/[gentoo-x86]/net-nds/openldap/openldap-2.3.35-r1.ebuild
Gentoo

Contents of /net-nds/openldap/openldap-2.3.35-r1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.12 - (show annotations) (download)
Sun Jan 13 22:36:18 2008 UTC (11 years, 9 months ago) by ulm
Branch: MAIN
CVS Tags: HEAD
Changes since 1.11: +1 -1 lines
FILE REMOVED
Remove old revisions wrt bug #201690.
(Portage version: 2.1.4_rc14)

1 # Copyright 1999-2007 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/openldap-2.3.35-r1.ebuild,v 1.11 2007/06/24 23:28:38 vapier Exp $
4
5 WANT_AUTOCONF="latest"
6 WANT_AUTOMAKE="latest"
7 AT_M4DIR="./build"
8 inherit autotools db-use eutils flag-o-matic multilib ssl-cert toolchain-funcs versionator
9
10 DESCRIPTION="LDAP suite of application and development tools"
11 HOMEPAGE="http://www.OpenLDAP.org/"
12 SRC_URI="mirror://openldap/openldap-release/${P}.tgz"
13
14 LICENSE="OPENLDAP"
15 SLOT="0"
16 KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd"
17 IUSE="berkdb crypt debug gdbm ipv6 kerberos minimal odbc overlays perl readline
18 samba sasl slp smbkrb5passwd ssl tcpd selinux"
19
20 # note that the 'samba' USE flag pulling in OpenSSL is NOT an error. OpenLDAP
21 # uses OpenSSL for LanMan/NTLM hashing (which is used in some enviroments, like
22 # mine at work)!
23 # Robin H. Johnson <robbat2@gentoo.org> March 8, 2004
24
25 RDEPEND="sys-libs/ncurses
26 tcpd? ( sys-apps/tcp-wrappers )
27 ssl? ( dev-libs/openssl )
28 readline? ( sys-libs/readline )
29 sasl? ( dev-libs/cyrus-sasl )
30 !minimal? (
31 odbc? ( dev-db/unixODBC )
32 slp? ( net-libs/openslp )
33 perl? ( dev-lang/perl )
34 samba? ( dev-libs/openssl )
35 kerberos? ( virtual/krb5 )
36 berkdb? ( >=sys-libs/db-4.2.52_p2-r1 )
37 !berkdb? (
38 gdbm? ( sys-libs/gdbm )
39 !gdbm? ( >=sys-libs/db-4.2.52_p2-r1 )
40 )
41 smbkrb5passwd? (
42 dev-libs/openssl
43 app-crypt/heimdal
44 )
45 )
46 selinux? ( sec-policy/selinux-openldap )"
47 DEPEND="${RDEPEND}"
48
49 # for tracking versions
50 OPENLDAP_VERSIONTAG=".version-tag"
51 OPENLDAP_DEFAULTDIR_VERSIONTAG="/var/lib/openldap-data"
52
53 openldap_upgrade_howto() {
54 eerror
55 eerror "A (possible old) installation of OpenLDAP was detected,"
56 eerror "installation will not proceed for now."
57 eerror
58 eerror "As major version upgrades can corrupt your database,"
59 eerror "you need to dump your database and re-create it afterwards."
60 eerror ""
61 d="$(date -u +%s)"
62 l="/root/ldapdump.${d}"
63 i="${l}.raw"
64 eerror " 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop"
65 eerror " 2. slapcat -l ${i}"
66 eerror " 3. egrep -v '^entryCSN:' <${i} >${l}"
67 eerror " 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/"
68 eerror " 5. emerge --update \=net-nds/${PF}"
69 eerror " 6. etc-update, and ensure that you apply the changes"
70 eerror " 7. slapadd -l ${l}"
71 eerror " 8. chown ldap:ldap /var/lib/openldap-data/*"
72 eerror " 9. /etc/init.d/slapd start"
73 eerror "10. check that your data is intact."
74 eerror "11. set up the new replication system."
