Submitted by: Bruce Dubbs <bdubbs at linuxfromscratch.org>
Date: 2012-03-26
Initial Package Version: 2.4.40
Upstream Status: BLFS Specific
Origin: Armin K. <krejzi at email dot com> and Debian
Description: Consolidate earlier patches to:
1. Update various installation options, such as ldap database path,
configuration file options, slapd install location, etc.
2. Remove reference to bdb module
3. Enables symbol versioning in ldap libraries. Without these changes
some applications might generate a warning about missing symbol versions.
diff -Naur openldap-2.4.40.orig/build/openldap.m4 openldap-2.4.40/build/openldap.m4
--- openldap-2.4.40.orig/build/openldap.m4 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/build/openldap.m4 2015-03-26 15:37:39.801077750 -0500
@@ -1142,3 +1142,54 @@
#endif
], [ol_cv_ssl_crl_compat=yes], [ol_cv_ssl_crl_compat=no])])
])
+
+dnl ====================================================================
+dnl check for symbol versioning support
+AC_DEFUN([OL_SYMBOL_VERSIONING],
+[AC_CACHE_CHECK([for .symver assembler directive],
+ [ol_cv_asm_symver_directive],[
+cat > conftest.s <<EOF
+${libc_cv_dot_text}
+_sym:
+.symver _sym,sym@VERS
+EOF
+if ${CC-cc} -c $ASFLAGS conftest.s 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then
+ ol_cv_asm_symver_directive=yes
+else
+ ol_cv_asm_symver_directive=no
+fi
+rm -f conftest*])
+AC_CACHE_CHECK([for ld --version-script],
+ [ol_cv_ld_version_script_option],[
+if test $ol_cv_asm_symver_directive = yes; then
+ cat > conftest.s <<EOF
+${libc_cv_dot_text}
+_sym:
+.symver _sym,sym@VERS
+EOF
+ cat > conftest.map <<EOF
+VERS_1 {
+ global: sym;
+};
+
+VERS_2 {
+ global: sym;
+} VERS_1;
+EOF
+ if ${CC-cc} -c $ASFLAGS conftest.s 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then
+ if AC_TRY_COMMAND([${CC-cc} $CFLAGS $LDFLAGS -shared
+ -o conftest.so conftest.o
+ -Wl,--version-script,conftest.map
+ 1>&AS_MESSAGE_LOG_FD]);
+ then
+ ol_cv_ld_version_script_option=yes
+ else
+ ol_cv_ld_version_script_option=no
+ fi
+ else
+ ol_cv_ld_version_script_option=no
+ fi
+else
+ ol_cv_ld_version_script_option=no
+fi
+rm -f conftest*])])
diff -Naur openldap-2.4.40.orig/build/top.mk openldap-2.4.40/build/top.mk
--- openldap-2.4.40.orig/build/top.mk 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/build/top.mk 2015-03-26 15:37:39.801077750 -0500
@@ -104,6 +104,9 @@
# LINK_LIBS referenced in library and module link commands.
LINK_LIBS = $(MOD_LIBS) $(@PLAT@_LINK_LIBS)
+# option to pass to $(CC) to support library symbol versioning, if any
+VERSION_OPTION = @VERSION_OPTION@
+
LTSTATIC = @LTSTATIC@
LTLINK = $(LIBTOOL) --mode=link \
@@ -113,7 +116,7 @@
$(CC) $(LT_CFLAGS) $(LT_CPPFLAGS) $(LIB_DEFS) -c
LTLINK_LIB = $(LIBTOOL) $(LTONLY_LIB) --mode=link \
- $(CC) $(LT_CFLAGS) $(LDFLAGS) $(LTFLAGS_LIB)
+ $(CC) $(LT_CFLAGS) $(LDFLAGS) $(LTFLAGS_LIB) $(VERSION_FLAGS)
LTCOMPILE_MOD = $(LIBTOOL) $(LTONLY_MOD) --mode=compile \
$(CC) $(LT_CFLAGS) $(LT_CPPFLAGS) $(MOD_DEFS) -c
diff -Naur openldap-2.4.40.orig/configure.in openldap-2.4.40/configure.in
--- openldap-2.4.40.orig/configure.in 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/configure.in 2015-03-26 15:37:39.801077750 -0500
@@ -1916,6 +1916,13 @@
fi
AC_SUBST(LTSTATIC)dnl
+VERSION_OPTION=""
+OL_SYMBOL_VERSIONING
+if test $ol_cv_ld_version_script_option = yes ; then
+ VERSION_OPTION="-Wl,--version-script="
+fi
+AC_SUBST(VERSION_OPTION)
+
dnl ----------------------------------------------------------------
if test $ol_enable_wrappers != no ; then
AC_CHECK_HEADERS(tcpd.h,[
diff -Naur openldap-2.4.40.orig/doc/man/man5/slapd-bdb.5 openldap-2.4.40/doc/man/man5/slapd-bdb.5
--- openldap-2.4.40.orig/doc/man/man5/slapd-bdb.5 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/doc/man/man5/slapd-bdb.5 2015-03-26 15:36:59.637464038 -0500
@@ -135,7 +135,7 @@
associated indexes live.
