1 |
commit: dba9e43f67808bec3df18c99eeb76edd4d17cde3 |
2 |
Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri May 8 10:21:05 2020 +0000 |
4 |
Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri May 8 10:21:32 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dba9e43f |
7 |
|
8 |
net-nds/openldap: Security cleanup |
9 |
|
10 |
Package-Manager: Portage-2.3.99, Repoman-2.3.22 |
11 |
Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org> |
12 |
|
13 |
net-nds/openldap/Manifest | 2 - |
14 |
net-nds/openldap/openldap-2.4.48.ebuild | 904 ----------------------------- |
15 |
net-nds/openldap/openldap-2.4.49-r1.ebuild | 901 ---------------------------- |
16 |
net-nds/openldap/openldap-2.4.49-r2.ebuild | 903 ---------------------------- |
17 |
4 files changed, 2710 deletions(-) |
18 |
|
19 |
diff --git a/net-nds/openldap/Manifest b/net-nds/openldap/Manifest |
20 |
index 535c953b507..12dd61f09da 100644 |
21 |
--- a/net-nds/openldap/Manifest |
22 |
+++ b/net-nds/openldap/Manifest |
23 |
@@ -1,4 +1,2 @@ |
24 |
-DIST openldap-2.4.48.tgz 5704883 BLAKE2B ef856ff0b22c9187e68e9c09583a176fe4c2ee1f5bfe6b169f03bc0058294170ec4d1aa1b164e28eecd2ef6bafab539c1b942b0bd74e93852205beeaff39aeef SHA512 cf694a415be0bd55cc7f606099da2ed461748efd276561944cd29d7f5a8252a9be799d8778fac2d4fa9f382731eb4ca48c6b85630cb58a3b8249843561ae8feb |
25 |
-DIST openldap-2.4.49.tgz 5704723 BLAKE2B ee777588d758f6704b0d38b90feb85b27e2307510a05d1d147324e9958a6f6fc5bc7dd521a1462971c3f707429ad38fab734f508d71fd88b447770e112e844a2 SHA512 99d1943d126b06e62865e31e5825fcff2cb15415f7f85ae4962fa0e7425bc3b58db5b9639150d7b09e3642c80257724c745e47c25ab4fcb1bba0ba771011dd49 |
26 |
DIST openldap-2.4.50.tgz 5712635 BLAKE2B 6a7d864a44c411b82cf703585c4a81954a02497e8510c84e29070dd120da0181e8425fd2b8bb7616e42e6e26d0f06db5ffdf50fb1cd97943d23f9914eb4f1260 SHA512 f528043ff9de36f7b65d8816c9a9c24f0ac400041b2969965178ee6eae62c92a11af33a0a883e4954e5fff98a0738a9f9aa2faf5b385d21974754e045aab31ae |
27 |
DIST rfc2307bis.schema-20140524 12262 BLAKE2B 98031f49e9bde1e4821e637af3382364d8344ed7017649686a088070d96a632dffa6c661552352656b1b159c0fd962965580069a64c7f3d5bb6a3ed75f60fd99 SHA512 83b89a1deeefc8566b97e7e865b9b6d04541099cbdf719e24538a7d27d61b6209e87ab9003a9f140bd9afd018ec569e71721e3a24090e1902c8b6659d2ba103e |
28 |
|
29 |
diff --git a/net-nds/openldap/openldap-2.4.48.ebuild b/net-nds/openldap/openldap-2.4.48.ebuild |
30 |
deleted file mode 100644 |
31 |
index d25e104dc3e..00000000000 |
32 |
--- a/net-nds/openldap/openldap-2.4.48.ebuild |
33 |
+++ /dev/null |
34 |
@@ -1,904 +0,0 @@ |
35 |
-# Copyright 1999-2020 Gentoo Authors |
36 |
-# Distributed under the terms of the GNU General Public License v2 |
37 |
- |
38 |
-EAPI=6 |
39 |
- |
40 |
-inherit autotools db-use eapi7-ver flag-o-matic multilib multilib-minimal preserve-libs ssl-cert toolchain-funcs user systemd |
41 |
- |
42 |
-BIS_PN=rfc2307bis.schema |
43 |
-BIS_PV=20140524 |
44 |
-BIS_P="${BIS_PN}-${BIS_PV}" |
45 |
- |
46 |
-DESCRIPTION="LDAP suite of application and development tools" |
47 |
-HOMEPAGE="http://www.OpenLDAP.org/" |
48 |
- |
49 |
-# mirrors are mostly not working, using canonical URI |
50 |
-SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz |
51 |
- mirror://gentoo/${BIS_P}" |
52 |
- |
53 |
-LICENSE="OPENLDAP GPL-2" |
54 |
-SLOT="0" |
55 |
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv s390 sparc x86 ~ppc-aix ~amd64-linux ~x86-linux ~x86-solaris" |
56 |
- |
57 |
-IUSE_DAEMON="crypt samba slp tcpd experimental minimal" |
58 |
-IUSE_BACKEND="+berkdb" |
59 |
-IUSE_OVERLAY="overlays perl" |
60 |
-IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs test" |
61 |
-IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2" |
62 |
-IUSE_CONTRIB="${IUSE_CONTRIB} -cxx" |
63 |
-IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}" |
64 |
- |
65 |
-RESTRICT="!test? ( test )" |
66 |
-REQUIRED_USE="cxx? ( sasl ) |
67 |
- pbkdf2? ( ssl ) |
68 |
- test? ( berkdb ) |
69 |
- ?? ( test minimal )" |
70 |
- |
71 |
-# always list newer first |
72 |
-# Do not add any AGPL-3 BDB here! |
73 |
-# See bug 525110, comment 15. |
74 |
-# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build. |
75 |
-BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}" |
76 |
-BDB_PKGS='' |
77 |
-for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done |
78 |
- |
79 |
-# openssl is needed to generate lanman-passwords required by samba |
80 |
-CDEPEND=" |
81 |
- ssl? ( |
82 |
- !gnutls? ( |
83 |
- !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] ) |
84 |
- libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] ) |
85 |
- ) |
86 |
- gnutls? ( |
87 |
- >=net-libs/gnutls-2.12.23-r6:=[${MULTILIB_USEDEP}] |
88 |
- >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}] |
89 |
- ) |
90 |
- ) |
91 |
- sasl? ( dev-libs/cyrus-sasl:= ) |
92 |
- !minimal? ( |
93 |
- sys-devel/libtool |
94 |
- sys-libs/e2fsprogs-libs |
95 |
- >=dev-db/lmdb-0.9.18:= |
96 |
- tcpd? ( sys-apps/tcp-wrappers ) |
97 |
- odbc? ( !iodbc? ( dev-db/unixODBC ) |
98 |
- iodbc? ( dev-db/libiodbc ) ) |
99 |
- slp? ( net-libs/openslp ) |
100 |
- perl? ( dev-lang/perl:=[-build(-)] ) |
101 |
- samba? ( |
102 |
- !libressl? ( dev-libs/openssl:0= ) |
103 |
- libressl? ( dev-libs/libressl:0= ) |
104 |
- ) |
105 |
- berkdb? ( |
106 |
- <sys-libs/db-6.0:= |
107 |
- || ( ${BDB_PKGS} ) |
108 |
- ) |
109 |
- smbkrb5passwd? ( |
110 |
- !libressl? ( dev-libs/openssl:0= ) |
111 |
- libressl? ( dev-libs/libressl:0= ) |
112 |
- kerberos? ( app-crypt/heimdal ) |
113 |
- ) |
114 |
- kerberos? ( |
115 |
- virtual/krb5 |
116 |
- kinit? ( !app-crypt/heimdal ) |
117 |
- ) |
118 |
- cxx? ( dev-libs/cyrus-sasl:= ) |
119 |
- ) |
120 |
-" |
121 |
-DEPEND="${CDEPEND} |
122 |
- sys-apps/groff |
123 |
-" |
124 |
-RDEPEND="${CDEPEND} |
125 |
- selinux? ( sec-policy/selinux-ldap ) |
126 |
-" |
127 |
-# for tracking versions |
128 |
-OPENLDAP_VERSIONTAG=".version-tag" |
129 |
-OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data" |
130 |
- |
131 |
-MULTILIB_WRAPPED_HEADERS=( |
132 |
- # USE=cxx |
133 |
- /usr/include/LDAPAsynConnection.h |
134 |
- /usr/include/LDAPAttrType.h |
135 |
- /usr/include/LDAPAttribute.h |
136 |
- /usr/include/LDAPAttributeList.h |
137 |
- /usr/include/LDAPConnection.h |
138 |
- /usr/include/LDAPConstraints.h |
139 |
- /usr/include/LDAPControl.h |
140 |
- /usr/include/LDAPControlSet.h |
141 |
- /usr/include/LDAPEntry.h |
142 |
- /usr/include/LDAPEntryList.h |
143 |
- /usr/include/LDAPException.h |
144 |
- /usr/include/LDAPExtResult.h |
145 |
- /usr/include/LDAPMessage.h |
146 |
- /usr/include/LDAPMessageQueue.h |
147 |
- /usr/include/LDAPModList.h |
148 |
- /usr/include/LDAPModification.h |
149 |
- /usr/include/LDAPObjClass.h |
150 |
- /usr/include/LDAPRebind.h |
151 |
- /usr/include/LDAPRebindAuth.h |
152 |
- /usr/include/LDAPReferenceList.h |
153 |
- /usr/include/LDAPResult.h |
154 |
- /usr/include/LDAPSaslBindResult.h |
155 |
- /usr/include/LDAPSchema.h |
156 |
- /usr/include/LDAPSearchReference.h |
157 |
- /usr/include/LDAPSearchResult.h |
158 |
- /usr/include/LDAPSearchResults.h |
159 |
- /usr/include/LDAPUrl.h |
160 |
- /usr/include/LDAPUrlList.h |
161 |
- /usr/include/LdifReader.h |
162 |
- /usr/include/LdifWriter.h |
163 |
- /usr/include/SaslInteraction.h |
164 |
- /usr/include/SaslInteractionHandler.h |
165 |
- /usr/include/StringList.h |
166 |
- /usr/include/TlsOptions.h |
167 |
-) |
168 |
- |
169 |
-PATCHES=( |
170 |
- "${FILESDIR}"/${PN}-2.4.17-gcc44.patch |
171 |
- |
172 |
- "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch |
173 |
- "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch |
174 |
- |
175 |
- # bug #116045 - still present in 2.4.28 |
176 |
- "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch |
177 |
- # bug #408077 - samba4 |
178 |
- "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch |
179 |
- |
180 |
- # bug #189817 |
181 |
- "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch |
182 |
- |
183 |
- # bug #233633 |
184 |
- "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch |
185 |
- |
186 |
- # bug #281495 |
187 |
- "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch |
188 |
- |
189 |
- # bug #294350 |
190 |
- "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch |
191 |
- |
192 |
- # unbreak /bin/sh -> dash |
193 |
- "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch |
194 |
- |
195 |
- # bug #420959 |
196 |
- "${FILESDIR}"/${PN}-2.4.31-gcc47.patch |
197 |
- |
198 |
- # unbundle lmdb |
199 |
- "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch |
200 |
- |
201 |
- # bug #622464 |
202 |
- "${FILESDIR}"/${PN}-2.4.47-libressl.patch |
203 |
- |
204 |
- # fix some compiler warnings |
205 |
- "${FILESDIR}"/${PN}-2.4.47-warnings.patch |
206 |
-) |
207 |
- |
208 |
-openldap_filecount() { |
209 |
- local dir="$1" |
210 |
- find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l |
211 |
-} |
212 |
- |
213 |
-openldap_find_versiontags() { |
214 |
- # scan for all datadirs |
215 |
- local openldap_datadirs=() |
216 |
- if [[ -f "${EROOT}"/etc/openldap/slapd.conf ]]; then |
217 |
- openldap_datadirs=( $(awk '{if($1 == "directory") print $2 }' "${EROOT}"/etc/openldap/slapd.conf) ) |
218 |
- fi |
219 |
- openldap_datadirs+=( ${OPENLDAP_DEFAULTDIR_VERSIONTAG} ) |
220 |
- |
221 |
- einfo |
222 |
- einfo "Scanning datadir(s) from slapd.conf and" |
223 |
- einfo "the default installdir for Versiontags" |
224 |
- einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)" |
225 |
- einfo |
226 |
- |
227 |
- # scan datadirs if we have a version tag |
228 |
- openldap_found_tag=0 |
229 |
- have_files=0 |
230 |
- for each in ${openldap_datadirs[@]} ; do |
231 |
- CURRENT_TAGDIR="${ROOT}$(sed "s:\/::" <<< ${each})" |
232 |
- CURRENT_TAG="${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}" |
233 |
- if [[ -d "${CURRENT_TAGDIR}" ]] && [[ "${openldap_found_tag}" == 0 ]] ; then |
234 |
- einfo "- Checking ${each}..." |
235 |
- if [[ -r "${CURRENT_TAG}" ]] ; then |
236 |
- # yey, we have one :) |
237 |
- einfo " Found Versiontag in ${each}" |
238 |
- source "${CURRENT_TAG}" |
239 |
- if [[ "${OLDPF}" == "" ]] ; then |
240 |
- eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}" |
241 |
- eerror "Please delete it" |
242 |
- eerror |
243 |
- die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}" |
244 |
- fi |
245 |
- |
246 |
- OLD_MAJOR=$(ver_cut 2-3 ${OLDPF}) |
247 |
- |
248 |
- [[ "$(openldap_filecount ${CURRENT_TAGDIR})" -gt 0 ]] && have_files=1 |
249 |
- |
250 |
- # are we on the same branch? |
251 |
- if [[ "${OLD_MAJOR}" != "${PV:0:3}" ]] ; then |
252 |
- ewarn " Versiontag doesn't match current major release!" |
253 |
- if [[ "${have_files}" == "1" ]] ; then |
254 |
- eerror " Versiontag says other major and you (probably) have datafiles!" |
255 |
- echo |
256 |
- openldap_upgrade_howto |
257 |
- else |
258 |
- einfo " No real problem, seems there's no database." |
259 |
- fi |
260 |
- else |
261 |
- einfo " Versiontag is fine here :)" |
262 |
- fi |
263 |
- else |
264 |
- einfo " Non-tagged dir ${each}" |
265 |
- [[ "$(openldap_filecount ${each})" -gt 0 ]] && have_files=1 |
266 |
- if [[ "${have_files}" == "1" ]] ; then |
267 |
- einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files" |
268 |
- echo |
269 |
- |
270 |
- eerror |
271 |
- eerror "Your OpenLDAP Installation has a non tagged datadir that" |
272 |
- eerror "possibly contains a database at ${CURRENT_TAGDIR}" |
273 |
- eerror |
274 |
- eerror "Please export data if any entered and empty or remove" |
275 |
- eerror "the directory, installation has been stopped so you" |
276 |
- eerror "can take required action" |
277 |
- eerror |
278 |
- eerror "For a HOWTO on exporting the data, see instructions in the ebuild" |
279 |
- eerror |
280 |
- openldap_upgrade_howto |
281 |
- die "Please move the datadir ${CURRENT_TAGDIR} away" |
282 |
- fi |
283 |
- fi |
284 |
- einfo |
285 |
- fi |
286 |
- done |
287 |
- [[ "${have_files}" == "1" ]] && einfo "DB files present" || einfo "No DB files present" |
288 |
- |
289 |
- # Now we must check for the major version of sys-libs/db linked against. |
290 |
- SLAPD_PATH="${EROOT}/usr/$(get_libdir)/openldap/slapd" |
291 |
- if [[ "${have_files}" == "1" ]] && [[ -f "${SLAPD_PATH}" ]]; then |
292 |
- OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \ |
293 |
- | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')" |
294 |
- if use berkdb; then |
295 |
- # find which one would be used |
296 |
- for bdb_slot in ${BDB_SLOTS} ; do |
297 |
- NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")" |
298 |
- [[ -n "${NEWVER}" ]] && break |
299 |
- done |
300 |
- fi |
301 |
- local fail=0 |
302 |
- if [[ -z "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then |
303 |
- : |
304 |
- # Nothing wrong here. |
305 |
- elif [[ -z "${OLDVER}" ]] && [[ -n "${NEWVER}" ]]; then |
306 |
- eerror " Your existing version of OpenLDAP was not built against" |
307 |
- eerror " any version of sys-libs/db, but the new one will build" |
308 |
- eerror " against ${NEWVER} and your database may be inaccessible." |
309 |
- echo |
310 |
- fail=1 |
311 |
- elif [[ -n "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then |
312 |
- eerror " Your existing version of OpenLDAP was built against" |
313 |
- eerror " sys-libs/db:${OLDVER}, but the new one will not be" |
314 |
- eerror " built against any version and your database may be" |
315 |
- eerror " inaccessible." |
316 |
- echo |
317 |
- fail=1 |
318 |
- elif [[ "${OLDVER}" != "${NEWVER}" ]]; then |
319 |
- eerror " Your existing version of OpenLDAP was built against" |
320 |
- eerror " sys-libs/db:${OLDVER}, but the new one will build against" |
321 |
- eerror " ${NEWVER} and your database would be inaccessible." |
322 |
- echo |
323 |
- fail=1 |
324 |
- fi |
325 |
- [[ "${fail}" == "1" ]] && openldap_upgrade_howto |
326 |
- fi |
327 |
- |
328 |
- echo |
329 |
- einfo |
330 |
- einfo "All datadirs are fine, proceeding with merge now..." |
