File nss_ldap.spec of Package nss_ldap

#
# spec file for package nss_ldap (Version 262)
#
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#

# norootforbuild


Name:           nss_ldap
BuildRequires:  db-devel krb5-devel openldap2-devel
License:        LGPL v2.1 or later
Group:          Productivity/Networking/LDAP/Clients
PreReq:         sed coreutils /usr/bin/grep /bin/mktemp
AutoReqProv:    on
Version:        262
Release:        10
Summary:        NSS LDAP Module
Url:            http://www.padl.com/OSS/nss_ldap.html
Source:         nss_ldap-%{version}.tar.bz2
Source1:        README.SuSE
Patch:          nss_ldap.dif
Patch1:         group-utf8.dif
Patch2:         nss_ldap-defport-ssl-uri.dif
BuildRoot:      %{_tmppath}/%{name}-%{version}-build

%description
Nss_ldap is a glibc NSS module that allows X.500 and LDAP directory
servers to be used as a primary source of aliases, ethers, groups,
hosts, networks, protocol, users, RPCs, services, and shadow passwords
(instead of or in addition to using flat files or NIS).



Authors:
--------
    Luke Howard <lukeh@padl.com>

%prep
%setup -q
%patch -p1
%patch1 -p1
%patch2 -p1
cp -v %{S:1} .

%build
%{?suse_update_config:%{suse_update_config -f}}
autoreconf
CFLAGS="$RPM_OPT_FLAGS" \
CPPFLAGS="-I/usr/include/sasl -DINET6" \
./configure --prefix=/usr \
            --mandir=%{_mandir} \
	    --enable-rfc2307bis \
	    --enable-schema-mapping \
	    --enable-xad \
	    --enable-paged-results \
            --enable-configurable-krb5-ccname-gssapi \
	    --libdir=%{_libdir} \
	    --sysconfdir=/etc \
	    --x-libraries=/usr/X11R6/%{_lib}
make

%install
mkdir -p $RPM_BUILD_ROOT/%{_lib}
mkdir -p $RPM_BUILD_ROOT%{_libdir}
install -m 755 nss_ldap.so $RPM_BUILD_ROOT/%{_lib}/libnss_ldap.so.2
make DESTDIR=$RPM_BUILD_ROOT install-man

%clean
rm -fr $RPM_BUILD_ROOT

%post
/sbin/ldconfig
if [ ${1:-0} -gt 1 ] ; then
    if ! /usr/bin/grep -q ^bind_policy /etc/ldap.conf; then
        if grep -q -e ^#[[:space:]]\*bind_policy /etc/ldap.conf; then
            LDAP_ORIG=`mktemp /tmp/ldap.conf.XXXXXXXXXX`
            cp /etc/ldap.conf $LDAP_ORIG
            sed -e 's;^#[[:space:]]*bind_policy.*$;bind_policy soft;' \
                $LDAP_ORIG > /etc/ldap.conf
            rm $LDAP_ORIG
        else
            echo -e "\n"\
"#Don't try forever if the LDAP server is not reacheable\n"\
"bind_policy soft" >> /etc/ldap.conf
        fi
    fi
fi

%postun -p /sbin/ldconfig

%files
%defattr(-,root,root)
%doc ANNOUNCE AUTHORS COPYING ChangeLog NEWS README README.SuSE nsswitch.ldap ldap.conf doc/README.paged
/%{_lib}/libnss_ldap.so.2
%doc %{_mandir}/man5/nss_ldap.5*

