2020-10-14 19:18:11 +00:00
|
|
|
|
|
|
|
%global pkgname dirsrv
|
|
|
|
%global srcname 389-ds-base
|
|
|
|
|
|
|
|
# Exclude i686 bit arches
|
|
|
|
ExcludeArch: i686
|
|
|
|
|
|
|
|
# If perl-Socket-2.000 or newer is available, set 0 to use_Socket6.
|
|
|
|
%global use_Socket6 0
|
|
|
|
|
|
|
|
%global use_asan 0
|
2021-01-14 22:51:44 +00:00
|
|
|
%global use_rust 1
|
2020-10-14 19:18:11 +00:00
|
|
|
%global bundle_jemalloc 1
|
|
|
|
%if %{use_asan}
|
|
|
|
%global bundle_jemalloc 0
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if %{bundle_jemalloc}
|
|
|
|
%global jemalloc_name jemalloc
|
|
|
|
%global jemalloc_ver 5.2.1
|
|
|
|
%global __provides_exclude ^libjemalloc\\.so.*$
|
|
|
|
%endif
|
|
|
|
|
|
|
|
# Use Clang instead of GCC
|
|
|
|
%global use_clang 0
|
|
|
|
|
|
|
|
# Build cockpit plugin
|
2021-06-24 14:22:53 +00:00
|
|
|
%global use_cockpit 0
|
2020-10-14 19:18:11 +00:00
|
|
|
|
|
|
|
# fedora 15 and later uses tmpfiles.d
|
|
|
|
# otherwise, comment this out
|
|
|
|
%{!?with_tmpfiles_d: %global with_tmpfiles_d %{_sysconfdir}/tmpfiles.d}
|
|
|
|
|
|
|
|
# systemd support
|
|
|
|
%global groupname %{pkgname}.target
|
|
|
|
|
|
|
|
# set PIE flag
|
|
|
|
%global _hardened_build 1
|
|
|
|
|
2021-07-08 15:56:13 +00:00
|
|
|
# Filter argparse-manpage from autogenerated package Requires
|
|
|
|
%global __requires_exclude ^python.*argparse-manpage
|
|
|
|
|
2021-08-05 15:07:51 +00:00
|
|
|
# Force to require nss version greater or equal as the version available at the build time
|
|
|
|
# See bz1986327
|
|
|
|
%define dirsrv_requires_ge() %(LC_ALL="C" echo '%*' | xargs -r rpm -q --qf 'Requires: %%{name} >= %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not")
|
|
|
|
|
2020-10-14 19:18:11 +00:00
|
|
|
Summary: 389 Directory Server (base)
|
|
|
|
Name: 389-ds-base
|
2021-08-23 20:51:10 +00:00
|
|
|
Version: 2.0.8
|
2021-08-27 13:22:03 +00:00
|
|
|
Release: 2%{?dist}
|
2021-05-30 19:04:10 +00:00
|
|
|
License: GPLv3+ and ASL 2.0 and MPLv2.0 and Boost
|
2020-10-14 19:18:11 +00:00
|
|
|
URL: https://www.port389.org
|
|
|
|
Conflicts: selinux-policy-base < 3.9.8
|
|
|
|
Conflicts: freeipa-server < 4.0.3
|
|
|
|
Obsoletes: %{name} <= 1.4.0.9
|
2020-10-27 18:04:15 +00:00
|
|
|
Obsoletes: %{name}-legacy-tools < 1.4.4.6
|
|
|
|
Obsoletes: %{name}-legacy-tools-debuginfo < 1.4.4.6
|
2020-10-14 19:18:11 +00:00
|
|
|
Provides: ldif2ldbm >= 0
|
|
|
|
|
2021-05-30 19:04:10 +00:00
|
|
|
##### Bundled cargo crates list - START #####
|
|
|
|
Provides: bundled(crate(ahash)) = 0.7.2
|
|
|
|
Provides: bundled(crate(ansi_term)) = 0.11.0
|
|
|
|
Provides: bundled(crate(atty)) = 0.2.14
|
|
|
|
Provides: bundled(crate(autocfg)) = 1.0.1
|
|
|
|
Provides: bundled(crate(base64)) = 0.13.0
|
|
|
|
Provides: bundled(crate(bitflags)) = 1.2.1
|
|
|
|
Provides: bundled(crate(byteorder)) = 1.4.3
|
|
|
|
Provides: bundled(crate(cbindgen)) = 0.9.1
|
|
|
|
Provides: bundled(crate(cc)) = 1.0.67
|
|
|
|
Provides: bundled(crate(cfg-if)) = 1.0.0
|
|
|
|
Provides: bundled(crate(clap)) = 2.33.3
|
|
|
|
Provides: bundled(crate(concread)) = 0.2.9
|
|
|
|
Provides: bundled(crate(crossbeam)) = 0.8.0
|
|
|
|
Provides: bundled(crate(crossbeam-channel)) = 0.5.1
|
|
|
|
Provides: bundled(crate(crossbeam-deque)) = 0.8.0
|
|
|
|
Provides: bundled(crate(crossbeam-epoch)) = 0.9.3
|
|
|
|
Provides: bundled(crate(crossbeam-queue)) = 0.3.1
|
|
|
|
Provides: bundled(crate(crossbeam-utils)) = 0.8.3
|
|
|
|
Provides: bundled(crate(entryuuid)) = 0.1.0
|
|
|
|
Provides: bundled(crate(entryuuid_syntax)) = 0.1.0
|
|
|
|
Provides: bundled(crate(fernet)) = 0.1.4
|
|
|
|
Provides: bundled(crate(foreign-types)) = 0.3.2
|
|
|
|
Provides: bundled(crate(foreign-types-shared)) = 0.1.1
|
|
|
|
Provides: bundled(crate(getrandom)) = 0.2.2
|
|
|
|
Provides: bundled(crate(hermit-abi)) = 0.1.18
|
|
|
|
Provides: bundled(crate(instant)) = 0.1.9
|
|
|
|
Provides: bundled(crate(itoa)) = 0.4.7
|
|
|
|
Provides: bundled(crate(jobserver)) = 0.1.21
|
|
|
|
Provides: bundled(crate(lazy_static)) = 1.4.0
|
|
|
|
Provides: bundled(crate(libc)) = 0.2.93
|
|
|
|
Provides: bundled(crate(librnsslapd)) = 0.1.0
|
|
|
|
Provides: bundled(crate(librslapd)) = 0.1.0
|
|
|
|
Provides: bundled(crate(lock_api)) = 0.4.3
|
|
|
|
Provides: bundled(crate(log)) = 0.4.14
|
|
|
|
Provides: bundled(crate(memoffset)) = 0.6.3
|
|
|
|
Provides: bundled(crate(once_cell)) = 1.7.2
|
2021-08-05 15:07:51 +00:00
|
|
|
Provides: bundled(crate(openssl)) = 0.10.35
|
|
|
|
Provides: bundled(crate(openssl-sys)) = 0.9.65
|
2021-05-30 19:04:10 +00:00
|
|
|
Provides: bundled(crate(parking_lot)) = 0.11.1
|
|
|
|
Provides: bundled(crate(parking_lot_core)) = 0.8.3
|
|
|
|
Provides: bundled(crate(paste)) = 0.1.18
|
|
|
|
Provides: bundled(crate(paste-impl)) = 0.1.18
|
|
|
|
Provides: bundled(crate(pkg-config)) = 0.3.19
|
|
|
|
Provides: bundled(crate(ppv-lite86)) = 0.2.10
|
|
|
|
Provides: bundled(crate(proc-macro-hack)) = 0.5.19
|
|
|
|
Provides: bundled(crate(proc-macro2)) = 1.0.26
|
|
|
|
Provides: bundled(crate(pwdchan)) = 0.1.0
|
|
|
|
Provides: bundled(crate(quote)) = 1.0.9
|
|
|
|
Provides: bundled(crate(rand)) = 0.8.3
|
|
|
|
Provides: bundled(crate(rand_chacha)) = 0.3.0
|
|
|
|
Provides: bundled(crate(rand_core)) = 0.6.2
|
|
|
|
Provides: bundled(crate(rand_hc)) = 0.3.0
|
|
|
|
Provides: bundled(crate(redox_syscall)) = 0.2.6
|
|
|
|
Provides: bundled(crate(remove_dir_all)) = 0.5.3
|
|
|
|
Provides: bundled(crate(ryu)) = 1.0.5
|
|
|
|
Provides: bundled(crate(scopeguard)) = 1.1.0
|
|
|
|
Provides: bundled(crate(serde)) = 1.0.125
|
|
|
|
Provides: bundled(crate(serde_derive)) = 1.0.125
|
|
|
|
Provides: bundled(crate(serde_json)) = 1.0.64
|
|
|
|
Provides: bundled(crate(slapd)) = 0.1.0
|
|
|
|
Provides: bundled(crate(slapi_r_plugin)) = 0.1.0
|
|
|
|
Provides: bundled(crate(smallvec)) = 1.6.1
|
|
|
|
Provides: bundled(crate(strsim)) = 0.8.0
|
|
|
|
Provides: bundled(crate(syn)) = 1.0.69
|
|
|
|
Provides: bundled(crate(synstructure)) = 0.12.4
|
|