331 |
- einfo |
332 |
-} |
333 |
- |
334 |
-openldap_upgrade_howto() { |
335 |
- local d l i |
336 |
- eerror |
337 |
- eerror "A (possible old) installation of OpenLDAP was detected," |
338 |
- eerror "installation will not proceed for now." |
339 |
- eerror |
340 |
- eerror "As major version upgrades can corrupt your database," |
341 |
- eerror "you need to dump your database and re-create it afterwards." |
342 |
- eerror |
343 |
- eerror "Additionally, rebuilding against different major versions of the" |
344 |
- eerror "sys-libs/db libraries will cause your database to be inaccessible." |
345 |
- eerror "" |
346 |
- d="$(date -u +%s)" |
347 |
- l="/root/ldapdump.${d}" |
348 |
- i="${l}.raw" |
349 |
- eerror " 1. /etc/init.d/slapd stop" |
350 |
- eerror " 2. slapcat -l ${i}" |
351 |
- eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}" |
352 |
- eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/" |
353 |
- eerror " 5. emerge --update \=net-nds/${PF}" |
354 |
- eerror " 6. etc-update, and ensure that you apply the changes" |
355 |
- eerror " 7. slapadd -l ${l}" |
356 |
- eerror " 8. chown ldap:ldap /var/lib/openldap-data/*" |
357 |
- eerror " 9. /etc/init.d/slapd start" |
358 |
- eerror "10. check that your data is intact." |
359 |
- eerror "11. set up the new replication system." |
360 |
- eerror |
361 |
- if [[ "${FORCE_UPGRADE}" != "1" ]]; then |
362 |
- die "You need to upgrade your database first" |
363 |
- else |
364 |
- eerror "You have the magical FORCE_UPGRADE=1 in place." |
365 |
- eerror "Don't say you weren't warned about data loss." |
366 |
- fi |
367 |
-} |
368 |
- |
369 |
-pkg_setup() { |
370 |
- if ! use sasl && use cxx ; then |
371 |
- die "To build the ldapc++ library you must emerge openldap with sasl support" |
372 |
- fi |
373 |
- # Bug #322787 |
374 |
- if use minimal && ! has_version "net-nds/openldap" ; then |
375 |
- einfo "No datadir scan needed, openldap not installed" |
376 |
- elif use minimal && has_version 'net-nds/openldap[minimal]' ; then |
377 |
- einfo "Skipping scan for previous datadirs as requested by minimal useflag" |
378 |
- else |
379 |
- openldap_find_versiontags |
380 |
- fi |
381 |
- |
382 |
- # The user/group are only used for running daemons which are |
383 |
- # disabled in minimal builds, so elide the accounts too. |
384 |
- if ! use minimal ; then |
385 |
- enewgroup ldap 439 |
386 |
- enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap |
387 |
- fi |
388 |
-} |
389 |
- |
390 |
-src_prepare() { |
391 |
- # ensure correct SLAPI path by default |
392 |
- sed -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \ |
393 |
- -i include/ldap_defaults.h || die |
394 |
- |
395 |
- default |
396 |
- rm -r libraries/liblmdb || die |
397 |
- |
398 |
- pushd build &>/dev/null || die "pushd build" |
399 |
- einfo "Making sure upstream build strip does not do stripping too early" |
400 |
- sed -i.orig \ |
401 |
- -e '/^STRIP/s,-s,,g' \ |
402 |
- top.mk || die "Failed to block stripping" |
403 |
- popd &>/dev/null || die |
404 |
- |
405 |
- # wrong assumption that /bin/sh is /bin/bash |
406 |
- sed \ |
407 |
- -e 's|/bin/sh|/bin/bash|g' \ |
408 |
- -i tests/scripts/* || die "sed failed" |
409 |
- |
410 |
- AT_NOEAUTOMAKE=yes eautoreconf |
411 |
-} |
412 |
- |
413 |
-build_contrib_module() { |
414 |
- # <dir> <sources> <outputname> |
415 |
- pushd "${S}/contrib/slapd-modules/$1" &>/dev/null || die "pushd contrib/slapd-modules/$1" |
416 |
- einfo "Compiling contrib-module: $3" |
417 |
- # Make sure it's uppercase |
418 |
- local define_name="$(LC_ALL=C tr '[:lower:]' '[:upper:]' <<< "SLAPD_OVER_${1}")" |
419 |
- "${lt}" --mode=compile --tag=CC \ |
420 |
- "${CC}" \ |
421 |
- -D${define_name}=SLAPD_MOD_DYNAMIC \ |
422 |
- -I"${BUILD_DIR}"/include \ |
423 |
- -I../../../include -I../../../servers/slapd ${CFLAGS} \ |
424 |
- -o ${2%.c}.lo -c $2 || die "compiling $3 failed" |
425 |
- einfo "Linking contrib-module: $3" |
426 |
- "${lt}" --mode=link --tag=CC \ |
427 |
- "${CC}" -module \ |
428 |
- ${CFLAGS} \ |
429 |
- ${LDFLAGS} \ |
430 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
431 |
- -o $3.la ${2%.c}.lo || die "linking $3 failed" |
432 |
- popd &>/dev/null || die |
433 |
-} |
434 |
- |
435 |
-src_configure() { |
436 |
- # Bug 408001 |
437 |
- use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync |
438 |
- |
439 |
- # connectionless ldap per bug #342439 |
440 |
- append-cppflags -DLDAP_CONNECTIONLESS |
441 |
- |
442 |
- multilib-minimal_src_configure |
443 |
-} |
444 |
- |
445 |
-multilib_src_configure() { |
446 |
- local myconf=() |
447 |
- |
448 |
- use debug && myconf+=( $(use_enable debug) ) |
449 |
- |
450 |
- # ICU exists only in the configure, nowhere in the codebase, bug #510858 |
451 |
- export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no |
452 |
- |
453 |
- if ! use minimal && multilib_is_native_abi; then |
454 |
- local CPPFLAGS=${CPPFLAGS} |
455 |
- |
456 |
- # re-enable serverside overlay chains per bug #296567 |
457 |
- # see ldap docs chaper 12.3.1 for details |
458 |
- myconf+=( --enable-ldap ) |
459 |
- |
460 |
- # backends |
461 |
- myconf+=( --enable-slapd ) |
462 |
- if use berkdb ; then |
463 |
- einfo "Using Berkeley DB for local backend" |
464 |
- myconf+=( --enable-bdb --enable-hdb ) |
465 |
- DBINCLUDE=$(db_includedir ${BDB_SLOTS}) |
466 |
- einfo "Using ${DBINCLUDE} for sys-libs/db version" |
467 |
- # We need to include the slotted db.h dir for FreeBSD |
468 |
- append-cppflags -I${DBINCLUDE} |
469 |
- else |
470 |
- myconf+=( --disable-bdb --disable-hdb ) |
471 |
- fi |
472 |
- for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do |
473 |
- myconf+=( --enable-${backend}=mod ) |
474 |
- done |
475 |
- |
476 |
- myconf+=( $(use_enable perl perl mod) ) |
477 |
- |
478 |
- myconf+=( $(use_enable odbc sql mod) ) |
479 |
- if use odbc ; then |
480 |
- local odbc_lib="unixodbc" |
481 |
- if use iodbc ; then |
482 |
- odbc_lib="iodbc" |
483 |
- append-cppflags -I"${EPREFIX}"/usr/include/iodbc |
484 |
- fi |
485 |
- myconf+=( --with-odbc=${odbc_lib} ) |
486 |
- fi |
487 |
- |
488 |
- # slapd options |
489 |
- myconf+=( |
490 |
- $(use_enable crypt) |
491 |
- $(use_enable slp) |
492 |
- $(use_enable samba lmpasswd) |
493 |
- $(use_enable syslog) |
494 |
- ) |
495 |
- if use experimental ; then |
496 |
- myconf+=( |
497 |
- --enable-dynacl |
498 |
- --enable-aci=mod |
499 |
- ) |
500 |
- fi |
501 |
- for option in aci cleartext modules rewrite rlookups slapi; do |
502 |
- myconf+=( --enable-${option} ) |
503 |
- done |
504 |
- |
505 |
- # slapd overlay options |
506 |
- # Compile-in the syncprov, the others as module |
507 |
- myconf+=( --enable-syncprov=yes ) |
508 |
- use overlays && myconf+=( --enable-overlays=mod ) |
509 |
- |
510 |
- else |
511 |
- myconf+=( |
512 |
- --disable-backends |
513 |
- --disable-slapd |
514 |
- --disable-bdb |
515 |
- --disable-hdb |
516 |
- --disable-mdb |
517 |
- --disable-overlays |
518 |
- --disable-syslog |
519 |
- ) |
520 |
- fi |
521 |
- |
522 |
- # basic functionality stuff |
523 |
- myconf+=( |
524 |
- $(use_enable ipv6) |
525 |
- $(multilib_native_use_with sasl cyrus-sasl) |
526 |
- $(multilib_native_use_enable sasl spasswd) |
527 |
- $(use_enable tcpd wrappers) |
528 |
- ) |
529 |
- |
530 |
- # Some cross-compiling tests don't pan out well. |
531 |
- tc-is-cross-compiler && myconf+=( |
532 |
- --with-yielding-select=yes |
533 |
- ) |
534 |
- |
535 |
- local ssl_lib="no" |
536 |
- if use ssl || ( ! use minimal && use samba ) ; then |
537 |
- ssl_lib="openssl" |
538 |
- use gnutls && ssl_lib="gnutls" |
539 |
- fi |
540 |
- |
541 |
- myconf+=( --with-tls=${ssl_lib} ) |
542 |
- |
543 |
- for basicflag in dynamic local proctitle shared; do |
544 |
- myconf+=( --enable-${basicflag} ) |
545 |
- done |
546 |
- |
547 |
- tc-export AR CC CXX |
548 |
- CONFIG_SHELL="/bin/bash" \ |
549 |
- ECONF_SOURCE="${S}" \ |
550 |
- STRIP=/bin/true \ |
551 |
- econf \ |
552 |
- --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \ |
553 |
- $(use_enable static-libs static) \ |
554 |
- "${myconf[@]}" |
555 |
- emake depend |
556 |
-} |
557 |
- |
558 |
-src_configure_cxx() { |
559 |
- # This needs the libraries built by the first build run. |
560 |
- # So we have to run it AFTER the main build, not just after the main |
561 |
- # configure. |
562 |
- local myconf_ldapcpp=( |
563 |
- --with-ldap-includes="${S}"/include |
564 |
- ) |
565 |
- |
566 |
- mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die |
567 |
- pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++" |
568 |
- |
569 |
- local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS} |
570 |
- append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \ |
571 |
- -L"${BUILD_DIR}"/libraries/libldap/.libs |
572 |
- append-cppflags -I"${BUILD_DIR}"/include |
573 |
- ECONF_SOURCE=${S}/contrib/ldapc++ \ |
574 |
- econf "${myconf_ldapcpp[@]}" \ |
575 |
- CC="${CC}" \ |
576 |
- CXX="${CXX}" |
577 |
- popd &>/dev/null || die |
578 |
-} |
579 |
- |
580 |
-multilib_src_compile() { |
581 |
- tc-export AR CC CXX |
582 |
- emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash |
583 |
- local lt="${BUILD_DIR}/libtool" |
584 |
- export echo="echo" |
585 |
- |
586 |
- if ! use minimal && multilib_is_native_abi ; then |
587 |
- if use cxx ; then |
588 |
- einfo "Building contrib library: ldapc++" |
589 |
- src_configure_cxx |
590 |
- pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++" |
591 |
- emake CC="${CC}" CXX="${CXX}" |
592 |
- popd &>/dev/null || die |
593 |
- fi |
594 |
- |
595 |
- if use smbkrb5passwd ; then |
596 |
- einfo "Building contrib-module: smbk5pwd" |
597 |
- pushd "${S}/contrib/slapd-modules/smbk5pwd" &>/dev/null || die "pushd contrib/slapd-modules/smbk5pwd" |
598 |
- |
599 |
- MY_DEFS="-DDO_SHADOW" |
600 |
- if use samba ; then |
601 |
- MY_DEFS="${MY_DEFS} -DDO_SAMBA" |
602 |
- MY_KRB5_INC="" |
603 |
- fi |
604 |
- if use kerberos ; then |
605 |
- MY_DEFS="${MY_DEFS} -DDO_KRB5" |
606 |
- MY_KRB5_INC="$(krb5-config --cflags)" |
607 |
- fi |
608 |
- |
609 |
- emake \ |
610 |
- DEFS="${MY_DEFS}" \ |
611 |
- KRB5_INC="${MY_KRB5_INC}" \ |
612 |
- LDAP_BUILD="${BUILD_DIR}" \ |
613 |
- CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" |
614 |
- popd &>/dev/null || die |
615 |
- fi |
616 |
- |
617 |
- if use overlays ; then |
618 |
- einfo "Building contrib-module: samba4" |
619 |
- pushd "${S}/contrib/slapd-modules/samba4" &>/dev/null || die "pushd contrib/slapd-modules/samba4" |
620 |
- |
621 |
- emake \ |
622 |
- LDAP_BUILD="${BUILD_DIR}" \ |
623 |
- CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap" |
624 |
- popd &>/dev/null || die |
625 |
- fi |
626 |
- |
627 |
- if use kerberos ; then |
628 |
- if use kinit ; then |
629 |
- build_contrib_module "kinit" "kinit.c" "kinit" |
630 |
- fi |
631 |
- pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd" |
632 |
- einfo "Compiling contrib-module: pw-kerberos" |
633 |
- "${lt}" --mode=compile --tag=CC \ |
634 |
- "${CC}" \ |
635 |
- -I"${BUILD_DIR}"/include \ |
636 |
- -I../../../include \ |
637 |
- ${CFLAGS} \ |
638 |
- $(krb5-config --cflags) \ |
639 |
- -DHAVE_KRB5 \ |
640 |
- -o kerberos.lo \ |
641 |
- -c kerberos.c || die "compiling pw-kerberos failed" |
642 |
- einfo "Linking contrib-module: pw-kerberos" |
643 |
- "${lt}" --mode=link --tag=CC \ |
644 |
- "${CC}" -module \ |
645 |
- ${CFLAGS} \ |
646 |
- ${LDFLAGS} \ |
647 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
648 |
- -o pw-kerberos.la \ |
649 |
- kerberos.lo || die "linking pw-kerberos failed" |
650 |
- popd &>/dev/null || die |
651 |
- fi |
652 |
- |
653 |
- if use pbkdf2; then |
654 |
- pushd "${S}/contrib/slapd-modules/passwd/pbkdf2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/pbkdf2" |
655 |
- einfo "Compiling contrib-module: pw-pbkdf2" |
656 |
- "${lt}" --mode=compile --tag=CC \ |
657 |
- "${CC}" \ |
658 |
- -I"${BUILD_DIR}"/include \ |
659 |
- -I../../../../include \ |
660 |
- ${CFLAGS} \ |
661 |
- -o pbkdf2.lo \ |
662 |
- -c pw-pbkdf2.c || die "compiling pw-pbkdf2 failed" |
663 |
- einfo "Linking contrib-module: pw-pbkdf2" |
664 |
- "${lt}" --mode=link --tag=CC \ |
665 |
- "${CC}" -module \ |
666 |
- ${CFLAGS} \ |
667 |
- ${LDFLAGS} \ |
668 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
669 |
- -o pw-pbkdf2.la \ |
670 |
- pbkdf2.lo || die "linking pw-pbkdf2 failed" |
671 |
- popd &>/dev/null || die |
672 |
- fi |
673 |
- |
674 |
- if use sha2 ; then |
675 |
- pushd "${S}/contrib/slapd-modules/passwd/sha2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/sha2" |
676 |
- einfo "Compiling contrib-module: pw-sha2" |
677 |
- "${lt}" --mode=compile --tag=CC \ |
678 |
- "${CC}" \ |
679 |
- -I"${BUILD_DIR}"/include \ |
680 |
- -I../../../../include \ |
681 |
- ${CFLAGS} \ |
682 |
- -o sha2.lo \ |
683 |
- -c sha2.c || die "compiling pw-sha2 failed" |
684 |
- "${lt}" --mode=compile --tag=CC \ |
685 |
- "${CC}" \ |
686 |
- -I"${BUILD_DIR}"/include \ |
687 |
- -I../../../../include \ |
688 |
- ${CFLAGS} \ |
689 |
- -o slapd-sha2.lo \ |
690 |
- -c slapd-sha2.c || die "compiling pw-sha2 failed" |
691 |
- einfo "Linking contrib-module: pw-sha2" |
692 |
- "${lt}" --mode=link --tag=CC \ |
693 |
- "${CC}" -module \ |
694 |
- ${CFLAGS} \ |
695 |
- ${LDFLAGS} \ |
696 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
697 |
- -o pw-sha2.la \ |
698 |
- sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed" |
699 |
- popd &>/dev/null || die |
700 |
- fi |
701 |
- |
702 |
- # We could build pw-radius if GNURadius would install radlib.h |
703 |
- pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd" |
704 |
- einfo "Compiling contrib-module: pw-netscape" |
705 |
- "${lt}" --mode=compile --tag=CC \ |
706 |
- "${CC}" \ |
707 |
- -I"${BUILD_DIR}"/include \ |
708 |
- -I../../../include \ |
709 |
- ${CFLAGS} \ |
710 |
- -o netscape.lo \ |
711 |
- -c netscape.c || die "compiling pw-netscape failed" |
