diff options
author | Edwin Groothuis <edwin@FreeBSD.org> | 2003-08-28 12:51:08 +0000 |
---|---|---|
committer | Edwin Groothuis <edwin@FreeBSD.org> | 2003-08-28 12:51:08 +0000 |
commit | d90d7b94c09bda503e13bca12bb41b8de10580bc (patch) | |
tree | e9778dfd76653c2bf7218cb642a93c523eea21d6 /net/openldap24-server | |
parent | [orphaned port] mail/teapop: use USE_OPENLDAP and USE_MYSQL (diff) |
[MAINTAINER] ports net/openldap2[012]-server: use RC_SUBR, miscellaneous improvements
- use RC_SUBR (PR 54352, submitted by Scot W. Hetzel <hetzels@westbend.net>)
- run slapd under a non-privileged account by default (PR 56075)
- remove ${PORTSDIR}/net/openldap20-server/bsd.openldap.mk (PR 55680)
- use USE_OPENLDAP
- improve conflict checking (PR 54845, submitted by Jens Rehsack <rehsack@liwing.de>)
- make ODBC library selectable (PR 46288, submitted by Emile Heitor <eheitor@fr.cw.net>)
- don't use USE_OPENSSL to avoid gazillions of -rpath warnings
PR: ports/56077
Submitted by: Oliver Eikemeier <eikemeier@fillmore-labs.com>
Diffstat (limited to 'net/openldap24-server')
-rw-r--r-- | net/openldap24-server/Makefile | 56 | ||||
-rw-r--r-- | net/openldap24-server/files/patch-servers::slapd::daemon.c | 11 | ||||
-rw-r--r-- | net/openldap24-server/files/slapd.sh | 124 | ||||
-rw-r--r-- | net/openldap24-server/files/slurpd.sh | 59 | ||||
-rw-r--r-- | net/openldap24-server/pkg-install | 44 | ||||
-rw-r--r-- | net/openldap24-server/pkg-message | 28 | ||||
-rw-r--r-- | net/openldap24-server/pkg-plist | 12 |
7 files changed, 201 insertions, 133 deletions
diff --git a/net/openldap24-server/Makefile b/net/openldap24-server/Makefile index c92f580906a6..3b7d758fa2e0 100644 --- a/net/openldap24-server/Makefile +++ b/net/openldap24-server/Makefile @@ -35,7 +35,8 @@ COMMENT?= Open source LDAP server implementation OPENLDAP_VERSION= 2.2.0 LATEST_LINK= ${PKGNAMEPREFIX}openldap22${PKGNAMESUFFIX} -CONFLICTS= ${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX}-* +CONFLICTS= openldap12-* \ + ${PKGNAMEPREFIX}${PORTNAME}-client-2.[013-9].* WANT_OPENLDAP_VER?= 22 .if ${WANT_OPENLDAP_VER} != 22 @@ -46,15 +47,20 @@ BROKEN= "incompatible OpenLDAP version: ${WANT_OPENLDAP_VER}" OPENLDAP_PORTVERSION= 0 OPENLDAP_PKGNAMESUFFIX?=-client OPENLDAP_PKGFILESUFX?= .client + +.if defined(USE_OPENLDAP) +.error You have `USE_OPENLDAP' defined either in your environment or in make(1) arguments. +.endif .else -OPENLDAP_PORTVERSION= 0 +OPENLDAP_PORTVERSION= 1 OPENLDAP_PKGNAMESUFFIX?=-server OPENLDAP_PKGFILESUFX?= -LIB_DEPENDS+= ldap.2:${PORTSDIR}/net/openldap22-client +USE_OPENLDAP= yes +CONFLICTS+= ${PKGNAMEPREFIX}${PORTNAME}-server-2.[013-9].* .endif -USE_OPENSSL= yes +#USE_OPENSSL= yes USE_REINPLACE= yes USE_LIBTOOL_VER= 14 @@ -89,7 +95,7 @@ CONFIGURE_ARGS+= --without-cyrus-sasl CONFIGURE_ARGS+= --disable-slapd -INSTALLS_SHLIB= yes +INSTALLS_SHLIB= yes .else # server specific configuration @@ -137,14 +143,25 @@ CONFIGURE_ARGS+= --enable-spasswd .endif .if defined(WITH_ODBC) +WITH_ODBC_TYPE?