openldap 2.6.8-1

2024-10-31 16:13:17 +08:00 · 2024-10-31 16:13:17 +08:00 · 37e7d2c7cd
commit 37e7d2c7cd
parent 1a062d8528
7 changed files with 133 additions and 226 deletions
--- a/155
+++ b/155
@ -4,48 +4,149 @@
 # then please put 'unknown'.

 # Maintainer: Future Linux Team <future_linux@163.com>
-pkgname=openldap
-pkgver=2.6.7
+pkgname=(openldap libldap)
+pkgbase=openldap
+pkgver=2.6.8
 pkgrel=1
 pkgdesc="Lightweight Directory Access Protocol (LDAP) client and server"
 arch=('x86_64')
 url="https://www.openldap.org/"
 license=('custom')
-depends=('cyrus-sasl')
-makedepends=('libtool' 'util-linux')
-backup=(etc/openldap/ldap.conf
-	etc/openldap/ldap.conf.default)
-options=('!makeflags' 'emptydirs')
-source=(https://www.openldap.org/software/download/OpenLDAP/openldap-release/${pkgname}-${pkgver}.tgz
-	${pkgname}-${pkgver}-consolidated-1.patch)
-sha256sums=(cd775f625c944ed78a3da18a03b03b08eea73c8aabc97b41bb336e9a10954930
-	ee96840f2235bdd810e41e8cbc2faf4d46b83c0c15be937701c147b099d0232d)
+makedepends=('libtool' 'cyrus-sasl' 'util-linux' 'chrpath' 'unixodbc' 'libsodium' 'systemd')
+options=('!makeflags' 'emptydirs' '!lto')
+source=(https://www.openldap.org/software/download/OpenLDAP/openldap-release/${pkgbase}-${pkgver}.tgz
+    openldap.sysusers
+    openldap.tmpfiles)
+sha256sums=(48969323e94e3be3b03c6a132942dcba7ef8d545f2ad35401709019f696c3c4e
+    6fd7e763f82f41aa780c3970eea46e3f3bbb806cecafa5c20abe5309ad7c1800
+    072effe3fd6db5c6a331b4867d4fa539ea871587c54d3cbc392cead790b04300)
+
+# extra modules found in contrib/slapd-modules
+_extra_modules=(
+    'nssov'
+    'autogroup'
+    'lastbind'
+    'passwd/sha2'
+    'allowed'
+    'noopsrch'
+)

 prepare() {
-	cd ${pkgname}-${pkgver}
+    cd ${pkgbase}-${pkgver}

-	patch -Np1 -i ${srcdir}/${pkgname}-${pkgver}-consolidated-1.patch
+    # change perms from 0644 to 0755
+    sed -i 's|-m 644 $(LIBRARY)|-m 755 $(LIBRARY)|' libraries/{liblber,libldap}/Makefile.in
+    
+    # change rundir to /run/openldap
+    sed -i 's|#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"|#define LDAPI_SOCK LDAP_DIRSEP "run" LDAP_DIRSEP "openldap" LDAP_DIRSEP "ldapi"|' include/ldap_defaults.h
+    sed -i 's|%LOCALSTATEDIR%/run|/run/openldap|' servers/slapd/slapd.{conf,ldif}
+    sed -i 's|-$(MKDIR) $(DESTDIR)$(localstatedir)/run|-$(MKDIR) $(DESTDIR)/run/openldap|' servers/slapd/Makefile.in
+    
+    # modify upstream systemd service
+    sed -i -e "s|EnvironmentFile.*|EnvironmentFile=-/etc/conf.d/slapd|" -e "s/slapd -d 0/\0 -u ldap -g ldap/" servers/slapd/slapd.service

