh Wed Oct 25 16:30:11 2000 +@@ -179,5 +179,30 @@ + echo "Migrating netgroups (by host)..." + $PERL -I${INSTDIR} ${INSTDIR}migrate_netgroup_byhost.pl $ETC_NETGROUP >> $DB + ++# Try to add the top-level object, because it's usually missing. ++TYPE=`echo $LDAP_BASEDN | cut -f1 -d=` ++TOP=`echo $LDAP_BASEDN | cut -f1 -d, | cut -f2 -d=` ++CLASS=$TYPE ++if [ "$CLASS" = "dc" ] ; then ++ CLASS=domain ++elif [ "$CLASS" = "o" ] ; then ++ CLASS=organization ++elif [ "$CLASS" = "l" ] ; then ++ CLASS=locality ++elif [ "$CLASS" = "c" ] ; then ++ CLASS=country ++elif [ "$CLASS" = "nismapname" ] ; then ++ CLASS=nisMap ++elif [ "$CLASS" = "cn" ] ; then ++ CLASS=container ++fi ++ ++cat << EOF | $LDAPADD -h $LDAPHOST -D "$LDAP_BINDDN" -x -w "$LDAP_BINDCRED" ++dn: $LDAP_BASEDN ++$TYPE: $TOP ++objectClass: top ++objectClass: $CLASS ++EOF ++ + echo "Importing into LDAP..." + diff --git a/MigrationTools-27-simple.patch b/MigrationTools-27-simple.patch new file mode 100644 index 0000000..5031de9 --- /dev/null +++ b/MigrationTools-27-simple.patch @@ -0,0 +1,101 @@ +--- MigrationTools-27/migrate_all_online.sh.simple Tue Oct 31 17:01:24 2000 ++++ MigrationTools-27/migrate_all_online.sh Tue Oct 31 17:03:19 2000 +@@ -181,13 +181,11 @@ + + echo "Importing into LDAP..." + +- if [ -x /usr/sbin/slapadd ]; then +- $LDAPADD -x -h $LDAPHOST -D "$LDAP_BINDDN" -w "$LDAP_BINDCRED" -f $DB +- elif [ -x /usr/local/sbin/slapadd ]; then +- $LDAPADD -x -h $LDAPHOST -D "$LDAP_BINDDN" -w "$LDAP_BINDCRED" -f $DB +- else +- $LDAPADD -h $LDAPHOST -D "$LDAP_BINDDN" -w "$LDAP_BINDCRED" -f $DB +- fi ++if [ `basename $LDAPADD` = "slapadd" ]; then ++ $LDAPADD -h $LDAPHOST -D "$LDAP_BINDDN" -w "$LDAP_BINDCRED" $* -f $DB ++else ++ $LDAPADD -x -h $LDAPHOST -D "$LDAP_BINDDN" -w "$LDAP_BINDCRED" $* -f $DB ++fi + + if [ $? -ne 0 ]; then + echo "$LDAPADD: returned non-zero exit status" +--- MigrationTools-27/migrate_all_nis_online.sh.simple Tue Oct 31 17:01:24 2000 ++++ MigrationTools-27/migrate_all_nis_online.sh Tue Oct 31 17:02:51 2000 +@@ -71,7 +71,7 @@ + ypcat $DOMFLAG networks > $ETC_NETWORKS + #ypcat $DOMFLAG -k aliases > $ETC_ALIASES + +-. ${INSTDIR}migrate_all_online.sh ++. ${INSTDIR}migrate_all_online.sh $* + + rm -f $ETC_PASSWD + rm -f $ETC_GROUP +--- MigrationTools-27/migrate_all_offline.sh.simple Tue Oct 31 17:02:00 2000 ++++ MigrationTools-27/migrate_all_offline.sh Tue Oct 31 17:03:12 2000 +@@ -137,9 +137,9 @@ + $PERL -I${INSTDIR} ${INSTDIR}migrate_netgroup_byhost.pl $ETC_NETGROUP >> $DB + echo "Preparing LDAP database..." + if [ "X$SLAPADD" = "X" ]; then +- $LDIF2LDBM -i $DB ++ $LDIF2LDBM -i $DB $* + else +- $SLAPADD -l $DB ++ $SLAPADD -l $DB $* + fi + EXITCODE=$? + +--- MigrationTools-27/migrate_all_nis_offline.sh.simple Tue Oct 31 17:02:05 2000 ++++ MigrationTools-27/migrate_all_nis_offline.sh Tue Oct 31 17:02:49 2000 +@@ -71,7 +71,7 @@ + ypcat $DOMFLAG networks > $ETC_NETWORKS + #ypcat $DOMFLAG -k aliases > $ETC_ALIASES + +-. ${INSTDIR}migrate_all_offline.sh ++. ${INSTDIR}migrate_all_offline.sh $* + + rm -f $ETC_PASSWD + rm -f $ETC_GROUP +--- MigrationTools-27/migrate_all_nisplus_online.sh.simple Tue Oct 31 17:02:11 2000 ++++ MigrationTools-27/migrate_all_nisplus_online.sh Tue Oct 31 17:02:59 2000 +@@ -62,7 +62,7 @@ + niscat networks.org_dir > $ETC_NETWORKS + niscat mail_aliases.org_dir > $ETC_ALIASES + +-. ${INSTDIR}migrate_all_online.sh ++. ${INSTDIR}migrate_all_online.sh $* + + rm -f $ETC_PASSWD + rm -f $ETC_GROUP +--- MigrationTools-27/migrate_all_netinfo_online.sh.simple Tue Oct 31 17:02:17 2000 ++++ MigrationTools-27/migrate_all_netinfo_online.sh Tue