| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds centralized start, stop, and restart scripts
for ns-slapd. These scripts live in the sbin directory
and will act upon all instances if an instance identifier
is not specified (similar to the init script). The
instance specific scripts have been modified to call the
new centralized scripts.
The instance specific parameters needed by the new scripts
are located in the instance specific initconfig scripts,
which are now created by setup-ds.pl with values mapped
from the inf file.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support for the newly proposed LDAP Dereference feature (not to
be confused with alias dereferencing). The details of the proposed feature
can be found here:
http://www.openldap.org/devel/cvsweb.cgi/~checkout~/doc/drafts/draft-masarati-ldap-deref-xx.txt
This adds a new deref plugin to the directory server. This is a pre op search
plugin. In order to allow the plugin to rewrite the controls sent back with
each entry, I changed the way pre-search and pre-entry plugins work. They now
have the ability to alter the entry and controls just before being sent back
to the client.
This plugin does not currently support internal operations. It should be easy
to add a call to register the plugin for internal ops if we need to do that.
The code supports real, computed (e.g. memberOf), and virtual attributes
both as the attibute to dereference and in the list of attributes to return
from each dereferenced entry. This will allow us to use attributes such as
nsRole as the derefattr.
Tested on RHEL5 x86_64 with various openldap 2.4.15+ and Net::LDAP clients.
valgrind output is clean
|
|
|
|
|
|
|
|
| |
First cut for implementing Entry USN.
See http://directory.fedoraproject.org/wiki/Entry_USN for the design details.
This change includes a bug fix for "db2ldif -r"; event queue system was not
shutdown before the plugins are closed, which could have crashed the command
line utility.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates and reorganizes our core schema to follow
the most recently defined standards. The layout of the core
schema files is as follows:
00core.ldif - RFC 4512, RFC 4519, LDAP Subentry Internet Draft
01core389.ldif - 389 specific schema (required to start server)
02common.ldif - 389 specific schema (highly recommended,
Changelog Internet Draft, plug-in schema)
05rfc2927.ldif - MIME Directory Profile for LDAP Schema
05rfc4523.ldif - Schema Definitions for X.509 Certificates
05rfc4524.ldif - Cosine LDAP/X.500 Schema
06inetorgperson.ldif - RFC 2798 (pulls in RFC 2079 and part of
the obsolete RFC 1274 due to required attributes)
There are still a handful of syntaxes that we don't support, so
I've substituted syntaxes for about 15 attributes. The schema and
DIT related description syntaxes are not supported, so I've used
the "Directory String" syntax instead in 00core.ldif. The
certificate syntaxes defined in 4523 are not supported, so I've
used the "Octet String" syntax instead. All of these deviations
are commented with a "TODO" listing the syntax that we need to
implement.
I have also updated the Mozilla address book schema to the latest
from upstream for a minor bug fix. I changed the nsSymmetricKey
attribute to use the "Octet String" syntax since the "Binary"
syntax is deprecated.
|
|
|
|
|
|
|
|
| |
For more details, see the design doc at http://directory.fedoraproject.org/wiki/Thread_Aware_Regex
Additional 2 unrelated changes are being made:
1) dbgen.pl.in: secretary and manager are having a dn format value "cn=...".
2) slapi_counter_sunos_sparcv9.S: adding "#define _ASM 1" to force to set an assembler code macro _ASM.
|
|
|
|
|
|
|
|
|
| |
changed brand and capbrand to 389
changed vendor to "389 Project"
I had to redo my earlier patch - I should have used the newer
automake and autoconf to reduce the size of the patch
This commit uses automake 1.10.1 and autoconf 2.63 from F10
Reviewed by nkinder (Thanks!)
|
|
|
|
|
|
|
| |
A change was also made to Makefile.am to avoid library versioning
for our C++ plug-in libraries. This change should allow us to use
autogen.sh on recent platforms without running into issues during
build-time.
|
|
|
|
|
| |
Summary: move perl on solaris to a <TBD> path
Description: Changing Solaris perl path (perlexec) from /opt/perl5x/bin/perl to /usr/lib/sparcv9/dirsrv/perl5x/bin/perl.
|
|
|
|
| |
Summary: Added new remove-ds.pl script and manpage.
|
|
|
|
|
|
|
| |
Summary: (64bitcounters) rhds 7.1 - server stats use 32-bit integers -
entrycachehitratio 1503%
Description: checking in autoconf derived files.
Ran autogen on RHEL5; autoconf version 2.59, automake version 1.9.6
|
| |
|
|
|
|
| |
Summary: Add support for 64-bit counters (phase 1).
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Lack of manpages
Reviewed by: nhosoi (Thanks!)
Branch: HEAD
Fix Description: This adds man pages for the command line utilities. The configure.ac diffs were a little bit tricky - apparently, mandir is not set to a correct default value, so we have to make sure we set a reasonable default value it if the user has not set it (e.g. rpmbuild will override it with --mandir=something).
Platforms tested: Fedora 8, Fedora 9
Flag Day: no
Doc impact: no
|
|
|
|
| |
Summary: Add CLI for dynamic reload schema file task
|
|
|
|
| |
Summary: Added CLI for creating memberOf fix-up task entry.
|
|
|
|
|
|
| |
Summary: Dynamically reload schema via task interface
Description: implemented task based schema file reloading
(see also http://directory.fedoraproject.org/wiki/Dynamically_Reload_Schema)
|
| |
|
|
|
|
|
|
| |
Summary: LDAPI: introduce --enable-autobind to support AUTOBIND
Description: --enable-autobind is supported. Unless it's set, the auto-bind
code is not compiled in.
|
| |
|
|
|
|
| |
640:9c57bd91b32f if ipa-memberof.c).
|
|
|
|
| |
Summary: Don't define _XOPEN_SOURCE_EXTENDED on HP-UX.
|
|
|
|
| |
Summary: HP-UX: warnings reported by the HP-UX compiler
|
| |
|
|
|
|
|
| |
Summary: Installation failed. template files not found.
Description: Added template-sasl.ldif to Makefile.am
|
| |
|
|
|
|
|
|
|
|
| |
Summary: verify-db.pl (db_verify) does not work on a little endian machine
(comment #1-#4)
Description: 1) introducing dbverify mode to ns-slapd.
2) providing new script dbverify to call "ns-slapd dbverify"
3) fixing verify-db.pl to call dbverify instead of db_verify from BDB
|
|
|
|
| |
be ignored, which causes rpm packaging errors
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Description: DS Admin Migration framework
Reviewed by: nhosoi (Thanks!)
Fix Description: Created a Migration class that is very similar to the Setup class - to act as a sort of global context for the migration process. Moved most of the guts of migrateTo11 into the new DSMigration class and the new migrate-ds.pl - we should deprecate migrateTo11 in favor of migrate-ds.pl. I had to enhance the check_and_add_entry function to handle pseudo-LDIF change records - pseudo because mozilla perldap LDIF has no real LDIF change record support.
Fixed a bug in create_instance.c - creating an instance without starting it was not working if the port number of an existing directory server was supplied.
Added a new method createDSInstance to Util - this just wraps ds_newinst.pl for now.
Platforms tested: RHEL4
Doc: Yes. We will need to document the migration procedures.
Flag day: Yes. Autotool file changes.
|
|
|
|
|
|
|
|
| |
Summary: Configure Pass Thru Auth (comment #8, #9)
Description: 1) Introducing BaseVersion (*.inf files) via PACKAGE_BASE_VERSION
(configure.ac) to generate #.# format version number from #.#.#. The #.#
format version number is used in the jar file names
2) Updated Util.pm.in to include ACIs to the search result.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Description: Move DS Admin Code into Admin Server - ldif templates, pwdhash
Reviewed by: nhosoi (Thanks!)
Fix Description: These changes are primarily to allow the admin server setup to run completely in perl with no more setuputil code.
1) Added LDIF templates for DS config. template-dse.ldif is the core minimal directory server configuration. Values can be replaced with parameters in the same style as used with register_server.pl - %token%. For the plugin entries, the plugin shared library name is now just a name. There is no more full path. The code in dynalib.c handles this case by using the compiled in PLUGINDIR. The NSPR function PR_GetLibraryName knows the correct shared lib suffix for the platform. All of this allows us to do 2).
2) Added ability to run pwdhash with no server configuration. If no configuration is given, it uses the template-dse.ldif above. And instead of having to worry about where the plugins are installed and the shared lib suffix, it just depends on the above changes. This allows us to generate password hashes during setup before the directory server instance is created, and also to keep clear text password usage to a minimum.
3) Added defaultuser and defaultgroup.
4) Added support for continuation lines in Inf files.
5) All user visible messages during setup should be localizable
Platforms tested: RHEL4
Flag Day: Yes, autotool file changes.
Doc impact: Yes, along with the previous fixes for this bug.
|
|
|
|
|
| |
Summary: Move DS Admin Code into Admin Server (Comment #62)
Description: providing slapd.inf having the DS static info for the setup/config
|
|
|
|
|
|
|
|
|
| |
Description: --with-ldapsdk-bin required for configure argument
Fix Description:
In m4/mozldap.m4, there is a code to check whether ldapsdk_bindir is specified,
but you can't specify it except for --with-ldapsdk argument or using pkg-config.
So using --with-ldapsdk-lib and --with-ldapsdk-inc requires the additional
argument '--with-ldapsdk-bin'.
|
|
|
|
| |
Summary: Added SASL support to ldclt as well as some thread-safety fixes for ns-slapd when using SASL.
|
|
|
|
|
|
|
|
|
|
|
| |
Description: bitwise matching plugin
Fix Description: Samba requires backend LDAP servers to support bitwise operations. This is to support search filters like this:
(|(|(&(!(groupType:1.2.840.113556.1.4.803:=1))(groupType:1.2.840.113556.1.4.803:=2147483648)(groupType:1.2.840.113556.1.4.804:=10))(samAccountType=805306368))(samAccountType=805306369))
Note: This patch works for Samba's tests, but hasn't been more broadly or specifically tested.
This commit also adds an --enable-bitwise option to configure (enabled by default - use --disable-bitwise to disable it) and adds the plugin entry to the configuration during new instance creation.
Platforms tested: FC5/FC6
|
|
|
|
| |
Summary: verify-db.pl still assumes the db dir is always in the instance dir (Comment #14)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Split core schema
Reviewed by: prowley (Thanks!)
Files: see diff
Branch: HEAD
Fix Description: Moved all schema not required to start the server from
00core.ldif into a new file called 01common.ldif. Andrew and Satish
already did the work to determine which schema are required to start the
server, which is the schema needed to be in 00core.ldif.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: Solaris build: link shared libs correctly with libtool
Reviewed by: nkinder, prowley (Thanks!)
Fix Description: We have to use the $(CXXLINK) Makefile macro to build shared libs that use C++ code or link with C++ libs. In addition, Sun C++ link needs -lCstd and -lCrun. I added AC_DISABLE_STATIC so that we wouldn't generate all the .a libs we don't use. Lastly, but not leastly, libtool on rhel/fedora has a "feature" that adds several gcc-isms to the libtool script generated by configure. At best, these cause builds with non-gcc compilers to complain quite a bit, and at worst, cause the build to fail. I've added a sed command in configure to remove these gcc-isms from libtool on non-gcc platforms.
Platforms tested: RHEL4, FC6, Solaris 9
Flag Day: no
Doc impact: no
|
|
|
|
| |
Summary: Fixed build flags for compiling with pthread on HP-UX.
|
|
|
|
|
|
|
|
|
| |
Bug Description: FHS: use sysconfdir (/etc) as config file location - allow builders to set dynamic config directory location at configure time
Reviewed by: nhosoi, nkinder, prowley (Thanks!)
Fix Description: I've added a new configure switch: --with-instconfigdir. This switch will allow the user to specify a different location to store the dynamic instance specific config files rather than the default $sysconfdir/$package_name (e.g. /etc/fedora-ds). This is the directory which will contain the slapd-instance directories which contain the instance specific config, schema, and security files. Even though the user could override this with ds_newinst.pl ([slapd] section config_dir), we needed to be able to set the default so that the user would not have to remember to do this every time, and so that packagers could set a reasonable default value for their platform.
Platforms tested: FC6, RHEL4
Flag Day: no
Doc impact: no
|
|
|
|
| |
Summary: Added --enable-bundle option for legacy builds.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: FHS: move exes to _bindir; move ns-slapd to _sbindir
Reviewed by: many people (Thanks!)
Fix Description: In order to be more FHS compliant, we need to make the following changes:
1) move files executable by end users to _bindir (e.g. /usr/bin) - this means logconv.pl, ds_newinst, dbscan, etc.
2) move the server executable ns-slapd to _sbindir (e.g. /usr/sbin)
And, to be more packaging friendly, the additional changes:
3) move libback-ldbm to the plugins dir - it is a plugin
4) use the libtool -avoid-version flag with plugins - we don't need the .so.0.0.0 for plugins
I had to add support for sbindir and SBINDIR to create_instance and ds_newinst. We were using serverdir for 3 things - command line programs, server specific shared libs, and the server executable itself. These are now in 3 different places. The biggest change was to the scripts. I kept serverdir and SERVER-DIR to be the location of the server shared libs to avoid changing even more stuff. I had to add SERVERBIN-DIR to the scripts - this is the location of ns-slapd and is set by sbindir in create_instance (which defaults to SBINDIR from Makefile.am which defaults to $prefix/sbin in configure - whew).
