--- rpms/e-smith-ldap/sme8/e-smith-ldap.spec 2008/02/13 22:51:45 1.3 +++ rpms/e-smith-ldap/sme8/e-smith-ldap.spec 2010/12/01 19:30:40 1.86 @@ -1,24 +1,88 @@ +# $Id: e-smith-ldap.spec,v 1.85 2010/12/01 19:30:05 slords Exp $ + Summary: e-smith server and gateway - LDAP module %define name e-smith-ldap Name: %{name} -%define version 4.12.0 -%define release 8 +%define version 5.2.0 +%define release 73 Version: %{version} Release: %{release}%{?dist} License: GPL Group: Networking/Daemons Source: %{name}-%{version}.tar.gz -Patch0: e-smith-ldap-4.12.0-noipv6.patch -Patch1: e-smith-ldap-4.12.0-slapd.conf.perms.patch -Patch2: e-smith-ldap-4.12.0-success.patch -Patch3: e-smith-ldap-4.12.0-pid_args_files.patch -Patch4: e-smith-ldap-4.12.0-objectClass.patch -Patch5: e-smith-ldap-4.12.0-tags2general.patch +Patch0: %{name}-%{version}.backend +Patch1: %{name}-%{version}-schema.patch +Patch2: %{name}-%{version}-convert_ldif.patch +Patch3: %{name}-%{version}-password.patch +Patch4: %{name}-%{version}-tls.patch +Patch5: %{name}-%{version}-user-lock-event.patch +Patch6: %{name}-%{version}-admin_user.patch +Patch7: %{name}-%{version}-users_groups_ous.patch2 +Patch8: %{name}-%{version}-attributes.patch +Patch9: %{name}-%{version}-mailboxRelatedObject.patch +Patch10: %{name}-%{version}-force_ssl_tls_for_auth.patch +Patch11: %{name}-%{version}-sme8b-db.patch +Patch12: %{name}-%{version}-admin_user2.patch +Patch13: %{name}-%{version}-ibay_password.patch +Patch14: %{name}-%{version}-fix-indention.patch +Patch15: %{name}-%{version}-email-domain-change.patch +Patch16: %{name}-%{version}-update-admin.patch +Patch17: %{name}-%{version}-empty_group.patch +Patch18: e-smith-ldap-5.2.0-ldap_logs.patch +Patch19: e-smith-ldap-5.2.0-force_enabled.patch +Patch20: e-smith-ldap-5.2.0-index_memberuid.patch +Patch21: e-smith-ldap-5.2.0-expand_slapd_on_ldap_update.patch +Patch22: e-smith-ldap-5.2.0-split_acl_templates.patch +Patch23: e-smith-ldap-5.2.0-exop.patch +Patch24: e-smith-ldap-5.2.0-dump_ldif.patch +Patch25: e-smith-ldap-5.2.0-add_computers_ou.patch +Patch26: e-smith-ldap-5.2.0-add_posixaccount_attr_in_ldap.patch +Patch27: e-smith-ldap-5.2.0-full_path_to_config.patch +Patch28: e-smith-ldap-5.2.0-add_samba_attr_in_ldap.patch +Patch29: e-smith-ldap-5.2.0-code_cleanup.patch +Patch30: e-smith-ldap-5.2.0-base_oid.patch +Patch31: e-smith-ldap-5.2.0-rename_old_record.patch +Patch32: e-smith-ldap-5.2.0-add_ibay_machine.patch +Patch33: e-smith-ldap-5.2.0-rename_old_record_fix.patch +Patch34: e-smith-ldap-5.2.0-rename_old_record_fix2.patch +Patch35: e-smith-ldap-5.2.0-delete_extra_items.patch +Patch36: e-smith-ldap-5.2.0-ldif_template.patch +Patch37: e-smith-ldap-5.2.0-fix_ldap_delete.patch +Patch38: e-smith-ldap-5.2.0-better_ldif.patch +Patch39: e-smith-ldap-5.2.0-ldap_update_several_groups.patch +Patch40: e-smith-ldap-5.2.0-anonymous_acl.patch +Patch41: e-smith-ldap-5.2.0-users_acl.patch +Patch42: e-smith-ldap-5.2.0-toggle_anonymous_access.patch +Patch43: e-smith-ldap-5.2.0-fix_anonymous_toggle.patch +Patch44: e-smith-ldap-5.2.0-link_ldap_update.patch +Patch45: e-smith-ldap-5.2.0-update_group_membership_on_delete.patch +Patch46: e-smith-ldap-5.2.0-ldap_update_later.patch +Patch47: e-smith-ldap-5.2.0-allow_authenticated_users_to_read_attrs.patch +Patch48: e-smith-ldap-5.2.0-add_nobody_and_shared_in_ldap.patch +Patch49: e-smith-ldap-5.2.0-fix_nobody_and_shared_group.patch +Patch50: e-smith-ldap-5.2.0-add_www_move_nobody.patch +Patch51: e-smith-ldap-5.2.0-fix_ldap_update.patch +Patch52: e-smith-ldap-5.2.0-ldap-init-script.patch +Patch53: e-smith-ldap-5.2.0-enable_ldap_init.patch +Patch54: e-smith-ldap-5.2.0-ldap-auth.patch +Patch55: e-smith-ldap-5.2.0-unix-cleanup.patch +Patch56: e-smith-ldap-5.2.0-group-attrs.patch +Patch57: e-smith-ldap-5.2.0-simple-ldap-update.patch +Patch58: e-smith-ldap-5.2.0-fixe_ldif_templates.patch +Patch59: e-smith-ldap-5.2.0-locked-passwd.patch +Patch60: e-smith-ldap-5.2.0-startup-order.patch +Patch61: e-smith-ldap-5.2.0-remove_bogus_junk.patch +Patch62: e-smith-ldap-5.2.0-ldapmodify.patch +Patch63: e-smith-ldap-5.2.0-fix-department.patch +Patch64: e-smith-ldap-5.2.0-update-ldap-later.patch +Patch65: e-smith-ldap-5.2.0-ldap-init.patch BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot BuildArchitectures: noarch Requires: e-smith-base Requires: e-smith-lib >= 1.15.1-16 -Requires: openldap >= 2.0.0, perl(Net::LDAP) +Requires: openldap >= 2.0.0 +Requires: openldap-clients +Requires: perl(Net::LDAP) Requires: e-smith-formmagick >= 1.4.0-9 BuildRequires: e-smith-devtools >= 1.13.1-03 AutoReqProv: no @@ -27,7 +91,249 @@ AutoReqProv: no e-smith server and gateway software - LDAP module. %changelog -* Wed Feb 13 2008 Stephen Noble 1.12.0-8 +* Wed Dec 1 2010 Shad L. Lords 5.2.0-73.sme +- Fix permissions on ldif-fix script [SME: 6244] + +* Wed Dec 1 2010 Shad L. Lords 5.2.0-72.sme +- Replace convert_ldif with ldif-fix script [SME: 6244] +- Remove ldif template and expansion [SME: 6421] +- Simplify ldap-update call by calling ldif-fix [SME: 6422] + +* Tue Nov 30 2010 Shad L. Lords 5.2.0-71.sme +- Update ldap database later to pick up samba group maps [SME: 6419] + +* Tue Nov 30 2010 Shad L. Lords 5.2.0-70.sme +- Use correct field (Dept) for ou ldap field [SME: 6417] + +* Tue Nov 30 2010 Shad L. Lords 5.2.0-69.sme +- Add rfc2739.schem back in and include in config so upgrades work [SME: 5159] + +* Tue Nov 30 2010 Daniel Berteaud 5.2.0-68.sme +- Use ldapmodify to load ldif, add -a if no changetype [SME: 6413] + +* Tue Nov 23 2010 Daniel Berteaud 5.2.0-67.sme +- Remove bogus junk attribute from ldif templates [SME: 6396] + +* Mon Nov 22 2010 Shad L. Lords 5.2.0-66.sme +- Change startup order for ldap [SME: 6390] + +* Thu Nov 11 2010 Shad L. Lords 5.2.0-65.sme +- Store locked password instead of expired password [SME: 6360] + +* Wed Nov 10 2010 Daniel Berteaud 5.2.0-64.sme +- Fixed ldif templates error [SME: 6356] + +* Mon Nov 8 2010 Shad L. Lords 5.2.0-63.sme +- Simplify ldap-update for most events [SME: 6354] + +* Fri Nov 5 2010 Shad L. Lords 5.2.0-62.sme +- Adjust call to ldap-update later create/modify/delete [SME: 6284] + +* Thu Nov 4 2010 Shad L. Lords 5.2.0-61.sme +- Apply correct patch for