Statistics
| Revision:

root / openldap-rpm / trunk / SPECS / openldap-ltb.spec

History | View | Annotate | Download (18.3 KB)

1
#=================================================
2
# Specification file for OpenLDAP
3
#
4
# Install OpenLDAP
5
# Install an init script in /etc/init.d
6
# Create user/group ldap
7
# Configure syslog and logrotate
8
# Install a pwdChecker module
9
#
10
# Copyright (C) 2008 Raphael OUAZANA
11
# Copyright (C) 2008 Clement OUDOT
12
# Copyright (C) 2008 LINAGORA
13
#
14
# Provided by LTB-project (http://www.ltb-project.org)
15
#=================================================
16
17
#=================================================
18
# Variables
19
#=================================================
20
%define real_name        openldap
21
%define real_version     2.4.40
22
%define release_version  1%{?dist}
23
24
%define bdbdir           /usr/local/berkeleydb
25
%define ldapdir          /usr/local/openldap
26
%define ldapserverdir    %{ldapdir}
27
%define ldapdatadir      %{ldapdir}/var/openldap-data
28
%define ldaplogsdir      %{bdbdir}/openldap-logs
29
%define ldapbackupdir    /var/backups/openldap
30
%define ldaplogfile      /var/log/openldap.log
31
32
%define ldapuser         ldap
33
%define ldapgroup        ldap
34
35
%define slapd_init_name             ltb-project-openldap-initscript
36
%define slapd_init_version          2.0
37
38
%define check_password_name         ltb-project-openldap-ppolicy-check-password
39
%define check_password_version      1.1
40
%define check_password_conf         %{ldapserverdir}/etc/openldap/check_password.conf
41
%define check_password_minPoints    3
42
%define check_password_useCracklib  0
43
%define check_password_minUpper     0
44
%define check_password_minLower     0
45
%define check_password_minDigit     0
46
%define check_password_minPunct     0
47
48
#=================================================
49
# Header
50
#=================================================
51
Summary: OpenLDAP server with addons from the LDAP Tool Box project
52
Name: %{real_name}-ltb
53
Version: %{real_version}
54
Release: %{release_version}
55
# http://www.openldap.org/software/release/license.html
56
License: OpenLDAP Public License
57
58
Group: Applications/System
59
URL: http://www.openldap.org/
60
61
# Source available on http://www.openldap.org
62
Source: %{real_name}-%{real_version}.tgz
63
# Sources available on http://www.ltb-project.org
64
Source1: %{slapd_init_name}-%{slapd_init_version}.tar.gz
65
# Sources available on http://www.ltb-project.org
66
Source2: %{check_password_name}-%{check_password_version}.tar.gz
67
Source3: openldap.sh
68
Source4: DB_CONFIG
69
Source5: openldap.logrotate
70
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
71
72
BuildRequires: gcc, make, groff
73
BuildRequires: openssl-devel, cyrus-sasl-devel, berkeleydb-ltb >= 4.6.21, libtool-ltdl-devel
74
BuildRequires: cracklib
75
Requires: gawk, libtool-ltdl, berkeleydb-ltb >= 4.6.21
76
77
Requires(pre): /sbin/ldconfig, coreutils
78
79
%description
80
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
81
Protocol) applications and development tools. LDAP is a set of
82
protocols for accessing directory services (usually phone book style
83
information, but other information is possible) over the Internet,
84
similar to the way DNS (Domain Name System) information is propagated
85
over the Internet. 
86
87
This package contains all: server, clients, librairies and docs. It
88
can be installed with openldap and openldap-devel. It provides tools
89
from the LDAP Tool Box project:
90
o Start/stop script
91
o Logrotate script
92
93
#=================================================
94
# Subpackage check-password
95
#=================================================
96
%package check-password
97
Summary:        check_password module for password policy
98
Version:        %{check_password_version}
99
Release:        8%{?dist}
100
Group:          Applications/System
101
URL:		http://www.ltb-project.org
102
103
%if "%{?dist}" == ".el6"
104
BuildRequires:	cracklib-devel
105
%endif
106
%if "%{?dist}" == ".el7"
107
BuildRequires:	cracklib-devel
108
%endif
109
110
Requires:	cracklib, cracklib-dicts, %{real_name}-ltb >= %{real_version}
111
112
%description check-password
113
check_password.c is an OpenLDAP pwdPolicyChecker module used to check the strength 
114
and quality of user-provided passwords. This module is used as an extension of the 
115
OpenLDAP password policy controls, see slapo-ppolicy(5) section pwdCheckModule. 
