| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
Description: Move DS Admin Code into Admin Server - Inf, ds_newinst.pl
Fix Description: Some minor cleanup:
1) Setup must not write to the user supplied inf file. Setup uses the user supplied inf to initialize its cache, but creates a tempfile for writing.
2) When writing an Inf, preserve the continuation lines.
3) Added Noriko's fix for suffix generation to ds_newinst.pl
Platforms tested: RHEL4
Flag Day: No.
Doc impact: No.
|
| |
|
|
|
|
|
|
| |
Bug Description: Move DS Admin Code into Admin Server - admin server setup
Fix Description: Allow the use of '-' and '_' in section and parameter names when passing in inf parameters via the command line.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
| |
|
|
|
| |
Summary: Move DS Admin Code into Admin Server
Description: fixing the default suffix: dc=<host>, dc=<dc1>, dc=<dc2>, dc=<dc3> ===> dc=<dc1>, dc=<dc2>, dc=<dc3>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Description: Move DS Admin Code into Admin Server - ldif templates, pwdhash
Reviewed by: nhosoi (Thanks!)
Fix Description: These changes are primarily to allow the admin server setup to run completely in perl with no more setuputil code.
1) Added LDIF templates for DS config. template-dse.ldif is the core minimal directory server configuration. Values can be replaced with parameters in the same style as used with register_server.pl - %token%. For the plugin entries, the plugin shared library name is now just a name. There is no more full path. The code in dynalib.c handles this case by using the compiled in PLUGINDIR. The NSPR function PR_GetLibraryName knows the correct shared lib suffix for the platform. All of this allows us to do 2).
2) Added ability to run pwdhash with no server configuration. If no configuration is given, it uses the template-dse.ldif above. And instead of having to worry about where the plugins are installed and the shared lib suffix, it just depends on the above changes. This allows us to generate password hashes during setup before the directory server instance is created, and also to keep clear text password usage to a minimum.
3) Added defaultuser and defaultgroup.
4) Added support for continuation lines in Inf files.
5) All user visible messages during setup should be localizable
Platforms tested: RHEL4
Flag Day: Yes, autotool file changes.
Doc impact: Yes, along with the previous fixes for this bug.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Description: Move DS Admin Code into Admin Server
Reviewed by: nhosoi (Thanks!)
Fix Description: 1) Since we moved the o=NetscapeRoot code out of cfg_sspt.c, we no longer need to create the suffix and backend in create_instance.c
2) Added code to enable/disable dialogs e.g. for dialogs that can change the flow conditionally
3) Added code to allow the user to backup to the first prompt on a dialog, for dialogs with many prompts
4) Allow continuation lines in Resource files, instead of having to have embedded \n chars. This allows easier editing and layout.
5) Added an addSuffix function
6) Moved the register_servers.pl code from admin server into DS Util.pm and made it a little more general purpose.
Platforms tested: RHEL4
|
| |
|
|
| |
Description: providing slapd.inf having the DS static info for the setup/config
|
| |
|
|
|
| |
Summary: Move DS Admin Code into Admin Server (Comment #62)
Description: providing slapd.inf having the DS static info for the setup/config
|
| |
|
|
|
|
|
| |
Summary: Move DS Admin Code into Admin Server (Comment #54)
Description:
1) eliminated the code adding o=netscaperoot related entries from cfg_sspt.c.
2) moving DS task CGIs to the adminserver.
|
| | |
|
| |
|
|
|
|
|
|
| |
Description: Move DS Admin Code into Admin Server
Fix Description: 1) Need to have $SILENT be greater than $CUSTOM so that dialog hiding works properly.
2) Need to have the ability to hide or show individual prompts in a dialog e.g. if using TLS/SSL, need to ask for the CA certificate filename, otherwise, not.
3) Need the ability to call a function to get the default yes or no answer for DialogYesNo
4) DialogYesNo should match answer case insensitively
|
| |
|
|
|
|
|
|
| |
Summary: Use mozldap6 ldif_parse_line API
Changes:
1) Removed ldif.h from the DS tree.
2) Eliminated the 5-th arg of ldif_parse_line (errmsg) and the errmsg related
code.
|
| |
|
|
|
|
|
|
|
| |
Description: --with-ldapsdk-bin required for configure argument
Fix Description:
In m4/mozldap.m4, there is a code to check whether ldapsdk_bindir is specified,
but you can't specify it except for --with-ldapsdk argument or using pkg-config.
So using --with-ldapsdk-lib and --with-ldapsdk-inc requires the additional
argument '--with-ldapsdk-bin'.
|
| |
|
|
| |
Summary: Added SASL support to ldclt as well as some thread-safety fixes for ns-slapd when using SASL.
|
| |
|
|
|
|
|
|
|
|
|
| |
Description: Move DS Admin Code into Admin Server
Fix Description: The Resource class needs to support more than 1 resource file e.g. for ds-base and ds-admin.
The property dir should be under $datadir. Property files are data files, not really config files.
Added a shared_lib_suffix token
Fixed some wording errors in the resource file.
