Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Markus Ullmann (jokey)" <jokey@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in net-nds/openldap: ChangeLog openldap-2.3.39.ebuild
Date: Mon, 29 Oct 2007 16:11:08
Message-Id: E1ImXCg-0006QF-Oi@stork.gentoo.org
1 jokey 07/10/29 16:11:02
2
3 Modified: ChangeLog
4 Added: openldap-2.3.39.ebuild
5 Log:
6 Version bump
7 (Portage version: 2.1.3.16)
8
9 Revision Changes Path
10 1.287 net-nds/openldap/ChangeLog
11
12 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-nds/openldap/ChangeLog?rev=1.287&view=markup
13 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-nds/openldap/ChangeLog?rev=1.287&content-type=text/plain
14 diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-nds/openldap/ChangeLog?r1=1.286&r2=1.287
15
16 Index: ChangeLog
17 ===================================================================
18 RCS file: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v
19 retrieving revision 1.286
20 retrieving revision 1.287
21 diff -u -r1.286 -r1.287
22 --- ChangeLog 17 Oct 2007 00:38:21 -0000 1.286
23 +++ ChangeLog 29 Oct 2007 16:11:02 -0000 1.287
24 @@ -1,6 +1,11 @@
25 # ChangeLog for net-nds/openldap
26 # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
27 -# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.286 2007/10/17 00:38:21 wolf31o2 Exp $
28 +# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.287 2007/10/29 16:11:02 jokey Exp $
29 +
30 +*openldap-2.3.39 (29 Oct 2007)
31 +
32 + 29 Oct 2007; Markus Ullmann <jokey@g.o> +openldap-2.3.39.ebuild:
33 + Version bump
34
35 17 Oct 2007; Chris Gianelloni <wolf31o2@g.o>
36 openldap-2.3.38.ebuild:
37
38
39
40 1.1 net-nds/openldap/openldap-2.3.39.ebuild
41
42 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-nds/openldap/openldap-2.3.39.ebuild?rev=1.1&view=markup
43 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-nds/openldap/openldap-2.3.39.ebuild?rev=1.1&content-type=text/plain
44
45 Index: openldap-2.3.39.ebuild
46 ===================================================================
47 # Copyright 1999-2007 Gentoo Foundation
48 # Distributed under the terms of the GNU General Public License v2
49 # $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/openldap-2.3.39.ebuild,v 1.1 2007/10/29 16:11:02 jokey Exp $
50
51 WANT_AUTOCONF="latest"
52 WANT_AUTOMAKE="latest"
53 AT_M4DIR="./build"
54 inherit autotools db-use eutils flag-o-matic multilib ssl-cert toolchain-funcs versionator
55
56 DESCRIPTION="LDAP suite of application and development tools"
57 HOMEPAGE="http://www.OpenLDAP.org/"
58 SRC_URI="mirror://openldap/openldap-release/${P}.tgz"
59
60 LICENSE="OPENLDAP"
61 SLOT="0"
62 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd"
63 IUSE="berkdb crypt debug gdbm ipv6 kerberos minimal odbc overlays perl readline
64 samba sasl slp smbkrb5passwd ssl tcpd selinux"
65
66 # note that the 'samba' USE flag pulling in OpenSSL is NOT an error. OpenLDAP
67 # uses OpenSSL for LanMan/NTLM hashing (which is used in some enviroments, like
68 # mine at work)!
69 # Robin H. Johnson <robbat2@g.o> March 8, 2004
70
71 RDEPEND="sys-libs/ncurses
72 tcpd? ( sys-apps/tcp-wrappers )
73 ssl? ( dev-libs/openssl )
74 readline? ( sys-libs/readline )
75 sasl? ( dev-libs/cyrus-sasl )
76 !minimal? (
77 odbc? ( dev-db/unixODBC )
78 slp? ( net-libs/openslp )
79 perl? ( dev-lang/perl )
80 samba? ( dev-libs/openssl )
81 kerberos? ( virtual/krb5 )
82 berkdb? ( >=sys-libs/db-4.2.52_p2-r1 )
83 !berkdb? (
84 gdbm? ( sys-libs/gdbm )
85 !gdbm? ( >=sys-libs/db-4.2.52_p2-r1 )
86 )
87 smbkrb5passwd? (
88 dev-libs/openssl
89 app-crypt/heimdal
90 )
91 )
92 selinux? ( sec-policy/selinux-openldap )"
93 DEPEND="${RDEPEND}"
94
95 # for tracking versions
96 OPENLDAP_VERSIONTAG=".version-tag"
97 OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
98
99 openldap_upgrade_howto() {
100 eerror
101 eerror "A (possible old) installation of OpenLDAP was detected,"
102 eerror "installation will not proceed for now."