116
check_password.c will run a number of checks on the passwords to ensure minimum 
117
strength and quality requirements are met. Passwords that do not meet these 
118
requirements are rejected.
119
120
This is provided by LDAP Tool Box project: http://www.ltb-project.org 
121
122
#=================================================
123
# Subpackage contrib-overlays
124
#=================================================
125
%package contrib-overlays
126
Summary:        Overlays contributed to OpenLDAP
127
Version:        %{real_version}
128
Release:        %{release_version}
129
Group:          Applications/System
130
URL:		http://www.ltb-project.org
131
132
Requires:	%{real_name}-ltb >= %{real_version}
133
134
%description contrib-overlays
135
Some overlays are not included in the OpenLDAP main package but provided
136
as contributions. This package provide some of them.
137
138
This is provided by LDAP Tool Box project: http://www.ltb-project.org 
139
140
#=================================================
141
# Subpackage mdb-utils
142
#=================================================
143
%package mdb-utils
144
Summary:        MDB utilities
145
Version:        %{real_version}
146
Release:        %{release_version}
147
Group:          Applications/System
148
URL:		http://www.ltb-project.org
149
150
Requires:	%{real_name}-ltb >= %{real_version}
151
152
%description mdb-utils
153
MDB utilities contain both mdb_stat and mdb_copy, and the associated 
154
documentation.
155
156
This is provided by LDAP Tool Box project: http://www.ltb-project.org 
157
158
#=================================================
159
# Source preparation
160
#=================================================
161
%prep
162
%setup -n %{real_name}-%{real_version}
163
%setup -n %{real_name}-%{real_version} -T -D -a 1
164
%setup -n %{real_name}-%{real_version} -T -D -a 2
165
166
#=================================================
167
# Building
168
#=================================================
169
%build
170
# OpenLDAP
171
export CC="gcc"
172
export CFLAGS="-DOPENLDAP_FD_SETSIZE=4096 -O2 -g"
173
# Uncomment to enable config delete option
174
#export CFLAGS="-DOPENLDAP_FD_SETSIZE=4096 -O2 -g -DSLAP_CONFIG_DELETE"
175
export CPPFLAGS="-I%{bdbdir}/include -I/usr/kerberos/include"
176
export LDFLAGS="-L%{bdbdir}/%{_lib}"
177
./configure --disable-dependency-tracking --enable-ldap --enable-debug --prefix=%{ldapserverdir} --libdir=%{ldapserverdir}/%{_lib} --with-tls --with-cyrus-sasl --enable-spasswd --enable-overlays --enable-modules --enable-dynamic=no --enable-slapi --enable-meta --enable-crypt --enable-sock
178
make depend
179
make %{?_smp_mflags}
180
# check_password
181
cd %{check_password_name}-%{check_password_version} 
182
make %{?_smp_mflags} "CONFIG=%{check_password_conf}" "LDAP_INC=-I../include -I../servers/slapd"
183
cd ..
184
# contrib-overlays
185
cd contrib/slapd-modules
186
## lastbind
187
cd lastbind
188
make clean
189
make %{?_smp_mflags} "prefix=%{ldapserverdir}" "LDAP_LIB="
190
cd ..
191
## smbk5pwd
192
cd smbk5pwd
193
make clean
194
make %{?_smp_mflags} "DEFS=-DDO_SAMBA -DDO_SHADOW" "LDAP_LIB=" "prefix=%{ldapserverdir}"
195
cd ..
196
cd ../..
197
# MDB utils
198
cd libraries/liblmdb
199
make %{?_smp_mflags}
200
cd ../..
201
202
#=================================================
203
# Installation
204
#=================================================
205
%install
206
rm -rf %{buildroot}
207
make install DESTDIR=%{buildroot} STRIP=""
208
209
# Directories
210
mkdir -p %{buildroot}%{ldapdatadir}
211
mkdir -p %{buildroot}%{ldaplogsdir}
212
mkdir -p %{buildroot}%{ldapbackupdir}
213
214
# Init script
215
mkdir -p %{buildroot}/etc/init.d
216
mkdir -p %{buildroot}/etc/default
217
install -m 755 %{slapd_init_name}-%{slapd_init_version}/slapd %{buildroot}/etc/init.d/slapd
218
install -m 644 %{slapd_init_name}-%{slapd_init_version}/slapd.default %{buildroot}/etc/default/slapd
219
sed -i 's:^SLAPD_PATH.*:SLAPD_PATH="'%{ldapdir}'":' %{buildroot}/etc/default/slapd
220
sed -i 's:^SLAPD_USER.*:SLAPD_USER="'%{ldapuser}'":' %{buildroot}/etc/default/slapd
221
sed -i 's:^SLAPD_GROUP.*:SLAPD_GROUP="'%{ldapgroup}'":' %{buildroot}/etc/default/slapd
222
sed -i 's:^BDB_PATH.*:BDB_PATH="'%{bdbdir}'":' %{buildroot}/etc/default/slapd
223
sed -i 's:^BACKUP_PATH.*:BACKUP_PATH="'%{ldapbackupdir}'":' %{buildroot}/etc/default/slapd
224
225
# PATH modification
226
mkdir -p %{buildroot}/etc/profile.d
227
install -m 755 %{SOURCE3} %{buildroot}/etc/profile.d/openldap.sh
228
sed -i 's:^OL_BIN.*:OL_BIN='%{ldapdir}/bin':' %{buildroot}/etc/profile.d/openldap.sh
229
sed -i 's:^OL_SBIN.*:OL_SBIN='%{ldapdir}/sbin':' %{buildroot}/etc/profile.d/openldap.sh
230
sed -i 's:^OL_MAN.*:OL_MAN='%{ldapdir}/share/man':' %{buildroot}/etc/profile.d/openldap.sh
231
232
# BDB configuration
233
install -m 644 %{SOURCE4} %{buildroot}%{ldapdatadir}
234
sed -i 's:^set_lg_dir.*:set_lg_dir\t'%{ldaplogsdir}':' %{buildroot}%{ldapdatadir}/DB_CONFIG
235
236
# Logrotate
237
mkdir -p %{buildroot}/etc/logrotate.d
238
install -m 644 %{SOURCE5} %{buildroot}/etc/logrotate.d/openldap
239
240
# Modify data directory in slapd.conf
241
sed -i 's:^directory.*:directory\t'%{ldapdatadir}':' %{buildroot}%{ldapserverdir}/etc/openldap/slapd.conf
242
243
# check_password
244
install -m 644 %{check_password_name}-%{check_password_version}/check_password.so %{buildroot}%{ldapserverdir}/%{_lib}
245
echo "minPoints %{check_password_minPoints}" > %{buildroot}%{check_password_conf}
246
echo "useCracklib %{check_password_useCracklib}" >> %{buildroot}%{check_password_conf}
247
echo "minUpper %{check_password_minUpper}" >> %{buildroot}%{check_password_conf}
248
echo "minLower %{check_password_minLower}" >> %{buildroot}%{check_password_conf}
249
echo "minDigit %{check_password_minDigit}" >> %{buildroot}%{check_password_conf}
250
echo "minPunct %{check_password_minPunct}" >> %{buildroot}%{check_password_conf}
251
252
# contrib-overlays
253
cd contrib/slapd-modules
254
cd lastbind
255
make install "prefix=%{buildroot}%{ldapserverdir}"
256
cd ..
257
cd smbk5pwd
258
make install "prefix=%{buildroot}%{ldapserverdir}"
259
cd ..
260
cd ../..
261
262
# MDB utils
263
cd libraries/liblmdb
264
install -m 755 "mdb_copy"  %{buildroot}%{ldapserverdir}/sbin
265
install -m 755 "mdb_stat"  %{buildroot}%{ldapserverdir}/sbin
266
install -m 644 "mdb_copy.1"  %{buildroot}%{ldapserverdir}/share/man/man1
267
install -m 644 "mdb_stat.1"  %{buildroot}%{ldapserverdir}/share/man/man1
268
cd ../..
269
270
%pre -n openldap-ltb
271
#=================================================
272
# Pre Installation
273
#=================================================
274
275
# If upgrade stop slapd
276
if [ $1 -eq 2 ]
277
then
278
	/sbin/service slapd stop > /dev/null 2>&1
279
fi
280
281
%post -n openldap-ltb
282
#=================================================
283
# Post Installation
284
#=================================================
285
286
# Do this at first install
287
if [ $1 -eq 1 ]
288
then
289
	# Set slapd as service
290
	/sbin/chkconfig --add slapd
291
292
	# Create user and group
293
	/usr/sbin/groupadd %{ldapgroup}
294
	/usr/sbin/useradd %{ldapuser} -g %{ldapgroup}
295
296
	# Add syslog facility
297
%if "%{?dist}" == ".el5"
298
	echo "local4.*	-%{ldaplogfile}" >> /etc/syslog.conf
299
	/sbin/service syslog restart > /dev/null 2>&1
300
%else
301
	echo "local4.*	-%{ldaplogfile}" >> /etc/rsyslog.conf
302
	/sbin/service rsyslog restart > /dev/null 2>&1
303
%endif
304
305
fi
306
307
# Always do this
308
# Change owner
309
/bin/chown -R %{ldapuser}:%{ldapgroup} %{ldapserverdir}
310
/bin/chown -R %{ldapuser}:%{ldapgroup} %{ldapdatadir}
311
/bin/chown -R %{ldapuser}:%{ldapgroup} %{ldaplogsdir}
312
/bin/chown -R %{ldapuser}:%{ldapgroup} %{ldapbackupdir}
313
314
%post check-password
315
#=================================================
316
# Post Installation
317
#=================================================
318
319
# Change owner
320
/bin/chown -R %{ldapuser}:%{ldapgroup} %{ldapserverdir}/%{_lib}
321
322
%preun -n openldap-ltb
323
#=================================================
324
# Pre uninstallation
325
#=================================================
326
327
# Don't do this if newer version is installed
328
if [ $1 -eq 0 ]
329
then
330
	# Stop slapd
331
	/sbin/service slapd stop > /dev/null 2>&1
332
333
	# Delete service
334
	/sbin/chkconfig --del slapd
335
336
        # Remove syslog facility
337
%if "%{?dist}" == ".el5"
338
	sed -i '/local4\..*/d' /etc/syslog.conf
339
	/sbin/service syslog restart
340
%else
341
	sed -i '/local4\..*/d' /etc/rsyslog.conf
342
	/sbin/service rsyslog restart
343
%endif
344
345
fi
346
347
# Always do this
348
# Remove OpenLDAP libraries from the system
349
sed -i '\:'%{ldapserverdir}/%{_lib}':d' /etc/ld.so.conf
350
/sbin/ldconfig
351
352
#=================================================
353
# Cleaning
354
#=================================================
355
%clean
356
rm -rf %{buildroot}
357
358
#=================================================
359
# Files
360
#=================================================
361
%files -n openldap-ltb
362
%defattr(-, root, root, 0755)
363
%{ldapdir}
364
%docdir %{ldapserverdir}/share/man
365
%config(noreplace) %{ldapserverdir}/etc/openldap/slapd.conf
366
%config(noreplace) %{ldapserverdir}/etc/openldap/ldap.conf
367
/etc/init.d/slapd
368
%config(noreplace) /etc/default/slapd
369
/etc/profile.d/openldap.sh
370
%{ldaplogsdir}
371
%config(noreplace) /etc/logrotate.d/openldap
372
%{ldapbackupdir}
373
%exclude %{check_password_conf}
374
%exclude %{ldapserverdir}/%{_lib}/check_password.so
375
%exclude %{ldapserverdir}/libexec/openldap
376
%config(noreplace) %{ldapdatadir}/DB_CONFIG
377
378
%files check-password
379
%config(noreplace) %{check_password_conf}
380
%{ldapserverdir}/%{_lib}/check_password.so
381
382
%files contrib-overlays
383
%{ldapserverdir}/libexec/openldap
384
385
%files mdb-utils
386
%{ldapserverdir}/sbin/mdb_copy
387
%{ldapserverdir}/sbin/mdb_stat
388
%doc %{ldapserverdir}/share/man/man1/mdb_copy.1
389
%doc %{ldapserverdir}/share/man/man1/mdb_stat.1
390
391
#=================================================
392
# Changelog
393
#=================================================
394
%changelog
395
* Tue Sep 30 2014 - Clement Oudot <clem@ltb-project.org> - 2.4.40-1 / 1.1-8
396
- Upgrade to OpenLDAP 2.4.40
397
- Enable sock backend (#661)
398
- Upgrade to init script 2.0 (#731)
399
* Mon Feb 03 2014 - Clement Oudot <clem@ltb-project.org> - 2.4.39-1 / 1.1-8
400
- Upgrade to OpenLDAP 2.4.39
401
- Mark documentation as such in the RPM spec file (#636)
402
- Include MDB utilities in RPM (#638)
403
- Add man directory to $MANPATH (#644)
404
* Wed Nov 27 2013 - Clement Oudot <clem@ltb-project.org> - 2.4.38-1 / 1.1-8
405
- Upgrade to OpenLDAP 2.4.38
406
* Thu Oct 31 2013 - Clement Oudot <clem@ltb-project.org> - 2.4.37-1 / 1.1-8
407
- Upgrade to OpenLDAP 2.4.37
408
- Disable dynamic library linking (#629)
409
* Tue Aug 20 2013 - Clement Oudot <clem@ltb-project.org> - 2.4.36-1 / 1.1-8
410
- Upgrade to OpenLDAP 2.4.36
411
- Add dependency to BerkeleyDB (#610)
412
* Wed Apr 02 2013 - Clement Oudot <clem@ltb-project.org> - 2.4.35-1 / 1.1-8
413
- Upgrade to OpenLDAP 2.4.35
414
- Remove dependency to Berkeley DB (#585)
415
- Make DB_CONFIG a config file (#588)
416
* Thu Mar 12 2013 - Clement Oudot <clem@ltb-project.org> - 2.4.34-1 / 1.1-8
417
- Upgrade to OpenLDAP 2.4.34
418
- Upgrade to init script 1.9
419
* Thu Oct 11 2012 - Clement Oudot <clem@ltb-project.org> - 2.4.33-1 / 1.1-8
420
- Upgrade to OpenLDAP 2.4.33
421
- Upgrade to init script 1.8
422
* Thu Aug 23 2012 - Clement Oudot <clem@ltb-project.org> - 2.4.32-1 / 1.1-8
423
- Upgrade to OpenLDAP 2.4.32
424
- Upgrade to init script 1.7
425
- Comment to enable config delete option (#476)
426
- Use rsyslog on EL6 (#480)
427
* Thu Apr 24 2012 - Clement Oudot <clem@ltb-project.org> - 2.4.31-1 / 1.1-8
428
- Upgrade to OpenLDAP 2.4.31
429
- Upgrade to init script 1.6
430
- Add OpenLDAP libraries to the system (#411)
431
* Fri Mar 09 2012 - Clement Oudot <clem@ltb-project.org> - 2.4.30-1 / 1.1-8
432
- Upgrade to OpenLDAP 2.4.30
433
- Upgrade to init script 1.5
434
* Thu Jan 05 2012 - Clement Oudot <clem@ltb-project.org> - 2.4.28-2 / 1.1-8
435
- Upgrade to init script 1.4
436
- Remove circular build dependency
437
* Wed Nov 30 2011 - Clement Oudot <clem@ltb-project.org> - 2.4.28-1 / 1.1-8
438
- Upgrade to OpenLDAP 2.4.28
439
- Create package contrib-overlays
440
* Fri Nov 25 2011 - Clement Oudot <clem@ltb-project.org> - 2.4.27-1 / 1.1-8
441
- Upgrade to OpenLDAP 2.4.27
442
- Upgrade to init script 1.3
443
- Remove OpenLDAP restart on log rotation
444
* Fri Jul 08 2011 - Clement Oudot <clem@ltb-project.org> - 2.4.26-1 / 1.1-7
445
- Upgrade to OpenLDAP 2.4.26
446
* Tue May 03 2011 - Clement Oudot <clem@ltb-project.org> - 2.4.25-1 / 1.1-6
447
- Upgrade to OpenLDAP 2.4.25
448
- Enable SLAPI