group descriptions/password [SME: 6337] + +* Thu Nov 4 2010 Shad L. Lords 5.2.0-60.sme +- groups don't have password, some don't have description [SME: 6337] + +* Tue Nov 2 2010 Shad L. Lords 5.2.0-59.sme +- Remove unix users/groups if ldap is master [SME: 6325] + +* Tue Nov 2 2010 Shad L. Lords 5.2.0-58.sme +- Disable ldap-delete if ldap is master [SME: 6324] + +* Tue Nov 02 2010 Daniel Berteaud 5.2.0-57.sme +- Enable the new ldap.init service [SME: 6231] + +* Sat Oct 30 2010 Daniel Berteaud 5.2.0-56.sme +- Fix a small typo in reset-ldap-bootstrap [SME: 6231] + +* Fri Oct 29 2010 Shad L. Lords 5.2.0-55.sme +- Add ldap.init script to allow update on reconfig/reboot [SME: 6231] + +* Thu Oct 28 2010 Daniel Berteaud 5.2.0-54.sme +- Fix minor errors in ldap-update [SME: 6312] + +* Wed Oct 27 2010 Shad L. Lords 5.2.0-53.sme +- Add www user/group to ldap [SME: 6312] + +* Wed Oct 27 2010 Daniel Berteaud 5.2.0-52.sme +- Fixes for nobody and shared groups [SME: 6310] + +* Wed Oct 27 2010 Daniel Berteaud 5.2.0-51.sme +- Add nobody and shared groups in LDAP [SME: 6310] + +* Thu Oct 14 2010 Daniel Berteaud 5.2.0-50.sme +- Allow authenticated users to read posixAccount and shadowAccount attrs [SME: 6254] + +* Wed Oct 13 2010 Daniel Berteaud 5.2.0-49.sme +- call ldap-update later during group and user creation [SME: 6284] + +* Thu Oct 7 2010 Daniel Berteaud 5.2.0-48.sme +- Update group membership for deleted accounts [SME: 6276] + +* Thu Oct 7 2010 Daniel Berteaud 5.2.0-47.sme +- Don't call ldap-update on deleted accounts [SME: 6239] + +* Thu Oct 7 2010 Daniel Berteaud 5.2.0-46.sme +- Link ldap-update scripts in needed events [SME: 6239] + +* Sat Oct 2 2010 Daniel Berteaud 5.2.0-45.sme +- Fix toggle anonymous access [SME: 6255] + +* Sat Oct 2 2010 Daniel Berteaud 5.2.0-44.sme +- Toggle anonymous access with AnonymousAccess property [SME: 6255] + +* Sat Oct 2 2010 Daniel Berteaud 5.2.0-43.sme +- Allow authenticated users to see more than just their own entry [SME: 6079] + +* Sat Oct 2 2010 Daniel Berteaud 5.2.0-42.sme +- Deny access to some attributes for anonymous users [SME: 6254] + +* Mon Sep 27 2010 Daniel Berteaud 5.2.0-41.sme +- Add ldap-update support for several accounts [SME: 6249] + +* Mon Sep 27 2010 Shad L. Lords 5.2.0-40.sme +- Make ldif template create single hash [SME: 6240] + +* Mon Sep 27 2010 Daniel Berteaud 5.2.0-39.sme +- Fix ldap-delete script [SME: 6238] + +* Sun Sep 26 2010 Shad L. Lords 5.2.0-38.sme +- Update ldif template to match stored data [SME: 6240] + +* Sun Sep 26 2010 Shad L. Lords 5.2.0-37.sme +- Delete all ldap objects that we now create [SME: 6238] + +* Sat Sep 25 2010 Shad L. Lords 5.2.0-36.sme +- Ensure required attributes are present for rename [SME: 6235] + +* Sat Sep 25 2010 Shad L. Lords 5.2.0-35.sme +- Fix old record lookups from sme7 [SME: 6235] + +* Sat Sep 25 2010 Shad L. Lords 5.2.0-34.sme +- Add ibay and machine accounts into ldap [SME: 6236] + +* Sat Sep 25 2010 Shad L. Lords 5.2.0-33.sme +- Rename old ldap record from sme7 if exists [SME: 6235] + +* Sat Sep 25 2010 Shad L. Lords 5.2.0-32.sme +- Fix/add base