- Upgrade to 2.3.19, which upstream now considers stable

- Modify the -config.patch, ldap.init, and this spec file to put the
  pid file and args file in an ldap-owned openldap subdirectory under
  /var/run.
- Move back_sql* out of %{_sbindir}/openldap , which requires
  hand-moving slapd and slurpd to _sbindir, and recreating symlinks
  by hand.
- Retire openldap-2.3.11-ads.patch, which went upstream.
- Update the ldap.init script to run slaptest as the ldap user rather
  than as root.  This solves
  bz#150172 Startup failure after database problem
- Add to the servers post and preun scriptlets so that on preun, the
  database is slapcatted to /var/lib/ldap/upgrade.ldif and the
  database files are saved to /var/lib/ldap/rpmorig.  On post, if
  /var/lib/ldap/upgrade.ldif exists, it is slapadded.  This means that
  on upgrades from 2.3.16-2 to higher versions, the database files may
  be automatically upgraded.  Unfortunatly, because of the changes to
  the preun scriptlet, users have to do the slapcat, etc by hand when
  upgrading to 2.3.16-2.  Also note that the /var/lib/ldap/rpmorig
  files need to be removed by hand because automatically removing your
  emergency fallback files is a bad idea.
- Upgrade internal bdb to db-4.4.20.  For a clean upgrade, this will
  require that users slapcat their databases into a temp file, move
  /var/lib/ldap someplace safe, upgrade the openldap rpms, then
  slapadd the temp file.
This commit is contained in:
fenlason 2006-01-31 21:47:36 +00:00
parent da14c392c0
commit d8aedf8bed
5 changed files with 94 additions and 24 deletions

View File

@ -1,4 +1,6 @@
openldap-2.2.29.tgz openldap-2.2.29.tgz
openldap-2.3.11.tgz
MigrationTools-46.tar.gz MigrationTools-46.tar.gz
openldap-2.3.16.tgz openldap-2.3.19.tgz
db-4.4.20.tar.gz
autoconf-2.13.1.tar.gz
automake-1.4a.tar.gz

View File

@ -8,7 +8,7 @@
# for implementing the industry standard directory services. # for implementing the industry standard directory services.
# processname: slapd # processname: slapd
# config: /etc/openldap/slapd.conf # config: /etc/openldap/slapd.conf
# pidfile: /var/run/slapd.pid # pidfile: /var/run/openldap/slapd.pid
# Source function library. # Source function library.
. /etc/init.d/functions . /etc/init.d/functions
@ -121,8 +121,8 @@ function configtest() {
fi fi
done done
# Check the configuration file. # Check the configuration file.
if ! action $"Checking configuration files for $prog: " $slaptest $slaptestflags ; then if ! action $"Checking configuration files for $prog: " /sbin/runuser -f -m -s /bin/sh -c "$slaptest $slaptestflags" -- "$user" ; then
if $slaptest -u > /dev/null 2> /dev/null ; then if /sbin/runuser -f -m -s /bin/sh -c "$slaptest -u" -- "$user" > /dev/null 2> /dev/null ; then
dirs=`LANG=C egrep '^directory[[:space:]]+[[:print:]]+$' /etc/openldap/slapd.conf | awk '{print $2}'` dirs=`LANG=C egrep '^directory[[:space:]]+[[:print:]]+$' /etc/openldap/slapd.conf | awk '{print $2}'`
for directory in $dirs ; do for directory in $dirs ; do
if test -r $directory/__db.001 ; then if test -r $directory/__db.001 ; then

