From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Apr 22 04:20:14 2003 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C423D37B40B for ; Tue, 22 Apr 2003 04:20:14 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 10F0543FBD for ; Tue, 22 Apr 2003 04:20:05 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h3MBK5Up037570 for ; Tue, 22 Apr 2003 04:20:05 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h3MBK5mc037566; Tue, 22 Apr 2003 04:20:05 -0700 (PDT) Resent-Date: Tue, 22 Apr 2003 04:20:05 -0700 (PDT) Resent-Message-Id: <200304221120.h3MBK5mc037566@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Christian Kratzer Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6A1E737B401 for ; Tue, 22 Apr 2003 04:17:54 -0700 (PDT) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0053D43FB1 for ; Tue, 22 Apr 2003 04:17:51 -0700 (PDT) (envelope-from ck@cksoft.de) Received: from localhost (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id 1A3951FFBCD for ; Tue, 22 Apr 2003 13:17:49 +0200 (CEST) Received: from majakka.cksoft.de (p508A96FB.dip.t-dialin.net [80.138.150.251]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by transport.cksoft.de (Postfix) with ESMTP id 8D4241FF915 for ; Tue, 22 Apr 2003 13:17:47 +0200 (CEST) Received: from majakka.cksoft.de (localhost [127.0.0.1]) by majakka.cksoft.de (Postfix) with ESMTP id 8508344B31 for ; Tue, 22 Apr 2003 13:17:46 +0200 (CEST) Received: by majakka.cksoft.de (Postfix, from userid 1000) id DC46444AD1; Tue, 22 Apr 2003 13:17:45 +0200 (CEST) Message-Id: <20030422111745.DC46444AD1@majakka.cksoft.de> Date: Tue, 22 Apr 2003 13:17:45 +0200 (CEST) From: Christian Kratzer To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: ports/51277: [maintainer update] openldap21, user and group for ldap, sasl support X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Christian Kratzer List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Apr 2003 11:20:16 -0000 >Number: 51277 >Category: ports >Synopsis: [maintainer update] openldap21, user and group for ldap, sasl support >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Tue Apr 22 04:20:05 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Christian Kratzer >Release: FreeBSD 4.7-STABLE i386 >Organization: CK Software GmbH >Environment: System: FreeBSD majakka.cksoft.de 4.7-STABLE FreeBSD 4.7-STABLE #1: Thu Dec 19 14:57:42 CET 2002 ck@majakka.cksoft.de:/usr/obj/usr/src/RELENG_4/src/sys/MAJAKKA i386 >Description: NOTE: New user and group ldap added by this port. Please consider adding them to the base system in the future. This port adds following features: 1. User and group ldap worked into startup scripts and pkg-install ck@majakka[build-root-ports]: {111} pw show user ldap ldap:*:389:389::0:0:OpenLDAP Server:/nonexistent:/sbin/nologin ck@majakka[build-root-ports]: {112} pw show group ldap ldap:*:389: 2. New option. WITHOUT_SASL to build without sasl. Building with sasl is now default. This should be a very common configuration. >How-To-Repeat: >Fix: --- openldap21/files/slapd.sh.orig Sun Apr 20 09:42:41 2003 +++ openldap21/files/slapd.sh Sun Apr 20 09:45:08 2003 @@ -7,18 +7,18 @@ # Uncomment one of the following: # # IPv4 Only -#slapd_args='-h ldap://0.0.0.0' +#slapd_args='-u ldap -g ldap -h ldap://0.0.0.0' # # IPv6 and IPv4 -#slapd_ags='-h "ldap://[::] ldap://0.0.0.0"' +#slapd_ags='-u ldap -g ldap -h "ldap://[::] ldap://0.0.0.0"' # # IPv6 Only -#slapd_args='-h ldap://[::]' +#slapd_args='-u ldap -g ldap -h ldap://[::]' # # -slapd_args= +slapd_args="-u ldap -g ldap" -pidfile=/var/run/slapd.pid +pidfile=/var/run/ldap/slapd.pid case "$1" in start) @@ -31,7 +31,6 @@ stop) if [ -f $pidfile ]; then kill `cat $pidfile` - telnet localhost ldap /dev/null 2>&1 echo -n ' slapd' rm $pidfile else --- openldap21/files/slurpd.sh.orig Tue Apr 22 13:00:26 2003 +++ openldap21/files/slurpd.sh Tue Apr 22 13:01:31 2003 @@ -4,7 +4,7 @@ # slurpd=@@PREFIX@@/libexec/slurpd -pidfile=/var/run/slurpd.pid +pidfile=/var/run/ldap/slurpd.pid case "$1" in start) --- openldap21/Makefile.orig Sun Apr 20 07:46:07 2003 +++ openldap21/Makefile Mon Apr 21 10:57:22 2003 @@ -10,13 +10,17 @@ # SLAPD_ONLY builds openldap21-slapd-PORTVERSION (slapd and slapd tools) # SLURPD_ONLY builds openldap21-slurpd-PORTVERSION (slurpd only) # SERVERS_ONLY