Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Robin H. Johnson (robbat2)" <robbat2@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in net-nds/openldap: openldap-2.4.23.ebuild ChangeLog
Date: Tue, 31 Aug 2010 04:27:00
Message-Id: 20100831042656.17DF520051@flycatcher.gentoo.org
1 robbat2 10/08/31 04:26:56
2
3 Modified: ChangeLog
4 Added: openldap-2.4.23.ebuild
5 Log:
6 Version bump for sec bug #323777.
7
8 (Portage version: 2.2_rc71/cvs/Linux x86_64)
9
10 Revision Changes Path
11 1.371 net-nds/openldap/ChangeLog
12
13 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-nds/openldap/ChangeLog?rev=1.371&view=markup
14 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-nds/openldap/ChangeLog?rev=1.371&content-type=text/plain
15 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-nds/openldap/ChangeLog?r1=1.370&r2=1.371
16
17 Index: ChangeLog
18 ===================================================================
19 RCS file: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v
20 retrieving revision 1.370
21 retrieving revision 1.371
22 diff -p -w -b -B -u -u -r1.370 -r1.371
23 --- ChangeLog 11 Apr 2010 15:24:10 -0000 1.370
24 +++ ChangeLog 31 Aug 2010 04:26:56 -0000 1.371
25 @@ -1,6 +1,12 @@
26 # ChangeLog for net-nds/openldap
27 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
28 -# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.370 2010/04/11 15:24:10 jokey Exp $
29 +# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.371 2010/08/31 04:26:56 robbat2 Exp $
30 +
31 +*openldap-2.4.23 (30 Aug 2010)
32 +
33 + 30 Aug 2010; Robin H. Johnson <robbat2@g.o>
34 + +openldap-2.4.23.ebuild:
35 + Version bump for sec bug #323777.
36
37 11 Apr 2010; Markus Ullmann <jokey@g.o> -openldap-2.3.41.ebuild,
38 -openldap-2.3.41-r1.ebuild, -openldap-2.3.43.ebuild,
39
40
41
42 1.1 net-nds/openldap/openldap-2.4.23.ebuild
43
44 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-nds/openldap/openldap-2.4.23.ebuild?rev=1.1&view=markup
45 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-nds/openldap/openldap-2.4.23.ebuild?rev=1.1&content-type=text/plain
46
47 Index: openldap-2.4.23.ebuild
48 ===================================================================
49 # Copyright 1999-2010 Gentoo Foundation
50 # Distributed under the terms of the GNU General Public License v2
51 # $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/openldap-2.4.23.ebuild,v 1.1 2010/08/31 04:26:55 robbat2 Exp $
52
53 EAPI="2"
54 inherit db-use eutils flag-o-matic multilib ssl-cert versionator toolchain-funcs
55
56 DESCRIPTION="LDAP suite of application and development tools"
57 HOMEPAGE="http://www.OpenLDAP.org/"
58 SRC_URI="mirror://openldap/openldap-release/${P}.tgz"
59
60 LICENSE="OPENLDAP"
61 SLOT="0"
62 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd"
63
64 IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
65 IUSE_BACKEND="+berkdb"
66 IUSE_OVERLAY="overlays perl"
67 IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 syslog selinux"
68 IUSE_CONTRIB="smbkrb5passwd kerberos"
69 IUSE_CONTRIB="${IUSE_CONTRIB} -cxx"
70 IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
71
72 # openssl is needed to generate lanman-passwords required by samba
73 RDEPEND="sys-libs/ncurses
74 icu? ( dev-libs/icu )
75 tcpd? ( sys-apps/tcp-wrappers )
76 ssl? ( !gnutls? ( dev-libs/openssl )
77 gnutls? ( net-libs/gnutls ) )
78 sasl? ( dev-libs/cyrus-sasl )
79 !minimal? (
80 odbc? ( !iodbc? ( dev-db/unixODBC )
81 iodbc? ( dev-db/libiodbc ) )
82 slp? ( net-libs/openslp )
83 perl? ( dev-lang/perl[-build] )
84 samba? ( dev-libs/openssl )
85 berkdb? ( sys-libs/db )
86 smbkrb5passwd? (
87 dev-libs/openssl
88 app-crypt/heimdal )
89 kerberos? ( virtual/krb5 )
90 cxx? ( dev-libs/cyrus-sasl )
91 )
92 selinux? ( sec-policy/selinux-openldap )"
93 DEPEND="${RDEPEND}"
94
95 # for tracking versions
96 OPENLDAP_VERSIONTAG=".version-tag"
97 OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
98
99 openldap_filecount() {
100 local dir="$1"
101 find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG.example' | wc -l
102 }
103
104 openldap_find_versiontags() {
105 # scan for all datadirs
106 openldap_datadirs=""
107 if [ -f "${ROOT}"/etc/openldap/slapd.conf ]; then
108 openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)"
109 fi
110 openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
111
112 einfo
113 einfo "Scanning datadir(s) from slapd.conf and"
114 einfo "the default installdir for Versiontags"
115 einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
116 einfo
117
118 # scan datadirs if we have a version tag
119 openldap_found_tag=0
120 have_files=0
121 for each in ${openldap_datadirs}; do
122 CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
123 CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
124 if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
125 einfo "- Checking ${each}..."
