ports/51277: [maintainer update] openldap21, user and group for ldap, sasl support

Christian Kratzer ck at cksoft.de
Tue Apr 22 11:20:16 UTC 2003 

>Number:         51277
>Category:       ports
>Synopsis:       [maintainer update] openldap21, user and group for ldap, sasl support
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Apr 22 04:20:05 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator:     Christian Kratzer
>Release:        FreeBSD 4.7-STABLE i386
>Organization:
CK Software GmbH
>Environment:
System: FreeBSD majakka.cksoft.de 4.7-STABLE FreeBSD 4.7-STABLE #1: Thu Dec 19 14:57:42 CET 2002 ck at majakka.cksoft.de:/usr/obj/usr/src/RELENG_4/src/sys/MAJAKKA i386

>Description:

NOTE: New user and group ldap added by this port.  Please consider adding
them to the base system in the future.

This port adds following features:

1. User and group ldap worked into startup scripts and pkg-install

	ck at majakka[build-root-ports]: {111} pw show user ldap
	ldap:*:389:389::0:0:OpenLDAP Server:/nonexistent:/sbin/nologin

	ck at majakka[build-root-ports]: {112} pw show group ldap
	ldap:*:389:

2. New option. WITHOUT_SASL to build without sasl. Building with 
   sasl is now default. This should be a very common configuration.

>How-To-Repeat:
>Fix:

--- openldap21/files/slapd.sh.orig	Sun Apr 20 09:42:41 2003
+++ openldap21/files/slapd.sh	Sun Apr 20 09:45:08 2003
@@ -7,18 +7,18 @@
 # Uncomment one of the following:
 #
 # IPv4 Only
-#slapd_args='-h ldap://0.0.0.0'
+#slapd_args='-u ldap -g ldap -h ldap://0.0.0.0'
 #
 # IPv6 and IPv4
-#slapd_ags='-h "ldap://[::] ldap://0.0.0.0"'
+#slapd_ags='-u ldap -g ldap -h "ldap://[::] ldap://0.0.0.0"'
 #
 # IPv6 Only
-#slapd_args='-h ldap://[::]'
+#slapd_args='-u ldap -g ldap -h ldap://[::]'
 #
 #
-slapd_args=
+slapd_args="-u ldap -g ldap"
 
-pidfile=/var/run/slapd.pid
+pidfile=/var/run/ldap/slapd.pid
 
 case "$1" in
 start)
@@ -31,7 +31,6 @@
 stop)
     if [ -f $pidfile ]; then
 	kill `cat $pidfile`
-	telnet localhost ldap </dev/null >/dev/null 2>&1
 	echo -n ' slapd'
 	rm $pidfile
     else
--- openldap21/files/slurpd.sh.orig	Tue Apr 22 13:00:26 2003
+++ openldap21/files/slurpd.sh	Tue Apr 22 13:01:31 2003
@@ -4,7 +4,7 @@
 #
 
 slurpd=@@PREFIX@@/libexec/slurpd
-pidfile=/var/run/slurpd.pid
+pidfile=/var/run/ldap/slurpd.pid
 
 case "$1" in
 start)
--- openldap21/Makefile.orig	Sun Apr 20 07:46:07 2003
+++ openldap21/Makefile	Mon Apr 21 10:57:22 2003
@@ -10,13 +10,17 @@
 # SLAPD_ONLY 	builds openldap21-slapd-PORTVERSION  (slapd and slapd tools)
 # SLURPD_ONLY 	builds openldap21-slurpd-PORTVERSION (slurpd only)
 # SERVERS_ONLY 	builds openldap21-servers-PORTVERSION (slapd and slurpd)
+# WITHOUT_SASL	do not build against sasl2
+#
+# OPENLDAP_STABLE an attempt to track the openldap stable branch
+#		It remains to be seen if this stays practical.
 #
 # $FreeBSD: ports/net/openldap21/Makefile,v 1.64 2003/04/11 14:43:46 nork Exp $
 #
 
 PORTNAME=	openldap21
 PORTVERSION=	2.1.17
-PORTREVISION=	0
+PORTREVISION=	1
 CATEGORIES=	net databases
 MASTER_SITES=	ftp://ftp.OpenLDAP.org/pub/OpenLDAP/%SUBDIR%/		\
 		http://www.PlanetMirror.com/pub/openldap/%SUBDIR%/	\
@@ -47,27 +51,42 @@
 
 LIB_DEPENDS+=	db41:${PORTSDIR}/databases/db41
 
-CXXFLAGS+=	-D_REENTRANT ${PTHREAD_CFLAGS} -I${LOCALBASE}/include/db41
-CPPFLAGS+=	-D_REENTRANT ${PTHREAD_CFLAGS} -I${LOCALBASE}/include/db41
+CXXFLAGS+=	-D_REENTRANT ${PTHREAD_CFLAGS}	\
+		-I${LOCALBASE}/include		\
+		-I${LOCALBASE}/include/db41
+
+CPPFLAGS+=	-D_REENTRANT ${PTHREAD_CFLAGS} 	\
+		-I${LOCALBASE}/include		\
+		-I${LOCALBASE}/include/db41
+
 LDFLAGS+=	-L${LOCALBASE}/lib
 
 USE_OPENSSL=	yes
 HAS_CONFIGURE=	yes
 
-CONFIGURE_ENV+=	CXXFLAGS="${CXXFLAGS}" \
-		CPPFLAGS="${CPPFLAGS}" \
+CONFIGURE_ENV+=	CXXFLAGS="${CXXFLAGS}"	\
+		CPPFLAGS="${CPPFLAGS}"	\
 		LDFLAGS="${LDFLAGS}"
 
 CONFIGURE_ARGS+=--prefix=${PREFIX} 	\
 		--enable-bdb		\
 		--enable-crypt
 
+.if defined(WITHOUT_SASL) 
+CONFIGURE_ARGS+=			\
+	--without-cyrus-sasl
+.else
+LIB_DEPENDS+=   sasl2:${PORTSDIR}/security/cyrus-sasl2
+CONFIGURE_ARGS+=			\
+	--with-cyrus-sasl		\
+	--enable-spasswd	
+.endif
+
 # ------------------------------------------------------------------------------
 # common configure
 #
 CONFIGURE_ARGS+=			\
 	--with-tls              	\
-	--without-cyrus-sasl		\
 	--localstatedir=/var/db
 
 # Include tcp-wrapper support
@@ -382,8 +401,8 @@
 post-patch:
 	@${CP} ${WRKSRC}/servers/slapd/slapd.conf \
 		${WRKSRC}/servers/slapd/slapd.conf.Dist
-	@${SED} -e '/^pidfile/s#%LOCALSTATEDIR%#/var/run#' \
-		-e '/^argsfile/s#%LOCALSTATEDIR%#/var/run#' \
+	@${SED} -e '/^pidfile/s#%LOCALSTATEDIR%#/var/run/ldap#' \
+		-e '/^argsfile/s#%LOCALSTATEDIR%#/var/run/ldap#' \
 		${WRKSRC}/servers/slapd/slapd.conf.Dist > \
 		${WRKSRC}/servers/slapd/slapd.conf
 
--- openldap21/pkg-install.orig	Sun Apr 20 08:35:44 2003
+++ openldap21/pkg-install	Mon Apr 21 11:01:50 2003
@@ -0,0 +1,52 @@
+#!/bin/sh
+#
+#	$FreeBSD:$
+#
+
+PKG_PREFIX=${PKG_PREFIX:=/usr/local}
+BATCH=${BATCH:=no}
+
+USER=ldap
+USER_UID=389
+
+GROUP=ldap
+GROUP_GID=389
+
+if [ x"$2" = xPRE-INSTALL ]; then
+    if /usr/sbin/pw groupshow "${GROUP}" 2>/dev/null; then
+        echo "You already have a group \"${GROUP}\", so I will use it."
+    else
+        if /usr/sbin/pw groupadd ${GROUP} -g ${GROUP_GID} -h -
+	then
+	    echo "Added group \"${GROUP}\"."
+	else
+	    echo "Adding group \"${GROUP}\" failed..."
+            echo "Please create it, and try again."
+            exit 1
+        fi
+    fi
+
+    if /usr/sbin/pw user show "${USER}" 2>/dev/null; then
+        echo "You already have a user \"${USER}\", so I will use it."
+    else
+        if /usr/sbin/pw useradd ${USER} -u ${USER_UID} -g ${GROUP} -h - \
+           -d /nonexistent \
+           -s /sbin/nologin \
+           -c "OpenLDAP Server"
+	then
+	    echo "Added user \"${USER}\"."
+	else
+	    echo "Adding user \"${USER}\" failed..."
+            echo "Please create it, and try again."
+            exit 1
+        fi
+    fi
+fi
+
+if [ x"$2" = xPOST-INSTALL ]; then
+	chown -R $USER:$GROUP /var/db/openldap-data
+	chown -R $USER:$GROUP /var/run/ldap
+	chown $USER:$GROUP $PKG_PREFIX/etc/openldap/slapd.conf
+	chown $USER:$GROUP $PKG_PREFIX/etc/openldap/slapd.conf.default
+fi
+
--- openldap21/pkg-message.orig	Tue Apr 22 12:31:06 2003
+++ openldap21/pkg-message	Tue Apr 22 12:30:40 2003
@@ -0,0 +1,8 @@
+The openldap21 port now creates a ldap user an a ldap group.
+
+If you use slapadd as root to populate your ldap Database please
+remember to chown the database directories and containing files
+to user ldap and group ldap.
+
+	chown -R ldap:ldap /var/db/openldap-data 
+
--- openldap21/pkg-plist.orig	Sun Apr 20 09:46:05 2003
+++ openldap21/pkg-plist	Sun Apr 20 09:49:08 2003
@@ -93,3 +93,5 @@
 %%NO_SLAPD%%@unexec /bin/rmdir %D/etc/openldap 2>/dev/null || true
 %%NO_SLAPD%%@exec [ -d /var/db/openldap-data ] || /bin/mkdir /var/db/openldap-data
 %%NO_SLAPD%%@unexec /bin/rmdir /var/db/openldap-data 2>/dev/null || true
+%%NO_SLAPD%%@exec [ -d /var/run/ldap ] || /bin/mkdir /var/run/ldap
+%%NO_SLAPD%%@unexec /bin/rmdir /var/run/ldap 2>/dev/null || true
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list