diff options
Diffstat (limited to 'net-nds/openldap')
-rw-r--r-- | net-nds/openldap/ChangeLog | 9 | ||||
-rw-r--r-- | net-nds/openldap/files/digest-openldap-2.4.7 | 3 | ||||
-rw-r--r-- | net-nds/openldap/files/openldap-2.4-disable-bdb46.patch | 448 | ||||
-rw-r--r-- | net-nds/openldap/files/openldap-2.4-ppolicy.patch | 13 | ||||
-rw-r--r-- | net-nds/openldap/openldap-2.4.7.ebuild | 342 |
5 files changed, 814 insertions, 1 deletions
diff --git a/net-nds/openldap/ChangeLog b/net-nds/openldap/ChangeLog index 6c8ae9b51c9e..6b7c399348ff 100644 --- a/net-nds/openldap/ChangeLog +++ b/net-nds/openldap/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-nds/openldap # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.306 2008/01/10 14:41:16 armin76 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.307 2008/01/13 21:24:57 jokey Exp $ + +*openldap-2.4.7 (13 Jan 2008) + + 13 Jan 2008; Markus Ullmann <jokey@gentoo.org> + +files/openldap-2.4-disable-bdb46.patch, + +files/openldap-2.4-ppolicy.patch, +openldap-2.4.7.ebuild: + Version bump to new 2.4 series 10 Jan 2008; Raúl Porcel <armin76@gentoo.org> openldap-2.3.39-r2.ebuild: alpha/ia64 stable wrt #201690 diff --git a/net-nds/openldap/files/digest-openldap-2.4.7 b/net-nds/openldap/files/digest-openldap-2.4.7 new file mode 100644 index 000000000000..545af91e97c2 --- /dev/null +++ b/net-nds/openldap/files/digest-openldap-2.4.7 @@ -0,0 +1,3 @@ +MD5 4738ccb79215c027b857a6ea56e7351d openldap-2.4.7.tgz 4217144 +RMD160 22942db03c278c941de8f00a99f251d378b34bd8 openldap-2.4.7.tgz 4217144 +SHA256 ee3f22f3e32c3e302a584ab219bf54674e07747b86f14c3a5b696f22d3fd37ab openldap-2.4.7.tgz 4217144 diff --git a/net-nds/openldap/files/openldap-2.4-disable-bdb46.patch b/net-nds/openldap/files/openldap-2.4-disable-bdb46.patch new file mode 100644 index 000000000000..d508ba7e8595 --- /dev/null +++ b/net-nds/openldap/files/openldap-2.4-disable-bdb46.patch @@ -0,0 +1,448 @@ +--- ./configure.orig 2007-10-17 01:58:19.000000000 +0200 ++++ ./configure 2008-01-13 21:43:23.948292728 +0100 +@@ -27743,444 +27743,7 @@ + echo "${ECHO_T}$ol_cv_bdb_minor" >&6 + + if test $ol_cv_bdb_major = 4 ; then +- if test $ol_cv_bdb_minor = 6 ; then +- if test $ol_cv_lib_db = no ; then +- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.6)" >&5 +-echo $ECHO_N "checking for Berkeley DB link (-ldb-4.6)... $ECHO_C" >&6 +-if test "${ol_cv_db_db_4_dot_6+set}" = set; then +- echo $ECHO_N "(cached) $ECHO_C" >&6 +-else +- +- ol_DB_LIB=-ldb-4.6 +- ol_LIBS=$LIBS +- LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS" +- +- cat >conftest.$ac_ext <<_ACEOF +-/* confdefs.h. */ +-_ACEOF +-cat confdefs.h >>conftest.$ac_ext +-cat >>conftest.$ac_ext <<_ACEOF +-/* end confdefs.h. */ +- +-#ifdef HAVE_DB_185_H +-# include <db_185.h> +-#else +-# include <db.h> +-#endif +- +-#ifndef DB_VERSION_MAJOR +-# define DB_VERSION_MAJOR 1 +-#endif +- +-#ifndef NULL +-#define NULL ((void*)0) +-#endif +- +-int +-main () +-{ +- +-#if DB_VERSION_MAJOR > 1 +- { +- char *version; +- int major, minor, patch; +- +- version = db_version( &major, &minor, &patch ); +- +- if( major != DB_VERSION_MAJOR || +- minor < DB_VERSION_MINOR ) +- { +- printf("Berkeley DB version mismatch\n" +- "\theader: %s\n\tlibrary: %s\n", +- DB_VERSION_STRING, version); +- return 1; +- } +- } +-#endif +- +-#if DB_VERSION_MAJOR > 2 +- db_env_create( NULL, 0 ); +-#elif DB_VERSION_MAJOR > 1 +- db_appexit( NULL ); +-#else +- (void) dbopen( NULL, 0, 0, 0, NULL); +-#endif +- +- ; +- return 0; +-} +-_ACEOF +-rm -f conftest.$ac_objext conftest$ac_exeext +-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 +- (eval $ac_link) 2>conftest.er1 +- ac_status=$? +- grep -v '^ *+' conftest.er1 >conftest.err +- rm -f conftest.er1 +- cat conftest.err >&5 +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" +- || test ! -s conftest.err' +- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 +- (eval $ac_try) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; } && +- { ac_try='test -s conftest$ac_exeext' +- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 +- (eval $ac_try) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; }; then +- ol_cv_db_db_4_dot_6=yes +-else +- echo "$as_me: failed program was:" >&5 +-sed 's/^/| /' conftest.$ac_ext >&5 +- +-ol_cv_db_db_4_dot_6=no +-fi +-rm -f conftest.err conftest.$ac_objext \ +- conftest$ac_exeext conftest.$ac_ext +- +- LIBS="$ol_LIBS" +- +-fi +-echo "$as_me:$LINENO: result: $ol_cv_db_db_4_dot_6" >&5 +-echo "${ECHO_T}$ol_cv_db_db_4_dot_6" >&6 +- +- if test $ol_cv_db_db_4_dot_6 = yes ; then +- ol_cv_lib_db=-ldb-4.6 +- fi +-fi +- +- if test $ol_cv_lib_db = no ; then +- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb46)" >&5 +-echo $ECHO_N "checking for Berkeley DB link (-ldb46)... $ECHO_C" >&6 +-if test "${ol_cv_db_db46+set}" = set; then +- echo $ECHO_N "(cached) $ECHO_C" >&6 +-else +- +- ol_DB_LIB=-ldb46 +- ol_LIBS=$LIBS +- LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS" +- +- cat >conftest.$ac_ext <<_ACEOF +-/* confdefs.h. */ +-_ACEOF +-cat confdefs.h >>conftest.$ac_ext +-cat >>conftest.$ac_ext <<_ACEOF +-/* end confdefs.h. */ +- +-#ifdef HAVE_DB_185_H +-# include <db_185.h> +-#else +-# include <db.h> +-#endif +- +-#ifndef DB_VERSION_MAJOR +-# define DB_VERSION_MAJOR 1 +-#endif +- +-#ifndef NULL +-#define NULL ((void*)0) +-#endif +- +-int +-main () +-{ +- +-#if DB_VERSION_MAJOR > 1 +- { +- char *version; +- int major, minor, patch; +- +- version = db_version( &major, &minor, &patch ); +- +- if( major != DB_VERSION_MAJOR || +- minor < DB_VERSION_MINOR ) +- { +- printf("Berkeley DB version mismatch\n" +- "\theader: %s\n\tlibrary: %s\n", +- DB_VERSION_STRING, version); +- return 1; +- } +- } +-#endif +- +-#if DB_VERSION_MAJOR > 2 +- db_env_create( NULL, 0 ); +-#elif DB_VERSION_MAJOR > 1 +- db_appexit( NULL ); +-#else +- (void) dbopen( NULL, 0, 0, 0, NULL); +-#endif +- +- ; +- return 0; +-} +-_ACEOF +-rm -f conftest.$ac_objext conftest$ac_exeext +-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 +- (eval $ac_link) 2>conftest.er1 +- ac_status=$? +- grep -v '^ *+' conftest.er1 >conftest.err +- rm -f conftest.er1 +- cat conftest.err >&5 +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" +- || test ! -s conftest.err' +- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 +- (eval $ac_try) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; } && +- { ac_try='test -s conftest$ac_exeext' +- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 +- (eval $ac_try) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; }; then +- ol_cv_db_db46=yes +-else +- echo "$as_me: failed program was:" >&5 +-sed 's/^/| /' conftest.$ac_ext >&5 +- +-ol_cv_db_db46=no +-fi +-rm -f conftest.err conftest.$ac_objext \ +- conftest$ac_exeext conftest.