126 if [ -r ${CURRENT_TAG} ] ; then
127 # yey, we have one :)
128 einfo " Found Versiontag in ${each}"
129 source ${CURRENT_TAG}
130 if [ "${OLDPF}" == "" ] ; then
131 eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
132 eerror "Please delete it"
133 eerror
134 die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
135 fi
136
137 OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
138
139 [ $(openldap_filecount ${CURRENT_TAGDIR}) -gt 0 ] && have_files=1
140
141 # are we on the same branch?
142 if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
143 ewarn " Versiontag doesn't match current major release!"
144 if [[ "${have_files}" == "1" ]] ; then
145 eerror " Versiontag says other major and you (probably) have datafiles!"
146 echo
147 openldap_upgrade_howto
148 else
149 einfo " No real problem, seems there's no database."
150 fi
151 else
152 einfo " Versiontag is fine here :)"
153 fi
154 else
155 einfo " Non-tagged dir ${each}"
156 [ $(openldap_filecount ${each}) -gt 0 ] && have_files=1
157 if [[ "${have_files}" == "1" ]] ; then
158 einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
159 echo
160
161 eerror
162 eerror "Your OpenLDAP Installation has a non tagged datadir that"
163 eerror "possibly contains a database at ${CURRENT_TAGDIR}"
164 eerror
165 eerror "Please export data if any entered and empty or remove"
166 eerror "the directory, installation has been stopped so you"
167 eerror "can take required action"
168 eerror
169 eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
170 eerror
171 die "Please move the datadir ${CURRENT_TAGDIR} away"
172 fi
173 fi
174 einfo
175 fi
176 done
177 [ "${have_files}" == "1" ] && einfo "DB files present" || einfo "No DB files present"
178
179 # Now we must check for the major version of sys-libs/db linked against.
180 SLAPD_PATH=${ROOT}/usr/$(get_libdir)/openldap/slapd
181 if [ "${have_files}" == "1" -a -f "${SLAPD_PATH}" ]; then
182 OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \
183 | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')"
184 NEWVER="$(use berkdb && db_findver sys-libs/db)"
185 local fail=0
186 if [ -z "${OLDVER}" -a -z "${NEWVER}" ]; then
187 :
188 # Nothing wrong here.
189 elif [ -z "${OLDVER}" -a -n "${NEWVER}" ]; then
190 eerror " Your existing version of OpenLDAP was not built against"
191 eerror " any version of sys-libs/db, but the new one will build"
192 eerror " against ${NEWVER} and your database may be inaccessible."
193 echo
194 fail=1
195 elif [ -n "${OLDVER}" -a -z "${NEWVER}" ]; then
196 eerror " Your existing version of OpenLDAP was built against"
197 eerror " sys-libs/db:${OLDVER}, but the new one will not be"
198 eerror " built against any version and your database may be"
199 eerror " inaccessible."
200 echo
201 fail=1
202 elif [ "${OLDVER}" != "${NEWVER}" ]; then
203 eerror " Your existing version of OpenLDAP was built against"
204 eerror " sys-libs/db:${OLDVER}, but the new one will build against"
205 eerror " ${NEWVER} and your database would be inaccessible."