Oct 31 17:02:46 2000 +@@ -69,7 +69,7 @@ + nidump networks $DOM > $ETC_NETWORKS + nidump aliases $DOM > $ETC_ALIASES + +-. ${INSTDIR}migrate_all_online.sh ++. ${INSTDIR}migrate_all_online.sh $* + + rm -f $ETC_PASSWD + rm -f $ETC_GROUP +--- MigrationTools-27/migrate_all_netinfo_offline.sh.simple Tue Oct 31 17:02:22 2000 ++++ MigrationTools-27/migrate_all_netinfo_offline.sh Tue Oct 31 17:02:43 2000 +@@ -69,7 +69,7 @@ + nidump networks $DOM > $ETC_NETWORKS + nidump aliases $DOM > $ETC_ALIASES + +-. ${INSTDIR}migrate_all_offline.sh ++. ${INSTDIR}migrate_all_offline.sh $* + + rm -f $ETC_PASSWD + rm -f $ETC_GROUP +--- MigrationTools-27/migrate_all_nisplus_offline.sh.simple Tue Oct 31 17:02:27 2000 ++++ MigrationTools-27/migrate_all_nisplus_offline.sh Tue Oct 31 17:02:56 2000 +@@ -62,7 +62,7 @@ + niscat networks.org_dir > $ETC_NETWORKS + niscat mail_aliases.org_dir > $ETC_ALIASES + +-. ${INSTDIR}migrate_all_offline.sh ++. ${INSTDIR}migrate_all_offline.sh $* + + rm -f $ETC_PASSWD + rm -f $ETC_GROUP diff --git a/MigrationTools-36-mktemp.patch b/MigrationTools-36-mktemp.patch new file mode 100644 index 0000000..1961855 --- /dev/null +++ b/MigrationTools-36-mktemp.patch @@ -0,0 +1,188 @@ +--- MigrationTools-36/migrate_all_netinfo_offline.sh.mktemp Mon Feb 5 11:39:14 2001 ++++ MigrationTools-36/migrate_all_netinfo_offline.sh Mon Feb 5 11:39:14 2001 +@@ -41,15 +41,15 @@ + INSTDIR=/usr/share/openldap/migration/ + + TMPDIR="/tmp" +-ETC_PASSWD="$TMPDIR/passwd.$$.ldap" +-ETC_GROUP="$TMPDIR/group.$$.ldap" +-ETC_SERVICES="$TMPDIR/services.$$.ldap" +-ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" +-ETC_FSTAB="$TMPDIR/fstab.$$.ldap" +-ETC_RPC="$TMPDIR/rpc.$$.ldap" +-ETC_HOSTS="$TMPDIR/hosts.$$.ldap" +-ETC_NETWORKS="$TMPDIR/networks.$$.ldap" +-ETC_ALIASES="$TMPDIR/aliases.$$.ldap" ++ETC_PASSWD=`mktemp $TMPDIR/passwd.ldap.XXXXXX` ++ETC_GROUP=`mktemp $TMPDIR/group.ldap.XXXXXX` ++ETC_SERVICES=`mktemp $TMPDIR/services.ldap.XXXXXX` ++ETC_PROTOCOLS=`mktemp $TMPDIR/protocols.ldap.XXXXXX` ++ETC_FSTAB=`mktemp $TMPDIR/fstab.ldap.XXXXXX` ++ETC_RPC=`mktemp $TMPDIR/rpc.ldap.XXXXXX` ++ETC_HOSTS=`mktemp $TMPDIR/hosts.ldap.XXXXXX` ++ETC_NETWORKS=`mktemp $TMPDIR/networks.ldap.XXXXXX` ++ETC_ALIASES=`mktemp $TMPDIR/aliases.ldap.XXXXXX` + EXIT=no + + question="Enter the NetInfo domain to import from [/]:" +--- MigrationTools-36/migrate_all_netinfo_online.sh.mktemp Mon Feb 5 11:39:14 2001 ++++ MigrationTools-36/migrate_all_netinfo_online.sh Mon Feb 5 11:39:14 2001 +@@ -41,15 +41,15 @@ + INSTDIR=/usr/share/openldap/migration/ + + TMPDIR="/tmp" +-ETC_PASSWD="$TMPDIR/passwd.$$.ldap" +-ETC_GROUP="$TMPDIR/group.$$.ldap" +-ETC_SERVICES="$TMPDIR/services.$$.ldap" +-ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" +-ETC_FSTAB="$TMPDIR/fstab.$$.ldap" +-ETC_RPC="$TMPDIR/rpc.$$.ldap" +-ETC_HOSTS="$TMPDIR/hosts.$$.ldap" +-ETC_NETWORKS="$TMPDIR/networks.$$.ldap" +-ETC_ALIASES="$TMPDIR/aliases.$$.ldap" ++ETC_PASSWD=`mktemp $TMPDIR/passwd.ldap.XXXXXX` ++ETC_GROUP=`mktemp $TMPDIR/group.ldap.XXXXXX` ++ETC_SERVICES=`mktemp $TMPDIR/services.ldap.XXXXXX` ++ETC_PROTOCOLS=`mktemp $TMPDIR/protocols.ldap.XXXXXX` ++ETC_FSTAB=`mktemp $TMPDIR/fstab.ldap.XXXXXX` ++ETC_RPC=`mktemp $TMPDIR/rpc.ldap.XXXXXX` ++ETC_HOSTS=`mktemp $TMPDIR/hosts.ldap.XXXXXX` ++ETC_NETWORKS=`mktemp $TMPDIR/networks.ldap.XXXXXX` ++ETC_ALIASES=`mktemp $TMPDIR/aliases.ldap.XXXXXX` + EXIT=no + + question="Enter the NetInfo domain to import from [/]:" +--- MigrationTools-36/migrate_all_nisplus_offline.sh.mktemp Mon Feb 5 11:39:14 2001 ++++ MigrationTools-36/migrate_all_nisplus_offline.sh Mon Feb 5 11:43:23 2001 +@@ -41,16 +41,16 @@ + INSTDIR=/usr/share/openldap/migration/ + + TMPDIR="/tmp" +-ETC_PASSWD="$TMPDIR/passwd.