712 |
- einfo "Linking contrib-module: pw-netscape" |
713 |
- "${lt}" --mode=link --tag=CC \ |
714 |
- "${CC}" -module \ |
715 |
- ${CFLAGS} \ |
716 |
- ${LDFLAGS} \ |
717 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
718 |
- -o pw-netscape.la \ |
719 |
- netscape.lo || die "linking pw-netscape failed" |
720 |
- |
721 |
- #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only |
722 |
- #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos |
723 |
- build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay" |
724 |
- build_contrib_module "allop" "allop.c" "overlay-allop" |
725 |
- build_contrib_module "allowed" "allowed.c" "allowed" |
726 |
- build_contrib_module "autogroup" "autogroup.c" "autogroup" |
727 |
- build_contrib_module "cloak" "cloak.c" "cloak" |
728 |
- # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand |
729 |
- build_contrib_module "denyop" "denyop.c" "denyop-overlay" |
730 |
- build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin" |
731 |
- build_contrib_module "dupent" "dupent.c" "dupent" |
732 |
- build_contrib_module "lastbind" "lastbind.c" "lastbind" |
733 |
- # lastmod may not play well with other overlays |
734 |
- build_contrib_module "lastmod" "lastmod.c" "lastmod" |
735 |
- build_contrib_module "noopsrch" "noopsrch.c" "noopsrch" |
736 |
- build_contrib_module "nops" "nops.c" "nops-overlay" |
737 |
- #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER |
738 |
- build_contrib_module "trace" "trace.c" "trace" |
739 |
- popd &>/dev/null || die |
740 |
- # build slapi-plugins |
741 |
- pushd "${S}/contrib/slapi-plugins/addrdnvalues" &>/dev/null || die "pushd contrib/slapi-plugins/addrdnvalues" |
742 |
- einfo "Building contrib-module: addrdnvalues plugin" |
743 |
- "${CC}" -shared \ |
744 |
- -I"${BUILD_DIR}"/include \ |
745 |
- -I../../../include \ |
746 |
- ${CFLAGS} \ |
747 |
- -fPIC \ |
748 |
- ${LDFLAGS} \ |
749 |
- -o libaddrdnvalues-plugin.so \ |
750 |
- addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed" |
751 |
- popd &>/dev/null || die |
752 |
- fi |
753 |
-} |
754 |
- |
755 |
-multilib_src_test() { |
756 |
- if multilib_is_native_abi; then |
757 |
- cd tests || die |
758 |
- emake tests |
759 |
- fi |
760 |
-} |
761 |
- |
762 |
-multilib_src_install() { |
763 |
- local lt="${BUILD_DIR}/libtool" |
764 |
- emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install |
765 |
- |
766 |
- if ! use minimal && multilib_is_native_abi; then |
767 |
- # openldap modules go here |
768 |
- # TODO: write some code to populate slapd.conf with moduleload statements |
769 |
- keepdir /usr/$(get_libdir)/openldap/openldap/ |
770 |
- |
771 |
- # initial data storage dir |
772 |
- keepdir /var/lib/openldap-data |
773 |
- use prefix || fowners ldap:ldap /var/lib/openldap-data |
774 |
- fperms 0700 /var/lib/openldap-data |
775 |
- |
776 |
- echo "OLDPF='${PF}'" > "${ED%/}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" |
777 |
- echo "# do NOT delete this. it is used" >> "${ED%/}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" |
778 |
- echo "# to track versions for upgrading." >> "${ED%/}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" |
779 |
- |
780 |
- # use our config |
781 |
- rm "${ED%/}"/etc/openldap/slapd.conf |
782 |
- insinto /etc/openldap |
783 |
- newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf |
784 |
- configfile="${ED%/}"/etc/openldap/slapd.conf |
785 |
- |
786 |
- # populate with built backends |
787 |
- ebegin "populate config with built backends" |
788 |
- for x in "${ED%/}"/usr/$(get_libdir)/openldap/openldap/back_*.so; do |
789 |
- einfo "Adding $(basename ${x})" |
790 |
- sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" || die |
791 |
- done |
792 |
- sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}" |
793 |
- use prefix || fowners root:ldap /etc/openldap/slapd.conf |
794 |
- fperms 0640 /etc/openldap/slapd.conf |
795 |
- cp "${configfile}" "${configfile}".default || die |
796 |
- eend |
797 |
- |
798 |
- # install our own init scripts and systemd unit files |
799 |
- einfo "Install init scripts" |
800 |
- sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die |
801 |
- doinitd "${T}"/slapd |
802 |
- newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd |
803 |
- |
804 |
- einfo "Install systemd service" |
805 |
- sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd.service > "${T}"/slapd.service || die |
806 |
- systemd_dounit "${T}"/slapd.service |
807 |
- systemd_install_serviced "${FILESDIR}"/slapd.service.conf |
808 |
- systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf |
809 |
- |
810 |
- # If built without SLP, we don't need to be before avahi |
811 |
- if ! use slp ; then |
812 |
- sed -i \ |
813 |
- -e '/before/{s/avahi-daemon//g}' \ |
814 |
- "${ED%/}"/etc/init.d/slapd \ |
815 |
- || die |
816 |
- fi |
817 |
- |
818 |
- if use cxx ; then |
819 |
- einfo "Install the ldapc++ library" |
820 |
- cd "${BUILD_DIR}/contrib/ldapc++" || die |
821 |
- emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install |
822 |
- cd "${S}"/contrib/ldapc++ || die |
823 |
- newdoc README ldapc++-README |
824 |
- fi |
825 |
- |
826 |
- if use smbkrb5passwd ; then |
827 |
- einfo "Install the smbk5pwd module" |
828 |
- cd "${S}/contrib/slapd-modules/smbk5pwd" || die |
829 |
- emake DESTDIR="${D}" \ |
830 |
- LDAP_BUILD="${BUILD_DIR}" \ |
831 |
- libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install |
832 |
- newdoc README smbk5pwd-README |
833 |
- fi |
834 |
- |
835 |
- if use overlays ; then |
836 |
- einfo "Install the samba4 module" |
837 |
- cd "${S}/contrib/slapd-modules/samba4" || die |
838 |
- emake DESTDIR="${D}" \ |
839 |
- LDAP_BUILD="${BUILD_DIR}" \ |
840 |
- libexecdir="/usr/$(get_libdir)/openldap" install |
841 |
- newdoc README samba4-README |
842 |
- fi |
843 |
- |
844 |
- einfo "Installing contrib modules" |
845 |
- cd "${S}/contrib/slapd-modules" || die |
846 |
- for l in */*.la */*/*.la; do |
847 |
- [[ -e ${l} ]] || continue |
848 |
- "${lt}" --mode=install cp ${l} \ |
849 |
- "${ED%/}"/usr/$(get_libdir)/openldap/openldap || \ |
850 |
- die "installing ${l} failed" |
851 |
- done |
852 |
- |
853 |
- dodoc "${FILESDIR}"/DB_CONFIG.fast.example |
854 |
- docinto contrib |
855 |
- doman */*.5 |
856 |
- #newdoc acl/README* |
857 |
- newdoc addpartial/README addpartial-README |
858 |
- newdoc allop/README allop-README |
859 |
- newdoc allowed/README allowed-README |
860 |
- newdoc autogroup/README autogroup-README |
861 |
- newdoc dsaschema/README dsaschema-README |
862 |
- newdoc passwd/README passwd-README |
863 |
- cd "${S}/contrib/slapi-plugins" || die |
864 |
- insinto /usr/$(get_libdir)/openldap/openldap |
865 |
- doins */*.so |
866 |
- docinto contrib |
867 |
- newdoc addrdnvalues/README addrdnvalues-README |
868 |
- |
869 |
- insinto /etc/openldap/schema |
870 |
- newins "${DISTDIR}"/${BIS_P} ${BIS_PN} |
871 |
- |
872 |
- docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample* |
873 |
- docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample* |
874 |
- docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm |
875 |
- |
876 |
- dosbin "${S}"/contrib/slapd-tools/statslog |
877 |
- newdoc "${S}"/contrib/slapd-tools/README README.statslog |
878 |
- fi |
879 |
- |
880 |
- if ! use static-libs ; then |
881 |
- find "${ED}" \( -name '*.a' -o -name '*.la' \) -delete || die |
882 |
- fi |
883 |
-} |
884 |
- |
885 |
-multilib_src_install_all() { |
886 |
- dodoc ANNOUNCEMENT CHANGES COPYRIGHT README |
887 |
- docinto rfc ; dodoc doc/rfc/*.txt |
888 |
-} |
889 |
- |
890 |
-pkg_preinst() { |
891 |
- # keep old libs if any |
892 |
- preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0) |
893 |
- # bug 440470, only display the getting started help there was no openldap before, |
894 |
- # or we are going to a non-minimal build |
895 |
- ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]' |
896 |
- OPENLDAP_PRINT_MESSAGES=$((! $?)) |
897 |
-} |
898 |
- |
899 |
-pkg_postinst() { |
900 |
- if ! use minimal ; then |
901 |
- # You cannot build SSL certificates during src_install that will make |
902 |
- # binary packages containing your SSL key, which is both a security risk |
903 |
- # and a misconfiguration if multiple machines use the same key and cert. |
904 |
- if use ssl; then |
905 |
- install_cert /etc/openldap/ssl/ldap |
906 |
- use prefix || chown ldap:ldap "${EROOT}"etc/openldap/ssl/ldap.* |
907 |
- ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" |
908 |
- ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" |
909 |
- ewarn "add 'TLS_REQCERT allow' if you want to use them." |
910 |
- fi |
911 |
- |
912 |
- if use prefix; then |
913 |
- # Warn about prefix issues with slapd |
914 |
- eerror "slapd might NOT be usable on Prefix systems as it requires root privileges" |
915 |
- eerror "to start up, and requires that certain files directories be owned by" |
916 |
- eerror "ldap:ldap. As Prefix does not support changing ownership of files and" |
917 |
- eerror "directories, you will have to manually fix this yourself." |
918 |
- fi |
919 |
- |
920 |
- # These lines force the permissions of various content to be correct |
921 |
- use prefix || chown ldap:ldap "${EROOT}"var/run/openldap |
922 |
- chmod 0755 "${EROOT}"var/run/openldap |
923 |
- use prefix || chown root:ldap "${EROOT}"etc/openldap/slapd.conf{,.default} |
924 |
- chmod 0640 "${EROOT}"etc/openldap/slapd.conf{,.default} |
925 |
- use prefix || chown ldap:ldap "${EROOT}"var/lib/openldap-data |
926 |
- fi |
927 |
- |
928 |
- if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then |
929 |
- elog "Getting started using OpenLDAP? There is some documentation available:" |
930 |
- elog "Gentoo Guide to OpenLDAP Authentication" |
931 |
- elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)" |
932 |
- elog "---" |
933 |
- elog "An example file for tuning BDB backends with openldap is" |
934 |
- elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/" |
935 |
- fi |
936 |
- |
937 |
- preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0) |
938 |
-} |
939 |
|
940 |
diff --git a/net-nds/openldap/openldap-2.4.49-r1.ebuild b/net-nds/openldap/openldap-2.4.49-r1.ebuild |
941 |
deleted file mode 100644 |
942 |
index c82a49b7878..00000000000 |
943 |
--- a/net-nds/openldap/openldap-2.4.49-r1.ebuild |
944 |
+++ /dev/null |
945 |
@@ -1,901 +0,0 @@ |
946 |
-# Copyright 1999-2020 Gentoo Authors |
947 |
-# Distributed under the terms of the GNU General Public License v2 |
948 |
- |
949 |
-EAPI=7 |
950 |
- |
951 |
-inherit autotools db-use flag-o-matic multilib-minimal ssl-cert toolchain-funcs user systemd |
952 |
- |
953 |
-BIS_PN=rfc2307bis.schema |
954 |
-BIS_PV=20140524 |
955 |
-BIS_P="${BIS_PN}-${BIS_PV}" |
956 |
- |
957 |
-DESCRIPTION="LDAP suite of application and development tools" |
958 |
-HOMEPAGE="http://www.OpenLDAP.org/" |
959 |
- |
960 |
-# mirrors are mostly not working, using canonical URI |
961 |
-SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz |
962 |
- mirror://gentoo/${BIS_P}" |
963 |
- |
964 |
-LICENSE="OPENLDAP GPL-2" |
965 |
-SLOT="0" |
966 |
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~amd64-linux ~x86-linux ~x86-solaris" |
967 |
- |
968 |
-IUSE_DAEMON="crypt samba tcpd experimental minimal" |
969 |
-IUSE_BACKEND="+berkdb" |
970 |
-IUSE_OVERLAY="overlays perl" |
971 |
-IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs test" |
972 |
-IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2" |
973 |
-IUSE_CONTRIB="${IUSE_CONTRIB} -cxx" |
974 |
-IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}" |
975 |
- |
976 |
-RESTRICT="!test? ( test )" |
977 |
-REQUIRED_USE="cxx? ( sasl ) |
978 |
- pbkdf2? ( ssl ) |
979 |
- test? ( berkdb ) |
980 |
- ?? ( test minimal )" |
981 |
- |
982 |
-# always list newer first |
983 |
-# Do not add any AGPL-3 BDB here! |
984 |
-# See bug 525110, comment 15. |
985 |
-# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build. |
986 |
-BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}" |
987 |
-BDB_PKGS='' |
988 |
-for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done |
989 |
- |
990 |
-# openssl is needed to generate lanman-passwords required by samba |
991 |
-COMMON_DEPEND=" |
992 |
- ssl? ( |
993 |
- !gnutls? ( |
994 |
- !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] ) |
995 |
- libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] ) |
996 |
- ) |
997 |
- gnutls? ( |
998 |
- >=net-libs/gnutls-2.12.23-r6:=[${MULTILIB_USEDEP}] |
999 |
- >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}] |
1000 |
- ) |
1001 |
- ) |
1002 |
- sasl? ( dev-libs/cyrus-sasl:= ) |
1003 |
- !minimal? ( |
1004 |
- sys-devel/libtool |
1005 |
- sys-libs/e2fsprogs-libs |
1006 |
- >=dev-db/lmdb-0.9.18:= |
1007 |
- tcpd? ( sys-apps/tcp-wrappers ) |
1008 |
- odbc? ( !iodbc? ( dev-db/unixODBC ) |
1009 |
- iodbc? ( dev-db/libiodbc ) ) |
1010 |
- perl? ( dev-lang/perl:=[-build(-)] ) |
1011 |
- samba? ( |
1012 |
- !libressl? ( dev-libs/openssl:0= ) |
1013 |
- libressl? ( dev-libs/libressl:0= ) |
1014 |
- ) |
1015 |
- berkdb? ( |
1016 |
- <sys-libs/db-6.0:= |
1017 |
- || ( ${BDB_PKGS} ) |
1018 |
- ) |
1019 |
- smbkrb5passwd? ( |
1020 |
- !libressl? ( dev-libs/openssl:0= ) |
1021 |
- libressl? ( dev-libs/libressl:0= ) |
1022 |
- kerberos? ( app-crypt/heimdal ) |
1023 |
- ) |
1024 |
- kerberos? ( |
1025 |
- virtual/krb5 |
1026 |
- kinit? ( !app-crypt/heimdal ) |
1027 |
- ) |
1028 |
- cxx? ( dev-libs/cyrus-sasl:= ) |
1029 |
- ) |
1030 |
-" |
1031 |
-DEPEND="${COMMON_DEPEND} |
1032 |
- sys-apps/groff |
1033 |
-" |
1034 |
-RDEPEND="${COMMON_DEPEND} |
1035 |
- selinux? ( sec-policy/selinux-ldap ) |
1036 |
-" |
1037 |
-# for tracking versions |
1038 |
-OPENLDAP_VERSIONTAG=".version-tag" |
1039 |
-OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data" |
1040 |
- |
1041 |
-MULTILIB_WRAPPED_HEADERS=( |
1042 |
- # USE=cxx |
1043 |
- /usr/include/LDAPAsynConnection.h |
1044 |