206 echo
207 fail=1
208 fi
209 [ "${fail}" == "1" ] && openldap_upgrade_howto
210 fi
211
212 echo
213 einfo
214 einfo "All datadirs are fine, proceeding with merge now..."
215 einfo
216 }
217
218 openldap_upgrade_howto() {
219 eerror
220 eerror "A (possible old) installation of OpenLDAP was detected,"
221 eerror "installation will not proceed for now."
222 eerror
223 eerror "As major version upgrades can corrupt your database,"
224 eerror "you need to dump your database and re-create it afterwards."
225 eerror
226 eerror "Additionally, rebuilding against different major versions of the"
227 eerror "sys-libs/db libraries will cause your database to be inaccessible."
228 eerror ""
229 d="$(date -u +%s)"
230 l="/root/ldapdump.${d}"
231 i="${l}.raw"
232 eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
233 eerror " 2. slapcat -l ${i}"
234 eerror " 3. egrep -v '^entryCSN:' <${i} >${l}"
235 eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
236 eerror " 5. emerge --update \=net-nds/${PF}"
237 eerror " 6. etc-update, and ensure that you apply the changes"
238 eerror " 7. slapadd -l ${l}"
239 eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
240 eerror " 9. /etc/init.d/slapd start"
241 eerror "10. check that your data is intact."
242 eerror "11. set up the new replication system."
243 eerror
244 if [ "${FORCE_UPGRADE}" != "1" ]; then
245 die "You need to upgrade your database first"
246 else
247 eerror "You have the magical FORCE_UPGRADE=1 in place."
248 eerror "Don't say you weren't warned about data loss."
249 fi
250 }
251
252 pkg_setup() {
253 if ! use sasl && use cxx ; then
254 die "To build the ldapc++ library you must emerge openldap with sasl support"
255 fi
256 if use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
257 einfo
258 einfo "Skipping scan for previous datadirs as requested by minimal useflag"
259 einfo
260 else
261 openldap_find_versiontags
262 fi
263
264 enewgroup ldap 439
265 enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
266 }
267
268 src_prepare() {
269 # ensure correct SLAPI path by default
270 sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \
271 "${S}"/include/ldap_defaults.h
272
273 epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
274
275 epatch \
276 "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
277 "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
278
279 # bug #116045 - still present in 2.4.19
280 epatch "${FILESDIR}"/${PN}-2.4.19-contrib-smbk5pwd.patch
281
282 # bug #189817
283 epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
284
285 # bug #233633
286 epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
287
288 cd "${S}"/build
289 einfo "Making sure upstream build strip does not do stripping too early"
290 sed -i.orig \
291 -e '/^STRIP/s,-s,,g' \
292 top.mk || die "Failed to block stripping"
293
294 # wrong assumption that /bin/sh is /bin/bash
295 sed -i \
296 -e 's|/bin/sh|/bin/bash|g' \
297 "${S}"/tests/scripts/* || die "sed failed"
298 }
299
300 build_contrib_module() {
301 lt="${S}/libtool"
302 # <dir> <sources> <outputname>
303 cd "${S}/contrib/slapd-modules/$1"
304 einfo "Compiling contrib-module: $3"
305 # Make sure it's uppercase
306 local define_name="$(echo "SLAPD_OVER_${1}" | LC_ALL=C tr '[:lower:]' '[:upper:]')"
307 "${lt}" --mode=compile --tag=CC \
308 "${CC}" \
309 -D${define_name}=SLAPD_MOD_DYNAMIC \
310 -I../../../include -I../../../servers/slapd ${CFLAGS} \
311 -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
312 einfo "Linking contrib-module: $3"
313 "${lt}" --mode=link --tag=CC \
314 "${CC}" -module \
315 ${CFLAGS} \
316 ${LDFLAGS} \
317 -rpath /usr/$(get_libdir)/openldap/openldap \
318 -o $3.la ${2%.c}.lo || die "linking $3 failed"
319 }
320
321 src_configure() {
322 local myconf
323
324 #Fix for glibc-2.8 and ucred. Bug 228457.