$ac_ext +- +- LIBS="$ol_LIBS" +- +-fi +-echo "$as_me:$LINENO: result: $ol_cv_db_db46" >&5 +-echo "${ECHO_T}$ol_cv_db_db46" >&6 +- +- if test $ol_cv_db_db46 = yes ; then +- ol_cv_lib_db=-ldb46 +- fi +-fi +- +- if test $ol_cv_lib_db = no ; then +- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-46)" >&5 +-echo $ECHO_N "checking for Berkeley DB link (-ldb-46)... $ECHO_C" >&6 +-if test "${ol_cv_db_db_46+set}" = set; then +- echo $ECHO_N "(cached) $ECHO_C" >&6 +-else +- +- ol_DB_LIB=-ldb-46 +- ol_LIBS=$LIBS +- LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS" +- +- cat >conftest.$ac_ext <<_ACEOF +-/* confdefs.h. */ +-_ACEOF +-cat confdefs.h >>conftest.$ac_ext +-cat >>conftest.$ac_ext <<_ACEOF +-/* end confdefs.h. */ +- +-#ifdef HAVE_DB_185_H +-# include <db_185.h> +-#else +-# include <db.h> +-#endif +- +-#ifndef DB_VERSION_MAJOR +-# define DB_VERSION_MAJOR 1 +-#endif +- +-#ifndef NULL +-#define NULL ((void*)0) +-#endif +- +-int +-main () +-{ +- +-#if DB_VERSION_MAJOR > 1 +- { +- char *version; +- int major, minor, patch; +- +- version = db_version( &major, &minor, &patch ); +- +- if( major != DB_VERSION_MAJOR || +- minor < DB_VERSION_MINOR ) +- { +- printf("Berkeley DB version mismatch\n" +- "\theader: %s\n\tlibrary: %s\n", +- DB_VERSION_STRING, version); +- return 1; +- } +- } +-#endif +- +-#if DB_VERSION_MAJOR > 2 +- db_env_create( NULL, 0 ); +-#elif DB_VERSION_MAJOR > 1 +- db_appexit( NULL ); +-#else +- (void) dbopen( NULL, 0, 0, 0, NULL); +-#endif +- +- ; +- return 0; +-} +-_ACEOF +-rm -f conftest.$ac_objext conftest$ac_exeext +-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 +- (eval $ac_link) 2>conftest.er1 +- ac_status=$? +- grep -v '^ *+' conftest.er1 >conftest.err +- rm -f conftest.er1 +- cat conftest.err >&5 +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" +- || test ! -s conftest.err' +- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 +- (eval $ac_try) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; } && +- { ac_try='test -s conftest$ac_exeext' +- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 +- (eval $ac_try) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; }; then +- ol_cv_db_db_46=yes +-else +- echo "$as_me: failed program was:" >&5 +-sed 's/^/| /' conftest.$ac_ext >&5 +- +-ol_cv_db_db_46=no +-fi +-rm -f conftest.err conftest.$ac_objext \ +- conftest$ac_exeext conftest.$ac_ext +- +- LIBS="$ol_LIBS" +- +-fi +-echo "$as_me:$LINENO: result: $ol_cv_db_db_46" >&5 +-echo "${ECHO_T}$ol_cv_db_db_46" >&6 +- +- if test $ol_cv_db_db_46 = yes ; then +- ol_cv_lib_db=-ldb-46 +- fi +-fi +- +- if test $ol_cv_lib_db = no ; then +- echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4-6)" >&5 +-echo $ECHO_N "checking for Berkeley DB link (-ldb-4-6)... $ECHO_C" >&6 +-if test "${ol_cv_db_db_4_6+set}" = set; then +- echo $ECHO_N "(cached) $ECHO_C" >&6 +-else +- +- ol_DB_LIB=-ldb-4-6 +- ol_LIBS=$LIBS +- LIBS="$ol_DB_LIB $LTHREAD_LIBS $LIBS" +- +- cat >conftest.$ac_ext <<_ACEOF +-/* confdefs.h. */ +-_ACEOF +-cat confdefs.h >>conftest.$ac_ext +-cat >>conftest.