- /usr/include/LDAPAttrType.h |
1045 |
- /usr/include/LDAPAttribute.h |
1046 |
- /usr/include/LDAPAttributeList.h |
1047 |
- /usr/include/LDAPConnection.h |
1048 |
- /usr/include/LDAPConstraints.h |
1049 |
- /usr/include/LDAPControl.h |
1050 |
- /usr/include/LDAPControlSet.h |
1051 |
- /usr/include/LDAPEntry.h |
1052 |
- /usr/include/LDAPEntryList.h |
1053 |
- /usr/include/LDAPException.h |
1054 |
- /usr/include/LDAPExtResult.h |
1055 |
- /usr/include/LDAPMessage.h |
1056 |
- /usr/include/LDAPMessageQueue.h |
1057 |
- /usr/include/LDAPModList.h |
1058 |
- /usr/include/LDAPModification.h |
1059 |
- /usr/include/LDAPObjClass.h |
1060 |
- /usr/include/LDAPRebind.h |
1061 |
- /usr/include/LDAPRebindAuth.h |
1062 |
- /usr/include/LDAPReferenceList.h |
1063 |
- /usr/include/LDAPResult.h |
1064 |
- /usr/include/LDAPSaslBindResult.h |
1065 |
- /usr/include/LDAPSchema.h |
1066 |
- /usr/include/LDAPSearchReference.h |
1067 |
- /usr/include/LDAPSearchResult.h |
1068 |
- /usr/include/LDAPSearchResults.h |
1069 |
- /usr/include/LDAPUrl.h |
1070 |
- /usr/include/LDAPUrlList.h |
1071 |
- /usr/include/LdifReader.h |
1072 |
- /usr/include/LdifWriter.h |
1073 |
- /usr/include/SaslInteraction.h |
1074 |
- /usr/include/SaslInteractionHandler.h |
1075 |
- /usr/include/StringList.h |
1076 |
- /usr/include/TlsOptions.h |
1077 |
-) |
1078 |
- |
1079 |
-PATCHES=( |
1080 |
- "${FILESDIR}"/${PN}-2.4.17-gcc44.patch |
1081 |
- |
1082 |
- "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch |
1083 |
- "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch |
1084 |
- |
1085 |
- # bug #116045 - still present in 2.4.28 |
1086 |
- "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch |
1087 |
- # bug #408077 - samba4 |
1088 |
- "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch |
1089 |
- |
1090 |
- # bug #189817 |
1091 |
- "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch |
1092 |
- |
1093 |
- # bug #233633 |
1094 |
- "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch |
1095 |
- |
1096 |
- # bug #281495 |
1097 |
- "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch |
1098 |
- |
1099 |
- # bug #294350 |
1100 |
- "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch |
1101 |
- |
1102 |
- # unbreak /bin/sh -> dash |
1103 |
- "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch |
1104 |
- |
1105 |
- # bug #420959 |
1106 |
- "${FILESDIR}"/${PN}-2.4.31-gcc47.patch |
1107 |
- |
1108 |
- # unbundle lmdb |
1109 |
- "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch |
1110 |
- |
1111 |
- # bug #622464 |
1112 |
- "${FILESDIR}"/${PN}-2.4.47-libressl.patch |
1113 |
- |
1114 |
- # fix some compiler warnings |
1115 |
- "${FILESDIR}"/${PN}-2.4.47-warnings.patch |
1116 |
-) |
1117 |
- |
1118 |
-openldap_filecount() { |
1119 |
- local dir="$1" |
1120 |
- find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l |
1121 |
-} |
1122 |
- |
1123 |
-openldap_find_versiontags() { |
1124 |
- # scan for all datadirs |
1125 |
- local openldap_datadirs=() |
1126 |
- if [[ -f "${EROOT}"/etc/openldap/slapd.conf ]]; then |
1127 |
- openldap_datadirs=( $(awk '{if($1 == "directory") print $2 }' "${EROOT}"/etc/openldap/slapd.conf) ) |
1128 |
- fi |
1129 |
- openldap_datadirs+=( ${OPENLDAP_DEFAULTDIR_VERSIONTAG} ) |
1130 |
- |
1131 |
- einfo |
1132 |
- einfo "Scanning datadir(s) from slapd.conf and" |
1133 |
- einfo "the default installdir for Versiontags" |
1134 |
- einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)" |
1135 |
- einfo |
1136 |
- |
1137 |
- # scan datadirs if we have a version tag |
1138 |
- openldap_found_tag=0 |
1139 |
- have_files=0 |
1140 |
- for each in ${openldap_datadirs[@]} ; do |
1141 |
- CURRENT_TAGDIR="${ROOT}$(sed "s:\/::" <<< ${each})" |
1142 |
- CURRENT_TAG="${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}" |
1143 |
- if [[ -d "${CURRENT_TAGDIR}" ]] && [[ "${openldap_found_tag}" == 0 ]] ; then |
1144 |
- einfo "- Checking ${each}..." |
1145 |
- if [[ -r "${CURRENT_TAG}" ]] ; then |
1146 |
- # yey, we have one :) |
1147 |
- einfo " Found Versiontag in ${each}" |
1148 |
- source "${CURRENT_TAG}" |
1149 |
- if [[ "${OLDPF}" == "" ]] ; then |
1150 |
- eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}" |
1151 |
- eerror "Please delete it" |
1152 |
- eerror |
1153 |
- die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}" |
1154 |
- fi |
1155 |
- |
1156 |
- OLD_MAJOR=$(ver_cut 2-3 ${OLDPF}) |
1157 |
- |
1158 |
- [[ "$(openldap_filecount ${CURRENT_TAGDIR})" -gt 0 ]] && have_files=1 |
1159 |
- |
1160 |
- # are we on the same branch? |
1161 |
- if [[ "${OLD_MAJOR}" != "${PV:0:3}" ]] ; then |
1162 |
- ewarn " Versiontag doesn't match current major release!" |
1163 |
- if [[ "${have_files}" == "1" ]] ; then |
1164 |
- eerror " Versiontag says other major and you (probably) have datafiles!" |
1165 |
- echo |
1166 |
- openldap_upgrade_howto |
1167 |
- else |
1168 |
- einfo " No real problem, seems there's no database." |
1169 |
- fi |
1170 |
- else |
1171 |
- einfo " Versiontag is fine here :)" |
1172 |
- fi |
1173 |
- else |
1174 |
- einfo " Non-tagged dir ${each}" |
1175 |
- [[ "$(openldap_filecount ${each})" -gt 0 ]] && have_files=1 |
1176 |
- if [[ "${have_files}" == "1" ]] ; then |
1177 |
- einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files" |
1178 |
- echo |
1179 |
- |
1180 |
- eerror |
1181 |
- eerror "Your OpenLDAP Installation has a non tagged datadir that" |
1182 |
- eerror "possibly contains a database at ${CURRENT_TAGDIR}" |
1183 |
- eerror |
1184 |
- eerror "Please export data if any entered and empty or remove" |
1185 |
- eerror "the directory, installation has been stopped so you" |
1186 |
- eerror "can take required action" |
1187 |
- eerror |
1188 |
- eerror "For a HOWTO on exporting the data, see instructions in the ebuild" |
1189 |
- eerror |
1190 |
- openldap_upgrade_howto |
1191 |
- die "Please move the datadir ${CURRENT_TAGDIR} away" |
1192 |
- fi |
1193 |
- fi |
1194 |
- einfo |
1195 |
- fi |
1196 |
- done |
1197 |
- [[ "${have_files}" == "1" ]] && einfo "DB files present" || einfo "No DB files present" |
1198 |
- |
1199 |
- # Now we must check for the major version of sys-libs/db linked against. |
1200 |
- SLAPD_PATH="${EROOT}/usr/$(get_libdir)/openldap/slapd" |
1201 |
- if [[ "${have_files}" == "1" ]] && [[ -f "${SLAPD_PATH}" ]]; then |
1202 |
- OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \ |
1203 |
- | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')" |
1204 |
- if use berkdb; then |
1205 |
- # find which one would be used |
1206 |
- for bdb_slot in ${BDB_SLOTS} ; do |
1207 |
- NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")" |
1208 |
- [[ -n "${NEWVER}" ]] && break |
1209 |
- done |
1210 |
- fi |
1211 |
- local fail=0 |
1212 |
- if [[ -z "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then |
1213 |
- : |
1214 |
- # Nothing wrong here. |
1215 |
- elif [[ -z "${OLDVER}" ]] && [[ -n "${NEWVER}" ]]; then |
1216 |
- eerror " Your existing version of OpenLDAP was not built against" |
1217 |
- eerror " any version of sys-libs/db, but the new one will build" |
1218 |
- eerror " against ${NEWVER} and your database may be inaccessible." |
1219 |
- echo |
1220 |
- fail=1 |
1221 |
- elif [[ -n "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then |
1222 |
- eerror " Your existing version of OpenLDAP was built against" |
1223 |
- eerror " sys-libs/db:${OLDVER}, but the new one will not be" |
1224 |
- eerror " built against any version and your database may be" |
1225 |
- eerror " inaccessible." |
1226 |
- echo |
1227 |
- fail=1 |
1228 |
- elif [[ "${OLDVER}" != "${NEWVER}" ]]; then |
1229 |
- eerror " Your existing version of OpenLDAP was built against" |
1230 |
- eerror " sys-libs/db:${OLDVER}, but the new one will build against" |
1231 |
- eerror " ${NEWVER} and your database would be inaccessible." |
1232 |
- echo |
1233 |
- fail=1 |
1234 |
- fi |
1235 |
- [[ "${fail}" == "1" ]] && openldap_upgrade_howto |
1236 |
- fi |
1237 |
- |
1238 |
- echo |
1239 |
- einfo |
1240 |
- einfo "All datadirs are fine, proceeding with merge now..." |
1241 |
- einfo |
1242 |
-} |
1243 |
- |
1244 |
-openldap_upgrade_howto() { |
1245 |
- local d l i |
1246 |
- eerror |
1247 |
- eerror "A (possible old) installation of OpenLDAP was detected," |
1248 |
- eerror "installation will not proceed for now." |
1249 |
- eerror |
1250 |
- eerror "As major version upgrades can corrupt your database," |
1251 |
- eerror "you need to dump your database and re-create it afterwards." |
1252 |
- eerror |
1253 |
- eerror "Additionally, rebuilding against different major versions of the" |
1254 |
- eerror "sys-libs/db libraries will cause your database to be inaccessible." |
1255 |
- eerror "" |
1256 |
- d="$(date -u +%s)" |
1257 |
- l="/root/ldapdump.${d}" |
1258 |
- i="${l}.raw" |
1259 |
- eerror " 1. /etc/init.d/slapd stop" |
1260 |
- eerror " 2. slapcat -l ${i}" |
1261 |
- eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}" |
1262 |
- eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/" |
1263 |
- eerror " 5. emerge --update \=net-nds/${PF}" |
1264 |
- eerror " 6. etc-update, and ensure that you apply the changes" |
1265 |
- eerror " 7. slapadd -l ${l}" |
1266 |
- eerror " 8. chown ldap:ldap /var/lib/openldap-data/*" |
1267 |
- eerror " 9. /etc/init.d/slapd start" |
1268 |
- eerror "10. check that your data is intact." |
1269 |
- eerror "11. set up the new replication system." |
1270 |
- eerror |
1271 |
- if [[ "${FORCE_UPGRADE}" != "1" ]]; then |
1272 |
- die "You need to upgrade your database first" |
1273 |
- else |
1274 |
- eerror "You have the magical FORCE_UPGRADE=1 in place." |
1275 |
- eerror "Don't say you weren't warned about data loss." |
1276 |
- fi |
1277 |
-} |
1278 |
- |
1279 |
-pkg_setup() { |
1280 |
- if ! use sasl && use cxx ; then |
1281 |
- die "To build the ldapc++ library you must emerge openldap with sasl support" |
1282 |
- fi |
1283 |
- # Bug #322787 |
1284 |
- if use minimal && ! has_version "net-nds/openldap" ; then |
1285 |
- einfo "No datadir scan needed, openldap not installed" |
1286 |
- elif use minimal && has_version 'net-nds/openldap[minimal]' ; then |
1287 |
- einfo "Skipping scan for previous datadirs as requested by minimal useflag" |
1288 |
- else |
1289 |
- openldap_find_versiontags |
1290 |
- fi |
1291 |
- |
1292 |
- # The user/group are only used for running daemons which are |
1293 |
- # disabled in minimal builds, so elide the accounts too. |
1294 |
- if ! use minimal ; then |
1295 |
- enewgroup ldap 439 |
1296 |
- enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap |
1297 |
- fi |
1298 |
-} |
1299 |
- |
1300 |
-src_prepare() { |
1301 |
- # ensure correct SLAPI path by default |
1302 |
- sed -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \ |
1303 |
- -i include/ldap_defaults.h || die |
1304 |
- |
1305 |
- default |
1306 |
- rm -r libraries/liblmdb || die |
1307 |
- |
1308 |
- pushd build &>/dev/null || die "pushd build" |
1309 |
- einfo "Making sure upstream build strip does not do stripping too early" |
1310 |
- sed -i.orig \ |
1311 |
- -e '/^STRIP/s,-s,,g' \ |
1312 |
- top.mk || die "Failed to block stripping" |
1313 |
- popd &>/dev/null || die |
1314 |
- |
1315 |
- # wrong assumption that /bin/sh is /bin/bash |
1316 |
- sed \ |
1317 |
- -e 's|/bin/sh|/bin/bash|g' \ |
1318 |
- -i tests/scripts/* || die "sed failed" |
1319 |
- |
1320 |
- AT_NOEAUTOMAKE=yes eautoreconf |
1321 |
-} |
1322 |
- |
1323 |
-build_contrib_module() { |
1324 |
- # <dir> <sources> <outputname> |
1325 |
- pushd "${S}/contrib/slapd-modules/$1" &>/dev/null || die "pushd contrib/slapd-modules/$1" |
1326 |
- einfo "Compiling contrib-module: $3" |
1327 |
- # Make sure it's uppercase |
1328 |
- local define_name="$(LC_ALL=C tr '[:lower:]' '[:upper:]' <<< "SLAPD_OVER_${1}")" |
1329 |
- "${lt}" --mode=compile --tag=CC \ |
1330 |
- "${CC}" \ |
1331 |
- -D${define_name}=SLAPD_MOD_DYNAMIC \ |
1332 |
- -I"${BUILD_DIR}"/include \ |
1333 |
- -I../../../include -I../../../servers/slapd ${CFLAGS} \ |
1334 |
- -o ${2%.c}.lo -c $2 || die "compiling $3 failed" |
1335 |
- einfo "Linking contrib-module: $3" |
1336 |
- "${lt}" --mode=link --tag=CC \ |
1337 |
- "${CC}" -module \ |
1338 |
- ${CFLAGS} \ |
1339 |
- ${LDFLAGS} \ |
1340 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
1341 |
- -o $3.la ${2%.c}.lo || die "linking $3 failed" |
1342 |
- popd &>/dev/null || die |
1343 |
-} |
1344 |
- |
1345 |
-src_configure() { |
1346 |
- # Bug 408001 |
1347 |
- use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync |
1348 |
- |
1349 |
- # connectionless ldap per bug #342439 |
1350 |
- append-cppflags -DLDAP_CONNECTIONLESS |
1351 |
- |
1352 |
- multilib-minimal_src_configure |
1353 |
-} |
1354 |
- |
1355 |
-multilib_src_configure() { |
1356 |
- local myconf=() |
1357 |
- |
1358 |
- use debug && myconf+=( $(use_enable debug) ) |
1359 |
- |
1360 |
- # ICU exists only in the configure, nowhere in the codebase, bug #510858 |
1361 |
- export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no |
1362 |
- |
1363 |
- if ! use minimal && multilib_is_native_abi; then |
1364 |
- local CPPFLAGS=${CPPFLAGS} |
1365 |
- |
1366 |
- # re-enable serverside overlay chains per bug #296567 |
1367 |
- # see ldap docs chaper 12.3.1 for details |
1368 |
- myconf+=( --enable-ldap ) |
1369 |
- |
1370 |
- # backends |
1371 |
- myconf+=( --enable-slapd ) |
1372 |
- if use berkdb ; then |
1373 |
- einfo "Using Berkeley DB for local backend" |
1374 |
- myconf+=( --enable-bdb --enable-hdb ) |
1375 |
- DBINCLUDE=$(db_includedir ${BDB_SLOTS}) |
1376 |
- einfo "Using ${DBINCLUDE} for sys-libs/db version" |
1377 |
- # We need to include the slotted db.h dir for FreeBSD |
1378 |
- append-cppflags -I${DBINCLUDE} |
1379 |
- else |
1380 |
- myconf+=( --disable-bdb --disable-hdb ) |
1381 |
- fi |
1382 |
- for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do |
1383 |
- myconf+=( --enable-${backend}=mod ) |
1384 |
- done |
1385 |