325 append-flags -D_GNU_SOURCE
326
327 use debug && myconf="${myconf} $(use_enable debug)"
328
329 # ICU usage is not configurable
330 export ac_cv_header_unicode_utypes_h="$(use icu && echo yes || echo no)"
331
332 if ! use minimal ; then
333 # re-enable serverside overlay chains per bug #296567
334 # see ldap docs chaper 12.3.1 for details
335 myconf="${myconf} --enable-ldap"
336
337 # backends
338 myconf="${myconf} --enable-slapd"
339 if use berkdb ; then
340 einfo "Using Berkeley DB for local backend"
341 myconf="${myconf} --enable-bdb --enable-hdb"
342 # We need to include the slotted db.h dir for FreeBSD
343 append-cppflags -I$(db_includedir)
344 else
345 ewarn
346 ewarn "Note: if you disable berkdb, you can only use remote-backends!"
347 ewarn
348 ebeep 5
349 myconf="${myconf} --disable-bdb --disable-hdb"
350 fi
351 for backend in dnssrv ldap meta monitor null passwd relay shell sock; do
352 myconf="${myconf} --enable-${backend}=mod"
353 done
354
355 myconf="${myconf} $(use_enable perl perl mod)"
356
357 myconf="${myconf} $(use_enable odbc sql mod)"
358 if use odbc ; then
359 local odbc_lib="unixodbc"
360 if use iodbc ; then
361 odbc_lib="iodbc"
362 append-cppflags -I/usr/include/iodbc
363 fi
364 myconf="${myconf} --with-odbc=${odbc_lib}"
365 fi
366
367 # slapd options
368 myconf="${myconf} $(use_enable crypt) $(use_enable slp)"
369 myconf="${myconf} $(use_enable samba lmpasswd) $(use_enable syslog)"
370 if use experimental ; then
371 myconf="${myconf} --enable-dynacl"
372 myconf="${myconf} --enable-aci=mod"
373 fi
374 for option in aci cleartext modules rewrite rlookups slapi; do
375 myconf="${myconf} --enable-${option}"
376 done
377
378 # slapd overlay options
379 # Compile-in the syncprov, the others as module
380 myconf="${myconf} --enable-syncprov=yes"
381 use overlays && myconf="${myconf} --enable-overlays=mod"
382
383 else
384 myconf="${myconf} --disable-slapd --disable-bdb --disable-hdb"
385 myconf="${myconf} --disable-overlays --disable-syslog"
386 fi
387
388 # basic functionality stuff
389 myconf="${myconf} $(use_enable ipv6)"
390 myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)"
391 myconf="${myconf} $(use_enable tcpd wrappers)"
392
393 local ssl_lib="no"
394 if use ssl || ( use ! minimal && use samba ) ; then
395 ssl_lib="openssl"
396 use gnutls && ssl_lib="gnutls"
397 fi
398
399 myconf="${myconf} --with-tls=${ssl_lib}"
400
401 for basicflag in dynamic local proctitle shared static; do
402 myconf="${myconf} --enable-${basicflag}"
403 done
404
405 tc-export CC AR CXX
406 STRIP=/bin/true \
407 econf \
408 --libexecdir=/usr/$(get_libdir)/openldap \
409 ${myconf} || die "econf failed"
410 }
411
412 src_configure_cxx() {
413 # This needs the libraries built by the first build run.
414 # So we have to run it AFTER the main build, not just after the main
415 # configure.