View File

@ -1,6 +1,6 @@
--- openldap-2.2.13/servers/slapd/slapd.conf 2003-12-29 13:10:40.000000000 -0500 --- openldap-2.3.17/servers/slapd/slapd.conf.config 2004-06-17 22:49:08.000000000 -0400
+++ openldap-2.2.13/servers/slapd/slapd.conf 2004-06-15 11:44:23.000000000 -0400 +++ openldap-2.3.17/servers/slapd/slapd.conf 2006-01-12 15:33:04.000000000 -0500
@@ -3,8 +3,12 @@ @@ -3,15 +3,19 @@
# This file should NOT be world readable. # This file should NOT be world readable.
# #
include %SYSCONFDIR%/schema/core.schema include %SYSCONFDIR%/schema/core.schema
@ -14,6 +14,15 @@
# Do not enable referrals until AFTER you have a working directory # Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals. # service AND an understanding of referrals.
#referral ldap://root.openldap.org
-pidfile %LOCALSTATEDIR%/run/slapd.pid
-argsfile %LOCALSTATEDIR%/run/slapd.args
+pidfile %LOCALSTATEDIR%/run/openldap/slapd.pid
+argsfile %LOCALSTATEDIR%/run/openldap/slapd.args
# Load dynamic backend modules:
# modulepath %MODULEDIR%
@@ -21,6 +25,15 @@ @@ -21,6 +25,15 @@
# moduleload back_passwd.la # moduleload back_passwd.la
# moduleload back_shell.la # moduleload back_shell.la
@ -53,10 +62,10 @@
# should only be accessible by the slapd and slap tools. # should only be accessible by the slapd and slap tools.
# Mode 700 recommended. # Mode 700 recommended.
-directory %LOCALSTATEDIR%/openldap-data -directory %LOCALSTATEDIR%/openldap-data
+directory /var/lib/ldap
+
-# Indices to maintain -# Indices to maintain
-index objectClass eq -index objectClass eq
+directory /var/lib/ldap
+
+# Indices to maintain for this database +# Indices to maintain for this database
+index objectClass eq,pres +index objectClass eq,pres
+index ou,cn,mail,surname,givenname eq,pres,sub +index ou,cn,mail,surname,givenname eq,pres,sub

