summaryrefslogtreecommitdiff
blob: 4bd8aa2768c98e4c68f373f797dc838e279aa395 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-nds/389-ds-base/389-ds-base-1.2.11.15.ebuild,v 1.2 2012/10/02 20:25:09 lxnay Exp $

EAPI=2

WANT_AUTOMAKE="1.9"
MY_P=${P/_alpha/.a}
MY_P=${MY_P/_rc/.rc}
inherit user eutils multilib flag-o-matic autotools

DESCRIPTION="389 Directory Server (core librares and daemons )"
HOMEPAGE="http://port389.org/"
SRC_URI="http://directory.fedoraproject.org/sources/${MY_P}.tar.bz2"

LICENSE="GPL-2-with-exceptions"
SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="autobind auto-dn-suffix debug doc +pam-passthru +dna +ldapi +bitwise +presence kerberos selinux"

ALL_DEPEND="!>=sys-libs/db-5.0
	>=dev-libs/cyrus-sasl-2.1.19
	>=dev-libs/icu-3.4
	dev-libs/nss[utils]
	dev-libs/nspr
	dev-libs/svrcore
	dev-libs/openssl
	dev-libs/libpcre:3
	dev-libs/mozldap
	dev-perl/perl-mozldap
	>=net-analyzer/net-snmp-5.1.2
	sys-apps/tcp-wrappers
	>=sys-libs/db-4.5
	sys-libs/pam
	sys-libs/zlib
	kerberos? ( net-nds/openldap >=app-crypt/mit-krb5-1.7-r100[openldap] )
	selinux? ( >=sys-apps/policycoreutils-1.30.30
		sec-policy/selinux-base-policy )"

DEPEND="${ALL_DEPEND}
	virtual/pkgconfig
	sys-devel/libtool
	doc? ( app-doc/doxygen )
	selinux? ( sys-devel/m4 >=sys-apps/checkpolicy-1.30.12 )
	sys-apps/sed"
RDEPEND="${ALL_DEPEND}
	virtual/perl-Time-Local
	virtual/perl-MIME-Base64"

S="${WORKDIR}/${MY_P}"

pkg_setup() {
	enewgroup dirsrv
	enewuser dirsrv -1 -1 -1 dirsrv
}

src_prepare() {
	epatch "${FILESDIR}/selinux.patch"
	# Fix compilation against mozldap
	epatch "${FILESDIR}/389-ds-base-1.2.11-fix-mozldap.patch"
	# Upstream patch, will be in 1.2.11.16, fixes CVE-2012-4450
	epatch "${FILESDIR}/389-ds-base-1.2.11.16-cve-2012-4450.patch"

	# as per 389 documentation, when 64bit, export USE_64
	use amd64 && export USE_64=1

	sed -i -e 's/nobody/dirsrv/g' configure.ac || die "sed failed on configure.ac"
	eautoreconf

	# enable nsslapd-allow-unauthenticated-binds by default
	sed -i '/^nsslapd-allow-unauthenticated-binds/ s/off/on/' "${S}"/ldap/ldif/template-dse.ldif.in || \
		die "cannot tweak default setting: nsslapd-allow-unauthenticated-binds"

}

src_configure() {
	local myconf=""

	use auto-dn-suffix && myconf="${myconf} --enable-auto-dn-suffix"
	use selinux && myconf="${myconf} --with-selinux"

	econf \
		$(use_enable debug) \
		$(use_enable pam-passthru) \
		$(use_enable ldapi) \
		$(use_enable autobind) \
		$(use_enable dna) \
		$(use_enable bitwise) \
		$(use_enable presence) \
		$(use_with kerberos) \
		--enable-maintainer-mode \
		--enable-autobind \
		--with-fhs \
		$myconf || die "econf failed"
}

src_compile() {
	append-lfs-flags

	# Use -j1 otherwise libacl-plugin.so could fail to install properly
	emake -j1 || die "compile failed"
	if use selinux; then
		emake -f selinux/Makefile || die " build selinux policy failed"
	fi
}

src_install () {
	# Use -j1 otherwise libacl-plugin.so could fail to install properly
	emake -j1 DESTDIR="${D}" install || die "emake install failed"

	if use selinux;then
		emake -f selinux/Makefile DESTDIR="${D}" install || die "Install selinux policy failed"
	fi

	# install not installed header
	insinto /usr/include/dirsrv
	doins ldap/servers/slapd/slapi-plugin.h

	# for build free-ipa require winsync-plugin
	doins ldap/servers/plugins/replication/winsync-plugin.h
	doins ldap/servers/plugins/replication/repl-session-plugin.h

	# make sure perl scripts have a proper shebang
	cd "${D}"/usr/share/dirsrv/script-templates/

	for i in $(find ./  -iname '*.pl') ;do
		sed -i -e 's/#{{PERL-EXEC}}/#\!\/usr\/bin\/perl/' $i || die
	done

	# remove redhat style init script
	rm -rf "${D}"/etc/rc.d || die
	rm -rf "${D}"/etc/default || die

	# and install gentoo style init script
	newinitd "${FILESDIR}"/389-ds.initd 389-ds
	newinitd "${FILESDIR}"/389-ds-snmp.initd 389-ds-snmp

	# install Gentoo-specific start/stop scripts
	rm -f "${D}"/usr/sbin/{re,}start-dirsrv || die "cannot remove 389 start/stop executables"
	exeinto /usr/sbin
	doexe "${FILESDIR}"/{re,}start-dirsrv

	# cope with libraries being in /usr/lib/dirsrv
	dodir /etc/env.d
	echo "LDPATH=/usr/$(get_libdir)/dirsrv" > "${D}"/etc/env.d/08dirsrv

	# create the directory where our log file and database
	diropts -m 0755
	dodir /var/lib/dirsrv
	keepdir /var/lib/dirsrv
	dodir /var/lock/dirsrv
	keepdir /var/lock/dirsrv
	# snmp agent, required directory
	keepdir /var/agentx
	dodir /var/agentx

	if use doc; then
		cd "${S}"
		doxygen slapi.doxy || die "cannot run doxygen"
		dohtml -r docs/html
	fi
}

pkg_postinst() {
	if use selinux; then
		if has "loadpolicy" $FEATURES; then
			einfo "Inserting the following modules into the module store"
			cd /usr/share/selinux/targeted # struct policy not supported
			semodule -s dirsrv -i dirsrv.pp
		else
			elog
			elog "Policy has not been loaded.  It is strongly suggested"
			elog "that the policy be loaded before continuing!!"
			elog
			elog "Automatic policy loading can be enabled by adding"
			elog "\"loadpolicy\" to the FEATURES in make.conf."
			elog
			ebeep 4
		fi
	fi

	elog
	elog "If you are planning to use 389-ds-snmp (ldap-agent),"
	elog "make sure to properly configure: /etc/dirsrv/config/ldap-agent.conf"
	elog "adding proper 'server' entries, and adding the lines below to"
	elog " => /etc/snmp/snmpd.conf"
	elog
	elog "master agentx"
	elog "agentXSocket /var/agentx/master"
	elog
	elog
	elog "To start 389 Directory Server (LDAP service) at boot:"
	elog
	elog "    rc-update add 389-ds default"
	elog

	elog "If you are upgrading from previous 1.2.6 release candidates"
	elog "please see:"
	elog "http://directory.fedoraproject.org/wiki/Subtree_Rename#warning:_upgrade_from_389_v1.2.6_.28a.3F.2C_rc1_.7E_rc6.29_to_v1.2.6_rc6_or_newer"
	elog

}