Platforms tested: RHEL4
Flag Day: no
Doc impact: No new doc impact from previous commits for this bug.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Description: Move DS Admin Code into Admin Server
Fix Description: This adds the setup related perl modules, scripts, and resource files to the DS base code. This will allow a user to interactively setup (create an instance of) a directory server. This will also form the base of the work to add the console and admin server related setup code.
New files/directories:
$libdir/fedora-ds/perl - this is where the perl modules (Setup.pm, etc.) will be installed.
$bindir/setup-ds.pl - the script to use to interactively create an instance of directory server. This has use lib '$libdir/fedora-ds/perl' hard coded into it at build time, in order to find the "private" setup perl modules. If you invoke this script in silent mode (setup-ds.pl -s) then it is exactly the same as just using ds_newinst.pl.
$sysconfdir/fedora-ds/property/setup-ds.res - Resources for setup-ds.pl and the associated modules.
I also fixed a problem with the libns-dshttpd linkage.
Platforms tested: RHEL4
Flag Day: no
Doc impact: Yes. All of these new items will need to be documented.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Description: allow instance creation with no .inf file; allow pre-hashed RootDNPwd
Reviewed by: nhosoi (Thanks!)
Fix Description: You can now use ds_newinst.pl without (or with) a .inf file like this:
ds_newinst.pl General.SuiteSpotUserID=nobody slapd.ServerPort=3890 ....
The parameters can be supplied via the command line. The format of the parameter is section.param=value. Normal shell quoting rules apply, so you still have to do something like this:
ds_newinst.pl "slapd.Suffix=dc=example, dc=com"
for embedded spaces and the like. If you supply a filename (or '-'), it must be the first argument after ds_newinst.pl. If you then supply additional arguments after the filename, these will override the settings in the given inf file. So, for example, you could reuse the same .inf file, except provide a different hostname:
ds_newinst.pl basefile.inf General.FullMachineName=bar.example.com
This allows you to use the same base .inf file for several machines, and only change certain parameters on a per-machine basis.
ds_newinst.pl will now fill in some default values - it will use Net::Domain::hostfqdn for FullMachineName, and your login ID for SuiteSpotUserID (however, not if running ds_newinst.pl as root), and will construct the Suffix and ServerIdentifier based on the FullMachineName. RootDN will default to cn=Directory Manager. ServerRoot is no longer required.
Another enhancement is the ability to provide a pre-hashed password for the RootDNPwd parameter, to avoid having to pass around the clear text directory manager password. However, some caveats apply. If the password begins with one of the well known hash algorithms (e.g. {SHA, {SSHA, etc.), ds_newinst will assume it is already hashed. This may cause problems if users expect to be able to provide a clear text password such as {SSHA}text, but I seriously doubt anyone does that (famous last words . . .). Another problem is that the code as it currently stands uses the clear text password to bind to the server after starting the server to add some additional entries and ACIs. This cannot be done if a pre-hashed password is provided (but we're working on a solution to that problem too).
write_ldap_info() is no longer needed.
Finally, a couple of minor bug fixes.
Platforms tested: RHEL4
Flag Day: no
Doc impact: Yes. There will be some documentation changes required.
|
| |
|
|
|
|
| |
Description: Allow mimimum schema in ds_newinst.pl
Fix Description: Fixed by abartlet. Add a new configuration param to create_instance - install_full_schema. By default this is 1, meaning the traditional behavior of installing all of the schema. If set to 0, this will only install the 00core.ldif schema file. This also required enhancements to ds_newinst.pl as well as a bug fix to allow passing in a 0 value.
Reviewed by: nhosoi, rmeggins
|
| |
|
|
|
| |
Description: Add replication schema to core DS schema
Fix Description: We need to move some of the schema from 01common to 00core in order to allow the directory server to use replication with minimal schema.
|
| |
|
|
|
|
|
|
|
|
|
| |
Description: bitwise matching plugin
Fix Description: Samba requires backend LDAP servers to support bitwise operations. This is to support search filters like this:
(|(|(&(!(groupType:1.2.840.113556.1.4.803:=1))(groupType:1.2.840.113556.1.4.803:=2147483648)(groupType:1.2.840.113556.1.4.804:=10))(samAccountType=805306368))(samAccountType=805306369))
Note: This patch works for Samba's tests, but hasn't been more broadly or specifically tested.
This commit also adds an --enable-bitwise option to configure (enabled by default - use --disable-bitwise to disable it) and adds the plugin entry to the configuration during new instance creation.
Platforms tested: FC5/FC6
|
| |
|
|
| |
Summary: Fixed linker problems when linking with ldap c sdk.
|
| |
|
|
| |
Summary: Random SASL GSSAPI test failure on shadowfoot (Comment #9)
|
| |
|
|
|
|
|
| |
Summary: Change the name and location of template-cl-dump.pl and template-repl-monitor.pl
Description: 1) Removed "template-" from the script name
2) added shell script wrappers cl-dump and repl-monitor
3) moved them to bindir
|
| |
|
|
|
| |
Summary: Move DS Admin Code into Admin Server (Comment #9)
Description: Cleaning up unused code
|
| |
|
|
|
| |
Summary: Move DS Admin Code into Admin Server (Comment #8)
Description: acclanglist.c has been moved to AdminUtil
|
| |
|
|
|
| |
Summary: Move DS Admin Code into Admin Server (Comment #5)
Description: DSMLGW and ORGCHART are moved out; removing from ldapserver
|
| |
|
|
|
| |
Summary: Move DS Admin Code into Admin Server (Comment #5)
Description: DSMLGW and ORGCHART are moved out; removing from ldapserver
|
| |
|
|
|
|
|
| |
Summary: Move DS Admin Code into Admin Server (Comment #4,#6)
Description:
.DSGW is already a separated module "dsgw"; Removing from ldapserver.
.Removing the independency from lib/libsi18n/gsslapd.h
|
| |
|
|
|
| |
Summary: Move DS Admin Code into Admin Server (Comment #3)
Description: Cleaning up NT code
|
| |
|
|
|
| |
Summary: Move DS Admin Code into Admin Server (Comment #2)
Description: Cleaning up unused code
|
| |
|
|
|
| |
Summary: Move DS Admin Code into Admin Server (Comment #2)
Description: Cleaning up unused code
|
| |
|
|
|
|
|
| |
Summary: Random SASL GSSAPI test failure on shadowfoot (Comment #7)
Changes: If PR_Recv in sasl_recv_connection gets EAGAIN (== errno 11),
check whether it should be retried as being done for "a temporary
non-blocking I/O error".
|
| |
|
|
| |
Summary: Modified the with-fhs and with-fhs-opt configure options
|
| |
|
|
|
|
| |
Summary: Random SASL GSSAPI test failure on shadowfoot
Description: As mentioned in the comment just above of the code: "we now must
read more data off the wire until we have the complete packet", we read more.
|
| |
|
|
| |
Summary: Added a configure option for FHS optional software layout style.
|
| |
|
|
| |
Summary: Remove obsolete makefiles
|
| |
|
|
| |
Summary: Remove obsolete makefiles
|
| |
|
|
| |
Summary: Remove obsolete makefiles
|
| |
|
|
| |
Summary: verify-db.pl still assumes the db dir is always in the instance dir (Comment #14)
|
| |
|
|
|
|
|
|
|
| |
Bug Description: small memory leaks in task code
Reviewed by: nkinder, nhosoi (Thanks!)
Fix Description: There were a few places that were using slapi_get_first/next_backend without freeing the iterator cookie.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
| |
|
|
| |
Summary: Set correct default nsslapd-saslpath config setting on non-Linux platforms.
|
| |
|
|
|
|
|
| |
Summary: verify-db.pl still assumes the db dir is always in the instance dir (Comment #10)
Description: To set db_bindir, if db.pc exists, check if bindir variable is
defined in the file or not. If it's defined, set it to db_bindir. If not,
set the default path /usr/bin to db_bindir.
|
| |
|
|
|
| |
Summary: verify-db.pl still assumes the db dir is always in the instance dir (Comment #8)
Description: Introduced "DB-DIR" macro
|
| |
|
|
|
| |
Summary: make db2bak.pl & db2ldif.pl user more user-friendly (Comment #10)
Change: fixed 'db2ldif -s ""' fails with shift unavailable
|
| |
|
|
| |
Summary: Change format of DBVERSION and guardian files (comment #10)
|
| |
|
|
|
|
| |
Summary: make db2bak.pl & db2ldif.pl user more user-friendly (Comment #8)
Fixed problem: the command line fails to generate an output file name
when an empty suffix is passed like this: db2ldif -s ""
|
| |
|
|
|
| |
Description: version 1.1.0: bugs in build system (linking)
Fix Description: libds_admin needs to link with LDAPSDK_LINK and the server needs to link with SVRCORE
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary: verify-db.pl still assumes the db dir is always in the instance dir
Changes:
0) eliminated the "current directory" from the utility. Now, it can be run
from any location.
1) updated to take a new option [-a <fullpath_to_db_dir> ] to allow specifying
the db dir/changelog dir; by default the start point is "db_dir"
(nsslapd-directory in cn=config,cn=ldbm database,cn=plugins,cn=config)
2) instead of assuming the db dir structure (e.g.,
db/<backend_instance>/<db_files>), now it checks all the db files found under
the specified path. This allows to run the utility against the backup files,
as well.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary: make db2bak.pl & db2ldif.pl user more user-friendly (Comment #4)
Changes:
1) Found db2bak, db2bak.pl, and db2ldif do not backup/export into the dir/file
which do not start with the <server-id> string. It could cause the difficulty
to find out which server instance does the backup/exported file belongs to.
Also, to make them consistent with db2ldif.pl, added the "server id" string to
the back up dir name/exported ldif file name.
2) db2ldif[.pl] takes -M option. With the -M option, the server adds backend
name to the ldif file name. To reduce the redundancy, stopped adding the
backend name if -M is set.
3) made the ldif file name db2ldif generates consistent with the one db2ldif.pl
generates.
|
| |
|
|
| |
Summary: make db2bak.pl & db2ldif.pl user more user-friendly
|