416 if ! use minimal ; then
417 if use cxx ; then
418 local myconf_ldapcpp
419 myconf_ldapcpp="${myconf_ldapcpp} --with-ldap-includes=../../include"
420 cd "${S}/contrib/ldapc++"
421 OLD_LDFLAGS="$LDFLAGS"
422 OLD_CPPFLAGS="$CPPFLAGS"
423 append-ldflags -L../../libraries/liblber/.libs -L../../libraries/libldap/.libs
424 append-ldflags -L../../../libraries/liblber/.libs -L../../../libraries/libldap/.libs
425 append-cppflags -I../../../include
426 econf ${myconf_ldapcpp} \
427 CC="${CC}" \
428 CXX="${CXX}" \
429 || die "econf ldapc++ failed"
430 CPPFLAGS="$OLD_CPPFLAGS"
431 LDFLAGS="${OLD_LDFLAGS}"
432 fi
433 fi
434 }
435
436 src_compile() {
437 emake depend || die "emake depend failed"
438 emake CC="${CC}" AR="${AR}" || die "emake failed"
439 lt="${S}/libtool"
440 export echo="echo"
441
442 if ! use minimal ; then
443 if use cxx ; then
444 einfo "Building contrib library: ldapc++"
445 src_configure_cxx
446 cd "${S}/contrib/ldapc++"
447 emake \
448 CC="${CC}" CXX="${CXX}" \
449 || die "emake ldapc++ failed"
450 fi
451
452 if use smbkrb5passwd ; then
453 einfo "Building contrib-module: smbk5pwd"
454 cd "${S}/contrib/slapd-modules/smbk5pwd"
455
456 emake \
457 DEFS="-DDO_SAMBA -DDO_KRB5" \
458 KRB5_INC="$(krb5-config --cflags)" \
459 CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap" \
460 || die "emake smbk5pwd failed"
461 fi
462
463 if use kerberos ; then
464 cd "${S}/contrib/slapd-modules/passwd"
465 einfo "Compiling contrib-module: pw-kerberos"
466 "${lt}" --mode=compile --tag=CC \
467 "${CC}" \
468 -I../../../include \
469 ${CFLAGS} \
470 $(krb5-config --cflags) \
471 -DHAVE_KRB5 \
472 -o kerberos.lo \
473 -c kerberos.c || die "compiling pw-kerberos failed"
474 einfo "Linking contrib-module: pw-kerberos"
475 "${lt}" --mode=link --tag=CC \
476 "${CC}" -module \
477 ${CFLAGS} \
478 ${LDFLAGS} \
479 -rpath /usr/$(get_libdir)/openldap/openldap \
480 -o pw-kerberos.la \
481 kerberos.lo || die "linking pw-kerberos failed"
482 fi
483 # We could build pw-radius if GNURadius would install radlib.h
484 cd "${S}/contrib/slapd-modules/passwd"
485 einfo "Compiling contrib-module: pw-netscape"
486 "${lt}" --mode=compile --tag=CC \
487 "${CC}" \
488 -I../../../include \
489 ${CFLAGS} \
490 -o netscape.lo \
491 -c netscape.c || die "compiling pw-netscape failed"
492 einfo "Linking contrib-module: pw-netscape"
493 "${lt}" --mode=link --tag=CC \
494 "${CC}" -module \
495 ${CFLAGS} \
496 ${LDFLAGS} \
497 -rpath /usr/$(get_libdir)/openldap/openldap \
498 -o pw-netscape.la \
499 netscape.lo || die "linking pw-netscape failed"
500
501 build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
502 build_contrib_module "allop" "allop.c" "overlay-allop"
503 build_contrib_module "allowed" "allowed.c" "allowed"
504 build_contrib_module "autogroup" "autogroup.c" "autogroup"
505 build_contrib_module "denyop" "denyop.c" "denyop-overlay"
506 build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
507 # lastmod may not play well with other overlays
508 build_contrib_module "lastmod" "lastmod.c" "lastmod"
509 build_contrib_module "nops" "nops.c" "nops-overlay"
510 build_contrib_module "trace" "trace.c" "trace"
511 # build slapi-plugins
512 cd "${S}/contrib/slapi-plugins/addrdnvalues"
513 einfo "Building contrib-module: addrdnvalues plugin"
514 "${CC}" -shared \
515 -I../../../include \
516 ${CFLAGS} \
517 -fPIC \
518 ${LDFLAGS} \
519 -o libaddrdnvalues-plugin.so \
520 addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
521
522 fi
523 }
524
525 src_test() {
526 cd tests ; make tests || die "make tests failed"
527 }
528
529 src_install() {
530 lt="${S}/libtool"
531 emake DESTDIR="${D}" install || die "make install failed"
532
533 dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example
534 docinto rfc ; dodoc doc/rfc/*.txt
535
536 # openldap modules go here
537 # TODO: write some code to populate slapd.conf with moduleload statements
538 keepdir /usr/$(get_libdir)/openldap/openldap/
539
540 # initial data storage dir
541 keepdir /var/lib/openldap-data
542 fowners ldap:ldap /var/lib/openldap-data
543 fperms 0700 /var/lib/openldap-data
544
545 echo "OLDPF='${PF}'" > "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
546 echo "# do NOT delete this. it is used" >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
547 echo "# to track versions for upgrading." >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
548
549 # change slapd.pid location in configuration file
550 keepdir /var/run/openldap
551 fowners ldap:ldap /var/run/openldap
552 fperms 0755 /var/run/openldap
553
554 if ! use minimal; then
555 # use our config
556 rm "${D}"etc/openldap/slapd.conf
557 insinto /etc/openldap
558 newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
559 configfile="${D}"etc/openldap/slapd.conf
560
561 # populate with built backends
562 ebegin "populate config with built backends"
563 for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
564 elog "Adding $(basename ${x})"
565 sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
566 done
567 sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
568 fowners root:ldap /etc/openldap/slapd.conf
569 fperms 0640 /etc/openldap/slapd.conf
570 cp "${configfile}" "${configfile}".default
571 eend
572
573 # install our own init scripts
574 newinitd "${FILESDIR}"/slapd-initd2 slapd
575 newconfd "${FILESDIR}"/slapd-confd slapd
576 if [ $(get_libdir) != lib ]; then
577 sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/slapd
578 fi
579
580 if use cxx ; then
581 einfo "Install the ldapc++ library"
582 cd "${S}/contrib/ldapc++"
583 emake DESTDIR="${D}" libexecdir="/usr/$(get_libdir)/openldap" install || die "emake install ldapc++ failed"
584 newdoc README ldapc++-README
585 fi
586
587 if use smbkrb5passwd ; then
588 einfo "Install the smbk5pwd module"
589 cd "${S}/contrib/slapd-modules/smbk5pwd"
590 emake DESTDIR="${D}" libexecdir="/usr/$(get_libdir)/openldap" install || die "emake install smbk5pwd failed"
591 newdoc README smbk5pwd-README
592 fi
593
594 einfo "Installing contrib modules"
595 cd "${S}/contrib/slapd-modules"
596 for l in */*.la; do
597 "${lt}" --mode=install cp ${l} \
598 "${D}"usr/$(get_libdir)/openldap/openldap || \
599 die "installing ${l} failed"
600 done
601 docinto contrib
602 newdoc addpartial/README addpartial-README
603 newdoc allop/README allop-README
604 doman allop/slapo-allop.5
605 newdoc autogroup/README autogroup-README
606 newdoc denyop/denyop.c denyop-denyop.c
607 newdoc dsaschema/README dsaschema-README
608 doman lastmod/slapo-lastmod.5
609 doman nops/slapo-nops.5
610 newdoc passwd/README passwd-README
611 cd "${S}/contrib/slapi-plugins"
612 insinto /usr/$(get_libdir)/openldap/openldap
613 doins */*.so
614 docinto contrib
615 newdoc addrdnvalues/README addrdnvalues-README
616 fi
617 }
618
619 pkg_preinst() {
620 # keep old libs if any
621 preserve_old_lib usr/$(get_libdir)/{libldap,libldap_r,liblber}-2.3.so.0
622 }
623
624 pkg_postinst() {
625 if ! use minimal ; then
626 # You cannot build SSL certificates during src_install that will make
627 # binary packages containing your SSL key, which is both a security risk
628 # and a misconfiguration if multiple machines use the same key and cert.
629 if use ssl; then
630 install_cert /etc/openldap/ssl/ldap
631 chown ldap:ldap "${ROOT}"etc/openldap/ssl/ldap.*
632 ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
633 ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
634 ewarn "add 'TLS_REQCERT never' if you want to use them."
635 fi
636
637 # These lines force the permissions of various content to be correct
638 chown ldap:ldap "${ROOT}"var/run/openldap
639 chmod 0755 "${ROOT}"var/run/openldap
640 chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default}
641 chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default}
642 chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm}
643 fi
644
645 elog "Getting started using OpenLDAP? There is some documentation available:"
646 elog "Gentoo Guide to OpenLDAP Authentication"
647 elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
648 elog "---"
649 elog "An example file for tuning BDB backends with openldap is"
650 elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
651
652 preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3.so.0
653 }
Report Message
Find on MARC Find on Google Groups