A separate directory must be specified for each database.
The default is
-.BR LOCALSTATEDIR/openldap\-data .
+.BR LOCALSTATEDIR/lib/openldap .
.TP
.B dirtyread
Allow reads of modified but not yet committed data.
diff -Naur openldap-2.4.40.orig/doc/man/man5/slapd-config.5 openldap-2.4.40/doc/man/man5/slapd-config.5
--- openldap-2.4.40.orig/doc/man/man5/slapd-config.5 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/doc/man/man5/slapd-config.5 2015-03-26 15:36:59.638464004 -0500
@@ -2051,7 +2051,7 @@
# The database directory MUST exist prior to
# running slapd AND should only be accessible
# by the slapd/tools. Mode 0700 recommended.
-olcDbDirectory: LOCALSTATEDIR/openldap\-data
+olcDbDirectory: LOCALSTATEDIR/lib/openldap
# Indices to maintain
olcDbIndex: objectClass eq
olcDbIndex: cn,sn,mail pres,eq,approx,sub
diff -Naur openldap-2.4.40.orig/doc/man/man5/slapd.conf.5 openldap-2.4.40/doc/man/man5/slapd.conf.5
--- openldap-2.4.40.orig/doc/man/man5/slapd.conf.5 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/doc/man/man5/slapd.conf.5 2015-03-26 15:36:59.638464004 -0500
@@ -2021,7 +2021,7 @@
# The database directory MUST exist prior to
# running slapd AND should only be accessible
# by the slapd/tools. Mode 0700 recommended.
-directory LOCALSTATEDIR/openldap\-data
+directory LOCALSTATEDIR/lib/openldap
# Indices to maintain
index objectClass eq
index cn,sn,mail pres,eq,approx,sub
diff -Naur openldap-2.4.40.orig/include/ldap_defaults.h openldap-2.4.40/include/ldap_defaults.h
--- openldap-2.4.40.orig/include/ldap_defaults.h 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/include/ldap_defaults.h 2015-03-26 15:36:59.638464004 -0500
@@ -39,7 +39,7 @@
#define LDAP_ENV_PREFIX "LDAP"
/* default ldapi:// socket */
-#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"
+#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "openldap" LDAP_DIRSEP "ldapi"
/*
* SLAPD DEFINITIONS
@@ -47,7 +47,7 @@
/* location of the default slapd config file */
#define SLAPD_DEFAULT_CONFIGFILE LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.conf"
#define SLAPD_DEFAULT_CONFIGDIR LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.d"
-#define SLAPD_DEFAULT_DB_DIR LDAP_RUNDIR LDAP_DIRSEP "openldap-data"
+#define SLAPD_DEFAULT_DB_DIR LDAP_RUNDIR LDAP_DIRSEP "lib" LDAP_DIRSEP "openldap"
#define SLAPD_DEFAULT_DB_MODE 0600
#define SLAPD_DEFAULT_UCDATA LDAP_DATADIR LDAP_DIRSEP "ucdata"
/* default max deref depth for aliases */
diff -Naur openldap-2.4.40.orig/libraries/liblber/Makefile.in openldap-2.4.40/libraries/liblber/Makefile.in
--- openldap-2.4.40.orig/libraries/liblber/Makefile.in 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/libraries/liblber/Makefile.in 2015-03-26 15:37:39.801077750 -0500
@@ -38,6 +38,9 @@
XXLIBS =
NT_LINK_LIBS = $(AC_LIBS)
UNIX_LINK_LIBS = $(AC_LIBS)
+ifneq (,$(VERSION_OPTION))
+ VERSION_FLAGS = "$(VERSION_OPTION)$(srcdir)/liblber.map"
+endif
dtest: $(XLIBS) dtest.o
$(LTLINK) -o $@ dtest.o $(LIBS)
@@ -48,6 +51,6 @@
install-local: FORCE
-$(MKDIR) $(DESTDIR)$(libdir)
- $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir)
+ $(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir)
$(LTFINISH) $(DESTDIR)$(libdir)
diff -Naur openldap-2.4.40.orig/libraries/liblber/liblber.map openldap-2.4.40/libraries/liblber/liblber.map
--- openldap-2.4.40.orig/libraries/liblber/liblber.map 1969-12-31 18:00:00.000000000 -0600
+++ openldap-2.4.40/libraries/liblber/liblber.map 2015-03-26 15:37:39.801077750 -0500