103 eerror
104 eerror "As major version upgrades can corrupt your database,"
105 eerror "you need to dump your database and re-create it afterwards."
106 eerror ""
107 d="$(date -u +%s)"
108 l="/root/ldapdump.${d}"
109 i="${l}.raw"
110 eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
111 eerror " 2. slapcat -l ${i}"
112 eerror " 3. egrep -v '^entryCSN:' <${i} >${l}"
113 eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
114 eerror " 5. emerge --update \=net-nds/${PF}"
115 eerror " 6. etc-update, and ensure that you apply the changes"
116 eerror " 7. slapadd -l ${l}"
117 eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
118 eerror " 9. /etc/init.d/slapd start"
119 eerror "10. check that your data is intact."
120 eerror "11. set up the new replication system."
121 eerror
122 die "You need to upgrade your database first"
123 }
124
125 openldap_find_versiontags() {
126 # scan for all datadirs
127 openldap_datadirs=""
128 if [ -f ${ROOT}/etc/openldap/slapd.conf ]; then
129 openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)"
130 fi
131 openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
132
133 einfo
134 einfo "Scanning datadir(s) from slapd.conf and"
135 einfo "the default installdir for Versiontags"
136 einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
137 einfo
138
139 # scan datadirs if we have a version tag
140 openldap_found_tag=0
141 for each in ${openldap_datadirs}; do
142 CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
143 CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
144 if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
145 einfo "- Checking ${each}..."
146 if [ -r ${CURRENT_TAG} ] ; then
147 # yey, we have one :)
148 einfo " Found Versiontag in ${each}"
149 source ${CURRENT_TAG}
150 if [ "${OLDPF}" == "" ] ; then
151 eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
152 eerror "Please delete it"
153 eerror
154 die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
155 fi
156
157 OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
158
159 # are we on the same branch?
160 if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
161 ewarn " Versiontag doesn't match current major release!"
162 if [[ `ls -a ${CURRENT_TAGDIR} | wc -l` -gt 5 ]] ; then
163 eerror " Versiontag says other major and you (probably) have datafiles!"
164 echo
165 openldap_upgrade_howto
166 else
167 einfo " No real problem, seems there's no database."
168 fi
169 else
170 einfo " Versiontag is fine here :)"
171 fi
172 else
173 einfo " Non-tagged dir ${each}"
174 if [[ `ls -a ${each} | wc -l` > 5 ]] ; then
175 einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
176 echo
177
178 eerror
179 eerror "Your OpenLDAP Installation has a non tagged datadir that"
180 eerror "possibly contains a database at ${CURRENT_TAGDIR}"
181 eerror
182 eerror "Please export data if any entered and empty or remove"
183 eerror "the directory, installation has been stopped so you"
184 eerror "can take required action"
185 eerror
186 eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
187 eerror
188 die "Please move the datadir ${CURRENT_TAGDIR} away"
189 fi
190 fi
191 einfo
192 fi
193 done
194
195 echo
196 einfo
197 einfo "All datadirs are fine, proceeding with merge now..."
198 einfo
199
200 }
201
202 pkg_setup() {
203 if has_version "<=dev-lang/perl-5.8.8_rc1" && built_with_use dev-lang/perl minimal ; then
204 die "You must have a complete (USE='-minimal') Perl install to use the perl backend!"
205 fi
206
207 if use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
208 einfo
209 einfo "Skipping scan for previous datadirs as requested by minimal useflag"
210 einfo
211 else
212 openldap_find_versiontags
213 fi
214
215 enewgroup ldap 439
216 enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
217 }
218
219 src_unpack() {
220 unpack ${A}
221
222 # According to MDK, the link order needs to be changed so that
223 # on systems w/ MD5 passwords the system crypt library is used
224 # (the net result is that "passwd" can be used to change ldap passwords w/
225 # proper pam support)
226 sed -i -e 's/$(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)/$(LUTIL_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS)/' \
227 ${S}/servers/slapd/Makefile.in
228
229 # supersedes old fix for bug #31202
230 EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
231
232 # ensure correct SLAPI path by default
233 sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \
234 ${S}/include/ldap_defaults.h
235
236 EPATCH_OPTS="-p0 -d ${S}"
237
238 # ximian connector 1.4.7 ntlm patch
239 epatch "${FILESDIR}"/${PN}-2.2.6-ntlm.patch
240
241 # bug #132263
242 if use overlays ; then
243 epatch "${FILESDIR}"/${PN}-2.3.21-ppolicy.patch
244 fi
245
246 # fix up stuff for newer autoconf that simulates autoconf-2.13, but doesn't
247 # do it perfectly.
248 cd "${S}"/build
249 ln -s shtool install
250 ln -s shtool install.sh
251 einfo "Making sure upstream build strip does not do stripping too early"
252 sed -i.orig \
253 -e '/^STRIP/s,-s,,g' \
254 top.mk || die "Failed to block stripping"
255
256 # bug #116045
257 # patch contrib modules
258 if ! use minimal ; then
259 cd "${S}"/contrib
260 epatch "${FILESDIR}"/${PN}-2.3.24-contrib-smbk5pwd.patch
261 fi
262 }
263
264 src_compile() {
265 local myconf
266
267 # HDB is only available with BerkDB
268 myconf_berkdb='--enable-bdb --enable-ldbm-api=berkeley --enable-hdb=mod'
269 myconf_gdbm='--disable-bdb --enable-ldbm-api=gdbm --disable-hdb'
270
271 use debug && myconf="${myconf} --enable-debug" # there is no disable-debug
272
273 # enable slapd/slurpd servers if not doing a minimal build
274 if ! use minimal ; then
275 myconf="${myconf} --enable-slapd --enable-slurpd"
276 # base backend stuff
277 myconf="${myconf} --enable-ldbm"
278 if use berkdb ; then
279 einfo "Using Berkeley DB for local backend"
280 myconf="${myconf} ${myconf_berkdb}"
281 # We need to include the slotted db.h dir for FreeBSD
282 append-cppflags -I$(db_includedir)
283 elif use gdbm ; then
284 einfo "Using GDBM for local backend"
285 myconf="${myconf} ${myconf_gdbm}"
286 else
287 ewarn "Neither gdbm or berkdb USE flags present, falling back to"
288 ewarn "Berkeley DB for local backend"
289 myconf="${myconf} ${myconf_berkdb}"
290 # We need to include the slotted db.h dir for FreeBSD
291 append-cppflags -I$(db_includedir)
292 fi
293 # extra backend stuff
294 myconf="${myconf} --enable-passwd=mod --enable-phonetic=mod"
295 myconf="${myconf} --enable-dnssrv=mod --enable-ldap"
296 myconf="${myconf} --enable-meta=mod --enable-monitor=mod"
297 myconf="${myconf} --enable-null=mod --enable-shell=mod"
298 myconf="${myconf} --enable-relay=mod"
299 myconf="${myconf} $(use_enable perl perl mod)"
300 myconf="${myconf} $(use_enable odbc sql mod)"
301 # slapd options
302 myconf="${myconf} $(use_enable crypt) $(use_enable slp)"
303 myconf="${myconf} --enable-rewrite --enable-rlookups"
304 myconf="${myconf} --enable-aci --enable-modules"
305 myconf="${myconf} --enable-cleartext --enable-slapi"
306 myconf="${myconf} $(use_enable samba lmpasswd)"
307 # slapd overlay options
308 myconf="${myconf} --enable-dyngroup --enable-proxycache"
309 use overlays && myconf="${myconf} --enable-overlays=mod"
310 else
311 myconf="${myconf} --disable-slapd --disable-slurpd"
312 myconf="${myconf} --disable-bdb --disable-ldbm"
313 myconf="${myconf} --disable-hdb --disable-monitor"
314 myconf="${myconf} --disable-slurpd --disable-overlays"
315 myconf="${myconf} --disable-relay"
316 fi
317
318 # basic functionality stuff
319 myconf="${myconf} --enable-syslog --enable-dynamic"
320 myconf="${myconf} --enable-local --enable-proctitle"
321
322 myconf="${myconf} $(use_enable ipv6) $(use_enable readline)"
323 myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)"
324 myconf="${myconf} $(use_enable tcpd wrappers) $(use_with ssl tls)"
325
326 if [ $(get_libdir) != "lib" ] ; then
327 append-ldflags -L/usr/$(get_libdir)
328 fi
329
330 STRIP=/bin/true \
331 econf \
332 --enable-static \
333 --enable-shared \
334 --libexecdir=/usr/$(get_libdir)/openldap \
335 ${myconf} || die "configure failed"
336
337 # Adding back -j1 as upstream didn't answer on parallel make issue yet
338 emake -j1 depend || die "make depend failed"
339 emake -j1 || die "make failed"
340
341 # openldap/contrib
342 tc-export CC
343 if ! use minimal ; then
344 # dsaschema
345 einfo "Building contributed dsaschema"
346 cd "${S}"/contrib/slapd-modules/dsaschema
347 ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
348 -Wall -o libdsaschema-plugin.so dsaschema.c || \
349 die "failed to compile dsaschema module"
350 # kerberos passwd
351 if use kerberos ; then
352 einfo "Building contributed pw-kerberos"
353 cd "${S}"/contrib/slapd-modules/passwd/ && \
354 ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
355 -DHAVE_KRB5 -o pw-kerberos.so kerberos.c || \
356 die "failed to compile kerberos password module"
357 fi
358 # netscape mta-md5 password
359 einfo "Building contributed pw-netscape"
360 cd "${S}"/contrib/slapd-modules/passwd/ && \
361 ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
362 -o pw-netscape.so netscape.c || \
363 die "failed to compile netscape password module"
364 # smbk5pwd overlay
365 # Note: this modules builds, but may not work with
366 # Gentoo's MIT-Kerberos. It was designed for Heimdal
367 # Kerberos.
368 if use smbkrb5passwd ; then
369 einfo "Building contributed smbk5pwd"
370 local mydef
371 local mykrb5inc
372 mydef="-DDO_SAMBA -DDO_KRB5"
373 mykrb5inc="-I/usr/include/heimdal/"
374 cd "${S}"/contrib/slapd-modules/smbk5pwd && \
375 libexecdir="/usr/$(get_libdir)/openldap" \
376 DEFS="${mydef}" KRB5_INC="${mykrb5inc}" emake || \
377 die "failed to compile smbk5pwd module"
378 fi
379 # addrdnvalues
380 einfo "Building contributed addrdnvalues"
381 cd "${S}"/contrib/slapi-plugins/addrdnvalues/ && \
382 ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
383 -o libaddrdnvalues-plugin.so addrdnvalues.c || \
384 die "failed to compile addrdnvalues plugin"
385 fi
386 }
387
388 src_test() {
389 einfo "Doing tests"
390 cd tests ; make tests || die "make tests failed"
391 }
392
393 src_install() {
394 emake DESTDIR="${D}" install || die "make install failed"
395
396 dodoc ANNOUNCEMENT CHANGES COPYRIGHT README LICENSE "${FILESDIR}"/DB_CONFIG.fast.example
397 docinto rfc ; dodoc doc/rfc/*.txt
398
399 # openldap modules go here
400 # TODO: write some code to populate slapd.conf with moduleload statements
401 keepdir /usr/$(get_libdir)/openldap/openldap/
402
403 # make state directories
404 local dirlist="data"
405 if ! use minimal; then
406 dirlist="${dirlist} slurp ldbm"
407 fi
408 for x in ${dirlist}; do
409 keepdir /var/lib/openldap-${x}
410 fowners ldap:ldap /var/lib/openldap-${x}
411 fperms 0700 /var/lib/openldap-${x}
412 done
413
414 echo "OLDPF='${PF}'" >${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}
415 echo "# do NOT delete this. it is used" >>${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}
416 echo "# to track versions for upgrading." >>${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}
417
418 # manually remove /var/tmp references in .la
419 # because it is packaged with an ancient libtool
420 #for x in "${D}"/usr/$(get_libdir)/lib*.la; do
421 # sed -i -e "s:-L${S}[/]*libraries::" ${x}
422 #done
423
424 # change slapd.pid location in configuration file
425 keepdir /var/run/openldap
426 fowners ldap:ldap /var/run/openldap
427 fperms 0755 /var/run/openldap
428
429 if ! use minimal; then
430 # use our config
431 rm "${D}"etc/openldap/slapd.con*
432 insinto /etc/openldap
433 newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
434 configfile="${D}"etc/openldap/slapd.conf
435
436 # populate with built backends
437 ebegin "populate config with built backends"
438 for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
439 elog "Adding $(basename ${x})"
440 sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
441 done
442 sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
443 fowners root:ldap /etc/openldap/slapd.conf
444 fperms 0640 /etc/openldap/slapd.conf
445 cp "${configfile}" "${configfile}".default
446 eend
447
448 # install our own init scripts
449 newinitd "${FILESDIR}"/slapd-initd slapd
450 newinitd "${FILESDIR}"/slurpd-initd slurpd
451 newconfd "${FILESDIR}"/slapd-confd slapd
452
453 if [ $(get_libdir) != lib ]; then
454 sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/{slapd,slurpd}
455 fi
456
457 # install contributed modules
458 docinto /
459 if [ -e "${S}"/contrib/slapd-modules/dsaschema/libdsaschema-plugin.so ];
460 then
461 cd "${S}"/contrib/slapd-modules/dsaschema/
462 newdoc README README.contrib.dsaschema
463 exeinto /usr/$(get_libdir)/openldap/openldap
464 doexe libdsaschema-plugin.so || \
465 die "failed to install dsaschema module"
466 fi
467 if [ -e "${S}"/contrib/slapd-modules/passwd/pw-kerberos.so ]; then
