rpms/openldap
7
0
Fork 0
Code Issues Pull Requests Releases Activity

removed outdated autofs.schema and old readmes

Browse Source 
resolves: #643045
This commit is contained in:
Jan Vcelak 2010-11-01 10:19:07 +01:00
parent 86a180f019
commit 60cf0d9290
5 changed files with 9 additions and 293 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.migration
View File

@ -1,4 +0,0 @@
As from Fedora 9, MigrationTools are shipped as separate package.
Install "migrationtools" package to get them, e.g.:
yum install migrationtools

68
README.upgrading
View File

@ -1,68 +0,0 @@
Before upgrading from OpenLDAP 2.0 or 2.1 to OpenLDAP 2.2, the system
administrator should dump out the contents of the the directory server's
databases using the 'slapcat' utility included in the openldap-servers package
and save the LDIF files which it produces.
After the upgrade is complete, the data can be re-imported using the 'slapadd'
utility. Some data which was exported from an OpenLDAP 2.0 server may not
import directly into an OpenLDAP 2.2 server. If this happens, check for these
common problems:
* Missing parent entries.
Entries in the directory are no longer allowed to be children of entries
which are not present in the directory. For example, earlier releases
would allow an entry with distinguished name (DN)
"cn=foo,dc=devel,dc=example,dc=com" to be imported into a database for
suffix "dc=example,dc=com" which contained neither an entry for
"dc=devel,dc=example,dc=com" nor an entry for "dc=example,dc=com".
* Deprecated objectclasses and attribute types.
Entries of these classes should be replaced by entries of a different
class.
* the automountMap objectclass
Use the nisMap objectclass instead, replacing these old attributes
with new attributes:
+====================================+
| old attribute new attribute |
|------------------------------------|
| ou nisMapName |
+====================================+
* the automount objectclass
Use the nisObject objectclass instead, replacing these old attributes
with new attributes:
+====================================+
| old attribute new attribute |
|------------------------------------|
| cn cn |
| automountInformation nisMapEntry |
| (no counterpart) nisMapName |
+====================================+
* Missing objectclass definitions.
Some objectclasses are no longer defined because they are no longer used.
Remove the objectclass from the entry's list of objectclasses, and
remove any values for attributes which are unique to that objectclass.
These include:
* the "kerberosSecurityObject" objectclass and the "krbName" attribute
* the "dynamicObject" objectclass
* the "LDAPsubEntry" objectclass
* Missing attribute values.
Some objectclass definitions mark a given attribute as both optional (MAY)
and required (MUST). While such attributes may have been treated as
optional before, they are now treated as required. Some examples:
* the "ipProtocol" object class and its "description" attribute
* the "rpcService" object class and its "description" attribute
* the "oncRpc" object class and its "description" attribute
* the "residentialPerson" object class and its "localityName" attribute
* Structural vs. auxiliary objectclasses.
The set of objectclasses which any entry lists should include exactly one
STRUCTURAL class. This requirement may not have been enforced in previous
releases.
* The entry does not contain its own RDN as an attribute-value pair.
The naming attribute and value used as the entry's relative distinguished
name (RDN) must be explicitly defined for the entry. For example, an
entry named "cn=contrived,dc=example,dc=com" must include "contrived" as a
value for its "cn" attribute.

23
autofs.schema
View File

@ -1,23 +0,0 @@
# Depends upon core.schema and cosine.schema
# OID Base is 1.3.6.1.4.1.2312.4
#
# Attribute types are under 1.3.6.1.4.1.2312.4.1
# Object classes are under 1.3.6.1.4.1.2312.4.2
# Syntaxes are under 1.3.6.1.4.1.2312.4.3
# Attribute Type Definitions
attributetype ( 1.3.6.1.4.1.2312.4.1.2 NAME 'automountInformation'
DESC 'Information used by the autofs automounter'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
objectclass ( 1.3.6.1.4.1.2312.4.2.3 NAME 'automount' SUP top STRUCTURAL
DESC 'An entry in an automounter map'
MUST ( cn $ automountInformation $ objectclass )
MAY ( description ) )
objectclass ( 1.3.6.1.4.1.2312.4.2.2 NAME 'automountMap' SUP top STRUCTURAL
DESC 'An group of related automount objects'
MUST ( ou ) )