75 eerror
76 die "You need to upgrade your database first"
77 }
78
79 openldap_find_versiontags() {
80 # scan for all datadirs
81 openldap_datadirs=""
82 if [ -f ${ROOT}/etc/openldap/slapd.conf ]; then
83 openldap_datadirs="$(awk '{if($1 == "directory") print $2 }' ${ROOT}/etc/openldap/slapd.conf)"
84 fi
85 openldap_datadirs="${openldap_datadirs} ${OPENLDAP_DEFAULTDIR_VERSIONTAG}"
86
87 einfo
88 einfo "Scanning datadir(s) from slapd.conf and"
89 einfo "the default installdir for Versiontags"
90 einfo "(${OPENLDAP_DEFAULTDIR_VERSIONTAG} may appear twice)"
91 einfo
92
93 # scan datadirs if we have a version tag
94 openldap_found_tag=0
95 for each in ${openldap_datadirs}; do
96 CURRENT_TAGDIR=${ROOT}`echo ${each} | sed "s:\/::"`
97 CURRENT_TAG=${CURRENT_TAGDIR}/${OPENLDAP_VERSIONTAG}
98 if [ -d ${CURRENT_TAGDIR} ] && [ ${openldap_found_tag} == 0 ] ; then
99 einfo "- Checking ${each}..."
100 if [ -r ${CURRENT_TAG} ] ; then
101 # yey, we have one :)
102 einfo " Found Versiontag in ${each}"
103 source ${CURRENT_TAG}
104 if [ "${OLDPF}" == "" ] ; then
105 eerror "Invalid Versiontag found in ${CURRENT_TAGDIR}"
106 eerror "Please delete it"
107 eerror
108 die "Please kill the invalid versiontag in ${CURRENT_TAGDIR}"
109 fi
110
111 OLD_MAJOR=`get_version_component_range 2-3 ${OLDPF}`
112
113 # are we on the same branch?
114 if [ "${OLD_MAJOR}" != "${PV:0:3}" ] ; then
115 ewarn " Versiontag doesn't match current major release!"
116 if [[ `ls -a ${CURRENT_TAGDIR} | wc -l` -gt 5 ]] ; then
117 eerror " Versiontag says other major and you (probably) have datafiles!"
118 echo
119 openldap_upgrade_howto
120 else
121 einfo " No real problem, seems there's no database."
122 fi
123 else
124 einfo " Versiontag is fine here :)"
125 fi
126 else
127 einfo " Non-tagged dir ${each}"
128 if [[ `ls -a ${each} | wc -l` > 5 ]] ; then
129 einfo " EEK! Non-empty non-tagged datadir, counting `ls -a ${each} | wc -l` files"
130 echo
131
132 eerror
133 eerror "Your OpenLDAP Installation has a non tagged datadir that"
134 eerror "possibly contains a database at ${CURRENT_TAGDIR}"
135 eerror
136 eerror "Please export data if any entered and empty or remove"
137 eerror "the directory, installation has been stopped so you"
138 eerror "can take required action"
139 eerror
140 eerror "For a HOWTO on exporting the data, see instructions in the ebuild"
141 eerror
142 die "Please move the datadir ${CURRENT_TAGDIR} away"
143 fi
144 fi
145 einfo
146 fi
147 done
148
149 echo
150 einfo
151 einfo "All datadirs are fine, proceeding with merge now..."
152 einfo
153
154 }
155
156 pkg_setup() {
157 if has_version "<=dev-lang/perl-5.8.8_rc1" && built_with_use dev-lang/perl minimal ; then
158 die "You must have a complete (USE='-minimal') Perl install to use the perl backend!"
