Change-Id: I0c6b8afd63f1c6e0d5afc777829ac66c1bb4ac9b
Reviewed-on: http://photon-jenkins.eng.vmware.com/411
Tested-by: jenkins-photon <wangnan2015@hotmail.com>
Reviewed-by: Sharath George
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,399 @@ |
0 |
+Submitted by: Bruce Dubbs <bdubbs at linuxfromscratch.org> |
|
1 |
+Date: 2012-03-26 |
|
2 |
+Initial Package Version: 2.4.40 |
|
3 |
+Upstream Status: BLFS Specific |
|
4 |
+Origin: Armin K. <krejzi at email dot com> and Debian |
|
5 |
+Description: Consolidate earlier patches to: |
|
6 |
+ 1. Update various installation options, such as ldap database path, |
|
7 |
+ configuration file options, slapd install location, etc. |
|
8 |
+ 2. Remove reference to bdb module |
|
9 |
+ 3. Enables symbol versioning in ldap libraries. Without these changes |
|
10 |
+ some applications might generate a warning about missing symbol versions. |
|
11 |
+ |
|
12 |
+diff -Naur openldap-2.4.40.orig/build/openldap.m4 openldap-2.4.40/build/openldap.m4 |
|
13 |
+--- openldap-2.4.40.orig/build/openldap.m4 2014-09-18 20:48:49.000000000 -0500 |
|
14 |
+@@ -1142,3 +1142,54 @@ |
|
15 |
+ #endif |
|
16 |
+ ], [ol_cv_ssl_crl_compat=yes], [ol_cv_ssl_crl_compat=no])]) |
|
17 |
+ ]) |
|
18 |
++ |
|
19 |
++dnl ==================================================================== |
|
20 |
++dnl check for symbol versioning support |
|
21 |
++AC_DEFUN([OL_SYMBOL_VERSIONING], |
|
22 |
++[AC_CACHE_CHECK([for .symver assembler directive], |
|
23 |
++ [ol_cv_asm_symver_directive],[ |
|
24 |
++cat > conftest.s <<EOF |
|
25 |
++${libc_cv_dot_text} |
|
26 |
++_sym: |
|
27 |
++.symver _sym,sym@VERS |
|
28 |
++EOF |
|
29 |
++if ${CC-cc} -c $ASFLAGS conftest.s 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then |
|
30 |
++ ol_cv_asm_symver_directive=yes |
|
31 |
++else |
|
32 |
++ ol_cv_asm_symver_directive=no |
|
33 |
++fi |
|
34 |
++rm -f conftest*]) |
|
35 |
++AC_CACHE_CHECK([for ld --version-script], |
|
36 |
++ [ol_cv_ld_version_script_option],[ |
|
37 |
++if test $ol_cv_asm_symver_directive = yes; then |
|
38 |
++ cat > conftest.s <<EOF |
|
39 |
++${libc_cv_dot_text} |
|
40 |
++_sym: |
|
41 |
++.symver _sym,sym@VERS |
|
42 |
++EOF |
|
43 |
++ cat > conftest.map <<EOF |
|
44 |
++VERS_1 { |
|
45 |
++ global: sym; |
|
46 |
++}; |
|
47 |
++ |
|
48 |
++VERS_2 { |
|
49 |
++ global: sym; |
|
50 |
++} VERS_1; |
|
51 |
++EOF |
|
52 |
++ if ${CC-cc} -c $ASFLAGS conftest.s 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then |
|
53 |
++ if AC_TRY_COMMAND([${CC-cc} $CFLAGS $LDFLAGS -shared |
|
54 |
++ -o conftest.so conftest.o |
|
55 |
++ -Wl,--version-script,conftest.map |
|
56 |
++ 1>&AS_MESSAGE_LOG_FD]); |
|
57 |
++ then |
|
58 |
++ ol_cv_ld_version_script_option=yes |
|
59 |
++ else |
|
60 |
++ ol_cv_ld_version_script_option=no |
|
61 |
++ fi |
|
62 |
++ else |
|
63 |
++ ol_cv_ld_version_script_option=no |
|
64 |
++ fi |
|
65 |
++else |
|
66 |
++ ol_cv_ld_version_script_option=no |
|
67 |
++fi |
|
68 |
++rm -f conftest*])]) |
|
69 |
+diff -Naur openldap-2.4.40.orig/build/top.mk openldap-2.4.40/build/top.mk |
|
70 |
+--- openldap-2.4.40.orig/build/top.mk 2014-09-18 20:48:49.000000000 -0500 |
|
71 |
+@@ -104,6 +104,9 @@ |
|
72 |
+ # LINK_LIBS referenced in library and module link commands. |
|
73 |
+ LINK_LIBS = $(MOD_LIBS) $(@PLAT@_LINK_LIBS) |
|
74 |
+ |
|
75 |
++# option to pass to $(CC) to support library symbol versioning, if any |
|
76 |
++VERSION_OPTION = @VERSION_OPTION@ |
|
77 |
++ |
|
78 |
+ LTSTATIC = @LTSTATIC@ |
|
79 |
+ |
|
80 |
+ LTLINK = $(LIBTOOL) --mode=link \ |
|
81 |
+@@ -113,7 +116,7 @@ |
|
82 |
+ $(CC) $(LT_CFLAGS) $(LT_CPPFLAGS) $(LIB_DEFS) -c |
|
83 |
+ |
|
84 |
+ LTLINK_LIB = $(LIBTOOL) $(LTONLY_LIB) --mode=link \ |
|
85 |
+- $(CC) $(LT_CFLAGS) $(LDFLAGS) $(LTFLAGS_LIB) |
|
86 |
++ $(CC) $(LT_CFLAGS) $(LDFLAGS) $(LTFLAGS_LIB) $(VERSION_FLAGS) |
|
87 |
+ |
|
88 |
+ LTCOMPILE_MOD = $(LIBTOOL) $(LTONLY_MOD) --mode=compile \ |
|
89 |
+ $(CC) $(LT_CFLAGS) $(LT_CPPFLAGS) $(MOD_DEFS) -c |
|
90 |
+diff -Naur openldap-2.4.40.orig/configure.in openldap-2.4.40/configure.in |
|
91 |
+--- openldap-2.4.40.orig/configure.in 2014-09-18 20:48:49.000000000 -0500 |
|
92 |
+@@ -1916,6 +1916,13 @@ |
|
93 |
+ fi |
|
94 |
+ AC_SUBST(LTSTATIC)dnl |
|
95 |
+ |
|
96 |
++VERSION_OPTION="" |
|
97 |
++OL_SYMBOL_VERSIONING |
|
98 |
++if test $ol_cv_ld_version_script_option = yes ; then |
|
99 |
++ VERSION_OPTION="-Wl,--version-script=" |
|
100 |
++fi |
|
101 |
++AC_SUBST(VERSION_OPTION) |
|
102 |
++ |
|
103 |
+ dnl ---------------------------------------------------------------- |
|
104 |
+ if test $ol_enable_wrappers != no ; then |
|
105 |
+ AC_CHECK_HEADERS(tcpd.h,[ |
|
106 |
+diff -Naur openldap-2.4.40.orig/doc/man/man5/slapd-bdb.5 openldap-2.4.40/doc/man/man5/slapd-bdb.5 |
|
107 |
+--- openldap-2.4.40.orig/doc/man/man5/slapd-bdb.5 2014-09-18 20:48:49.000000000 -0500 |
|
108 |
+@@ -135,7 +135,7 @@ |
|
109 |
+ associated indexes live. |
|
110 |
+ A separate directory must be specified for each database. |
|
111 |
+ The default is |
|
112 |
+-.BR LOCALSTATEDIR/openldap\-data . |
|
113 |
++.BR LOCALSTATEDIR/lib/openldap . |
|
114 |
+ .TP |
|
115 |
+ .B dirtyread |
|
116 |
+ Allow reads of modified but not yet committed data. |
|
117 |
+diff -Naur openldap-2.4.40.orig/doc/man/man5/slapd-config.5 openldap-2.4.40/doc/man/man5/slapd-config.5 |
|
118 |
+--- openldap-2.4.40.orig/doc/man/man5/slapd-config.5 2014-09-18 20:48:49.000000000 -0500 |
|
119 |
+@@ -2051,7 +2051,7 @@ |
|
120 |
+ # The database directory MUST exist prior to |
|
121 |
+ # running slapd AND should only be accessible |
|
122 |
+ # by the slapd/tools. Mode 0700 recommended. |
|
123 |
+-olcDbDirectory: LOCALSTATEDIR/openldap\-data |
|
124 |
++olcDbDirectory: LOCALSTATEDIR/lib/openldap |
|
125 |
+ # Indices to maintain |
|
126 |
+ olcDbIndex: objectClass eq |
|
127 |
+ olcDbIndex: cn,sn,mail pres,eq,approx,sub |
|
128 |
+diff -Naur openldap-2.4.40.orig/doc/man/man5/slapd.conf.5 openldap-2.4.40/doc/man/man5/slapd.conf.5 |
|
129 |
+--- openldap-2.4.40.orig/doc/man/man5/slapd.conf.5 2014-09-18 20:48:49.000000000 -0500 |
|
130 |
+@@ -2021,7 +2021,7 @@ |
|
131 |
+ # The database directory MUST exist prior to |
|
132 |
+ # running slapd AND should only be accessible |
|
133 |
+ # by the slapd/tools. Mode 0700 recommended. |
|
134 |
+-directory LOCALSTATEDIR/openldap\-data |
|
135 |
++directory LOCALSTATEDIR/lib/openldap |
|
136 |
+ # Indices to maintain |
|
137 |
+ index objectClass eq |
|
138 |
+ index cn,sn,mail pres,eq,approx,sub |
|
139 |
+diff -Naur openldap-2.4.40.orig/include/ldap_defaults.h openldap-2.4.40/include/ldap_defaults.h |
|
140 |
+--- openldap-2.4.40.orig/include/ldap_defaults.h 2014-09-18 20:48:49.000000000 -0500 |
|
141 |
+@@ -39,7 +39,7 @@ |
|
142 |
+ #define LDAP_ENV_PREFIX "LDAP" |
|
143 |
+ |
|
144 |
+ /* default ldapi:// socket */ |
|
145 |
+-#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi" |
|
146 |
++#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "openldap" LDAP_DIRSEP "ldapi" |
|
147 |
+ |
|
148 |
+ /* |
|
149 |
+ * SLAPD DEFINITIONS |
|
150 |
+@@ -47,7 +47,7 @@ |
|
151 |
+ /* location of the default slapd config file */ |
|
152 |
+ #define SLAPD_DEFAULT_CONFIGFILE LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.conf" |
|
153 |
+ #define SLAPD_DEFAULT_CONFIGDIR LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.d" |
|
154 |
+-#define SLAPD_DEFAULT_DB_DIR LDAP_RUNDIR LDAP_DIRSEP "openldap-data" |
|
155 |
++#define SLAPD_DEFAULT_DB_DIR LDAP_RUNDIR LDAP_DIRSEP "lib" LDAP_DIRSEP "openldap" |
|
156 |
+ #define SLAPD_DEFAULT_DB_MODE 0600 |
|
157 |
+ #define SLAPD_DEFAULT_UCDATA LDAP_DATADIR LDAP_DIRSEP "ucdata" |
|
158 |
+ /* default max deref depth for aliases */ |
|
159 |
+diff -Naur openldap-2.4.40.orig/libraries/liblber/Makefile.in openldap-2.4.40/libraries/liblber/Makefile.in |
|
160 |
+--- openldap-2.4.40.orig/libraries/liblber/Makefile.in 2014-09-18 20:48:49.000000000 -0500 |
|
161 |
+@@ -38,6 +38,9 @@ |
|
162 |
+ XXLIBS = |
|
163 |
+ NT_LINK_LIBS = $(AC_LIBS) |
|
164 |
+ UNIX_LINK_LIBS = $(AC_LIBS) |
|
165 |
++ifneq (,$(VERSION_OPTION)) |
|
166 |
++ VERSION_FLAGS = "$(VERSION_OPTION)$(srcdir)/liblber.map" |
|
167 |
++endif |
|
168 |
+ |
|
169 |
+ dtest: $(XLIBS) dtest.o |
|
170 |
+ $(LTLINK) -o $@ dtest.o $(LIBS) |
|
171 |
+@@ -48,6 +51,6 @@ |
|
172 |
+ |
|
173 |
+ install-local: FORCE |
|
174 |
+ -$(MKDIR) $(DESTDIR)$(libdir) |
|
175 |
+- $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir) |
|
176 |
++ $(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir) |
|
177 |
+ $(LTFINISH) $(DESTDIR)$(libdir) |
|
178 |
+ |
|
179 |