View File

@ -1,8 +1,8 @@
%define migtools_version 46 %define migtools_version 46
%define db_version 4.3.27 %define db_version 4.4.20
%define ldbm_backend berkeley %define ldbm_backend berkeley
%define version_22 2.2.29 %define version_22 2.2.29
%define version_23 2.3.16 %define version_23 2.3.19
%define evolution_connector_prefix %{_libdir}/evolution-openldap %define evolution_connector_prefix %{_libdir}/evolution-openldap
%define evolution_connector_includedir %{evolution_connector_prefix}/include %define evolution_connector_includedir %{evolution_connector_prefix}/include
%define evolution_connector_libdir %{evolution_connector_prefix}/%{_lib} %define evolution_connector_libdir %{evolution_connector_prefix}/%{_lib}
@ -29,6 +29,7 @@ Source9: README.upgrading
Source10: http://www.OpenLDAP.org/doc/admin/guide.html Source10: http://www.OpenLDAP.org/doc/admin/guide.html
Source11: nptl-abi-note.S Source11: nptl-abi-note.S
Source12: README.evolution Source12: README.evolution
# Patches that are still valid for 2.3 # Patches that are still valid for 2.3
Patch0: openldap-2.3.11-config.patch Patch0: openldap-2.3.11-config.patch
Patch1: openldap-1.2.11-cldap.patch Patch1: openldap-1.2.11-cldap.patch
@ -37,13 +38,17 @@ Patch3: openldap-2.2.13-setugid.patch
Patch4: openldap-2.2.13-pie.patch Patch4: openldap-2.2.13-pie.patch
Patch5: openldap-2.3.11-toollinks.patch Patch5: openldap-2.3.11-toollinks.patch
Patch6: openldap-2.3.11-nosql.patch Patch6: openldap-2.3.11-nosql.patch
Patch7: openldap-2.3.11-ads.patch #Patch7: openldap-2.3.19-nostrip.patch
# Patches for 2.2.29 for the compat-openldap package. # Patches for 2.2.29 for the compat-openldap package.
Patch100: openldap-2.2.13-tls-fix-connection-test.patch Patch100: openldap-2.2.13-tls-fix-connection-test.patch
Patch101: openldap-2.2.23-resolv.patch Patch101: openldap-2.2.23-resolv.patch
Patch102: openldap-2.2.29-ads.patch Patch102: openldap-2.2.29-ads.patch
# patch for the evolution library #Patch103: openldap-2.2.29-nostrip.patch
# Patches for the evolution library
Patch200: openldap-ntlm.diff Patch200: openldap-ntlm.diff
# Patches for the MigrationTools package # Patches for the MigrationTools package
Patch300: MigrationTools-38-instdir.patch Patch300: MigrationTools-38-instdir.patch
Patch301: MigrationTools-36-mktemp.patch Patch301: MigrationTools-36-mktemp.patch
@ -52,6 +57,7 @@ Patch303: MigrationTools-26-suffix.patch
Patch304: MigrationTools-46-schema.patch Patch304: MigrationTools-46-schema.patch
Patch305: MigrationTools-45-noaliases.patch Patch305: MigrationTools-45-noaliases.patch
URL: http://www.openldap.org/ URL: http://www.openldap.org/
BuildRoot: %{_tmppath}/%{name}-%{version_23}-root BuildRoot: %{_tmppath}/%{name}-%{version_23}-root
BuildPreReq: cyrus-sasl-devel >= 2.1, gdbm-devel, libtool >= 1.5.6-2, krb5-devel BuildPreReq: cyrus-sasl-devel >= 2.1, gdbm-devel, libtool >= 1.5.6-2, krb5-devel
@ -157,7 +163,7 @@ pushd openldap-%{version_23}
%patch4 -p1 -b .pie %patch4 -p1 -b .pie
%patch5 -p1 -b .toollinks %patch5 -p1 -b .toollinks
%patch6 -p1 -b .nosql %patch6 -p1 -b .nosql
%patch7 -p1 -b .ads #%patch7 -p1 -b .nostrip
cp %{_datadir}/libtool/config.{sub,guess} build/ cp %{_datadir}/libtool/config.{sub,guess} build/
popd popd
@ -196,6 +202,7 @@ pushd openldap-%{version_22}
%patch100 -p1 -b .resolv %patch100 -p1 -b .resolv
%patch101 -p1 -b .CAN-2005-2069 %patch101 -p1 -b .CAN-2005-2069
%patch102 -p1 -b .ads %patch102 -p1 -b .ads
#%patch103 -p1 -b .nostrip
for subdir in build-servers build-compat ; do for subdir in build-servers build-compat ; do
mkdir $subdir mkdir $subdir
ln -s ../configure $subdir ln -s ../configure $subdir
@ -324,7 +331,7 @@ build() {
--enable-modules \ --enable-modules \
--disable-sql \ --disable-sql \
\ \
--libexecdir=%{_sbindir} \ --libexecdir=%{_libdir} \