I've tested instance creation with these diffs - everything seems to work fine.
5) reorder files in alphabetical order - suggested by nkinder
6) add $LDFLAGS to test in db.m4
7) touch all template/wrapper .in files to make them newer than their corresponding files
Platforms tested: RHEL4, FC6
Flag Day: no
Doc impact: Yes, but the docs will have to change quite a bit for all of the FHS related changes.
|
|
|
|
| |
Summary: Set library search path when using AC_CHECK_LIB in db.m4.
|
| |
|
|
|
|
|
| |
Summary: Nightly build uses autotools/yum (Comment #5)
Change: Adding logconv.pl to Makefile.am
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Allow building on Fedora
Reviewed by: nhosoi (Thanks!)
Fix Description: There are a few issues with building on Fedora (5 or later):
1) Need to be able to build with db4.2, db4.3, db4.4, etc. This version
auto-detects the db version from the db.h file it finds. In order to use a
different db version, just use configure --with-db=path or --with-db-inc=path that points to a
different db.h
2) mozldap and svrcore are now part of Fedora, so we need to look for those
components. Look for mozldap6 first to allow building on RHEL-4 as well.
mozldap now includes libldif, so add that to the link line.
svrcore-devel is now just svrcore - a svrcore runtime package and a
svrcore-devel build time package.
3) FHS means FHS - /etc, /var/, prefix=/usr and exec_prefix=/usr. It doesn't
make any sense to talk about FHS under a prefix. This means the default build
will do /opt/fedora-ds/etc, var, lib, bin, share, and so on instead of /opt/fedora-ds/usr/etc. --with-fhs resets prefix=/usr and exec_prefix=/usr, and overrides the default settings for sysconfdir and localstatedir
So, different build types:
FHS - use configure --with-fhs - uses /etc, /var, /usr/lib, /usr/share, etc.
Nothing - configure - uses /opt/fedora-ds/etc/, var/, bin/, lib/, etc.
GNU style - configure --prefix=/usr/local - /usr/local/etc, /usr/local/bin, /usr/local/var, and so on
Developers can use configure --prefix=/home/user/fds && make && make install to install local versions
Platforms tested: FC-6
Flag Day: no
Doc impact: no
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Define LIBDIR, BINDIR, etc. in Makefile
Reviewed by: nkinder (Thanks!)
Fix Description: The paths LIBDIR, BINDIR, et. al. are #define'd in create_instance.h to hard coded values. We should be able to set these values in configure and override the built in values. We can't simply set them via AC_DEFINE in configure.ac because we are using config.h and this would render the definition like this:
#define BINDIR "${exec_prefix}/bin"
instead of
#define BINDIR "/usr/bin"
So we instead define them in Makefile.am and add their definitions to AM_CPPFLAGS, and quote them properly to make sure the value includes the quotation marks when expanded in the C code. I tested this with both an rpmbuild and a regular developer type build.
Platforms tested: RHEL4/FC5
Flag Day: no
Doc impact: no
|
|
|
|
| |
Summary: built wrapper directory must be created during make.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: autotools: support redhat/fedora rpmbuild %configure
and %makeinstall
Reviewed by: nhosoi (Thanks!)
Fix Description: The standard way to do an rpmbuild on fedora/redhat is
to use the %configure
macro in the %prep section of the spec file and the %makeinstall macro
in the
%install section. These set all of the bindir, libdir, datadir, sysconfdir,
etc. paths used by the application. %configure sets them to their "real"
runtime locations e.g. /usr/lib, and %makeinstall sets them to their
paths used
for rpm packaging e.g. /var/tmp/fedora-ds-foo-bar-baz/usr/lib. There
were a few
places in our autotools files where we were running afoul of this.
Another thing is that configure defines bindir etc. as literally
'${exec_prefix}/bin' so that the real value doesn't get expanded until
make or
make install time. This means that we cannot create scripts from
templates in
configure, we have to do that in make. So this adds a sed command to
Makefile.am in order to do all of the script and config file path
replacement at
make time.
Since we do the subst this way, whatever $prefix is set during make will be
incorporated into the value of $bindir etc. so we can omit directly
referencing
@prefix@ in the template files.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|