179
migration-tools.txt
View File

@ -1,179 +0,0 @@
LDAP Migration Tools
The MigrationTools are a set of Perl scripts for migrating users, groups,
aliases, hosts, netgroups, networks, protocols, RPCs, and services from
existing nameservices (flat files, NIS, and NetInfo) to LDAP. They are
located on a default installation under /usr/share/openldap/migration.
The tools require the ldapadd and ldif2dbm commands, which are distributed
with most LDAP servers derived from the University of Michigan LDAP
distribution. The source code for these is available with OpenLDAP.
Additionally, Netscape provide an implementation of ldapmodify which
subsumes the functionality of ldapadd. If you are using Netscape's Directory
Server, you should set the $NSHOME and $serverId environment variables to
assist the MigrationTools in locating your LDAP database and LDIF tools;
they will use ldapmodify instead of ldapadd.
These tools are freely redistributable according to the license included
with the source files. They may be bundled with LDAP/NIS migration products.
See RFC 2307 for more information on the schema used by these scripts. THIS
SOFTWARE IS PROVIDED "AS IS" WITHOUT EXPRESS OR IMPLIED WARRANTY AND WITHOUT
SUPPORT.
Scripts
* migrate_base.pl creates naming context entries, including
subordinate contexts such as ou=people and ou=devices.
* migrate_aliases.pl migrates aliases in /etc/aliases to entries
conforming to the rfc822MailGroup schema. Organizations who have
deployed LDAP-based messaging solutions, such as Netscape's
Messaging Server, may wish to use a different schema for
representing mail aliases. Ypldapd does not use X.500 groups (such
as groupOfUniqueNames) for mail alias expansion because
flattening an arbitrarily nested group at runtime may be
expensive. (It is possible to write a ypldapd plug-in to support
such a schema, however.)
* migrate_group.pl migrates groups in /etc/group
* migrate_hosts.pl migrates hosts in /etc/hosts
* migrate_networks.pl migrates networks in /etc/networks
* migrate_passwd.pl migrates users in /etc/passwd. Note that if
users are allowed read the userPassword attribute, and your LDAP
server doesn't support authenticating against hashed passwords
then anyone may read the userPassword attribute's value and
authenticate as that user. Modern LDAP servers, such as Netscape
Directory Server, support authenticating against hashed passwords,
so this is not an issue. The OpenLDAP LDAP server also supports
such authentication.
* migrate_protocols.pl migrates protocols in /etc/protocols
* migrate_services.pl migrates services in /etc/services
* migrate_netgroup.pl migrates netgroups in /etc/netgroup
* migrate_netgroup_byuser.pl migrates the netgroup.byuser map. It
requires revnetgroup.
* migrate_netgroup_byhost.pl migrates the netgroup.byhost map. It
requires revnetgroup.
* migrate_rpc.pl migrates RPCs in /etc/rpc
Configuration
The configuration for these Perl scripts is contained at the head of
migrate_common.ph:
Perl variable Description
$DEFAULT_MAIL_DOMAIN The mail domain used for the mail
attribute in migrate_passwd.pl when
extended schema support is enabled. You may
override this with the DEFAULT_MAIL_DOMAIN
environment variable.
$DEFAULT_BASE The naming suffix to use in
entries' distinguished names. If
undefined, this will be constructed by
mapping the mail domain name into a
distinguished name (eg aceindustry.com
becomes dc=aceindustry,dc=com ). You may
override this with the LDAP_BASEDN
environment variable.
$EXTENDED_SCHEMA Enables extended schema support.
This adds the organizationalPerson and
inetOrgPerson object classes, amongst
others, to users migrated by the
migrate_passwd.pl script.
NAMINGCONTEXT Determines the LDAP/X.500 naming context
to use for a migration tool. The dictionary
is keyed by tool (as in migrate_ tool .pl ).
Values are concatenated with $DEFAULT_BASE
by the & getsuffix() subroutine.
The following environment variables control the behavior of the
migration shell scripts:
Environment variable Description
DEFAULT_MAIL_DOMAIN See above
LDAPADD Path the ldapadd executable, for online
migration (if not in the path or
/usr/local/bin or /usr/bin)
LDIF2LDBM Path the ldif2ldbm executable, for offline
migration (if not in the path or
/usr/local/bin or /usr/bin)
PERL Path to the Perl interpreter (if not
/usr/bin or /usr/local/bin)
LDAPHOST Your LDAP server, for online
migration. This is optional; you'll be
prompted if the environment variable is not
set.
LDAP_BASEDN See above ( $DEFAULT_BASE). This is
optional; you'll be prompted if the
environment variable is not set.
LDAP_BINDDN The distinguished name to bind to the
LDAP server as, for online migration. This
is optional; you'll be prompted if the
environment variable is not set.
LDAP_BINDCRED The password to bind to the LDAP server
with, for online migration. This is
optional; you'll be prompted if the
environment variable is not set.
You will probably wish to use a shell script or makefile to automate
population of your LDAP database, either off-lien (with ldif2ldbm) or
on-line (with ldapadd). The migrate_all_*.sh shell scripts do this, but you
may wish to customize their behaviour. The following table explains which
migration scripts to use:
Shell script Existing nameservice LDAP
running?
migrate_all_online.sh /etc flat files Yes
migrate_all_offline.sh /etc flat files No
migrate_all_netinfo_online.sh NetInfo Yes
migrate_all_netinfo_offline.sh NetInfo No
migrate_all_nis_online.sh NIS/YP Yes
migrate_all_nis_offline.sh NIS/YP No
Below are examples of migrate_hosts.pl and migrate_passwd.plbeing used to
migrate hosts and users, respectively:
$ migrate_hosts.pl /etc/hosts
dn: cn=mira.aceindustry.com,ou=devices,dc=aceindustry,dc=com
objectclass: ipHost
objectclass: device
objectclass: top
ipHostNumber: 10.1.70.5
cn: mira
cn: www.aceindustry.com
cn: mira.aceindustry.com
$ migrate_passwd.pl /etc/passwd
dn: cn=Joe Bloggs,ou=people,dc=aceindustry,dc=com
cn: Joe Bloggs
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: account
mail: jbloggs@aceindustry.com
givenname: Joe
sn: Bloggs
uid: jbloggs
userPassword: {crypt}daCXgaxahRNkg
loginShell: /bin/csh
uidNumber: 20
gidNumber: 20
homeDirectory: /home/jbloggs