159 fi
160
161 if use minimal && has_version "net-nds/openldap" && built_with_use net-nds/openldap minimal ; then
162 einfo
163 einfo "Skipping scan for previous datadirs as requested by minimal useflag"
164 einfo
165 else
166 openldap_find_versiontags
167 fi
168
169 enewgroup ldap 439
170 enewuser ldap 439 -1 /usr/$(get_libdir)/openldap ldap
171 }
172
173 src_unpack() {
174 unpack ${A}
175
176 # According to MDK, the link order needs to be changed so that
177 # on systems w/ MD5 passwords the system crypt library is used
178 # (the net result is that "passwd" can be used to change ldap passwords w/
179 # proper pam support)
180 sed -i -e 's/$(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)/$(LUTIL_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS)/' \
181 ${S}/servers/slapd/Makefile.in
182
183 # supersedes old fix for bug #31202
184 EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-2.2.14-perlthreadsfix.patch
185
186 # ensure correct SLAPI path by default
187 sed -i -e 's,\(#define LDAPI_SOCK\).*,\1 "/var/run/openldap/slapd.sock",' \
188 ${S}/include/ldap_defaults.h
189
190 EPATCH_OPTS="-p0 -d ${S}"
191
192 # ximian connector 1.4.7 ntlm patch
193 epatch "${FILESDIR}"/${PN}-2.2.6-ntlm.patch
194
195 # bug #132263
196 if use overlays ; then
197 epatch "${FILESDIR}"/${PN}-2.3.21-ppolicy.patch
198 fi
199
200 # fix up stuff for newer autoconf that simulates autoconf-2.13, but doesn't
201 # do it perfectly.
202 cd "${S}"/build
203 ln -s shtool install
204 ln -s shtool install.sh
205 einfo "Making sure upstream build strip does not do stripping too early"
206 sed -i.orig \
207 -e '/^STRIP/s,-s,,g' \
208 top.mk || die "Failed to block stripping"
209
210 # bug #116045
211 # patch contrib modules
212 if ! use minimal ; then
213 cd "${S}"/contrib
214 epatch "${FILESDIR}"/${PN}-2.3.24-contrib-smbk5pwd.patch
215 fi
216 }
217
218 src_compile() {
219 local myconf
220
221 # HDB is only available with BerkDB
222 myconf_berkdb='--enable-bdb --enable-ldbm-api=berkeley --enable-hdb=mod'
223 myconf_gdbm='--disable-bdb --enable-ldbm-api=gdbm --disable-hdb'
224
225 use debug && myconf="${myconf} --enable-debug" # there is no disable-debug
226
227 # enable slapd/slurpd servers if not doing a minimal build
228 if ! use minimal ; then
229 myconf="${myconf} --enable-slapd --enable-slurpd"
230 # base backend stuff
231 myconf="${myconf} --enable-ldbm"
232 if use berkdb ; then
233 einfo "Using Berkeley DB for local backend"
234 myconf="${myconf} ${myconf_berkdb}"
235 # We need to include the slotted db.h dir for FreeBSD
236 append-cppflags -I$(db_includedir)
237 elif use gdbm ; then
238 einfo "Using GDBM for local backend"
239 myconf="${myconf} ${myconf_gdbm}"
240 else
241 ewarn "Neither gdbm or berkdb USE flags present, falling back to"
242 ewarn "Berkeley DB for local backend"
243 myconf="${myconf} ${myconf_berkdb}"
244 # We need to include the slotted db.h dir for FreeBSD
245 append-cppflags -I$(db_includedir)
246 fi
247 # extra backend stuff