- |
1386 |
- myconf+=( $(use_enable perl perl mod) ) |
1387 |
- |
1388 |
- myconf+=( $(use_enable odbc sql mod) ) |
1389 |
- if use odbc ; then |
1390 |
- local odbc_lib="unixodbc" |
1391 |
- if use iodbc ; then |
1392 |
- odbc_lib="iodbc" |
1393 |
- append-cppflags -I"${EPREFIX}"/usr/include/iodbc |
1394 |
- fi |
1395 |
- myconf+=( --with-odbc=${odbc_lib} ) |
1396 |
- fi |
1397 |
- |
1398 |
- # slapd options |
1399 |
- myconf+=( |
1400 |
- $(use_enable crypt) |
1401 |
- --disable-slp |
1402 |
- $(use_enable samba lmpasswd) |
1403 |
- $(use_enable syslog) |
1404 |
- ) |
1405 |
- if use experimental ; then |
1406 |
- myconf+=( |
1407 |
- --enable-dynacl |
1408 |
- --enable-aci=mod |
1409 |
- ) |
1410 |
- fi |
1411 |
- for option in aci cleartext modules rewrite rlookups slapi; do |
1412 |
- myconf+=( --enable-${option} ) |
1413 |
- done |
1414 |
- |
1415 |
- # slapd overlay options |
1416 |
- # Compile-in the syncprov, the others as module |
1417 |
- myconf+=( --enable-syncprov=yes ) |
1418 |
- use overlays && myconf+=( --enable-overlays=mod ) |
1419 |
- |
1420 |
- else |
1421 |
- myconf+=( |
1422 |
- --disable-backends |
1423 |
- --disable-slapd |
1424 |
- --disable-bdb |
1425 |
- --disable-hdb |
1426 |
- --disable-mdb |
1427 |
- --disable-overlays |
1428 |
- --disable-syslog |
1429 |
- ) |
1430 |
- fi |
1431 |
- |
1432 |
- # basic functionality stuff |
1433 |
- myconf+=( |
1434 |
- $(use_enable ipv6) |
1435 |
- $(multilib_native_use_with sasl cyrus-sasl) |
1436 |
- $(multilib_native_use_enable sasl spasswd) |
1437 |
- $(use_enable tcpd wrappers) |
1438 |
- ) |
1439 |
- |
1440 |
- # Some cross-compiling tests don't pan out well. |
1441 |
- tc-is-cross-compiler && myconf+=( |
1442 |
- --with-yielding-select=yes |
1443 |
- ) |
1444 |
- |
1445 |
- local ssl_lib="no" |
1446 |
- if use ssl || ( ! use minimal && use samba ) ; then |
1447 |
- ssl_lib="openssl" |
1448 |
- use gnutls && ssl_lib="gnutls" |
1449 |
- fi |
1450 |
- |
1451 |
- myconf+=( --with-tls=${ssl_lib} ) |
1452 |
- |
1453 |
- for basicflag in dynamic local proctitle shared; do |
1454 |
- myconf+=( --enable-${basicflag} ) |
1455 |
- done |
1456 |
- |
1457 |
- tc-export AR CC CXX |
1458 |
- CONFIG_SHELL="/bin/bash" \ |
1459 |
- ECONF_SOURCE="${S}" \ |
1460 |
- STRIP=/bin/true \ |
1461 |
- econf \ |
1462 |
- --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \ |
1463 |
- $(use_enable static-libs static) \ |
1464 |
- "${myconf[@]}" |
1465 |
- emake depend |
1466 |
-} |
1467 |
- |
1468 |
-src_configure_cxx() { |
1469 |
- # This needs the libraries built by the first build run. |
1470 |
- # So we have to run it AFTER the main build, not just after the main |
1471 |
- # configure. |
1472 |
- local myconf_ldapcpp=( |
1473 |
- --with-ldap-includes="${S}"/include |
1474 |
- ) |
1475 |
- |
1476 |
- mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die |
1477 |
- pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++" |
1478 |
- |
1479 |
- local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS} |
1480 |
- append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \ |
1481 |
- -L"${BUILD_DIR}"/libraries/libldap/.libs |
1482 |
- append-cppflags -I"${BUILD_DIR}"/include |
1483 |
- ECONF_SOURCE=${S}/contrib/ldapc++ \ |
1484 |
- econf "${myconf_ldapcpp[@]}" \ |
1485 |
- CC="${CC}" \ |
1486 |
- CXX="${CXX}" |
1487 |
- popd &>/dev/null || die |
1488 |
-} |
1489 |
- |
1490 |
-multilib_src_compile() { |
1491 |
- tc-export AR CC CXX |
1492 |
- emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash |
1493 |
- local lt="${BUILD_DIR}/libtool" |
1494 |
- export echo="echo" |
1495 |
- |
1496 |
- if ! use minimal && multilib_is_native_abi ; then |
1497 |
- if use cxx ; then |
1498 |
- einfo "Building contrib library: ldapc++" |
1499 |
- src_configure_cxx |
1500 |
- pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++" |
1501 |
- emake CC="${CC}" CXX="${CXX}" |
1502 |
- popd &>/dev/null || die |
1503 |
- fi |
1504 |
- |
1505 |
- if use smbkrb5passwd ; then |
1506 |
- einfo "Building contrib-module: smbk5pwd" |
1507 |
- pushd "${S}/contrib/slapd-modules/smbk5pwd" &>/dev/null || die "pushd contrib/slapd-modules/smbk5pwd" |
1508 |
- |
1509 |
- MY_DEFS="-DDO_SHADOW" |
1510 |
- if use samba ; then |
1511 |
- MY_DEFS="${MY_DEFS} -DDO_SAMBA" |
1512 |
- MY_KRB5_INC="" |
1513 |
- fi |
1514 |
- if use kerberos ; then |
1515 |
- MY_DEFS="${MY_DEFS} -DDO_KRB5" |
1516 |
- MY_KRB5_INC="$(krb5-config --cflags)" |
1517 |
- fi |
1518 |
- |
1519 |
- emake \ |
1520 |
- DEFS="${MY_DEFS}" \ |
1521 |
- KRB5_INC="${MY_KRB5_INC}" \ |
1522 |
- LDAP_BUILD="${BUILD_DIR}" \ |
1523 |
- CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" |
1524 |
- popd &>/dev/null || die |
1525 |
- fi |
1526 |
- |
1527 |
- if use overlays ; then |
1528 |
- einfo "Building contrib-module: samba4" |
1529 |
- pushd "${S}/contrib/slapd-modules/samba4" &>/dev/null || die "pushd contrib/slapd-modules/samba4" |
1530 |
- |
1531 |
- emake \ |
1532 |
- LDAP_BUILD="${BUILD_DIR}" \ |
1533 |
- CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap" |
1534 |
- popd &>/dev/null || die |
1535 |
- fi |
1536 |
- |
1537 |
- if use kerberos ; then |
1538 |
- if use kinit ; then |
1539 |
- build_contrib_module "kinit" "kinit.c" "kinit" |
1540 |
- fi |
1541 |
- pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd" |
1542 |
- einfo "Compiling contrib-module: pw-kerberos" |
1543 |
- "${lt}" --mode=compile --tag=CC \ |
1544 |
- "${CC}" \ |
1545 |
- -I"${BUILD_DIR}"/include \ |
1546 |
- -I../../../include \ |
1547 |
- ${CFLAGS} \ |
1548 |
- $(krb5-config --cflags) \ |
1549 |
- -DHAVE_KRB5 \ |
1550 |
- -o kerberos.lo \ |
1551 |
- -c kerberos.c || die "compiling pw-kerberos failed" |
1552 |
- einfo "Linking contrib-module: pw-kerberos" |
1553 |
- "${lt}" --mode=link --tag=CC \ |
1554 |
- "${CC}" -module \ |
1555 |
- ${CFLAGS} \ |
1556 |
- ${LDFLAGS} \ |
1557 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
1558 |
- -o pw-kerberos.la \ |
1559 |
- kerberos.lo || die "linking pw-kerberos failed" |
1560 |
- popd &>/dev/null || die |
1561 |
- fi |
1562 |
- |
1563 |
- if use pbkdf2; then |
1564 |
- pushd "${S}/contrib/slapd-modules/passwd/pbkdf2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/pbkdf2" |
1565 |
- einfo "Compiling contrib-module: pw-pbkdf2" |
1566 |
- "${lt}" --mode=compile --tag=CC \ |
1567 |
- "${CC}" \ |
1568 |
- -I"${BUILD_DIR}"/include \ |
1569 |
- -I../../../../include \ |
1570 |
- ${CFLAGS} \ |
1571 |
- -o pbkdf2.lo \ |
1572 |
- -c pw-pbkdf2.c || die "compiling pw-pbkdf2 failed" |
1573 |
- einfo "Linking contrib-module: pw-pbkdf2" |
1574 |
- "${lt}" --mode=link --tag=CC \ |
1575 |
- "${CC}" -module \ |
1576 |
- ${CFLAGS} \ |
1577 |
- ${LDFLAGS} \ |
1578 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
1579 |
- -o pw-pbkdf2.la \ |
1580 |
- pbkdf2.lo || die "linking pw-pbkdf2 failed" |
1581 |
- popd &>/dev/null || die |
1582 |
- fi |
1583 |
- |
1584 |
- if use sha2 ; then |
1585 |
- pushd "${S}/contrib/slapd-modules/passwd/sha2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/sha2" |
1586 |
- einfo "Compiling contrib-module: pw-sha2" |
1587 |
- "${lt}" --mode=compile --tag=CC \ |
1588 |
- "${CC}" \ |
1589 |
- -I"${BUILD_DIR}"/include \ |
1590 |
- -I../../../../include \ |
1591 |
- ${CFLAGS} \ |
1592 |
- -o sha2.lo \ |
1593 |
- -c sha2.c || die "compiling pw-sha2 failed" |
1594 |
- "${lt}" --mode=compile --tag=CC \ |
1595 |
- "${CC}" \ |
1596 |
- -I"${BUILD_DIR}"/include \ |
1597 |
- -I../../../../include \ |
1598 |
- ${CFLAGS} \ |
1599 |
- -o slapd-sha2.lo \ |
1600 |
- -c slapd-sha2.c || die "compiling pw-sha2 failed" |
1601 |
- einfo "Linking contrib-module: pw-sha2" |
1602 |
- "${lt}" --mode=link --tag=CC \ |
1603 |
- "${CC}" -module \ |
1604 |
- ${CFLAGS} \ |
1605 |
- ${LDFLAGS} \ |
1606 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
1607 |
- -o pw-sha2.la \ |
1608 |
- sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed" |
1609 |
- popd &>/dev/null || die |
1610 |
- fi |
1611 |
- |
1612 |
- # We could build pw-radius if GNURadius would install radlib.h |
1613 |
- pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd" |
1614 |
- einfo "Compiling contrib-module: pw-netscape" |
1615 |
- "${lt}" --mode=compile --tag=CC \ |
1616 |
- "${CC}" \ |
1617 |
- -I"${BUILD_DIR}"/include \ |
1618 |
- -I../../../include \ |
1619 |
- ${CFLAGS} \ |
1620 |
- -o netscape.lo \ |
1621 |
- -c netscape.c || die "compiling pw-netscape failed" |
1622 |
- einfo "Linking contrib-module: pw-netscape" |
1623 |
- "${lt}" --mode=link --tag=CC \ |
1624 |
- "${CC}" -module \ |
1625 |
- ${CFLAGS} \ |
1626 |
- ${LDFLAGS} \ |
1627 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
1628 |
- -o pw-netscape.la \ |
1629 |
- netscape.lo || die "linking pw-netscape failed" |
1630 |
- |
1631 |
- #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only |
1632 |
- #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos |
1633 |
- build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay" |
1634 |
- build_contrib_module "allop" "allop.c" "overlay-allop" |
1635 |
- build_contrib_module "allowed" "allowed.c" "allowed" |
1636 |
- build_contrib_module "autogroup" "autogroup.c" "autogroup" |
1637 |
- build_contrib_module "cloak" "cloak.c" "cloak" |
1638 |
- # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand |
1639 |
- build_contrib_module "denyop" "denyop.c" "denyop-overlay" |
1640 |
- build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin" |
1641 |
- build_contrib_module "dupent" "dupent.c" "dupent" |
1642 |
- build_contrib_module "lastbind" "lastbind.c" "lastbind" |
1643 |
- # lastmod may not play well with other overlays |
1644 |
- build_contrib_module "lastmod" "lastmod.c" "lastmod" |
1645 |
- build_contrib_module "noopsrch" "noopsrch.c" "noopsrch" |
1646 |
- build_contrib_module "nops" "nops.c" "nops-overlay" |
1647 |
- #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER |
1648 |
- build_contrib_module "trace" "trace.c" "trace" |
1649 |
- popd &>/dev/null || die |
1650 |
- # build slapi-plugins |
1651 |
- pushd "${S}/contrib/slapi-plugins/addrdnvalues" &>/dev/null || die "pushd contrib/slapi-plugins/addrdnvalues" |
1652 |
- einfo "Building contrib-module: addrdnvalues plugin" |
1653 |
- "${CC}" -shared \ |
1654 |
- -I"${BUILD_DIR}"/include \ |
1655 |
- -I../../../include \ |
1656 |
- ${CFLAGS} \ |
1657 |
- -fPIC \ |
1658 |
- ${LDFLAGS} \ |
1659 |
- -o libaddrdnvalues-plugin.so \ |
1660 |
- addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed" |
1661 |
- popd &>/dev/null || die |
1662 |
- fi |
1663 |
-} |
1664 |
- |
1665 |
-multilib_src_test() { |
1666 |
- if multilib_is_native_abi; then |
1667 |
- cd tests || die |
1668 |
- emake tests |
1669 |
- fi |
1670 |
-} |
1671 |
- |
1672 |
-multilib_src_install() { |
1673 |
- local lt="${BUILD_DIR}/libtool" |
1674 |
- emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install |
1675 |
- |
1676 |
- if ! use minimal && multilib_is_native_abi; then |
1677 |
- # openldap modules go here |
1678 |
- # TODO: write some code to populate slapd.conf with moduleload statements |
1679 |
- keepdir /usr/$(get_libdir)/openldap/openldap/ |
1680 |
- |
1681 |
- # initial data storage dir |
1682 |
- keepdir /var/lib/openldap-data |
1683 |
- use prefix || fowners ldap:ldap /var/lib/openldap-data |
1684 |
- fperms 0700 /var/lib/openldap-data |
1685 |
- |
1686 |
- echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" |
1687 |
- echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" |
1688 |
- echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" |
1689 |
- |
1690 |
- # use our config |
1691 |
- rm "${ED}"/etc/openldap/slapd.conf |
1692 |
- insinto /etc/openldap |
1693 |
- newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf |
1694 |
- configfile="${ED}"/etc/openldap/slapd.conf |
1695 |
- |
1696 |
- # populate with built backends |
1697 |
- ebegin "populate config with built backends" |
1698 |
- for x in "${ED}"/usr/$(get_libdir)/openldap/openldap/back_*.so; do |
1699 |
- einfo "Adding $(basename ${x})" |
1700 |
- sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" || die |
1701 |
- done |
1702 |
- sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}" |
1703 |
- use prefix || fowners root:ldap /etc/openldap/slapd.conf |
1704 |
- fperms 0640 /etc/openldap/slapd.conf |
1705 |
- cp "${configfile}" "${configfile}".default || die |
1706 |
- eend |
1707 |
- |
1708 |
- # install our own init scripts and systemd unit files |
1709 |
- einfo "Install init scripts" |
1710 |
- sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die |
1711 |
- doinitd "${T}"/slapd |
1712 |
- newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd |
1713 |
- |
1714 |
- einfo "Install systemd service" |
1715 |
- sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd.service > "${T}"/slapd.service || die |
1716 |
- systemd_dounit "${T}"/slapd.service |
1717 |
- systemd_install_serviced "${FILESDIR}"/slapd.service.conf |
1718 |
- systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf |
1719 |
- |
1720 |
- # If built without SLP, we don't need to be before avahi |
1721 |
- sed -i \ |
1722 |
- -e '/before/{s/avahi-daemon//g}' \ |
1723 |
- "${ED}"/etc/init.d/slapd \ |
1724 |
- || die |
1725 |
- |
1726 |
- if use cxx ; then |
1727 |
- einfo "Install the ldapc++ library" |
1728 |
- cd "${BUILD_DIR}/contrib/ldapc++" || die |
1729 |
- emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install |
1730 |
- cd "${S}"/contrib/ldapc++ || die |
1731 |
- newdoc README ldapc++-README |
1732 |
- fi |
1733 |
- |
1734 |
- if use smbkrb5passwd ; then |
1735 |
- einfo "Install the smbk5pwd module" |
1736 |
- cd "${S}/contrib/slapd-modules/smbk5pwd" || die |
1737 |
- emake DESTDIR="${D}" \ |
1738 |
- LDAP_BUILD="${BUILD_DIR}" \ |
1739 |
- libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install |
1740 |
- newdoc README smbk5pwd-README |
1741 |
- fi |
1742 |
- |
1743 |
- if use overlays ; then |
1744 |
- einfo "Install the samba4 module" |
1745 |
- cd "${S}/contrib/slapd-modules/samba4" || die |
1746 |
- emake DESTDIR="${D}" \ |
1747 |
- LDAP_BUILD="${BUILD_DIR}" \ |
1748 |
- libexecdir="/usr/$(get_libdir)/openldap" install |
1749 |
- newdoc README samba4-README |
1750 |
- fi |
1751 |
- |
1752 |
- einfo "Installing contrib modules" |
1753 |
- cd "${S}/contrib/slapd-modules" || die |
1754 |
- for l in */*.la */*/*.la; do |
1755 |
- [[ -e ${l} ]] || continue |
1756 |
- "${lt}" --mode=install cp ${l} \ |
1757 |
- "${ED}"/usr/$(get_libdir)/openldap/openldap || \ |
1758 |
- die "installing ${l} failed" |
1759 |
- done |
1760 |
- |
1761 |
- dodoc "${FILESDIR}"/DB_CONFIG.fast.example |
1762 |
- docinto contrib |
1763 |
- doman */*.5 |
1764 |
- #newdoc acl/README* |
1765 |
- newdoc addpartial/README addpartial-README |
1766 |
- newdoc allop/README allop-README |
1767 |
- newdoc allowed/README allowed-README |
1768 |
- newdoc autogroup/README autogroup-README |
1769 |
- newdoc dsaschema/README dsaschema-README |
1770 |
- newdoc passwd/README passwd-README |
1771 |
- cd "${S}/contrib/slapi-plugins" || die |
1772 |
- insinto /usr/$(get_libdir)/openldap/openldap |
1773 |
- doins */*.so |
1774 |
- docinto contrib |
1775 |
- newdoc addrdnvalues/README addrdnvalues-README |
1776 |
- |
1777 |
- insinto /etc/openldap/schema |
1778 |
- newins "${DISTDIR}"/${BIS_P} ${BIS_PN} |
1779 |
- |
1780 |
- docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample* |
1781 |
- docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample* |
1782 |
- docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm |
1783 |
- |
1784 |
- dosbin "${S}"/contrib/slapd-tools/statslog |
1785 |
- newdoc "${S}"/contrib/slapd-tools/README README.statslog |
1786 |
- fi |
1787 |
- |
1788 |
- if ! use static-libs ; then |
1789 |
- find "${ED}" \( -name '*.a' -o -name '*.la' \) -delete || die |
1790 |
- fi |
1791 |
-} |
1792 |
- |
1793 |
-multilib_src_install_all() { |
1794 |
- dodoc ANNOUNCEMENT CHANGES COPYRIGHT README |
1795 |
- docinto rfc ; dodoc doc/rfc/*.txt |
1796 |
-} |
1797 |
- |
1798 |
-pkg_preinst() { |
1799 |
- # keep old libs if any |
1800 |
- preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0) |
1801 |
- # bug 440470, only display the getting started help there was no openldap before, |
1802 |
- # or we are going to a non-minimal build |
1803 |
- ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]' |
1804 |
- OPENLDAP_PRINT_MESSAGES=$((! $?)) |
1805 |
-} |
1806 |
- |
1807 |
-pkg_postinst() { |
1808 |
- if ! use minimal ; then |
1809 |
- # You cannot build SSL certificates during src_install that will make |
1810 |
- # binary packages containing your SSL key, which is both a security risk |
1811 |
- # and a misconfiguration if multiple machines use the same key and cert. |
1812 |
- if use ssl; then |
1813 |
- install_cert /etc/openldap/ssl/ldap |
1814 |
- use prefix || chown ldap:ldap "${EROOT}"/etc/openldap/ssl/ldap.* |
1815 |
- ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" |
1816 |
- ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" |
1817 |
- ewarn "add 'TLS_REQCERT allow' if you want to use them." |
1818 |
- fi |
1819 |
- |
1820 |
- if use prefix; then |
1821 |
- # Warn about prefix issues with slapd |
1822 |
- eerror "slapd might NOT be usable on Prefix systems as it requires root privileges" |
1823 |
- eerror "to start up, and requires that certain files directories be owned by" |
1824 |
- eerror "ldap:ldap. As Prefix does not support changing ownership of files and" |
1825 |
- eerror "directories, you will have to manually fix this yourself." |
1826 |
- fi |
1827 |
- |
1828 |
- # These lines force the permissions of various content to be correct |
1829 |
- use prefix || chown ldap:ldap "${EROOT}"/var/run/openldap |
1830 |
- chmod 0755 "${EROOT}"/var/run/openldap || die |
1831 |
- use prefix || chown root:ldap "${EROOT}"/etc/openldap/slapd.conf{,.default} |
1832 |
- chmod 0640 "${EROOT}"/etc/openldap/slapd.conf{,.default} || die |
1833 |
- use prefix || chown ldap:ldap "${EROOT}"/var/lib/openldap-data |
1834 |
- fi |
1835 |
- |
1836 |
- if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then |
1837 |
- elog "Getting started using OpenLDAP? There is some documentation available:" |
1838 |
- elog "Gentoo Guide to OpenLDAP Authentication" |
1839 |
- elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)" |
1840 |
- elog "---" |
1841 |
- elog "An example file for tuning BDB backends with openldap is" |
1842 |
- elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/" |
1843 |
- fi |
1844 |
- |
1845 |
- preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0) |
1846 |
-} |
1847 |
|
1848 |
diff --git a/net-nds/openldap/openldap-2.4.49-r2.ebuild b/net-nds/openldap/openldap-2.4.49-r2.ebuild |
1849 |
deleted file mode 100644 |
1850 |
index 21df99a4271..00000000000 |
1851 |
--- a/net-nds/openldap/openldap-2.4.49-r2.ebuild |
1852 |
+++ /dev/null |
1853 |
@@ -1,903 +0,0 @@ |
1854 |
-# Copyright 1999-2020 Gentoo Authors |
1855 |
-# Distributed under the terms of the GNU General Public License v2 |
1856 |
- |
1857 |
-EAPI=7 |
1858 |
- |
1859 |
-inherit autotools db-use flag-o-matic multilib-minimal ssl-cert toolchain-funcs user systemd |
1860 |
- |
1861 |
-BIS_PN=rfc2307bis.schema |
1862 |
-BIS_PV=20140524 |
1863 |
-BIS_P="${BIS_PN}-${BIS_PV}" |
1864 |
- |
1865 |
-DESCRIPTION="LDAP suite of application and development tools" |
1866 |
-HOMEPAGE="http://www.OpenLDAP.org/" |
1867 |
- |
1868 |
-# mirrors are mostly not working, using canonical URI |
1869 |
-SRC_URI="ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${P}.tgz |
1870 |
- mirror://gentoo/${BIS_P}" |
1871 |
- |
1872 |
-LICENSE="OPENLDAP GPL-2" |
1873 |
-SLOT="0" |
1874 |
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~amd64-linux ~x86-linux ~x86-solaris" |
1875 |
- |
1876 |
-IUSE_DAEMON="crypt samba tcpd experimental minimal" |
1877 |
-IUSE_BACKEND="+berkdb" |
1878 |
-IUSE_OVERLAY="overlays perl" |
1879 |
-IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 libressl +syslog selinux static-libs test" |
1880 |
-IUSE_CONTRIB="smbkrb5passwd kerberos kinit pbkdf2 sha2" |
1881 |
-IUSE_CONTRIB="${IUSE_CONTRIB} -cxx" |
1882 |
-IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}" |
1883 |
- |
1884 |
-RESTRICT="!test? ( test )" |
1885 |
-REQUIRED_USE="cxx? ( sasl ) |
1886 |
- pbkdf2? ( ssl ) |
1887 |
- test? ( berkdb ) |
1888 |
- ?? ( test minimal )" |
1889 |
- |
1890 |
-# always list newer first |
1891 |
-# Do not add any AGPL-3 BDB here! |
1892 |
-# See bug 525110, comment 15. |
1893 |
-# Advanced usage: OPENLDAP_BDB_SLOTS in the environment can be used to force a slot during build. |
1894 |
-BDB_SLOTS="${OPENLDAP_BDB_SLOTS:=5.3 5.1 4.8 4.7 4.6 4.5 4.4}" |
1895 |
-BDB_PKGS='' |
1896 |
-for _slot in $BDB_SLOTS; do BDB_PKGS="${BDB_PKGS} sys-libs/db:${_slot}" ; done |
1897 |
- |
1898 |
-# openssl is needed to generate lanman-passwords required by samba |
1899 |
-COMMON_DEPEND=" |
1900 |
- ssl? ( |
1901 |
- !gnutls? ( |
1902 |
- !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] ) |
1903 |
- libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] ) |
1904 |
- ) |
1905 |
- gnutls? ( |
1906 |
- >=net-libs/gnutls-2.12.23-r6:=[${MULTILIB_USEDEP}] |
1907 |
- >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}] |
1908 |
- ) |
1909 |
- ) |
1910 |
- sasl? ( dev-libs/cyrus-sasl:= ) |
1911 |
- !minimal? ( |
1912 |
- sys-devel/libtool |
1913 |
- sys-libs/e2fsprogs-libs |
1914 |
- >=dev-db/lmdb-0.9.18:= |
1915 |
- tcpd? ( sys-apps/tcp-wrappers ) |
1916 |
- odbc? ( !iodbc? ( dev-db/unixODBC ) |
1917 |
- iodbc? ( dev-db/libiodbc ) ) |
1918 |
- perl? ( dev-lang/perl:=[-build(-)] ) |
1919 |
- samba? ( |
1920 |
- !libressl? ( dev-libs/openssl:0= ) |
1921 |
- libressl? ( dev-libs/libressl:0= ) |
1922 |
- ) |
1923 |
- berkdb? ( |
1924 |
- <sys-libs/db-6.0:= |
1925 |
- || ( ${BDB_PKGS} ) |
1926 |
- ) |
1927 |
- smbkrb5passwd? ( |
1928 |
- !libressl? ( dev-libs/openssl:0= ) |
1929 |
- libressl? ( dev-libs/libressl:0= ) |
1930 |
- kerberos? ( app-crypt/heimdal ) |
1931 |
- ) |
1932 |
- kerberos? ( |
1933 |
- virtual/krb5 |
1934 |
- kinit? ( !app-crypt/heimdal ) |
1935 |
- ) |
1936 |
- cxx? ( dev-libs/cyrus-sasl:= ) |
1937 |
- ) |
1938 |
-" |
1939 |
-DEPEND="${COMMON_DEPEND} |
1940 |
- sys-apps/groff |
1941 |
-" |
1942 |
-RDEPEND="${COMMON_DEPEND} |
1943 |
- selinux? ( sec-policy/selinux-ldap ) |
1944 |
-" |
1945 |
-# for tracking versions |
1946 |
-OPENLDAP_VERSIONTAG=".version-tag" |
1947 |
-OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data" |
1948 |
- |
1949 |
-MULTILIB_WRAPPED_HEADERS=( |
1950 |
- # USE=cxx |
1951 |
- /usr/include/LDAPAsynConnection.h |
1952 |
- /usr/include/LDAPAttrType.h |
1953 |
- /usr/include/LDAPAttribute.h |
1954 |
- /usr/include/LDAPAttributeList.h |
1955 |
- /usr/include/LDAPConnection.h |
1956 |
- /usr/include/LDAPConstraints.h |
1957 |
- /usr/include/LDAPControl.h |
1958 |
- /usr/include/LDAPControlSet.h |
1959 |
- /usr/include/LDAPEntry.h |
1960 |
- /usr/include/LDAPEntryList.h |
1961 |
- /usr/include/LDAPException.h |
1962 |
- /usr/include/LDAPExtResult.h |
1963 |
- /usr/include/LDAPMessage.h |
1964 |
- /usr/include/LDAPMessageQueue.h |
1965 |
- /usr/include/LDAPModList.h |
1966 |
- /usr/include/LDAPModification.h |
1967 |
- /usr/include/LDAPObjClass.h |
1968 |
- /usr/include/LDAPRebind.h |
1969 |
- /usr/include/LDAPRebindAuth.h |
1970 |
- /usr/include/LDAPReferenceList.h |
1971 |
- /usr/include/LDAPResult.h |
1972 |
- /usr/include/LDAPSaslBindResult.h |
1973 |
- /usr/include/LDAPSchema.h |
1974 |
- /usr/include/LDAPSearchReference.h |
1975 |
- /usr/include/LDAPSearchResult.h |
1976 |
- /usr/include/LDAPSearchResults.h |
1977 |
- /usr/include/LDAPUrl.h |
1978 |
- /usr/include/LDAPUrlList.h |
1979 |
- /usr/include/LdifReader.h |
1980 |
- /usr/include/LdifWriter.h |
1981 |
- /usr/include/SaslInteraction.h |
1982 |
- /usr/include/SaslInteractionHandler.h |
1983 |
- /usr/include/StringList.h |
1984 |
- /usr/include/TlsOptions.h |
1985 |
-) |
1986 |
- |
1987 |
-PATCHES=( |
1988 |
- "${FILESDIR}"/${PN}-2.4.17-gcc44.patch |
1989 |
- |
1990 |
- "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch |
1991 |
- "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch |
1992 |
- |
1993 |
- # bug #116045 - still present in 2.4.28 |
1994 |
- "${FILESDIR}"/${PN}-2.4.35-contrib-smbk5pwd.patch |
1995 |
- # bug #408077 - samba4 |
1996 |
- "${FILESDIR}"/${PN}-2.4.35-contrib-samba4.patch |
1997 |
- |
1998 |
- # bug #189817 |
1999 |
- "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch |
2000 |
- |
2001 |
- # bug #233633 |
2002 |
- "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch |
2003 |
- |
2004 |
- # bug #281495 |
2005 |
- "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch |
2006 |
- |
2007 |
- # bug #294350 |
2008 |
- "${FILESDIR}"/${PN}-2.4.6-evolution-ntlm.patch |
2009 |
- |
2010 |
- # unbreak /bin/sh -> dash |
2011 |
- "${FILESDIR}"/${PN}-2.4.28-fix-dash.patch |
2012 |
- |
2013 |
- # bug #420959 |
2014 |
- "${FILESDIR}"/${PN}-2.4.31-gcc47.patch |
2015 |
- |
2016 |
- # unbundle lmdb |
2017 |
- "${FILESDIR}"/${PN}-2.4.42-mdb-unbundle.patch |
2018 |
- |
2019 |
- # bug #622464 |
2020 |
- "${FILESDIR}"/${PN}-2.4.47-libressl.patch |
2021 |
- |
2022 |
- # fix some compiler warnings |
2023 |
- "${FILESDIR}"/${PN}-2.4.47-warnings.patch |
2024 |
-) |
2025 |
- |
2026 |
-openldap_filecount() { |
2027 |
- local dir="$1" |
2028 |
- find "${dir}" -type f ! -name '.*' ! -name 'DB_CONFIG*' | wc -l |
2029 |
-} |
2030 |
- |
2031 |
-openldap_find_versiontags() { |
2032 |
- # scan for all datadirs |
2033 |
- local openldap_datadirs=() |
2034 |
- if [[ -f "${EROOT}"/etc/openldap/slapd.conf ]]; then |
2035 |
- openldap_datadirs=( $(awk '{if($1 == "directory") print $2 }' "${EROOT}"/etc/openldap/slapd.conf) ) |
2036 |
- fi |
2037 |
- openldap_datadirs+=( ${OPENLDAP_DEFAULTDIR_VERSIONTAG} ) |
2038 |
- |
2039 |
- einfo |
2040 |
- einfo "Scanning datadir(s) from slapd.conf and" |
2041 |
- einfo "the default installdir for Versiontags" |
2042 |
- einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)" |
2043 |
- einfo |
2044 |
- |
2045 |
- # scan datadirs if we have a version tag |
2046 |
- openldap_found_tag=0 |
2047 |
- have_files=0 |
2048 |
- for each in ${openldap_datadirs[@]} ; do |
2049 |
- CURRENT_TAGDIR="${ROOT}$(sed "s:\/::" <<< ${each})" |
2050 |
- CURRENT_TAG="${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}" |
2051 |
- if [[ -d "${CURRENT_TAGDIR}" ]] && [[ "${openldap_found_tag}" == 0 ]] ; then |
2052 |
- einfo "- Checking ${each}..." |
2053 |
- if [[ -r "${CURRENT_TAG}" ]] ; then |
2054 |
- # yey, we have one :) |
2055 |
- einfo " Found Versiontag in ${each}" |
2056 |
- source "${CURRENT_TAG}" |
2057 |
- if [[ "${OLDPF}" == "" ]] ; then |
2058 |
- eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}" |
2059 |
- eerror "Please delete it" |
2060 |
- eerror |
2061 |
- die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}" |
2062 |
- fi |
2063 |
- |
2064 |
- OLD_MAJOR=$(ver_cut 2-3 ${OLDPF}) |
2065 |
- |
2066 |
- [[ "$(openldap_filecount ${CURRENT_TAGDIR})" -gt 0 ]] && have_files=1 |
2067 |
- |
2068 |
- # are we on the same branch? |
2069 |
- if [[ "${OLD_MAJOR}" != "${PV:0:3}" ]] ; then |
2070 |
- ewarn " Versiontag doesn't match current major release!" |
2071 |
- if [[ "${have_files}" == "1" ]] ; then |
2072 |
- eerror " Versiontag says other major and you (probably) have datafiles!" |
2073 |
- echo |
2074 |
- openldap_upgrade_howto |
2075 |
- else |
2076 |
- einfo " No real problem, seems there's no database." |
2077 |
- fi |
2078 |
- else |
2079 |
- einfo " Versiontag is fine here :)" |
2080 |
- fi |
2081 |
- else |
2082 |
- einfo " Non-tagged dir ${each}" |
2083 |
- [[ "$(openldap_filecount ${each})" -gt 0 ]] && have_files=1 |
2084 |
- if [[ "${have_files}" == "1" ]] ; then |
2085 |
- einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files" |
2086 |
- echo |
2087 |
- |
2088 |
- eerror |