$ac_ext <<_ACEOF +-/* end confdefs.h. */ +- +-#ifdef HAVE_DB_185_H +-# include <db_185.h> +-#else +-# include <db.h> +-#endif +- +-#ifndef DB_VERSION_MAJOR +-# define DB_VERSION_MAJOR 1 +-#endif +- +-#ifndef NULL +-#define NULL ((void*)0) +-#endif +- +-int +-main () +-{ +- +-#if DB_VERSION_MAJOR > 1 +- { +- char *version; +- int major, minor, patch; +- +- version = db_version( &major, &minor, &patch ); +- +- if( major != DB_VERSION_MAJOR || +- minor < DB_VERSION_MINOR ) +- { +- printf("Berkeley DB version mismatch\n" +- "\theader: %s\n\tlibrary: %s\n", +- DB_VERSION_STRING, version); +- return 1; +- } +- } +-#endif +- +-#if DB_VERSION_MAJOR > 2 +- db_env_create( NULL, 0 ); +-#elif DB_VERSION_MAJOR > 1 +- db_appexit( NULL ); +-#else +- (void) dbopen( NULL, 0, 0, 0, NULL); +-#endif +- +- ; +- return 0; +-} +-_ACEOF +-rm -f conftest.$ac_objext conftest$ac_exeext +-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 +- (eval $ac_link) 2>conftest.er1 +- ac_status=$? +- grep -v '^ *+' conftest.er1 >conftest.err +- rm -f conftest.er1 +- cat conftest.err >&5 +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" +- || test ! -s conftest.err' +- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 +- (eval $ac_try) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; } && +- { ac_try='test -s conftest$ac_exeext' +- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 +- (eval $ac_try) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; }; then +- ol_cv_db_db_4_6=yes +-else +- echo "$as_me: failed program was:" >&5 +-sed 's/^/| /' conftest.$ac_ext >&5 +- +-ol_cv_db_db_4_6=no +-fi +-rm -f conftest.err conftest.$ac_objext \ +- conftest$ac_exeext conftest.$ac_ext +- +- LIBS="$ol_LIBS" +- +-fi +-echo "$as_me:$LINENO: result: $ol_cv_db_db_4_6" >&5 +-echo "${ECHO_T}$ol_cv_db_db_4_6" >&6 +- +- if test $ol_cv_db_db_4_6 = yes ; then +- ol_cv_lib_db=-ldb-4-6 +- fi +-fi +- +- elif test $ol_cv_bdb_minor = 5 ; then ++ if test $ol_cv_bdb_minor = 5 ; then + if test $ol_cv_lib_db = no ; then + echo "$as_me:$LINENO: checking for Berkeley DB link (-ldb-4.5)" >&5 + echo $ECHO_N "checking for Berkeley DB link (-ldb-4.5)... $ECHO_C" >&6 diff --git a/net-nds/openldap/files/openldap-2.4-ppolicy.patch b/net-nds/openldap/files/openldap-2.4-ppolicy.patch new file mode 100644 index 000000000000..c05790e3e29e --- /dev/null +++ b/net-nds/openldap/files/openldap-2.4-ppolicy.patch @@ -0,0 +1,13 @@ +diff -urN ./clients.orig/tools/common.c ./clients/tools/common.c +--- ./clients.orig/tools/common.c 2007-09-01 01:13:50.000000000 +0200 ++++ ./clients/tools/common.c 2008-01-13 21:50:06.000000000 +0100 +@@ -1262,8 +1262,8 @@ + int nsctrls = 0; + + #ifdef LDAP_CONTROL_PASSWORDPOLICYREQUEST ++ LDAPControl c; + if ( ppolicy ) { +- LDAPControl c; + c.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST; + c.ldctl_value.bv_val = NULL; + c.ldctl_value.bv_len = 0; diff --git a/net-nds/openldap/openldap-2.4.7.ebuild b/net-nds/openldap/openldap-2.4.7.ebuild new file mode 100644 index 000000000000..e1614d869488 --- /dev/null +++ b/net-nds/openldap/openldap-2.4.7.ebuild @@ -0,0 +1,342 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/openldap-2.4.7.ebuild,v 1.1 2008/01/13 21:24:57 jokey Exp $ + +EAPI="1" +inherit db-use eutils flag-o-matic multilib ssl-cert versionator + +DESCRIPTION="LDAP suite of application and development tools" +HOMEPAGE="http://www.OpenLDAP.org/" +SRC_URI="mirror://openldap/openldap-release/${P}.tgz" + +LICENSE="OPENLDAP" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd" + +IUSE_DAEMON="crypt samba slp tcpd experimental minimal" +IUSE_BACKEND="+berkdb" +IUSE_OVERLAY="overlays perl" +IUSE_OPTIONAL="sasl fetch ssl odbc debug ipv6 syslog" +IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL}" + +#Inspect: +#IUSE="selinux" + +# samba adding openssl is intentional --jokey +RDEPEND="sys-libs/ncurses + tcpd? ( sys-apps/tcp-wrappers ) + ssl? ( dev-libs/openssl ) + sasl? ( dev-libs/cyrus-sasl ) + !minimal? ( + odbc? ( dev-db/unixODBC ) + slp? ( net-libs/openslp ) + perl? ( dev-lang/perl ) + samba? ( dev-libs/openssl ) + berkdb? ( sys-libs/db:4.5 ) + ) + selinux? ( sec-policy/selinux-openldap )" +DEPEND="${RDEPEND}" + +# for tracking versions +OPENLDAP_VERSIONTAG=".version-tag" +OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data" + +openldap_find_versiontags() { + # scan for all datadirs + openldap_datadirs="" + if [ -f "${ROOT}"/etc/openldap/slapd.conf ]; then + openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)" + fi + openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}" + + einfo + einfo "Scanning datadir(s) from slapd.conf and" + einfo "the default installdir for Versiontags" + einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)" + einfo + + # scan datadirs if we have a version tag + openldap_found_tag=0 + for each in ${openldap_datadirs}; do + CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"` + CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG} + if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then + einfo "- Checking ${each}..." + if [ -r ${CURRENT_TAG} ] ; then + # yey, we have one :) + einfo " Found Versiontag in ${each}" + source ${CURRENT_TAG} + if [ "${OLDPF}" == "" ] ; then + eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}" + eerror "Please delete it" + eerror + die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}" + fi + + OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}` + + # are we on the same branch? + if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then + ewarn " Versiontag doesn't match current major release!" + if [[ `ls -a ${CURRENT_TAGDIR} | wc -l` -gt 5 ]] ; then + eerror " Versiontag says other major and you (probably) have datafiles!" + echo + openldap_upgrade_howto + else + einfo " No real problem, seems there's no database." + fi + else + einfo " Versiontag is fine here :)" + fi + else + einfo " Non-tagged dir ${each}" + if [[ `ls -a ${each} | wc -l` > 5 ]] ; then + einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files" + echo + + eerror + eerror "Your OpenLDAP Installation has a non tagged datadir that" + eerror "possibly contains a database at ${CURRENT_TAGDIR}" + eerror + eerror "Please export data if any entered and empty or remove" + eerror "the directory, installation has been stopped so you" + eerror "can take required action" + eerror + eerror "For a HOWTO on exporting the data, see instructions in the ebuild" + eerror + die "Please move the datadir ${CURRENT_TAGDIR} away" + fi + fi + einfo + fi + done + + echo + einfo + einfo "All datadirs are fine, proceeding with merge now..." + einfo +} + +openldap_upgrade_howto() { + eerror + eerror "A (possible old) installation of OpenLDAP was detected," + eerror "installation will not proceed for now." + eerror + eerror "As major version upgrades can corrupt your database," + eerror "you need to dump your database and re-create it afterwards." + eerror "" + d="$(date -u +%s)" + l="/root/ldapdump.