openldap 2.6.8-1

2024-10-31 16:13:17 +08:00 · 2024-10-31 16:13:17 +08:00 · 37e7d2c7cd
commit 37e7d2c7cd
parent 1a062d8528
7 changed files with 133 additions and 226 deletions
--- a/143
+++ b/143
@ -4,48 +4,149 @@
 # then please put 'unknown'.
 # Maintainer: Future Linux Team <future_linux@163.com>
-pkgname=openldap
+pkgname=(openldap libldap)
-pkgver=2.6.7
+pkgbase=openldap
 pkgver=2.6.8
 pkgrel=1
 pkgdesc="Lightweight Directory Access Protocol (LDAP) client and server"
 arch=('x86_64')
 url="https://www.openldap.org/"
 license=('custom')
-depends=('cyrus-sasl')
+makedepends=('libtool' 'cyrus-sasl' 'util-linux' 'chrpath' 'unixodbc' 'libsodium' 'systemd')
-makedepends=('libtool' 'util-linux')
+options=('!makeflags' 'emptydirs' '!lto')
-backup=(etc/openldap/ldap.conf
+source=(https://www.openldap.org/software/download/OpenLDAP/openldap-release/${pkgbase}-${pkgver}.tgz
-	etc/openldap/ldap.conf.default)
+    openldap.sysusers
-options=('!makeflags' 'emptydirs')
+    openldap.tmpfiles)
-source=(https://www.openldap.org/software/download/OpenLDAP/openldap-release/${pkgname}-${pkgver}.tgz
+sha256sums=(48969323e94e3be3b03c6a132942dcba7ef8d545f2ad35401709019f696c3c4e
-	${pkgname}-${pkgver}-consolidated-1.patch)
+    6fd7e763f82f41aa780c3970eea46e3f3bbb806cecafa5c20abe5309ad7c1800
-sha256sums=(cd775f625c944ed78a3da18a03b03b08eea73c8aabc97b41bb336e9a10954930
+    072effe3fd6db5c6a331b4867d4fa539ea871587c54d3cbc392cead790b04300)
-	ee96840f2235bdd810e41e8cbc2faf4d46b83c0c15be937701c147b099d0232d)
+
 # extra modules found in contrib/slapd-modules
 _extra_modules=(
    'nssov'
    'autogroup'
    'lastbind'
    'passwd/sha2'
    'allowed'
    'noopsrch'
 )
 prepare() {
-	cd ${pkgname}-${pkgver}
+    cd ${pkgbase}-${pkgver}
-	patch -Np1 -i ${srcdir}/${pkgname}-${pkgver}-consolidated-1.patch
+    # change perms from 0644 to 0755
    sed -i 's|-m 644 $(LIBRARY)|-m 755 $(LIBRARY)|' libraries/{liblber,libldap}/Makefile.in
    # change rundir to /run/openldap
    sed -i 's|#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"|#define LDAPI_SOCK LDAP_DIRSEP "run" LDAP_DIRSEP "openldap" LDAP_DIRSEP "ldapi"|' include/ldap_defaults.h
    sed -i 's|%LOCALSTATEDIR%/run|/run/openldap|' servers/slapd/slapd.{conf,ldif}
    sed -i 's|-$(MKDIR) $(DESTDIR)$(localstatedir)/run|-$(MKDIR) $(DESTDIR)/run/openldap|' servers/slapd/Makefile.in
    # modify upstream systemd service
    sed -i -e "s|EnvironmentFile.*|EnvironmentFile=-/etc/conf.d/slapd|" -e "s/slapd -d 0/\0 -u ldap -g ldap/" servers/slapd/slapd.service
    autoconf
 }
 build() {
-	cd ${pkgname}-${pkgver}
+    cd ${pkgbase}-${pkgver}
    ${CONFIGURE}                          \
        --sysconfdir=/etc                 \
-		--with-cyrus-sasl    \
+        --localstatedir=/var/lib/openldap \
 		--disable-static     \
        --enable-dynamic                  \
-		--disable-debug      \
+        --enable-syslog                   \
-		--disable-slapd
+        --enable-ipv6                     \
        --enable-local                    \
        --enable-crypt                    \
        --enable-spasswd                  \
        --enable-modules                  \
        --enable-backends                 \
        --enable-argon2                   \
        --with-argon2=libsodium           \