$$.ldap" +-ETC_GROUP="$TMPDIR/group.$$.ldap" +-ETC_SERVICES="$TMPDIR/services.$$.ldap" +-ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" +-ETC_FSTAB="$TMPDIR/fstab.$$.ldap" +-ETC_RPC="$TMPDIR/rpc.$$.ldap" +-ETC_HOSTS="$TMPDIR/hosts.$$.ldap" +-ETC_NETWORKS="$TMPDIR/networks.$$.ldap" +-ETC_NETGROUP="$TMPDIR/netgroup.$$.ldap" +-ETC_ALIASES="$TMPDIR/aliases.$$.ldap" ++ETC_PASSWD=`mktemp $TMPDIR/passwd.ldap.XXXXXX` ++ETC_GROUP=`mktemp $TMPDIR/group.ldap.XXXXXX` ++ETC_SERVICES=`mktemp $TMPDIR/services.ldap.XXXXXX` ++ETC_PROTOCOLS=`mktemp $TMPDIR/protocols.ldap.XXXXXX` ++ETC_FSTAB=`mktemp $TMPDIR/fstab.ldap.XXXXXX` ++ETC_RPC=`mktemp $TMPDIR/rpc.ldap.XXXXXX` ++ETC_HOSTS=`mktemp $TMPDIR/hosts.ldap.XXXXXX` ++ETC_NETWORKS=`mktemp $TMPDIR/networks.ldap.XXXXXX` ++ETC_NETGROUP=`mktemp $TMPDIR/netgroup.ldap.XXXXXX` ++ETC_ALIASES=`mktemp $TMPDIR/aliases.ldap.XXXXXX` + EXIT=no + + question="Enter the NIS+ domain to import from (optional): " +--- MigrationTools-36/migrate_all_nisplus_online.sh.mktemp Mon Feb 5 11:39:14 2001 ++++ MigrationTools-36/migrate_all_nisplus_online.sh Mon Feb 5 11:45:18 2001 +@@ -41,16 +41,16 @@ + INSTDIR=/usr/share/openldap/migration/ + + TMPDIR="/tmp" +-ETC_PASSWD="$TMPDIR/passwd.$$.ldap" +-ETC_GROUP="$TMPDIR/group.$$.ldap" +-ETC_SERVICES="$TMPDIR/services.$$.ldap" +-ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" +-ETC_FSTAB="$TMPDIR/fstab.$$.ldap" +-ETC_RPC="$TMPDIR/rpc.$$.ldap" +-ETC_HOSTS="$TMPDIR/hosts.$$.ldap" +-ETC_NETWORKS="$TMPDIR/networks.$$.ldap" +-ETC_NETGROUP="$TMPDIR/netgroup.$$.ldap" +-ETC_ALIASES="$TMPDIR/aliases.$$.ldap" ++ETC_PASSWD=`mktemp $TMPDIR/passwd.ldap.XXXXXX` ++ETC_GROUP=`mktemp $TMPDIR/group.ldap.XXXXXX` ++ETC_SERVICES=`mktemp $TMPDIR/services.ldap.XXXXXX` ++ETC_PROTOCOLS=`mktemp $TMPDIR/protocols.ldap.XXXXXX` ++ETC_FSTAB=`mktemp $TMPDIR/fstab.ldap.XXXXXX` ++ETC_RPC=`mktemp $TMPDIR/rpc.ldap.XXXXXX` ++ETC_HOSTS=`mktemp $TMPDIR/hosts.ldap.XXXXXX` ++ETC_NETWORKS=`mktemp $TMPDIR/networks.ldap.XXXXXX` ++ETC_NETGROUP=`mktemp $TMPDIR/netgroup.ldap.XXXXXX` ++ETC_ALIASES=`mktemp $TMPDIR/aliases.ldap.XXXXXX` + EXIT=no + + question="Enter the NIS+ domain to import from (optional): " +--- MigrationTools-36/migrate_all_offline.sh.mktemp Mon Feb 5 11:39:14 2001 ++++ MigrationTools-36/migrate_all_offline.sh Mon Feb 5 11:39:14 2001 +@@ -42,7 +42,7 @@ + # + + INSTDIR=/usr/share/openldap/migration/ +-DB="/tmp/nis.$$.ldif" ++DB=`mktemp /tmp/nis.ldif.XXXXXX` + + if [ "X$ETC_ALIASES" = "X" ]; then + ETC_ALIASES=/etc/aliases +--- MigrationTools-36/migrate_all_online.sh.mktemp Mon Feb 5 11:39:14 2001 ++++ MigrationTools-36/migrate_all_online.sh Mon Feb 5 11:39:14 2001 +@@ -40,7 +40,7 @@ + + INSTDIR=/usr/share/openldap/migration/ + +-DB=/tmp/nis.$$.ldif ++DB=`mktemp /tmp/nis.ldif.XXXXXX` + + if [ "X$ETC_ALIASES" = "X" ]; then + ETC_ALIASES=/etc/aliases +--- MigrationTools-36/migrate_all_nis_offline.sh.mktemp Mon Feb 5 11:39:14 2001 ++++ MigrationTools-36/migrate_all_nis_offline.sh Mon Feb 5 11:39:14 2001 +@@ -41,15 +41,15 @@ + INSTDIR=/usr/share/openldap/migration/ + + TMPDIR="/tmp" +-ETC_PASSWD="$TMPDIR/passwd.$$.ldap" +-ETC_GROUP="$TMPDIR/group.$$.ldap" +-ETC_SERVICES="$TMPDIR/services.$$.ldap" +-ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" +-ETC_FSTAB="$TMPDIR/fstab.$$.ldap" +-ETC_RPC="$TMPDIR/rpc.$$.ldap" +-ETC_HOSTS="$TMPDIR/hosts.$$.ldap" +-ETC_NETWORKS="$TMPDIR/networks.$$.ldap" +-ETC_ALIASES="$TMPDIR/aliases.