449
* Thu Mar 24 2011 - Clement Oudot <clem@ltb-project.org> - 2.4.24-1 / 1.1-5
450
- Upgrade to OpenLDAP 2.4.24
451
- Upgrade to init script 1.2
452
* Wed Jul 21 2010 - Clement Oudot <clem@ltb-project.org> - 2.4.23-1 / 1.1-4
453
- Upgrade to OpenLDAP 2.4.23
454
- Upgrade to init script 1.1
455
* Mon May 10 2010 - Clement Oudot <clem@ltb-project.org> - 2.4.22-1 / 1.1-3
456
- Upgrade to OpenLDAP 2.4.22
457
- Upgrade to init script 1.0
458
* Fri Feb 19 2010 - Clement Oudot <clem@ltb-project.org> - 2.4.21-1 / 1.1-2
459
- Upgrade to OpenLDAP 2.4.21
460
* Sat Oct 31 2009 - Clement Oudot <clem@ltb-project.org> - 2.4.19-1 / 1.1-1
461
- Upgrade to OpenLDAP 2.4.19 (#135)
462
- Upgrade to init script 0.9
463
- Upgrade to check_password 1.1
464
- Disable strip to provide debuginfo package (#117)
465
- Use %config(noreplace)
466
- Start slapd before upgrade, and start after upgrade
467
* Fri Jul 3 2009 - Clement Oudot <clem@ltb-project.org> - 2.4.16-2 / 1.0.3-4
468
- Upgrade to init script 0.8
469
* Tue Apr 29 2009 - Clement Oudot <clem@ltb-project.org> - 2.4.16-1 / 1.0.3-4
470
- Upgrade to OpenLDAP 2.4.16
471
* Mon Mar 2 2009 - Clement Oudot <clem@ltb-project.org> - 2.4.15-1 / 1.0.3-3
472
- This package is now maintened in LTB project
473
- Upgrade to OpenLDAP 2.4.15
474
- Upgrade to init script 0.7
475
* Fri Feb 6 2009 - Clement Oudot <clement.oudot@linagora.com> - 2.4.13-2
476
- Upgrade check_password to 1.0.3 (useCracklib parameter support)
477
* Fri Jan 15 2009 - Clement Oudot <clement.oudot@linagora.com> - 2.4.13-1
478
- remove checkLdapPwdExpiration script with cron configuration (provided by linagora-ldap-tools)
479
- add pwdModuleChecker check_password-1.0.2  from Calivia
480
- enable modules to support external password checking module
481
* Fri Oct 24 2008 - Clement Oudot <clement.oudot@linagora.com> - 2.4.12-1.2
482
- install in /opt
483
- remove slurpd references
484
- set OpenLDAP and BerkelyDB dirs in all scripts
485
* Mon Oct 20 2008 - Clement Oudot <clement.oudot@linagora.com> - 2.4.12-1.1
486
- new version 2.4.12
487
- use BerkeleyDB 4.6.21
488
- use SASL and all overlays
489
- use init script 0.6.5
490
- configure syslog and logrotate
491
- add checkLdapPwdExpiration script with cron configuration
492
* Fri Sep 29 2006 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.3.27-1.1
493
- Add Berkeley DB logs directory
494
* Fri Sep 29 2006 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.3.27-1.0
495
- New version
496
* Fri Nov 25 2005 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.3.12-1.0
497
- New version
498
* Mon Oct 6 2005 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.2.28-4.2
499
- Another fix for init level
500
* Mon Oct 6 2005 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.2.28-4
501
- Fix typo in CFLAGS
502
- Fix init level in init script (v0.4)
503
* Mon Oct 3 2005 - Clement Oudot <clement.oudot@linagora.com> - 2.2.28-3
504
- Update init script version from 0.2 to 0.3
505
* Fri Sep 30 2005 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.2.28-2
506
- add patch because getaddrinfo is thread-safe on Linux
507
* Thu Aug 30 2005 - Clement Oudot <clement.oudot@linagora.com> - 2.2.28-1
508
- package for RHEL3 ES UP5