ou entries needed for new schema [SME: 6234] + +* Sat Sep 25 2010 Shad L. Lords 5.2.0-31.sme +- Rewrite ldap-update to make adding classes easier [SME: 6233] + +* Fri Sep 24 2010 Daniel Berteaud 5.2.0-30.sme +- Add sambaSamAccount attributes in LDAP [SME: 6232] + +* Thu Sep 23 2010 Daniel Berteaud 5.2.0-29.sme +- Use full path to config in the run script [SME: 6222] + +* Thu Sep 23 2010 Daniel Berteaud 5.2.0-28.sme +- Add posixAccount attributes in LDAP [SME: 6074] + +* Thu Sep 23 2010 Daniel Berteaud 5.2.0-27.sme +- Create the Computers OU [SME: 6230] + +* Thu Sep 23 2010 Daniel Berteaud 5.2.0-26.sme +- Dump ldap data during the pre-backup event [SME: 6226] + +* Wed Sep 22 2010 Daniel Berteaud 5.2.0-25.sme +- Send slapd logs in /var/log/ldap (multilog) [SME: 6222] +- Force the service to be enabled [SME: 6221] +- Indexe memberUid attribute [SME: 6220] +- Expand slapd.conf during ldap-update event [SME: 6224] +- Split slapd ACL template [SME: 6225] +- Prevent users from reading their password over a unsecured link [SME: 6252] +- Use md5crypt hash when client requests exop [SME: 6223] + +* Wed Sep 22 2010 Daniel Berteaud 5.2.0-24.sme +- Restrict access to the ldif file [SME: 6217] + +* Tue Jun 10 2010 Jonathan Martens 5.2.0-23.sme +- Fix ldap-create errors when adding empty groups [SME: 5920] + +* Mon Jun 7 2010 Federico Simoncelli 5.2.0-22.sme +- Update email addresses on domain change (thanks Daniel) [SME: 5984] +- Update admin information (thanks Daniel) [SME: 6014] + +* Tue May 4 2010 Jonathan Martens 5.2.0-21.sme +- Fix indentation in S25ldap-update script [SME: 5914] + +* Fri Apr 30 2010 Filippo Carletti 5.2.0-20.sme +- Don't try to save ibay password to ldap [SME: 5906] + +* Mon Mar 1 2010 Daniel B. 5.2.0-19.sme +- Fix bug reference in spec file + +* Mon Mar 1 2010 Filippo Carletti 5.2.0-18.sme +- Fix admin user password change (Daniel B.) [SME: 5810] + +* Tue Feb 9 2010 Filippo Carletti 5.2.0-17.sme +- Init database if the ldif dump is empty (ie from sme8b) [SME: 5747] + +* Fri Feb 5 2010 Stephen Noble 5.2.0-16.sme +- revert re-init database [SME:5747] + +* Fri Feb 5 2010 Stephen Noble 5.2.0-15.sme +- re-init readonly database on post-upgrade [SME:5747] + +* Thu Feb 4 2010 Daniel B. 5.2.0-14.sme +- Force SSL/TLS for remote authentication [SME: 5748] + +* Wed Feb 3 2010 Stephen Noble 5.2.0-13.sme +- reuse users_groups_ous.patch2 [SME: 5743] + +* Wed Feb 3 2010 Stephen Noble 5.2.0-12.sme +- Separate groups and users with mailboxRelatedObject [SME:5749] + +* Wed Feb 3 2010 Stephen Noble 5.2.0-11.sme +- Set readonly access [SME:5752] + +* Sun Jan 31 2010 Stephen Noble 5.2.0-10.sme +- Fix ldap-update action script to user-lock event [SME: 5720] + +* Sun Jan 31 2010 Stephen Noble 5.2.0-9.sme +- Fix Groups entries [SME: 5743] + +* Sun Jan 31 2010 Stephen Noble 5.2.0-8.sme +- Add Groups entries [SME: 5743] + +* Sun Jan 31 2010 Stephen Noble 5.2.0-7.sme +- Add admin user as a standard user [SME: 5742] + +* Sat Jan 30 2010 Jonathan Martens 5.2.0-6.sme +- Add ldap-update action script to user-lock event [SME: 5720] + +* Wed Jan 27 2010 Federico