$$.ldap" ++ETC_PASSWD=`mktemp $TMPDIR/passwd.ldap.XXXXXX` ++ETC_GROUP=`mktemp $TMPDIR/group.ldap.XXXXXX` ++ETC_SERVICES=`mktemp $TMPDIR/services.ldap.XXXXXX` ++ETC_PROTOCOLS=`mktemp $TMPDIR/protocols.ldap.XXXXXX` ++ETC_FSTAB=`mktemp $TMPDIR/fstab.ldap.XXXXXX` ++ETC_RPC=`mktemp $TMPDIR/rpc.ldap.XXXXXX` ++ETC_HOSTS=`mktemp $TMPDIR/hosts.ldap.XXXXXX` ++ETC_NETWORKS=`mktemp $TMPDIR/networks.ldap.XXXXXX` ++ETC_ALIASES=`mktemp $TMPDIR/aliases.ldap.XXXXXX` + EXIT=no + + question="Enter the NIS domain to import from (optional): " +--- MigrationTools-36/migrate_all_nis_online.sh.mktemp Mon Feb 5 11:39:14 2001 ++++ MigrationTools-36/migrate_all_nis_online.sh Mon Feb 5 11:39:14 2001 +@@ -41,15 +41,15 @@ + INSTDIR=/usr/share/openldap/migration/ + + TMPDIR="/tmp" +-ETC_PASSWD="$TMPDIR/passwd.$$.ldap" +-ETC_GROUP="$TMPDIR/group.$$.ldap" +-ETC_SERVICES="$TMPDIR/services.$$.ldap" +-ETC_PROTOCOLS="$TMPDIR/protocols.$$.ldap" +-ETC_FSTAB="$TMPDIR/fstab.$$.ldap" +-ETC_RPC="$TMPDIR/rpc.$$.ldap" +-ETC_HOSTS="$TMPDIR/hosts.$$.ldap" +-ETC_NETWORKS="$TMPDIR/networks.$$.ldap" +-ETC_ALIASES="$TMPDIR/aliases.$$.ldap" ++ETC_PASSWD=`mktemp $TMPDIR/passwd.ldap.XXXXXX` ++ETC_GROUP=`mktemp $TMPDIR/group.ldap.XXXXXX` ++ETC_SERVICES=`mktemp $TMPDIR/services.ldap.XXXXXX` ++ETC_PROTOCOLS=`mktemp $TMPDIR/protocols.ldap.XXXXXX` ++ETC_FSTAB=`mktemp $TMPDIR/fstab.ldap.XXXXXX` ++ETC_RPC=`mktemp $TMPDIR/rpc.ldap.XXXXXX` ++ETC_HOSTS=`mktemp $TMPDIR/hosts.ldap.XXXXXX` ++ETC_NETWORKS=`mktemp $TMPDIR/networks.ldap.XXXXXX` ++ETC_ALIASES=`mktemp $TMPDIR/aliases.ldap.XXXXXX` + EXIT=no + + question="Enter the NIS domain to import from (optional): " diff --git a/README.upgrading b/README.upgrading new file mode 100644 index 0000000..52abea3 --- /dev/null +++ b/README.upgrading @@ -0,0 +1,15 @@ +The OpenLDAP on-disk format has changed between the 1.2.x and 2.0.x releases. + +You will very likely need to dump out your directory to a text file using +"ldbmcat -n" before upgrading and re-import the entries into the new format +using "slapadd" after the upgrade. + +Because schema checking is now available and enabled by default, some entries +may not import cleanly. In particular, if you have used previous versions of +the migration scripts, some of the entries (particularly oncRpc objects) may +be missing "description" attributes which are now required by the schema. + +If this is the case, you will need to either edit the LDIF files prior to +importing them, or add "schemacheck off" to your new slapd.conf file to disable +schema checking while the entries are being imported. (Disabling schema +checking on your server is strongly discouraged, however.) diff --git a/autofs.schema b/autofs.schema new file mode 100644 index 0000000..d8af6f4 --- /dev/null +++ b/autofs.schema @@ -0,0 +1,23 @@ +# Depends upon core.schema and cosine.schema + +# OID Base is 1.3.6.1.4.1.2312.4 +# +# Attribute types are under 1.3.6.1.4.1.2312.4.1 +# Object classes are under 1.3.6.1.4.1.2312.4.2 +# Syntaxes are under 1.3.6.1.4.1.2312.4.3 + +# Attribute Type Definitions + +attributetype ( 1.3.6.1.1.1.1.25 NAME 'automountInformation' + DESC 'Information used by the autofs automounter' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +objectclass ( 1.3.6.1.1.1.1.13 NAME 'automount' SUP top STRUCTURAL + DESC 'An entry in an automounter map' + MUST ( cn $ automountInformation ) + MAY ( description ) ) + +objectclass ( 1.3.6.1.4.1.2312.4.2.2 NAME 'automountMap' SUP top STRUCTURAL + DESC 'An group of related automount objects' + MUST ( ou ) ) diff --git a/ldap.init b/ldap.init index 6cbdfea..652ee93 100644 --- a/ldap.init +++ b/ldap.init @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # # ldap This shell script takes care of starting and stopping # ldap servers (slapd and slurpd). @@ -19,6 +19,11 @@ if [ -r /etc/sysconfig/network ] ; then [ ${NETWORKING} = "no" ] && exit 0 fi +# Source an auxiliary options file if we have one, and pick up OPTIONS, +# SLAPD_OPTIONS, and SLURPD_OPTIONS. +if [ -r /etc/sysconfig/ldap ] ; then + . /etc/sysconfig/ldap +fi slapd=/usr/sbin/slapd slurpd=/usr/sbin/slurpd @@ -29,14 +34,19 @@ RETVAL=0 function start() { # Start daemons. - echo -n "Starting slapd:" - daemon ${slapd} - RETVAL=$? + echo -n $"Starting slapd: " + if grep -q ^TLS /etc/openldap/slapd.conf ; then + daemon ${slapd} -u ldap -h '"ldap:/// ldaps:///"' $OPTIONS $SLAPD_OPTIONS + RETVAL=$? + else + daemon ${slapd} -u ldap $OPTIONS $SLAPD_OPTIONS + RETVAL=$? + fi echo if [ $RETVAL -eq 0 ]; then if grep -q "^replogfile" /etc/openldap/slapd.conf; then - echo -n "Starting slurpd:" - daemon ${slurpd} + echo -n $"Starting slurpd: " + daemon ${slurpd} $OPTIONS $SLURPD_OPTIONS RETVAL=$? echo fi @@ -47,16 +57,18 @@ function start() { function stop() { # Stop daemons. - echo -n "Shutting down ldap: " + echo -n $"Stopping slapd: " killproc ${slapd} RETVAL=$? + echo if [ $RETVAL -eq 0 ]; then if grep -q "^replogfile" /etc/openldap/slapd.conf; then + echo -n $"Stopping slurpd: " killproc ${slurpd} RETVAL=$? + echo fi fi - echo [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/ldap /var/run/slapd.args return $RETVAL } @@ -96,7 +108,7 @@ case "$1" in fi ;; *) - echo "Usage: $0 start|stop|restart|status|condrestart}" + echo $"Usage: $0 {start|stop|restart|status|condrestart}" RETVAL=1 esac diff --git a/openldap.spec b/openldap.spec index b73b0e4..c62f75c 100644 --- a/openldap.spec +++ b/openldap.spec @@ -1,8 +1,9 @@ -%define migtools_ver 24 -Summary: LDAP servers, libraries, utilities, tools and sample clients. +%define migtools_ver 36 +%define __libtoolize echo +Summary: The configuration files, libraries and documentation for OpenLDAP. Name: openldap -Version: 1.2.11 -Release: 16 +Version: 2.0.7 +Release: 14 License: OpenLDAP Group: System Environment/Daemons Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz @@ -10,18 +11,27 @@ Source1: ldap.init Source2: ftp://ftp.padl.com/pub/MigrationTools-%{migtools_ver}.tar.gz Source3: migration-tools.txt Source4: migrate_automount.pl -Patch0: openldap-1.2.11-config.patch -Patch1: openldap-1.2.11-redhat.patch -Patch2: openldap-1.2.10-ldapuser.patch -Patch3: MigrationTools-24-instdir.patch -Patch4: openldap-1.2.11-pidfile.patch -Patch5: MigrationTools-24-mktemp.patch -Patch6: openldap-1.2.11-syslog.patch -Patch7: openldap-1.2.11-cldap.patch +Source5: rfc822-MailMember.schema +Source6: autofs.schema +Source7: kerberosobject.schema +Source8: README.upgrading +Source9: README.sendbuf +Patch0: openldap-2.0.7-config.patch +Patch1: openldap-2.0.3-redhat.patch +Patch2: openldap-1.2.11-cldap.patch +Patch3: openldap-2.0.3-syslog.patch +Patch4: openldap-2.0.3-krb5-1.1.patch +Patch5: openldap-2.0.1-fast.patch +Patch6: openldap-2.0.7-norbert.patch +Patch7: openldap-2.0.7-sendbuf.patch +Patch8: MigrationTools-34-instdir.patch +Patch9: MigrationTools-36-mktemp.patch +Patch10: MigrationTools-27-simple.patch +Patch11: MigrationTools-26-suffix.patch +Patch12: MigrationTools-24-schema.patch URL: http://www.openldap.org/ BuildRoot: %{_tmppath}/%{name}-root -BuildPreReq: autoconf, gdbm-devel -Prereq: /etc/init.d +BuildPreReq: autoconf, cyrus-sasl-devel, gdbm-devel, krb5-devel, openssl-devel, perl Requires: mktemp, gdbm %description @@ -30,11 +40,8 @@ Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated -over the Internet. The suite includes a stand-alone LDAP server -(slapd), a stand-alone LDAP replication server (slurpd), libraries for -implementing the LDAP protocol, utilities, tools, and sample clients. - -Install openldap if you need LDAP applications and tools. +over the Internet. The openldap package contains configuration files, +libraries and documentation for OpenLDAP. %package devel Summary: OpenLDAP development libraries and header files. @@ -50,8 +57,8 @@ this package only if you plan to develop or will need to compile customized LDAP clients. %package servers -Summary: LDAP servers, libraries, utilities, tools and sample clients. -Prereq: openldap = %{version}-%{release} +Summary: OpenLDAP servers and related files. +Prereq: fileutils, openldap = %{version}-%{release}, /usr/sbin/useradd Group: System Environment/Daemons %description servers @@ -60,14 +67,11 @@ Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated -over the Internet. The suite includes a stand-alone LDAP server -(slapd), a stand-alone LDAP replication server (slurpd), libraries for -implementing the LDAP protocol, utilities, tools, and sample clients. - -Install openldap if you need LDAP applications and tools. +over the Internet. This package contains the slapd and slurpd servers, +migration scripts and related files. %package clients -Summary: LDAP servers, libraries, utilities, tools and sample clients. +Summary: Client programs for OpenLDAP. Prereq: openldap = %{version}-%{release} Group: Applications/Internet @@ -77,33 +81,51 @@ Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated -over the Internet. The suite includes a stand-alone LDAP server -(slapd), a stand-alone LDAP replication server (slurpd), libraries for -implementing the LDAP protocol, utilities, tools, and sample clients. - -Install openldap if you need LDAP applications and tools. +over the Internet. The openldap-clients package contains the client +programs needed for accessing and modifying OpenLDAP directories. %prep %setup -q -a 2 %patch0 -p1 -b .config %patch1 -p1 -b .redhat -%patch2 -p1 -b .ldapuser -%patch3 -p1 -b .instdir -%patch4 -p1 -b .pidfile -%patch5 -p0 -b .mktemp -%patch6 -p1 -b .syslog -%patch7 -p1 -b .cldap +%patch2 -p1 -b .cldap +%patch3 -p1 -b .syslog +%patch4 -p1 -b .krb5-1.1 +%patch5 -p1 -b .fast +%patch6 -p1 -b .norbert +%patch7 -p1 -b .sendbuf +pushd MigrationTools-%{migtools_ver} +%patch8 -p1 -b .instdir +%patch9 -p1 -b .mktemp +%patch10 -p1 -b .simple +%patch11 -p1 -b .suffix +%patch12 -p2 -b .schema +popd +autoheader autoconf %build CPPFLAGS="-I/usr/kerberos/include"; export CPPFLAGS -CFLAGS="$RPM_OPT_FLAGS -D_REENTRANT -fPIC"; export CFLAGS +CFLAGS="$CPPFLAGS $RPM_OPT_FLAGS -D_REENTRANT -fPIC"; export CFLAGS LDFLAGS="-L/usr/kerberos/lib"; export LDFLAGS configure_flags=' --with-ldbm-api=gdbm + --enable-shell + --enable-cldap --disable-rlookups - --enable-passwd --with-kerberos - --enable-shell --enable-wrappers + + --with-kerberos=k5 + --enable-kbind + --with-tls + --with-cyrus-sasl + + --enable-wrappers + + --enable-cleartext + --enable-crypt + --enable-kpasswd + --enable-spasswd + --datadir=%{_datadir}/openldap --libexecdir=%{_sbindir} --localstatedir=%{_var}/run' @@ -147,9 +169,27 @@ install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_datadir}/openldap/migration cp MigrationTools-%{migtools_ver}/README README.migration cp %{SOURCE3} TOOLS.migration +# try to build saucer, but don't fret if we can't +if make -C contrib/saucer ; then + install -m755 contrib/saucer/saucer $RPM_BUILD_ROOT%{_bindir}/ + install -m644 contrib/saucer/saucer.1 $RPM_BUILD_ROOT%{_mandir}/man1/ +fi + # create the data directory mkdir -p $RPM_BUILD_ROOT/var/lib/ldap +# get the buildroot out of the man pages +perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/*/*.