28
openldap.spec
View File

@ -7,7 +7,7 @@
Name: openldap
Version: 2.4.23
Release: 1%{?dist}
Release: 2%{?dist}
Summary: LDAP support libraries
Group: System Environment/Daemons
License: OpenLDAP
@ -15,11 +15,7 @@ URL: http://www.openldap.org/
Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz
Source1: ldap.init
Source2: ldap.sysconfig
Source3: autofs.schema
Source4: migration-tools.txt
Source5: README.migration
Source6: README.upgrading
Source7: README.evolution
Source3: README.evolution
# patches for 2.4
Patch0: openldap-slapd-conf.patch
@ -47,7 +43,7 @@ BuildRequires: glibc-devel, libtool, libtool-ltdl-devel, groff, perl
BuildRequires: openssl-devel
Obsoletes: compat-openldap < 2.4
# provide ldif2ldbm functionality for migrationtools
# used by migrationtools:
Provides: ldif2ldbm
%description
@ -294,7 +290,7 @@ make install DESTDIR=%{buildroot} \
libdir=%{evolution_connector_libdir} \
LIBTOOL="$libtool" \
STRIP=""
install -m 644 %SOURCE7 \
install -m 644 %SOURCE3 \
%{buildroot}/%{evolution_connector_prefix}/
popd
@ -310,10 +306,6 @@ popd
mkdir -p %{buildroot}%{_sysconfdir}/openldap/cacerts
mkdir -p %{buildroot}%{_sysconfdir}/pki/tls/certs
# install additional documentation
install -m 644 %SOURCE5 README.migration
install -m 644 %SOURCE6 README.upgrading
# setup data and runtime directories
mkdir -p %{buildroot}/var/lib/ldap
mkdir -p %{buildroot}/var/run/openldap
@ -334,11 +326,6 @@ install -m 755 %SOURCE1 %{buildroot}%{_sysconfdir}/rc.d/init.d/slapd
mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
install -m 644 %SOURCE2 %{buildroot}%{_sysconfdir}/sysconfig/ldap
# add some more schema for the sake of migration scripts
install -d -m755 %{buildroot}%{_sysconfdir}/openldap/schema/redhat
install -m644 %SOURCE3 \
%{buildroot}%{_sysconfdir}/openldap/schema/redhat/
# move slapd out of _libdir
mv %{buildroot}/%{_libdir}/slapd %{buildroot}/%{_sbindir}/
@ -603,8 +590,6 @@ exit 0
%files servers
%defattr(-,root,root)
%doc README.upgrading
%doc README.migration
%doc openldap-%{version}/contrib/slapd-modules/smbk5pwd/README.smbk5pwd
%doc openldap-%{version}/doc/guide/admin/*.html
%doc openldap-%{version}/doc/guide/admin/*.png
@ -658,6 +643,11 @@ exit 0
%attr(0644,root,root) %{evolution_connector_libdir}/*.a
%changelog
* Mon Nov 01 2010 Jan Vcelak <jvcelak@redhat.com> 2.4.23-2
- removed outdated autofs.schema (#643045)
- removed outdated README.upgrade
- removed relics of migrationtools
* Fri Aug 27 2010 Jan Vcelak <jvcelak@redhat.com> 2.4.23-1
- rebase to 2.4.23
- embeded db4 library removed