$@ $@
make %{_smp_mflags} LIBTOOL="$libtool" make %{_smp_mflags} LIBTOOL="$libtool"
} }
@ -469,6 +476,8 @@ cp $RPM_SOURCE_DIR/migration-tools.txt TOOLS.migration
# Create the data directory. # Create the data directory.
mkdir -p $RPM_BUILD_ROOT/var/lib/ldap mkdir -p $RPM_BUILD_ROOT/var/lib/ldap
# Create the new run directory
mkdir -p $RPM_BUILD_ROOT/var/run/openldap
# Hack the build root out of the default config files. # Hack the build root out of the default config files.
perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/*.conf perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/*.conf
@ -490,6 +499,12 @@ install -m644 \
$RPM_SOURCE_DIR/autofs.schema \ $RPM_SOURCE_DIR/autofs.schema \
$RPM_BUILD_ROOT%{_sysconfdir}/openldap/schema/redhat/ $RPM_BUILD_ROOT%{_sysconfdir}/openldap/schema/redhat/
# Move slapd and slurpd out of _libdir
mv $RPM_BUILD_ROOT/%{_libdir}/sl{apd,urpd} $RPM_BUILD_ROOT/%{_sbindir}/
rm -f $RPM_BUILD_ROOT/%{_sbindir}/slap{acl,add,auth,cat,dn,index,passwd,test}
rm -f $RPM_BUILD_ROOT/%{_libdir}/slap{acl,add,auth,cat,dn,index,passwd,test}
for X in acl add auth cat dn index passwd test; do ln -s slapd $RPM_BUILD_ROOT/%{_sbindir}/slap$X ; done
# Tweak permissions on the libraries to make sure they're correct. # Tweak permissions on the libraries to make sure they're correct.
chmod 755 $RPM_BUILD_ROOT/%{_libdir}/lib*.so* chmod 755 $RPM_BUILD_ROOT/%{_libdir}/lib*.so*
chmod 644 $RPM_BUILD_ROOT/%{_libdir}/lib*.*a chmod 644 $RPM_BUILD_ROOT/%{_libdir}/lib*.*a
@ -499,8 +514,8 @@ rm -f $RPM_BUILD_ROOT/%{_datadir}/openldap/migration/*.{instdir,simple,schema,mk
rm -f $RPM_BUILD_ROOT/%{_libdir}/*.la rm -f $RPM_BUILD_ROOT/%{_libdir}/*.la
rm -f $RPM_BUILD_ROOT/%{evolution_connector_libdir}/*.la rm -f $RPM_BUILD_ROOT/%{evolution_connector_libdir}/*.la
rm -f $RPM_BUILD_ROOT/%{evolution_connector_libdir}/*.so* rm -f $RPM_BUILD_ROOT/%{evolution_connector_libdir}/*.so*
rm -f $RPM_BUILD_ROOT/%{_sbindir}/openldap/*.a rm -f $RPM_BUILD_ROOT/%{_libdir}/openldap/*.a
rm -f $RPM_BUILD_ROOT/%{_sbindir}/openldap/*.so rm -f $RPM_BUILD_ROOT/%{_libdir}/openldap/*.so
rm -f $RPM_BUILD_ROOT/var/openldap-data/DB_CONFIG.example rm -f $RPM_BUILD_ROOT/var/openldap-data/DB_CONFIG.example
rmdir $RPM_BUILD_ROOT/var/openldap-slurp $RPM_BUILD_ROOT/var/openldap-data rmdir $RPM_BUILD_ROOT/var/openldap-slurp $RPM_BUILD_ROOT/var/openldap-data
@ -528,6 +543,12 @@ fi
%post servers %post servers
/sbin/ldconfig /sbin/ldconfig
/sbin/chkconfig --add ldap /sbin/chkconfig --add ldap
# If there's a /var/lib/ldap/upgrade.ldif file, slapadd it and delete it.
# It was created by the uninstall of the previous version.
if [ -f /var/lib/ldap/upgrade.ldif ] ; then
/sbin/runuser -f -m -s /bin/sh -c "/usr/sbin/slapadd" -- "ldap" < /var/lib/ldap/upgrade.ldif
rm /var/lib/ldap/upgrade.ldif
fi
exec > /dev/null 2> /dev/null exec > /dev/null 2> /dev/null
if [ ! -f %{_sysconfdir}/pki/tls/certs/slapd.pem ] ; then if [ ! -f %{_sysconfdir}/pki/tls/certs/slapd.pem ] ; then
pushd %{_sysconfdir}/pki/tls/certs pushd %{_sysconfdir}/pki/tls/certs
@ -552,6 +573,17 @@ if [ "$1" = "0" ] ; then
/sbin/service ldap stop > /dev/null 2>&1 || : /sbin/service ldap stop > /dev/null 2>&1 || :
/sbin/chkconfig --del ldap /sbin/chkconfig --del ldap
fi fi
# Save an ldif of the database where the "% post servers" scriptlet can
# restore it. Also save the database files to a "rpmorig" directory
# Just In Case (TM)
if slapcat -l /dev/null > /dev/null 2>&1 ; then
/sbin/service ldap stop > /dev/null 2>&1 || :
/usr/sbin/slapcat -l /var/lib/ldap/upgrade.ldif
rm -fr /var/lib/ldap/rpmorig > /dev/null 2>&1 || :
mkdir /var/lib/ldap/rpmorig
mv /var/lib/ldap/{alock,*.bdb,__db.*,log.*} /var/lib/ldap/rpmorig > /dev/null 2>&1 || :
cp -f /var/lib/ldap/DB_CONFIG /var/lib/ldap/rpmorig > /dev/null 2>&1 || :
fi