-	autoconf
+    autoconf
 }

 build() {
-	cd ${pkgname}-${pkgver}
+    cd ${pkgbase}-${pkgver}

-	${CONFIGURE}                 \
-		--sysconfdir=/etc    \
-		--with-cyrus-sasl    \
-		--disable-static     \
-		--enable-dynamic     \
-		--disable-debug      \
-		--disable-slapd
+    ${CONFIGURE}                          \
+        --sysconfdir=/etc                 \
+        --localstatedir=/var/lib/openldap \
+        --enable-dynamic                  \
+        --enable-syslog                   \
+        --enable-ipv6                     \
+        --enable-local                    \
+        --enable-crypt                    \
+        --enable-spasswd                  \
+        --enable-modules                  \
+        --enable-backends                 \
+        --enable-argon2                   \
+        --with-argon2=libsodium           \
+        --disable-wt                      \
+        --enable-overlays=mod             \
+        --with-cyrus-sasl                 \
+        --with-threads

-	make depend
-	make
+    sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool
+    make
+
+    # build extra modules
+    for module in ${_extra_modules[@]}; do
+        make -C contrib/slapd-modules/${module} \
+            OPT="${CFLAGS} ${CPPFLAGS}"         \
+            prefix=/usr                         \
+            libdir=/usr/lib64                   \
+            sysconfdir=/etc/openldap
+    done
 }

-package() {
-	cd ${pkgname}-${pkgver}
+package_libldap() {
+    pkgdesc="Lightweight Directory Access Protocol (LDAP) client libraries"
+    depends=('cyrus-sasl')
+    backup=(etc/openldap/ldap.conf)