+diff -Naur openldap-2.4.40.orig/libraries/liblber/liblber.map openldap-2.4.40/libraries/liblber/liblber.map |
|
180 |
+--- openldap-2.4.40.orig/libraries/liblber/liblber.map 1969-12-31 18:00:00.000000000 -0600 |
|
181 |
+@@ -0,0 +1,8 @@ |
|
182 |
++OPENLDAP_2.4_2 { |
|
183 |
++ global: |
|
184 |
++ ber_*; |
|
185 |
++ der_alloc; |
|
186 |
++ lutil_*; |
|
187 |
++ local: |
|
188 |
++ *; |
|
189 |
++}; |
|
190 |
+diff -Naur openldap-2.4.40.orig/libraries/libldap/Makefile.in openldap-2.4.40/libraries/libldap/Makefile.in |
|
191 |
+--- openldap-2.4.40.orig/libraries/libldap/Makefile.in 2014-09-18 20:48:49.000000000 -0500 |
|
192 |
+@@ -52,6 +52,9 @@ |
|
193 |
+ XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS) |
|
194 |
+ NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) |
|
195 |
+ UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) |
|
196 |
++ifneq (,$(VERSION_OPTION)) |
|
197 |
++ VERSION_FLAGS = $(VERSION_OPTION)$(srcdir)/libldap.map |
|
198 |
++endif |
|
199 |
+ |
|
200 |
+ apitest: $(XLIBS) apitest.o |
|
201 |
+ $(LTLINK) -o $@ apitest.o $(LIBS) |
|
202 |
+@@ -68,7 +71,7 @@ |
|
203 |
+ |
|
204 |
+ install-local: $(CFFILES) FORCE |
|
205 |
+ -$(MKDIR) $(DESTDIR)$(libdir) |
|
206 |
+- $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir) |
|
207 |
++ $(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir) |
|
208 |
+ $(LTFINISH) $(DESTDIR)$(libdir) |
|
209 |
+ -$(MKDIR) $(DESTDIR)$(sysconfdir) |
|
210 |
+ @for i in $(CFFILES); do \ |
|
211 |
+diff -Naur openldap-2.4.40.orig/libraries/libldap/libldap.map openldap-2.4.40/libraries/libldap/libldap.map |
|
212 |
+--- openldap-2.4.40.orig/libraries/libldap/libldap.map 1969-12-31 18:00:00.000000000 -0600 |
|
213 |
+@@ -0,0 +1,7 @@ |
|
214 |
++OPENLDAP_2.4_2 { |
|
215 |
++ global: |
|
216 |
++ ldap_*; |
|
217 |
++ ldif_*; |
|
218 |
++ local: |
|
219 |
++ *; |
|
220 |
++}; |
|
221 |
+diff -Naur openldap-2.4.40.orig/libraries/libldap_r/Makefile.in openldap-2.4.40/libraries/libldap_r/Makefile.in |
|
222 |
+--- openldap-2.4.40.orig/libraries/libldap_r/Makefile.in 2014-09-18 20:48:49.000000000 -0500 |
|
223 |
+@@ -61,6 +61,9 @@ |
|
224 |
+ XXXLIBS = $(LTHREAD_LIBS) |
|
225 |
+ NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) |
|
226 |
+ UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) $(LTHREAD_LIBS) |
|
227 |
++ifneq (,$(VERSION_OPTION)) |
|
228 |
++ VERSION_FLAGS = "$(VERSION_OPTION)$(XXDIR)/libldap.map" |
|
229 |
++endif |
|
230 |
+ |
|
231 |
+ .links : Makefile |
|
232 |
+ @for i in $(XXSRCS); do \ |
|
233 |
+@@ -83,6 +86,6 @@ |
|
234 |
+ |
|
235 |
+ install-local: $(CFFILES) FORCE |
|
236 |
+ -$(MKDIR) $(DESTDIR)$(libdir) |
|
237 |
+- $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir) |
|
238 |
++ $(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir) |
|
239 |
+ $(LTFINISH) $(DESTDIR)$(libdir) |
|
240 |
+ |
|
241 |
+diff -Naur openldap-2.4.40.orig/servers/slapd/Makefile.in openldap-2.4.40/servers/slapd/Makefile.in |