2089 |
- eerror "Your OpenLDAP Installation has a non tagged datadir that" |
2090 |
- eerror "possibly contains a database at ${CURRENT_TAGDIR}" |
2091 |
- eerror |
2092 |
- eerror "Please export data if any entered and empty or remove" |
2093 |
- eerror "the directory, installation has been stopped so you" |
2094 |
- eerror "can take required action" |
2095 |
- eerror |
2096 |
- eerror "For a HOWTO on exporting the data, see instructions in the ebuild" |
2097 |
- eerror |
2098 |
- openldap_upgrade_howto |
2099 |
- die "Please move the datadir ${CURRENT_TAGDIR} away" |
2100 |
- fi |
2101 |
- fi |
2102 |
- einfo |
2103 |
- fi |
2104 |
- done |
2105 |
- [[ "${have_files}" == "1" ]] && einfo "DB files present" || einfo "No DB files present" |
2106 |
- |
2107 |
- # Now we must check for the major version of sys-libs/db linked against. |
2108 |
- SLAPD_PATH="${EROOT}/usr/$(get_libdir)/openldap/slapd" |
2109 |
- if [[ "${have_files}" == "1" ]] && [[ -f "${SLAPD_PATH}" ]]; then |
2110 |
- OLDVER="$(/usr/bin/ldd ${SLAPD_PATH} \ |
2111 |
- | awk '/libdb-/{gsub("^libdb-","",$1);gsub(".so$","",$1);print $1}')" |
2112 |
- if use berkdb; then |
2113 |
- # find which one would be used |
2114 |
- for bdb_slot in ${BDB_SLOTS} ; do |
2115 |
- NEWVER="$(db_findver "=sys-libs/db-${bdb_slot}*")" |
2116 |
- [[ -n "${NEWVER}" ]] && break |
2117 |
- done |
2118 |
- fi |
2119 |
- local fail=0 |
2120 |
- if [[ -z "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then |
2121 |
- : |
2122 |
- # Nothing wrong here. |
2123 |
- elif [[ -z "${OLDVER}" ]] && [[ -n "${NEWVER}" ]]; then |
2124 |
- eerror " Your existing version of OpenLDAP was not built against" |
2125 |
- eerror " any version of sys-libs/db, but the new one will build" |
2126 |
- eerror " against ${NEWVER} and your database may be inaccessible." |
2127 |
- echo |
2128 |
- fail=1 |
2129 |
- elif [[ -n "${OLDVER}" ]] && [[ -z "${NEWVER}" ]]; then |
2130 |
- eerror " Your existing version of OpenLDAP was built against" |
2131 |
- eerror " sys-libs/db:${OLDVER}, but the new one will not be" |
2132 |
- eerror " built against any version and your database may be" |
2133 |
- eerror " inaccessible." |
2134 |
- echo |
2135 |
- fail=1 |
2136 |
- elif [[ "${OLDVER}" != "${NEWVER}" ]]; then |
2137 |
- eerror " Your existing version of OpenLDAP was built against" |
2138 |
- eerror " sys-libs/db:${OLDVER}, but the new one will build against" |
2139 |
- eerror " ${NEWVER} and your database would be inaccessible." |
2140 |
- echo |
2141 |
- fail=1 |
2142 |
- fi |
2143 |
- [[ "${fail}" == "1" ]] && openldap_upgrade_howto |
2144 |
- fi |
2145 |
- |
2146 |
- echo |
2147 |
- einfo |
2148 |
- einfo "All datadirs are fine, proceeding with merge now..." |
2149 |
- einfo |
2150 |
-} |
2151 |
- |
2152 |
-openldap_upgrade_howto() { |
2153 |
- local d l i |
2154 |
- eerror |
2155 |
- eerror "A (possible old) installation of OpenLDAP was detected," |
2156 |
- eerror "installation will not proceed for now." |
2157 |
- eerror |
2158 |
- eerror "As major version upgrades can corrupt your database," |
2159 |
- eerror "you need to dump your database and re-create it afterwards." |
2160 |
- eerror |
2161 |
- eerror "Additionally, rebuilding against different major versions of the" |
2162 |
- eerror "sys-libs/db libraries will cause your database to be inaccessible." |
2163 |
- eerror "" |
2164 |
- d="$(date -u +%s)" |
2165 |
- l="/root/ldapdump.${d}" |
2166 |
- i="${l}.raw" |
2167 |
- eerror " 1. /etc/init.d/slapd stop" |
2168 |
- eerror " 2. slapcat -l ${i}" |
2169 |
- eerror " 3. egrep -v '^(entry|context)CSN:' <${i} >${l}" |
2170 |
- eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/" |
2171 |
- eerror " 5. emerge --update \=net-nds/${PF}" |
2172 |
- eerror " 6. etc-update, and ensure that you apply the changes" |
2173 |
- eerror " 7. slapadd -l ${l}" |
2174 |
- eerror " 8. chown ldap:ldap /var/lib/openldap-data/*" |
2175 |
- eerror " 9. /etc/init.d/slapd start" |
2176 |
- eerror "10. check that your data is intact." |
2177 |
- eerror "11. set up the new replication system." |
2178 |
- eerror |
2179 |
- if [[ "${FORCE_UPGRADE}" != "1" ]]; then |
2180 |
- die "You need to upgrade your database first" |
2181 |
- else |
2182 |
- eerror "You have the magical FORCE_UPGRADE=1 in place." |
2183 |
- eerror "Don't say you weren't warned about data loss." |
2184 |
- fi |
2185 |
-} |
2186 |
- |
2187 |
-pkg_setup() { |
2188 |
- if ! use sasl && use cxx ; then |
2189 |
- die "To build the ldapc++ library you must emerge openldap with sasl support" |
2190 |
- fi |
2191 |
- # Bug #322787 |
2192 |
- if use minimal && ! has_version "net-nds/openldap" ; then |
2193 |
- einfo "No datadir scan needed, openldap not installed" |
2194 |
- elif use minimal && has_version 'net-nds/openldap[minimal]' ; then |
2195 |
- einfo "Skipping scan for previous datadirs as requested by minimal useflag" |
2196 |
- else |
2197 |
- openldap_find_versiontags |
2198 |
- fi |
2199 |
- |
2200 |
- # The user/group are only used for running daemons which are |
2201 |
- # disabled in minimal builds, so elide the accounts too. |
2202 |
- if ! use minimal ; then |
2203 |
- enewgroup ldap 439 |
2204 |
- enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap |
2205 |
- fi |
2206 |
-} |
2207 |
- |
2208 |
-src_prepare() { |
2209 |
- # ensure correct SLAPI path by default |
2210 |
- sed -e 's,\(#define LDAPI_SOCK\).*,\1 "'"${EPREFIX}"'/var/run/openldap/slapd.sock",' \ |
2211 |
- -i include/ldap_defaults.h || die |
2212 |
- |
2213 |
- default |
2214 |
- rm -r libraries/liblmdb || die |
2215 |
- |
2216 |
- pushd build &>/dev/null || die "pushd build" |
2217 |
- einfo "Making sure upstream build strip does not do stripping too early" |
2218 |
- sed -i.orig \ |
2219 |
- -e '/^STRIP/s,-s,,g' \ |
2220 |
- top.mk || die "Failed to block stripping" |
2221 |
- popd &>/dev/null || die |
2222 |
- |
2223 |
- # wrong assumption that /bin/sh is /bin/bash |
2224 |
- sed \ |
2225 |
- -e 's|/bin/sh|/bin/bash|g' \ |
2226 |
- -i tests/scripts/* || die "sed failed" |
2227 |
- |
2228 |
- AT_NOEAUTOMAKE=yes eautoreconf |
2229 |
-} |
2230 |
- |
2231 |
-build_contrib_module() { |
2232 |
- # <dir> <sources> <outputname> |
2233 |
- pushd "${S}/contrib/slapd-modules/$1" &>/dev/null || die "pushd contrib/slapd-modules/$1" |
2234 |
- einfo "Compiling contrib-module: $3" |
2235 |
- # Make sure it's uppercase |
2236 |
- local define_name="$(LC_ALL=C tr '[:lower:]' '[:upper:]' <<< "SLAPD_OVER_${1}")" |
2237 |
- "${lt}" --mode=compile --tag=CC \ |
2238 |
- "${CC}" \ |
2239 |
- -D${define_name}=SLAPD_MOD_DYNAMIC \ |
2240 |
- -I"${BUILD_DIR}"/include \ |
2241 |
- -I../../../include -I../../../servers/slapd ${CFLAGS} \ |
2242 |
- -o ${2%.c}.lo -c $2 || die "compiling $3 failed" |
2243 |
- einfo "Linking contrib-module: $3" |
2244 |
- "${lt}" --mode=link --tag=CC \ |
2245 |
- "${CC}" -module \ |
2246 |
- ${CFLAGS} \ |
2247 |
- ${LDFLAGS} \ |
2248 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
2249 |
- -o $3.la ${2%.c}.lo || die "linking $3 failed" |
2250 |
- popd &>/dev/null || die |
2251 |
-} |
2252 |
- |
2253 |
-src_configure() { |
2254 |
- # Bug 408001 |
2255 |
- use elibc_FreeBSD && append-cppflags -DMDB_DSYNC=O_SYNC -DMDB_FDATASYNC=fsync |
2256 |
- |
2257 |
- # connectionless ldap per bug #342439 |
2258 |
- append-cppflags -DLDAP_CONNECTIONLESS |
2259 |
- |
2260 |
- multilib-minimal_src_configure |
2261 |
-} |
2262 |
- |
2263 |
-multilib_src_configure() { |
2264 |
- local myconf=() |
2265 |
- |
2266 |
- use debug && myconf+=( $(use_enable debug) ) |
2267 |
- |
2268 |
- # ICU exists only in the configure, nowhere in the codebase, bug #510858 |
2269 |
- export ac_cv_header_unicode_utypes_h=no ol_cv_lib_icu=no |
2270 |
- |
2271 |
- if ! use minimal && multilib_is_native_abi; then |
2272 |
- local CPPFLAGS=${CPPFLAGS} |
2273 |
- |
2274 |
- # re-enable serverside overlay chains per bug #296567 |
2275 |
- # see ldap docs chaper 12.3.1 for details |
2276 |
- myconf+=( --enable-ldap ) |
2277 |
- |
2278 |
- # backends |
2279 |
- myconf+=( --enable-slapd ) |
2280 |
- if use berkdb ; then |
2281 |
- einfo "Using Berkeley DB for local backend" |
2282 |
- myconf+=( --enable-bdb --enable-hdb ) |
2283 |
- DBINCLUDE=$(db_includedir ${BDB_SLOTS}) |
2284 |
- einfo "Using ${DBINCLUDE} for sys-libs/db version" |
2285 |
- # We need to include the slotted db.h dir for FreeBSD |
2286 |
- append-cppflags -I${DBINCLUDE} |
2287 |
- else |
2288 |
- myconf+=( --disable-bdb --disable-hdb ) |
2289 |
- fi |
2290 |
- for backend in dnssrv ldap mdb meta monitor null passwd relay shell sock; do |
2291 |
- myconf+=( --enable-${backend}=mod ) |
2292 |
- done |
2293 |
- |
2294 |
- myconf+=( $(use_enable perl perl mod) ) |
2295 |
- |
2296 |
- myconf+=( $(use_enable odbc sql mod) ) |
2297 |
- if use odbc ; then |
2298 |
- local odbc_lib="unixodbc" |
2299 |
- if use iodbc ; then |
2300 |
- odbc_lib="iodbc" |
2301 |
- append-cppflags -I"${EPREFIX}"/usr/include/iodbc |
2302 |
- fi |
2303 |
- myconf+=( --with-odbc=${odbc_lib} ) |
2304 |
- fi |
2305 |
- |
2306 |
- # slapd options |
2307 |
- myconf+=( |
2308 |
- $(use_enable crypt) |
2309 |
- --disable-slp |
2310 |
- $(use_enable samba lmpasswd) |
2311 |
- $(use_enable syslog) |
2312 |
- ) |
2313 |
- if use experimental ; then |
2314 |
- myconf+=( |
2315 |
- --enable-dynacl |
2316 |
- --enable-aci=mod |
2317 |
- ) |
2318 |
- fi |
2319 |
- for option in aci cleartext modules rewrite rlookups slapi; do |
2320 |
- myconf+=( --enable-${option} ) |
2321 |
- done |
2322 |
- |
2323 |
- # slapd overlay options |
2324 |
- # Compile-in the syncprov, the others as module |
2325 |
- myconf+=( --enable-syncprov=yes ) |
2326 |
- use overlays && myconf+=( --enable-overlays=mod ) |
2327 |
- |
2328 |
- else |
2329 |
- myconf+=( |
2330 |
- --disable-backends |
2331 |
- --disable-slapd |
2332 |
- --disable-bdb |
2333 |
- --disable-hdb |
2334 |
- --disable-mdb |
2335 |
- --disable-overlays |
2336 |
- --disable-syslog |
2337 |
- ) |
2338 |
- fi |
2339 |
- |
2340 |
- # basic functionality stuff |
2341 |
- myconf+=( |
2342 |
- $(use_enable ipv6) |
2343 |
- $(multilib_native_use_with sasl cyrus-sasl) |
2344 |
- $(multilib_native_use_enable sasl spasswd) |
2345 |
- $(use_enable tcpd wrappers) |
2346 |
- ) |
2347 |
- |
2348 |
- # Some cross-compiling tests don't pan out well. |
2349 |
- tc-is-cross-compiler && myconf+=( |
2350 |
- --with-yielding-select=yes |
2351 |
- ) |
2352 |
- |
2353 |
- local ssl_lib="no" |
2354 |
- if use ssl || ( ! use minimal && use samba ) ; then |
2355 |
- ssl_lib="openssl" |
2356 |
- use gnutls && ssl_lib="gnutls" |
2357 |
- fi |
2358 |
- |
2359 |
- myconf+=( --with-tls=${ssl_lib} ) |
2360 |
- |
2361 |
- for basicflag in dynamic local proctitle shared; do |
2362 |
- myconf+=( --enable-${basicflag} ) |
2363 |
- done |
2364 |
- |
2365 |
- tc-export AR CC CXX |
2366 |
- CONFIG_SHELL="/bin/bash" \ |
2367 |
- ECONF_SOURCE="${S}" \ |
2368 |
- STRIP=/bin/true \ |
2369 |
- econf \ |
2370 |
- --libexecdir="${EPREFIX}"/usr/$(get_libdir)/openldap \ |
2371 |
- $(use_enable static-libs static) \ |
2372 |
- "${myconf[@]}" |
2373 |
- emake depend |
2374 |
-} |
2375 |
- |
2376 |
-src_configure_cxx() { |
2377 |
- # This needs the libraries built by the first build run. |
2378 |
- # So we have to run it AFTER the main build, not just after the main |
2379 |
- # configure. |
2380 |
- local myconf_ldapcpp=( |
2381 |
- --with-ldap-includes="${S}"/include |
2382 |
- ) |
2383 |
- |
2384 |
- mkdir -p "${BUILD_DIR}"/contrib/ldapc++ || die |
2385 |
- pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++" |
2386 |
- |
2387 |
- local LDFLAGS=${LDFLAGS} CPPFLAGS=${CPPFLAGS} |
2388 |
- append-ldflags -L"${BUILD_DIR}"/libraries/liblber/.libs \ |
2389 |
- -L"${BUILD_DIR}"/libraries/libldap/.libs |
2390 |
- append-cppflags -I"${BUILD_DIR}"/include |
2391 |
- ECONF_SOURCE=${S}/contrib/ldapc++ \ |
2392 |
- econf "${myconf_ldapcpp[@]}" \ |
2393 |
- CC="${CC}" \ |
2394 |
- CXX="${CXX}" |
2395 |
- popd &>/dev/null || die |
2396 |
-} |
2397 |
- |
2398 |
-multilib_src_compile() { |
2399 |
- tc-export AR CC CXX |
2400 |
- emake CC="${CC}" AR="${AR}" SHELL="${EPREFIX}"/bin/bash |
2401 |
- local lt="${BUILD_DIR}/libtool" |
2402 |
- export echo="echo" |
2403 |
- |
2404 |
- if ! use minimal && multilib_is_native_abi ; then |
2405 |
- if use cxx ; then |
2406 |
- einfo "Building contrib library: ldapc++" |
2407 |
- src_configure_cxx |
2408 |
- pushd "${BUILD_DIR}/contrib/ldapc++" &>/dev/null || die "pushd contrib/ldapc++" |
2409 |
- emake CC="${CC}" CXX="${CXX}" |
2410 |
- popd &>/dev/null || die |
2411 |
- fi |
2412 |
- |
2413 |
- if use smbkrb5passwd ; then |
2414 |
- einfo "Building contrib-module: smbk5pwd" |
2415 |
- pushd "${S}/contrib/slapd-modules/smbk5pwd" &>/dev/null || die "pushd contrib/slapd-modules/smbk5pwd" |
2416 |
- |
2417 |
- MY_DEFS="-DDO_SHADOW" |
2418 |
- if use samba ; then |
2419 |
- MY_DEFS="${MY_DEFS} -DDO_SAMBA" |
2420 |
- MY_KRB5_INC="" |
2421 |
- fi |
2422 |
- if use kerberos ; then |
2423 |
- MY_DEFS="${MY_DEFS} -DDO_KRB5" |
2424 |
- MY_KRB5_INC="$(krb5-config --cflags)" |
2425 |
- fi |
2426 |
- |
2427 |
- emake \ |
2428 |
- DEFS="${MY_DEFS}" \ |
2429 |
- KRB5_INC="${MY_KRB5_INC}" \ |
2430 |
- LDAP_BUILD="${BUILD_DIR}" \ |
2431 |
- CC="${CC}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" |
2432 |
- popd &>/dev/null || die |
2433 |
- fi |
2434 |
- |
2435 |
- if use overlays ; then |
2436 |
- einfo "Building contrib-module: samba4" |
2437 |
- pushd "${S}/contrib/slapd-modules/samba4" &>/dev/null || die "pushd contrib/slapd-modules/samba4" |
2438 |
- |
2439 |
- emake \ |
2440 |
- LDAP_BUILD="${BUILD_DIR}" \ |
2441 |
- CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap" |
2442 |
- popd &>/dev/null || die |
2443 |
- fi |
2444 |
- |
2445 |
- if use kerberos ; then |
2446 |
- if use kinit ; then |
2447 |
- build_contrib_module "kinit" "kinit.c" "kinit" |
2448 |
- fi |
2449 |
- pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd" |