builds openldap21-servers-PORTVERSION (slapd and slurpd) +# WITHOUT_SASL do not build against sasl2 +# +# OPENLDAP_STABLE an attempt to track the openldap stable branch +# It remains to be seen if this stays practical. # # $FreeBSD: ports/net/openldap21/Makefile,v 1.64 2003/04/11 14:43:46 nork Exp $ # PORTNAME= openldap21 PORTVERSION= 2.1.17 -PORTREVISION= 0 +PORTREVISION= 1 CATEGORIES= net databases MASTER_SITES= ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/ \ http://www.PlanetMirror.com/pub/openldap/%SUBDIR%/ \ @@ -47,27 +51,42 @@ LIB_DEPENDS+= db41:${PORTSDIR}/databases/db41 -CXXFLAGS+= -D_REENTRANT ${PTHREAD_CFLAGS} -I${LOCALBASE}/include/db41 -CPPFLAGS+= -D_REENTRANT ${PTHREAD_CFLAGS} -I${LOCALBASE}/include/db41 +CXXFLAGS+= -D_REENTRANT ${PTHREAD_CFLAGS} \ + -I${LOCALBASE}/include \ + -I${LOCALBASE}/include/db41 + +CPPFLAGS+= -D_REENTRANT ${PTHREAD_CFLAGS} \ + -I${LOCALBASE}/include \ + -I${LOCALBASE}/include/db41 + LDFLAGS+= -L${LOCALBASE}/lib USE_OPENSSL= yes HAS_CONFIGURE= yes -CONFIGURE_ENV+= CXXFLAGS="${CXXFLAGS}" \ - CPPFLAGS="${CPPFLAGS}" \ +CONFIGURE_ENV+= CXXFLAGS="${CXXFLAGS}" \ + CPPFLAGS="${CPPFLAGS}" \ LDFLAGS="${LDFLAGS}" CONFIGURE_ARGS+=--prefix=${PREFIX} \ --enable-bdb \ --enable-crypt +.if defined(WITHOUT_SASL) +CONFIGURE_ARGS+= \ + --without-cyrus-sasl +.else +LIB_DEPENDS+= sasl2:${PORTSDIR}/security/cyrus-sasl2 +CONFIGURE_ARGS+= \ + --with-cyrus-sasl \ + --enable-spasswd +.endif + # ------------------------------------------------------------------------------ # common configure # CONFIGURE_ARGS+= \ --with-tls \ - --without-cyrus-sasl \ --localstatedir=/var/db # Include tcp-wrapper support @@ -382,8 +401,8 @@ post-patch: @${CP} ${WRKSRC}/servers/slapd/slapd.conf \ ${WRKSRC}/servers/slapd/slapd.conf.Dist - @${SED} -e '/^pidfile/s#%LOCALSTATEDIR%#/var/run#' \ - -e '/^argsfile/s#%LOCALSTATEDIR%#/var/run#' \ + @${SED} -e '/^pidfile/s#%LOCALSTATEDIR%#/var/run/ldap#' \ + -e '/^argsfile/s#%LOCALSTATEDIR%#/var/run/ldap#' \ ${WRKSRC}/servers/slapd/slapd.conf.Dist > \ ${WRKSRC}/servers/slapd/slapd.conf --- openldap21/pkg-install.orig Sun Apr 20 08:35:44 2003 +++ openldap21/pkg-install Mon Apr 21 11:01:50 2003 @@ -0,0 +1,52 @@ +#!/bin/sh +# +# $FreeBSD:$ +# + +PKG_PREFIX=${PKG_PREFIX:=/usr/local} +BATCH=${BATCH:=no} + +USER=ldap +USER_UID=389 + +GROUP=ldap +GROUP_GID=389 + +if [ x"$2" = xPRE-INSTALL ]; then + if /usr/sbin/pw groupshow "${GROUP}" 2>/dev/null; then + echo "You already have a group \"${GROUP}\", so I will use it." + else + if /usr/sbin/pw groupadd ${GROUP} -g ${GROUP_GID} -h - + then + echo "Added group \"${GROUP}\"." + else + echo "Adding group \"${GROUP}\" failed..." + echo "Please create it, and try again." + exit 1 + fi + fi + + if /usr/sbin/pw user show "${USER}" 2>/dev/null; then + echo "You already have a user \"${USER}\", so I will use it." + else + if /usr/sbin/pw useradd ${USER} -u ${USER_UID} -g ${GROUP} -h - \ + -d /nonexistent \ + -s /sbin/nologin \ + -c "OpenLDAP Server" + then + echo "Added user \"${USER}\"." + else + echo "Adding user \"${USER}\" failed..." + echo "Please create it, and try again." + exit 1 + fi + fi +fi + +if [ x"$2" = xPOST-INSTALL ]; then + chown -R $USER:$GROUP /var/db/openldap-data + chown -R $USER:$GROUP /var/run/ldap + chown $USER:$GROUP $PKG_PREFIX/etc/openldap/slapd.conf + chown $USER:$GROUP $PKG_PREFIX/etc/openldap/slapd.conf.default +fi + --- openldap21/pkg-message.orig Tue Apr 22 12:31:06 2003 +++ openldap21/pkg-message Tue Apr 22 12:30:40 2003 @@ -0,0 +1,8 @@ +The openldap21 port now creates a ldap user an a ldap group. + +If you use slapadd as root to populate your ldap Database please +remember to chown the database directories and containing files +to user ldap and group ldap. + + chown -R ldap:ldap /var/db/openldap-data + --- openldap21/pkg-plist.orig Sun Apr 20 09:46:05 2003 +++ openldap21/pkg-plist Sun Apr 20 09:49:08 2003 @@ -93,3 +93,5 @@ %%NO_SLAPD%%@unexec /bin/rmdir %D/etc/openldap 2>/dev/null || true %%NO_SLAPD%%@exec [ -d /var/db/openldap-data ] || /bin/mkdir /var/db/openldap-data %%NO_SLAPD%%@unexec /bin/rmdir /var/db/openldap-data 2>/dev/null || true +%%NO_SLAPD%%@exec [ -d /var/run/ldap ] || /bin/mkdir /var/run/ldap +%%NO_SLAPD%%@unexec /bin/rmdir /var/run/ldap 2>/dev/null || true >Release-Note: >Audit-Trail: >Unformatted: