- add new tarball
- add new patches
This commit is contained in:
parent
320e448c4c
commit
f456bc962b
@ -6,3 +6,4 @@ db-4.2.52.tar.gz
|
||||
openldap-2.0.27.tgz
|
||||
openldap-2.1.30.tgz
|
||||
openldap-2.2.13.tgz
|
||||
openldap-2.2.17.tgz
|
||||
|
106
openldap-2.2.15-config.patch
Normal file
106
openldap-2.2.15-config.patch
Normal file
@ -0,0 +1,106 @@
|
||||
Force the default db directory to /var/lib/ldap, default to including
|
||||
nis.schema and its prerequisites, allow LDAPv2 clients, increase the set of
|
||||
indexed attributes for the default database.
|
||||
|
||||
--- openldap-2.2.13/doc/man/man8/slurpd.8 2004-01-01 13:16:27.000000000 -0500
|
||||
+++ openldap-2.2.13/doc/man/man8/slurpd.8 2004-06-15 11:40:04.000000000 -0400
|
||||
@@ -120,7 +120,7 @@
|
||||
temporary files may contain sensitive information.
|
||||
This option allows you to specify the location of these temporary files.
|
||||
The default is
|
||||
-.BR LOCALSTATEDIR/openldap-slurp .
|
||||
+.BR /var/lib/ldap .
|
||||
.TP
|
||||
.BI \-k " srvtab\-file"
|
||||
Specify the location of the kerberos srvtab file which contains keys
|
||||
--- openldap-2.2.13/servers/slapd/slapd.conf 2003-12-29 13:10:40.000000000 -0500
|
||||
+++ openldap-2.2.13/servers/slapd/slapd.conf 2004-06-15 11:44:23.000000000 -0400
|
||||
@@ -3,8 +3,12 @@
|
||||
# This file should NOT be world readable.
|
||||
#
|
||||
include %SYSCONFDIR%/schema/core.schema
|
||||
+include %SYSCONFDIR%/schema/cosine.schema
|
||||
+include %SYSCONFDIR%/schema/inetorgperson.schema
|
||||
+include %SYSCONFDIR%/schema/nis.schema
|
||||
|
||||
-# Define global ACLs to disable default read access.
|
||||
+# Allow LDAPv2 client connections. This is NOT the default.
|
||||
+allow bind_v2
|
||||
|
||||
# Do not enable referrals until AFTER you have a working directory
|
||||
# service AND an understanding of referrals.
|
||||
@@ -21,6 +25,15 @@
|
||||
# moduleload back_passwd.la
|
||||
# moduleload back_shell.la
|
||||
|
||||
+# The next three lines allow use of TLS for encrypting connections using a
|
||||
+# dummy test certificate which you can generate by changing to
|
||||
+# /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions on
|
||||
+# slapd.pem so that the ldap user or group can read it. Your client software
|
||||
+# may balk at self-signed certificates, however.
|
||||
+# TLSCACertificateFile /usr/share/ssl/certs/ca-bundle.crt
|
||||
+# TLSCertificateFile /usr/share/ssl/certs/slapd.pem
|
||||
+# TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
|
||||
+
|
||||
# Sample security restrictions
|
||||
# Require integrity protection (prevent hijacking)
|
||||
# Require 112-bit (3DES or better) encryption for updates
|
||||
@@ -49,19 +62,32 @@
|
||||
# rootdn can always read and write EVERYTHING!
|
||||
|
||||
#######################################################################
|
||||
-# BDB database definitions
|
||||
+# ldbm and/or bdb database definitions
|
||||
#######################################################################
|
||||
|
||||
database bdb
|
||||
suffix "dc=my-domain,dc=com"
|
||||
rootdn "cn=Manager,dc=my-domain,dc=com"
|
||||
# Cleartext passwords, especially for the rootdn, should
|
||||
-# be avoid. See slappasswd(8) and slapd.conf(5) for details.
|
||||
+# be avoided. See slappasswd(8) and slapd.conf(5) for details.
|
||||
# Use of strong authentication encouraged.
|
||||
-rootpw secret
|
||||
+# rootpw secret
|
||||
+# rootpw {crypt}ijFYNcSNctBYg
|
||||
+
|
||||
# The database directory MUST exist prior to running slapd AND
|
||||
# should only be accessible by the slapd and slap tools.
|
||||
# Mode 700 recommended.
|
||||
-directory %LOCALSTATEDIR%/openldap-data
|
||||
+directory /var/lib/ldap
|
||||
+
|
||||
-# Indices to maintain
|
||||
-index objectClass eq
|
||||
+# Indices to maintain for this database
|
||||
+index objectClass eq,pres
|
||||
+index ou,cn,mail,surname,givenname eq,pres,sub
|
||||
+index uidNumber,gidNumber,loginShell eq,pres
|
||||
+index uid,memberUid eq,pres,sub
|
||||
+index nisMapName,nisMapEntry eq,pres,sub
|
||||
+
|
||||
+# Replicas of this database
|
||||
+#replogfile /var/lib/ldap/openldap-master-replog
|
||||
+#replica host=ldap-1.example.com:389 starttls=critical
|
||||
+# bindmethod=sasl saslmech=GSSAPI
|
||||
+# authcId=host/ldap-master.example.com@EXAMPLE.COM
|
||||
--- openldap-2.2.13/servers/slurpd/slurp.h 2004-01-01 13:16:42.000000000 -0500
|
||||
+++ openldap-2.2.13/servers/slurpd/slurp.h 2004-06-15 11:40:04.000000000 -0400
|
||||
@@ -66,7 +66,7 @@
|
||||
#define SERVICE_NAME OPENLDAP_PACKAGE "-slurpd"
|
||||
|
||||
/* Default directory for slurpd's private copy of replication logs */
|
||||
-#define DEFAULT_SLURPD_REPLICA_DIR LDAP_RUNDIR LDAP_DIRSEP "openldap-slurp"
|
||||
+#define DEFAULT_SLURPD_REPLICA_DIR "/var/lib/ldap"
|
||||
|
||||
/* Default name for slurpd's private copy of the replication log */
|
||||
#define DEFAULT_SLURPD_REPLOGFILE "slurpd.replog"
|
||||
@@ -75,7 +75,7 @@
|
||||
#define DEFAULT_SLURPD_STATUS_FILE "slurpd.status"
|
||||
|
||||
/* slurpd dump file - contents of rq struct are written here (debugging) */
|
||||
-#define SLURPD_DUMPFILE LDAP_TMPDIR LDAP_DIRSEP "slurpd.dump"
|
||||
+#define SLURPD_DUMPFILE DEFAULT_SLURPD_REPLICA_DIR "/slurpd.dump"
|
||||
|
||||
/* Amount of time to sleep if no more work to do */
|
||||
#define DEFAULT_NO_WORK_INTERVAL 3
|
Loading…
Reference in New Issue
Block a user