Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Robin H. Johnson (robbat2)" <robbat2@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in net-nds/openldap: ChangeLog openldap-2.4.19.ebuild
Date: Tue, 03 Nov 2009 21:14:01
Message-Id: E1N5QhM-0003Mq-F1@stork.gentoo.org
1 robbat2 09/11/03 21:13:52
2
3 Modified: ChangeLog
4 Added: openldap-2.4.19.ebuild
5 Log:
6 Version bump per bug #290345 (CVE-2009-3767). Also fix: #286427 disable-syslog w/ USE=minimal. #280986 ldflags.
7 (Portage version: 2.2_rc48/cvs/Linux x86_64)
8
9 Revision Changes Path
10 1.348 net-nds/openldap/ChangeLog
11
12 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-nds/openldap/ChangeLog?rev=1.348&view=markup
13 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-nds/openldap/ChangeLog?rev=1.348&content-type=text/plain
14 diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-nds/openldap/ChangeLog?r1=1.347&r2=1.348
15
16 Index: ChangeLog
17 ===================================================================
18 RCS file: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v
19 retrieving revision 1.347
20 retrieving revision 1.348
21 diff -p -w -b -B -u -u -r1.347 -r1.348
22 --- ChangeLog 10 Aug 2009 10:32:18 -0000 1.347
23 +++ ChangeLog 3 Nov 2009 21:13:51 -0000 1.348
24 @@ -1,6 +1,13 @@
25 # ChangeLog for net-nds/openldap
26 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
27 -# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.347 2009/08/10 10:32:18 ssuominen Exp $
28 +# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.348 2009/11/03 21:13:51 robbat2 Exp $
29 +
30 +*openldap-2.4.19 (03 Nov 2009)
31 +
32 + 03 Nov 2009; Robin H. Johnson <robbat2@g.o>
33 + +openldap-2.4.19.ebuild, +files/openldap-2.4.19-contrib-smbk5pwd.patch:
34 + Version bump per bug #290345 (CVE-2009-3767). Also fix: #286427
35 + disable-syslog w/ USE=minimal. #280986 ldflags.
36
37 10 Aug 2009; Samuli Suominen <ssuominen@g.o>
38 openldap-2.4.17-r1.ebuild, +files/openldap-2.4.17-gcc44.patch:
39
40
41
42 1.1 net-nds/openldap/openldap-2.4.19.ebuild
43
44 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-nds/openldap/openldap-2.4.19.ebuild?rev=1.1&view=markup
45 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-nds/openldap/openldap-2.4.19.ebuild?rev=1.1&content-type=text/plain
46
47 Index: openldap-2.4.19.ebuild
48 ===================================================================
49 # Copyright 1999-2009 Gentoo Foundation
50 # Distributed under the terms of the GNU General Public License v2
51 # $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/openldap-2.4.19.ebuild,v 1.1 2009/11/03 21:13:51 robbat2 Exp $
52
53 EAPI="2"
54 inherit db-use eutils flag-o-matic multilib ssl-cert versionator toolchain-funcs
55
56 DESCRIPTION="LDAP suite of application and development tools"
57 HOMEPAGE="http://www.OpenLDAP.org/"
58 SRC_URI="mirror://openldap/openldap-release/${P}.tgz"
59
60 LICENSE="OPENLDAP"
61 SLOT="0"
62 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd"
63
64 IUSE_DAEMON="crypt icu samba slp tcpd experimental minimal"
65 IUSE_BACKEND="+berkdb"
66 IUSE_OVERLAY="overlays perl"
67 IUSE_OPTIONAL="gnutls iodbc sasl ssl odbc debug ipv6 syslog selinux"
68 IUSE_CONTRIB="smbkrb5passwd kerberos"
69 IUSE_CONTRIB="${IUSE_CONTRIB} cxx"
70 IUSE="${IUSE_DAEMON} ${IUSE_BACKEND} ${IUSE_OVERLAY} ${IUSE_OPTIONAL} ${IUSE_CONTRIB}"
71
72 # openssl is needed to generate lanman-passwords required by samba
73 RDEPEND="sys-libs/ncurses