%changelog
* Tue Oct 28 2008 rhafer@suse.de
- Only set default port when "port" directive is present in
  /etc/ldap.conf or when "ssl on" is set. (bnc#439449)
- Apply "tls_*" options when "ldaps" URI are used (bnc#439449)
* Thu Aug 28 2008 rhafer@suse.de
- Update to nss_ldap-262, fixes a minor bug in the default
  config file (PADL-Bug#371) and a build issue on Solaris
  (PADL-Bug#370)
* Thu Apr 10 2008 ro@suse.de
- added baselibs.conf file to build xxbit packages
  for multilib support
* Tue Mar 04 2008 rhafer@suse.de
- Update to nss_ldap-260:
  * only set errno for NSS_TRYAGAIN (bnc#366587)
- removed obsolete sigset.dif patch
* Thu Nov 08 2007 rhafer@suse.de
- Fixed pre-requires
* Mon Oct 29 2007 rhafer@suse.de
- Update to nss_ldap-259
  * fix for BUG#348: fix memory leak
  * fix for BUG#349: nss_ldap crashes after START_TLS timeout
  (assertion failure in libldap)
  * fix for BUG#350: assertion failure in ldap_result (called
  from do_result())
  * fix for BUG#351: double ldap_msgfree()
* Thu Oct 18 2007 rhafer@suse.de
- Update to nss_ldap-258
  * fix for PADL-Bug#343: nss_srv_domain should take a domain
  not a record
  * fix for PADL-Bug#339: replacement code for Kerbeors
  SASL operations
  * fix for PADL-Bug#338: nss_ldap constructs LDAP URIs
  incorrectly
  * fix for PADL-Bug#337: configure fails to detect resolver
  functions
  * fix for PADL-Bug#332: --enable-schema-mapping incorrectly
  maps pw_change
  * fix for PADL-Bug#293: add nss_getgrent_skipmembers
  parameter to ldap.conf, if enabled will not request
  member attributes for group lookups, greatly increasing
  performance for large groups
* Fri Aug 03 2007 rhafer@suse.de
- Update to nss_ldap-257. (Just includes the fix for Bug #294456)
* Mon Jul 30 2007 rhafer@suse.de
- Ignore SIGPIPE in atfork-Handlers (Bug #294456)
- Removed *.so link
* Fri Jul 06 2007 rhafer@suse.de
- Fix URI generation when looking up LDAP Server via SRV records
- Update to nss_ldap-256
  * patch from Tomas Janousek <tjanouse@redhat.com> to check for
  pthread_once(); __pthread_once does not imply __pthread_atfork
  being non-NULL
  * fix for BUG#315: memory corruption/crash in initgroups parsing
* Mon Mar 05 2007 rhafer@suse.de
- Update to nss_ldap-255
  * fix for PADL-Bug#304: fd leak in do_close_no_unbind
  * patch from Adrian Bridgett <adrian@smop.co.uk>
  for Debian BUG#375533: Assertion failure in libnss-ldap
* Thu Mar 01 2007 rhafer@suse.de
- nss_ldap could crash when no host or uri is configured in
  /etc/ldap.conf or DNS (Bug #248594)
* Tue Jan 30 2007 rhafer@suse.de
- Apply the "port" directive correctly if present in ldap.conf
  (Bug #224879)
* Mon Jan 15 2007 rhafer@suse.de
- Update to nss_ldap-254
  * fix for BUG#292: array bounds check in ldap-network.c
  * fix for BUG#296: fix stack buffer optimization
  * fix for BUG#297: gethostbyname2 queried with AF_INET6 returns
  OK with IPv4 address
  * fix for Novell BUG#215911: crasher parsing nested groups
* Wed Oct 18 2006 rhafer@suse.de
- Update to nss_ldap-253. Fixes crasher if an empty buffer is
  passed to initgroups (glibc NSS only)
* Tue Aug 22 2006 rhafer@suse.de
- Update to nss_ldap-252. Most important changes:
  * fix regression in per-objectclass attribute mapping
  * don't use static _nss_ldap_no_members buffer,
  causes crash when nss_ldap is unloaded and memory
  is still referenced
  * fix for PADL-BUG#255: deadlock in initgroups
  * make objectClass a mappable attribute
* Mon Mar 13 2006 rhafer@suse.de
- Don't use static buffer for groups without members
  (Bugzilla: #157066)
* Fri Jan 27 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Thu Jan 26 2006 rhafer@suse.de
- retry at least one time if "bind_policy soft"
- better workaround for __pthread_once and pthread_atfork hacks
* Wed Jan 25 2006 rhafer@suse.de
- Update to nss_ldap-246 (Bugzilla: #145170)
* Thu Jan 19 2006 rhafer@suse.de
- add "bind_policy soft" to /etc/ldap.conf during update
  if no "bind_policy" is set explicitly (Bugzilla: #139578)
* Fri Jan 13 2006 rhafer@suse.de
- Fixed paged results. http://bugzilla.padl.com/show_bug.cgi?id=245