|
|
Provides: bundled(crate(tempfile)) = 3.2.0
|
|
|
|
Provides: bundled(crate(textwrap)) = 0.11.0
|
|
|
|
Provides: bundled(crate(toml)) = 0.5.8
|
|
|
|
Provides: bundled(crate(unicode-width)) = 0.1.8
|
|
|
|
Provides: bundled(crate(unicode-xid)) = 0.2.1
|
|
|
|
Provides: bundled(crate(uuid)) = 0.8.2
|
|
|
|
Provides: bundled(crate(vcpkg)) = 0.2.11
|
|
|
|
Provides: bundled(crate(vec_map)) = 0.8.2
|
|
|
|
Provides: bundled(crate(version_check)) = 0.9.3
|
|
|
|
Provides: bundled(crate(wasi)) = 0.10.2+wasi_snapshot_preview1
|
|
|
|
Provides: bundled(crate(winapi)) = 0.3.9
|
|
|
|
Provides: bundled(crate(winapi-i686-pc-windows-gnu)) = 0.4.0
|
|
|
|
Provides: bundled(crate(winapi-x86_64-pc-windows-gnu)) = 0.4.0
|
|
|
|
Provides: bundled(crate(zeroize)) = 1.2.0
|
|
|
|
Provides: bundled(crate(zeroize_derive)) = 1.0.1
|
|
|
|
##### Bundled cargo crates list - END #####
|
|
|
|
|
2020-10-14 19:18:11 +00:00
|
|
|
BuildRequires: nspr-devel
|
|
|
|
BuildRequires: nss-devel >= 3.34
|
|
|
|
BuildRequires: openldap-devel
|
|
|
|
BuildRequires: libdb-devel
|
|
|
|
BuildRequires: cyrus-sasl-devel
|
|
|
|
BuildRequires: icu
|
|
|
|
BuildRequires: libicu-devel
|
|
|
|
BuildRequires: pcre-devel
|
|
|
|
BuildRequires: cracklib-devel
|
|
|
|
%if %{use_clang}
|
|
|
|
BuildRequires: libatomic
|
|
|
|
BuildRequires: clang
|
|
|
|
%else
|
|
|
|
BuildRequires: gcc
|
|
|
|
BuildRequires: gcc-c++
|
|
|
|
%endif
|
|
|
|
# The following are needed to build the snmp ldap-agent
|
|
|
|
BuildRequires: net-snmp-devel
|
|
|
|
BuildRequires: lm_sensors-devel
|
|
|
|
BuildRequires: bzip2-devel
|
|
|
|
BuildRequires: zlib-devel
|
|
|
|
BuildRequires: openssl-devel
|
|
|
|
# the following is for the pam passthru auth plug-in
|
|
|
|
BuildRequires: pam-devel
|
|
|
|
BuildRequires: systemd-units
|
|
|
|
BuildRequires: systemd-devel
|
|
|
|
%if %{use_asan}
|
|
|
|
BuildRequires: libasan
|
|
|
|
%endif
|
|
|
|
# If rust is enabled
|
|
|
|
%if %{use_rust}
|
|
|
|
BuildRequires: cargo
|
|
|
|
BuildRequires: rust
|
|
|
|
%endif
|
|
|
|
BuildRequires: pkgconfig
|
|
|
|
BuildRequires: pkgconfig(systemd)
|
|
|
|
BuildRequires: pkgconfig(krb5)
|
|
|
|
|
|
|
|
# Needed to support regeneration of the autotool artifacts.
|
|
|
|
BuildRequires: autoconf
|
|
|
|
BuildRequires: automake
|
|
|
|
BuildRequires: libtool
|
|
|
|
# For our documentation
|
|
|
|
BuildRequires: doxygen
|
|
|
|
# For tests!
|
|
|
|
BuildRequires: libcmocka-devel
|
|
|
|
BuildRequires: libevent-devel
|
|
|
|
# For lib389 and related components
|
|
|
|
BuildRequires: python%{python3_pkgversion}-devel
|
|
|
|
BuildRequires: python%{python3_pkgversion}-setuptools
|
|
|
|
BuildRequires: python%{python3_pkgversion}-ldap
|
|
|
|
BuildRequires: python%{python3_pkgversion}-six
|
|
|
|
BuildRequires: python%{python3_pkgversion}-pyasn1
|
|
|
|
BuildRequires: python%{python3_pkgversion}-pyasn1-modules
|
|
|
|
BuildRequires: python%{python3_pkgversion}-dateutil
|
|
|
|
BuildRequires: python%{python3_pkgversion}-argcomplete
|
|
|
|
BuildRequires: python%{python3_pkgversion}-argparse-manpage
|
|
|
|
BuildRequires: python%{python3_pkgversion}-libselinux
|
|
|
|
BuildRequires: python%{python3_pkgversion}-policycoreutils
|
|
|
|
|
|
|
|
# For cockpit
|
|
|
|
%if %{use_cockpit}
|
|
|
|
BuildRequires: rsync
|
|
|
|
%endif
|
|
|
|
|
|
|
|
Requires: %{name}-libs = %{version}-%{release}
|
|
|
|
Requires: python%{python3_pkgversion}-lib389 = %{version}-%{release}
|
|
|
|
|
|
|
|
# this is needed for using semanage from our setup scripts
|
|
|
|
Requires: policycoreutils-python-utils
|
|
|
|
Requires: /usr/sbin/semanage
|
|
|
|
Requires: libsemanage-python%{python3_pkgversion}
|
|
|
|
|
|
|
|
Requires: selinux-policy >= 3.14.1-29
|
|
|
|
|
|
|
|
# the following are needed for some of our scripts
|
|
|
|
Requires: openldap-clients
|
|
|
|
Requires: /usr/bin/c_rehash
|
|
|
|
Requires: python%{python3_pkgversion}-ldap
|
|
|
|
|
|
|
|
# this is needed to setup SSL if you are not using the
|
|
|
|
# administration server package
|
|
|
|
Requires: nss-tools
|
|
|
|
Requires: nss >= 3.34
|
2021-08-05 15:07:51 +00:00
|
|
|
%dirsrv_requires_ge nss
|
2020-10-14 19:18:11 +00:00
|
|
|
|
|
|
|
# these are not found by the auto-dependency method
|
|
|
|
# they are required to support the mandatory LDAP SASL mechs
|
|
|
|
Requires: cyrus-sasl-gssapi
|
|
|
|
Requires: cyrus-sasl-md5
|
|
|
|
Requires: cyrus-sasl-plain
|
|
|
|
|
|
|
|
# this is needed for verify-db.pl
|
|
|
|
Requires: libdb-utils
|
|
|
|
|
|
|
|
# Needed for password dictionary checks
|
|
|
|
Requires: cracklib-dicts
|
|
|
|
|
|
|
|
# Needed by logconv.pl
|
|
|
|
Requires: perl-DB_File
|
|
|
|
Requires: perl-Archive-Tar
|
2021-08-23 20:51:10 +00:00
|
|
|
Requires: perl-debugger
|
|
|
|
Requires: perl-sigtrap
|
2020-10-14 19:18:11 +00:00
|
|
|
|
|
|
|
# Picks up our systemd deps.
|
|
|
|
%{?systemd_requires}
|
|
|
|
|
|
|
|
Obsoletes: %{name} <= 1.3.5.4
|
|
|
|
|
2021-08-12 08:47:20 +00:00
|
|
|
Source0: https://releases.pagure.org/389-ds-base/%{name}-%{version}.tar.bz2
|
2020-10-14 19:18:11 +00:00
|
|
|
# 389-ds-git.sh should be used to generate the source tarball from git
|
|
|
|
Source1: %{name}-git.sh
|
|
|
|
Source2: %{name}-devel.README
|
|
|
|
%if %{bundle_jemalloc}
|
|
|
|
Source3: https://github.com/jemalloc/%{jemalloc_name}/releases/download/%{jemalloc_ver}/%{jemalloc_name}-%{jemalloc_ver}.tar.bz2
|
|
|
|
%endif
|
2021-08-27 13:22:03 +00:00
|
|
|
Patch01: 0001-Issue-4884-server-crashes-when-dnaInterval-attribute.patch
|
2020-10-14 19:18:11 +00:00
|
|
|
|
|
|
|
%description
|
|
|
|
389 Directory Server is an LDAPv3 compliant server. The base package includes
|
|
|
|
the LDAP server and command line utilities for server administration.
|
|
|
|
%if %{use_asan}
|
|
|
|
WARNING! This build is linked to Address Sanitisation libraries. This probably
|
|
|
|
isn't what you want. Please contact support immediately.
|
|
|
|
Please see http://seclists.org/oss-sec/2016/q1/363 for more information.