74 icu? ( dev-libs/icu )
75 tcpd? ( sys-apps/tcp-wrappers )
76 ssl? ( !gnutls? ( dev-libs/openssl )
77 gnutls? ( net-libs/gnutls ) )
78 sasl? ( dev-libs/cyrus-sasl )
79 !minimal? (
80 odbc? ( !iodbc? ( dev-db/unixODBC )
81 iodbc? ( dev-db/libiodbc ) )
82 slp? ( net-libs/openslp )
83 perl? ( dev-lang/perl[-build] )
84 samba? ( dev-libs/openssl )
85 berkdb? ( sys-libs/db )
86 smbkrb5passwd? (
87 dev-libs/openssl
88 app-crypt/heimdal )
89 kerberos? ( virtual/krb5 )
90 cxx? ( dev-libs/cyrus-sasl )
91 )
92 selinux? ( sec-policy/selinux-openldap )"
93 DEPEND="${RDEPEND}"
94
95 # for tracking versions
96 OPENLDAP_VERSIONTAG=".version-tag"
97 OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
98
99 openldap_find_versiontags() {
100 # scan for all datadirs
101 openldap_datadirs=""
102 if [ -f "${ROOT}"/etc/openldap/slapd.conf ]; then
103 openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)"
104 fi
105 openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
106
107 einfo
108 einfo "Scanning datadir(s) from slapd.conf and"
109 einfo "the default installdir for Versiontags"
110 einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
111 einfo
112
113 # scan datadirs if we have a version tag
114 openldap_found_tag=0
115 for each in ${openldap_datadirs}; do
116 CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
117 CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
118 if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
119 einfo "- Checking ${each}..."
120 if [ -r ${CURRENT_TAG} ] ; then
121 # yey, we have one :)
122 einfo " Found Versiontag in ${each}"
123 source ${CURRENT_TAG}
124 if [ "${OLDPF}" == "" ] ; then
125 eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
126 eerror "Please delete it"
127 eerror
128 die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
129 fi
130
131 OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
132
133 # are we on the same branch?
134 if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
135 ewarn " Versiontag doesn't match current major release!"
136 if [[ `ls -a ${CURRENT_TAGDIR} | wc -l` -gt 5 ]] ; then
137 eerror " Versiontag says other major and you (probably) have datafiles!"
138 echo
139 openldap_upgrade_howto
140 else
141 einfo " No real problem, seems there's no database."
142 fi
143 else
144 einfo " Versiontag is fine here :)"
145 fi
146 else
147 einfo " Non-tagged dir ${each}"
148 if [[ `ls -a ${each} | wc -l` > 5 ]] ; then
149 einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
150 echo
151
152 eerror
153 eerror "Your OpenLDAP Installation has a non tagged datadir that"
154 eerror "possibly contains a database at ${CURRENT_TAGDIR}"
155 eerror
156 eerror "Please export data if any entered and empty or remove"
157 eerror "the directory, installation has been stopped so you"
158 eerror "can take required action"
159 eerror
160 eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
161 eerror
162 die "Please move the datadir ${CURRENT_TAGDIR} away"
163 fi
164 fi
165 einfo
166 fi
167 done
168
169 echo
170 einfo
171 einfo "All datadirs are fine, proceeding with merge now..."
172 einfo
173 }
174
175 openldap_upgrade_howto() {
176 eerror
177 eerror "A (possible old) installation of OpenLDAP was detected,"
178 eerror "installation will not proceed for now."
179 eerror
180 eerror "As major version upgrades can corrupt your database,"
181 eerror "you need to dump your database and re-create it afterwards."
182 eerror ""
183 d="$(date -u +%s)"
184 l="/root/ldapdump.${d}"
185 i="${l}.raw"
186 eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
187 eerror " 2. slapcat -l ${i}"
188 eerror " 3. egrep -v '^entryCSN:' <${i} >${l}"
189 eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
190 eerror " 5. emerge --update \=net-nds/${PF}"
191 eerror " 6. etc-update, and ensure that you apply the changes"
192 eerror " 7. slapadd -l ${l}"
193 eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
194 eerror " 9. /etc/init.d/slapd start"
195 eerror "10. check that your data is intact."
196 eerror "11. set up the new replication system."
197 eerror
198 if [ "${FORCE_UPGRADE}" != "1" ]; then
199 die "You need to upgrade your database first"
200 else
201 eerror "You have the magical FORCE_UPGRADE=1 in place."
202 eerror "Don't say you weren't warned about data loss."
203 fi
204 }
205
206 pkg_setup() {
207 if ! use sasl && use cxx ; then
208 die "To build the ldapc++ library you must emerge openldap with sasl support"
209 fi
210 if use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
211 einfo
212 einfo "Skipping scan for previous datadirs as requested by minimal useflag"
213 einfo
214 else
215 openldap_find_versiontags
216 fi
217
218 enewgroup ldap 439
219 enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
220 }
221
222 src_prepare() {
223 # ensure correct SLAPI path by default
224 sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \
225 "${S}"/include/ldap_defaults.h
226
227 epatch "${FILESDIR}"/${PN}-2.4.17-gcc44.patch
228
229 epatch \
230 "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch \
231 "${FILESDIR}"/${PN}-2.4.15-ppolicy.patch
232
233 # bug #116045 - still present in 2.4.19
234 epatch "${FILESDIR}"/${PN}-2.4.19-contrib-smbk5pwd.patch
235
236 # bug #189817
237 epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
238
239 # bug #233633
240 epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
241
242 cd "${S}"/build
243 einfo "Making sure upstream build strip does not do stripping too early"
244 sed -i.orig \
245 -e '/^STRIP/s,-s,,g' \
246 top.mk || die "Failed to block stripping"
247
248 # wrong assumption that /bin/sh is /bin/bash
249 sed -i \
250 -e 's|/bin/sh|/bin/bash|g' \
251 "${S}"/tests/scripts/* || die "sed failed"
252 }
253
254 build_contrib_module() {
255 lt="${S}/libtool"
256 # <dir> <sources> <outputname>
257 cd "${S}/contrib/slapd-modules/$1"
258 einfo "Compiling contrib-module: $3"
259 "${lt}" --mode=compile --tag=CC \
260 "${CC}" \
261 -I../../../include -I../../../servers/slapd ${CFLAGS} \
262 -o ${2%.c}.lo -c $2 || die "compiling $3 failed"
263 einfo "Linking contrib-module: $3"
264 "${lt}" --mode=link --tag=CC \
265 "${CC}" -module \
266 ${CFLAGS} \
267 ${LDFLAGS} \
268 -rpath /usr/$(get_libdir)/openldap/openldap \
269 -o $3.la ${2%.c}.lo || die "linking $3 failed"
270 }
271
272 src_configure() {
273 local myconf
274
275 #Fix for glibc-2.8 and ucred. Bug 228457.
276 append-flags -D_GNU_SOURCE
277
278 use debug && myconf="${myconf} $(use_enable debug)"
279
280 # ICU usage is not configurable
281 export ac_cv_header_unicode_utypes_h="$(use icu && echo yes || echo no)"
282
283 if ! use minimal ; then
284 # backends
285 myconf="${myconf} --enable-slapd"
286 if use berkdb ; then
287 einfo "Using Berkeley DB for local backend"
288 myconf="${myconf} --enable-bdb --enable-hdb"
289 # We need to include the slotted db.h dir for FreeBSD
290 append-cppflags -I$(db_includedir)
291 else
292 ewarn
293 ewarn "Note: if you disable berkdb, you can only use remote-backends!"