* + +# if ldapadd and ldapmodify are the same, make them a hard link +if cmp $RPM_BUILD_ROOT%{_bindir}/ldapadd $RPM_BUILD_ROOT%{_bindir}/ldapmodify ; then + ln -f $RPM_BUILD_ROOT%{_bindir}/ldapadd $RPM_BUILD_ROOT%{_bindir}/ldapmodify +fi + +# add some more schema for the sake of migration scripts +install -d -m755 $RPM_BUILD_ROOT%{_sysconfdir}/openldap/schema/redhat +install -m644 %{SOURCE5} %{SOURCE6} %{SOURCE7} $RPM_BUILD_ROOT%{_sysconfdir}/openldap/schema/redhat/ + %clean rm -rf $RPM_BUILD_ROOT @@ -157,6 +197,19 @@ rm -rf $RPM_BUILD_ROOT %postun -p /sbin/ldconfig +%pre servers +# Take care to only do ownership-changing if we're adding the user. +if /usr/sbin/useradd -c "LDAP User" -u 55 \ + -s /bin/false -r -d /var/lib/ldap ldap 2> /dev/null ; then + if [ -d /var/lib/ldap ] ; then + for dbfile in /var/lib/ldap/* ; do + if [ -f $dbfile ] ; then + chown ldap.ldap $dbfile + fi + done + fi +fi + %post servers /sbin/chkconfig --add ldap @@ -174,7 +227,7 @@ fi %files %defattr(-,root,root) -%doc ANNOUNCEMENT CHANGES COPYRIGHT LICENSE README +%doc ANNOUNCEMENT CHANGES COPYRIGHT LICENSE README doc/rfc %attr(0755,root,root) %dir /etc/openldap %attr(0644,root,root) %config /etc/openldap/ldap*.conf %attr(0755,root,root) %{_libdir}/lib*.so.* @@ -185,8 +238,13 @@ fi %files servers %defattr(-,root,root) %doc README.migration TOOLS.migration +%doc $RPM_SOURCE_DIR/README.upgrading $RPM_SOURCE_DIR/README.sendbuf %attr(0755,root,root) %config /etc/rc.d/init.d/ldap -%attr(0600,root,root) %config /etc/openldap/sl*.conf +%attr(0600,ldap,ldap) %config /etc/openldap/slapd.conf +%attr(0755,root,root) %dir /etc/openldap/schema +%attr(0644,root,root) %config /etc/openldap/schema/*.schema* +%attr(0755,root,root) %dir /etc/openldap/schema/redhat +%attr(0644,root,root) %config /etc/openldap/schema/redhat/*.schema* %attr(0755,root,root) %{_sbindir}/* %attr(0644,root,root) %{_mandir}/man8/* %attr(0644,root,root) %{_datadir}/openldap/*.help @@ -196,7 +254,7 @@ fi %attr(0755,root,root) %{_datadir}/openldap/migration/*.pl %attr(0755,root,root) %{_datadir}/openldap/migration/*.sh %attr(0644,root,root) %{_datadir}/openldap/migration/*.txt -%attr(0700,root,root) %dir /var/lib/ldap +%attr(0700,ldap,ldap) %dir /var/lib/ldap %files clients %defattr(-,root,root) @@ -205,15 +263,118 @@ fi %files devel %defattr(-,root,root) -%doc doc/devel/README doc/devel/guidelines doc/devel/todo doc/rfc/*.txt +%doc doc/drafts %attr(0755,root,root) %{_libdir}/lib*.so %attr(0644,root,root) %{_libdir}/lib*.a %attr(0644,root,root) %{_includedir}/* %attr(0644,root,root) %{_mandir}/man3/* %changelog -* Mon Oct 23 2000 Nalin Dahyabhai -- build with -fPIC everywhere +* Fri Mar 2 2001 Nalin Dahyabhai +- rebuild in new environment + +* Thu Feb 8 2001 Nalin Dahyabhai +- back out pidfile patches, which interact weirdly with Linux threads +- mark non-standard schema as such by moving them to a different directory + +* Mon Feb 5 2001 Nalin Dahyabhai +- update to MigrationTools 36, adds netgroup support + +* Fri Jan 29 2001 Nalin Dahyabhai +- fix thinko in that last patch + +* Thu Jan 25 2001 Nalin Dahyabhai +- try to work around some buffering problems + +* Tue Jan 23 2001 Nalin Dahyabhai +- gettextize the init script + +* Thu Jan 18 2001 Nalin Dahyabhai +- gettextize the init script + +* Fri Jan 12 2001 