@@ -0,0 +1,8 @@
+OPENLDAP_2.4_2 {
+ global:
+ ber_*;
+ der_alloc;
+ lutil_*;
+ local:
+ *;
+};
diff -Naur openldap-2.4.40.orig/libraries/libldap/Makefile.in openldap-2.4.40/libraries/libldap/Makefile.in
--- openldap-2.4.40.orig/libraries/libldap/Makefile.in 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/libraries/libldap/Makefile.in 2015-03-26 15:37:39.802077716 -0500
@@ -52,6 +52,9 @@
XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS)
NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
+ifneq (,$(VERSION_OPTION))
+ VERSION_FLAGS = $(VERSION_OPTION)$(srcdir)/libldap.map
+endif
apitest: $(XLIBS) apitest.o
$(LTLINK) -o $@ apitest.o $(LIBS)
@@ -68,7 +71,7 @@
install-local: $(CFFILES) FORCE
-$(MKDIR) $(DESTDIR)$(libdir)
- $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir)
+ $(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir)
$(LTFINISH) $(DESTDIR)$(libdir)
-$(MKDIR) $(DESTDIR)$(sysconfdir)
@for i in $(CFFILES); do \
diff -Naur openldap-2.4.40.orig/libraries/libldap/libldap.map openldap-2.4.40/libraries/libldap/libldap.map
--- openldap-2.4.40.orig/libraries/libldap/libldap.map 1969-12-31 18:00:00.000000000 -0600
+++ openldap-2.4.40/libraries/libldap/libldap.map 2015-03-26 15:37:39.802077716 -0500
@@ -0,0 +1,7 @@
+OPENLDAP_2.4_2 {
+ global:
+ ldap_*;
+ ldif_*;
+ local:
+ *;
+};
diff -Naur openldap-2.4.40.orig/libraries/libldap_r/Makefile.in openldap-2.4.40/libraries/libldap_r/Makefile.in
--- openldap-2.4.40.orig/libraries/libldap_r/Makefile.in 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/libraries/libldap_r/Makefile.in 2015-03-26 15:37:39.802077716 -0500
@@ -61,6 +61,9 @@
XXXLIBS = $(LTHREAD_LIBS)
NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) $(LTHREAD_LIBS)
+ifneq (,$(VERSION_OPTION))
+ VERSION_FLAGS = "$(VERSION_OPTION)$(XXDIR)/libldap.map"
+endif
.links : Makefile
@for i in $(XXSRCS); do \
@@ -83,6 +86,6 @@
install-local: $(CFFILES) FORCE
-$(MKDIR) $(DESTDIR)$(libdir)
- $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir)
+ $(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir)
$(LTFINISH) $(DESTDIR)$(libdir)
diff -Naur openldap-2.4.40.orig/servers/slapd/Makefile.in openldap-2.4.40/servers/slapd/Makefile.in
--- openldap-2.4.40.orig/servers/slapd/Makefile.in 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/servers/slapd/Makefile.in 2015-03-26 15:36:59.639463969 -0500
@@ -376,10 +376,10 @@
install-conf install-dbc-maybe install-schema install-tools
install-slapd: FORCE
- -$(MKDIR) $(DESTDIR)$(libexecdir)
+ -$(MKDIR) $(DESTDIR)$(sbindir)
-$(MKDIR) $(DESTDIR)$(localstatedir)/run
$(LTINSTALL) $(INSTALLFLAGS) $(STRIP) -m 755 \
- slapd$(EXEEXT) $(DESTDIR)$(libexecdir)
+ slapd$(EXEEXT) $(DESTDIR)$(sbindir)
@for i in $(SUBDIRS); do \
if test -d $$i && test -f $$i/Makefile ; then \
echo; echo " cd $$i; $(MAKE) $(MFLAGS) install"; \
@@ -445,9 +445,9 @@
install-db-config: FORCE
@-$(MKDIR) $(DESTDIR)$(localstatedir) $(DESTDIR)$(sysconfdir)
- @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/openldap-data
+ @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/lib/openldap
$(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \
- $(DESTDIR)$(localstatedir)/openldap-data/DB_CONFIG.example
+ $(DESTDIR)$(localstatedir)/lib/openldap/DB_CONFIG.example
$(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \
$(DESTDIR)$(sysconfdir)/DB_CONFIG.example
@@ -455,6 +455,6 @@
-$(MKDIR) $(DESTDIR)$(sbindir)
for i in $(SLAPTOOLS); do \