        --disable-wt                      \
        --enable-overlays=mod             \
        --with-cyrus-sasl                 \
        --with-threads
-	make depend
+    sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool
    make
    # build extra modules
    for module in ${_extra_modules[@]}; do
        make -C contrib/slapd-modules/${module} \
            OPT="${CFLAGS} ${CPPFLAGS}"         \
            prefix=/usr                         \
            libdir=/usr/lib64                   \
            sysconfdir=/etc/openldap
    done
 }
-package() {
+package_libldap() {
-	cd ${pkgname}-${pkgver}
+    pkgdesc="Lightweight Directory Access Protocol (LDAP) client libraries"
    depends=('cyrus-sasl')
    backup=(etc/openldap/ldap.conf)
    cd ${pkgbase}-${pkgver}
    for dir in include libraries doc/man/man3 ; do
        pushd ${dir}
            make DESTDIR=${pkgdir} install
        popd
    done
  install -Dm644 -t ${pkgdir}/usr/share/man/man5 doc/man/man5/ldap.conf.5
    # remove duplicate conf files
    rm ${pkgdir}/etc/openldap/*.default
    # shared library versioning
    ln -sf liblber.so ${pkgdir}/usr/lib64/liblber.so.2
    ln -sf libldap.so ${pkgdir}/usr/lib64/libldap.so.2
 }
 package_openldap() {
    pkgdesc="Lightweight Directory Access Protocol (LDAP) client and server"
    depends=("libldap>=${pkgver}" 'libtool' 'unixodbc' 'perl' 'systemd' 'libsodium')
    backup=(etc/openldap/slapd.conf
        etc/openldap/slapd.ldif)
    cd ${pkgbase}-${pkgver}
    for dir in clients servers doc/man/man{1,5,8}; do
        pushd ${dir}
            make DESTDIR=${pkgdir} install
        popd
    done
    # install extra modules
    for module in ${_extra_modules[@]}; do
        make -C contrib/slapd-modules/${module} \
            prefix=/usr                         \
            libdir=/usr/lib64                   \
            sysconfdir=/etc/openldap            \
            DESTDIR=${pkgdir} install
        # passwd/sha2 has no man page, so skip it
        if [ -f contrib/slapd-modules/${module}/slapo-${module}.5 ]; then
            install -m644 -t ${pkgdir}/usr/share/man/man5 \
                contrib/slapd-modules/${module}/slapo-${module}.5
        fi
    done
    # should be in libldap package
    rm ${pkgdir}/usr/share/man/man5/ldap.conf.5
    # let systemd-tmpfiles generate this directory
    rm -r ${pkgdir}/run
    # get rid of duplicate conf files
    rm ${pkgdir}/etc/openldap/*.default
    ln -s ../lib64/slapd ${pkgdir}/usr/bin/slapd
    chown root:439 ${pkgdir}/etc/openldap/slapd.{conf,ldif}
    chmod 640 ${pkgdir}/etc/openldap/slapd.{conf,ldif}
    # systemd integration
    install -Dm644 ${srcdir}/openldap.tmpfiles ${pkgdir}/usr/lib/tmpfiles.d/openldap.conf
    install -Dm644 ${srcdir}/openldap.sysusers ${pkgdir}/usr/lib/sysusers.d/openldap.conf
 }
--- a/openldap-2.6.7-consolidated-1.patch
+++ b/openldap-2.6.7-consolidated-1.patch
@ -1,175 +0,0 @@
 Submitted by:            Xi Ruoyao <xry111 at xry111 dot site>
 Date:                    2024-01-30
 Initial Package Version: 2.6.7
 Upstream Status:         BLFS Specific
 Origin:                  Armin K. <krejzi at email dot com> and Debian.
                         Rediffed multiple times by various editors.
                         For 2.6.7, manually edited to remove the bogus
                         ".orig" file creation, and change
                         %LOCALSTATEDIR%/run to /run because /var/run has
                         been deprecated.
 diff -Naurp openldap-2.6.2.orig/doc/man/man5/slapd.conf.5 openldap-2.6.2/doc/man/man5/slapd.conf.5
 --- openldap-2.6.2.orig/doc/man/man5/slapd.conf.5	2022-05-04 16:55:23.000000000 +0200
 +++ openldap-2.6.2/doc/man/man5/slapd.conf.5	2022-05-05 12:05:53.309727745 +0200
@@ -2122,7 +2122,7 @@ suffix    "dc=our\-domain,dc=com"
 # The database directory MUST exist prior to
 # running slapd AND should only be accessible
 # by the slapd/tools. Mode 0700 recommended.
 -directory LOCALSTATEDIR/openldap\-data
 +directory LOCALSTATEDIR/lib/openldap
 # Indices to maintain
 index     objectClass  eq
 index     cn,sn,mail   pres,eq,approx,sub
 diff -Naurp openldap-2.6.2.orig/doc/man/man5/slapd-config.5 openldap-2.6.2/doc/man/man5/slapd-config.5
 --- openldap-2.6.2.orig/doc/man/man5/slapd-config.5	2022-05-04 16:55:23.000000000 +0200
 +++ openldap-2.6.2/doc/man/man5/slapd-config.5	2022-05-05 12:05:53.312727754 +0200
@@ -2233,7 +2233,7 @@ olcSuffix: "dc=our\-domain,dc=com"
 # The database directory MUST exist prior to
 # running slapd AND should only be accessible
 # by the slapd/tools. Mode 0700 recommended.
 -olcDbDirectory: LOCALSTATEDIR/openldap\-data
 +olcDbDirectory: LOCALSTATEDIR/lib/openldap
 # Indices to maintain
 olcDbIndex:     objectClass  eq
 olcDbIndex:     cn,sn,mail   pres,eq,approx,sub
 diff -Naurp openldap-2.6.2.orig/include/ldap_defaults.h openldap-2.6.2/include/ldap_defaults.h
 --- openldap-2.6.2.orig/include/ldap_defaults.h	2022-05-04 16:55:23.000000000 +0200
 +++ openldap-2.6.2/include/ldap_defaults.h	2022-05-05 12:07:08.783961875 +0200
@@ -40,7 +40,8 @@
 /* default ldapi:// socket */
 #ifndef LDAPI_SOCK
 -#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"
 +#define LDAPI_SOCK "/run" LDAP_DIRSEP "openldap" LDAP_DIRSEP "ldapi"
 +
 #endif
 /*
@@ -54,7 +55,8 @@
 #define SLAPD_DEFAULT_CONFIGDIR		LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.d"
 #endif
 #ifndef SLAPD_DEFAULT_DB_DIR
 -#define SLAPD_DEFAULT_DB_DIR		LDAP_RUNDIR LDAP_DIRSEP "openldap-data"
 +#define SLAPD_DEFAULT_DB_DIR        LDAP_RUNDIR LDAP_DIRSEP "lib" LDAP_DIRSEP "openldap"
 +
 #endif
 #define SLAPD_DEFAULT_DB_MODE		0600
 	/* default max deref depth for aliases */
 diff -Naurp openldap-2.6.2.orig/libraries/liblber/Makefile.in openldap-2.6.2/libraries/liblber/Makefile.in
 --- openldap-2.6.2.orig/libraries/liblber/Makefile.in	2022-05-04 16:55:23.000000000 +0200
 +++ openldap-2.6.2/libraries/liblber/Makefile.in	2022-05-05 12:05:53.313727757 +0200