%postun servers %postun servers
/sbin/ldconfig /sbin/ldconfig
@ -613,6 +645,7 @@ fi
%attr(0755,root,root) %dir %{_datadir}/openldap/ucdata %attr(0755,root,root) %dir %{_datadir}/openldap/ucdata
%attr(0644,root,root) %dir %{_datadir}/openldap/ucdata/* %attr(0644,root,root) %dir %{_datadir}/openldap/ucdata/*
%attr(0700,ldap,ldap) %dir /var/lib/ldap %attr(0700,ldap,ldap) %dir /var/lib/ldap
%attr(0755,ldap,ldap) %dir /var/run/openldap
%attr(0755,root,root) %{_libdir}/libslapd_db-*.*.so %attr(0755,root,root) %{_libdir}/libslapd_db-*.*.so
%ifarch %{nptl_arches} %ifarch %{nptl_arches}
%ifnarch %{ix86} %ifnarch %{ix86}
@ -627,8 +660,9 @@ fi
%defattr(-,root,root) %defattr(-,root,root)
%doc openldap-%{version_23}/servers/slapd/back-sql/docs/* %doc openldap-%{version_23}/servers/slapd/back-sql/docs/*
%doc openldap-%{version_23}/servers/slapd/back-sql/rdbms_depend %doc openldap-%{version_23}/servers/slapd/back-sql/rdbms_depend
%attr(0755,root,root) %{_sbindir}/openldap/back_sql.la %attr(0755,root,root) %{_libdir}/openldap
%attr(0755,root,root) %{_sbindir}/openldap/back_sql*.so.* %attr(0755,root,root) %{_libdir}/openldap/back_sql.la
%attr(0755,root,root) %{_libdir}/openldap/back_sql*.so.*
%files clients %files clients
%defattr(-,root,root) %defattr(-,root,root)
@ -650,8 +684,33 @@ fi
%attr(0644,root,root) %{evolution_connector_libdir}/*.a %attr(0644,root,root) %{evolution_connector_libdir}/*.a
%changelog %changelog
* Tue Jan 10 2006 Jay Fenlason <fenlason@redhat.com> 2.3.16-2 * Tue Jan 10 2006 Jay Fenlason <fenlason@redhat.com> 2.3.19-2
- Upgrade to 2.3.16, which upstream will consider stable soon - Upgrade to 2.3.19, which upstream now considers stable
- Modify the -config.patch, ldap.init, and this spec file to put the
pid file and args file in an ldap-owned openldap subdirectory under
/var/run.
- Move back_sql* out of %{_sbindir}/openldap , which requires
hand-moving slapd and slurpd to _sbindir, and recreating symlinks
by hand.
- Retire openldap-2.3.11-ads.patch, which went upstream.
- Update the ldap.init script to run slaptest as the ldap user rather
than as root. This solves
bz#150172 Startup failure after database problem
- Add to the servers post and preun scriptlets so that on preun, the
database is slapcatted to /var/lib/ldap/upgrade.ldif and the
database files are saved to /var/lib/ldap/rpmorig. On post, if
/var/lib/ldap/upgrade.ldif exists, it is slapadded. This means that
on upgrades from 2.3.16-2 to higher versions, the database files may
be automatically upgraded. Unfortunatly, because of the changes to
the preun scriptlet, users have to do the slapcat, etc by hand when
upgrading to 2.3.16-2. Also note that the /var/lib/ldap/rpmorig
files need to be removed by hand because automatically removing your
emergency fallback files is a bad idea.
- Upgrade internal bdb to db-4.4.20. For a clean upgrade, this will
require that users slapcat their databases into a temp file, move
/var/lib/ldap someplace safe, upgrade the openldap rpms, then
slapadd the temp file.
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com> * Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt - rebuilt

View File

@ -1,6 +1,6 @@
5a9e617c1d5339d3c90c545c93e30949 autoconf-2.13.1.tar.gz 5a9e617c1d5339d3c90c545c93e30949 autoconf-2.13.1.tar.gz
0faee50993f7e4fe00f4b921b640b84d automake-1.4a.tar.gz 0faee50993f7e4fe00f4b921b640b84d automake-1.4a.tar.gz
fcc481d52c3b80e20a328f8c0cb042bd db-4.3.27.tar.gz
6c4c72a1336aa45b463e738034c078d6 openldap-2.2.29.tgz 6c4c72a1336aa45b463e738034c078d6 openldap-2.2.29.tgz
dc80548f76d6aeba2b51b15751e08b21 MigrationTools-46.tar.gz dc80548f76d6aeba2b51b15751e08b21 MigrationTools-46.tar.gz
adb793bea93db1a56840e5c0c7a647f2 openldap-2.3.16.tgz 867ee197df0e4432fa00f2439e6094f6 openldap-2.3.19.tgz
33851f01b455cca48aa601956de93c6f db-4.4.20.tar.gz