[git.ipfire.org] IPFire 3.x development tree branch, master, updated. c89accc1e85a5b25ad50bcb831b1b0d403265899

public inbox for ipfire-scm@lists.ipfire.org
 help / color / mirror / Atom feed

* [git.ipfire.org] IPFire 3.x development tree branch, master, updated. c89accc1e85a5b25ad50bcb831b1b0d403265899
@ 2013-01-13 19:23 git
  0 siblings, 0 replies; only message in thread
From: git @ 2013-01-13 19:23 UTC (permalink / raw)
  To: ipfire-scm

[-- Attachment #1: Type: text/plain, Size: 8950 bytes --]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 3.x development tree".

The branch, master has been updated
       via  c89accc1e85a5b25ad50bcb831b1b0d403265899 (commit)
       via  3bcf692bfd20594d7ee36ed7b5e14695d76b350a (commit)
       via  e19edbfb7d978337986ed65eedae421e9c8541a0 (commit)
       via  d236d00d831b5b4d6a01c16cc6de1bb64d7be811 (commit)
       via  c20802e9595cc8da883d7499b8be82ef4b81b11e (commit)
       via  1711625317905fa85170f835c6aa9144c89e5669 (commit)
      from  e9d66b05ec51dd1d461e8153e93b4516cfb0f69c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c89accc1e85a5b25ad50bcb831b1b0d403265899
Merge: 3bcf692 d236d00
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Sun Jan 13 20:23:27 2013 +0100

    Merge remote-tracking branch 'stevee/openldap-improvements'

commit 3bcf692bfd20594d7ee36ed7b5e14695d76b350a
Merge: e19edbf c20802e
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Sun Jan 13 20:21:52 2013 +0100

    Merge remote-tracking branch 'stevee/libuser-update'

commit e19edbfb7d978337986ed65eedae421e9c8541a0
Merge: e9d66b0 1711625
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Sun Jan 13 20:21:28 2013 +0100

    Merge remote-tracking branch 'stevee/authconfig-fix'

commit d236d00d831b5b4d6a01c16cc6de1bb64d7be811
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date:   Sun Jan 13 18:40:44 2013 +0100

    openldap: A lot of improvements.
    
    * Add openldap user and group.
    * Add a system tmpfile for /run/openldap directory.
    * Add /etc/openldap/slapd.d and /var/lib/ldap as datafiles,
      to be sure they never will be removed or overwritten by pakfire.
    * Add new permissions and owernships for ldap user.
    
    * Run slapd as user "ldap".
    
    * Add openldap.socket file to create and listen on the unix socket.
      This socket is placed in /run/openldap/ldapi.
    
    * Enable ldapi ( the local ldap unix socket) on systemd service file.
      Also listen on the existing unix socket and use socket-based activation.
    
      As a result of this kind of activation we do not have longer to enable the
      openldap service on startup and so I've removed lines on the service file for
      that.
    
    Fixes #10224.

commit c20802e9595cc8da883d7499b8be82ef4b81b11e
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date:   Sun Jan 13 17:00:02 2013 +0100

    libuser: Update to 0.58.
    
    This is a major update to the latest stable version.

commit 1711625317905fa85170f835c6aa9144c89e5669
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date:   Sun Jan 13 15:52:38 2013 +0100

    authconfig: Add nss_ldap as runtime dependency.

-----------------------------------------------------------------------

Summary of changes:
 authconfig/authconfig.nm          |  3 ++-
 libuser/libuser.nm                |  9 ++++----
 openldap/openldap.nm              | 47 ++++++++++++++++++++++++++++++++++-----
 openldap/openldap.tmpfiles        |  1 +
 openldap/systemd/openldap.service |  8 ++-----
 openldap/systemd/openldap.socket  |  5 +++++
 6 files changed, 55 insertions(+), 18 deletions(-)
 create mode 100644 openldap/openldap.tmpfiles
 create mode 100644 openldap/systemd/openldap.socket

Difference in files:
diff --git a/authconfig/authconfig.nm b/authconfig/authconfig.nm
index 73db059..56f2f7b 100644
--- a/authconfig/authconfig.nm
+++ b/authconfig/authconfig.nm
@@ -5,7 +5,7 @@
 
 name       = authconfig
 version    = 6.2.2
-release    = 4
+release    = 5
 
 groups     = System/Base
 url        = https://fedorahosted.org/authconfig
@@ -75,6 +75,7 @@ packages
 		requires
 			libpwquality
 			newt-python
+			nss_ldap
 		end
 
 		configfiles
diff --git a/libuser/libuser.nm b/libuser/libuser.nm
index cc2e961..f159482 100644
--- a/libuser/libuser.nm
+++ b/libuser/libuser.nm
@@ -4,7 +4,7 @@
 ###############################################################################
 
 name       = libuser
-version    = 0.57.1
+version    = 0.58
 release    = 1
 
 groups     = System/Libraries
@@ -13,12 +13,12 @@ license    = LGPLv2+
 summary    = A user and group account administration library.
 
 description
-	The libuser library implements a standardized interface for \
-	manipulating and administering user and group accounts. The \
+	The libuser library implements a standardized interface for
+	manipulating and administering user and group accounts. The
 	library uses pluggable back-ends to interface to its data sources.
 end
 