294 ewarn
295 ebeep 5
296 myconf="${myconf} --disable-bdb --disable-hdb"
297 fi
298 for backend in dnssrv ldap meta monitor null passwd relay shell sock; do
299 myconf="${myconf} --enable-${backend}=mod"
300 done
301
302 myconf="${myconf} $(use_enable perl perl mod)"
303
304 myconf="${myconf} $(use_enable odbc sql mod)"
305 if use odbc ; then
306 local odbc_lib="unixodbc"
307 use iodbc && odbc_lib="iodbc"
308 myconf="${myconf} --with-odbc=${odbc_lib}"
309 fi
310
311 # slapd options
312 myconf="${myconf} $(use_enable crypt) $(use_enable slp)"
313 myconf="${myconf} $(use_enable samba lmpasswd) $(use_enable syslog)"
314 if use experimental ; then
315 myconf="${myconf} --enable-dynacl"
316 myconf="${myconf} --enable-aci=mod"
317 fi
318 for option in aci cleartext modules rewrite rlookups slapi; do
319 myconf="${myconf} --enable-${option}"
320 done
321
322 # slapd overlay options
323 # Compile-in the syncprov, the others as module
324 myconf="${myconf} --enable-syncprov=yes"
325 use overlays && myconf="${myconf} --enable-overlays=mod"
326
327 else
328 myconf="${myconf} --disable-slapd --disable-bdb --disable-hdb"
329 myconf="${myconf} --disable-overlays --disable-syslog"
330 fi
331
332 # basic functionality stuff
333 myconf="${myconf} $(use_enable ipv6)"
334 myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)"
335 myconf="${myconf} $(use_enable tcpd wrappers)"
336
337 local ssl_lib="no"
338 if use ssl || ( use ! minimal && use samba ) ; then
339 ssl_lib="openssl"
340 use gnutls && ssl_lib="gnutls"
341 fi
342
343 myconf="${myconf} --with-tls=${ssl_lib}"
344
345 for basicflag in dynamic local proctitle shared static; do
346 myconf="${myconf} --enable-${basicflag}"
347 done
348
349 tc-export CC AR CXX
350 STRIP=/bin/true \
351 econf \
352 --libexecdir=/usr/$(get_libdir)/openldap \
353 ${myconf}
354
355 if ! use minimal ; then
356 if use cxx ; then
357 local myconf_ldapcpp
358 myconf_ldapcpp="${myconf_ldapcpp} --with-ldap-includes=../../include"
359 cd "${S}/contrib/ldapc++"
360 OLD_LDFLAGS="$LDFLAGS"
361 OLD_CPPFLAGS="$CPPFLAGS"
362 append-ldflags -L../../libraries/liblber/.libs -L../../libraries/libldap/.libs
363 append-ldflags -L../../../libraries/liblber/.libs -L../../../libraries/libldap/.libs
364 append-cppflags -I../../../include
365 econf ${myconf_ldapcpp} \
366 CC="${CC}" \
367 CXX="${CXX}" \
368 || die "econf ldapc++ failed"
369 CPPFLAGS="$OLD_CPPFLAGS"
370 fi
371 fi
372 }
373
374 src_compile() {
375 emake depend || die "emake depend failed"
376 emake CC="${CC}" AR="${AR}" || die "emake failed"
377 lt="${S}/libtool"
378 export echo="echo"
379
380 if ! use minimal ; then
381 if use cxx ; then
382 einfo "Building contrib library: ldapc++"
383 cd "${S}/contrib/ldapc++"
384 emake \
385 CC="${CC}" CXX="${CXX}" \
386 || die "emake ldapc++ failed"
387 fi
388
389 if use smbkrb5passwd ; then
390 einfo "Building contrib-module: smbk5pwd"
391 cd "${S}/contrib/slapd-modules/smbk5pwd"
392
393 emake \
394 DEFS="-DDO_SAMBA -DDO_KRB5" \
395 KRB5_INC="$(krb5-config --cflags)" \
396 CC="${CC}" libexecdir="/usr/$(get_libdir)/openldap" \
397 || die "emake smbk5pwd failed"
398 fi
399
400 if use kerberos ; then
401 cd "${S}/contrib/slapd-modules/passwd"
402 einfo "Compiling contrib-module: pw-kerberos"
403 "${lt}" --mode=compile --tag=CC \
404 "${CC}" \
405 -I../../../include \
406 ${CFLAGS} \
407 $(krb5-config --cflags) \
408 -DHAVE_KRB5 \