= iODBC +.endif +.if defined(WITH_ODBC_TYPE) +.if ${WITH_ODBC_TYPE:L} == iodbc LIB_DEPENDS+= iodbc.3:${PORTSDIR}/databases/libiodbc CONFIGURE_ARGS+= --enable-sql +.elif ${WITH_ODBC_TYPE:L} == unixodbc +LIB_DEPENDS+= odbc.1:${PORTSDIR}/databases/unixODBC +CONFIGURE_ARGS+= --enable-sql +.else +.error WITH_ODBC_TYPE must be iODBC or unixODBC +.endif .endif .if defined(WITH_SLAPI) LIB_DEPENDS+= ltdl.4:${PORTSDIR}/devel/libltdl CONFIGURE_ARGS+= --enable-slapi PLIST_SUB+= SLAPI="" +INSTALLS_SHLIB= yes .else PLIST_SUB+= SLAPI="@comment " .endif @@ -171,6 +188,22 @@ CONFIGURE_ENV= CPPFLAGS="${CPPFLAGS}" \ .if defined(CLIENT_ONLY) .include "${FILESDIR}/manpages" +.else +.if ${OSVERSION} >= 500038 +RC_SUBR?= ${DESTDIR}/etc/rc.subr +RC_DIR= ${DESTDIR}/etc/rc.d +RC_SUFX= +.else +USE_RC_SUBR= yes +RC_DIR= ${PREFIX}/etc/rc.d +RC_SUFX= .sh +.endif + +SED_SCRIPT+= -e 's,%%RC_SUBR%%,${RC_SUBR},g' \ + -e 's,%%RC_DIR%%,${RC_DIR},g' \ + -e 's,%%RC_SUFX%%,${RC_SUFX},g' +PLIST_SUB+= RC_DIR=${RC_DIR} \ + RC_SUFX=${RC_SUFX} .endif pre-everything:: @@ -186,6 +219,7 @@ pre-everything:: @${ECHO} "WITH_PERL with Perl backend" @${ECHO} "WITH_SHELL with Shell backend" @${ECHO} "WITH_ODBC with SQL backend" + @${ECHO} "WITH_ODBC_TYPE select ODBC interface (iODBC or unixODBC)" @${ECHO} "WITH_SLAPI with Netscape SLAPI plugin API @${ECHO} "WITHOUT_TCP_WRAPPERS without tcp wrapper support" .endif @@ -202,8 +236,8 @@ pre-configure: ${WRKSRC}/configure post-build: -.for script in slapd.sh slurpd.sh - @${SED} ${SED_SCRIPT} ${FILESDIR}/${script} >${WRKDIR}/${script} +.for script in slapd slurpd + @${SED} ${SED_SCRIPT} ${FILESDIR}/${script}.sh >${WRKDIR}/${script}.sh .endfor .for text in pkg-install pkg-message @if [ -f ${MASTERDIR}/${text}${OPENLDAP_PKGFILESUFX} ]; then \ @@ -231,6 +265,9 @@ pre-install: @${ECHO_CMD} "@dirrm %%DOCSDIR%%" >>${PLIST} .endif .endif + @if [ -f ${PKGINSTALL} ]; then \ + ${SETENV} "PKG_PREFIX=${PREFIX}" ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL; \ + fi post-install: .if defined(CLIENT_ONLY) @@ -243,12 +280,11 @@ post-install: done .endif .else -.for script in slapd.sh slurpd.sh - @${INSTALL_SCRIPT} ${WRKDIR}/${script} ${PREFIX}/etc/rc.d/${script} +.for script in slapd slurpd + @${INSTALL_SCRIPT} ${WRKDIR}/${script}.sh ${RC_DIR}/${script}${RC_SUFX} .endfor @${MKDIR} ${LDAP_RUN_DIR} .endif @${CAT} ${PKGMESSAGE} -.include "${.CURDIR}/../openldap20-server/bsd.openldap.mk" .include <bsd.port.post.mk> diff --git a/net/openldap24-server/files/patch-servers::slapd::daemon.c b/net/openldap24-server/files/patch-servers::slapd::daemon.c deleted file mode 100644 index 96afa46ebd8a..000000000000 --- a/net/openldap24-server/files/patch-servers::slapd::daemon.c +++ /dev/null @@ -1,11 +0,0 @@ ---- servers/slapd/daemon.c.orig Sat May 24 21:12:20 2003 -+++ servers/slapd/daemon.c Sun Jun 22 19:26:22 2003 -@@ -858,7 +858,7 @@ - #ifdef LDAP_PF_LOCAL - case AF_LOCAL: { - char *addr = ((struct sockaddr_un *)*sal)->sun_path; --#if 0 /* don't muck with socket perms */ -+#if 1 - if ( chmod( addr, l.sl_perms ) < 0 && crit ) { - int err = sock_errno(); - #ifdef NEW_LOGGING diff --git a/net/openldap24-server/files/slapd.sh b/net/openldap24-server/files/slapd.sh index 21bdf775a0b1..8e25fb7d667f 100644 --- a/net/openldap24-server/files/slapd.sh +++ b/net/openldap24-server/files/slapd.sh @@ -1,59 +1,83 @@ #!