Simoncelli 5.2.0-5.sme +- Add ldap authentication and tls support [SME: 5720] + +* Wed Jan 13 2010 Filippo Carletti 5.2.0-4.sme +- Update schema for newer openldap and remove calFBurl [SME: 5159] +- Convert ldif dump [SME: 5446] + +* Sun Feb 8 2009 Charlie Brady 5.2.0-3.sme +- Create bdb log directory. [SME: 3018] + +* Tue Jan 27 2009 Charlie Brady 5.2.0-2.sme +- Change ldap backend to bdb, and fix initialisation problem. + [SME: 3018, 2859] + +* Tue Oct 7 2008 Shad L. Lords 5.2.0-1.sme +- Roll new stream to separate sme7/sme8 trees [SME: 4633] + +* Wed Aug 20 2008 Shad L. Lords 4.13.0-1 +- Roll new dev stream. + +* Fri Jul 25 2008 Shad L. Lords 4.12.0-11 +- Separate template to avoid breaking schema [SME: 4171] + +* Sat Jul 5 2008 Jonathan Martens 4.12.0-10 +- Add common tags to e-smith-formmagick's general [SME: 4279] + +* Tue Apr 1 2008 Shad L. Lords 4.12.0-9 +- Add free/busy URL entry to help kronolith contribs [SME: 1806] + +* Wed Feb 13 2008 Stephen Noble 4.12.0-8 - Remove tags now in general [SME: 3919] * Tue Jun 26 2007 Charlie Brady @@ -668,12 +974,70 @@ e-smith server and gateway software - LD %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 +%patch16 -p1 +%patch17 -p1 +%patch18 -p1 +%patch19 -p1 +%patch20 -p1 +%patch21 -p1 +%patch22 -p1 +%patch23 -p1 +%patch24 -p1 +%patch25 -p1 +%patch26 -p1 +%patch27 -p1 +%patch28 -p1 +%patch29 -p1 +%patch30 -p1 +%patch31 -p1 +%patch32 -p1 +%patch33 -p1 +%patch34 -p1 +%patch35 -p1 +%patch36 -p1 +%patch37 -p1 +%patch38 -p1 +%patch39 -p1 +%patch40 -p1 +%patch41 -p1 +%patch42 -p1 +%patch43 -p1 +%patch44 -p1 +%patch45 -p1 +%patch46 -p1 +%patch47 -p1 +%patch48 -p1 +%patch49 -p1 +%patch50 -p1 +%patch51 -p1 +%patch52 -p1 +%patch53 -p1 +%patch54 -p1 +%patch55 -p1 +%patch56 -p1 +%patch57 -p1 +%patch58 -p1 +%patch59 -p1 +%patch60 -p1 +%patch61 -p1 +%patch62 -p1 +%patch63 -p1 +%patch64 -p1 +%patch65 -p1 %build mkdir -p root/etc/e-smith/tests perl createlinks -mkdir -p root/etc/rc.d/rc7.d -ln -s /etc/rc.d/init.d/e-smith-service root/etc/rc.d/rc7.d/S80ldap mkdir -p root/home/e-smith/db/ldap mkdir -p root/etc/rc.d/init.d/supervise @@ -683,13 +1047,24 @@ mkdir -p root/service ln -s /var/service/ldap root/service/ldap touch root/var/service/ldap/down +mkdir -p root/var/log/bdb +mkdir -p root/var/log/ldap +mkdir -p root/var/service/ldap/ssl +mkdir -p root/etc/e-smith/ldap/init + %install rm -rf $RPM_BUILD_ROOT (cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT) rm -f %{name}-%{version}-%{release}-filelist /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ --file /var/service/ldap/run 'attr(0750,root,root)' \ + --file /var/service/ldap/log/run 'attr(0750,root,root)' \ + --file /var/service/ldap/ldif-fix 'attr(0750,root,root)' \ --file /var/service/ldap/finish 'attr(0750,root,root)' \ + --file /var/service/ldap/control/1 'attr(0750,root,root)' \ + --dir /var/log/bdb 'attr(0700,ldap,ldap)' \ + --dir /home/e-smith/db/ldap 'attr(0750,root,ldap)' \ + --dir /var/log/ldap 'attr(0750,smelog,smelog)' \ > %{name}-%{version}-%{release}-filelist echo "%doc COPYING" >> %{name}-%{version}-%{release}-filelist