Nalin Dahyabhai +- move the RFCs to the base package (#21701) +- update to MigrationTools 34 + +* Wed Jan 10 2001 Nalin Dahyabhai +- add support for additional OPTIONS, SLAPD_OPTIONS, and SLURPD_OPTIONS in + a /etc/sysconfig/ldap file (#23549) + +* Fri Dec 29 2000 Nalin Dahyabhai +- change automount object OID from 1.3.6.1.1.1.2.9 to 1.3.6.1.1.1.2.13, + per mail from the ldap-nis mailing list + +* Tue Dec 5 2000 Nalin Dahyabhai +- force -fPIC so that shared libraries don't fall over + +* Mon Dec 4 2000 Nalin Dahyabhai +- add Norbert Klasen's patch (via Del) to fix searches using ldaps URLs + (OpenLDAP ITS #889) +- add "-h ldaps:///" to server init when TLS is enabled, in order to support + ldaps in addition to the regular STARTTLS (suggested by Del) + +* Mon Nov 27 2000 Nalin Dahyabhai +- correct mismatched-dn-cn bug in migrate_automount.pl + +* Mon Nov 20 2000 Nalin Dahyabhai +- update to the correct OIDs for automount and automountInformation +- add notes on upgrading + +* Tue Nov 7 2000 Nalin Dahyabhai +- update to 2.0.7 +- drop chdir patch (went mainstream) + +* Thu Nov 2 2000 Nalin Dahyabhai +- change automount object classes from auxiliary to structural + +* Tue Oct 31 2000 Nalin Dahyabhai +- update to Migration Tools 27 +- change the sense of the last simple patch + +* Wed Oct 25 2000 Nalin Dahyabhai +- reorganize the patch list to separate MigrationTools and OpenLDAP patches +- switch to Luke Howard's rfc822MailMember schema instead of the aliases.schema +- configure slapd to run as the non-root user "ldap" (#19370) +- chdir() before chroot() (we don't use chroot, though) (#19369) +- disable saving of the pid file because the parent thread which saves it and + the child thread which listens have different pids + +* Wed Oct 11 2000 Nalin Dahyabhai +- add missing required attributes to conversion scripts to comply with schema +- add schema for mail aliases, autofs, and kerberosSecurityObject rooted in + our own OID tree to define attributes and classes migration scripts expect +- tweak automounter migration script + +* Mon Oct 9 2000 Nalin Dahyabhai +- try adding the suffix first when doing online migrations +- force ldapadd to use simple authentication in migration scripts +- add indexing of a few attributes to the default configuration +- add commented-out section on using TLS to default configuration + +* Thu Oct 5 2000 Nalin Dahyabhai +- update to 2.0.6 +- add buildprereq on cyrus-sasl-devel, krb5-devel, openssl-devel +- take the -s flag off of slapadd invocations in migration tools +- add the cosine.schema to the default server config, needed by inetorgperson + +* Wed Oct 4 2000 Nalin Dahyabhai +- add the nis.schema and inetorgperson.schema to the default server config +- make ldapadd a hard link to ldapmodify because they're identical binaries + +* Fri Sep 22 2000 Nalin Dahyabhai +- update to 2.0.4 + +* Fri Sep 15 2000 Nalin Dahyabhai +- remove prereq on /etc/init.d (#17531) +- update to 2.0.3 +- add saucer to the included clients + +* Wed Sep 6 2000 Nalin Dahyabhai +- update to 2.0.1 + +* Fri Sep 1 2000 Nalin Dahyabhai +- update to 2.0.0 +- patch to build against MIT Kerberos 1.1 and later instead of 1.0.x * Tue Aug 22 2000 Nalin Dahyabhai - remove that pesky default password diff --git a/sources b/sources index 98316c6..5c38581 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -15562512bd557c0513799ccce86eb9f6 MigrationTools-24.tar.gz -ac469c0fe66ece3893e96182f14b7886 openldap-1.2.11.tgz +54b1a5493cf7514970c47d3e0f42fc8c MigrationTools-36.tar.gz +e772449b0fcc64dc4e7bf20c2853dd10 openldap-2.0.7.tgz