/bin/sh # # $FreeBSD$ +# + +# PROVIDE: slapd +# REQUIRE: NETWORKING SERVERS +# BEFORE: DAEMON +# KEYWORD: FreeBSD shutdown + +# +# Add the following lines to /etc/rc.conf to enable slapd: +# +#slapd_enable="YES" +#slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"' +#slapd_sockets="/var/run/openldap/ldapi" +# +# See slapd(8) for more flags +# +# The `-u' and `-g' flags are automatically extracted from slapd_owner, +# by default slapd runs under the non-privileged user id `ldap'. If you +# want to run slapd as root, override this in /etc/rc.conf with +# +#slapd_owner= +# + +. %%RC_SUBR%% + +name=slapd +rcvar=`set_rcvar` + +command=%%PREFIX%%/libexec/slapd +pidfile=%%LDAP_RUN_DIR%%/slapd.pid +required_dirs=%%LDAP_RUN_DIR%% +required_files=%%PREFIX%%/etc/openldap/slapd.conf + +start_precmd=start_precmd +start_postcmd=start_postcmd -slapd_program=%%PREFIX%%/libexec/slapd +start_precmd() +{ + if [ x"$slapd_owner" != x ]; then + chown "${slapd_owner}" "%%LDAP_RUN_DIR%%" + chown -RL "${slapd_owner}" "%%LOCALSTATEDIR%%/openldap-ldbm" + chown "${slapd_owner}" "%%PREFIX%%/etc/openldap/slapd.conf" -slapd_pidfile=%%LDAP_RUN_DIR%%/slapd.pid + slapd_ownername=`expr //"$slapd_owner" : //'\([^:]*\)'` + slapd_groupname=`expr //"$slapd_owner" : //'.*:\([^:]*\)'` + + if [ x"$slapd_ownername" != x ]; then + rc_flags="$rc_flags -u $slapd_ownername" + fi + if [ x"$slapd_groupname" != x ]; then + rc_flags="$rc_flags -g $slapd_groupname" + fi + fi +} + +start_postcmd() +{ + for socket in ${slapd_sockets}; do + for seconds in 1 2 3 4 5; do + test -e ${socket} && break + sleep 1 + done + if [ -S ${socket} ]; then + if [ x"$slapd_owner" != x ]; then + chown "${slapd_owner}" ${socket} + fi + chmod "${slapd_sockets_mode}" ${socket} + fi + done +} slapd_enable="NO" +slapd_flags= -slapd_args= +slapd_owner=ldap:ldap +slapd_sockets= +slapd_sockets_mode=666 -# Add the following lines to /etc/rc.conf to enable slapd: -# -#slapd_enable="YES" -#slapd_args='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/????x-mod=0777 ldap://0.0.0.0/"' -# -# See sldap(8) for details -# -# Create a user 'ldap' and add '-u ldap -g ldap' to slapd_args -# if you want to run slapd as a non-privileged user (recommended) -# - -# Suck in the configuration variables. -if [ -r /etc/defaults/rc.conf ]; then - . /etc/defaults/rc.conf - source_rc_confs -elif [ -r /etc/rc.conf ]; then - . /etc/rc.conf -fi - -case "$slapd_enable" in -[Yy][Ee][Ss]) - case "$1" in - start) - if [ -x ${slapd_program} ]; then - echo -n ' slapd' - eval ${slapd_program} ${slapd_args} - fi - ;; - stop) - if [ -f $slapd_pidfile ]; then - kill `cat $slapd_pidfile` - echo -n ' slapd' - else - echo ' slapd: not running' - fi - ;; - *) - echo "Usage: `basename $0` {start|stop}" >&2 - exit 64 - ;; - esac - ;; -*) - ;; -esac - -exit 0 +load_rc_config $name +run_rc_command "$1" diff --git a/net/openldap24-server/files/slurpd.sh b/net/openldap24-server/files/slurpd.sh index fc9f88f21cd6..ba2f2944c6e2 100644 --- a/net/openldap24-server/files/slurpd.sh +++ b/net/openldap24-server/files/slurpd.sh @@ -1,50 +1,31 @@ #!