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%package libs
|
|
|
|
Summary: Core libraries for 389 Directory Server
|
|
|
|
BuildRequires: nspr-devel
|
|
|
|
BuildRequires: nss-devel >= 3.34
|
|
|
|
BuildRequires: openldap-devel
|
|
|
|
BuildRequires: libdb-devel
|
|
|
|
BuildRequires: cyrus-sasl-devel
|
|
|
|
BuildRequires: libicu-devel
|
|
|
|
BuildRequires: pcre-devel
|
|
|
|
BuildRequires: libtalloc-devel
|
|
|
|
BuildRequires: libevent-devel
|
|
|
|
BuildRequires: libtevent-devel
|
|
|
|
Requires: krb5-libs
|
|
|
|
Requires: libevent
|
|
|
|
BuildRequires: systemd-devel
|
2021-01-14 22:51:44 +00:00
|
|
|
BuildRequires: make
|
2020-10-14 19:18:11 +00:00
|
|
|
Provides: svrcore = 4.1.4
|
|
|
|
Conflicts: svrcore
|
|
|
|
Obsoletes: svrcore <= 4.1.3
|
|
|
|
|
|
|
|
%description libs
|
|
|
|
Core libraries for the 389 Directory Server base package. These libraries
|
|
|
|
are used by the main package and the -devel package. This allows the -devel
|
|
|
|
package to be installed with just the -libs package and without the main package.
|
|
|
|
|
|
|
|
%package devel
|
|
|
|
Summary: Development libraries for 389 Directory Server
|
|
|
|
Requires: %{name}-libs = %{version}-%{release}
|
|
|
|
Requires: pkgconfig
|
|
|
|
Requires: nspr-devel
|
|
|
|
Requires: nss-devel >= 3.34
|
|
|
|
Requires: openldap-devel
|
|
|
|
Requires: libtalloc
|
|
|
|
Requires: libevent
|
|
|
|
Requires: libtevent
|
|
|
|
Requires: systemd-libs
|
|
|
|
Provides: svrcore-devel = 4.1.4
|
|
|
|
Conflicts: svrcore-devel
|
|
|
|
Obsoletes: svrcore-devel <= 4.1.3
|
|
|
|
|
|
|
|
%description devel
|
|
|
|
Development Libraries and headers for the 389 Directory Server base package.
|
|
|
|
|
|
|
|
%package snmp
|
|
|
|
Summary: SNMP Agent for 389 Directory Server
|
|
|
|
Requires: %{name} = %{version}-%{release}
|
|
|
|
|
|
|
|
Obsoletes: %{name} <= 1.4.0.0
|
|
|
|
|
|
|
|
%description snmp
|
|
|
|
SNMP Agent for the 389 Directory Server base package.
|
|
|
|
|
|
|
|
%package -n python%{python3_pkgversion}-lib389
|
|
|
|
Summary: A library for accessing, testing, and configuring the 389 Directory Server
|
|
|
|
BuildArch: noarch
|
|
|
|
Requires: openssl
|
|
|
|
Requires: iproute
|
|
|
|
Recommends: bash-completion
|
|
|
|
Requires: python%{python3_pkgversion}
|
|
|
|
Requires: python%{python3_pkgversion}-distro
|
|
|
|
Requires: python%{python3_pkgversion}-ldap
|
|
|
|
Requires: python%{python3_pkgversion}-six
|
|
|
|
Requires: python%{python3_pkgversion}-pyasn1
|
|
|
|
Requires: python%{python3_pkgversion}-pyasn1-modules
|
|
|
|
Requires: python%{python3_pkgversion}-dateutil
|
|
|
|
Requires: python%{python3_pkgversion}-argcomplete
|
|
|
|
Requires: python%{python3_pkgversion}-libselinux
|
|
|
|
Requires: python%{python3_pkgversion}-setuptools
|
|
|
|
%{?python_provide:%python_provide python%{python3_pkgversion}-lib389}
|
|
|
|
|
|
|
|
%description -n python%{python3_pkgversion}-lib389
|
|
|
|
This module contains tools and libraries for accessing, testing,
|
|
|
|
and configuring the 389 Directory Server.
|
|
|
|
|
|
|
|
%if %{use_cockpit}
|
|
|
|
%package -n cockpit-389-ds
|
|
|
|
Summary: Cockpit UI Plugin for configuring and administering the 389 Directory Server
|
|
|
|
BuildArch: noarch
|
|
|
|
Requires: cockpit
|
|
|
|
Requires: 389-ds-base
|
|
|
|
Requires: python%{python3_pkgversion}
|
|
|
|
Requires: python%{python3_pkgversion}-lib389
|
|
|
|
|
|
|
|
%description -n cockpit-389-ds
|
|
|
|
A cockpit UI Plugin for configuring and administering the 389 Directory Server
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%prep
|
2021-08-12 08:47:20 +00:00
|
|
|
%autosetup -p1 -v -n %{name}-%{version}
|
|
|
|
%setup -q -n %{name}-%{version}
|
2020-10-14 19:18:11 +00:00
|
|
|
|
|
|
|
%if %{bundle_jemalloc}
|
2021-08-12 08:47:20 +00:00
|
|
|
%setup -q -n %{name}-%{version} -T -D -b 3
|
2020-10-14 19:18:11 +00:00
|
|
|
%endif
|
|
|
|
|
|
|
|
cp %{SOURCE2} README.devel
|
|
|
|
|
2021-05-24 15:42:49 +00:00
|
|
|
# The configure macro will modify some autoconf-related files, which upsets
|
|
|
|
# cargo when it tries to verify checksums in those files. If we just truncate
|
|
|
|
# that file list, cargo won't have anything to complain about.
|
|
|
|
find vendor -name .cargo-checksum.json \
|
|
|
|
-exec sed -i.uncheck -e 's/"files":{[^}]*}/"files":{ }/' '{}' '+'
|
|
|
|
|
2020-10-14 19:18:11 +00:00
|
|
|
%build
|
|
|
|
|
|
|
|
OPENLDAP_FLAG="--with-openldap"
|
|
|
|
%{?with_tmpfiles_d: TMPFILES_FLAG="--with-tmpfiles-d=%{with_tmpfiles_d}"}
|
|
|
|
# hack hack hack https://bugzilla.redhat.com/show_bug.cgi?id=833529
|
|
|
|
NSSARGS="--with-nss-lib=%{_libdir} --with-nss-inc=%{_includedir}/nss3"
|
|
|
|
|
|
|
|
%if %{use_asan}
|
|
|
|
ASAN_FLAGS="--enable-asan --enable-debug"
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if %{use_rust}
|
2021-01-14 22:51:44 +00:00
|
|
|
RUST_FLAGS="--enable-rust --enable-rust-offline"
|
2020-10-14 19:18:11 +00:00
|
|
|
%endif
|
|
|
|
|
|
|
|
%if !%{use_cockpit}
|
|
|
|
COCKPIT_FLAGS="--disable-cockpit"
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if %{use_clang}
|
|
|
|
export CC=clang
|
|
|
|
export CXX=clang++
|
|
|
|
CLANG_FLAGS="--enable-clang"
