source: projects/specs/branches/6/o/openldap/openldap-vl.spec @ 8298

%define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}

%define migtools_version 47
%define ldbm_backend berkeley
%define evolution_connector_prefix %{_libdir}/evolution-openldap
%define evolution_connector_includedir %{evolution_connector_prefix}/include
%define evolution_connector_libdir %{evolution_connector_prefix}/%{_lib}
%define __perl_requires %{SOURCE11}

%define stable 1
%if %{stable}
%define date 20100719
%endif

Summary: The configuration files, libraries and documentation for OpenLDAP.
Summary(ja): OpenLDAP の設定ファイル，ライブラリ，ドキュメント.
Name: openldap
Version: 2.4.23
Release: 4%{?_dist_release}
License: OpenLDAP
Group: System Environment/Libraries
%if %{stable}
Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-stable/openldap-stable-%{date}.tgz
%else
Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz
%endif
Source1: http://www.padl.com/download/MigrationTools-%{migtools_version}.tar.gz
Source2: ldap.init
Source3: migration-tools.txt
Source4: autofs.schema
Source5: rfc822-MailMember.schema
Source6: README.upgrading
Source7: http://www.OpenLDAP.org/doc/admin/guide.html
Source8: README.evolution
Source9: README.migration
Source10: ldap.sysconfig
Source11: filter-requires-openldap.sh

# Patches for 2.4
Patch0: openldap-2.4.11-config.patch
Patch1: openldap-2.0.11-ldaprc.patch
Patch2: openldap-2.4.16-setugid.patch
Patch3: openldap-2.4.6-pie.patch
Patch4: openldap-2.3.11-toollinks.patch
Patch5: openldap-2.4.6-nosql.patch
Patch6: openldap-2.3.19-gethostbyXXXX_r.patch
Patch9: openldap-2.3.37-smbk5pwd.patch
Patch10: openldap-2.4.6-multilib.patch
# CVE-2013-4449
Patch11: openldap-rwm-reference-counting.patch


# Patches for the evolution library
Patch200: openldap-2.4.16-evolution-ntlm.patch

# Patches for the MigrationTools package
Patch300: MigrationTools-38-instdir.patch
Patch301: MigrationTools-36-mktemp.patch
Patch302: MigrationTools-27-simple.patch
Patch303: MigrationTools-26-suffix.patch
Patch304: MigrationTools-46-schema.patch
Patch305: MigrationTools-45-noaliases.patch

# security fixes
## from CentOS 6.3; openldap 2.4.23-26.el6_3.2
Patch1112: openldap-cve-ppolicy-forward-updates.patch
Patch1113: openldap-cve-ndb-bind-rootdn.patch
Patch1141: openldap-cve-relay-rwm-translucent.patch
Patch1144: openldap-cve-nss-cipher-suite-ignored.patch
## based CentOS 6.3; openldap 2.4.23-26.el6_3.2
Patch1145: openldap-VineLinux-cve-nss-default-cipher-suite-always-selected.patch

URL: http://www.openldap.org/
BuildRoot: %{_tmppath}/%{name}-%{version}-root
BuildRequires: autoconf, automake, libtool >= 2.2.6a
BuildRequires: cyrus-sasl-devel, gdbm-devel, openssl-devel, perl
BuildRequires: db4-devel >= 4.2, pam-devel, pkgconfig, tcp_wrappers
BuildRequires: unixODBC-devel, bind-devel, libtool-ltdl-devel >= 2.2.6a
BuildRequires: krb5-devel
BuildRequires: groff
#BuildConflicts: libicu-devel
Requires: cyrus-sasl, mktemp, gdbm

Vendor: Project Vine
Distribution: Vine Linux

%description
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools.  LDAP is a set of
protocols for accessing directory services (usually phone book style
information, but other information is possible) over the Internet,
similar to the way DNS (Domain Name System) information is propagated
over the Internet.  The openldap package contains configuration files,
libraries and documentation for OpenLDAP.

%description -l ja
OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス（電話帳の様な情報や他の情報）にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た方式でInternetに伝えられます。opanldapパッケージはOpanLDAP用の設定ファイルやライブラリ、ドキュメントを含んでいます。

%package devel
Summary: OpenLDAP development libraries and header files.
Summary(ja): OpenLDAP の開発用ライブラリおよびヘッダファイル.
Group: Development/Libraries
Requires: openldap = %{version}-%{release}, cyrus-sasl-devel >= 2.1
Provides: openldap-evolution-devel = %{version}-%{release}

%description devel
The openldap-devel package includes the development libraries and
header files needed for compiling applications that use LDAP
(Lightweight Directory Access Protocol) internals.  LDAP is a set of
protocols for enabling directory services over the Internet. Install
this package only if you plan to develop or will need to compile
customized LDAP clients.

%description devel -l ja
openldap-develパッケージはLDAP(Lightweight Directory Access Protocol)を使うためにコンパイルするアプリケーションに必要な開発用ライブラリやヘッダファイルを含んでいます。LDAPはInternet上にディレクトリサービスを可能にするプロトコルです。LDAPクライアントを開発したりカスタマイズする場合には、このパッケージをインストールしてください。

%package servers
Summary: OpenLDAP servers and related files.
Summary(ja): OpenLDAP サーバおよび関連ファイル.
Requires(post): fileutils, make, openldap = %{version}-%{release}, openssl, shadow-utils, chkconfig, coreutils
Requires(pre): fileutils, make, openldap = %{version}-%{release}, openssl, shadow-utils, chkconfig, coreutils
Group: System Environment/Daemons

%description servers
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools.  LDAP is a set of
protocols for accessing directory services (usually phone book style
information, but other information is possible) over the Internet,
similar to the way DNS (Domain Name System) information is propagated
over the Internet. This package contains the slapd and slurpd servers,
migration scripts and related files.