@@ -51,6 +51,6 @@ idtest:  $(XLIBS) idtest.o
 install-local: FORCE
 	-$(MKDIR) $(DESTDIR)$(libdir)
 -	$(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir)
 +	$(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir)
 	$(LTFINISH) $(DESTDIR)$(libdir)
 diff -Naurp openldap-2.6.2.orig/libraries/libldap/Makefile.in openldap-2.6.2/libraries/libldap/Makefile.in
 --- openldap-2.6.2.orig/libraries/libldap/Makefile.in	2022-05-04 16:55:23.000000000 +0200
 +++ openldap-2.6.2/libraries/libldap/Makefile.in	2022-05-05 12:05:53.327727801 +0200
@@ -82,7 +82,7 @@ CFFILES=ldap.conf
 install-local: $(CFFILES) FORCE
 	-$(MKDIR) $(DESTDIR)$(libdir)
 -	$(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir)
 +	$(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir)
 	$(LTFINISH) $(DESTDIR)$(libdir)
 	-$(MKDIR) $(DESTDIR)$(sysconfdir)
 	@for i in $(CFFILES); do \
 diff -Naurp openldap-2.6.2.orig/servers/slapd/Makefile.in openldap-2.6.2/servers/slapd/Makefile.in
 --- openldap-2.6.2.orig/servers/slapd/Makefile.in	2022-05-04 16:55:23.000000000 +0200
 +++ openldap-2.6.2/servers/slapd/Makefile.in	2022-05-05 12:05:53.329727807 +0200
@@ -374,9 +374,10 @@ install-local-srv: install-slapd install
 install-slapd: FORCE
 	-$(MKDIR) $(DESTDIR)$(libexecdir)
 +	-$(MKDIR) $(DESTDIR)$(sbindir)
 	-$(MKDIR) $(DESTDIR)$(localstatedir)/run
 	$(LTINSTALL) $(INSTALLFLAGS) $(STRIP_OPTS) -m 755 \
 -		slapd$(EXEEXT) $(DESTDIR)$(libexecdir)
 +		slapd$(EXEEXT) $(DESTDIR)$(sbindir)
 	@for i in $(SUBDIRS); do \
 	    if test -d $$i && test -f $$i/Makefile ; then \
 		echo; echo "  cd $$i && $(MAKE) $(MFLAGS) install"; \
@@ -452,9 +453,9 @@ install-conf: FORCE
 install-db-config: FORCE
 	@-$(MKDIR) $(DESTDIR)$(localstatedir) $(DESTDIR)$(sysconfdir)
 -	@-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/openldap-data
 +	@-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/lib/openldap
 	$(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \
 -		$(DESTDIR)$(localstatedir)/openldap-data/DB_CONFIG.example
 +		$(DESTDIR)$(localstatedir)/lib/openldap/DB_CONFIG.example
 	$(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \
 		$(DESTDIR)$(sysconfdir)/DB_CONFIG.example
@@ -462,6 +463,6 @@ install-tools: FORCE
 	-$(MKDIR) $(DESTDIR)$(sbindir)
 	for i in $(SLAPTOOLS); do \
 		$(RM) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \
 -		$(LN_S) -f $(DESTDIR)$(libexecdir)/slapd$(EXEEXT) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \
 +		$(LN_S) -f $(DESTDIR)$(sbindir)/slapd$(EXEEXT) $(DESTDIR)$(sbindir)/$$i$(EXEEXT); \
 	done
 diff -Naurp openldap-2.6.2.orig/servers/slapd/slapd.conf openldap-2.6.2/servers/slapd/slapd.conf
 --- openldap-2.6.2.orig/servers/slapd/slapd.conf	2022-05-04 16:55:23.000000000 +0200