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if %{bundle_jemalloc}
|
|
|
|
# Override page size, bz #1545539
|
|
|
|
# 4K
|
|
|
|
%ifarch %ix86 %arm x86_64 s390x
|
|
|
|
%define lg_page --with-lg-page=12
|
|
|
|
%endif
|
|
|
|
|
|
|
|
# 64K
|
|
|
|
%ifarch ppc64 ppc64le aarch64
|
|
|
|
%define lg_page --with-lg-page=16
|
|
|
|
%endif
|
|
|
|
|
|
|
|
# Override huge page size on aarch64
|
|
|
|
# 2M instead of 512M
|
|
|
|
%ifarch aarch64
|
|
|
|
%define lg_hugepage --with-lg-hugepage=21
|
|
|
|
%endif
|
|
|
|
|
|
|
|
# Build jemalloc
|
|
|
|
pushd ../%{jemalloc_name}-%{jemalloc_ver}
|
|
|
|
%configure \
|
|
|
|
--libdir=%{_libdir}/%{pkgname}/lib \
|
|
|
|
--bindir=%{_libdir}/%{pkgname}/bin \
|
|
|
|
--enable-prof
|
|
|
|
make %{?_smp_mflags}
|
|
|
|
popd
|
|
|
|
%endif
|
|
|
|
|
|
|
|
# Enforce strict linking
|
2021-02-12 21:45:36 +00:00
|
|
|
%define _ld_strict_symbol_defs 1
|
2020-10-14 19:18:11 +00:00
|
|
|
|
|
|
|
# Rebuild the autotool artifacts now.
|
|
|
|
autoreconf -fiv
|
|
|
|
|
|
|
|
%configure --enable-autobind --with-selinux $TMPFILES_FLAG \
|
|
|
|
--with-systemd \
|
|
|
|
--with-systemdsystemunitdir=%{_unitdir} \
|
|
|
|
--with-systemdsystemconfdir=%{_sysconfdir}/systemd/system \
|
|
|
|
--with-systemdgroupname=%{groupname} \
|
|
|
|
--libexecdir=%{_libexecdir}/%{pkgname} \
|
2020-10-27 18:04:15 +00:00
|
|
|
$NSSARGS $ASAN_FLAGS $RUST_FLAGS $CLANG_FLAGS $COCKPIT_FLAGS \
|
2020-10-14 19:18:11 +00:00
|
|
|
--enable-cmocka \
|
|
|
|
--enable-perl
|
|
|
|
|
|
|
|
|
|
|
|
# lib389
|
|
|
|
pushd ./src/lib389
|
|
|
|
%py3_build
|
|
|
|
popd
|
|
|
|
# argparse-manpage dynamic man pages have hardcoded man v1 in header,
|
|
|
|
# need to change it to v8
|
2021-08-12 08:47:20 +00:00
|
|
|
sed -i "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}/src/lib389/man/dsconf.8
|
|
|
|
sed -i "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}/src/lib389/man/dsctl.8
|
|
|
|
sed -i "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}/src/lib389/man/dsidm.8
|
|
|
|
sed -i "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}/src/lib389/man/dscreate.8
|
2020-10-14 19:18:11 +00:00
|
|
|
|
|
|
|
# Generate symbolic info for debuggers
|
|
|
|
export XCFLAGS=$RPM_OPT_FLAGS
|
|
|
|
|
|
|
|
#make %{?_smp_mflags}
|
|
|
|
make
|
|
|
|
|
|
|
|
%install
|
|
|
|
|
|
|
|
mkdir -p %{buildroot}%{_datadir}/gdb/auto-load%{_sbindir}
|
|
|
|
%if %{use_cockpit}
|
|
|
|
mkdir -p %{buildroot}%{_datadir}/cockpit
|
|
|
|
%endif
|
|
|
|
make DESTDIR="$RPM_BUILD_ROOT" install
|
|
|
|
|
|
|
|
%if %{use_cockpit}
|
|
|
|
find %{buildroot}%{_datadir}/cockpit/389-console -type d | sed -e "s@%{buildroot}@@" | sed -e 's/^/\%dir /' > cockpit.list
|
|
|
|
find %{buildroot}%{_datadir}/cockpit/389-console -type f | sed -e "s@%{buildroot}@@" >> cockpit.list
|
|
|
|
%endif
|
|
|
|
|
|
|
|
# Copy in our docs from doxygen.
|
2021-08-12 08:47:20 +00:00
|
|
|
cp -r %{_builddir}/%{name}-%{version}/man/man3 $RPM_BUILD_ROOT/%{_mandir}/man3
|
2020-10-14 19:18:11 +00:00
|
|
|
|
|
|
|
# lib389
|
|
|
|
pushd src/lib389
|
|
|
|
%py3_install
|
|
|
|
popd
|
|
|
|
|
|
|
|
mkdir -p $RPM_BUILD_ROOT/var/log/%{pkgname}
|
|
|
|
mkdir -p $RPM_BUILD_ROOT/var/lib/%{pkgname}
|
|
|
|
mkdir -p $RPM_BUILD_ROOT/var/lock/%{pkgname}
|
|
|
|
|
|
|
|
# for systemd
|
|
|
|
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/systemd/system/%{groupname}.wants
|
|
|
|
|
2020-10-27 18:04:15 +00:00
|
|
|
# remove libtool archives and static libs
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/*.a
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/*.la
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/plugins/*.a
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/plugins/*.la
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/libsvrcore.a
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/libsvrcore.la
|
2020-10-14 19:18:11 +00:00
|
|
|
|
|
|
|
%if %{bundle_jemalloc}
|
|
|
|
pushd ../%{jemalloc_name}-%{jemalloc_ver}
|
|
|
|
make DESTDIR="$RPM_BUILD_ROOT" install_lib install_bin
|
2021-08-12 08:47:20 +00:00
|
|
|
cp -pa COPYING ../%{name}-%{version}/COPYING.jemalloc
|
|
|
|
cp -pa README ../%{name}-%{version}/README.jemalloc
|
2020-10-14 19:18:11 +00:00
|
|
|
popd
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%check
|
|
|
|
# This checks the code, if it fails it prints why, then re-raises the fail to shortcircuit the rpm build.
|
|
|
|
if ! make DESTDIR="$RPM_BUILD_ROOT" check; then cat ./test-suite.log && false; fi
|
|
|
|
|
|
|
|
%post
|
|
|
|
if [ -n "$DEBUGPOSTTRANS" ] ; then
|
|
|
|
output=$DEBUGPOSTTRANS
|
|
|
|
output2=${DEBUGPOSTTRANS}.upgrade
|
|
|
|
else
|
|
|
|
output=/dev/null
|
|
|
|
output2=/dev/null
|
|
|
|
fi
|
|
|
|
# reload to pick up any changes to systemd files
|
|
|
|
/bin/systemctl daemon-reload >$output 2>&1 || :
|
|
|
|
|
|
|
|
# https://fedoraproject.org/wiki/Packaging:UsersAndGroups#Soft_static_allocation
|
|
|
|
# Soft static allocation for UID and GID
|
|
|
|
USERNAME="dirsrv"
|
|
|
|
ALLOCATED_UID=389
|
|
|
|
GROUPNAME="dirsrv"
|
|
|
|
ALLOCATED_GID=389
|
|
|
|
HOMEDIR="/usr/share/dirsrv"
|
|
|
|
|
|
|
|
getent group $GROUPNAME >/dev/null || /usr/sbin/groupadd -f -g $ALLOCATED_GID -r $GROUPNAME
|
|
|
|
if ! getent passwd $USERNAME >/dev/null ; then
|
|
|
|
if ! getent passwd $ALLOCATED_UID >/dev/null ; then
|
|
|
|
/usr/sbin/useradd -r -u $ALLOCATED_UID -g $GROUPNAME -d $HOMEDIR -s /sbin/nologin -c "user for 389-ds-base" $USERNAME
|
|
|
|
else
|
|
|
|
/usr/sbin/useradd -r -g $GROUPNAME -d $HOMEDIR -s /sbin/nologin -c "user for 389-ds-base" $USERNAME
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Reload our sysctl before we restart (if we can)
|
|
|
|
sysctl --system &> $output; true
|
|
|
|
|
2020-10-27 18:04:15 +00:00
|
|
|
# Gather the running instances so we can restart them
|
2020-10-14 19:18:11 +00:00
|
|
|
instbase="%{_sysconfdir}/%{pkgname}"
|
2020-10-27 18:04:15 +00:00
|
|
|
ninst=0
|
2020-10-14 19:18:11 +00:00
|
|
|
for dir in $instbase/slapd-* ; do
|
|
|
|
echo dir = $dir >> $output 2>&1 || :
|
|
|
|
if [ ! -d "$dir" ] ; then continue ; fi
|
|
|
|
case "$dir" in *.removed) continue ;; esac
|
|
|
|
basename=`basename $dir`
|
|
|
|
inst="%{pkgname}@`echo $basename | sed -e 's/slapd-//g'`"
|
|
|
|
echo found instance $inst - getting status >> $output 2>&1 || :
|
|
|
|
if /bin/systemctl -q is-active $inst ; then
|
|
|
|
echo instance $inst is running >> $output 2>&1 || :
|
|
|
|
instances="$instances $inst"
|
|
|
|
else
|
|
|
|
echo instance $inst is not running >> $output 2>&1 || :
|
|
|
|
fi
|
|
|
|
ninst=`expr $ninst + 1`
|
|
|
|
done
|
|
|
|
if [ $ninst -eq 0 ] ; then
|
|
|
|
echo no instances to upgrade >> $output 2>&1 || :
|
|
|
|
exit 0 # have no instances to upgrade - just skip the rest
|
|
|
|
else
|
2020-10-27 18:04:15 +00:00
|
|
|
# restart running instances
|
|
|
|
echo shutting down all instances . . . >> $output 2>&1 || :
|
|
|
|
for inst in $instances ; do
|
|
|
|
echo stopping instance $inst >> $output 2>&1 || :
|
|
|
|
/bin/systemctl stop $inst >> $output 2>&1 || :
|
|
|
|
done
|
|
|
|
for inst in $instances ; do
|
|
|
|
echo starting instance $inst >> $output 2>&1 || :
|
|
|
|
/bin/systemctl start $inst >> $output 2>&1 || :
|
|
|
|
done
|
2020-10-14 19:18:11 +00:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2020-10-27 18:04:15 +00:00
|
|
|
%preun
|
|
|
|
if [ $1 -eq 0 ]; then # Final removal
|
|
|
|
# remove instance specific service files/links
|
|
|
|
rm -rf %{_sysconfdir}/systemd/system/%{groupname}.wants/* > /dev/null 2>&1 || :
|
|
|
|
fi
|
2020-10-14 19:18:11 +00:00
|
|
|
|
2020-10-27 18:04:15 +00:00
|
|
|
%postun
|
|
|
|
if [ $1 = 0 ]; then # Final removal
|
|
|
|
rm -rf /var/run/%{pkgname}
|
|
|
|
fi
|
|
|
|
|
|
|
|
%post snmp
|
|
|
|
%systemd_post %{pkgname}-snmp.service
|
|
|
|
|
|
|
|
%preun snmp
|
|
|
|
%systemd_preun %{pkgname}-snmp.service %{groupname}
|
|
|
|
|
|
|
|
%postun snmp
|
|
|
|
%systemd_postun_with_restart %{pkgname}-snmp.service
|
|
|
|
|
|
|
|
exit 0
|
2020-10-14 19:18:11 +00:00
|
|
|
|
|
|
|
%files
|
|
|
|
%if %{bundle_jemalloc}
|
|
|
|
%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.jemalloc
|
|
|
|
%license COPYING.jemalloc
|
|
|
|
%else
|
|
|
|
%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl
|
|
|
|
%endif
|
|
|
|
%dir %{_sysconfdir}/%{pkgname}
|
|
|
|
%dir %{_sysconfdir}/%{pkgname}/schema
|
|
|
|
%config(noreplace)%{_sysconfdir}/%{pkgname}/schema/*.ldif
|
|
|
|
%dir %{_sysconfdir}/%{pkgname}/config
|
|
|
|
%dir %{_sysconfdir}/systemd/system/%{groupname}.wants
|
|
|
|
%config(noreplace)%{_sysconfdir}/%{pkgname}/config/slapd-collations.conf
|
|
|
|
%config(noreplace)%{_sysconfdir}/%{pkgname}/config/certmap.conf
|
|
|
|
%{_datadir}/%{pkgname}
|
|
|
|
%{_datadir}/gdb/auto-load/*
|
|
|
|
%{_unitdir}
|
|
|
|
%{_bindir}/dbscan
|
|
|
|
%{_mandir}/man1/dbscan.1.gz
|
|
|
|
%{_bindir}/ds-replcheck
|
|
|
|
%{_mandir}/man1/ds-replcheck.1.gz
|
|
|
|
%{_bindir}/ds-logpipe.py
|
|
|
|
%{_mandir}/man1/ds-logpipe.py.1.gz
|
|
|
|
%{_bindir}/ldclt
|
|
|
|
%{_mandir}/man1/ldclt.1.gz
|
|
|
|
%{_bindir}/logconv.pl
|
|
|
|
%{_mandir}/man1/logconv.pl.1.gz
|
|
|
|
%{_bindir}/pwdhash
|
|
|
|
%{_mandir}/man1/pwdhash.1.gz
|
|
|
|
#%caps(CAP_NET_BIND_SERVICE=pe) {_sbindir}/ns-slapd
|
|
|
|
%{_sbindir}/ns-slapd
|
|
|
|
%{_mandir}/man8/ns-slapd.8.gz
|
2020-10-27 18:04:15 +00:00
|
|
|
%{_sbindir}/openldap_to_ds
|
|
|
|
%{_mandir}/man8/openldap_to_ds.8.gz
|
2020-10-14 19:18:11 +00:00
|
|
|
%{_libexecdir}/%{pkgname}/ds_systemd_ask_password_acl
|
|
|
|
%{_mandir}/man5/99user.ldif.5.gz
|
|
|
|
%{_mandir}/man5/certmap.conf.5.gz
|
|
|
|
%{_mandir}/man5/slapd-collations.conf.5.gz
|
|
|
|
%{_mandir}/man5/dirsrv.5.gz
|
|
|
|
%{_mandir}/man5/dirsrv.systemd.5.gz
|
|
|
|
%{_libdir}/%{pkgname}/python
|
|
|
|
%dir %{_libdir}/%{pkgname}/plugins
|
|
|
|
%{_libdir}/%{pkgname}/plugins/*.so
|
|
|
|
# This has to be hardcoded to /lib - $libdir changes between lib/lib64, but
|
|
|
|
# sysctl.d is always in /lib.
|
|
|
|
%{_prefix}/lib/sysctl.d/*
|
|
|
|
%dir %{_localstatedir}/lib/%{pkgname}
|
|
|
|
%dir %{_localstatedir}/log/%{pkgname}
|
|
|
|
%ghost %dir %{_localstatedir}/lock/%{pkgname}
|
|
|
|
%exclude %{_sbindir}/ldap-agent*
|
|
|
|
%exclude %{_mandir}/man1/ldap-agent.1.gz
|
|
|
|
%exclude %{_unitdir}/%{pkgname}-snmp.service
|
|
|
|
%if %{bundle_jemalloc}
|
|
|
|
%{_libdir}/%{pkgname}/lib/
|
|
|
|
%{_libdir}/%{pkgname}/bin/
|
|
|
|
%exclude %{_libdir}/%{pkgname}/bin/jemalloc-config
|
|
|
|
%exclude %{_libdir}/%{pkgname}/bin/jemalloc.sh
|
|
|
|
%exclude %{_libdir}/%{pkgname}/lib/libjemalloc.a
|
|
|
|
%exclude %{_libdir}/%{pkgname}/lib/libjemalloc.so
|
|
|
|
%exclude %{_libdir}/%{pkgname}/lib/libjemalloc_pic.a
|
|
|
|
%exclude %{_libdir}/%{pkgname}/lib/pkgconfig
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%files devel
|
|
|
|
%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel
|
|
|
|
%{_mandir}/man3/*
|
|
|
|
%{_includedir}/svrcore.h
|
|
|
|
%{_includedir}/%{pkgname}
|
|
|
|
%{_libdir}/libsvrcore.so
|
|
|
|
%{_libdir}/%{pkgname}/libslapd.so
|
|
|
|
%{_libdir}/%{pkgname}/libns-dshttpd.so
|
|
|
|
%{_libdir}/%{pkgname}/libldaputil.so
|
|
|
|
%{_libdir}/pkgconfig/svrcore.pc
|
|
|
|
%{_libdir}/pkgconfig/dirsrv.pc
|
|
|
|
|
|
|
|
%files libs
|
|
|
|
%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel
|
|
|
|
%dir %{_libdir}/%{pkgname}
|
|
|
|
%{_libdir}/libsvrcore.so.*
|
|
|
|
%{_libdir}/%{pkgname}/libslapd.so.*
|
2021-08-23 20:51:10 +00:00
|
|
|
%{_libdir}/%{pkgname}/libns-dshttpd.so.*
|
2020-10-14 19:18:11 +00:00
|
|
|
%{_libdir}/%{pkgname}/libldaputil.so.*
|
|
|
|
%{_libdir}/%{pkgname}/librewriters.so*
|
|
|
|
%if %{bundle_jemalloc}
|
|
|
|
%{_libdir}/%{pkgname}/lib/libjemalloc.so.2
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%files snmp
|
|
|
|
%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel
|
|
|
|
%config(noreplace)%{_sysconfdir}/%{pkgname}/config/ldap-agent.conf
|
|
|
|
%{_sbindir}/ldap-agent*
|
|
|
|
%{_mandir}/man1/ldap-agent.1.gz
|
|
|
|
%{_unitdir}/%{pkgname}-snmp.service
|
|
|
|
|
|
|
|
%files -n python%{python3_pkgversion}-lib389
|
|
|
|
%doc LICENSE LICENSE.GPLv3+
|
|
|
|
%{python3_sitelib}/lib389*
|
|
|
|
%{_sbindir}/dsconf
|
|
|
|
%{_mandir}/man8/dsconf.8.gz
|
|
|
|
%{_sbindir}/dscreate
|
|
|
|
%{_mandir}/man8/dscreate.8.gz
|
|
|
|
%{_sbindir}/dsctl
|
|
|
|
%{_mandir}/man8/dsctl.8.gz
|
|
|
|
%{_sbindir}/dsidm
|
|
|
|
%{_mandir}/man8/dsidm.8.gz
|
|
|
|
%{_libexecdir}/%{pkgname}/dscontainer
|
|
|
|
|
|
|
|
%if %{use_cockpit}
|
|
|
|
%files -n cockpit-389-ds -f cockpit.list
|
|
|
|
%{_datarootdir}/metainfo/389-console/org.port389.cockpit_console.metainfo.xml
|
|
|
|
%doc README.md
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%changelog
|
2021-08-27 13:22:03 +00:00
|
|
|
* Fri Aug 27 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.8-2
|
|
|
|
- Bump version to 2.0.8-2
|
|
|
|
- Resolves: Bug 1998464 - LDAP server crashes when dnaInterval attribute is set to 0
|
|
|
|
|
2021-08-23 20:51:10 +00:00
|
|
|
* Mon Aug 23 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.8-1
|
|
|
|
- Bump version to 2.0.8-1
|
|
|
|
- Resolves: Bug 1992609 - EntryUUID syntax plugin breaks replication with older versions
|
|
|
|
|
2021-08-12 08:47:20 +00:00
|
|
|
* Thu Aug 12 2021 Viktor Ashirov <vashirov@redhat.com> - 2.0.7-3
|
|
|
|
- Remove unused relprefix and prerel macros that break rpmdev-bumpspec logic
|
|
|
|
Related: rhbz#1991688
|
|
|
|
|
2021-08-09 18:24:46 +00:00
|
|
|
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.0.7-2.1
|
|
|
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
|
|
|
Related: rhbz#1991688
|
|
|
|
|
2021-08-05 15:07:51 +00:00
|
|
|
* Thu Aug 5 2021 Simon Pichugin <spichugi@redhat.com> - 2.0.7-2
|
|
|
|
- Resolves: Bug 1988759 - 389-ds-base: Rebuild does not switch to OpenSSL 3.0 Beta ABI
|
|
|
|
- Force to require nss version greater or equal as the version available at the build time
|
|
|
|
|
2021-07-26 14:06:52 +00:00
|
|
|
* Fri Jul 16 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.7-1
|
|
|
|
- Bump version to 2.0.7-1
|
|
|
|
- Resolves: Bug 1982789 - 389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed
|
|
|
|
|
2021-07-08 15:56:13 +00:00
|
|
|
* Thu Jul 8 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.6-3
|
|
|
|
- Bump version to 2.0.6-3
|
|
|
|
- Resolves: Bug 1978618 - Drop argparse-manpage runtime dependency
|
|
|
|
|
2021-06-28 13:40:28 +00:00
|
|
|
* Mon Jun 28 2021 Simon Pichugin <spichugi@redhat.com> - 2.0.6-2
|
|
|
|
- Roll back to openssl 0.10.33 rust crate as it's required for OpenSSL 3.0.0-alpha16
|
|
|
|
|
2021-06-24 14:22:53 +00:00
|
|
|
* Thu Jun 24 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.6-1
|
|
|
|
- Bump version to 2.0.6
|
|
|
|
- Resolves: Bug 1970559 - Crash in dynamic_plugins_test.py::test_acceptance
|
|
|
|
- Resolves: Bug 1843522 - move CL followup (1) - don't use hardcoded filename
|
|
|
|
- Resolves: Bug 1843524 - move CL followup (3) - import ldif2cl task should not close all changelogs
|
|
|
|
- Resolves: Bug 220222 - [RFE] support for RFC 4530 entryUUID attribute
|
|
|
|
- Resolves: Bug 1859296 - Remove DES to AES conversion code
|
|
|
|
- Resolves: Bug 1970586 - MODRDN fails with err=32 in managed_entry_test.py::test_mentry01
|
|
|
|
- Resolves: Bug 1970613 - dbscan crashes with SIGABRT in dirsrvtests/tests/suites/password/regression_test.py::test_unhashed_pw_switch
|
|
|
|
- Resolves: Bug 1970620 - memberofAutoAddOC attribute can't be added to Memberof plugin when dynamic plugins are on
|
|
|
|
- Resolves: Bug 1970586 - MODRDN fails with err=32 in managed_entry_test.py::test_mentry01
|
|
|
|
- Resolves: Bug 1910941 - CVE-2020-35518 389-ds-base: information disclosure during the binding of a DN
|
|
|
|
|
2021-06-16 03:21:41 +00:00
|
|
|
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.0.5-1.1
|
|
|
|
- Rebuilt for RHEL 9 BETA for openssl 3.0
|
|
|
|
Related: rhbz#1971065
|
|
|
|
|
2021-05-30 19:04:10 +00:00
|
|
|
* Sun May 30 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.5-1
|
|
|
|
- Bump version to 2.0.5
|
|
|
|
- Issue 4778 - RFE - Allow setting TOD for db compaction and add task
|
|
|
|
- Issue 4169 - UI - Port plugin tables to PF4
|
|
|
|
- Issue 4656 - Allow backward compatilbity for replication plugin name change
|
|
|
|
- Issue 4764 - replicated operation sometime checks ACI (#4783)
|
|
|
|
- Issue 2820 - Fix CI test suite issues
|
|
|
|
- Issue 4781 - There are some typos in man-pages
|
|
|
|
- Issue 4773 - Enable interval feature of DNA plugin
|
|
|
|
- Issue 4623 - RFE - Monitor the current DB locks (#4762)
|
|
|
|
- Issue 3555 - Fix UI audit issue
|
|
|
|
- Issue 4725 - Fix compiler warnings
|
|
|
|
- Issue 4770 - Lower FIPS logging severity
|
|
|
|
- Issue 4765 - database suffix unexpectdly changed from .db to .db4 (#4766)
|
|
|
|
- Issue 4725 - [RFE] DS - Update the password policy to support a Temporary Password Rules (#4727)
|
|
|
|
- Issue 4747 - Remove unstable/unstatus tests from PRCI (#4748)
|
|
|
|
- Issue 4759 - Fix coverity issue (#4760)
|
|
|
|
- Issue 4169 - UI - Migrate Buttons to PF4 (#4745)
|
|
|
|
- Issue 4714 - dscontainer fails with rootless podman
|
|
|
|
- Issue 4750 - Fix compiler warning in retrocl (#4751)
|
|
|
|
- Issue 4742 - UI - should always use LDAPI path when calling CLI
|
|
|
|
- Issue 4169 - UI - Migrate Server, Security, and Schema tables to PF4
|
|
|
|
- Issue 4667 - incorrect accounting of readers in vattr rwlock (#4732)
|
|
|
|
- Issue 4701 - RFE - Exclude attributes from retro changelog (#4723)
|
|
|
|
- Issue 4740 - Fix CI lib389 userPwdPolicy and subtreePwdPolicy (#4741)
|
|
|
|
- Issue 4711 - SECURITY FIX - SIGSEV with sync_repl (#4738)
|
|
|
|
- Issue 4734 - import of entry with no parent warning (#4735)
|
|
|
|
- Issue 4729 - GitHub Actions fails to run pytest tests
|
|
|
|
- Issue 4656 - Remove problematic language from source code
|
|
|
|
- Issue 4632 - dscontainer: SyntaxWarning: "is" with a literal.