%description servers -l ja
OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス（電話帳の様な情報や他の情報）にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た\方式でInternetに伝えられます。このパッケージはslapdやslurpdサーバ、移行スクリプトや関連するファイルを含んでいます。


%package servers-sql
Summary: OpenLDAP server SQL support module.
Summary(ja): SQLサポートモジュールを含んだOpenLDAPサーバ
Requires(post): openldap-servers = %{version}-%{release}
Group: System Environment/Daemons

%description servers-sql
OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools. LDAP is a set of
protocols for accessing directory services (usually phone book style
information, but other information is possible) over the Internet,
similar to the way DNS (Domain Name System) information is propagated
over the Internet. This package contains a loadable module which the
slapd server can use to read data from an RDBMS.

%description servers-sql -l ja
OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケー
ションと開発ツール集です。LDAPはディレクトリサービス（電話帳の様な情報や他の情報
）にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た
方式でInternetに伝えられます。
このパッケージはslapdサーバがRDBMSからデータを読み込むためのモジュールを含んでいます。

%package clients
Summary: Client programs for OpenLDAP.
Summary(ja): OpenLDAP のクライアントプログラム.
Requires(post): openldap = %{version}-%{release}
Group: Applications/Internet

%description clients
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools.  LDAP is a set of
protocols for accessing directory services (usually phone book style
information, but other information is possible) over the Internet,
similar to the way DNS (Domain Name System) information is propagated
over the Internet.  The openldap-clients package contains the client
programs needed for accessing and modifying OpenLDAP directories.

%description clients -l ja
OpenLDAPはオープンソースなLDAP (Lightweight Directory Access Protocol)アプリケーションと開発ツール集です。LDAPはディレクトリサービス（電話帳の様な情報や他の情報）にInternelからアクセスするプロトコルであり、DNS(Domain Name System)情報に似た\方式でInternetに伝えられます。openldap-clientsパッケージはOpenLDAPディレクトリにアクセスしたり、修正したりするためのクライアントプログラムを含んでいます。

## to build compat32 for x86_64 architecture support
%package -n compat32-%{name}
Summary: libraries for OpenLDAP.
Group: System Environment/Libraries

%description -n compat32-%{name}
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools.  LDAP is a set of
protocols for accessing directory services (usually phone book style
information, but other information is possible) over the Internet,
similar to the way DNS (Domain Name System) information is propagated
over the Internet.  The openldap package contains configuration files,
libraries and documentation for OpenLDAP.

# %package -n compat32-%{name}-servers-sql
# Summary: OpenLDAP server SQL support module.
# Group: System Environment/Libraries

# %description -n compat32-%{name}-servers-sql
# OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
# Protocol) applications and development tools. LDAP is a set of
# protocols for accessing directory services (usually phone book style
# information, but other information is possible) over the Internet,
# similar to the way DNS (Domain Name System) information is propagated
# over the Internet. This package contains a loadable module which the
# slapd server can use to read data from an RDBMS.

%package -n compat32-%{name}-devel
Summary: OpenLDAP development libraries and header files.
Group: Development/Libraries

%description -n compat32-%{name}-devel
The openldap-devel package includes the development libraries and
header files needed for compiling applications that use LDAP
(Lightweight Directory Access Protocol) internals.  LDAP is a set of
protocols for enabling directory services over the Internet. Install
this package only if you plan to develop or will need to compile
customized LDAP clients.


%prep
%setup -q -c -a 1

pushd openldap-%{version}
libtoolize --force --copy
popd

pushd openldap-%{version}
%patch0 -p1 -b .config
%patch1 -p1 -b .ldaprc
%patch2 -p1 -b .setugid
%patch3 -p1 -b .pie
%patch4 -p1 -b .toollinks
%patch5 -p1 -b .nosql
%patch6 -p1 -b .gethostbyname_r
%patch9 -p1 -b .smbk5pwd
%patch10 -p1 -b .multilib
# CVE-2013-4449
%patch11 -p1 -b .rwm-reference-counting

# security
%patch1112 -p1 -b .cve-ppolicy-forward-updates
%patch1113 -p1 -b .cve-ndb-bind-rootdn
%patch1141 -p1 -b .cve-relay-rwm-translucent
%patch1144 -p1 -b .cve-nss-cipher-suite-ignored
%patch1145 -p2 -b .cve-VineLinux-nss-default-cipher-suite-always-selected

libtoolize --force --copy
popd

# Set up a build tree for a static version of libldap with the hooks for the
# non-standard NTLM bind type which is needed to connect to Win2k GC servers
# (Win2k3 supports SASL with DIGEST-MD5, so this shouldn't be needed for those
# servers, though as of version 1.4 the connector doesn't try SASL first).
if ! cp -al openldap-%{version} evo-openldap-%{version} ; then
     rm -fr evo-openldap-%{version}
     cp -a  openldap-%{version} evo-openldap-%{version}
fi
pushd evo-openldap-%{version}
%patch200 -p1 -b .evolution-ntlm
popd

pushd MigrationTools-%{migtools_version}
%patch300 -p1 -b .instdir
%patch301 -p1 -b .mktemp
%patch302 -p1 -b .simple
%patch303 -p1 -b .suffix
%patch304 -p1 -b .schema
%patch305 -p1 -b .noaliases
popd

pushd openldap-%{version}
        for subdir in build-servers build-clients ; do
                mkdir $subdir
                ln -s ../configure $subdir
        done
autoconf
# build smbk5pwd with other overlays
ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
popd

%build
libtool='%{_bindir}/libtool'
tagname=CC; export tagname

%ifarch ia64
RPM_OPT_FLAGS="$RPM_OPT_FLAGS -O0"
%endif

# Find OpenSSL's header and library dependencies.
if pkg-config openssl ; then
        OPENSSL_CPPFLAGS=`pkg-config --cflags-only-I openssl`
        CPPFLAGS="$OPENSSL_CPPFLAGS" ; export CPPFLAGS
        OPENSSL_LDFLAGS=`pkg-config --libs-only-L openssl`
        LDFLAGS="$OPENSSL_LDFLAGS" ; export LDFLAGS
fi
CFLAGS="$CPPFLAGS $RPM_OPT_FLAGS -D_REENTRANT -fPIC"; export CFLAGS

