Statistics
| Revision:

root / openldap-rpm / trunk / SPECS / openldap-ltb.spec

History | View | Annotate | Download (18 KB)

1
#=================================================
2
# Specification file for OpenLDAP
3
#
4
# Install OpenLDAP
5
# Install an init script in /etc/init.d
6
# Create user/group ldap
7
# Configure syslog and logrotate
8
# Install a pwdChecker module
9
#
10
# Copyright (C) 2008 Raphael OUAZANA
11
# Copyright (C) 2008 Clement OUDOT
12
# Copyright (C) 2008 LINAGORA
13
#
14
# Provided by LTB-project (http://www.ltb-project.org)
15
#=================================================
16
17
#=================================================
18
# Variables
19
#=================================================
20
%define real_name        openldap
21
%define real_version     2.4.39
22
%define release_version  1%{?dist}
23
24
%define bdbdir           /usr/local/berkeleydb
25
%define ldapdir          /usr/local/openldap
26
%define ldapserverdir    %{ldapdir}
27
%define ldapdatadir      %{ldapdir}/var/openldap-data
28
%define ldaplogsdir      %{bdbdir}/openldap-logs
29
%define ldapbackupdir    /var/backups/openldap
30
%define ldaplogfile      /var/log/openldap.log
31
32
%define ldapuser         ldap
33
%define ldapgroup        ldap
34
35
%define slapd_init_name             ltb-project-openldap-initscript
36
%define slapd_init_version          1.9
37
38
%define check_password_name         ltb-project-openldap-ppolicy-check-password
39
%define check_password_version      1.1
40
%define check_password_conf         %{ldapserverdir}/etc/openldap/check_password.conf
41
%define check_password_minPoints    3
42
%define check_password_useCracklib  0
43
%define check_password_minUpper     0
44
%define check_password_minLower     0
45
%define check_password_minDigit     0
46
%define check_password_minPunct     0
47
48
#=================================================
49
# Header
50
#=================================================
51
Summary: OpenLDAP server with addons from the LDAP Tool Box project
52
Name: %{real_name}-ltb
53
Version: %{real_version}
54
Release: %{release_version}
55
# http://www.openldap.org/software/release/license.html
56
License: OpenLDAP Public License
57
58
Group: Applications/System
59
URL: http://www.openldap.org/
60
61
# Source available on http://www.openldap.org
62
Source: %{real_name}-%{real_version}.tgz
63
# Sources available on http://www.ltb-project.org
64
Source1: %{slapd_init_name}-%{slapd_init_version}.tar.gz
65
# Sources available on http://www.ltb-project.org
66
Source2: %{check_password_name}-%{check_password_version}.tar.gz
67
Source3: openldap.sh
68
Source4: DB_CONFIG
69
Source5: openldap.logrotate
70
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
71
72
BuildRequires: gcc, make, groff
73
BuildRequires: openssl-devel, cyrus-sasl-devel, berkeleydb-ltb >= 4.6.21, libtool-ltdl-devel
74
BuildRequires: cracklib
75
Requires: gawk, libtool-ltdl, berkeleydb-ltb >= 4.6.21
76
77
Requires(pre): /sbin/ldconfig, coreutils
78
79
%description
80
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
81
Protocol) applications and development tools. LDAP is a set of
82
protocols for accessing directory services (usually phone book style
83
information, but other information is possible) over the Internet,
84
similar to the way DNS (Domain Name System) information is propagated
85
over the Internet. 
86
87
This package contains all: server, clients, librairies and docs. It
88
can be installed with openldap and openldap-devel. It provides tools
89
from the LDAP Tool Box project:
90
o Start/stop script
91
o Logrotate script
92
93
#=================================================
94
# Subpackage check-password
95
#=================================================
96
%package check-password
97
Summary:        check_password module for password policy
98
Version:        %{check_password_version}
99
Release:        8%{?dist}
100
Group:          Applications/System
101
URL:		http://www.ltb-project.org
102
103
%if "%{?dist}" == ".el6"
104
BuildRequires:	cracklib-devel
105
%endif
106
107
Requires:	cracklib, cracklib-dicts, %{real_name}-ltb >= %{real_version}
108
109
%description check-password
110
check_password.c is an OpenLDAP pwdPolicyChecker module used to check the strength 
111
and quality of user-provided passwords. This module is used as an extension of the 
112
OpenLDAP password policy controls, see slapo-ppolicy(5) section pwdCheckModule. 
113
check_password.c will run a number of checks on the passwords to ensure minimum 
114
strength and quality requirements are met. Passwords that do not meet these 
115
requirements are rejected.
116
117
This is provided by LDAP Tool Box project: http://www.ltb-project.org 
118
119
#=================================================
120
# Subpackage contrib-overlays
121
#=================================================
122
%package contrib-overlays
123
Summary:        Overlays contributed to OpenLDAP
124
Version:        %{real_version}
125
Release:        %{release_version}
126
Group:          Applications/System
127
URL:		http://www.ltb-project.org
128
129
Requires:	%{real_name}-ltb >= %{real_version}
130
131
%description contrib-overlays
132
Some overlays are not included in the OpenLDAP main package but provided
133
as contributions. This package provide some of them.
134
135
This is provided by LDAP Tool Box project: http://www.ltb-project.org 
136
137
#=================================================
138
# Subpackage mdb-utils
139
#=================================================
140
%package mdb-utils
141
Summary:        MDB utilities
142
Version:        %{real_version}
143
Release:        %{release_version}
144
Group:          Applications/System
145
URL:		http://www.ltb-project.org
146
147
Requires:	%{real_name}-ltb >= %{real_version}
148
149
%description mdb-utils
150
MDB utilities contain both mdb_stat and mdb_copy, and the associated 
151
documentation.
152
153
This is provided by LDAP Tool Box project: http://www.ltb-project.org 
154
155
#=================================================
156
# Source preparation
157
#=================================================
158
%prep
159
%setup -n %{real_name}-%{real_version}
160
%setup -n %{real_name}-%{real_version} -T -D -a 1
161
%setup -n %{real_name}-%{real_version} -T -D -a 2
162
163
#=================================================
164
# Building
165
#=================================================
166
%build
167
# OpenLDAP
168
export CC="gcc"
169
export CFLAGS="-DOPENLDAP_FD_SETSIZE=4096 -O2 -g"
170
# Uncomment to enable config delete option
171
#export CFLAGS="-DOPENLDAP_FD_SETSIZE=4096 -O2 -g -DSLAP_CONFIG_DELETE"
172
export CPPFLAGS="-I%{bdbdir}/include -I/usr/kerberos/include"
173
export LDFLAGS="-L%{bdbdir}/%{_lib}"
174
./configure --disable-dependency-tracking --enable-ldap --enable-debug --prefix=%{ldapserverdir} --libdir=%{ldapserverdir}/%{_lib} --with-tls --with-cyrus-sasl --enable-spasswd --enable-overlays --enable-modules --enable-dynamic=no --enable-slapi --enable-meta --enable-crypt
175
make depend
176
make %{?_smp_mflags}
177
# check_password
178
cd %{check_password_name}-%{check_password_version} 
179
make %{?_smp_mflags} "CONFIG=%{check_password_conf}" "LDAP_INC=-I../include -I../servers/slapd"
180
cd ..
181
# contrib-overlays
182
cd contrib/slapd-modules
183
## lastbind
184
cd lastbind
185
make clean
186
make %{?_smp_mflags} "prefix=%{ldapserverdir}" "LDAP_LIB="
187
cd ..
188
## smbk5pwd
189
cd smbk5pwd
190
make clean
191
make %{?_smp_mflags} "DEFS=-DDO_SAMBA -DDO_SHADOW" "LDAP_LIB=" "prefix=%{ldapserverdir}"
192
cd ..
193
cd ../..
194
# MDB utils
195
cd libraries/liblmdb
196
make %{?_smp_mflags}
197
cd ../..
198
199
#=================================================
200
# Installation
201
#=================================================
202
%install
203
rm -rf %{buildroot}
204
make install DESTDIR=%{buildroot} STRIP=""
205
206
# Directories
207
mkdir -p %{buildroot}%{ldapdatadir}
208
mkdir -p %{buildroot}%{ldaplogsdir}
209
mkdir -p %{buildroot}%{ldapbackupdir}
210
211
# Init script
212
mkdir -p %{buildroot}/etc/init.d
213
mkdir -p %{buildroot}/etc/default
214
install -m 755 %{slapd_init_name}-%{slapd_init_version}/slapd %{buildroot}/etc/init.d/slapd
215
install -m 644 %{slapd_init_name}-%{slapd_init_version}/slapd.default %{buildroot}/etc/default/slapd
216
sed -i 's:^SLAPD_PATH.*:SLAPD_PATH="'%{ldapdir}'":' %{buildroot}/etc/default/slapd
217
sed -i 's:^SLAPD_USER.*:SLAPD_USER="'%{ldapuser}'":' %{buildroot}/etc/default/slapd
218
sed -i 's:^SLAPD_GROUP.*:SLAPD_GROUP="'%{ldapgroup}'":' %{buildroot}/etc/default/slapd
219
sed -i 's:^BDB_PATH.*:BDB_PATH="'%{bdbdir}'":' %{buildroot}/etc/default/slapd
220
sed -i 's:^BACKUP_PATH.*:BACKUP_PATH="'%{ldapbackupdir}'":' %{buildroot}/etc/default/slapd
221
222
# PATH modification
223
mkdir -p %{buildroot}/etc/profile.d
224
install -m 755 %{SOURCE3} %{buildroot}/etc/profile.d/openldap.sh
225
sed -i 's:^OL_BIN.*:OL_BIN='%{ldapdir}/bin':' %{buildroot}/etc/profile.d/openldap.sh
226
sed -i 's:^OL_SBIN.*:OL_SBIN='%{ldapdir}/sbin':' %{buildroot}/etc/profile.d/openldap.sh
227
sed -i 's:^OL_MAN.*:OL_MAN='%{ldapdir}/share/man':' %{buildroot}/etc/profile.d/openldap.sh
228
229
# BDB configuration
230
install -m 644 %{SOURCE4} %{buildroot}%{ldapdatadir}
231
sed -i 's:^set_lg_dir.*:set_lg_dir\t'%{ldaplogsdir}':' %{buildroot}%{ldapdatadir}/DB_CONFIG
232
233
# Logrotate
234
mkdir -p %{buildroot}/etc/logrotate.d
235
install -m 644 %{SOURCE5} %{buildroot}/etc/logrotate.d/openldap
236
237
# Modify data directory in slapd.conf
238
sed -i 's:^directory.*:directory\t'%{ldapdatadir}':' %{buildroot}%{ldapserverdir}/etc/openldap/slapd.conf
239
240
# check_password
241
install -m 644 %{check_password_name}-%{check_password_version}/check_password.so %{buildroot}%{ldapserverdir}/%{_lib}
242
echo "minPoints %{check_password_minPoints}" > %{buildroot}%{check_password_conf}
243
echo "useCracklib %{check_password_useCracklib}" >> %{buildroot}%{check_password_conf}
244
echo "minUpper %{check_password_minUpper}" >> %{buildroot}%{check_password_conf}
245
echo "minLower %{check_password_minLower}" >> %{buildroot}%{check_password_conf}
246
echo "minDigit %{check_password_minDigit}" >> %{buildroot}%{check_password_conf}
247
echo "minPunct %{check_password_minPunct}" >> %{buildroot}%{check_password_conf}
248
249
# contrib-overlays
250
cd contrib/slapd-modules
251
cd lastbind
252
make install "prefix=%{buildroot}%{ldapserverdir}"
253
cd ..
254
cd smbk5pwd
255
make install "prefix=%{buildroot}%{ldapserverdir}"
256
cd ..
257
cd ../..
258
259
# MDB utils
260
cd libraries/liblmdb
261
install -m 755 "mdb_copy"  %{buildroot}%{ldapserverdir}/sbin
262
install -m 755 "mdb_stat"  %{buildroot}%{ldapserverdir}/sbin
263
install -m 644 "mdb_copy.1"  %{buildroot}%{ldapserverdir}/share/man/man1
264
install -m 644 "mdb_stat.1"  %{buildroot}%{ldapserverdir}/share/man/man1
265
cd ../..
266
267
%pre -n openldap-ltb
268
#=================================================
269
# Pre Installation
270
#=================================================
271
272
# If upgrade stop slapd
273
if [ $1 -eq 2 ]
274
then
275
	/sbin/service slapd stop > /dev/null 2>&1
276
fi
277
278
%post -n openldap-ltb
279
#=================================================
280
# Post Installation
281
#=================================================
282
283
# Do this at first install
284
if [ $1 -eq 1 ]
285
then
286
	# Set slapd as service
287
	/sbin/chkconfig --add slapd
288
289
	# Create user and group
290
	/usr/sbin/groupadd %{ldapgroup}
291
	/usr/sbin/useradd %{ldapuser} -g %{ldapgroup}
292
293
	# Add syslog facility
294
%if "%{?dist}" == ".el6"
295
	echo "local4.*	-%{ldaplogfile}" >> /etc/rsyslog.conf
296
	/sbin/service rsyslog restart > /dev/null 2>&1
297
%else
298
	echo "local4.*	-%{ldaplogfile}" >> /etc/syslog.conf
299
	/sbin/service syslog restart > /dev/null 2>&1
300
%endif
301
302
fi
303
304
# Always do this
305
# Change owner
306
/bin/chown -R %{ldapuser}:%{ldapgroup} %{ldapserverdir}
307
/bin/chown -R %{ldapuser}:%{ldapgroup} %{ldapdatadir}
308
/bin/chown -R %{ldapuser}:%{ldapgroup} %{ldaplogsdir}
309
/bin/chown -R %{ldapuser}:%{ldapgroup} %{ldapbackupdir}
310
311
%post check-password
312
#=================================================
313
# Post Installation
314
#=================================================
315
316
# Change owner
317
/bin/chown -R %{ldapuser}:%{ldapgroup} %{ldapserverdir}/%{_lib}
318
319
%preun -n openldap-ltb
320
#=================================================
321
# Pre uninstallation
322
#=================================================
323
324
# Don't do this if newer version is installed
325
if [ $1 -eq 0 ]
326
then
327
	# Stop slapd
328
	/sbin/service slapd stop > /dev/null 2>&1
329
330
	# Delete service
331
	/sbin/chkconfig --del slapd
332
333
        # Remove syslog facility
334
%if "%{?dist}" == ".el6"
335
	sed -i '/local4\..*/d' /etc/rsyslog.conf
336
	/sbin/service rsyslog restart
337
%else
338
	sed -i '/local4\..*/d' /etc/syslog.conf
339
	/sbin/service syslog restart
340
%endif
341
342
fi
343
344
# Always do this
345
# Remove OpenLDAP libraries from the system
346
sed -i '\:'%{ldapserverdir}/%{_lib}':d' /etc/ld.so.conf
347
/sbin/ldconfig
348
349
#=================================================
350
# Cleaning
351
#=================================================
352
%clean
353
rm -rf %{buildroot}
354
355
#=================================================
356
# Files
357
#=================================================
358
%files -n openldap-ltb
359
%defattr(-, root, root, 0755)
360
%{ldapdir}
361
%docdir %{ldapserverdir}/share/man
362
%config(noreplace) %{ldapserverdir}/etc/openldap/slapd.conf
363
%config(noreplace) %{ldapserverdir}/etc/openldap/ldap.conf
364
/etc/init.d/slapd
365
%config(noreplace) /etc/default/slapd
366
/etc/profile.d/openldap.sh
367
%{ldaplogsdir}
368
%config(noreplace) /etc/logrotate.d/openldap
369
%{ldapbackupdir}
370
%exclude %{check_password_conf}
371
%exclude %{ldapserverdir}/%{_lib}/check_password.so
372
%exclude %{ldapserverdir}/libexec/openldap
373
%config(noreplace) %{ldapdatadir}/DB_CONFIG
374
375
%files check-password
376
%config(noreplace) %{check_password_conf}
377
%{ldapserverdir}/%{_lib}/check_password.so
378
379
%files contrib-overlays
380
%{ldapserverdir}/libexec/openldap
381
382
%files mdb-utils
383
%{ldapserverdir}/sbin/mdb_copy
384
%{ldapserverdir}/sbin/mdb_stat
385
%doc %{ldapserverdir}/share/man/man1/mdb_copy.1
386
%doc %{ldapserverdir}/share/man/man1/mdb_stat.1
387
388
#=================================================
389
# Changelog
390
#=================================================
391
%changelog
392
* Mon Feb 03 2014 - Clement Oudot <clem@ltb-project.org> - 2.4.39-1 / 1.1-8
393
- Upgrade to OpenLDAP 2.4.39
394
- Mark documentation as such in the RPM spec file (#636)
395
- Include MDB utilities in RPM (#638)
396
- Add man directory to $MANPATH (#644)
397
* Wed Nov 27 2013 - Clement Oudot <clem@ltb-project.org> - 2.4.38-1 / 1.1-8
398
- Upgrade to OpenLDAP 2.4.38
399
* Thu Oct 31 2013 - Clement Oudot <clem@ltb-project.org> - 2.4.37-1 / 1.1-8
400
- Upgrade to OpenLDAP 2.4.37
401
- Disable dynamic library linking (#629)
402
* Tue Aug 20 2013 - Clement Oudot <clem@ltb-project.org> - 2.4.36-1 / 1.1-8
403
- Upgrade to OpenLDAP 2.4.36
404
- Add dependency to BerkeleyDB (#610)
405
* Wed Apr 02 2013 - Clement Oudot <clem@ltb-project.org> - 2.4.35-1 / 1.1-8
406
- Upgrade to OpenLDAP 2.4.35
407
- Remove dependency to Berkeley DB (#585)
408
- Make DB_CONFIG a config file (#588)
409
* Thu Mar 12 2013 - Clement Oudot <clem@ltb-project.org> - 2.4.34-1 / 1.1-8
410
- Upgrade to OpenLDAP 2.4.34
411
- Upgrade to init script 1.9
412
* Thu Oct 11 2012 - Clement Oudot <clem@ltb-project.org> - 2.4.33-1 / 1.1-8
413
- Upgrade to OpenLDAP 2.4.33
414
- Upgrade to init script 1.8
415
* Thu Aug 23 2012 - Clement Oudot <clem@ltb-project.org> - 2.4.32-1 / 1.1-8
416
- Upgrade to OpenLDAP 2.4.32
417
- Upgrade to init script 1.7
418
- Comment to enable config delete option (#476)
419
- Use rsyslog on EL6 (#480)
420
* Thu Apr 24 2012 - Clement Oudot <clem@ltb-project.org> - 2.4.31-1 / 1.1-8
421
- Upgrade to OpenLDAP 2.4.31
422
- Upgrade to init script 1.6
423
- Add OpenLDAP libraries to the system (#411)
424
* Fri Mar 09 2012 - Clement Oudot <clem@ltb-project.org> - 2.4.30-1 / 1.1-8
425
- Upgrade to OpenLDAP 2.4.30
426
- Upgrade to init script 1.5
427
* Thu Jan 05 2012 - Clement Oudot <clem@ltb-project.org> - 2.4.28-2 / 1.1-8
428
- Upgrade to init script 1.4
429
- Remove circular build dependency
430
* Wed Nov 30 2011 - Clement Oudot <clem@ltb-project.org> - 2.4.28-1 / 1.1-8
431
- Upgrade to OpenLDAP 2.4.28
432
- Create package contrib-overlays
433
* Fri Nov 25 2011 - Clement Oudot <clem@ltb-project.org> - 2.4.27-1 / 1.1-8
434
- Upgrade to OpenLDAP 2.4.27
435
- Upgrade to init script 1.3
436
- Remove OpenLDAP restart on log rotation
437
* Fri Jul 08 2011 - Clement Oudot <clem@ltb-project.org> - 2.4.26-1 / 1.1-7
438
- Upgrade to OpenLDAP 2.4.26
439
* Tue May 03 2011 - Clement Oudot <clem@ltb-project.org> - 2.4.25-1 / 1.1-6
440
- Upgrade to OpenLDAP 2.4.25
441
- Enable SLAPI
442
* Thu Mar 24 2011 - Clement Oudot <clem@ltb-project.org> - 2.4.24-1 / 1.1-5
443
- Upgrade to OpenLDAP 2.4.24
444
- Upgrade to init script 1.2
445
* Wed Jul 21 2010 - Clement Oudot <clem@ltb-project.org> - 2.4.23-1 / 1.1-4
446
- Upgrade to OpenLDAP 2.4.23
447
- Upgrade to init script 1.1
448
* Mon May 10 2010 - Clement Oudot <clem@ltb-project.org> - 2.4.22-1 / 1.1-3
449
- Upgrade to OpenLDAP 2.4.22
450
- Upgrade to init script 1.0
451
* Fri Feb 19 2010 - Clement Oudot <clem@ltb-project.org> - 2.4.21-1 / 1.1-2
452
- Upgrade to OpenLDAP 2.4.21
453
* Sat Oct 31 2009 - Clement Oudot <clem@ltb-project.org> - 2.4.19-1 / 1.1-1
454
- Upgrade to OpenLDAP 2.4.19 (#135)
455
- Upgrade to init script 0.9
456
- Upgrade to check_password 1.1
457
- Disable strip to provide debuginfo package (#117)
458
- Use %config(noreplace)
459
- Start slapd before upgrade, and start after upgrade
460
* Fri Jul 3 2009 - Clement Oudot <clem@ltb-project.org> - 2.4.16-2 / 1.0.3-4
461
- Upgrade to init script 0.8
462
* Tue Apr 29 2009 - Clement Oudot <clem@ltb-project.org> - 2.4.16-1 / 1.0.3-4
463
- Upgrade to OpenLDAP 2.4.16
464
* Mon Mar 2 2009 - Clement Oudot <clem@ltb-project.org> - 2.4.15-1 / 1.0.3-3
465
- This package is now maintened in LTB project
466
- Upgrade to OpenLDAP 2.4.15
467
- Upgrade to init script 0.7
468
* Fri Feb 6 2009 - Clement Oudot <clement.oudot@linagora.com> - 2.4.13-2
469
- Upgrade check_password to 1.0.3 (useCracklib parameter support)
470
* Fri Jan 15 2009 - Clement Oudot <clement.oudot@linagora.com> - 2.4.13-1
471
- remove checkLdapPwdExpiration script with cron configuration (provided by linagora-ldap-tools)
472
- add pwdModuleChecker check_password-1.0.2  from Calivia
473
- enable modules to support external password checking module
474
* Fri Oct 24 2008 - Clement Oudot <clement.oudot@linagora.com> - 2.4.12-1.2
475
- install in /opt
476
- remove slurpd references
477
- set OpenLDAP and BerkelyDB dirs in all scripts
478
* Mon Oct 20 2008 - Clement Oudot <clement.oudot@linagora.com> - 2.4.12-1.1
479
- new version 2.4.12
480
- use BerkeleyDB 4.6.21
481
- use SASL and all overlays
482
- use init script 0.6.5
483
- configure syslog and logrotate
484
- add checkLdapPwdExpiration script with cron configuration
485
* Fri Sep 29 2006 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.3.27-1.1
486
- Add Berkeley DB logs directory
487
* Fri Sep 29 2006 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.3.27-1.0
488
- New version
489
* Fri Nov 25 2005 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.3.12-1.0
490
- New version
491
* Mon Oct 6 2005 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.2.28-4.2
492
- Another fix for init level
493
* Mon Oct 6 2005 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.2.28-4
494
- Fix typo in CFLAGS
495
- Fix init level in init script (v0.4)
496
* Mon Oct 3 2005 - Clement Oudot <clement.oudot@linagora.com> - 2.2.28-3
497
- Update init script version from 0.2 to 0.3
498
* Fri Sep 30 2005 - Raphael Ouazana <raphael.ouazana@linagora.com> - 2.2.28-2
499
- add patch because getaddrinfo is thread-safe on Linux
500
* Thu Aug 30 2005 - Clement Oudot <clement.oudot@linagora.com> - 2.2.28-1
501
- package for RHEL3 ES UP5