 +++ openldap-2.6.2/servers/slapd/slapd.conf	2022-05-05 12:05:53.331727813 +0200
@@ -10,8 +10,9 @@ include		%SYSCONFDIR%/schema/core.schema
 # service AND an understanding of referrals.
 #referral	ldap://root.openldap.org
 -pidfile		%LOCALSTATEDIR%/run/slapd.pid
 -argsfile	%LOCALSTATEDIR%/run/slapd.args
 +pidfile		/run/openldap/slapd.pid
 +argsfile	/run/openldap/slapd.args
 +
 # Load dynamic backend modules:
 modulepath	%MODULEDIR%
@@ -69,7 +70,7 @@ rootpw		secret
 # The database directory MUST exist prior to running slapd AND 
 # should only be accessible by the slapd and slap tools.
 # Mode 700 recommended.
 -directory	%LOCALSTATEDIR%/openldap-data
 +directory	%LOCALSTATEDIR%/lib/openldap
 # Indices to maintain
 index	objectClass	eq
 diff -Naurp openldap-2.6.2.orig/servers/slapd/slapd.ldif openldap-2.6.2/servers/slapd/slapd.ldif
 --- openldap-2.6.2.orig/servers/slapd/slapd.ldif	2022-05-04 16:55:23.000000000 +0200
 +++ openldap-2.6.2/servers/slapd/slapd.ldif	2022-05-05 12:05:53.332727816 +0200
@@ -9,8 +9,8 @@ cn: config
 #
 # Define global ACLs to disable default read access.
 #
 -olcArgsFile: %LOCALSTATEDIR%/run/slapd.args
 -olcPidFile: %LOCALSTATEDIR%/run/slapd.pid
 +olcArgsFile: /run/openldap/slapd.args
 +olcPidFile: /run/openldap/slapd.pid
 #
 # Do not enable referrals until AFTER you have a working directory
 # service AND an understanding of referrals.
@@ -88,7 +88,7 @@ olcRootPW: secret
 # The database directory MUST exist prior to running slapd AND 
 # should only be accessible by the slapd and slap tools.
 # Mode 700 recommended.
 -olcDbDirectory:	%LOCALSTATEDIR%/openldap-data
 +olcDbDirectory:	%LOCALSTATEDIR%/lib/openldap
 # Indices to maintain
 olcDbIndex: objectClass eq
 diff -Naurp openldap-2.6.2.orig/servers/slapd/slapi/Makefile.in openldap-2.6.2/servers/slapd/slapi/Makefile.in
 --- openldap-2.6.2.orig/servers/slapd/slapi/Makefile.in	2022-05-04 16:55:23.000000000 +0200
 +++ openldap-2.6.2/servers/slapd/slapi/Makefile.in	2022-05-05 12:05:53.333727819 +0200
@@ -46,6 +46,6 @@ BUILD_MOD = @BUILD_SLAPI@
 install-local: FORCE
 	if test "$(BUILD_MOD)" = "yes"; then \
 		$(MKDIR) $(DESTDIR)$(libdir); \
 -		$(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir); \
 +		$(LTINSTALL) $(INSTALLFLAGS) -m 755 $(LIBRARY) $(DESTDIR)$(libdir); \
 	fi
--- a/openldap.sysusers
+++ b/openldap.sysusers
@ -0,0 +1 @@
 u ldap 83 "LDAP Server" /var/lib/openldap
--- a/openldap.tmpfiles
+++ b/openldap.tmpfiles
@ -0,0 +1,4 @@
 D /run/openldap 0755 ldap ldap -
 f /var/lib/openldap/.placeholder 0644 ldap ldap - "prevent pwcheck error; pacman should not remove ~ldap"
--- a/12
+++ b/12
@ -1,12 +0,0 @@
 # Begin /etc/default/slapd
 # Options to pass to slapd.
 # See slapd(8) for more details.
 SLAPD_OPTS=""
 # slapd normally serves ldap only on all TCP-ports 389. slapd can also
 # service requests on TCP-port 636 (ldaps) and requests via unix
 # sockets.
 #SLAPD_OPTS='-h "ldap://127.0.0.1:389/ ldaps:/// ldapi:///"'
 # End /etc/default/slapd
--- a/slapd.conf
+++ b/slapd.conf
@ -1 +0,0 @@
 d /run/openldap 0755 ldap ldap -
--- a/slapd.service
+++ b/slapd.service
@ -1,11 +0,0 @@
 [Unit]
 Description=OpenLDAP server daemon
 After=network.target
 [Service]
 Type=forking
 EnvironmentFile=/etc/default/slapd
 ExecStart=/usr/sbin/slapd -u ldap -g ldap $SLAPD_OPTS
 [Install]
 WantedBy=multi-user.target
		`@ -0,0 +1,4 @@`
							`D /run/openldap 0755 ldap ldap -`

							`f /var/lib/openldap/.placeholder 0644 ldap ldap - "prevent pwcheck error; pacman should not remove ~ldap"`