-	make DESTDIR=${pkgdir} install
+    cd ${pkgbase}-${pkgver}
+    
+    for dir in include libraries doc/man/man3 ; do
+        pushd ${dir}
+            make DESTDIR=${pkgdir} install
+        popd
+    done
+    
+  install -Dm644 -t ${pkgdir}/usr/share/man/man5 doc/man/man5/ldap.conf.5
+    
+    # remove duplicate conf files
+    rm ${pkgdir}/etc/openldap/*.default
+
+    # shared library versioning
+    ln -sf liblber.so ${pkgdir}/usr/lib64/liblber.so.2
+    ln -sf libldap.so ${pkgdir}/usr/lib64/libldap.so.2
+}
+
+package_openldap() {
+    pkgdesc="Lightweight Directory Access Protocol (LDAP) client and server"
+    depends=("libldap>=${pkgver}" 'libtool' 'unixodbc' 'perl' 'systemd' 'libsodium')
+    backup=(etc/openldap/slapd.conf
+        etc/openldap/slapd.ldif)
+
+    cd ${pkgbase}-${pkgver}
+
+    for dir in clients servers doc/man/man{1,5,8}; do
+        pushd ${dir}
+            make DESTDIR=${pkgdir} install
+        popd
+    done
+
+    # install extra modules
+    for module in ${_extra_modules[@]}; do
+        make -C contrib/slapd-modules/${module} \
+            prefix=/usr                         \
+            libdir=/usr/lib64                   \
+            sysconfdir=/etc/openldap            \
+            DESTDIR=${pkgdir} install
+    
+        # passwd/sha2 has no man page, so skip it
+        if [ -f contrib/slapd-modules/${module}/slapo-${module}.5 ]; then
+            install -m644 -t ${pkgdir}/usr/share/man/man5 \
+                contrib/slapd-modules/${module}/slapo-${module}.5
+        fi
+    done
+    
+    # should be in libldap package
+    rm ${pkgdir}/usr/share/man/man5/ldap.conf.5
+    
+    # let systemd-tmpfiles generate this directory
+    rm -r ${pkgdir}/run
+    
+    # get rid of duplicate conf files
+    rm ${pkgdir}/etc/openldap/*.default
+    ln -s ../lib64/slapd ${pkgdir}/usr/bin/slapd
+    chown root:439 ${pkgdir}/etc/openldap/slapd.{conf,ldif}
+    chmod 640 ${pkgdir}/etc/openldap/slapd.{conf,ldif}
+    
+    # systemd integration
+    install -Dm644 ${srcdir}/openldap.tmpfiles ${pkgdir}/usr/lib/tmpfiles.d/openldap.conf
+    install -Dm644 ${srcdir}/openldap.sysusers ${pkgdir}/usr/lib/sysusers.d/openldap.conf
 }
--- a/openldap-2.6.7-consolidated-1.patch
+++ b/openldap-2.6.7-consolidated-1.patch
@ -1,175 +0,0 @@
-Submitted by:            Xi Ruoyao <xry111 at xry111 dot site>
-Date:                    2024-01-30
-Initial Package Version: 2.6.7
-Upstream Status:         BLFS Specific
-Origin:                  Armin K. <krejzi at email dot com> and Debian.
-                         Rediffed multiple times by various editors.
-                         For 2.6.7, manually edited to remove the bogus
-                         ".orig" file creation, and change
-                         %LOCALSTATEDIR%/run to /run because /var/run has
-                         been deprecated.
-
-diff -Naurp openldap-2.6.2.orig/doc/man/man5/slapd.conf.5 openldap-2.6.2/doc/man/man5/slapd.conf.5
--- openldap-2.6.2.orig/doc/man/man5/slapd.conf.5	2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/doc/man/man5/slapd.conf.5	2022-05-05 12:05:53.309727745 +0200
-@@ -2122,7 +2122,7 @@ suffix    "dc=our\-domain,dc=com"
- # The database directory MUST exist prior to
- # running slapd AND should only be accessible
- # by the slapd/tools. Mode 0700 recommended.
-directory LOCALSTATEDIR/openldap\-data
-+directory LOCALSTATEDIR/lib/openldap
- # Indices to maintain
- index     objectClass  eq
- index     cn,sn,mail   pres,eq,approx,sub
-diff -Naurp openldap-2.6.2.orig/doc/man/man5/slapd-config.5 openldap-2.6.2/doc/man/man5/slapd-config.5
--- openldap-2.6.2.orig/doc/man/man5/slapd-config.5	2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/doc/man/man5/slapd-config.5	2022-05-05 12:05:53.312727754 +0200
-@@ -2233,7 +2233,7 @@ olcSuffix: "dc=our\-domain,dc=com"