|
242 |
+--- openldap-2.4.40.orig/servers/slapd/Makefile.in 2014-09-18 20:48:49.000000000 -0500 |
|
243 |
+@@ -376,10 +376,10 @@ |
|
244 |
+ install-conf install-dbc-maybe install-schema install-tools |
|
245 |
+ |
|
246 |
+ install-slapd: FORCE |
|
247 |
+- -$(MKDIR) $(DESTDIR)$(libexecdir) |
|
248 |
++ -$(MKDIR) $(DESTDIR)$(sbindir) |
|
249 |
+ -$(MKDIR) $(DESTDIR)$(localstatedir)/run |
|
250 |
+ $(LTINSTALL) $(INSTALLFLAGS) $(STRIP) -m 755 \ |
|
251 |
+- slapd$(EXEEXT) $(DESTDIR)$(libexecdir) |
|
252 |
++ slapd$(EXEEXT) $(DESTDIR)$(sbindir) |
|
253 |
+ @for i in $(SUBDIRS); do \ |
|
254 |
+ if test -d $$i && test -f $$i/Makefile ; then \ |
|
255 |
+ echo; echo " cd $$i; $(MAKE) $(MFLAGS) install"; \ |
|
256 |
+@@ -445,9 +445,9 @@ |
|
257 |
+ |
|
258 |
+ install-db-config: FORCE |
|
259 |
+ @-$(MKDIR) $(DESTDIR)$(localstatedir) $(DESTDIR)$(sysconfdir) |
|
260 |
+- @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/openldap-data |
|
261 |
++ @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/lib/openldap |
|
262 |
+ $(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \ |
|
263 |
+- $(DESTDIR)$(localstatedir)/openldap-data/DB_CONFIG.example |
|
264 |
++ $(DESTDIR)$(localstatedir)/lib/openldap/DB_CONFIG.example |
|
265 |
+ $(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \ |
|
266 |
+ $(DESTDIR)$(sysconfdir)/DB_CONFIG.example |
|
267 |
+ |
|
268 |
+@@ -455,6 +455,6 @@ |
|
269 |
+ -$(MKDIR) $(DESTDIR)$(sbindir) |
|
270 |
+ for i in $(SLAPTOOLS); do \ |
|
271 |
+ $(RM) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \ |
|
272 |
+- $(LN_S) -f $(DESTDIR)$(libexecdir)/slapd$(EXEEXT) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \ |
|
273 |
++ $(LN_S) -f $(DESTDIR)$(sbindir)/slapd$(EXEEXT) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \ |
|
274 |
+ done |
|
275 |
+ |
|
276 |
+diff -Naur openldap-2.4.40.orig/servers/slapd/slapd.conf openldap-2.4.40/servers/slapd/slapd.conf |
|
277 |
+--- openldap-2.4.40.orig/servers/slapd/slapd.conf 2014-09-18 20:48:49.000000000 -0500 |
|
278 |
+@@ -2,43 +2,41 @@ |
|
279 |
+ # See slapd.conf(5) for details on configuration options. |
|
280 |
+ # This file should NOT be world readable. |
|
281 |
+ # |
|
282 |
+-include %SYSCONFDIR%/schema/core.schema |
|
283 |
++include %SYSCONFDIR%/schema/core.schema |
|
284 |
+ |
|
285 |
+ # Define global ACLs to disable default read access. |
|
286 |
+ |
|
287 |
+ # Do not enable referrals until AFTER you have a working directory |
|
288 |
+ # service AND an understanding of referrals. |
|
289 |
+-#referral ldap://root.openldap.org |
|
290 |
++#referral ldap://root.openldap.org |
|
291 |
+ |
|
292 |
+-pidfile %LOCALSTATEDIR%/run/slapd.pid |
|
293 |
+-argsfile %LOCALSTATEDIR%/run/slapd.args |
|
294 |
++pidfile %LOCALSTATEDIR%/run/openldap/slapd.pid |
|
295 |
++argsfile %LOCALSTATEDIR%/run/openldap/slapd.args |