# Build 2.4.
CFLAGS="$RPM_OPT_FLAGS -D_REENTRANT -fPIC"; export CFLAGS
export CPPFLAGS="-I${dbdir}/include"
export CFLAGS="$CPPFLAGS $RPM_OPT_FLAGS -D_REENTRANT -fPIC -D_GNU_SOURCE"
export LDFLAGS="-L${dbdir}/%{_lib}"


build() {
%configure \
        --with-threads=posix \
        \
        --enable-local --enable-rlookups \
        \
        --with-tls \
        --with-cyrus-sasl \
        --with-gssapi \
        --with-odbc=unixodbc \
        \
        --enable-wrappers \
        \
        --enable-passwd \
        \
        --enable-cleartext \
        --enable-crypt \
        --enable-spasswd \
        --enable-lmpasswd \
        --enable-modules \
        --disable-sql \
        \
        --libexecdir=%{_libdir} \
        $@
make %{_smp_mflags} LIBTOOL="$libtool"
}

# Build the servers with Kerberos support (for password checking, mainly).
LIBS=-lpthread; export LIBS

pushd openldap-%{version}/build-servers
build \
       --enable-plugins \
       --enable-slapd \
       --enable-slurpd \
       --enable-bdb \
       --enable-hdb \
       --enable-ldap \
       --enable-ldbm \
       --enable-ldbm-api=%{ldbm_backend} \
       --enable-meta \
       --enable-monitor \
       --enable-null \
       --enable-shell \
       --enable-sql=mod \
       --disable-perl \
       --disable-shared \
       --disable-dynamic \
       --enable-static
unset LIBS
popd

# Build clients without Kerberos password-checking support, which is only
# useful in the server anyway, to avoid stray dependencies.
pushd openldap-%{version}/build-clients
build \
        --disable-slapd \
        --disable-slurpd \
        --enable-shared \
        --enable-dynamic \
        --enable-static \
        --with-pic
popd

# Build evolution-specific clients just as we would normal clients, except with
# a different installation directory in mind and no shared libraries.
pushd evo-openldap-%{version}
build \
        --disable-slapd \
        --disable-slurpd \
        --disable-shared \
        --disable-dynamic \
        --enable-static \
        --with-pic \
        --includedir=%{evolution_connector_includedir} \
        --libdir=%{evolution_connector_libdir}
popd

%install
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
libtool='%{_bindir}/libtool'
tagname=CC; export tagname

mkdir -p $RPM_BUILD_ROOT/%{_libdir}/

# Install servers.
pushd openldap-%{version}/build-servers
make install DESTDIR=$RPM_BUILD_ROOT libdir=%{_libdir} LIBTOOL="$libtool"
popd

# Install clients and shared libraries.  Install the evo-specific versions
# first so that any conflicting files are overwritten by generic versions.
pushd evo-openldap-%{version}
make install DESTDIR=$RPM_BUILD_ROOT \
        includedir=%{evolution_connector_includedir} \
        libdir=%{evolution_connector_libdir} \
        LIBTOOL="$libtool"
install -m644 \
        $RPM_SOURCE_DIR/README.evolution \
        $RPM_BUILD_ROOT/%{evolution_connector_prefix}/
popd
pushd openldap-%{version}/build-clients
make install DESTDIR=$RPM_BUILD_ROOT libdir=%{_libdir} LIBTOOL="$libtool"
popd

# Create this directory so that authconfig setting TLS_CACERT to
# /etc/openldap/cacerts doesn't cause TLS startup of any kind to fail
# when the directory doesn't exist.
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/openldap/cacerts
# make sure the certs directory exists
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/certs
# Touch the dummy slapd.pem to make rpmbuild happy
touch $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/certs/slapd.pem

# Install the padl.com migration tools.
mkdir -p $RPM_BUILD_ROOT%{_datadir}/openldap/migration
install -m 755 MigrationTools-%{migtools_version}/migrate_* \
        $RPM_BUILD_ROOT%{_datadir}/openldap/migration/
install -m 644 MigrationTools-%{migtools_version}/README \
        $RPM_SOURCE_DIR/migration-tools.txt \
        $RPM_BUILD_ROOT%{_datadir}/openldap/migration/
cp MigrationTools-%{migtools_version}/README README.migration
cp $RPM_SOURCE_DIR/migration-tools.txt TOOLS.migration

install -m 644 %SOURCE6 README.upgrading
install -m 644 %SOURCE9 README.migration

# Create the data directory.
mkdir -p $RPM_BUILD_ROOT/var/lib/ldap
# Create the new run directory
mkdir -p $RPM_BUILD_ROOT/var/run/openldap

# Hack the build root out of the default config files.
perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/*.conf

# Get the buildroot out of the man pages.
perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/*/*.*

# We don't need the default files -- RPM handles changes.
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/*.default
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/openldap/schema/*.default

# Install an init script for the servers.
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d
install -m 755 $RPM_SOURCE_DIR/ldap.init $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/ldap

# Install syconfig/ldap
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
install -m 644 %SOURCE10 $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ldap

# Add some more schema for the sake of migration scripts.
install -d -m755 $RPM_BUILD_ROOT%{_sysconfdir}/openldap/schema/vine
install -m644 \
        $RPM_SOURCE_DIR/autofs.schema \
        $RPM_SOURCE_DIR/rfc822-MailMember.schema \
        $RPM_BUILD_ROOT%{_sysconfdir}/openldap/schema/vine/

# Move slapd and slurpd out of _libdir
mv $RPM_BUILD_ROOT/%{_libdir}/slapd $RPM_BUILD_ROOT/%{_sbindir}/
rm -f $RPM_BUILD_ROOT/%{_sbindir}/slap{acl,add,auth,cat,dn,index,passwd,test}
rm -f $RPM_BUILD_ROOT/%{_libdir}/slap{acl,add,auth,cat,dn,index,passwd,test}
for X in acl add auth cat dn index passwd test; do ln -s slapd $RPM_BUILD_ROOT/%{_sbindir}/slap$X ; done