409 -o kerberos.lo \
410 -c kerberos.c || die "compiling pw-kerberos failed"
411 einfo "Linking contrib-module: pw-kerberos"
412 "${lt}" --mode=link --tag=CC \
413 "${CC}" -module \
414 ${CFLAGS} \
415 ${LDFLAGS} \
416 -rpath /usr/$(get_libdir)/openldap/openldap \
417 -o pw-kerberos.la \
418 kerberos.lo || die "linking pw-kerberos failed"
419 fi
420 # We could build pw-radius if GNURadius would install radlib.h
421 cd "${S}/contrib/slapd-modules/passwd"
422 einfo "Compiling contrib-module: pw-netscape"
423 "${lt}" --mode=compile --tag=CC \
424 "${CC}" \
425 -I../../../include \
426 ${CFLAGS} \
427 -o netscape.lo \
428 -c netscape.c || die "compiling pw-netscape failed"
429 einfo "Linking contrib-module: pw-netscape"
430 "${lt}" --mode=link --tag=CC \
431 "${CC}" -module \
432 ${CFLAGS} \
433 ${LDFLAGS} \
434 -rpath /usr/$(get_libdir)/openldap/openldap \
435 -o pw-netscape.la \
436 netscape.lo || die "linking pw-netscape failed"
437
438 build_contrib_module "addpartial" "addpartial-overlay.c" "addpartial-overlay"
439 build_contrib_module "allop" "allop.c" "overlay-allop"
440 build_contrib_module "allowed" "allowed.c" "allowed"
441 build_contrib_module "autogroup" "autogroup.c" "autogroup"
442 build_contrib_module "denyop" "denyop.c" "denyop-overlay"
443 build_contrib_module "dsaschema" "dsaschema.c" "dsaschema-plugin"
444 # lastmod may not play well with other overlays
445 build_contrib_module "lastmod" "lastmod.c" "lastmod"
446 build_contrib_module "nops" "nops.c" "nops-overlay"
447 build_contrib_module "trace" "trace.c" "trace"
448 # build slapi-plugins
449 cd "${S}/contrib/slapi-plugins/addrdnvalues"
450 einfo "Building contrib-module: addrdnvalues plugin"
451 "${CC}" -shared \
452 -I../../../include \
453 ${CFLAGS} \
454 -fPIC \
455 ${LDFLAGS} \
456 -o libaddrdnvalues-plugin.so \
457 addrdnvalues.c || die "Building libaddrdnvalues-plugin.so failed"
458
459 fi
460 }
461
462 src_test() {
463 cd tests ; make tests || die "make tests failed"
464 }
465
466 src_install() {
467 lt="${S}/libtool"
468 emake DESTDIR="${D}" install || die "make install failed"
469
470 dodoc ANNOUNCEMENT CHANGES COPYRIGHT README "${FILESDIR}"/DB_CONFIG.fast.example
471 docinto rfc ; dodoc doc/rfc/*.txt
472
473 # openldap modules go here
474 # TODO: write some code to populate slapd.conf with moduleload statements
475 keepdir /usr/$(get_libdir)/openldap/openldap/
476
477 # initial data storage dir
478 keepdir /var/lib/openldap-data
479 fowners ldap:ldap /var/lib/openldap-data
480 fperms 0700 /var/lib/openldap-data
481
482 echo "OLDPF='${PF}'" > "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
483 echo "# do NOT delete this. it is used" >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
484 echo "# to track versions for upgrading." >> "${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}"
485
486 # change slapd.pid location in configuration file
487 keepdir /var/run/openldap
488 fowners ldap:ldap /var/run/openldap
489 fperms 0755 /var/run/openldap
490
491 if ! use minimal; then
492 # use our config
493 rm "${D}"etc/openldap/slapd.conf
494 insinto /etc/openldap
495 newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
496 configfile="${D}"etc/openldap/slapd.conf
497
498 # populate with built backends
499 ebegin "populate config with built backends"
500 for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
501 elog "Adding $(basename ${x})"
