--- rpms/e-smith-ldap/sme8/e-smith-ldap.spec 2010/09/27 21:05:57 1.52 +++ rpms/e-smith-ldap/sme8/e-smith-ldap.spec 2010/11/05 01:39:52 1.72 @@ -1,10 +1,10 @@ -# $Id: e-smith-ldap.spec,v 1.51 2010/09/27 17:38:04 slords Exp $ +# $Id: e-smith-ldap.spec,v 1.71 2010/11/02 17:03:38 slords Exp $ Summary: e-smith server and gateway - LDAP module %define name e-smith-ldap Name: %{name} %define version 5.2.0 -%define release 41 +%define release 60 Version: %{version} Release: %{release}%{?dist} License: GPL @@ -50,11 +50,30 @@ Patch36: e-smith-ldap-5.2.0-ldif_templat Patch37: e-smith-ldap-5.2.0-fix_ldap_delete.patch Patch38: e-smith-ldap-5.2.0-better_ldif.patch Patch39: e-smith-ldap-5.2.0-ldap_update_several_groups.patch +Patch40: e-smith-ldap-5.2.0-anonymous_acl.patch +Patch41: e-smith-ldap-5.2.0-users_acl.patch +Patch42: e-smith-ldap-5.2.0-toggle_anonymous_access.patch +Patch43: e-smith-ldap-5.2.0-fix_anonymous_toggle.patch +Patch44: e-smith-ldap-5.2.0-link_ldap_update.patch +Patch45: e-smith-ldap-5.2.0-update_group_membership_on_delete.patch +Patch46: e-smith-ldap-5.2.0-ldap_update_later.patch +Patch47: e-smith-ldap-5.2.0-allow_authenticated_users_to_read_attrs.patch +Patch48: e-smith-ldap-5.2.0-add_nobody_and_shared_in_ldap.patch +Patch49: e-smith-ldap-5.2.0-fix_nobody_and_shared_group.patch +Patch50: e-smith-ldap-5.2.0-add_www_move_nobody.patch +Patch51: e-smith-ldap-5.2.0-fix_ldap_update.patch +Patch52: e-smith-ldap-5.2.0-ldap-init-script.patch +Patch53: e-smith-ldap-5.2.0-enable_ldap_init.patch +Patch54: e-smith-ldap-5.2.0-ldap-auth.patch +Patch55: e-smith-ldap-5.2.0-unix-cleanup.patch +Patch56: e-smith-ldap-5.2.0-group-attrs.patch BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot BuildArchitectures: noarch Requires: e-smith-base Requires: e-smith-lib >= 1.15.1-16 -Requires: openldap >= 2.0.0, perl(Net::LDAP) +Requires: openldap >= 2.0.0 +Requires: openldap-clients +Requires: perl(Net::LDAP) Requires: e-smith-formmagick >= 1.4.0-9 BuildRequires: e-smith-devtools >= 1.13.1-03 AutoReqProv: no @@ -63,6 +82,63 @@ AutoReqProv: no e-smith server and gateway software - LDAP module. %changelog +* Thu Nov 4 2010 Shad L. Lords 5.2.0-60.sme +- groups don't have password, some don't have description [SME: 6337] + +* Tue Nov 2 2010 Shad L. Lords 5.2.0-59.sme +- Remove unix users/groups if ldap is master [SME: 6325] + +* Tue Nov 2 2010 Shad L. Lords 5.2.0-58.sme +- Disable ldap-delete if ldap is master [SME: 6324] + +* Tue Nov 02 2010 Daniel Berteaud 5.2.0-57.sme +- Enable the new ldap.init service [SME: 6231] + +* Sat Oct 30 2010 Daniel Berteaud 5.2.0-56.sme +- Fix a small typo in reset-ldap-bootstrap [SME: 6231] + +* Fri Oct 29 2010 Shad L. Lords 5.2.0-55.sme +- Add ldap.init script to allow update on reconfig/reboot [SME: 