468 cd "${S}"/contrib/slapd-modules/passwd/
469 newdoc README README.contrib.passwd
470 exeinto /usr/$(get_libdir)/openldap/openldap
471 doexe pw-kerberos.so || \
472 die "failed to install kerberos passwd module"
473 fi
474 if [ -e "${S}"/contrib/slapd-modules/passwd/pw-netscape.so ]; then
475 cd "${S}"/contrib/slapd-modules/passwd/
476 newdoc README README.contrib.passwd
477 exeinto /usr/$(get_libdir)/openldap/openldap
478 doexe "${S}"/contrib/slapd-modules/passwd/pw-netscape.so || \
479 die "failed to install Netscape MTA-MD5 passwd module"
480 fi
481 if [ -e "${S}"/contrib/slapd-modules/smbk5pwd/.libs/smbk5pwd.so ]; then
482 cd "${S}"/contrib/slapd-modules/smbk5pwd
483 newdoc README README.contrib.smbk5pwd
484 libexecdir="/usr/$(get_libdir)/openldap" \
485 emake DESTDIR="${D}" install-mod || \
486 die "failed to install smbk5pwd overlay module"
487 fi
488 if [ -e "${S}"/contrib/slapd-tools/statslog ]; then
489 cd "${S}"/contrib/slapd-tools
490 exeinto /usr/bin
491 newexe statslog ldapstatslog || \
492 die "failed to install ldapstatslog script"
493 fi
494 if [ -e "${S}"/contrib/slapi-plugins/addrdnvalues/libaddrdnvalues-plugin.so ];
495 then
496 cd "${S}"/contrib/slapi-plugins/addrdnvalues
497 newdoc README README.contrib.addrdnvalues
498 exeinto /usr/$(get_libdir)/openldap/openldap
499 doexe libaddrdnvalues-plugin.so || \
500 die "failed to install addrdnvalues plugin"
501 fi
502 fi
503 }
504
505 pkg_preinst() {
506 # keep old libs if any
507 LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
508 for LIBSUFFIX in ${LIBSUFFIXES} ; do
509 for each in liblber libldap libldap_r ; do
510 preserve_old_lib "${ROOT}usr/$(get_libdir)/${each}${LIBSUFFIX}"
511 done
512 done
513 }
514
515 pkg_postinst() {
516 if ! use minimal ; then
517 # You cannot build SSL certificates during src_install that will make
518 # binary packages containing your SSL key, which is both a security risk
519 # and a misconfiguration if multiple machines use the same key and cert.
520 # Additionally, it overwrites
521 if use ssl; then
522 insinto /etc/openldap/ssl
523 insopts -m0644 -o ldap -g ldap
524 docert ldap
525 ##fowners ldap:ldap /etc/openldap/ssl/ldap.*
526 ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
527 ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
528 ewarn "add 'TLS_REQCERT never' if you want to use them."
529 fi
530 # These lines force the permissions of various content to be correct
531 chown ldap:ldap "${ROOT}"var/run/openldap
532 chmod 0755 "${ROOT}"var/run/openldap
533 chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default}
534 chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default}
535 chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm,slurp}
536 fi
537
538 # Reference inclusion bug #77330
539 echo
540 elog
541 elog "Getting started using OpenLDAP? There is some documentation available:"
542 elog "Gentoo Guide to OpenLDAP Authentication"
543 elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
544 elog
545
546 # note to bug #110412
547 echo
548 elog
549 elog "An example file for tuning BDB backends with openldap is:"
550 elog "/usr/share/doc/${PF}/DB_CONFIG.fast.example.gz"
551 elog
552
553 LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
554 for LIBSUFFIX in ${LIBSUFFIXES} ; do
555 for each in liblber libldap libldap_r ; do
556 preserve_old_lib_notify "${ROOT}usr/$(get_libdir)/${each}${LIBSUFFIX}"
557 done
558 done
559 }
560
561
562
563 --
564 gentoo-commits@g.o mailing list
Report Message
Find on MARC Find on Google Groups