${d}" + i="${l}.raw" + eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop" + eerror " 2. slapcat -l ${i}" + eerror " 3. egrep -v '^entryCSN:' <${i} >${l}" + eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/" + eerror " 5. emerge --update \=net-nds/${PF}" + eerror " 6. etc-update, and ensure that you apply the changes" + eerror " 7. slapadd -l ${l}" + eerror " 8. chown ldap:ldap /var/lib/openldap-data/*" + eerror " 9. /etc/init.d/slapd start" + eerror "10. check that your data is intact." + eerror "11. set up the new replication system." + eerror + die "You need to upgrade your database first" +} + +pkg_setup() { + if use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then + einfo + einfo "Skipping scan for previous datadirs as requested by minimal useflag" + einfo + else + openldap_find_versiontags + fi + + enewgroup ldap 439 + enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap +} + +src_unpack() { + unpack ${A} + cd ${S} + + # ensure correct SLAPI path by default + sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \ + "${S}"/include/ldap_defaults.h + + epatch "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch + epatch "${FILESDIR}"/${PN}-2.4-disable-bdb46.patch + epatch "${FILESDIR}"/${PN}-2.4-ppolicy.patch + + # bug #116045 + epatch "${FILESDIR}"/${PN}-2.3.24-contrib-smbk5pwd.patch + + cd "${S}"/build + einfo "Making sure upstream build strip does not do stripping too early" + sed -i.orig \ + -e '/^STRIP/s,-s,,g' \ + top.mk || die "Failed to block stripping" +} + +src_compile() { + local myconf + + use debug && myconf="${myconf} $(use_enable debug)" + + if ! use minimal ; then + # backends + myconf="${myconf} --enable-slapd" + if use berkdb ; then + einfo "Using Berkeley DB for local backend" + myconf="${myconf} --enable-bdb --enable-hdb" + # We need to include the slotted db.h dir for FreeBSD + append-cppflags -I$(db_includedir) + else + ewarn + ewarn "Note: if you disable berkdb, you can only use remote-backends!" + ewarn + ebeep 5 + fi + for backend in dnssrv ldap meta monitor null passwd relay shell; do + myconf="${myconf} --enable-${backend}=mod" + done + myconf="${myconf} $(use_enable perl perl mod)" + use odbc && myconf="${myconf} --enable-sql=mod --with-odbc=unixodbc" + + # slapd options + myconf="${myconf} $(use_enable crypt) $(use_enable slp)" + myconf="${myconf} $(use_enable samba lmpasswd)" + if use experimental ; then + myconf="${myconf} --enable-dynacl" + myconf="${myconf} --enable-aci=mod" + fi + for option in aci cleartext modules rewrite rlookups slapi; do + myconf="${myconf} --enable-${option}" + done + + # slapd overlay options + myconf="${myconf} --enable-syncprov" + use overlays && myconf="${myconf} --enable-overlays=mod" + else + myconf="${myconf} --disable-slapd --disable-bdb --disable-hdb" + myconf="${myconf} --disable-overlays" + fi + + # basic functionality stuff + myconf="${myconf} $(use_enable ipv6)" + myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)" + myconf="${myconf} $(use_enable tcpd wrappers) $(use_with ssl tls openssl)" + for basicflag in dynamic local proctitle shared static syslog; do + myconf="${myconf} --enable-${basicflag}" + done + + STRIP=/bin/true \ + econf \ + --libexecdir=/usr/$(get_libdir)/openldap \ + ${myconf} || die "configure failed" + + emake depend || die "emake depend failed" + emake || die "emake failed" +} + +src_test() { + cd tests ; make tests || die "make tests failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "make install