/bin/sh # # $FreeBSD$ +# -slurpd_program=%%PREFIX%%/libexec/slurpd - -slurpd_enable="NO" - -slurpd_args= +# PROVIDE: slurpd +# REQUIRE: slapd +# BEFORE: +# KEYWORD: FreeBSD shutdown # Add the following line to /etc/rc.conf to enable slurpd: # #slurpd_enable="YES" # -# See slurpd(8) for details +# See slurpd(8) for more flags # -# Suck in the configuration variables. -if [ -r /etc/defaults/rc.conf ]; then - . /etc/defaults/rc.conf - source_rc_confs -elif [ -r /etc/rc.conf ]; then - . /etc/rc.conf -fi - -case "$slurpd_enable" in -[Yy][Ee][Ss]) - case "$1" in - start) - if [ -x ${slurpd_program} ]; then - echo -n ' slurpd' - ${slurpd_program} ${slurpd_args} - fi - ;; - stop) - if ! killall `basename ${slurpd_program}`; then - echo ' slurpd: not running' - fi - ;; - *) - echo "Usage: `basename $0` {start|stop}" >&2 - exit 64 - ;; - esac - ;; -*) - ;; -esac - -exit 0 +. %%RC_SUBR%% + +name=slurpd +rcvar=`set_rcvar` + +command=%%PREFIX%%/libexec/slurpd +required_files=%%PREFIX%%/etc/openldap/slapd.conf + + +slurpd_enable="NO" +slurpd_args= + +load_rc_config $name +run_rc_command "$1" diff --git a/net/openldap24-server/pkg-install b/net/openldap24-server/pkg-install index 6f6b98653853..47b2ea825164 100644 --- a/net/openldap24-server/pkg-install +++ b/net/openldap24-server/pkg-install @@ -2,10 +2,42 @@ # # $FreeBSD$ # -if [ X"$2" != X"POST-INSTALL" ]; then - exit 0; -fi -mkdir -p "%%LDAP_RUN_DIR%%" -mkdir -p -m 700 "%%LOCALSTATEDIR%%/openldap-data" -mkdir -p -m 700 "%%LOCALSTATEDIR%%/openldap-slurp" +CHOWN=/usr/sbin/chown +ECHO_CMD=echo +GREP=/usr/bin/grep +PW=/usr/sbin/pw + +FTPUSERS=/etc/ftpusers + +case $2 in +PRE-INSTALL) + if ! ${PW} usershow -n ldap >/dev/null 2>&1; then + if ! ${PW} groupshow -n ldap >/dev/null 2>&1; then + if ! ${PW} groupadd -n ldap -g 389; then + ${ECHO_CMD} + ${ECHO_CMD} "*** Failed to add a group ldap with id 389." + ${ECHO_CMD} + ${ECHO_CMD} "Please add the ldap user manually with" + ${ECHO_CMD} " ${PW} useradd -n ldap -g ldap -c 'OpenLDAP server' \\" + ${ECHO_CMD} " -d /nonexistent -s /sbin/nologin -h -" + ${ECHO_CMD} "and retry installing this package." + exit 1 + fi + fi + if ${PW} useradd -n ldap -u 389 -g ldap -c 'OpenLDAP Server' \ + -d /nonexistent -s /sbin/nologin -h -; then + ${GREP} -qs '^ldap$' ${FTPUSERS} || ${ECHO_CMD} ldap >> ${FTPUSERS} + else + ${ECHO_CMD} + ${ECHO_CMD} "*** Failed to add an user ldap with id 389." + ${ECHO_CMD} + ${ECHO_CMD} "Please add the ldap user manually with" + ${ECHO_CMD} " ${PW} useradd -n ldap -g ldap -c 'OpenLDAP server' \\" + ${ECHO_CMD} " -d /nonexistent -s /sbin/nologin -h -" + ${ECHO_CMD} "and retry installing this package." + exit 1 + fi + fi + ;; +esac diff --git a/net/openldap24-server/pkg-message b/net/openldap24-server/pkg-message index 07ec67b4cc5b..737d02348bdb 