502 sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
503 done
504 sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
505 fowners root:ldap /etc/openldap/slapd.conf
506 fperms 0640 /etc/openldap/slapd.conf
507 cp "${configfile}" "${configfile}".default
508 eend
509
510 # install our own init scripts
511 newinitd "${FILESDIR}"/slapd-initd slapd
512 newconfd "${FILESDIR}"/slapd-confd slapd
513 if [ $(get_libdir) != lib ]; then
514 sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/slapd
515 fi
516
517 if use cxx ; then
518 einfo "Install the ldapc++ library"
519 cd "${S}/contrib/ldapc++"
520 emake DESTDIR="${D}" libexecdir="/usr/$(get_libdir)/openldap" install || die "emake install ldapc++ failed"
521 newdoc README ldapc++-README
522 fi
523
524 if use smbkrb5passwd ; then
525 einfo "Install the smbk5pwd module"
526 cd "${S}/contrib/slapd-modules/smbk5pwd"
527 emake DESTDIR="${D}" libexecdir="/usr/$(get_libdir)/openldap" install || die "emake install smbk5pwd failed"
528 newdoc README smbk5pwd-README
529 fi
530
531 einfo "Installing contrib modules"
532 cd "${S}/contrib/slapd-modules"
533 for l in */*.la; do
534 "${lt}" --mode=install cp ${l} \
535 "${D}"usr/$(get_libdir)/openldap/openldap || \
536 die "installing ${l} failed"
537 done
538 docinto contrib
539 newdoc addpartial/README addpartial-README
540 newdoc allop/README allop-README
541 doman allop/slapo-allop.5
542 newdoc autogroup/README autogroup-README
543 newdoc denyop/denyop.c denyop-denyop.c
544 newdoc dsaschema/README dsaschema-README
545 doman lastmod/slapo-lastmod.5
546 doman nops/slapo-nops.5
547 newdoc passwd/README passwd-README
548 cd "${S}/contrib/slapi-plugins"
549 insinto /usr/$(get_libdir)/openldap/openldap
550 doins */*.so
551 docinto contrib
552 newdoc addrdnvalues/README addrdnvalues-README
553 fi
554 }
555
556 pkg_preinst() {
557 # keep old libs if any
558 preserve_old_lib usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3.so.0
559 }
560
561 pkg_postinst() {
562 if ! use minimal ; then
563 # You cannot build SSL certificates during src_install that will make
564 # binary packages containing your SSL key, which is both a security risk
565 # and a misconfiguration if multiple machines use the same key and cert.
566 if use ssl; then
567 install_cert /etc/openldap/ssl/ldap
568 chown ldap:ldap "${ROOT}"etc/openldap/ssl/ldap.*
569 ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
570 ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
571 ewarn "add 'TLS_REQCERT never' if you want to use them."
572 fi
573
574 # These lines force the permissions of various content to be correct
575 chown ldap:ldap "${ROOT}"var/run/openldap
576 chmod 0755 "${ROOT}"var/run/openldap
577 chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default}
578 chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default}
579 chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm}
580 fi
581
582 elog "Getting started using OpenLDAP? There is some documentation available:"
583 elog "Gentoo Guide to OpenLDAP Authentication"
584 elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
585 elog "---"
586 elog "An example file for tuning BDB backends with openldap is"
587 elog "DB_CONFIG.fast.example in /usr/share/doc/${PF}/"
588
589 preserve_old_lib_notify usr/$(get_libdir)/{liblber,libldap,libldap_r}-2.3.so.0
590 }
Report Message
Find on MARC Find on Google Groups