- # The database directory MUST exist prior to
- # running slapd AND should only be accessible
- # by the slapd/tools. Mode 0700 recommended.
-olcDbDirectory: LOCALSTATEDIR/openldap\-data
-+olcDbDirectory: LOCALSTATEDIR/lib/openldap
- # Indices to maintain
- olcDbIndex:     objectClass  eq
- olcDbIndex:     cn,sn,mail   pres,eq,approx,sub
-
-diff -Naurp openldap-2.6.2.orig/include/ldap_defaults.h openldap-2.6.2/include/ldap_defaults.h
--- openldap-2.6.2.orig/include/ldap_defaults.h	2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/include/ldap_defaults.h	2022-05-05 12:07:08.783961875 +0200
-@@ -40,7 +40,8 @@
- 
- /* default ldapi:// socket */
- #ifndef LDAPI_SOCK
-#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"
-+#define LDAPI_SOCK "/run" LDAP_DIRSEP "openldap" LDAP_DIRSEP "ldapi"
-+
- #endif
- 
- /*
-@@ -54,7 +55,8 @@
- #define SLAPD_DEFAULT_CONFIGDIR		LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.d"
- #endif
- #ifndef SLAPD_DEFAULT_DB_DIR
-#define SLAPD_DEFAULT_DB_DIR		LDAP_RUNDIR LDAP_DIRSEP "openldap-data"
-+#define SLAPD_DEFAULT_DB_DIR        LDAP_RUNDIR LDAP_DIRSEP "lib" LDAP_DIRSEP "openldap"
-+
- #endif
- #define SLAPD_DEFAULT_DB_MODE		0600
- 	/* default max deref depth for aliases */
-diff -Naurp openldap-2.6.2.orig/libraries/liblber/Makefile.in openldap-2.6.2/libraries/liblber/Makefile.in
--- openldap-2.6.2.orig/libraries/liblber/Makefile.in	2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/libraries/liblber/Makefile.in	2022-05-05 12:05:53.313727757 +0200
-@@ -51,6 +51,6 @@ idtest:  $(XLIBS) idtest.o
- 
- install-local: FORCE
- 	-$(MKDIR) $(DESTDIR)$(libdir)
-	$(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir)
-+	$(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir)
- 	$(LTFINISH) $(DESTDIR)$(libdir)
- 
-diff -Naurp openldap-2.6.2.orig/libraries/libldap/Makefile.in openldap-2.6.2/libraries/libldap/Makefile.in
--- openldap-2.6.2.orig/libraries/libldap/Makefile.in	2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/libraries/libldap/Makefile.in	2022-05-05 12:05:53.327727801 +0200
-@@ -82,7 +82,7 @@ CFFILES=ldap.conf
- 
- install-local: $(CFFILES) FORCE
- 	-$(MKDIR) $(DESTDIR)$(libdir)
-	$(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir)
-+	$(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir)
- 	$(LTFINISH) $(DESTDIR)$(libdir)
- 	-$(MKDIR) $(DESTDIR)$(sysconfdir)
- 	@for i in $(CFFILES); do \
-diff -Naurp openldap-2.6.2.orig/servers/slapd/Makefile.in openldap-2.6.2/servers/slapd/Makefile.in
--- openldap-2.6.2.orig/servers/slapd/Makefile.in	2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/servers/slapd/Makefile.in	2022-05-05 12:05:53.329727807 +0200
-@@ -374,9 +374,10 @@ install-local-srv: install-slapd install
- 
- install-slapd: FORCE
- 	-$(MKDIR) $(DESTDIR)$(libexecdir)
-+	-$(MKDIR) $(DESTDIR)$(sbindir)
- 	-$(MKDIR) $(DESTDIR)$(localstatedir)/run
- 	$(LTINSTALL) $(INSTALLFLAGS) $(STRIP_OPTS) -m 755 \
-		slapd$(EXEEXT) $(DESTDIR)$(libexecdir)
-+		slapd$(EXEEXT) $(DESTDIR)$(sbindir)
- 	@for i in $(SUBDIRS); do \
- 	    if test -d $$i && test -f $$i/Makefile ; then \
- 		echo; echo "  cd $$i && $(MAKE) $(MFLAGS) install"; \
-@@ -452,9 +453,9 @@ install-conf: FORCE
- 
- install-db-config: FORCE
- 	@-$(MKDIR) $(DESTDIR)$(localstatedir) $(DESTDIR)$(sysconfdir)
-	@-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/openldap-data
-+	@-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/lib/openldap
- 	$(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \
-		$(DESTDIR)$(localstatedir)/openldap-data/DB_CONFIG.example
-+		$(DESTDIR)$(localstatedir)/lib/openldap/DB_CONFIG.example
- 	$(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \
- 		$(DESTDIR)$(sysconfdir)/DB_CONFIG.example
- 
-@@ -462,6 +463,6 @@ install-tools: FORCE
- 	-$(MKDIR) $(DESTDIR)$(sbindir)
- 	for i in $(SLAPTOOLS); do \
