summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Ullmann <jokey@gentoo.org>2006-02-19 23:54:56 +0000
committerMarkus Ullmann <jokey@gentoo.org>2006-02-19 23:54:56 +0000
commitb08ca89807c16436bc3be6ff2e09850d1bd4ac78 (patch)
tree67c0a6e89e60b9b5221fe6bb479b16d6bd23479b /net-nds/openldap
parents390/sh stable (diff)
downloadgentoo-2-b08ca89807c16436bc3be6ff2e09850d1bd4ac78.tar.gz
gentoo-2-b08ca89807c16436bc3be6ff2e09850d1bd4ac78.tar.bz2
gentoo-2-b08ca89807c16436bc3be6ff2e09850d1bd4ac78.zip
Version bump
(Portage version: 2.1_pre4-r1)
Diffstat (limited to 'net-nds/openldap')
-rw-r--r--net-nds/openldap/ChangeLog7
-rw-r--r--net-nds/openldap/Manifest6
-rw-r--r--net-nds/openldap/files/digest-openldap-2.3.209
-rw-r--r--net-nds/openldap/openldap-2.3.20.ebuild473
4 files changed, 494 insertions, 1 deletions
diff --git a/net-nds/openldap/ChangeLog b/net-nds/openldap/ChangeLog
index ce10a3cad8f6..340427c5dc50 100644
--- a/net-nds/openldap/ChangeLog
+++ b/net-nds/openldap/ChangeLog
@@ -1,6 +1,11 @@
# ChangeLog for net-nds/openldap
# Copyright 2002-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.162 2006/01/30 16:34:57 jokey Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.163 2006/02/19 23:54:56 jokey Exp $
+
+*openldap-2.3.20 (19 Feb 2006)
+
+ 19 Feb 2006; Markus Ullmann <jokey@gentoo.org> +openldap-2.3.20.ebuild:
+ Version bump
*openldap-2.3.19 (30 Jan 2006)
diff --git a/net-nds/openldap/Manifest b/net-nds/openldap/Manifest
index 21ac66c3c799..1f19053fc0e8 100644
--- a/net-nds/openldap/Manifest
+++ b/net-nds/openldap/Manifest
@@ -40,6 +40,9 @@ SHA256 e5cee751e402c17ffa84e85a9b2c771d7977f6fc643bc186e3c447e0029b87b4 files/di
MD5 b4512f1af83b238598f391f3078a78ed files/digest-openldap-2.3.19 723
RMD160 7ab755cccb6e42e891f2605d9d0402b8b4c7b642 files/digest-openldap-2.3.19 723
SHA256 8b090d314904c0c274ff47ff54db16a98243b2c6c1440ba04faa44e1ae0146c7 files/digest-openldap-2.3.19 723
+MD5 e88ad429724735e30654da089190d683 files/digest-openldap-2.3.20 723
+RMD160 eb910604d9eb3523b825f1e2c9ddc39161953c10 files/digest-openldap-2.3.20 723
+SHA256 7e0d5949558027c8304b9732dc9476e45815b6401103a457762291c729d1b3f4 files/digest-openldap-2.3.20 723
MD5 c8d6f4ebeb92ef1085b1bb77d7b4db5f files/gencert.sh 3505
RMD160 9de31e9a4d4b654ac9e0f899e51a8c5049bf90bf files/gencert.sh 3505
SHA256 73f1f7f0d76132da878ae8739f4f4403bb5f17d630ffa109fe4b1645e7f073c6 files/gencert.sh 3505
@@ -133,3 +136,6 @@ SHA256 955b82207ed2510060f9581fc6dc9ac1c6f8b4439b10f1ea4c5de11b722a9de3 openldap
MD5 a9a8de62e06748ea2c2d8bb0ea4fd5e9 openldap-2.3.19.ebuild 17217
RMD160 a12affb84602e4eb2176f3020817c05d968c2560 openldap-2.3.19.ebuild 17217
SHA256 0978560759d482cf7201f68bb322871cce59a8a74c33de875ddbde16623d1842 openldap-2.3.19.ebuild 17217
+MD5 a9a8de62e06748ea2c2d8bb0ea4fd5e9 openldap-2.3.20.ebuild 17217
+RMD160 a12affb84602e4eb2176f3020817c05d968c2560 openldap-2.3.20.ebuild 17217
+SHA256 0978560759d482cf7201f68bb322871cce59a8a74c33de875ddbde16623d1842 openldap-2.3.20.ebuild 17217
diff --git a/net-nds/openldap/files/digest-openldap-2.3.20 b/net-nds/openldap/files/digest-openldap-2.3.20
new file mode 100644
index 000000000000..f030728157c8
--- /dev/null
+++ b/net-nds/openldap/files/digest-openldap-2.3.20
@@ -0,0 +1,9 @@
+MD5 e2ae8148c4bed07d7a70edd930bdc403 openldap-2.1.30.tgz 2044673
+RMD160 431aa798c6197530c17611b931f0169d7a53e831 openldap-2.1.30.tgz 2044673
+SHA256 7fcefd45dfc82038cf0875e36b86a67d3af44b6a734e0127bae9ff2582ae8b25 openldap-2.1.30.tgz 2044673
+MD5 b51db7328430b9cbe527696da726f1fb openldap-2.2.28.tgz 2630427
+RMD160 ca3f5aff42e6afc6b7c0a62beb8c13d4ff43d44c openldap-2.2.28.tgz 2630427
+SHA256 05c75b719305578dec799f05eaddae6b77eb51857abc6284e47b6abc4317dfba openldap-2.2.28.tgz 2630427
+MD5 49d2c5b9378a7b57e1fb03948acb8e32 openldap-2.3.20.tgz 3732780
+RMD160 89b54d32c93f91df245505ed37978384bc0e2098 openldap-2.3.20.tgz 3732780
+SHA256 f969bfded4506c1d2b424036eb80e22f0b96591d7c8a833870704fdef200d255 openldap-2.3.20.tgz 3732780
diff --git a/net-nds/openldap/openldap-2.3.20.ebuild b/net-nds/openldap/openldap-2.3.20.ebuild
new file mode 100644
index 000000000000..c7dcce3303a5
--- /dev/null
+++ b/net-nds/openldap/openldap-2.3.20.ebuild
@@ -0,0 +1,473 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/openldap-2.3.20.ebuild,v 1.1 2006/02/19 23:54:56 jokey Exp $
+
+inherit flag-o-matic toolchain-funcs eutils multilib
+
+COMPAT21_PV="2.1.30"
+COMPAT21_P="${PN}-${COMPAT21_PV}"
+COMPAT21_S="${WORKDIR}/${COMPAT21_P}"
+
+COMPAT22_PV="2.2.28"
+COMPAT22_P="${PN}-${COMPAT22_PV}"
+COMPAT22_S="${WORKDIR}/${COMPAT22_P}"
+
+DESCRIPTION="LDAP suite of application and development tools"
+HOMEPAGE="http://www.OpenLDAP.org/"
+SRC_URI="mirror://openldap/openldap-release/${P}.tgz
+ mirror://openldap/openldap-release/${COMPAT21_P}.tgz
+ mirror://openldap/openldap-release/${COMPAT22_P}.tgz"
+
+LICENSE="OPENLDAP"
+SLOT="0"
+KEYWORDS="~x86 ~amd64"
+IUSE="berkdb crypt debug gdbm ipv6 kerberos minimal odbc perl readline samba
+ sasl selinux slp ssl tcpd"
+
+RDEPEND=">=sys-libs/ncurses-5.1
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
+ ssl? ( >=dev-libs/openssl-0.9.6 )
+ readline? ( >=sys-libs/readline-4.1 )
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.7-r3 )
+ odbc? ( dev-db/unixODBC )
+ slp? ( >=net-libs/openslp-1.0 )
+ perl? ( >=dev-lang/perl-5.6 )
+ samba? ( >=dev-libs/openssl-0.9.6 )
+ selinux? ( sec-policy/selinux-openldap )
+ kerberos? ( virtual/krb5 )"
+
+# note that the 'samba' USE flag pulling in OpenSSL is NOT an error. OpenLDAP
+# uses OpenSSL for LanMan/NTLM hashing (which is used in some enviroments, like
+# mine at work)!
+# Robin H. Johnson <robbat2@gentoo.org> March 8, 2004
+
+# if USE=berkdb
+# pull in sys-libs/db
+# else if USE=gdbm
+# pull in sys-libs/gdbm
+# else
+# pull in sys-libs/db
+RDEPEND_BERKDB=">=sys-libs/db-4.2.52_p2-r1"
+RDEPEND_GDBM=">=sys-libs/gdbm-1.8.0"
+RDEPEND="${RDEPEND}
+ berkdb? ( ${RDEPEND_BERKDB} )
+ !berkdb? (
+ gdbm? ( ${RDEPEND_GDBM} )
+ !gdbm? ( ${RDEPEND_BERKDB} )
+ )"
+
+DEPEND="${RDEPEND}
+ >=sys-devel/libtool-1.5.18-r1
+ >=sys-apps/sed-4"
+
+# for tracking versions
+OPENLDAP_VERSIONTAG="/var/lib/openldap-data/.version-tag"
+
+openldap_upgrade_warning() {
+ ewarn "If you are upgrading from OpenLDAP-2.1 or 2.2, and run slapd on this"
+ ewarn "machine please see the ebuild for upgrade instructions, otherwise"
+ ewarn "you may corrupt your database!"
+ echo
+ ewarn "Part of the configuration file syntax has changed in 2.3:"
+ ewarn "'access to attribute=' is now 'access to attrs='"
+ echo
+ ewarn "The libraries of 2.1 and 2.2 are provided but please"
+ ewarn "consider updating your applications to only use 2.3"
+ ewarn "as the backwards compatible libraries will be removed in future."
+ ewarn "Do rebuild your applications against the new libraries do:"
+ ewarn "# revdep-rebuild --soname liblber.so.2"
+ ewarn "# revdep-rebuild --soname libldap.so.2"
+ ewarn "# revdep-rebuild --soname libldap_r.so.2"
+ echo
+ ewarn "Note that there are substantial changes to how openldap functions"
+ ewarn "in 2.3, if you are using bdb as a backend. You should issue the"
+ ewarn "following commands in order to get openldap to run:"
+ ewarn "mkdir /etc/openldap"
+ ewarn "slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d"
+ ewarn "chown -R ldap:ldap /etc/openldap/slapd.d"
+ ewarn "Make sure that '-F /etc/openldap/slapd.d' is included in the"
+ ewarn "/etc/conf.d/slapd configuration file. While it is possible to"
+ ewarn "skip the slaptest line above, it is inadvisable to do so as by"
+ ewarn "using slaptest you are able to resolve any configuration syntax"
+ ewarn "changes that might be present, however, if you are sure that"
+ ewarn "your syntax will work for 2.3 then you may simply create the"
+ ewarn "directory, set the permissions and ensure that the"
+ ewarn "/etc/conf.d/slapd has the extra information in it and"
+ ewarn "openldap will automatically create the new directory structure"
+ ewarn "and populate it with data."
+ echo
+}
+
+pkg_setup() {
+ # grab lines
+ openldap_datadirs=""
+ if [ -f ${ROOT}/etc/openldap/slapd.conf ]; then
+ openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)"
+ fi
+ datafiles=""
+ for d in $openldap_datadirs; do
+ datafiles="${datafiles} $(ls $d/*db* 2>/dev/null)"
+ done
+ # remove extra spaces
+ datafiles="$(echo ${datafiles// })"
+ # TODO: read OPENLDAP_VERSIONTAG instead in future
+ if has_version '<net-nds/openldap-2.3' && [ -n "$datafiles" ]; then
+ eerror "A possible old installation of OpenLDAP was detected"
+ eerror "As major version upgrades to 2.3 from lower versions can corrupt your"
+ eerror "database, you need to dump your database and re-create it afterwards."
+ eerror ""
+ d="$(date -u +%s)"
+ l="/root/ldapdump.${d}"
+ i="${l}.raw"
+ eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
+ eerror " 2. slapcat -l ${i}"
+ eerror " 3. egrep -v '^entryCSN:' <${i} >${l}"
+ eerror " 4. emerge unmerge '<=net-nds/openldap-2.2*'"
+ eerror " 5. mv /var/lib/openldap-data/ /var/lib/openldap-data.old/"
+ eerror " 6. emerge '>=net-nds/openldap-2.3'"
+ eerror " 7. etc-update, and ensure that you apply the changes"
+ eerror " 8. slapadd -l ${l}"
+ eerror " 9. chown ldap:ldap /var/lib/openldap-data/*"
+ eerror "10. /etc/init.d/slapd start"
+ eerror "11. check that your data is intact."
+ eerror "12. set up the new replication system."
+ eerror ""
+ eerror "This install will not proceed until your old data directory"
+ eerror "is at least moved out of the way."
+ die "Warning direct upgrade unsafe!"
+ fi
+ openldap_upgrade_warning
+ if use perl && built_with_use dev-lang/perl minimal ; then
+ die "You must have a complete (USE='-minimal') Perl install to use the perl backend!"
+ fi
+}
+
+pkg_preinst() {
+ openldap_upgrade_warning
+ enewgroup ldap 439
+ enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
+}
+
+src_unpack() {
+ unpack ${A}
+
+ # According to MDK, the link order needs to be changed so that
+ # on systems w/ MD5 passwords the system crypt library is used
+ # (the net result is that "passwd" can be used to change ldap passwords w/
+ # proper pam support)
+ sed -i -e 's/$(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)/$(LUTIL_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS)/' \
+ ${S}/servers/slapd/Makefile.in
+
+ # Fixes for 2.3
+ einfo "Applying patches for 2.3"
+
+ # supersedes old fix for bug #31202
+ EPATCH_OPTS="-p1 -d ${S}" epatch ${FILESDIR}/${PN}-2.2.14-perlthreadsfix.patch
+
+ # ximian connector 1.4.7 ntlm patch
+ EPATCH_OPTS="-p0 -d ${S}" epatch ${FILESDIR}/${PN}-2.2.6-ntlm.patch
+
+ # fixes for 2.2
+ einfo "Applying patches for 2.2 compat lib"
+
+ # Fix up DB-4.0 linking problem
+ # remember to autoconf! this expands configure by 500 lines (4 lines to m4
+ # stuff).
+ EPATCH_OPTS="-p1 -d ${COMPAT22_S}" epatch ${FILESDIR}/${PN}-2.2.14-db40.patch
+
+ # supersedes old fix for bug #31202
+ EPATCH_OPTS="-p1 -d ${COMPAT22_S}" epatch ${FILESDIR}/${PN}-2.2.14-perlthreadsfix.patch
+
+ # ximian connector 1.4.7 ntlm patch
+ EPATCH_OPTS="-p0 -d ${COMPAT22_S}" epatch ${FILESDIR}/${PN}-2.2.6-ntlm.patch
+
+ # make autoconf-archive compatible
+ EPATCH_OPTS="-p0 -d ${COMPAT22_S}" epatch ${FILESDIR}/${PN}-2.2.28-autoconf-archived-fix.patch
+
+ # make autoconf-archive compatible
+ EPATCH_OPTS="-p0 -d ${COMPAT22_S}" epatch ${FILESDIR}/${PN}-2.2.28-r1-configure.in-rpath.patch
+
+ # fixes for 2.1
+ einfo "Applying patches for 2.1 compat lib"
+
+ # Fix up DB-4.0 linking problem
+ # remember to autoconf! this expands configure by 500 lines (4 lines to m4
+ # stuff).
+ EPATCH_OPTS="-p1 -d ${COMPAT21_S}" epatch ${FILESDIR}/${PN}-2.1.30-db40.patch
+ EPATCH_OPTS="-p1 -d ${COMPAT21_S}" epatch ${FILESDIR}/${PN}-2.1.30-tls-activedirectory-hang-fix.patch
+
+ # Security bug #96767
+ # http://bugzilla.padl.com/show_bug.cgi?id=210
+ EPATCH_OPTS="-p1 -d ${COMPAT21_S}" epatch ${FILESDIR}/${PN}-2.2.26-tls-fix-connection-test.patch
+
+ # make files ready for new autoconf
+ EPATCH_OPTS="-p0 -d ${COMPAT21_S}" epatch ${FILESDIR}/${PN}-2.1.30-autoconf25.patch
+
+ # make autoconf-archive compatible
+ EPATCH_OPTS="-p0 -d ${COMPAT21_S}" epatch ${FILESDIR}/${PN}-2.1.30-autoconf-archived-fix.patch
+
+ # fix AC calls bug #114544
+ EPATCH_OPTS="-p0 -d ${COMPAT21_S}/build" epatch ${FILESDIR}/${PN}-2.1.30-m4_underquoted.patch
+
+ # supersedes old fix for bug #31202
+ EPATCH_OPTS="-p0 -d ${COMPAT21_S}" epatch ${FILESDIR}/${PN}-2.1.27-perlthreadsfix.patch
+
+ export WANT_AUTOMAKE="1.9"
+ export WANT_AUTOCONF="2.5"
+
+ # reconf compat for RPATH solve (bug #105380)
+ for each in ${COMPAT21_P} ${COMPAT22_P}
+ do
+ LOCAL_S=${WORKDIR}/${each}
+
+ # ensure correct SLAPI path by default
+ sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \
+ ${LOCAL_S}/include/ldap_defaults.h
+
+ cd ${LOCAL_S}
+ einfo "Running libtoolize on ${each}"
+ libtoolize --copy --force --automake
+ einfo "Running aclocal on ${each}"
+ aclocal || die "aclocal failed"
+
+ # apply RPATH patch
+ EPATCH_OPTS="-p0 -d ${LOCAL_S}" epatch ${FILESDIR}/${PN}-2.1.30-rpath.patch
+
+ einfo "Running autoconf on ${each}"
+ autoconf || die "autoconf failed"
+ done
+}
+
+src_compile() {
+ local myconf
+
+ # HDB is only available with BerkDB
+ myconf_berkdb='--enable-bdb --enable-ldbm-api=berkeley --enable-hdb=mod'
+ myconf_gdbm='--disable-bdb --enable-ldbm-api=gdbm --disable-hdb'
+
+ use debug && myconf="${myconf} --enable-debug" # there is no disable-debug
+
+ # enable slapd/slurpd servers if not doing a minimal build
+ # slurpd is deprecated by syncrepl in 2.3
+ if ! use minimal; then
+ myconf="${myconf} --enable-slapd --enable-slurpd"
+ # base backend stuff
+ myconf="${myconf} --enable-ldbm"
+ if use berkdb; then
+ einfo "Using Berkeley DB for local backend"
+ myconf="${myconf} ${myconf_berkdb}"
+ elif use gdbm; then
+ einfo "Using GDBM for local backend"
+ myconf="${myconf} ${myconf_gdbm}"
+ else
+ ewarn "Neither gdbm or berkdb USE flags present, falling back to"
+ ewarn "Berkeley DB for local backend"
+ myconf="${myconf} ${myconf_berkdb}"
+ fi
+ # extra backend stuff
+ myconf="${myconf} --enable-passwd=mod --enable-phonetic=mod"
+ myconf="${myconf} --enable-dnssrv=mod --enable-ldap"
+ myconf="${myconf} --enable-meta=mod --enable-monitor=mod"
+ myconf="${myconf} --enable-null=mod --enable-shell=mod"
+ myconf="${myconf} `use_enable perl perl mod`"
+ myconf="${myconf} `use_enable odbc sql mod`"
+ # slapd options
+ myconf="${myconf} `use_enable crypt` `use_enable slp`"
+ myconf="${myconf} --enable-rewrite --enable-rlookups"
+ myconf="${myconf} --enable-aci --enable-modules"
+ myconf="${myconf} --enable-cleartext --enable-slapi"
+ myconf="${myconf} `use_with samba lmpasswd`"
+ # disabled options:
+ # --with-bdb-module=dynamic
+ # alas, for BSD only:
+ # --with-fetch
+ # slapd overlay options
+ myconf="${myconf} --enable-dyngroup --enable-proxycache"
+ else
+ myconf="${myconf} --disable-slapd --disable-slurpd"
+ myconf="${myconf} --disable-bdb --disable-monitor"
+ # repeat? - is there a reason for this?