|
|
|
|
- Issue 4169 - UI - migrate replication tables to PF4
|
|
|
|
- Issue 4637 - ndn cache leak (#4724)
|
|
|
|
- Issue 4577 - Fix ASAN flags in specfile
|
|
|
|
- Issue 4169 - UI - PF4 migration - database tables
|
|
|
|
- issue 4653 - refactor ldbm backend to allow replacement of BDB - phase 3e - dbscan (#4709)
|
|
|
|
|
2021-05-24 15:42:49 +00:00
|
|
|
* Mon May 24 2021 Simon Pichugin <spichugi@redhat.com> - 2.0.3-4
|
|
|
|
- Initial support for OpenSSL 3.0.0-alpha16
|
|
|
|
|
2021-04-15 21:51:42 +00:00
|
|
|
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 2.0.3-3.1
|
|
|
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
|
|
|
|
2021-03-04 12:30:20 +00:00
|
|
|
* Fri Feb 26 2021 Alexander Bokovoy <abokovoy@redhat.com> - 2.0.3-3
|
|
|
|
- Remove a revert of the fix for Issue 4609 - CVE - info disclosure when authenticating(breaks Dogtag)
|
|
|
|
- Dogtag has fixed own code that failed in the presence of the fix for Issue 4609
|
|
|
|
|
2021-02-19 18:36:36 +00:00
|
|
|
* Fri Feb 19 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.3-2
|
|
|
|
- Bump version to 2.0.3-2
|
|
|
|
- Revert Issue 4609 - CVE - info disclosure when authenticating(breaks DogTag)
|
|
|
|
|
2021-02-12 21:45:36 +00:00
|
|
|
* Fri Feb 12 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.3-1
|
|
|
|
- Bump version to 2.0.3
|
|
|
|
- Issue 4619 - remove pytest requirement from lib389
|
|
|
|
- Issue 4615 - log message when psearch first exceeds max threads per conn
|
|
|
|
- Issue 4469 - Backend redesing phase 3a - implement dbimpl API and use it in back-ldbm (#4618)
|
|
|
|
- Issue 4324 - Some architectures the cache line size file does not exist
|
|
|
|
- Issue 4593 - RFE - Print help when nsSSLPersonalitySSL is not found (#4614)
|
|
|
|
- Issue 4469 - Backend redesign phase 3a - bdb dependency removal from back-ldbm
|
|
|
|
- PR 4564 - Update dscontainer
|
|
|
|
- Issue 4149 - UI - port TreeView and opther components to PF4
|
|
|
|
- Issue 4577 - Add GitHub actions
|
|
|
|
- Issue 4591 - RFE - improve openldap_to_ds help and features (#4607)
|
|
|
|
- issue 4612 - Fix pytest fourwaymmr_test for non root user (#4613)
|
|
|
|
- Issue 4609 - CVE - info disclosure when authenticating
|
|
|
|
- Issue 4348 - Add tests for dsidm
|
|
|
|
- Issue 4571 - Stale libdb-utils dependency
|
|
|
|
- Issue 4600 - performance modify rate: reduce lock contention on the object extension factory (#4601)
|
|
|
|
- Issue 4577 - Add GitHub actions
|
|
|
|
- Issue 4588 - BUG - unable to compile without xcrypt (#4589)
|
|
|
|
- Issue 4579 - libasan detects heap-use-after-free in URP test (#4584)
|
|
|
|
- Issue 4581 - A failed re-indexing leaves the database in broken state (#4582)
|
|
|
|
- Issue 4348 - Add tests for dsidm
|
|
|
|
- Issue 4577 - Add GitHub actions
|
|
|
|
- Issue 4563 - Failure on s390x: 'Fails to split RDN "o=pki-tomcat-CA" into components' (#4573)
|
|
|
|
- Issue 4093 - fix compiler warnings and update doxygen
|
|
|
|
- Issue 4575 - Update test docstrings metadata
|
|
|
|
- Issue 4526 - sync_repl: when completing an operation in the pending list, it can select the wrong operation (#4553)
|
|
|
|
- Issue 4324 - Performance search rate: change entry cache monitor to recursive pthread mutex (#4569)
|
|
|
|
- Issue 4513 - Add DS version check to SSL version test (#4570)
|
|
|
|
- Issue 5442 - Search results are different between RHDS10 and RHDS11
|
|
|
|
- Issue 4396 - Minor memory leak in backend (#4558)
|
|
|
|
- Issue 4513 - Fix replication CI test failures (#4557)
|
|
|
|
- Issue 4513 - Fix replication CI test failures (#4557)
|
|
|
|
- Issue 4153 - Added a CI test (#4556)
|
|
|
|
- Issue 4506 - BUG - fix oob alloc for fds (#4555)
|
|
|
|
- Issue 4548 - CLI - dsconf needs better root DN access control plugin validation
|
|
|
|
- Issue 4506 - Temporary fix for io issues (#4516)
|
|
|
|
- Issue 4535 - lib389 - Fix log function in backends.py
|
|
|
|
- Issue 4534 - libasan read buffer overflow in filtercmp (#4541)
|
|
|
|
- Issue 4544 - Compiler warnings on krb5 functions (#4545)
|
|
|
|
- Update rpm.mk for RUST tarballs
|
|
|
|
|
2021-02-09 16:36:41 +00:00
|
|
|
* Mon Jan 25 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.2-1.1
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
|
|
|
|
2021-01-14 22:51:44 +00:00
|
|
|
* Thu Jan 14 2021 Mark Reynolds <mreynolds@redhat.com> - 2.0.2-1
|
|
|
|
- Bump version to 2.0.2
|
|
|
|
- Issue 4539 - BUG - no such file if no overlays in openldap during migration (#4540)
|
|
|
|
- Issue 4528 - Fix cn=monitor SCOPE_ONE search (#4529)
|
|
|
|
- Issue 4535 - lib389 - healthcheck throws exception if backend is not replicated
|
|
|
|
- Issue 4537 - Use KRB5_CLIENT_KTNAME for client keytabs (#4523)
|
|
|
|
- Issue 4513 - CI Tests - fix test failures
|
|
|
|
- Issue 4504 - insure that repl_monitor_test use ldapi (for RHEL) - fix merge issue (#4533)
|
|
|
|
- Issue 4315 - performance search rate: nagle triggers high rate of setsocketopt
|
|
|
|
- Issue 4504 - pytest test_dsconf_replication_monitor fails on RHEL - Fix merging issue (#4530)
|
|
|
|
- Issue 4504 - Insure ldapi is enabled in repl_monitor_test.py (Needed on RHEL) (#4527)
|
|
|
|
- Issue 4506 - BUG - Fix bounds on fd table population (#4520)
|
|
|
|
- Issue 4521 - DS crash in deref plugin if dereferenced entry exists but is not returned by internal search (#4525)
|
|
|
|
- Issue 4219 - Log internal unindexed searches (notes=A)
|
|
|
|
- Issue 4384 - Separate eventq into REALTIME and MONOTONIC
|
|
|
|
- Issue 4381 - RFE - LDAPI authentication DN rewritter
|
|
|
|
- Issue 4513 - Fix schema test and lib389 task module (#4514)
|
|
|
|
- Issue 4414 - disk monitoring - prevent division by zero crash
|
|
|
|
- Issue 4517 - BUG: Multiple systemd pin warnings (#4518)
|
|
|
|
- Issue 4507 - Improve csngen testing task (#4508)
|
|
|
|
- Issue 4498 - BUG - entryuuid replication may not work (#4503)
|
|
|
|
- Issue 4480 - Unexpected info returned to ldap request (#4491)
|
|
|
|
- Issue 4504 - Fix pytest test_dsconf_replication_monitor (#4505)
|
|
|
|
- Issue 4373 - BUG - one line cleanup, free results in mt if ent 0 (#4502)
|
|
|
|
- Issue 4500 - Add cockpit enabling to dsctl
|
|
|
|
- Issue 4272 - RFE - add support for gost-yescrypt for hashing passwords (#4497)
|
|
|
|
- Issue 1795 - RFE - Enable logging for libldap and libber in error log (#4481)
|
|
|
|
- Issue 3522 - Remove DES to AES conversion code
|
|
|
|