- 		$(RM) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \
-		$(LN_S) -f $(DESTDIR)$(libexecdir)/slapd$(EXEEXT) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \
-+		$(LN_S) -f $(DESTDIR)$(sbindir)/slapd$(EXEEXT) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \
- 	done
- 
-diff -Naurp openldap-2.6.2.orig/servers/slapd/slapd.conf openldap-2.6.2/servers/slapd/slapd.conf
--- openldap-2.6.2.orig/servers/slapd/slapd.conf	2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/servers/slapd/slapd.conf	2022-05-05 12:05:53.331727813 +0200
-@@ -10,8 +10,9 @@ include		%SYSCONFDIR%/schema/core.schema
- # service AND an understanding of referrals.
- #referral	ldap://root.openldap.org
- 
-pidfile		%LOCALSTATEDIR%/run/slapd.pid
-argsfile	%LOCALSTATEDIR%/run/slapd.args
-+pidfile		/run/openldap/slapd.pid
-+argsfile	/run/openldap/slapd.args
-+
- 
- # Load dynamic backend modules:
- modulepath	%MODULEDIR%
-@@ -69,7 +70,7 @@ rootpw		secret
- # The database directory MUST exist prior to running slapd AND 
- # should only be accessible by the slapd and slap tools.
- # Mode 700 recommended.
-directory	%LOCALSTATEDIR%/openldap-data
-+directory	%LOCALSTATEDIR%/lib/openldap
- # Indices to maintain
- index	objectClass	eq
- 
-diff -Naurp openldap-2.6.2.orig/servers/slapd/slapd.ldif openldap-2.6.2/servers/slapd/slapd.ldif
--- openldap-2.6.2.orig/servers/slapd/slapd.ldif	2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/servers/slapd/slapd.ldif	2022-05-05 12:05:53.332727816 +0200
-@@ -9,8 +9,8 @@ cn: config
- #
- # Define global ACLs to disable default read access.
- #
-olcArgsFile: %LOCALSTATEDIR%/run/slapd.args
-olcPidFile: %LOCALSTATEDIR%/run/slapd.pid
-+olcArgsFile: /run/openldap/slapd.args
-+olcPidFile: /run/openldap/slapd.pid
- #
- # Do not enable referrals until AFTER you have a working directory
- # service AND an understanding of referrals.
-@@ -88,7 +88,7 @@ olcRootPW: secret
- # The database directory MUST exist prior to running slapd AND 
- # should only be accessible by the slapd and slap tools.
- # Mode 700 recommended.
-olcDbDirectory:	%LOCALSTATEDIR%/openldap-data
-+olcDbDirectory:	%LOCALSTATEDIR%/lib/openldap
- # Indices to maintain
- olcDbIndex: objectClass eq
- 
-diff -Naurp openldap-2.6.2.orig/servers/slapd/slapi/Makefile.in openldap-2.6.2/servers/slapd/slapi/Makefile.in
--- openldap-2.6.2.orig/servers/slapd/slapi/Makefile.in	2022-05-04 16:55:23.000000000 +0200
-+++ openldap-2.6.2/servers/slapd/slapi/Makefile.in	2022-05-05 12:05:53.333727819 +0200
-@@ -46,6 +46,6 @@ BUILD_MOD = @BUILD_SLAPI@
- install-local: FORCE
- 	if test "$(BUILD_MOD)" = "yes"; then \
- 		$(MKDIR) $(DESTDIR)$(libdir); \
-		$(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir); \
-+		$(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir); \
- 	fi
- 
--- a/openldap.sysusers
+++ b/openldap.sysusers
@ -0,0 +1 @@
+u ldap 83 "LDAP Server" /var/lib/openldap
--- a/openldap.tmpfiles
+++ b/openldap.tmpfiles
@ -0,0 +1,4 @@
+D /run/openldap 0755 ldap ldap -
+
+f /var/lib/openldap/.placeholder 0644 ldap ldap - "prevent pwcheck error; pacman should not remove ~ldap"
+
--- a/12
+++ b/12
@ -1,12 +0,0 @@
-# Begin /etc/default/slapd
-
-# Options to pass to slapd.
-# See slapd(8) for more details.
-SLAPD_OPTS=""
-
-# slapd normally serves ldap only on all TCP-ports 389. slapd can also
-# service requests on TCP-port 636 (ldaps) and requests via unix
-# sockets.
-#SLAPD_OPTS='-h "ldap://127.0.0.1:389/ ldaps:/// ldapi:///"'
-
-# End /etc/default/slapd
--- a/slapd.conf
+++ b/slapd.conf
@ -1 +0,0 @@
-d /run/openldap 0755 ldap ldap -
--- a/slapd.service
+++ b/slapd.service
@ -1,11 +0,0 @@
-[Unit]
-Description=OpenLDAP server daemon
-After=network.target
-
-[Service]
-Type=forking
-EnvironmentFile=/etc/default/slapd
-ExecStart=/usr/sbin/slapd -u ldap -g ldap $SLAPD_OPTS
-
-[Install]
-WantedBy=multi-user.target