+ #myconf="${myconf} --disable-slurpd"
+ fi
+ # basic functionality stuff
+ myconf="${myconf} --enable-syslog --enable-dynamic"
+ myconf="${myconf} --enable-local --enable-proctitle"
+
+ myconf="${myconf} `use_enable ipv6` `use_enable readline`"
+ myconf="${myconf} `use_with sasl cyrus-sasl` `use_enable sasl spasswd`"
+ myconf="${myconf} `use_enable tcpd wrappers` `use_with ssl tls`"
+
+ if [ $(get_libdir) != "lib" ] ; then
+ append-ldflags -L/usr/$(get_libdir)
+ fi
+
+ econf \
+ --enable-static \
+ --enable-shared \
+ --libexecdir=/usr/$(get_libdir)/openldap \
+ ${myconf} || die "configure failed"
+
+ make depend || die "make depend failed"
+ make || die "make failed"
+
+ # special kerberos stuff
+ tc-export CC
+ if ! use minimal && use kerberos ; then
+ cd ${S}/contrib/slapd-modules/passwd/ && \
+ ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
+ -DHAVE_KRB5 -o pw-kerberos.so kerberos.c || \
+ die "failed to compile kerberos module"
+ fi
+
+ # now build old compat libs
+ for each in ${COMPAT21_P} ${COMPAT22_P}
+ do
+ LOCAL_S=${WORKDIR}/${each}
+ cd ${LOCAL_S} && \
+ econf \
+ --disable-static --enable-shared \
+ --libexecdir=/usr/$(get_libdir)/openldap \
+ --disable-slapd --disable-aci --disable-cleartext --disable-crypt \
+ --disable-lmpasswd --disable-spasswd --enable-modules \
+ --disable-phonetic --disable-rewrite --disable-rlookups --disable-slp \
+ --disable-wrappers --disable-bdb --disable-dnssrv --disable-ldap \
+ --disable-ldbm --disable-meta --disable-monitor --disable-null \
+ --disable-passwd --disable-perl --disable-shell --disable-sql \
+ --disable-slurpd || die "configure for ${each} failed"
+ make depend || die "make depend on ${each} failed"
+ cd ${LOCAL_S}/libraries/liblber && make liblber.la || die "make for ${each} liblber.la failed"
+ cd ${LOCAL_S}/libraries/libldap && make libldap.la || die "make for ${each}libldap.la failed"
+ cd ${LOCAL_S}/libraries/libldap_r && make libldap_r.la || die "make for ${each} libldap_r.la failed"
+ done
+}
+
+src_test() {
+ einfo "Doing tests"
+ cd tests ; make tests || die "make tests failed"
+}
+
+src_install() {
+ make DESTDIR=${D} install || die "make install failed"
+
+ dodoc ANNOUNCEMENT CHANGES COPYRIGHT README LICENSE
+ docinto rfc ; dodoc doc/rfc/*.txt
+
+ # openldap modules go here
+ # TODO: write some code to populate slapd.conf with moduleload statements
+ keepdir /usr/$(get_libdir)/openldap/openldap/
+
+ # make state directories
+ for x in data slurp ldbm; do
+ keepdir /var/lib/openldap-${x}
+ fowners ldap:ldap /var/lib/openldap-${x}
+ fperms 0700 /var/lib/openldap-${x}
+ done
+
+
+ echo "OLDPF='${PF}'" >${D}${OPENLDAP_VERSIONTAG}
+ echo "# do NOT delete this. it is used" >>${D}${OPENLDAP_VERSIONTAG}
+ echo "# to track versions for upgrading." >>${D}${OPENLDAP_VERSIONTAG}
+
+ # manually remove /var/tmp references in .la
+ # because it is packaged with an ancient libtool
+ for x in ${D}/usr/$(get_libdir)/lib*.la; do
+ sed -i -e "s:-L${S}[/]*libraries::" ${x}
+ done
+
+ # change slapd.pid location in configuration file
+ keepdir /var/run/openldap
+ fowners ldap:ldap /var/run/openldap
+ fperms 0755 /var/run/openldap
+
+ if ! use minimal; then
+ # config modifications
+ for f in /etc/openldap/slapd.conf /etc/openldap/slapd.conf.default; do
+ sed -e "s:/var/lib/run/slapd.:/var/run/openldap/slapd.:" -i ${D}/${f}
+ sed -e "/database\tbdb$/acheckpoint 32 30 # <kbyte> <min>" -i ${D}/${f}
+ fowners root:ldap ${f}
+ fperms 0640 ${f}
+ done
+ # install our own init scripts
+ exeinto /etc/init.d
+ newexe ${FILESDIR}/2.0/slapd slapd
+ newexe ${FILESDIR}/2.0/slurpd slurpd
+ if [ $(get_libdir) != lib ]; then
+ sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i ${D}/etc/init.d/{slapd,slurpd}
+ fi
+ insinto /etc/conf.d
+ newins ${FILESDIR}/2.0/slapd.conf slapd
+ if use kerberos && [ -f ${S}/contrib/slapd-modules/passwd/pw-kerberos.so ]; then
+ insinto /usr/$(get_libdir)/openldap/openldap
+ doins ${S}/contrib/slapd-modules/passwd/pw-kerberos.so || \
+ die "failed to install kerberos passwd module"
+ fi
+ fi
+
+ # install MDK's ssl cert script
+ if use ssl || use samba; then
+ dodir /etc/openldap/ssl
+ exeinto /etc/openldap/ssl
+ #newexe ${FILESDIR}/gencert.sh-2.2.27 gencert.sh
+ doexe ${FILESDIR}/gencert.sh
+ fi
+
+ if ! use nocompat; then
+ dolib.so ${COMPAT21_S}/libraries/liblber/.libs/liblber.so.2.0.130 || \
+ die "failed to install 2.1 liblber"
+ dolib.so ${COMPAT21_S}/libraries/libldap/.libs/libldap.so.2.0.130 || \
+ die "failed to install 2.1 libldap"
+ dolib.so ${COMPAT21_S}/libraries/libldap_r/.libs/libldap_r.so.2.0.130 || \
+ die "failed to install 2.1 libldap_r"
+
+ dolib.so ${COMPAT22_S}/libraries/liblber/.libs/liblber-2.2.so.7.0.21 || \
+ die "failed to install 2.1 liblber"
+ dosym liblber-2.2.so.7.0.21 /usr/$(get_libdir)/liblber-2.2.so.7
+ dolib.so ${COMPAT22_S}/libraries/libldap/.libs/libldap-2.2.so.7.0.21 || \
+ die "failed to install 2.1 libldap"
+ dosym libldap-2.2.so.7.0.21 /usr/$(get_libdir)/libldap-2.2.so.7
+ dolib.so ${COMPAT22_S}/libraries/libldap_r/.libs/libldap_r-2.2.so.7.0.21 || \
+ die "failed to install 2.1 libldap_r"
+ dosym libldap_r-2.2.so.7.0.21 /usr/$(get_libdir)/libldap_r-2.2.so.7
+ fi
+}
+
+pkg_postinst() {
+ if use ssl; then
+ # make a self-signed ssl cert (if there isn't one there already)
+ if [ ! -e /etc/openldap/ssl/ldap.pem ]
+ then
+ cd /etc/openldap/ssl
+ yes "" | sh gencert.sh
+ chmod 640 ldap.pem
+ chown root:ldap ldap.pem
+ else
+ einfo "An LDAP cert already appears to exist, no creating"
+ fi
+ fi
+
+ # Since moving to running openldap as user ldap there are some
+ # permissions problems with directories and files.
+ # Let's make sure these permissions are correct.
+ chown ldap:ldap /var/run/openldap
+ chmod 0755 /var/run/openldap
+ chown root:ldap /etc/openldap/slapd.conf{,.default}
+ chmod 0640 /etc/openldap/slapd.conf{,.default}
+
+ if use ssl; then
+ ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
+ ewarn "add 'TLS_REQCERT never' if you want to use them."
+ fi
+ ewarn "See Berkeley Database tuning options for OpenLDAP at http://www.openldap.org/faq/data/cache/1072.html"
+
+ einfo "Please note there is an example BDB configuration file in"
+ einfo "/etc/openldap and /var/lib/openldap-data. Review these config"
+ einfo "files for possible performance enhancements."
+ einfo
+ openldap_upgrade_warning
+
+ # Reference inclusion bug #77330
+ echo
+ einfo "Getting started using OpenLDAP? There is some documentation available:"
+ einfo "Gentoo Guide to OpenLDAP Authentication"
+ einfo "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
+}