- Issue 4492 - Changelog cache can upload updates from a wrong starting point (CSN) (#4493)
|
|
|
|
- Issue 4373 - BUG - calloc of size 0 in MT build (#4496)
|
|
|
|
- Issue 4483 - heap-use-after-free in slapi_be_getsuffix
|
|
|
|
- Issue 4486 - Remove random ldif file generation from import test (#4487)
|
|
|
|
- Issue 4224 - cleanup specfile after libsds removal
|
|
|
|
- Issue 4421 - Unable to build with Rust enabled in closed environment
|
|
|
|
- Issue 4489 - Remove return statement from a void function (#4490)
|
|
|
|
- Issue 4229 - RFE - Improve rust linking and build performance (#4474)
|
|
|
|
- Issue 4224 - openldap can become confused with entryuuid
|
|
|
|
- Issue 4313 - improve tests and improve readme re refdel
|
|
|
|
- Issue 4313 - fix potential syncrepl data corruption
|
|
|
|
- Issue 4419 - Warn users of skipped entries during ldif2db online import (#4476)
|
|
|
|
- Issue 4243 - Fix test (4th): SyncRepl plugin provides a wrong (#4475)
|
|
|
|
- Issue 4315 - performance search rate: nagle triggers high rate of setsocketopt (#4437)
|
|
|
|
- Issue 4460 - BUG - add machine name to subject alt names in SSCA (#4472)
|
|
|
|
- Issue 4446 - RFE - openldap password hashers
|
|
|
|
- Issue 4284 - dsidm fails to delete an organizationalUnit entry
|
|
|
|
- Issue 4243 - Fix test: SyncRepl plugin provides a wrong cookie (#4466) (#4466)
|
|
|
|
- Issue 4464 - RFE - clang with ds+asan+rust
|
|
|
|
- Issue 4105 - Remove python.six (fix regression)
|
|
|
|
- Issue 4384 - Use MONOTONIC clock for all timing events and conditions
|
|
|
|
- Issue 4418 - ldif2db - offline. Warn the user of skipped entries
|
|
|
|
- Issue 4243 - Fix test: SyncRepl plugin provides a wrong cookie (#4467)
|
|
|
|
- Issue 4460 - BUG - lib389 should use system tls policy
|
|
|
|
- Issue 3657 - Add options to dsctl for dsrc file
|
|
|
|
- Issue 4454 - RFE - fix version numbers to allow object caching
|
|
|
|
- Issue 3986 - UI - Handle objectclasses that do not have X-ORIGIN set
|
|
|
|
- Issue 4297 - 2nd fix for on ADD replication URP issue internal searches with filter containing unescaped chars (#4439)
|
|
|
|
- Issue 4112 - Added a CI test (#4441)
|
|
|
|
- Issue 4449 - dsconf replication monitor fails to retrieve database RUV - consumer (Unavailable) (#4451)
|
|
|
|
- Issue 4105 - Remove python.six from lib389 (#4456)
|
|
|
|
- Issue 4440 - BUG - ldifgen with --start-idx option fails with unsupported operand (#4444)
|
|
|
|
- Issue 4410 - RFE - ndn cache with arc in rust
|
|
|
|
- Issue 4373 - BUG - Mapping Tree nodes can be created that are invalid
|
|
|
|
- Issue 4428 - BUG Paged Results with critical false causes sigsegv in chaining
|
|
|
|
- Issue 4428 - Paged Results with Chaining Test Case
|
|
|
|
- Issue 2054 - do not add referrals for masters with different data generation
|
|
|
|
- Issue 4383 - Do not normalize escaped spaces in a DN
|
|
|
|
- Issue 4432 - After a failed online import the next imports are very slow
|
|
|
|
- Issue 4316 - performance search rate: useless poll on network send callback (#4424)
|
|
|
|
- Issue 4281 - dsidm user status fails with Error: 'nsUserAccount' object has no attribute 'is_locked'
|
|
|
|
- Issue 4429 - NULL dereference in revert_cache()
|
|
|
|
- Issue 4412 - Fix CLI repl-agmt requirement for parameters (#4422)
|
|
|
|
- Issue 4407 - RFE - remove http client and presence plugin (#4409)
|
|
|
|
- Issue 4398 - build problems at alpine linux
|
|
|
|
- Issue 4415 - unable to query schema if there are extra parenthesis
|
|
|
|
|
2020-11-03 20:48:02 +00:00
|
|
|
* Thu Oct 29 2020 Mark Reynolds <mreynolds@redhat.com> - 2.0.1-1
|
|
|
|
- Bump version to 2.0.1
|
|
|
|
- Issue 4420 - change NVR to use X.X.X instead of X.X.X.X
|
|
|
|
- Issue 4391 - DSE config modify does not call be_postop (#4394)
|
|
|
|
- Issue 4218 - Verify the new wtime and optime access log keywords (#4397)
|
|
|
|
- Issue 4176 - CL trimming causes high CPU
|
|
|
|
- Issue 2058 - Add keep alive entry after on-line initialization - second version (#4399)
|
|
|
|
- Issue 4403 - RFE - OpenLDAP pw hash migration tests (#4408)
|
|
|
|
|
2020-10-30 01:30:32 +00:00
|
|
|
* Wed Oct 28 2020 Mark Reynolds <mreynolds@redhat.com> - 1.4.5.0-1
|
|
|
|
- Bump version to 1.4.5.0
|
|
|
|
- Issue 4262 - more perl removal cleanup
|
|
|
|
- Issue 2526 - retrocl backend created out of order
|
|
|
|
|
2020-10-27 18:04:15 +00:00
|
|
|
* Mon Oct 26 2020 Mark Reynolds <mreynolds@redhat.com> - 1.4.4.6-1
|
|
|
|
- Bump version to 1.4.4.6
|
|
|
|
- Issue 4262 - Remove legacy tools subpackage (final cleanup)
|
|
|
|
- Issue 4262 - Remove legacy tools subpackage (restart instances after rpm install)
|
|
|
|
- Issue 4262 - Remove legacy tools subpackage
|
|
|
|
- Issue 2526 - revert API change in slapi_be_getsuffix()
|
|
|
|
- Issue 4363 - Sync repl: per thread structure was incorrectly initialized (#4395)
|
|
|
|
- Issue 4392 - Update create_test.py
|
|
|
|
- Issue 2820 - Fix CI tests (#4365)
|
|
|
|
- Issue 2526 - suffix management in backends incorrect
|
|
|
|
- Issue 4389 - errors log with incorrectly formatted message parent_update_on_childchange
|
|
|
|
- Issue 4295 - Fix a closing quote issue (#4386)
|
|
|
|
- Issue 1199 - Misleading message in access log for idle timeout (#4385)
|
|
|
|
- Issue 3600 - RFE - openldap migration tooling (#4318)
|
|
|
|
- Issue 4176 - import ldif2cl task should not close all changelogs
|
|
|
|
- Issue 4159 - Healthcheck code DSBLE0002 not returned on disabled suffix
|
|
|
|
- Issue 4379 - allow more than 1 empty AttributeDescription for ldapsearch, without the risk of denial of service (#4380)
|
|
|
|
- Issue 4329 - Sync repl - if a serie of updates target the same entry then the cookie get wrong changenumber (#4356)
|
|
|
|
- Issue 3555 - Fix npm audit issues (#4370)
|
|
|
|
- Issue 4372 - BUG - Chaining DB did not validate bind mech parameters (#4374)
|
|
|
|
- Issue 4334 - RFE - Task timeout may cause larger dataset imports to fail (#4359)
|
|
|
|
- Issue 4361 - RFE - add - dscreate --advanced flag to avoid user confusion
|
|
|
|
- Issue 4368 - ds-replcheck crashes when processing glue entries
|
|
|
|
- Issue 4366 - lib389 - Fix account status inactivity checks
|
|
|
|
- Issue 4265 - UI - Make the secondary plugins read-only (#4364)
|
|
|
|
- Issue 4360 - password policy max sequence sets is not working as expected
|
|
|
|
- Issue 4348 - Add tests for dsidm
|
|
|
|
- Issue 4350 - One line, fix invalid type error in tls_cacertdir check (#4358)
|
|
|
|
|