$(RM) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \
- $(LN_S) -f $(DESTDIR)$(libexecdir)/slapd$(EXEEXT) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \
+ $(LN_S) -f $(DESTDIR)$(sbindir)/slapd$(EXEEXT) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \
done
diff -Naur openldap-2.4.40.orig/servers/slapd/slapd.conf openldap-2.4.40/servers/slapd/slapd.conf
--- openldap-2.4.40.orig/servers/slapd/slapd.conf 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/servers/slapd/slapd.conf 2015-03-26 16:12:59.380911754 -0500
@@ -2,43 +2,41 @@
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
-include %SYSCONFDIR%/schema/core.schema
+include %SYSCONFDIR%/schema/core.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
-#referral ldap://root.openldap.org
+#referral ldap://root.openldap.org
-pidfile %LOCALSTATEDIR%/run/slapd.pid
-argsfile %LOCALSTATEDIR%/run/slapd.args
+pidfile %LOCALSTATEDIR%/run/openldap/slapd.pid
+argsfile %LOCALSTATEDIR%/run/openldap/slapd.args
# Load dynamic backend modules:
-# modulepath %MODULEDIR%
-# moduleload back_bdb.la
-# moduleload back_hdb.la
-# moduleload back_ldap.la
+modulepath %MODULEDIR%
+#moduleload back_bdb
# Sample security restrictions
-# Require integrity protection (prevent hijacking)
-# Require 112-bit (3DES or better) encryption for updates
-# Require 63-bit encryption for simple bind
+# Require integrity protection (prevent hijacking)
+# Require 112-bit (3DES or better) encryption for updates
+# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
-# Root DSE: allow anyone to read it
-# Subschema (sub)entry DSE: allow anyone to read it
-# Other DSEs:
-# Allow self write access
-# Allow authenticated users read access
-# Allow anonymous users to authenticate
-# Directives needed to implement policy:
+# Root DSE: allow anyone to read it
+# Subschema (sub)entry DSE: allow anyone to read it
+# Other DSEs:
+# Allow self write access
+# Allow authenticated users read access
+# Allow anonymous users to authenticate
+# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
-# by self write
-# by users read
-# by anonymous auth
+# by self write
+# by users read
+# by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
@@ -46,20 +44,26 @@
#
# rootdn can always read and write EVERYTHING!
+# Specific Backend Directives for mdb:
+backend mdb
+
#######################################################################
# BDB database definitions
#######################################################################
-database bdb
-suffix "dc=my-domain,dc=com"
-rootdn "cn=Manager,dc=my-domain,dc=com"
+database mdb
+suffix "dc=my-domain,dc=com"
+#rootdn "cn=Manager,dc=my-domain,dc=com"
+
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
-rootpw secret
+#rootpw secret
+
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
-directory %LOCALSTATEDIR%/openldap-data
+directory %LOCALSTATEDIR%/lib/openldap
+
# Indices to maintain
-index objectClass eq
+index objectClass eq
diff -Naur openldap-2.4.40.orig/servers/slapd/slapi/Makefile.in openldap-2.4.40/servers/slapd/slapi/Makefile.in
--- openldap-2.4.40.orig/servers/slapd/slapi/Makefile.in 2014-09-18 20:48:49.000000000 -0500
+++ openldap-2.4.40/servers/slapd/slapi/Makefile.in 2015-03-26 15:36:59.639463969 -0500
@@ -46,6 +46,6 @@
install-local: FORCE
if test "$(BUILD_MOD)" = "yes"; then \
$(MKDIR) $(DESTDIR)$(libdir); \
- $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir); \
+ $(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir); \
fi