# Tweak permissions on the libraries to make sure they're correct.
chmod 755 $RPM_BUILD_ROOT/%{_libdir}/lib*.so*
chmod 644 $RPM_BUILD_ROOT/%{_libdir}/lib*.*a

# Remove files which we don't want packaged.
rm -f $RPM_BUILD_ROOT/%{_datadir}/openldap/migration/*.{instdir,simple,schema,mktemp,suffix,noaliases}
#rm -f $RPM_BUILD_ROOT/%{_libdir}/*.la
#rm -f $RPM_BUILD_ROOT/%{evolution_connector_libdir}/*.la
#rm -f $RPM_BUILD_ROOT/%{evolution_connector_libdir}/*.so*
#rm -f $RPM_BUILD_ROOT/%{_libdir}/openldap/*.a
#rm -f $RPM_BUILD_ROOT/%{_libdir}/openldap/*.so

rm -f $RPM_BUILD_ROOT/var/openldap-data/DB_CONFIG.example
rmdir $RPM_BUILD_ROOT/var/openldap-data

%clean 
rm -rf $RPM_BUILD_ROOT

%post -p /sbin/ldconfig

%postun -p /sbin/ldconfig


%pre servers
# Take care to only do ownership-changing if we're adding the user.
if /usr/sbin/useradd -c "LDAP User" -u 55 \
        -s /bin/false -r -d /var/lib/ldap ldap 2> /dev/null ; then
        if [ -d /var/lib/ldap ] ; then
                for dbfile in /var/lib/ldap/* ; do
                        if [ -f $dbfile ] ; then
                                chown ldap.ldap $dbfile
                        fi
                done
        fi
fi

if [ "$1" = "2" ]; then
    # guess, if database upgrade is necessary
    OLD_SLAPD_VERSION=$( rpm -q --qf "%{VERSION}" openldap-servers | sed 's/\.[0-9]*$//' )
    NEW_SLAPD_VERSION=$( echo %{version} | sed 's/\.[0-9]*$//' )

    if [ "$OLD_SLAPD_VERSION" != "$NEW_SLAPD_VERSION" ]; then
        # Minor version number has changed -> slapcat/slapadd of the BDB database 
        # is necessary. Save an ldif of the database where the "% post servers" 
        # scriptlet can restore it.  Also save the database files to a "rpmorig" 
        # directory - Just In Case (TM)

        # stop the server
        if /sbin/service ldap status &>/dev/null; then 
            touch /var/lib/ldap/need_start
            /sbin/service ldap stop &>/dev/null
        fi

        files=$(echo /var/lib/ldap/{log.*,__db.*,[a]lock})
        if [ "$files" != '/var/lib/ldap/log.* /var/lib/ldap/__db.* /var/lib/ldap/[a]lock' ] ; then
            if /usr/sbin/slapcat -l /var/lib/ldap/upgrade.ldif > /dev/null 2>&1 ; then
                if [ -f /var/lib/ldap/upgrade.ldif ] ; then
                    /bin/rm -fr /var/lib/ldap/rpmorig > /dev/null 2>&1 || :
                    mkdir /var/lib/ldap/rpmorig
                    mv /var/lib/ldap/{alock,*.bdb,__db.*,log.*} /var/lib/ldap/rpmorig > /dev/null 2>&1 || :
                    cp -f /var/lib/ldap/DB_CONFIG /var/lib/ldap/rpmorig > /dev/null 2>&1 || :
                else
                    /bin/rm -f /var/lib/ldap/upgrade.ldif
                fi
            fi
        fi
    fi
fi
exit 0


%post servers
/sbin/ldconfig
/sbin/chkconfig --add ldap
# If there's a /var/lib/ldap/upgrade.ldif file, slapadd it and delete it.
# It was created by the % pre above.
if [ -f /var/lib/ldap/upgrade.ldif ] ; then
    /sbin/runuser -m -s /usr/sbin/slapadd -- "ldap" -l /var/lib/ldap/upgrade.ldif > /dev/null 2>&1
    rm -f /var/lib/ldap/upgrade.ldif
fi

exec > /dev/null 2> /dev/null
if [ ! -f %{_sysconfdir}/pki/tls/certs/slapd.pem ] ; then
pushd %{_sysconfdir}/pki/tls/certs
umask 077
cat << EOF | make slapd.pem
--
SomeState
SomeCity
SomeOrganization
SomeOrganizationalUnit
localhost.localdomain
root@localhost.localdomain
EOF
chown root:ldap slapd.pem
chmod 640 slapd.pem
popd
fi

if [ $1 -ge 1 ] ; then
    /sbin/service ldap condrestart &>/dev/null
    /sbin/service ldap status &>/dev/null
    if [ "$?" != "0" -a -f /var/lib/ldap/need_start ]; then
        /sbin/service ldap start &>/dev/null
        rm -f /var/lib/ldap/need_start &>/dev/null 
    fi
fi

exit 0


%preun servers
if [ "$1" = "0" ] ; then
        /sbin/service ldap stop > /dev/null 2>&1 || :
        /sbin/chkconfig --del ldap
# Openldap-servers are being removed from system.
# Do not touch the database! Older versions of this
# package attempted to store database in LDIF format, so
# it can be restored later - but it's up to the administrator 
# to save the database, if he/she wants so.
fi

%postun servers
/sbin/ldconfig
if [ $1 -ge 1 ] ; then
        /sbin/service ldap condrestart > /dev/null 2>&1 || :
fi

%post devel -p /sbin/ldconfig

%postun devel -p /sbin/ldconfig

%files
%defattr(-,root,root)
%doc openldap-%{version}/{ANNOUNCEMENT,CHANGES,COPYRIGHT,LICENSE,README,doc/rfc}
%attr(0755,root,root) %dir %{_sysconfdir}/openldap
%attr(0755,root,root) %dir %{_sysconfdir}/openldap/cacerts
%attr(0644,root,root) %config %{_sysconfdir}/openldap/ldap*.conf
%attr(0755,root,root) %{_libdir}/libl*-2.4*.so.*
%attr(0644,root,root) %{_mandir}/man5/ldif.5*
%attr(0644,root,root) %{_mandir}/man5/ldap.conf.5*

%files servers
%defattr(-,root,root)
%doc README.migration TOOLS.migration
%doc $RPM_SOURCE_DIR/README.upgrading $RPM_SOURCE_DIR/guide.html
%doc README.upgrading
%doc openldap-%{version}/contrib/slapd-modules/smbk5pwd/README.smbk5pwd
%doc openldap-%{version}/doc/guide/admin/*.html
%doc openldap-%{version}/doc/guide/admin/*.png
%ghost %config %{_sysconfdir}/pki/tls/certs/slapd.pem
%attr(0755,root,root) %config %{_sysconfdir}/rc.d/init.d/ldap
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/ldap*.conf
%attr(0640,root,ldap) %config(noreplace) %{_sysconfdir}/openldap/slapd.conf
%attr(0640,root,ldap) %{_sysconfdir}/openldap/DB_CONFIG.example
%attr(0755,root,root) %dir %{_sysconfdir}/openldap/schema
%attr(0644,root,root) %{_sysconfdir}/openldap/schema/README*
%attr(0644,root,root) %config %{_sysconfdir}/sysconfig/ldap
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.schema*
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/openldap/schema/*.ldif
%attr(0755,root,root) %dir %{_sysconfdir}/openldap/schema/vine
%attr(0644,root,root) %config %{_sysconfdir}/openldap/schema/vine/*.schema*
%attr(0755,root,root) %{_sbindir}/sl*
%attr(0644,root,root) %{_mandir}/man8/*
%attr(0644,root,root) %{_mandir}/man5/slapd*.5*
%attr(0644,root,root) %{_mandir}/man5/slapo-*.5*
%attr(0755,root,root) %dir %{_datadir}/openldap
%attr(0755,root,root) %dir %{_datadir}/openldap/migration
%attr(0644,root,root) %{_datadir}/openldap/migration/README
%attr(0644,root,root) %config(noreplace) %{_datadir}/openldap/migration/*.ph
%attr(0755,root,root) %{_datadir}/openldap/migration/*.pl
%attr(0755,root,root) %{_datadir}/openldap/migration/*.sh
%attr(0644,root,root) %{_datadir}/openldap/migration/*.txt
%attr(0700,ldap,ldap) %dir /var/lib/ldap
%attr(0755,ldap,ldap) %dir /var/run/openldap
%attr(0755,root,root) %dir %{_libdir}/openldap
%attr(0755,root,root) %{_libdir}/openldap/[^b]*

%files servers-sql
%defattr(-,root,root)
%doc openldap-%{version}/servers/slapd/back-sql/docs/*
%doc openldap-%{version}/servers/slapd/back-sql/rdbms_depend
%attr(0755,root,root) %{_libdir}/openldap/back_sql.la
%attr(0755,root,root) %{_libdir}/openldap/back_sql*.so.*

%files clients
%defattr(-,root,root)
%attr(0755,root,root) %{_bindir}/*
%attr(0644,root,root) %{_mandir}/man1/*

%files devel
%defattr(-,root,root)
%doc openldap-%{version}/doc/drafts openldap-%{version}/doc/rfc
%attr(0755,root,root) %{_libdir}/libl*.so
%attr(0644,root,root) %{_libdir}/libl*.a
%attr(0644,root,root) %{_includedir}/*
%attr(0644,root,root) %{_mandir}/man3/*
%attr(0755,root,root) %dir %{evolution_connector_prefix}
%attr(0644,root,root)      %{evolution_connector_prefix}/README*
%attr(0755,root,root) %dir %{evolution_connector_includedir}
%attr(0644,root,root)      %{evolution_connector_includedir}/*.h
%attr(0755,root,root) %dir %{evolution_connector_libdir}
%attr(0644,root,root)      %{evolution_connector_libdir}/*.a

%exclude %{_libdir}/*.la
#%exclude %{_libdir}/openldap/*.a
%exclude %{_libdir}/openldap/*.so
%exclude %{evolution_connector_libdir}/*.la
%exclude %{evolution_connector_libdir}/*.so*


## to build compat32 for x86_64 architecture support
%if %{build_compat32}
%files -n compat32-%{name}
%defattr(-,root,root)
%attr(0755,root,root) %{_libdir}/libl*-2.4*.so.*

# %files -n compat32-%{name}-servers-sql
# %defattr(-,root,root)
# %attr(0755,root,root) %{_libdir}/openldap/back_sql.la
# %attr(0755,root,root) %{_libdir}/openldap/back_sql*.so.*

%files -n compat32-%{name}-devel
%defattr(-,root,root)
%attr(0755,root,root) %{_libdir}/libl*.so
%attr(0644,root,root) %{_libdir}/libl*.a
%attr(0644,root,root) %{_includedir}/*
%attr(0755,root,root) %dir %{evolution_connector_prefix}
%attr(0644,root,root)      %{evolution_connector_prefix}/README*
%attr(0755,root,root) %dir %{evolution_connector_includedir}
%attr(0644,root,root)      %{evolution_connector_includedir}/*.h
%attr(0755,root,root) %dir %{evolution_connector_libdir}
%attr(0644,root,root)      %{evolution_connector_libdir}/*.a

%exclude %{_libdir}/*.la
#%exclude %{_libdir}/openldap/*.a
%exclude %{_libdir}/openldap/*.so
%exclude %{evolution_connector_libdir}/*.la
%exclude %{evolution_connector_libdir}/*.so*
%endif


%changelog
* Tue Mar 11 2014 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.23-4
- add patch11 for fix CVE-2013-4449

* Sun Dec  9 2012 IWAI, Masaharu <iwai@alib.jp> 2.4.23-3
- SECURITY FIX, #2501
 - patches from CentOS 6.3; openldap 2.4.23-26.el6_3.2
  - CVE-2011-1024: add openldap-cve-ppolicy-forward-updates.patch (Patch1112)
  - CVE-2011-1025: add openldap-cve-ndb-bind-rootdn.patch (Patch1113)
  - CVE-2012-1164: add openldap-cve-relay-rwm-translucent.patch (Patch1141)
  - CVE-2012-2668: add openldap-cve-nss-cipher-suite-ignored.patch (Patch1144)
 - patch based CentOS 6.3; openldap 2.4.23-26.el6_3.2
  - CVE-2012-2668: add openldap-cve-nss-default-cipher-suite-always-selected.patch (Patch1145)
- fix document file path for servers sub package

* Sat Apr  9 2011 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.4.23-2
- added --with-odbc=unixodbc to configure

* Wed Apr  6 2011 IWAI, Masaharu <iwai@alib.jp> 2.4.23-1
- new upstream release
- update MigrationTools 47

* Wed Jan 12 2011 Yoji TOYODA <bsyamato@sea.plala.or.jp> - 2.4.21-5
- change %%define __perl_requires instead of __find_requires

* Tue Jan 11 2011 Yoji TOYODA <bsyamato@sea.plala.or.jp> - 2.4.21-4
- rebuild with openssl-1.0.0c

* Fri Feb 12 2010 MATSUBAYASHI Kohji <shaolin@vinelinux.org> - 2.4.21-3
- rebuilt with gcc-4.4.3-3 on ppc

* Fri Feb  5 2010 MATSUBAYASHI Kohji <shaolin@vinelinux.org> - 2.4.21-2
- rebuilt with rpm-4.8.0-3 (on ppc)

* Tue Feb 02 2010 Daisuke SUZUKI <daisuke@linux.or.jp> 2.4.21-1
- new upstream release
- rebuild with db4-4.8.0
- use Requires(post/pre) instead of Prereq

* Sun Dec 20 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-4
- rebuild

* Tue Nov  3 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-3
- add BuildConflicts: libicu-devel

* Mon Nov  2 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.4.16-2
- add Patch1000 for fix CVE-2009-3767 (openssl null char)
- add --with-gssapi into configure
- drop --without-kerberos (it is old configure option)

* Wed Aug 05 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.16-1
- new upstream release

* Sun Jul 05 2009 Munehiro Yamamoto <munepi@cg8.so-net.ne.jp> 2.4.11-6
- dropped compat32-%%{name}-servers-sql

* Sat Jul 04 2009 Munehiro Yamamoto <munepi@cg8.so-net.ne.jp> 2.4.11-5
- added compat32 subpackages

* Wed Apr 15 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 2.4.11-4
- rebuild with libtool-2.2.6a

* Sat Apr 04 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-3
- use filter-requires-openldap.sh instead of find-requires

* Wed Apr 01 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-2
- reverted a scriptlet that dropped in 2.3.24-0vl4

* Sun Mar 01 2009 NAKAMURA Kenta <kenta@vinelinux.org> 2.4.11-1
- new upstream release
- applied patches from fedora's package (openldap-2.4.12-1)

* Sun Mar 30 2008 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.41-1vl5
- updated to 2.3.41 (Patch10 and 11 were merged into upstream)

* Fri May 18 2007 Daisuke SUZUKI <daisuke@linux.or.jp> 2.3.27-0vl5
- rebuild with new openssl

* Sat May 12 2007 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.27-0vl4
- rebuilt with new toolchain/bdb 4.3

* Tue Dec 26 2006 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.3.27-0vl3
- rebuilt for VineSeed

* Thu Dec 21 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.3
- add Vendor/Distribution tag

* Wed Dec 13 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.2
- add patch11 for fix krbv4_ldap_auth issue

* Fri Nov 24 2006 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.3.27-0vl2.1
- add patch10 for fix CVE-2006-5779

* Sun Sep 03 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.27-0vl2
- use filter-requires-openldap.sh instead of find-requires

* Sun Aug 27 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.27-0vl1
- new upstream release

* Sat Aug 26 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl4
- restored rfc822-MailMember.schema
- update config.patch
- removed a scriptlet that save and restore the database

* Sat Aug 19 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl3
- removed internal bdb
- removed autoconf-2.13.1 and automake-1.4a

* Wed Jul 11 2006 NAKAMURA Kenta <kenta@vinelinux.org> 2.3.24-0vl2
- removed compat-openldap subpackage

* Sun Jul 02 2006 Satoshi MACHINO <machino@vinelinux.org> 2.3.24-0vl1
- New upstream release
- merged to fedora's package(openldap-2.3.24-2)
        -- build sql backend as a loadable module
        -- move ucdata to the -servers subpackage where it belongs
        -- add compat-openldap subpackage
        -- update administrator guide
        -- build a separate, static set of libraries for openldap-devel with the
           non-standard ntlm bind patch applied, for use by 
           the evolution-connector package (#125579), and installing them under
           %%{evolution_connector_prefix} (%{evolution_connector_prefix})
        -- add libtool-ltdl-devel buildprereqs
        -- Upgrade internal bdb to db-4.4.20.  For a clean upgrade, this will
           require that users slapcat their databases into a temp file, move
           /var/lib/ldap someplace safe, upgrade the openldap rpms, then
           slapadd the temp file.
        -- fix ldap.init
        -- add two upstream patches for db-4.4.20

* Wed Nov  2 2005 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.1.30-0vl2
- rebuild for VineSeed Plus
- added Japanese summary

* Sat Apr 17 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.30-0vl1
- new upstream version (openldap-2.1.30)
        -- Fixed slapd userdb checkpass bub (ITS#3048)
        -- Fixed back-ldbm IDL delete bug (ITS#3048)
        -- Fixed libldap schema parsing bug (ITS#2920, ITS#3065)
        -- Fixed liblutil NS MTA MD5 passwd len bug (ITS#2899)
        -- Removed lint (ITS#3086)
        -- Documentation updated slapd.conf(5) manpage (ITS#2525)

* Thu Apr 08 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.29-0vl2
- fixed ldap.ini

* Sun Mar 28 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.29-0vl1
- new upstream version (openldap-2.1.29)

* Wed Mar 24 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.28-0vl1
- new upstream version (openldap-2.1.28)

* Mon Mar 22 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.27-0vl1
- new upstream version (openldap-2.1.27)

* Sat Jan 24 2004 Satoshi MACHINO <machino@vinelinux.org> 2.1.26-0vl1
- new upstream version (openldap-2.1.26)
- don't use libtool in make

* Sun Oct 26 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.23-0vl1
- new upstream version (openldap-2.1.23)
- updated migration tools to version 45 
- used libtool

* Sun Jul 20 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.22-0vl2
- for VineSeedPlus
- fixed BuildPreReq

* Sat Jul 19 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.22-0vl1
- for VinePlus
- new upstream version (openldap-2.1.22)

* Fri May 29 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.21-0vl1
- new upstream version (openldap-2.1.21)

* Tue May 20 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.20-0vl1
- new upstream version

* Thu May 15 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.19-1vl1
- new upstream version
- merged spec file to 2.1.19-1
        -- switch to db with crypto
        -- install the db utils for the bundled libdb as %%{_sbindir}/slapd_db_*
        -- install slapcat/slapadd from 2.0.x for migration purposes

* Mon Jan 27 2003 Satoshi MACHINO <machino@vinelinux.org> 2.1.12-0vl1
- updated to openldap-2.1.12
        -- dropped ldapfriendly

* Fri Sep 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.1.4-0vl1
- updated to openldap-2.1.4
- updated guide.html

* Fri Sep 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.1.3-4vl1
- updated to openldap-2.1.3
- added db-4.0.14
- updated migration tools to version 44
- merged openldap-2.1.3-4
        -- updated patch0, patch1, patch3 and patch6 
        -- dropped patch7 and patch10
        -- enable the ldbm/berkeley backend as well
        -- use an ldbm/berkeley database as the default
        -- don't install slapadd-gdbm
        -- allow ldapv2 binds by default
        -- set TLS_CACERTFILE in the default ldap.conf file

* Tue Jun 11 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.25-0vl1
- updated to openldap-2.0.25

* Mon Jun 10 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.24-0vl1
- updated to openldap-2.0.24
- updated migration tools to version 40
- dropped autoconf source
- dropped some patches

* Sat Feb 16 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.23-0vl1
- updated openldap-2.0.23

* Wed Feb 06 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.22-0vl1
- updated openldap-2.0.22

* Tue Jan 21 2002 Satoshi MACHINO <machino@vinelinux.org> 2.0.21-0vl1
- updated openldap-2.0.21

* Wed Nov 07 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.18-0vl1
- updated openldap-2.0.18

* Sun Oct 14 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.17-0vl1
- updated openldap-2.0.17
- updated MigrationTools-38-instdir.patch
- updated openldap-2.0.17-config.patch
- removed openldap-2.0.3-krb5-1.1.patch

* Sat Sep 22 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.14-1vl1
- update to migration tools 39
- removed patch libtool.patch and linkage.patch
 
* Wed Sep 19 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.14-0vl0
- updated openldap-2.0.14

* Mon Jul 16 2001 MATSUBAYASHI 'Shaolin' Kohji <shaolin@vinelinux.org>
- 2.0.11-0vl2
- rebuilt with openssl-0.9.6b

* Sun May 27 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.11-0vl1
- updated

* Thu Apr 12 2001 Akira TAGOH <tagoh@gnome.gr.jp> 2.0.7-14vl3
- Fixed resolve libraries path.

* Wed Apr 11 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-14vl2
- added openldap-2.0.7-config-vine.patch
- removed openldap-2.0.7-config.patch

* Tue Apr 10 2001 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-14vl1
- merged Rawhide's OpenLDAP Package
    back out pidfile patches, which interact weirdly with Linux threads
    mark non-standard schema as such by moving them to a different directory
    update to MigrationTools 36, adds netgroup support
    fix thinko in that last patch
    try to work around some buffering problems
    gettextize the init script
    move the RFCs to the base package (#21701)
    add support for additional OPTIONS, SLAPD_OPTIONS, and SLURPD_OPTIONS in
    a /etc/sysconfig/ldap file (#23549)
    change automount object OID from 1.3.6.1.1.1.2.9 to 1.3.6.1.1.1.2.13,
    per mail from the ldap-nis mailing list
    force -fPIC so that shared libraries don't fall over
    add Norbert Klasen's patch (via Del) to fix searches using ldaps URLs
     (OpenLDAP ITS #889)
    add "-h ldaps:///" to server init when TLS is enabled, in order to support
    ldaps in addition to the regular STARTTLS (suggested by Del)
    correct mismatched-dn-cn bug in migrate_automount.pl
    update to the correct OIDs for automount and automountInformation
    add notes on upgrading
    
* Sat Nov 25 2000 Satoshi MACHINO <machino@vinelinux.org> 2.0.7-1vl2
- fixed VersionedDependencies to used _noVersionedDependencies 1 in .rpmmacros

* Sat Nov 18 2000 MACHINO, satoshi <machino@vinelinux.org> 2.0.7-1vl1
- build for Vine Linux
- removed kerberos
- fixed config dir
- fixed _sysconfdir

* Tue Nov  7 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 2.0.7
- drop chdir patch (went mainstream)

* Thu Nov  2 2000 Nalin Dahyabhai <nalin@redhat.com>
- change automount object classes from auxiliary to structural

* Tue Oct 31 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to Migration Tools 27
- change the sense of the last simple patch

* Wed Oct 25 2000 Nalin Dahyabhai <nalin@redhat.com>
- reorganize the patch list to separate MigrationTools and OpenLDAP patches
- switch to Luke Howard's rfc822MailMember schema instead of the aliases.schema
- configure slapd to run as the non-root user "ldap" (#19370)
- chdir() before chroot() (we don't use chroot, though) (#19369)
- disable saving of the pid file because the parent thread which saves it and
  the child thread which listens have different pids

* Wed Oct 11 2000 Nalin Dahyabhai <nalin@redhat.com>
- add missing required attributes to conversion scripts to comply with schema
- add schema for mail aliases, autofs, and kerberosSecurityObject rooted in
  our own OID tree to define attributes and classes migration scripts expect
- tweak automounter migration script