|
296 |
+ |
|
297 |
+ # Load dynamic backend modules: |
|
298 |
+-# modulepath %MODULEDIR% |
|
299 |
+-# moduleload back_bdb.la |
|
300 |
+-# moduleload back_hdb.la |
|
301 |
+-# moduleload back_ldap.la |
|
302 |
++modulepath %MODULEDIR% |
|
303 |
++#moduleload back_bdb |
|
304 |
+ |
|
305 |
+ # Sample security restrictions |
|
306 |
+-# Require integrity protection (prevent hijacking) |
|
307 |
+-# Require 112-bit (3DES or better) encryption for updates |
|
308 |
+-# Require 63-bit encryption for simple bind |
|
309 |
++# Require integrity protection (prevent hijacking) |
|
310 |
++# Require 112-bit (3DES or better) encryption for updates |
|
311 |
++# Require 63-bit encryption for simple bind |
|
312 |
+ # security ssf=1 update_ssf=112 simple_bind=64 |
|
313 |
+ |
|
314 |
+ # Sample access control policy: |
|
315 |
+-# Root DSE: allow anyone to read it |
|
316 |
+-# Subschema (sub)entry DSE: allow anyone to read it |
|
317 |
+-# Other DSEs: |
|
318 |
+-# Allow self write access |
|
319 |
+-# Allow authenticated users read access |
|
320 |
+-# Allow anonymous users to authenticate |
|
321 |
+-# Directives needed to implement policy: |
|
322 |
++# Root DSE: allow anyone to read it |
|
323 |
++# Subschema (sub)entry DSE: allow anyone to read it |
|
324 |
++# Other DSEs: |
|
325 |
++# Allow self write access |
|
326 |
++# Allow authenticated users read access |
|
327 |
++# Allow anonymous users to authenticate |
|
328 |
++# Directives needed to implement policy: |
|
329 |
+ # access to dn.base="" by * read |
|
330 |
+ # access to dn.base="cn=Subschema" by * read |
|
331 |
+ # access to * |
|
332 |
+-# by self write |
|
333 |
+-# by users read |
|
334 |
+-# by anonymous auth |
|
335 |
++# by self write |
|
336 |
++# by users read |
|
337 |
++# by anonymous auth |
|
338 |
+ # |
|
339 |
+ # if no access controls are present, the default policy |
|
340 |
+ # allows anyone and everyone to read anything but restricts |
|
341 |
+@@ -46,20 +44,26 @@ |
|
342 |
+ # |
|
343 |
+ # rootdn can always read and write EVERYTHING! |
|
344 |
+ |
|
345 |
++# Specific Backend Directives for mdb: |
|
346 |
++backend mdb |
|
347 |
++ |
|
348 |
+ ####################################################################### |
|
349 |
+ # BDB database definitions |
|
350 |
+ ####################################################################### |
|
351 |
+ |
|
352 |
+-database bdb |
|
353 |
+-suffix "dc=my-domain,dc=com" |
|
354 |
+-rootdn "cn=Manager,dc=my-domain,dc=com" |
|
355 |
++database mdb |
|
356 |
++suffix "dc=my-domain,dc=com" |
|
357 |
++#rootdn "cn=Manager,dc=my-domain,dc=com" |
|
358 |
++ |
|
359 |
+ # Cleartext passwords, especially for the rootdn, should |
|
360 |
+ # be avoid. See slappasswd(8) and slapd.conf(5) for details. |
|
361 |
+ # Use of strong authentication encouraged. |
|
362 |
+-rootpw secret |
|
363 |
++#rootpw secret |
|
364 |
++ |
|
365 |