* Wed Jan 11 2006 rhafer@suse.de
- Update to nss_ldap-245
* Tue Jan 10 2006 rhafer@suse.de
- use pthread_atfork() instead of glibc-internal __pthread_once
- neededforbuild cleanup
* Thu Dec 22 2005 rhafer@suse.de
- Update to nss_ldap-244
- Fixed man-page it's "bind_policy" not "reconnect_policy"
* Wed Oct 12 2005 rhafer@suse.de
- Update to nss_ldap-243
* Tue Mar 29 2005 rhafer@suse.de
- Update to nss_ldap-238
* Mon Feb 21 2005 rhafer@suse.de
- Update to nss_ldap-234 (contains a better fix for Bug #50702)
* Mon Feb 14 2005 rhafer@suse.de
- Update to nss_ldap-233
- connect_on_init.dif: fixes Bug #50702
* Fri Jan 28 2005 rhafer@suse.de
- Update to nss_ldap-232
- Fixed path in README.SuSE
* Tue Jan 18 2005 rhafer@suse.de
- Update to nss_ldap 229
- added kerberos-devel-packages to neededforbuild and turned on
  configurable Kerberos V credentials cache name
* Thu Oct 14 2004 rhafer@suse.de
- Update to nss_ldap 226
- fixed README.SuSE
* Thu Feb 19 2004 kukuk@suse.de
- Increase the buffer for struct sockaddr to hold all data.
* Wed Feb 18 2004 kukuk@suse.de
- Add patch to fix seg.fault from Ralf Haferkamp
* Sat Feb 14 2004 kukuk@suse.de
- Update to nss_ldap 215
- Fix handling of UTF-8 group names [Bug #34549]
* Sat Jan 10 2004 adrian@suse.de
- add %%run_ldconfig and %%defattr
* Tue Sep 02 2003 sbrabec@suse.cz
- Turned on schema mapping, XAD support and paged results.
- Packaged more docs.
* Mon Jul 14 2003 sbrabec@suse.cz
- Changed path to ldap.conf to /etc (bug #27528).
* Mon Jun 09 2003 sbrabec@suse.cz
- Updated to version 207.
* Sat Feb 15 2003 kukuk@suse.de
- Update to 203.7. Includes netgroup support.
* Fri Feb 14 2003 kukuk@suse.de
- Fix seg.fault on x86-64 in gethost* functions
- Implement IPv6 support for gethost* functions
* Thu Feb 13 2003 kukuk@suse.de
- Enable IPv6 support (else we will leak file descriptors with IPv6
  addresses).
* Tue Nov 05 2002 sbrabec@suse.cz
- Update to version 203.
* Tue Oct 29 2002 sbrabec@suse.cz
- Update to version 202.
- Don't own /etc/openldap, required openldap2-client creates it.
* Thu Aug 29 2002 tcrhak@suse.cz
- fixed sigprocmask bug (bug #18236)
* Mon Aug 26 2002 rhafer@suse.de
- LDAP_FILT_MAXSIZ isn't defined in libldap anymore
* Tue Aug 13 2002 kukuk@suse.de
- Update to version 199 (glibc alias enumeration functions, DNS
  response parser)
* Sat Jul 27 2002 kukuk@suse.de
- Update to version 198 (fixes a potential buffer overflow in the
  DNS SRV code)
* Tue Jul 16 2002 kukuk@suse.de
- Update to version 197 (lot of "buffer to small" bug fixes)
* Sat Apr 27 2002 kukuk@suse.de
- Update to 187 (minor bug fixes)
* Mon Feb 04 2002 tcrhak@suse.cz
- update to 183
- used %%{_lib} and %%{_lidir} macros
* Fri Nov 23 2001 tcrhak@suse.cz
- update to version 174
* Tue Aug 07 2001 cihlar@suse.cz
- update to version 167
* Sat May 12 2001 schwab@suse.de
- Fix missing declarations.
- Add %%suse_update_config.
* Thu Apr 19 2001 kukuk@suse.de
- Do not enable ids-uid, it is broken
* Wed Apr 18 2001 pblaha@suse.cz
- back to /etc/openldap/ldap.conf
- update on version 150
- add URL
* Wed Mar 21 2001 ro@suse.de
- fixed neededforbuild again
* Fri Mar 16 2001 pblaha@suse.cz
- update on version 149
- add build root
* Thu Mar 15 2001 ro@suse.de
- fixed neededforbuild for openldap
* Wed Jan 31 2001 choeger@suse.de
- link against ldaplib2
* Mon Dec 11 2000 kukuk@suse.de
- Update to 123
* Sat Nov 04 2000 kukuk@suse.de
- Use ldaplib
* Thu Jun 01 2000 kukuk@suse.de
- Update to 110
* Mon Apr 10 2000 kukuk@suse.de
- Fix typo in path to config file
* Tue Feb 15 2000 kukuk@suse.de
- Update to version 105
* Tue Oct 12 1999 kukuk@suse.de
- Update to 87
* Mon Sep 13 1999 bs@suse.de
- ran old prepare_spec on spec file to switch to new prepare_spec.
* Mon Aug 09 1999 kukuk@suse.de
- Update to 85
* Mon Jul 12 1999 kukuk@suse.de
- Update to 81
- Add ldap.conf and README.SuSE to documentation
* Fri Jun 25 1999 kukuk@suse.de
- Update to 2.77
* Wed Jun 09 1999 kukuk@suse.de
- Update to 2.69
* Fri May 07 1999 kukuk@suse.de
- Initial version of nss_ldap 2.64