6231] + +* Thu Oct 28 2010 Daniel Berteaud 5.2.0-54.sme +- Fix minor errors in ldap-update [SME: 6312] + +* Wed Oct 27 2010 Shad L. Lords 5.2.0-53.sme +- Add www user/group to ldap [SME: 6312] + +* Wed Oct 27 2010 Daniel Berteaud 5.2.0-52.sme +- Fixes for nobody and shared groups [SME: 6310] + +* Wed Oct 27 2010 Daniel Berteaud 5.2.0-51.sme +- Add nobody and shared groups in LDAP [SME: 6310] + +* Thu Oct 14 2010 Daniel Berteaud 5.2.0-50.sme +- Allow authenticated users to read posixAccount and shadowAccount attrs [SME: 6254] + +* Wed Oct 13 2010 Daniel Berteaud 5.2.0-49.sme +- call ldap-update later during group and user creation [SME: 6284] + +* Thu Oct 7 2010 Daniel Berteaud 5.2.0-48.sme +- Update group membership for deleted accounts [SME: 6276] + +* Thu Oct 7 2010 Daniel Berteaud 5.2.0-47.sme +- Don't call ldap-update on deleted accounts [SME: 6239] + +* Thu Oct 7 2010 Daniel Berteaud 5.2.0-46.sme +- Link ldap-update scripts in needed events [SME: 6239] + +* Sat Oct 2 2010 Daniel Berteaud 5.2.0-45.sme +- Fix toggle anonymous access [SME: 6255] + +* Sat Oct 2 2010 Daniel Berteaud 5.2.0-44.sme +- Toggle anonymous access with AnonymousAccess property [SME: 6255] + +* Sat Oct 2 2010 Daniel Berteaud 5.2.0-43.sme +- Allow authenticated users to see more than just their own entry [SME: 6079] + +* Sat Oct 2 2010 Daniel Berteaud 5.2.0-42.sme +- Deny access to some attributes for anonymous users [SME: 6254] + * Mon Sep 27 2010 Daniel Berteaud 5.2.0-41.sme - Add ldap-update support for several accounts [SME: 6249] @@ -117,6 +193,7 @@ e-smith server and gateway software - LD - Indexe memberUid attribute [SME: 6220] - Expand slapd.conf during ldap-update event [SME: 6224] - Split slapd ACL template [SME: 6225] +- Prevent users from reading their password over a unsecured link [SME: 6252] - Use md5crypt hash when client requests exop [SME: 6223] * Wed Sep 22 2010 Daniel Berteaud 5.2.0-24.sme @@ -881,12 +958,29 @@ e-smith server and gateway software - LD %patch37 -p1 %patch38 -p1 %patch39 -p1 +%patch40 -p1 +%patch41 -p1 +%patch42 -p1 +%patch43 -p1 +%patch44 -p1 +%patch45 -p1 +%patch46 -p1 +%patch47 -p1 +%patch48 -p1 +%patch49 -p1 +%patch50 -p1 +%patch51 -p1 +%patch52 -p1 +%patch53 -p1 +%patch54 -p1 +%patch55 -p1 +%patch56 -p1 %build mkdir -p root/etc/e-smith/tests perl createlinks mkdir -p root/etc/rc.d/rc7.d -ln -s /etc/rc.d/init.d/e-smith-service root/etc/rc.d/rc7.d/S80ldap +ln -s /etc/rc.d/init.d/e-smith-service root/etc/rc.d/rc7.d/S77ldap mkdir -p root/home/e-smith/db/ldap mkdir -p root/etc/rc.d/init.d/supervise @@ -899,6 +993,7 @@ touch root/var/service/ldap/down mkdir -p root/var/log/bdb mkdir -p root/var/log/ldap mkdir -p root/var/service/ldap/ssl +mkdir -p root/etc/e-smith/ldap/init %install rm -rf $RPM_BUILD_ROOT