+ # The database directory MUST exist prior to running slapd AND |
|
366 |
+ # should only be accessible by the slapd and slap tools. |
|
367 |
+ # Mode 700 recommended. |
|
368 |
+-directory %LOCALSTATEDIR%/openldap-data |
|
369 |
++directory %LOCALSTATEDIR%/lib/openldap |
|
370 |
++ |
|
371 |
+ # Indices to maintain |
|
372 |
+-index objectClass eq |
|
373 |
++index objectClass eq |
|
374 |
+diff -Naur openldap-2.4.40.orig/servers/slapd/slapi/Makefile.in openldap-2.4.40/servers/slapd/slapi/Makefile.in |
|
375 |
+--- openldap-2.4.40.orig/servers/slapd/slapi/Makefile.in 2014-09-18 20:48:49.000000000 -0500 |
|
376 |
+@@ -46,6 +46,6 @@ |
|
377 |
+ install-local: FORCE |
|
378 |
+ if test "$(BUILD_MOD)" = "yes"; then \ |
|
379 |
+ $(MKDIR) $(DESTDIR)$(libdir); \ |
|
380 |
+- $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir); \ |
|
381 |
++ $(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir); \ |
|
382 |
+ fi |
|
383 |
+ |
... | ... |
@@ -1,20 +1,17 @@ |
1 | 1 |
%global _default_patch_fuzz 2 |
2 |
-Summary: OpenLdap-2.4.40 |
|
2 |
+Summary: OpenLdap-2.4.43 |
|
3 | 3 |
Name: openldap |
4 |
-Version: 2.4.40 |
|
5 |
-Release: 2%{?dist} |
|
4 |
+Version: 2.4.43 |
|
5 |
+Release: 1%{?dist} |
|
6 | 6 |
License: OpenLDAP |
7 | 7 |
URL: http://cyrusimap.web.cmu.edu/ |
8 | 8 |
Group: System Environment/Security |
9 | 9 |
Vendor: VMware, Inc. |
10 | 10 |
Distribution: Photon |
11 |
-Source0: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.40.tgz |
|
12 |
-%define sha1 openldap=0cfac3b024b99de2e2456cc7254481b6644e0b96 |
|
13 |
-Patch0: openldap-2.4.40-blfs_paths-1.patch |
|
14 |
-Patch1: openldap-2.4.40-symbol_versions-1.patch |
|
11 |
+Source0: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/%{name}-%{version}.tgz |
|
12 |
+%define sha1 openldap=3b52924df2f45e81f25ecbe37551bc837d090cfa |
|
13 |
+Patch0: openldap-2.4.43-consolidated-1.patch |
|
15 | 14 |
Patch2: openldap-2.4.40-gssapi-1.patch |
16 |
-Patch3: cve-2015-1545.patch |
|
17 |
-Patch4: cve-2015-1546.patch |
|
18 | 15 |
Requires: openssl >= 1.0.1, cyrus-sasl >= 2.1 |
19 | 16 |
BuildRequires: cyrus-sasl >= 2.1 |
20 | 17 |
BuildRequires: openssl-devel >= 1.0.1 |
... | ... |
@@ -31,10 +28,7 @@ libraries, and documentation for OpenLDAP. |
31 | 31 |
%prep |
32 | 32 |
%setup -q |
33 | 33 |
%patch2 -p1 |
34 |
-%patch1 -p1 |
|
35 | 34 |
%patch0 -p1 |
36 |
-%patch3 -p1 |
|
37 |
-%patch4 -p1 |
|
38 | 35 |
%build |
39 | 36 |
|
40 | 37 |
autoconf |
... | ... |
@@ -77,6 +71,8 @@ rm -rf %{buildroot}/* |
77 | 77 |
/etc/openldap/* |
78 | 78 |
|
79 | 79 |
%changelog |
80 |
+* Thu Jan 21 2016 Xiaolin Li <xiaolinl@vmware.com> 2.4.43-1 |
|
81 |
+- Updated to version 2.4.43 |
|
80 | 82 |
* Fri Aug 14 2015 Vinay Kulkarni <kulkarniv@vmware.com> 2.4.40-2 |
81 | 83 |
- Patches for CVE-2015-1545 and CVE-2015-1546. |
82 | 84 |
* Wed Oct 08 2014 Divya Thaluru <dthaluru@vmware.com> 2.4.40-1 |