failed" + + dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example + docinto rfc ; dodoc doc/rfc/*.txt + + # openldap modules go here + # TODO: write some code to populate slapd.conf with moduleload statements + keepdir /usr/$(get_libdir)/openldap/openldap/ + + # initial data storage dir + keepdir /var/lib/openldap-data + fowners ldap:ldap /var/lib/openldap-data + fperms 0700 /var/lib/openldap-data + + echo "OLDPF='${PF}'" > "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" + echo "# do NOT delete this. it is used" >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" + echo "# to track versions for upgrading." >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" + + # change slapd.pid location in configuration file + keepdir /var/run/openldap + fowners ldap:ldap /var/run/openldap + fperms 0755 /var/run/openldap + + if ! use minimal; then + # use our config + rm "${D}"etc/openldap/slapd.conf + insinto /etc/openldap + newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf + configfile="${D}"etc/openldap/slapd.conf + + # populate with built backends + ebegin "populate config with built backends" + for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do + elog "Adding $(basename ${x})" + sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" + done + sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}" + fowners root:ldap /etc/openldap/slapd.conf + fperms 0640 /etc/openldap/slapd.conf + cp "${configfile}" "${configfile}".default + eend + + # install our own init scripts + newinitd "${FILESDIR}"/slapd-initd slapd + newconfd "${FILESDIR}"/slapd-confd slapd + if [ $(get_libdir) != lib ]; then + sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/{slapd,slurpd} + fi + fi +} + +pkg_preinst() { + # keep old libs if any + LIBSUFFIXES="-2.3.so.0" + for LIBSUFFIX in ${LIBSUFFIXES} ; do + for each in liblber libldap libldap_r ; do + preserve_old_lib "${ROOT}usr/$(get_libdir)/${each}${LIBSUFFIX}" + done + done +} + +pkg_postinst() { + if ! use minimal ; then + # You cannot build SSL certificates during src_install that will make + # binary packages containing your SSL key, which is both a security risk + # and a misconfiguration if multiple machines use the same key and cert. + if use ssl; then + install_cert /etc/openldap/ssl/ldap + chown ldap:ldap "${ROOT}"etc/openldap/ssl/ldap.* + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" + ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" + ewarn "add 'TLS_REQCERT never' if you want to use them." + fi + + # These lines force the permissions of various content to be correct + chown ldap:ldap "${ROOT}"var/run/openldap + chmod 0755 "${ROOT}"var/run/openldap + chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default} + chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default} + chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm,slurp} + fi + + elog "Getting started using OpenLDAP? There is some documentation available:" + elog "Gentoo Guide to OpenLDAP Authentication" + elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)" + elog "---" + elog "An example file for tuning BDB backends with openldap is:" + elog "/usr/share/doc/${PF}/DB_CONFIG.fast.example.gz" + + LIBSUFFIXES="-2.3.so.0" + for LIBSUFFIX in ${LIBSUFFIXES} ; do + for each in liblber libldap libldap_r ; do + preserve_old_lib_notify "${ROOT}usr/$(get_libdir)/${each}${LIBSUFFIX}" + done + done +} |