2450 |
- einfo "Compiling contrib-module: pw-kerberos" |
2451 |
- "${lt}" --mode=compile --tag=CC \ |
2452 |
- "${CC}" \ |
2453 |
- -I"${BUILD_DIR}"/include \ |
2454 |
- -I../../../include \ |
2455 |
- ${CFLAGS} \ |
2456 |
- $(krb5-config --cflags) \ |
2457 |
- -DHAVE_KRB5 \ |
2458 |
- -o kerberos.lo \ |
2459 |
- -c kerberos.c || die "compiling pw-kerberos failed" |
2460 |
- einfo "Linking contrib-module: pw-kerberos" |
2461 |
- "${lt}" --mode=link --tag=CC \ |
2462 |
- "${CC}" -module \ |
2463 |
- ${CFLAGS} \ |
2464 |
- ${LDFLAGS} \ |
2465 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
2466 |
- -o pw-kerberos.la \ |
2467 |
- kerberos.lo || die "linking pw-kerberos failed" |
2468 |
- popd &>/dev/null || die |
2469 |
- fi |
2470 |
- |
2471 |
- if use pbkdf2; then |
2472 |
- pushd "${S}/contrib/slapd-modules/passwd/pbkdf2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/pbkdf2" |
2473 |
- einfo "Compiling contrib-module: pw-pbkdf2" |
2474 |
- "${lt}" --mode=compile --tag=CC \ |
2475 |
- "${CC}" \ |
2476 |
- -I"${BUILD_DIR}"/include \ |
2477 |
- -I../../../../include \ |
2478 |
- ${CFLAGS} \ |
2479 |
- -o pbkdf2.lo \ |
2480 |
- -c pw-pbkdf2.c || die "compiling pw-pbkdf2 failed" |
2481 |
- einfo "Linking contrib-module: pw-pbkdf2" |
2482 |
- "${lt}" --mode=link --tag=CC \ |
2483 |
- "${CC}" -module \ |
2484 |
- ${CFLAGS} \ |
2485 |
- ${LDFLAGS} \ |
2486 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
2487 |
- -o pw-pbkdf2.la \ |
2488 |
- pbkdf2.lo || die "linking pw-pbkdf2 failed" |
2489 |
- popd &>/dev/null || die |
2490 |
- fi |
2491 |
- |
2492 |
- if use sha2 ; then |
2493 |
- pushd "${S}/contrib/slapd-modules/passwd/sha2" &>/dev/null || die "pushd contrib/slapd-modules/passwd/sha2" |
2494 |
- einfo "Compiling contrib-module: pw-sha2" |
2495 |
- "${lt}" --mode=compile --tag=CC \ |
2496 |
- "${CC}" \ |
2497 |
- -I"${BUILD_DIR}"/include \ |
2498 |
- -I../../../../include \ |
2499 |
- ${CFLAGS} \ |
2500 |
- -o sha2.lo \ |
2501 |
- -c sha2.c || die "compiling pw-sha2 failed" |
2502 |
- "${lt}" --mode=compile --tag=CC \ |
2503 |
- "${CC}" \ |
2504 |
- -I"${BUILD_DIR}"/include \ |
2505 |
- -I../../../../include \ |
2506 |
- ${CFLAGS} \ |
2507 |
- -o slapd-sha2.lo \ |
2508 |
- -c slapd-sha2.c || die "compiling pw-sha2 failed" |
2509 |
- einfo "Linking contrib-module: pw-sha2" |
2510 |
- "${lt}" --mode=link --tag=CC \ |
2511 |
- "${CC}" -module \ |
2512 |
- ${CFLAGS} \ |
2513 |
- ${LDFLAGS} \ |
2514 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
2515 |
- -o pw-sha2.la \ |
2516 |
- sha2.lo slapd-sha2.lo || die "linking pw-sha2 failed" |
2517 |
- popd &>/dev/null || die |
2518 |
- fi |
2519 |
- |
2520 |
- # We could build pw-radius if GNURadius would install radlib.h |
2521 |
- pushd "${S}/contrib/slapd-modules/passwd" &>/dev/null || die "pushd contrib/slapd-modules/passwd" |
2522 |
- einfo "Compiling contrib-module: pw-netscape" |
2523 |
- "${lt}" --mode=compile --tag=CC \ |
2524 |
- "${CC}" \ |
2525 |
- -I"${BUILD_DIR}"/include \ |
2526 |
- -I../../../include \ |
2527 |
- ${CFLAGS} \ |
2528 |
- -o netscape.lo \ |
2529 |
- -c netscape.c || die "compiling pw-netscape failed" |
2530 |
- einfo "Linking contrib-module: pw-netscape" |
2531 |
- "${lt}" --mode=link --tag=CC \ |
2532 |
- "${CC}" -module \ |
2533 |
- ${CFLAGS} \ |
2534 |
- ${LDFLAGS} \ |
2535 |
- -rpath "${EPREFIX}"/usr/$(get_libdir)/openldap/openldap \ |
2536 |
- -o pw-netscape.la \ |
2537 |
- netscape.lo || die "linking pw-netscape failed" |
2538 |
- |
2539 |
- #build_contrib_module "acl" "posixgroup.c" "posixGroup" # example code only |
2540 |
- #build_contrib_module "acl" "gssacl.c" "gss" # example code only, also needs kerberos |
2541 |
- build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay" |
2542 |
- build_contrib_module "allop" "allop.c" "overlay-allop" |
2543 |
- build_contrib_module "allowed" "allowed.c" "allowed" |
2544 |
- build_contrib_module "autogroup" "autogroup.c" "autogroup" |
2545 |
- build_contrib_module "cloak" "cloak.c" "cloak" |
2546 |
- # build_contrib_module "comp_match" "comp_match.c" "comp_match" # really complex, adds new external deps, questionable demand |
2547 |
- build_contrib_module "denyop" "denyop.c" "denyop-overlay" |
2548 |
- build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin" |
2549 |
- build_contrib_module "dupent" "dupent.c" "dupent" |
2550 |
- build_contrib_module "lastbind" "lastbind.c" "lastbind" |
2551 |
- # lastmod may not play well with other overlays |
2552 |
- build_contrib_module "lastmod" "lastmod.c" "lastmod" |
2553 |
- build_contrib_module "noopsrch" "noopsrch.c" "noopsrch" |
2554 |
- #build_contrib_module "nops" "nops.c" "nops-overlay" https://bugs.gentoo.org/641576 |
2555 |
- #build_contrib_module "nssov" "nssov.c" "nssov-overlay" RESO:LATER |
2556 |
- build_contrib_module "trace" "trace.c" "trace" |
2557 |
- popd &>/dev/null || die |
2558 |
- # build slapi-plugins |
2559 |
- pushd "${S}/contrib/slapi-plugins/addrdnvalues" &>/dev/null || die "pushd contrib/slapi-plugins/addrdnvalues" |
2560 |
- einfo "Building contrib-module: addrdnvalues plugin" |
2561 |
- "${CC}" -shared \ |
2562 |
- -I"${BUILD_DIR}"/include \ |
2563 |
- -I../../../include \ |
2564 |
- ${CFLAGS} \ |
2565 |
- -fPIC \ |
2566 |
- ${LDFLAGS} \ |
2567 |
- -o libaddrdnvalues-plugin.so \ |
2568 |
- addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed" |
2569 |
- popd &>/dev/null || die |
2570 |
- fi |
2571 |
-} |
2572 |
- |
2573 |
-multilib_src_test() { |
2574 |
- if multilib_is_native_abi; then |
2575 |
- cd tests || die |
2576 |
- emake tests |
2577 |
- fi |
2578 |
-} |
2579 |
- |
2580 |
-multilib_src_install() { |
2581 |
- local lt="${BUILD_DIR}/libtool" |
2582 |
- emake DESTDIR="${D}" SHELL="${EPREFIX}"/bin/bash install |
2583 |
- |
2584 |
- if ! use minimal && multilib_is_native_abi; then |
2585 |
- # openldap modules go here |
2586 |
- # TODO: write some code to populate slapd.conf with moduleload statements |
2587 |
- keepdir /usr/$(get_libdir)/openldap/openldap/ |
2588 |
- |
2589 |
- # initial data storage dir |
2590 |
- keepdir /var/lib/openldap-data |
2591 |
- use prefix || fowners ldap:ldap /var/lib/openldap-data |
2592 |
- fperms 0700 /var/lib/openldap-data |
2593 |
- |
2594 |
- echo "OLDPF='${PF}'" > "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" |
2595 |
- echo "# do NOT delete this. it is used" >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" |
2596 |
- echo "# to track versions for upgrading." >> "${ED}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}" |
2597 |
- |
2598 |
- # use our config |
2599 |
- rm "${ED}"/etc/openldap/slapd.conf |
2600 |
- insinto /etc/openldap |
2601 |
- newins "${FILESDIR}"/${PN}-2.4.40-slapd-conf slapd.conf |
2602 |
- configfile="${ED}"/etc/openldap/slapd.conf |
2603 |
- |
2604 |
- # populate with built backends |
2605 |
- ebegin "populate config with built backends" |
2606 |
- for x in "${ED}"/usr/$(get_libdir)/openldap/openldap/back_*.so; do |
2607 |
- einfo "Adding $(basename ${x})" |
2608 |
- sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}" || die |
2609 |
- done |
2610 |
- sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t${EPREFIX}/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}" |
2611 |
- use prefix || fowners root:ldap /etc/openldap/slapd.conf |
2612 |
- fperms 0640 /etc/openldap/slapd.conf |
2613 |
- cp "${configfile}" "${configfile}".default || die |
2614 |
- eend |
2615 |
- |
2616 |
- # install our own init scripts and systemd unit files |
2617 |
- einfo "Install init scripts" |
2618 |
- sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd-initd-2.4.40-r2 > "${T}"/slapd || die |
2619 |
- doinitd "${T}"/slapd |
2620 |
- newconfd "${FILESDIR}"/slapd-confd-2.4.28-r1 slapd |
2621 |
- |
2622 |
- einfo "Install systemd service" |
2623 |
- sed -e "s,/usr/lib/,/usr/$(get_libdir)/," "${FILESDIR}"/slapd.service > "${T}"/slapd.service || die |
2624 |
- systemd_dounit "${T}"/slapd.service |
2625 |
- systemd_install_serviced "${FILESDIR}"/slapd.service.conf |
2626 |
- systemd_newtmpfilesd "${FILESDIR}"/slapd.tmpfilesd slapd.conf |
2627 |
- |
2628 |
- # If built without SLP, we don't need to be before avahi |
2629 |
- sed -i \ |
2630 |
- -e '/before/{s/avahi-daemon//g}' \ |
2631 |
- "${ED}"/etc/init.d/slapd \ |
2632 |
- || die |
2633 |
- |
2634 |
- if use cxx ; then |
2635 |
- einfo "Install the ldapc++ library" |
2636 |
- cd "${BUILD_DIR}/contrib/ldapc++" || die |
2637 |
- emake DESTDIR="${D}" libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install |
2638 |
- cd "${S}"/contrib/ldapc++ || die |
2639 |
- newdoc README ldapc++-README |
2640 |
- fi |
2641 |
- |
2642 |
- if use smbkrb5passwd ; then |
2643 |
- einfo "Install the smbk5pwd module" |
2644 |
- cd "${S}/contrib/slapd-modules/smbk5pwd" || die |
2645 |
- emake DESTDIR="${D}" \ |
2646 |
- LDAP_BUILD="${BUILD_DIR}" \ |
2647 |
- libexecdir="${EPREFIX}/usr/$(get_libdir)/openldap" install |
2648 |
- newdoc README smbk5pwd-README |
2649 |
- fi |
2650 |
- |
2651 |
- if use overlays ; then |
2652 |
- einfo "Install the samba4 module" |
2653 |
- cd "${S}/contrib/slapd-modules/samba4" || die |
2654 |
- emake DESTDIR="${D}" \ |
2655 |
- LDAP_BUILD="${BUILD_DIR}" \ |
2656 |
- libexecdir="/usr/$(get_libdir)/openldap" install |
2657 |
- newdoc README samba4-README |
2658 |
- fi |
2659 |
- |
2660 |
- einfo "Installing contrib modules" |
2661 |
- cd "${S}/contrib/slapd-modules" || die |
2662 |
- for l in */*.la */*/*.la; do |
2663 |
- [[ -e ${l} ]] || continue |
2664 |
- "${lt}" --mode=install cp ${l} \ |
2665 |
- "${ED}"/usr/$(get_libdir)/openldap/openldap || \ |
2666 |
- die "installing ${l} failed" |
2667 |
- done |
2668 |
- |
2669 |
- dodoc "${FILESDIR}"/DB_CONFIG.fast.example |
2670 |
- docinto contrib |
2671 |
- doman */*.5 |
2672 |
- #newdoc acl/README* |
2673 |
- newdoc addpartial/README addpartial-README |
2674 |
- newdoc allop/README allop-README |
2675 |
- newdoc allowed/README allowed-README |
2676 |
- newdoc autogroup/README autogroup-README |
2677 |
- newdoc dsaschema/README dsaschema-README |
2678 |
- newdoc passwd/README passwd-README |
2679 |
- cd "${S}/contrib/slapi-plugins" || die |
2680 |
- insinto /usr/$(get_libdir)/openldap/openldap |
2681 |
- doins */*.so |
2682 |
- docinto contrib |
2683 |
- newdoc addrdnvalues/README addrdnvalues-README |
2684 |
- |
2685 |
- insinto /etc/openldap/schema |
2686 |
- newins "${DISTDIR}"/${BIS_P} ${BIS_PN} |
2687 |
- |
2688 |
- docinto back-sock ; dodoc "${S}"/servers/slapd/back-sock/searchexample* |
2689 |
- docinto back-shell ; dodoc "${S}"/servers/slapd/back-shell/searchexample* |
2690 |
- docinto back-perl ; dodoc "${S}"/servers/slapd/back-perl/SampleLDAP.pm |
2691 |
- |
2692 |
- dosbin "${S}"/contrib/slapd-tools/statslog |
2693 |
- newdoc "${S}"/contrib/slapd-tools/README README.statslog |
2694 |
- fi |
2695 |
- |
2696 |
- if ! use static-libs ; then |
2697 |
- find "${ED}" \( -name '*.a' -o -name '*.la' \) -delete || die |
2698 |
- fi |
2699 |
-} |
2700 |
- |
2701 |
-multilib_src_install_all() { |
2702 |
- dodoc ANNOUNCEMENT CHANGES COPYRIGHT README |
2703 |
- docinto rfc ; dodoc doc/rfc/*.txt |
2704 |
-} |
2705 |
- |
2706 |
-pkg_preinst() { |
2707 |
- # keep old libs if any |
2708 |
- preserve_old_lib /usr/$(get_libdir)/{liblber,libldap_r,liblber}-2.3$(get_libname 0) |
2709 |
- # bug 440470, only display the getting started help there was no openldap before, |
2710 |
- # or we are going to a non-minimal build |
2711 |
- ! has_version net-nds/openldap || has_version 'net-nds/openldap[minimal]' |
2712 |
- OPENLDAP_PRINT_MESSAGES=$((! $?)) |
2713 |
-} |
2714 |
- |
2715 |
-pkg_postinst() { |
2716 |
- if ! use minimal ; then |
2717 |
- # You cannot build SSL certificates during src_install that will make |
2718 |
- # binary packages containing your SSL key, which is both a security risk |
2719 |
- # and a misconfiguration if multiple machines use the same key and cert. |
2720 |
- if use ssl; then |
2721 |
- install_cert /etc/openldap/ssl/ldap |
2722 |
- use prefix || chown ldap:ldap "${EROOT}"/etc/openldap/ssl/ldap.* |
2723 |
- ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" |
2724 |
- ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]" |
2725 |
- ewarn "add 'TLS_REQCERT allow' if you want to use them." |
2726 |
- fi |
2727 |
- |
2728 |
- if use prefix; then |
2729 |
- # Warn about prefix issues with slapd |
2730 |
- eerror "slapd might NOT be usable on Prefix systems as it requires root privileges" |
2731 |
- eerror "to start up, and requires that certain files directories be owned by" |
2732 |
- eerror "ldap:ldap. As Prefix does not support changing ownership of files and" |
2733 |
- eerror "directories, you will have to manually fix this yourself." |
2734 |
- fi |
2735 |
- |
2736 |
- # These lines force the permissions of various content to be correct |
2737 |
- if [[ -d "${EROOT}"/var/run/openldap ]]; then |
2738 |
- use prefix || { chown ldap:ldap "${EROOT}"/var/run/openldap || die; } |
2739 |
- chmod 0755 "${EROOT}"/var/run/openldap || die |
2740 |
- fi |
2741 |
- use prefix || chown root:ldap "${EROOT}"/etc/openldap/slapd.conf{,.default} |
2742 |
- chmod 0640 "${EROOT}"/etc/openldap/slapd.conf{,.default} || die |
2743 |
- use prefix || chown ldap:ldap "${EROOT}"/var/lib/openldap-data |
2744 |
- fi |
2745 |
- |
2746 |
- if has_version 'net-nds/openldap[-minimal]' && ((${OPENLDAP_PRINT_MESSAGES})); then |
2747 |
- elog "Getting started using OpenLDAP? There is some documentation available:" |
2748 |
- elog "Gentoo Guide to OpenLDAP Authentication" |
2749 |
- elog "(https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP)" |
2750 |
- elog "---" |
2751 |
- elog "An example file for tuning BDB backends with openldap is" |
2752 |
- elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/" |
2753 |
- fi |
2754 |
- |
2755 |
- preserve_old_lib_notify /usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3$(get_libname 0) |
2756 |
-} |