* Mon Oct  9 2000 Nalin Dahyabhai <nalin@redhat.com>
- try adding the suffix first when doing online migrations
- force ldapadd to use simple authentication in migration scripts
- add indexing of a few attributes to the default configuration
- add commented-out section on using TLS to default configuration

* Thu Oct  5 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 2.0.6
- add buildprereq on cyrus-sasl-devel, krb5-devel, openssl-devel
- take the -s flag off of slapadd invocations in migration tools
- add the cosine.schema to the default server config, needed by inetorgperson

* Wed Oct  4 2000 Nalin Dahyabhai <nalin@redhat.com>
- add the nis.schema and inetorgperson.schema to the default server config
- make ldapadd a hard link to ldapmodify because they're identical binaries

* Fri Sep 22 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 2.0.4

* Fri Sep 15 2000 Nalin Dahyabhai <nalin@redhat.com>
- remove prereq on /etc/init.d (#17531)
- update to 2.0.3
- add saucer to the included clients

* Wed Sep  6 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 2.0.1

* Fri Sep  1 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 2.0.0
- patch to build against MIT Kerberos 1.1 and later instead of 1.0.x

* Tue Aug 22 2000 Nalin Dahyabhai <nalin@redhat.com>
- remove that pesky default password
- change "Copyright:" to "License:"

* Sun Aug 13 2000 Nalin Dahyabhai <nalin@redhat.com>
- adjust permissions in files lists
- move libexecdir from %%{_prefix}/sbin to %%{_sbindir}

* Fri Aug 11 2000 Nalin Dahyabhai <nalin@redhat.com>
- add migrate_automount.pl to the migration scripts set

* Tue Aug  8 2000 Nalin Dahyabhai <nalin@redhat.com>
- build a semistatic slurpd with threads, everything else without
- disable reverse lookups, per email on OpenLDAP mailing lists
- make sure the execute bits are set on the shared libraries

* Mon Jul 31 2000 Nalin Dahyabhai <nalin@redhat.com>
- change logging facility used from local4 to daemon (#11047)

* Thu Jul 27 2000 Nalin Dahyabhai <nalin@redhat.com>
- split off clients and servers to shrink down the package and remove the
  base package's dependency on Perl
- make certain that the binaries have sane permissions

* Mon Jul 17 2000 Nalin Dahyabhai <nalin@redhat.com>
- move the init script back

* Thu Jul 13 2000 Nalin Dahyabhai <nalin@redhat.com>
- tweak the init script to only source /etc/sysconfig/network if it's found

* Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
- automatic rebuild

* Mon Jul 10 2000 Nalin Dahyabhai <nalin@redhat.com>
- switch to gdbm; I'm getting off the db merry-go-round
- tweak the init script some more
- add instdir to @INC in migration scripts

* Thu Jul  6 2000 Nalin Dahyabhai <nalin@redhat.com>
- tweak init script to return error codes properly
- change initscripts dependency to one on /etc/init.d

* Tue Jul  4 2000 Nalin Dahyabhai <nalin@redhat.com>
- prereq initscripts
- make migration scripts use mktemp

* Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com>
- do condrestart in post and stop in preun
- move init script to /etc/init.d

* Fri Jun 16 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 1.2.11
- add condrestart logic to init script
- munge migration scripts so that you don't have to be 
  /usr/share/openldap/migration to run them
- add code to create pid files in /var/run

* Mon Jun  5 2000 Nalin Dahyabhai <nalin@redhat.com>
- FHS tweaks
- fix for compiling with libdb2

* Thu May  4 2000 Bill Nottingham <notting@redhat.com>
- minor tweak so it builds on ia64

* Wed May  3 2000 Nalin Dahyabhai <nalin@redhat.com>
- more minimalistic fix for bug #11111 after consultation with OpenLDAP team
- backport replacement for the ldapuser patch

* Tue May  2 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix segfaults from queries with commas in them in in.xfingerd (bug #11111)

* Tue Apr 25 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 1.2.10
- add revamped version of patch from kos@bastard.net to allow execution as
  any non-root user
- remove test suite from %%build because of weirdness in the build system

* Wed Apr 12 2000 Nalin Dahyabhai <nalin@redhat.com>
- move the defaults for databases and whatnot to /var/lib/ldap (bug #10714)
- fix some possible string-handling problems

* Mon Feb 14 2000 Bill Nottingham <notting@redhat.com>
- start earlier, stop later.

* Thu Feb  3 2000 Nalin Dahyabhai <nalin@redhat.com>
- auto rebuild in new environment (release 4)

* Tue Feb  1 2000 Nalin Dahyabhai <nalin@redhat.com>
- add -D_REENTRANT to make threaded stuff more stable, even though it looks
  like the sources define it, too
- mark *.ph files in migration tools as config files

* Fri Jan 21 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 1.2.9

* Mon Sep 13 1999 Bill Nottingham <notting@redhat.com>
- strip files

* Sat Sep 11 1999 Bill Nottingham <notting@redhat.com>
- update to 1.2.7
- fix some bugs from bugzilla (#4885, #4887, #4888, #4967)
- take include files out of base package

* Fri Aug 27 1999 Jeff Johnson <jbj@redhat.com>
- missing ;; in init script reload) (#4734).

* Tue Aug 24 1999 Cristian Gafton <gafton@redhat.com>
- move stuff from /usr/libexec to /usr/sbin
- relocate config dirs to /etc/openldap

* Mon Aug 16 1999 Bill Nottingham <notting@redhat.com>
- initscript munging

* Wed Aug 11 1999 Cristian Gafton <gafton@redhat.com>
- add the migration tools to the package

* Fri Aug 06 1999 Cristian Gafton <gafton@redhat.com>
- upgrade to 1.2.6
- add rc.d script
- split -devel package

* Sun Feb 07 1999 Preston Brown <pbrown@redhat.com>
- upgrade to latest stable (1.1.4), it now uses configure macro.

* Fri Jan 15 1999 Bill Nottingham <notting@redhat.com>
- build on arm, glibc2.1

* Wed Oct 28 1998 Preston Brown <pbrown@redhat.com>
- initial cut.
- patches for signal handling on the alpha