--- rpms/e-smith-ldap/sme10/e-smith-ldap.spec 2016/05/12 23:10:22 1.4 +++ rpms/e-smith-ldap/sme10/e-smith-ldap.spec 2021/06/09 15:59:48 1.17 @@ -1,16 +1,24 @@ -# $Id: e-smith-ldap.spec,v 1.3 2016/05/12 17:37:39 vip-ire Exp $ +# $Id: e-smith-ldap.spec,v 1.16 2021/06/03 14:36:13 jpp Exp $ Summary: e-smith server and gateway - LDAP module %define name e-smith-ldap Name: %{name} %define version 5.6.0 -%define release 4 +%define release 13 Version: %{version} Release: %{release}%{?dist} License: GPL Group: Networking/Daemons Source: %{name}-%{version}.tar.xz Patch0: e-smith-ldap-5.6.0-missing_shebang_ldap_init.patch +Patch1: e-smith-ldap-5.6.0.bz9688.skipredirect.patch +Patch2: e-smith-ldap-5.6.0-strong_encryption.patch +Patch3: e-smith-ldap-5.6.0-bz10936-TLS-and-ciphers.patch +Patch4: e-smith-ldap-5.6.0-bz11140-bz11099-bz11096-systemd-update.patch +Patch5: e-smith-ldap-5.6.0-bz11480-timeoutstart.patch +Patch6: e-smith-ldap-5.6.0-bz11595-ssl-template.patch +Patch7: e-smith-ldap-5.6.0-bz11598.patch + BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot BuildArchitectures: noarch Requires: e-smith-base @@ -28,6 +36,43 @@ AutoReqProv: no e-smith server and gateway software - LDAP module. %changelog +* Wed Jun 09 2021 Jean-Philippe Pialasse 5.6.0-13.sme +- fix ssl-update reload instead of restart ldap [SME: 11598] + +* Thu Jun 03 2021 Jean-Philippe Pialasse 5.6.0-12.sme +- fix wrong path for templates.metadata [SME: 11595] + +* Sun May 30 2021 Jean-Philippe Pialasse 5.6.0-11.sme +- use template for ssl pem [SME: 11595] + +* Sun Mar 21 2021 Jean-Philippe Pialasse 5.6.0-10.sme +- fix ldap failing to start on initial boot [SME: 11480] + +* Sat Jan 02 2021 Jean-Philipe Pialasse 5.6.0-9.sme +- fix wrong alias to ldap.init [SME: 11301] + +* Fri Dec 11 2020 Jean-Philipe Pialasse 5.6.0-8.sme +- add -update event [SME: 11140] +- move ldap to systemd [SME: 11099] +- move ldap.init to systemd [SME: 11096] + +* Sat May 02 2020 Jean-Philipe Pialasse 5.6.0-7.sme +- New protocol default as TLSv1.2 [SME: 10936] + New property TLSProtocolMin + Ciphers are now ordered with stronger first + +* Thu Feb 23 2017 Daniel Berteaud 5.6.0-6.sme +- Disable SSLv3, but keep the possibility to enable it again [SME: 10108] +- Better default cipher suite, and honor global suite [SME: 10108] + +* Sun Jul 24 2016 Jean-Philipe Pialasse 5.6.0-5.sme +- systemd skip redirect [SME: 9688] +- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday, + by assuming the date is correct and changing the weekday. + Fri Jun 01 2000 --> Fri May 26 2000 or Thu Jun 01 2000 or Fri Jun 02 2000 or .... + Thu Aug 07 2001 --> Thu Aug 02 2001 or Tue Aug 07 2001 or Thu Aug 09 2001 or .... + Tue Jun 10 2010 --> Tue Jun 08 2010 or Thu Jun 10 2010 or Tue Jun 15 2010 or .... + * Thu May 12 2016 Daniel Berteaud 5.6.0-4.sme - Add missing shebang in ldap.init script [SME: 9432] @@ -277,7 +322,8 @@ e-smith server and gateway software - LD * Wed Sep 22 2010 Daniel Berteaud 5.2.0-24.sme - Restrict access to the ldif file [SME: 6217] -* Tue Jun 10 2010 Jonathan Martens 5.2.0-23.sme +* Thu Jun 10 2010 Jonathan Martens 5.2.0-23.sme + Tue Jun 10 2010 --> Tue Jun 08 2010 or Thu Jun 10 2010 or Tue Jun 15 2010 or .... - Fix ldap-create errors when adding empty groups [SME: 5920] * Mon Jun 7 2010 Federico Simoncelli 5.2.0-22.sme @@ -817,7 +863,7 @@ e-smith server and gateway software - LD - [4.3.1-01] - Rolled version number to 4.3.1-01. Includes patches upto 4.3.0-07. -* Thu Aug 07 2001 Charlie Brady +* Tue Aug 07 2001 Charlie Brady - [4.3.0-07] - Break slapd.conf template into fragments, and include in-line at.conf and co.conf fragements, rather than use include feature. @@ -991,12 +1037,22 @@ e-smith server and gateway software - LD * Mon Jun 12 2000 Charlie Brady - Use new multi-arg form of backgroundCommand. -* Fri Jun 1 2000 Charlie Brady +* Thu Jun 01 2000 Charlie Brady + Fri Jun 01 2000 --> Fri May 26 2000 or Thu Jun 01 2000 or Fri Jun 02 2000 or .... - First created - broken out of e-smith-base 4.0.11. %prep %setup %patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +mkdir -p root/etc/openldap/ssl +rm -rf root/service root/var/service root/etc/rc.d/init.d/supervise +%patch6 -p1 +%patch7 -p1 %build perl createlinks @@ -1006,14 +1062,15 @@ rm -rf $RPM_BUILD_ROOT (cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT) rm -f %{name}-%{version}-%{release}-filelist /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ - --file /var/service/ldap/run 'attr(0750,root,root)' \ - --file /var/service/ldap/log/run 'attr(0750,root,root)' \ + --file /sbin/e-smith/systemd/ldap-certificate 'attr(0554,root,root)' \ + --file /sbin/e-smith/systemd/ldap-prepare 'attr(0554,root,root)' \ + --file /sbin/e-smith/systemd/ldap-finish 'attr(0554,root,root)' \ --file /var/service/ldap/ldif-fix 'attr(0750,root,root)' \ --file /var/service/ldap/finish 'attr(0750,root,root)' \ - --file /var/service/ldap/control/1 'attr(0750,root,root)' \ --dir /var/log/bdb 'attr(0700,ldap,ldap)' \ --dir /home/e-smith/db/ldap 'attr(0750,root,ldap)' \ --dir /var/log/ldap 'attr(0750,smelog,smelog)' \ + --dir /etc/openldap/ssl 'attr(0750,root,ldap)' \ > %{name}-%{version}-%{release}-filelist echo "%doc COPYING" >> %{name}-%{version}-%{release}-filelist @@ -1023,3 +1080,10 @@ rm -rf $RPM_BUILD_ROOT %files -f %{name}-%{version}-%{release}-filelist %defattr(-,root,root) +%pre +if [ $1 -gt 1 ] ; then + if [ -e /var/service/ldap/run ] ; then + /usr/bin/sv d ldap + /usr/bin/sv d ldap/log + fi +fi