248 myconf="${myconf} --enable-passwd=mod --enable-phonetic=mod"
249 myconf="${myconf} --enable-dnssrv=mod --enable-ldap"
250 myconf="${myconf} --enable-meta=mod --enable-monitor=mod"
251 myconf="${myconf} --enable-null=mod --enable-shell=mod"
252 myconf="${myconf} --enable-relay=mod"
253 myconf="${myconf} $(use_enable perl perl mod)"
254 myconf="${myconf} $(use_enable odbc sql mod)"
255 # slapd options
256 myconf="${myconf} $(use_enable crypt) $(use_enable slp)"
257 myconf="${myconf} --enable-rewrite --enable-rlookups"
258 myconf="${myconf} --enable-aci --enable-modules"
259 myconf="${myconf} --enable-cleartext --enable-slapi"
260 myconf="${myconf} $(use_with samba lmpasswd)"
261 # slapd overlay options
262 myconf="${myconf} --enable-dyngroup --enable-proxycache"
263 use overlays && myconf="${myconf} --enable-overlays=mod"
264 else
265 myconf="${myconf} --disable-slapd --disable-slurpd"
266 myconf="${myconf} --disable-bdb --disable-ldbm"
267 myconf="${myconf} --disable-hdb --disable-monitor"
268 myconf="${myconf} --disable-slurpd --disable-overlays"
269 myconf="${myconf} --disable-relay"
270 fi
271
272 # basic functionality stuff
273 myconf="${myconf} --enable-syslog --enable-dynamic"
274 myconf="${myconf} --enable-local --enable-proctitle"
275
276 myconf="${myconf} $(use_enable ipv6) $(use_enable readline)"
277 myconf="${myconf} $(use_with sasl cyrus-sasl) $(use_enable sasl spasswd)"
278 myconf="${myconf} $(use_enable tcpd wrappers) $(use_with ssl tls)"
279
280 if [ $(get_libdir) != "lib" ] ; then
281 append-ldflags -L/usr/$(get_libdir)
282 fi
283
284 STRIP=/bin/true \
285 econf \
286 --enable-static \
287 --enable-shared \
288 --libexecdir=/usr/$(get_libdir)/openldap \
289 ${myconf} || die "configure failed"
290
291 # Adding back -j1 as upstream didn't answer on parallel make issue yet
292 emake -j1 depend || die "make depend failed"
293 emake -j1 || die "make failed"
294
295 # openldap/contrib
296 tc-export CC
297 if ! use minimal ; then
298 # dsaschema
299 einfo "Building contributed dsaschema"
300 cd "${S}"/contrib/slapd-modules/dsaschema
301 ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
302 -Wall -o libdsaschema-plugin.so dsaschema.c || \
303 die "failed to compile dsaschema module"
304 # kerberos passwd
305 if use kerberos ; then
306 einfo "Building contributed pw-kerberos"
307 cd "${S}"/contrib/slapd-modules/passwd/ && \
308 ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
309 -DHAVE_KRB5 -o pw-kerberos.so kerberos.c || \
310 die "failed to compile kerberos password module"
311 fi
312 # netscape mta-md5 password
313 einfo "Building contributed pw-netscape"
314 cd "${S}"/contrib/slapd-modules/passwd/ && \
315 ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
316 -o pw-netscape.so netscape.c || \
317 die "failed to compile netscape password module"
318 # smbk5pwd overlay
319 # Note: this modules builds, but may not work with
320 # Gentoo's MIT-Kerberos. It was designed for Heimdal
321 # Kerberos.
322 if use smbkrb5passwd ; then
323 einfo "Building contributed smbk5pwd"
324 local mydef
325 local mykrb5inc
326 mydef="-DDO_SAMBA -DDO_KRB5"
327 mykrb5inc="-I/usr/include/heimdal/"
328 cd "${S}"/contrib/slapd-modules/smbk5pwd && \
329 libexecdir="/usr/$(get_libdir)/openldap" \
330 DEFS="${mydef}" KRB5_INC="${mykrb5inc}" emake || \
331 die "failed to compile smbk5pwd module"
332 fi
333 # addrdnvalues
334 einfo "Building contributed addrdnvalues"
335 cd "${S}"/contrib/slapi-plugins/addrdnvalues/ && \
336 ${CC} -shared -I../../../include ${CFLAGS} -fPIC \
337 -o libaddrdnvalues-plugin.so addrdnvalues.c || \
338 die "failed to compile addrdnvalues plugin"
339 fi
340 }
341
342 src_test() {
343 einfo "Doing tests"
344 cd tests ; make tests || die "make tests failed"
345 }
346
347 src_install() {
348 emake DESTDIR="${D}" install || die "make install failed"
349
350 dodoc ANNOUNCEMENT CHANGES COPYRIGHT README LICENSE "${FILESDIR}"/DB_CONFIG.fast.example
351 docinto rfc ; dodoc doc/rfc/*.txt
352
353 # openldap modules go here
354 # TODO: write some code to populate slapd.conf with moduleload statements
355 keepdir /usr/$(get_libdir)/openldap/openldap/
356
357 # make state directories
358 local dirlist="data"
359 if ! use minimal; then
360 dirlist="${dirlist} slurp ldbm"
361 fi
362 for x in ${dirlist}; do
363 keepdir /var/lib/openldap-${x}
364 fowners ldap:ldap /var/lib/openldap-${x}
365 fperms 0700 /var/lib/openldap-${x}
366 done
367
368 echo "OLDPF='${PF}'" >${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}
369 echo "# do NOT delete this. it is used" >>${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}
370 echo "# to track versions for upgrading." >>${D}${OPENLDAP_DEFAULTDIR_VERSIONTAG}/${OPENLDAP_VERSIONTAG}
371
372 # manually remove /var/tmp references in .la
373 # because it is packaged with an ancient libtool
374 #for x in "${D}"/usr/$(get_libdir)/lib*.la; do
375 # sed -i -e "s:-L${S}[/]*libraries::" ${x}
376 #done
377
378 # change slapd.pid location in configuration file
379 keepdir /var/run/openldap
380 fowners ldap:ldap /var/run/openldap
381 fperms 0755 /var/run/openldap
382
383 if ! use minimal; then
384 # use our config
385 rm "${D}"etc/openldap/slapd.con*
386 insinto /etc/openldap
387 newins "${FILESDIR}"/${PN}-2.3.34-slapd-conf slapd.conf
388 configfile="${D}"etc/openldap/slapd.conf
389
390 # populate with built backends
391 ebegin "populate config with built backends"
392 for x in "${D}"usr/$(get_libdir)/openldap/openldap/back_*.so; do
393 elog "Adding $(basename ${x})"
394 sed -e "/###INSERTDYNAMICMODULESHERE###$/a# moduleload\t$(basename ${x})" -i "${configfile}"
395 done
396 sed -e "s:###INSERTDYNAMICMODULESHERE###$:# modulepath\t/usr/$(get_libdir)/openldap/openldap:" -i "${configfile}"
397 fowners root:ldap /etc/openldap/slapd.conf
398 fperms 0640 /etc/openldap/slapd.conf
399 cp "${configfile}" "${configfile}".default
400 eend
401
402 # install our own init scripts
403 newinitd "${FILESDIR}"/slapd-initd slapd
404 newinitd "${FILESDIR}"/slurpd-initd slurpd
405 newconfd "${FILESDIR}"/slapd-confd slapd
406
407 if [ $(get_libdir) != lib ]; then
408 sed -e "s,/usr/lib/,/usr/$(get_libdir)/," -i "${D}"etc/init.d/{slapd,slurpd}
409 fi
410
411 # install contributed modules
412 docinto /
413 if [ -e "${S}"/contrib/slapd-modules/dsaschema/libdsaschema-plugin.so ];
414 then
415 cd "${S}"/contrib/slapd-modules/dsaschema/
416 newdoc README README.contrib.dsaschema
417 exeinto /usr/$(get_libdir)/openldap/openldap
418 doexe libdsaschema-plugin.so || \
419 die "failed to install dsaschema module"
420 fi
421 if [ -e "${S}"/contrib/slapd-modules/passwd/pw-kerberos.so ]; then
422 cd "${S}"/contrib/slapd-modules/passwd/
423 newdoc README README.contrib.passwd
424 exeinto /usr/$(get_libdir)/openldap/openldap
425 doexe pw-kerberos.so || \
426 die "failed to install kerberos passwd module"
427 fi
428 if [ -e "${S}"/contrib/slapd-modules/passwd/pw-netscape.so ]; then
429 cd "${S}"/contrib/slapd-modules/passwd/
430 newdoc README README.contrib.passwd
431 exeinto /usr/$(get_libdir)/openldap/openldap
432 doexe "${S}"/contrib/slapd-modules/passwd/pw-netscape.so || \
433 die "failed to install Netscape MTA-MD5 passwd module"
434 fi
435 if [ -e "${S}"/contrib/slapd-modules/smbk5pwd/.libs/smbk5pwd.so ]; then
436 cd "${S}"/contrib/slapd-modules/smbk5pwd
437 newdoc README README.contrib.smbk5pwd
438 libexecdir="/usr/$(get_libdir)/openldap" \
439 emake DESTDIR="${D}" install-mod || \
440 die "failed to install smbk5pwd overlay module"
441 fi
442 if [ -e "${S}"/contrib/slapd-tools/statslog ]; then
443 cd "${S}"/contrib/slapd-tools
444 exeinto /usr/bin
445 newexe statslog ldapstatslog || \
446 die "failed to install ldapstatslog script"
447 fi
448 if [ -e "${S}"/contrib/slapi-plugins/addrdnvalues/libaddrdnvalues-plugin.so ];
449 then
450 cd "${S}"/contrib/slapi-plugins/addrdnvalues
451 newdoc README README.contrib.addrdnvalues
452 exeinto /usr/$(get_libdir)/openldap/openldap
453 doexe libaddrdnvalues-plugin.so || \
454 die "failed to install addrdnvalues plugin"
455 fi
456 fi
457 }
458
459 pkg_preinst() {
460 # keep old libs if any
461 LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
462 for LIBSUFFIX in ${LIBSUFFIXES} ; do
463 for each in liblber libldap libldap_r ; do
464 preserve_old_lib "${ROOT}usr/$(get_libdir)/${each}${LIBSUFFIX}"
465 done
466 done
467 }
468
469 pkg_postinst() {
470 if ! use minimal ; then
471 # You cannot build SSL certificates during src_install that will make
472 # binary packages containing your SSL key, which is both a security risk
473 # and a misconfiguration if multiple machines use the same key and cert.
474 # Additionally, it overwrites
475 if use ssl; then
476 insinto /etc/openldap/ssl
477 insopts -m0644 -o ldap -g ldap
478 docert ldap
479 ##fowners ldap:ldap /etc/openldap/ssl/ldap.*
480 ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
481 ewarn "Self-signed SSL certificates are treated harshly by OpenLDAP 2.[12]"
482 ewarn "add 'TLS_REQCERT never' if you want to use them."
483 fi
484 # These lines force the permissions of various content to be correct
485 chown ldap:ldap "${ROOT}"var/run/openldap
486 chmod 0755 "${ROOT}"var/run/openldap
487 chown root:ldap "${ROOT}"etc/openldap/slapd.conf{,.default}
488 chmod 0640 "${ROOT}"etc/openldap/slapd.conf{,.default}
489 chown ldap:ldap "${ROOT}"var/lib/openldap-{data,ldbm,slurp}
490 fi
491
492 # Reference inclusion bug #77330
493 echo
494 elog
495 elog "Getting started using OpenLDAP? There is some documentation available:"
496 elog "Gentoo Guide to OpenLDAP Authentication"
497 elog "(http://www.gentoo.org/doc/en/ldap-howto.xml)"
498 elog
499
500 # note to bug #110412
501 echo
502 elog
503 elog "An example file for tuning BDB backends with openldap is:"
504 elog "/usr/share/doc/${PF}/DB_CONFIG.fast.example.gz"
505 elog
506
507 LIBSUFFIXES=".so.2.0.130 -2.2.so.7"
508 for LIBSUFFIX in ${LIBSUFFIXES} ; do
509 for each in liblber libldap libldap_r ; do
510 preserve_old_lib_notify "${ROOT}usr/$(get_libdir)/${each}${LIBSUFFIX}"
511 done
512 done
513 }

  ViewVC Help
Powered by ViewVC 1.1.20