100644 --- a/net/openldap24-server/pkg-message +++ b/net/openldap24-server/pkg-message @@ -4,23 +4,25 @@ The OpenLDAP server package has been successfully installed. In order to run the LDAP server, you need to edit %%PREFIX%%/etc/openldap/slapd.conf -to suit your needs and add the next lines to /etc/rc.conf: +to suit your needs and add the following lines to /etc/rc.conf: slapd_enable="YES" - slapd_args='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/????x-mod=0777 ldap://0.0.0.0/"' + slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"' + slapd_sockets="/var/run/openldap/ldapi" Then start the server with - %%PREFIX%%/etc/rc.d/slapd.sh start + %%RC_DIR%%/slapd%%RC_SUFX%% start or reboot. -NOTE: There is no real reason to run slapd as root. Add - '-u ldap -g ldap' -to slapd_args, create a user "ldap" with - pw add group ldap -g 389 - pw add user ldap -u 389 -g 389 -d /nonexistent \ - -c "OpenLDAP Server" -s /sbin/nologin -p "*" -and do - chown -R ldap:ldap %%LDAP_RUN_DIR%% \ - %%LOCALSTATEDIR%%/openldap-data %%PREFIX%%/etc/openldap/slapd.conf -and your server runs with a non-privileged user id. +Try `man slapd' and the online manual at + http://www.OpenLDAP.org/doc/admin20/ +for more information. + +NOTE: Some variable names have been changed to conform with rc.subr(8) + +If you are upgrading, you may want to check your configuration with + grep ^slapd_ /etc/rc.conf + +slapd runs under a non-privileged user id (by default `ldap'), +see %%RC_DIR%%/slapd%%RC_SUFX%% for more information. ************************************************************ diff --git a/net/openldap24-server/pkg-plist b/net/openldap24-server/pkg-plist index 1665eb495c1b..d283b88ee117 100644 --- a/net/openldap24-server/pkg-plist +++ b/net/openldap24-server/pkg-plist @@ -1,6 +1,6 @@ @comment $FreeBSD$ -@unexec %D/etc/rc.d/slapd.sh stop 2>/dev/null || true -@unexec %D/etc/rc.d/slurpd.sh stop 2>/dev/null || true +@unexec %%RC_DIR%%/slapd%%RC_SUFX%% stop 2>/dev/null || true +@unexec %%RC_DIR%%/slurpd%%RC_SUFX%% stop 2>/dev/null || true etc/openldap/schema/README @unexec if cmp -s %D/etc/openldap/schema/corba.schema %D/etc/openldap/schema/corba.schema.default; then rm -f %D/etc/openldap/schema/corba.schema; fi etc/openldap/schema/corba.schema.default @@ -31,8 +31,6 @@ etc/openldap/slapd.conf.default @exec [ -f %B/slapd.conf ] || cp %B/%f %B/slapd.conf @unexec rmdir %D/etc/openldap/schema 2>/dev/null || true @unexec rmdir %D/etc/openldap 2>/dev/null || true -etc/rc.d/slapd.sh -etc/rc.d/slurpd.sh %%SLAPI%%lib/libslapi.a %%SLAPI%%lib/libslapi.so %%SLAPI%%lib/libslapi.so.2 @@ -42,6 +40,12 @@ sbin/slapadd sbin/slapcat sbin/slapindex sbin/slappasswd +@exec mkdir -p %%LOCALSTATEDIR%%/openldap-slurp @unexec rmdir %%LOCALSTATEDIR%%/openldap-slurp 2>/dev/null || true +@exec mkdir -p %%LOCALSTATEDIR%%/openldap-data @unexec rmdir %%LOCALSTATEDIR%%/openldap-data 2>/dev/null || true +@exec mkdir -p %%LDAP_RUN_DIR%% @unexec rmdir %%LDAP_RUN_DIR%% 2>/dev/null || true +@cwd %%RC_DIR%% +slapd%%RC_SUFX%% +slurpd%%RC_SUFX%% |