-source_dl  =
+source_dl  = https://fedorahosted.org/releases/l/i/%{name}/
 sources    = %{thisapp}.tar.xz
 
 build
@@ -46,7 +46,6 @@ end
 
 packages
 	package %{name}
-	end
 
 	package %{name}-devel
 		template DEVEL
diff --git a/openldap/openldap.nm b/openldap/openldap.nm
index 1f80a01..f6979d3 100644
--- a/openldap/openldap.nm
+++ b/openldap/openldap.nm
@@ -5,7 +5,7 @@
 
 name       = openldap
 version    = 2.4.32
-release    = 1
+release    = 2
 
 groups     = System/Daemons
 url        = http://www.openldap.org/
@@ -33,6 +33,7 @@ build
 		libtool-devel
 		openssl-devel
 		pth-devel
+		shadow-utils
 	end
 
 	configure_options += \
@@ -51,6 +52,10 @@ build
 		--enable-ndb=no \
 		--disable-static
 
+	prepare_cmds
+		%{create_user}
+	end
+
 	install_cmds
 		mv -v %{BUILDROOT}%{libdir}/slapd %{BUILDROOT}/usr/sbin/slapd
 		ln -svf slapd %{BUILDROOT}/usr/sbin/slapacl
@@ -63,7 +68,9 @@ build
 		ln -svf	slapd %{BUILDROOT}/usr/sbin/slapschema
 		ln -svf	slapd %{BUILDROOT}/usr/sbin/slaptest
 
-		rm -rvf %{BUILDROOT}/var/openldap-data
+		# Remove unneeded files.
+		rm -rvf %{BUILDROOT}%{localstatedir}/openldap-data
+		rm -rvf %{BUILDROOT}%{localstatedir}/run
 
 		for LINK in lber ldap ldap_r; do
 			chmod -v 0755 %{BUILDROOT}%{libdir}/$(readlink %{BUILDROOT}%{libdir}/lib${LINK}.so)
@@ -71,22 +78,50 @@ build
 
 		# Install configuration
 		mkdir -pv %{BUILDROOT}/etc/%{name}
-		cp -vf %{DIR_SOURCE}/slapd.conf %{BUILDROOT}/etc/%{name}/slapd.conf
-
-		mkdir -pv %{BUILDROOT}/var/lib/ldap
-		chmod 700 -Rv %{BUILDROOT}/var/lib/ldap
+		cp -vf %{DIR_SOURCE}/slapd.conf %{BUILDROOT}%{sysconfdir}/%{name}/slapd.conf
+
+		# Create directoires.
+		mkdir -pv %{BUILDROOT}%{sysconfdir}/%{name}/slapd.d
+		mkdir -pv %{BUILDROOT}%{localstatedir}/%{name}
+		mkdir -pv %{BUILDROOT}%{sharedstatedir}/ldap
+
+		# Fix permissions and ownerships.
+		chown -Rv ldap:ldap %{BUILDROOT}%{sysconfdir}/%{name}
+		chown ldap:ldap %{BUILDROOT}/run/%{name}
+		chown ldap:ldap %{BUILDROOT}%{sharedstatedir}/ldap
+		chmod 700 -Rv %{BUILDROOT}%{sharedstatedir}/ldap
 	end
 end
 
+create_user
+	getent group ldap >/dev/null || groupadd -r ldap
+	getent passwd ldap >/dev/null || useradd -r -g ldap \
+		-d /var/lib/ldap -s /sbin/nologin -c "OpenLDAP server" ldap
+end
+
 packages
 	package %{name}
+		prerequires += shadow-utils
+
+		script prein
+			%{create_user}
+		end
+
+		datafiles
+			%{sysconfdir}/%{name}/slapd.d
+			%{sharedstatedir}/ldap
+		end
+
 		script postin
 			systemctl daemon-reload >/dev/null 2>&1 || :
+			systemctl enable openldap.socket >/dev/null 2>&1 || :
 		end
 
 		script preun
 			systemctl --no-reload disable openldap.service >/dev/null 2>&1 || :
+			systemctl --no-reload disable openldap.socket >/dev/null 2>&1 || :
 			systemctl stop openldap.service >/dev/null 2>&1 || :
+			systemctl stop openldap.socket >/dev/null 2>&1 || :
 		end
 
 		script postun
diff --git a/openldap/openldap.tmpfiles b/openldap/openldap.tmpfiles
new file mode 100644
index 0000000..8857aed
--- /dev/null
+++ b/openldap/openldap.tmpfiles
@@ -0,0 +1 @@
+d /run/openldap 0755 ldap ldap -
diff --git a/openldap/systemd/openldap.service b/openldap/systemd/openldap.service
index 8c2c57b..9a6e53f 100644
--- a/openldap/systemd/openldap.service
+++ b/openldap/systemd/openldap.service
@@ -1,10 +1,6 @@
 [Unit]
 Description=OpenLDAP
-After=basic.target
+After=basic.target sockets.target
 
 [Service]
-Type=forking
-ExecStart=/usr/sbin/slapd
-
-[Install]
-WantedBy=multi-user.target
+ExecStart=/usr/sbin/slapd -u ldap -h 'ldapi://%2Frun%2Fopenldap%2Fldapi'
diff --git a/openldap/systemd/openldap.socket b/openldap/systemd/openldap.socket
new file mode 100644
index 0000000..1fe23ea
--- /dev/null
+++ b/openldap/systemd/openldap.socket
@@ -0,0 +1,5 @@
+[Socket]
+ListenStream=/run/openldap/ldapi
+
+[Install]
+WantedBy=sockets.target


hooks/post-receive
--
IPFire 3.x development tree

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2013-01-13 19:23 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-01-13 19:23 [git.ipfire.org] IPFire 3.x development tree branch, master, updated. c89accc1e85a5b25ad50bcb831b1b0d403265899 git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox