%global pkgname dirsrv %global srcname 389-ds-base %global bundle_jemalloc 1 %if %{bundle_jemalloc} %global jemalloc_name jemalloc %global jemalloc_ver 5.2.1 %endif # This is used in certain builds to help us know if it has extra features. %global variant base # for a pre-release, define the prerel field e.g. .a1 .rc2 - comment out for official release # also remove the space between % and global - this space is needed because # fedpkg verrel stupidly ignores comment lines %global prerel .20200520gitc350ddc99%{nil} # also need the relprefix field for a pre-release e.g. .0 - also comment out for official release #% global relprefix 0. # If perl-Socket-2.000 or newer is available, set 0 to use_Socket6. %global use_Socket6 0 # This enables a sanitized build. This should not go to production, so we rename. %global use_asan 0 %global use_msan 0 %global use_tsan 0 %global use_ubsan 0 # This enables rust in the build. %global use_rust 0 %global use_legacy 1 %define nspr_version 4.6 %define nss_version 3.11 %if %{use_asan} || %{use_msan} || %{use_tsan} || %{use_ubsan} %global variant base-xsan %endif # Use Clang instead of GCC %global use_clang 0 # fedora 15 and later uses tmpfiles.d # otherwise, comment this out %{!?with_tmpfiles_d: %global with_tmpfiles_d %{_sysconfdir}/tmpfiles.d} # systemd support %global groupname %{pkgname}.target # set PIE flag %global _hardened_build 1 Summary: 389 Directory Server (%{variant}) Name: 389-ds-base Version: 1.4.4.2 Release: 20200520gitc350ddc99%{?dist} License: GPLv3+ URL: https://www.port389.org/ Group: System Environment/Daemons # Is this still needed? BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Obsoletes: %{name} <= 1.4.0.9 Provides: ldif2ldbm # Attach the buildrequires to the top level package: BuildRequires: nspr-devel BuildRequires: nss-devel >= 3.34 BuildRequires: openldap-devel BuildRequires: libdb-devel BuildRequires: cyrus-sasl-devel BuildRequires: icu BuildRequires: libicu-devel BuildRequires: pcre-devel BuildRequires: cracklib-devel %if %{use_clang} BuildRequires: libatomic BuildRequires: clang BuildRequires: compiler-rt %else BuildRequires: gcc BuildRequires: gcc-c++ %if %{use_asan} BuildRequires: libasan %endif %if %{use_tsan} BuildRequires: libtsan %endif %if %{use_ubsan} BuildRequires: libubsan %endif %endif # The following are needed to build the snmp ldap-agent BuildRequires: net-snmp-devel BuildRequires: bzip2-devel BuildRequires: zlib-devel BuildRequires: openssl-devel # the following is for the pam passthru auth plug-in BuildRequires: pam-devel BuildRequires: systemd-units BuildRequires: systemd-devel # If rust is enabled %if %{use_rust} BuildRequires: cargo BuildRequires: rust %endif BuildRequires: pkgconfig BuildRequires: pkgconfig(systemd) BuildRequires: pkgconfig(krb5) # Needed to support regeneration of the autotool artifacts. BuildRequires: autoconf BuildRequires: automake BuildRequires: libtool # For our documentation BuildRequires: doxygen # For tests! BuildRequires: libcmocka-devel BuildRequires: libevent-devel # For lib389 and related components. BuildRequires: python%{python3_pkgversion} BuildRequires: python%{python3_pkgversion}-devel BuildRequires: python%{python3_pkgversion}-setuptools BuildRequires: python%{python3_pkgversion}-ldap BuildRequires: python%{python3_pkgversion}-six BuildRequires: python%{python3_pkgversion}-pyasn1 BuildRequires: python%{python3_pkgversion}-pyasn1-modules BuildRequires: python%{python3_pkgversion}-dateutil BuildRequires: python%{python3_pkgversion}-argcomplete BuildRequires: python%{python3_pkgversion}-argparse-manpage BuildRequires: python%{python3_pkgversion}-policycoreutils BuildRequires: python%{python3_pkgversion}-libselinux # For cockpit BuildRequires: rsync BuildRequires: npm BuildRequires: nodejs # END BUILD REQUIRES # Now, attach the requires only to the package that needs them. # -libs has most of our runtime libs Requires: %{name}-libs = %{version}-%{release} %if 0%{?rhel} > 7 || 0%{?fedora} Requires: python%{python3_pkgversion}-lib389 = %{version}-%{release} %endif # this is needed for using semanage from our setup scripts Requires: policycoreutils-python-utils # This is needed for our future move to python selinux interaction. Requires: libsemanage-python%{python3_pkgversion} # the following are needed for some of our scripts Requires: openldap-clients # this is needed to setup SSL if you are not using the # administration server package Requires: nss-tools Requires: nss >= 3.34 # these are not found by the auto-dependency method # they are required to support the mandatory LDAP SASL mechs Requires: cyrus-sasl-gssapi Requires: cyrus-sasl-md5 # This is optionally supported by us, as we use it in our tests Requires: cyrus-sasl-plain # this is needed for verify-db.pl and backldbm Requires: libdb-utils Requires: libdb # This picks up libperl.so as a Requires, so we add this versioned one Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) # Needed by logconv.pl Requires: perl-DB_File Requires: perl-Archive-Tar # Needed for password dictionary checks Requires: cracklib-dicts # Picks up our systemd deps. %{?systemd_requires} Source0: https://releases.pagure.org/%{name}/%{name}-%{version}%{?prerel}.tar.bz2 # 389-ds-git.sh should be used to generate the source tarball from git Source1: %{name}-git.sh Source2: %{name}-devel.README %if %{bundle_jemalloc} Source3: https://github.com/jemalloc/%{jemalloc_name}/releases/download/%{jemalloc_ver}/%{jemalloc_name}-%{jemalloc_ver}.tar.bz2 %endif %description 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. %if %{use_asan} WARNING! This build is linked to Address Sanitisation libraries. This probably isn't what you want. Please contact support immediately. Please see http://seclists.org/oss-sec/2016/q1/363 for more information. %endif %package libs Summary: Core libraries for 389 Directory Server (%{variant}) Group: System Environment/Daemons Provides: svrcore = 4.1.4 Obsoletes: svrcore <= 4.1.3 Conflicts: svrcore # You can work this out by running LDD on libslapd.so to see what it needs in # isolation. Requires: nss >= 3.34 Requires: nspr Requires: openldap Requires: libevent Requires: systemd-libs # Pull in sasl Requires: cyrus-sasl-lib # KRB Requires: krb5-libs %if %{use_clang} Requires: llvm Requires: compiler-rt %else %if %{use_asan} Requires: libasan %endif %if %{use_tsan} Requires: libtsan %endif %if %{use_ubsan} Requires: libubsan %endif %endif %description libs Core libraries for the 389 Directory Server base package. These libraries are used by the main package and the -devel package. This allows the -devel package to be installed with just the -libs package and without the main package. %if %{use_legacy} %package legacy-tools Summary: Legacy utilities for 389 Directory Server (%{variant}) Group: System Environment/Daemons Obsoletes: %{name} <= 1.4.0.9 Requires: %{name} = %{version}-%{release} # for setup-ds.pl to support ipv6 %if %{use_Socket6} Requires: perl-Socket6 %else Requires: perl-Socket %endif Requires: perl-NetAddr-IP # use_openldap assumes perl-Mozilla-LDAP is built with openldap support Requires: perl-Mozilla-LDAP # for setup-ds.pl Requires: bind-utils %global __provides_exclude_from %{_libdir}/%{pkgname}/perl %global __requires_exclude perl\\((DSCreate|DSMigration|DSUpdate|DSUtil|Dialog|DialogManager|FileConn|Inf|Migration|Resource|Setup|SetupLog) %{?perl_default_filter} %description legacy-tools Legacy (and deprecated) utilities for 389 Directory Server. This includes the old account management and task scripts. These are deprecated in favour of the dscreate, dsctl, dsconf and dsidm tools. %endif #endif use_legacy %package devel Summary: Development libraries for 389 Directory Server (%{variant}) Group: Development/Libraries Provides: svrcore-devel = 4.1.4 Obsoletes: svrcore-devel <= 4.1.3 Conflicts: svrcore-devel Requires: %{name}-libs = %{version}-%{release} Requires: pkgconfig Requires: nspr-devel Requires: nss-devel >= 3.34 Requires: openldap-devel # systemd-libs contains the headers iirc. Requires: systemd-libs %description devel Development Libraries and headers for the 389 Directory Server base package. %package snmp Summary: SNMP Agent for 389 Directory Server Group: System Environment/Daemons Requires: %{name} = %{version}-%{release} Obsoletes: %{name} <= 1.3.5.4 %description snmp SNMP Agent for the 389 Directory Server base package. %package -n python%{python3_pkgversion}-lib389 Summary: A library for accessing, testing, and configuring the 389 Directory Server BuildArch: noarch Group: Development/Libraries Requires: krb5-workstation Requires: openssl # This is for /usr/bin/c_rehash tool, only needed for openssl < 1.1.0 Requires: openssl-perl Requires: iproute Requires: python%{python3_pkgversion} Requires: python%{python3_pkgversion}-distro Requires: python%{python3_pkgversion}-pytest Requires: python%{python3_pkgversion}-ldap Requires: python%{python3_pkgversion}-six Requires: python%{python3_pkgversion}-pyasn1 Requires: python%{python3_pkgversion}-pyasn1-modules Requires: python%{python3_pkgversion}-dateutil Requires: python%{python3_pkgversion}-argcomplete Requires: python%{python3_pkgversion}-libselinux Requires: python%{python3_pkgversion}-setuptools Recommends: bash-completion %{?python_provide:%python_provide python%{python3_pkgversion}-lib389} %description -n python%{python3_pkgversion}-lib389 This module contains tools and libraries for accessing, testing, and configuring the 389 Directory Server. %package -n cockpit-389-ds Summary: Cockpit UI Plugin for configuring and administering the 389 Directory Server BuildArch: noarch Requires: cockpit Requires: 389-ds-base Requires: python%{python3_pkgversion} Requires: python%{python3_pkgversion}-lib389 %description -n cockpit-389-ds A cockpit UI Plugin for configuring and administering the 389 Directory Server %prep %setup -q -n %{name}-%{version}%{?prerel} %if %{bundle_jemalloc} %setup -q -n %{name}-%{version}%{?prerel} -T -D -b 3 %endif cp %{SOURCE2} README.devel %build %if %{use_clang} export CC=clang export CXX=clang++ CLANG_FLAGS="--enable-clang" %endif %{?with_tmpfiles_d: TMPFILES_FLAG="--with-tmpfiles-d=%{with_tmpfiles_d}"} %if %{use_asan} && !%{use_rust} ASAN_FLAGS="--enable-asan --enable-debug" %endif %if %{use_msan} && !%{use_rust} MSAN_FLAGS="--enable-msan --enable-debug" %endif %if %{use_tsan} && !%{use_rust} TSAN_FLAGS="--enable-tsan --enable-debug" %endif %if %{use_ubsan} && !%{use_rust} UBSAN_FLAGS="--enable-ubsan --enable-debug" %endif %if %{use_rust} RUST_FLAGS="--enable-rust" %endif %if %{use_legacy} LEGACY_FLAGS="--enable-legacy --enable-perl" %else LEGACY_FLAGS="--disable-legacy --disable-perl" %endif %if %{bundle_jemalloc} # Override page size, bz #1545539 # 4K %ifarch %ix86 %arm x86_64 s390x %define lg_page --with-lg-page=12 %endif # 64K %ifarch ppc64 ppc64le aarch64 %define lg_page --with-lg-page=16 %endif # Override huge page size on aarch64 # 2M instead of 512M %ifarch aarch64 %define lg_hugepage --with-lg-hugepage=21 %endif # Build jemalloc pushd ../%{jemalloc_name}-%{jemalloc_ver} %configure \ --libdir=%{_libdir}/%{pkgname}/lib \ --bindir=%{_libdir}/%{pkgname}/bin \ --enable-prof %{lg_page} %{lg_hugepage} make %{?_smp_mflags} popd %endif # Rebuild the autotool artifacts now. autoreconf -fiv %configure --with-selinux $TMPFILES_FLAG \ --with-systemd \ --with-systemdsystemunitdir=%{_unitdir} \ --with-systemdsystemconfdir=%{_sysconfdir}/systemd/system \ --with-systemdgroupname=%{groupname} \ --libexecdir=%{_libexecdir}/%{pkgname} \ $ASAN_FLAGS $MSAN_FLAGS $TSAN_FLAGS $UBSAN_FLAGS $RUST_FLAGS $CLANG_FLAGS $LEGACY_FLAGS\ --enable-cmocka %if 0%{?rhel} > 7 || 0%{?fedora} # lib389 pushd ./src/lib389 %py3_build popd # argparse-manpage dynamic man pages have hardcoded man v1 in header, # need to change it to v8 sed -i "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}%{?prerel}/src/lib389/man/dsconf.8 sed -i "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}%{?prerel}/src/lib389/man/dsctl.8 sed -i "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}%{?prerel}/src/lib389/man/dsidm.8 sed -i "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}%{?prerel}/src/lib389/man/dscreate.8 %endif # Generate symbolic info for debuggers export XCFLAGS=$RPM_OPT_FLAGS make %{?_smp_mflags} %install rm -rf $RPM_BUILD_ROOT mkdir -p %{buildroot}%{_datadir}/gdb/auto-load%{_sbindir} mkdir -p %{buildroot}%{_datadir}/cockpit make DESTDIR="$RPM_BUILD_ROOT" install find %{buildroot}%{_datadir}/cockpit/389-console -type d | sed -e "s@%{buildroot}@@" | sed -e 's/^/\%dir /' > cockpit.list find %{buildroot}%{_datadir}/cockpit/389-console -type f | sed -e "s@%{buildroot}@@" >> cockpit.list # Copy in our docs from doxygen. cp -r %{_builddir}/%{name}-%{version}%{?prerel}/man/man3 $RPM_BUILD_ROOT/%{_mandir}/man3 %if 0%{?rhel} > 7 || 0%{?fedora} # lib389 pushd src/lib389 %py3_install popd %endif mkdir -p $RPM_BUILD_ROOT/var/log/%{pkgname} mkdir -p $RPM_BUILD_ROOT/var/lib/%{pkgname} mkdir -p $RPM_BUILD_ROOT/var/lock/%{pkgname} \ && chmod 770 $RPM_BUILD_ROOT/var/lock/%{pkgname} # for systemd mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/systemd/system/%{groupname}.wants #remove libtool and static libs rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/*.a rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/*.la rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/plugins/*.a rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/plugins/*.la rm -f $RPM_BUILD_ROOT%{_libdir}/libsvrcore.a rm -f $RPM_BUILD_ROOT%{_libdir}/libsvrcore.la %if %{use_legacy} # make sure perl scripts have a proper shebang sed -i -e 's|#{{PERL-EXEC}}|#!/usr/bin/perl|' $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/script-templates/template-*.pl %endif %if %{bundle_jemalloc} pushd ../%{jemalloc_name}-%{jemalloc_ver} make DESTDIR="$RPM_BUILD_ROOT" install_lib install_bin cp -pa COPYING ../%{name}-%{version}%{?prerel}/COPYING.jemalloc cp -pa README ../%{name}-%{version}%{?prerel}/README.jemalloc popd %endif %check # This checks the code, if it fails it prints why, then re-raises the fail to shortcircuit the rpm build. %if %{use_tsan} export TSAN_OPTIONS=print_stacktrace=1:second_deadlock_stack=1:history_size=7 %endif if ! make DESTDIR="$RPM_BUILD_ROOT" check; then cat ./test-suite.log && false; fi %clean rm -rf $RPM_BUILD_ROOT %post if [ -n "$DEBUGPOSTTRANS" ] ; then output=$DEBUGPOSTTRANS output2=${DEBUGPOSTTRANS}.upgrade else output=/dev/null output2=/dev/null fi # reload to pick up any changes to systemd files /bin/systemctl daemon-reload >$output 2>&1 || : # find all instances instances="" # instances that require a restart after upgrade ninst=0 # number of instances found in total # https://fedoraproject.org/wiki/Packaging:UsersAndGroups#Soft_static_allocation # Soft static allocation for UID and GID USERNAME="dirsrv" ALLOCATED_UID=389 GROUPNAME="dirsrv" ALLOCATED_GID=389 HOMEDIR="/usr/share/dirsrv" getent group $GROUPNAME >/dev/null || groupadd -f -g $ALLOCATED_GID -r $GROUPNAME if ! getent passwd $USERNAME >/dev/null ; then if ! getent passwd $ALLOCATED_UID >/dev/null ; then useradd -r -u $ALLOCATED_UID -g $GROUPNAME -d $HOMEDIR -s /sbin/nologin -c "user for 389-ds-base" $USERNAME else useradd -r -g $GROUPNAME -d $HOMEDIR -s /sbin/nologin -c "user for 389-ds-base" $USERNAME fi fi # Reload our sysctl before we restart (if we can) sysctl --system &> $output; true %preun if [ $1 -eq 0 ]; then # Final removal # remove instance specific service files/links rm -rf %{_sysconfdir}/systemd/system/%{groupname}.wants/* > /dev/null 2>&1 || : fi %postun if [ $1 = 0 ]; then # Final removal rm -rf /var/run/%{pkgname} fi %post snmp %systemd_post %{pkgname}-snmp.service %preun snmp %systemd_preun %{pkgname}-snmp.service %{groupname} %postun snmp %systemd_postun_with_restart %{pkgname}-snmp.service %if %{use_legacy} %post legacy-tools # START UPGRADE SCRIPT if [ -n "$DEBUGPOSTTRANS" ] ; then output=$DEBUGPOSTTRANS output2=${DEBUGPOSTTRANS}.upgrade else output=/dev/null output2=/dev/null fi echo looking for instances in %{_sysconfdir}/%{pkgname} > $output 2>&1 || : instbase="%{_sysconfdir}/%{pkgname}" ninst=0 for dir in $instbase/slapd-* ; do echo dir = $dir >> $output 2>&1 || : if [ ! -d "$dir" ] ; then continue ; fi case "$dir" in *.removed) continue ;; esac basename=`basename $dir` inst="%{pkgname}@`echo $basename | sed -e 's/slapd-//g'`" echo found instance $inst - getting status >> $output 2>&1 || : if /bin/systemctl -q is-active $inst ; then echo instance $inst is running >> $output 2>&1 || : instances="$instances $inst" else echo instance $inst is not running >> $output 2>&1 || : fi ninst=`expr $ninst + 1` done if [ $ninst -eq 0 ] ; then echo no instances to upgrade >> $output 2>&1 || : exit 0 # have no instances to upgrade - just skip the rest fi # shutdown all instances echo shutting down all instances . . . >> $output 2>&1 || : for inst in $instances ; do echo stopping instance $inst >> $output 2>&1 || : /bin/systemctl stop $inst >> $output 2>&1 || : done echo remove pid files . . . >> $output 2>&1 || : /bin/rm -f /var/run/%{pkgname}*.pid /var/run/%{pkgname}*.startpid # do the upgrade echo upgrading instances . . . >> $output 2>&1 || : DEBUGPOSTSETUPOPT=`/usr/bin/echo $DEBUGPOSTSETUP | /usr/bin/sed -e "s/[^d]//g"` if [ -n "$DEBUGPOSTSETUPOPT" ] ; then %{_sbindir}/setup-ds.pl -$DEBUGPOSTSETUPOPT -u -s General.UpdateMode=offline >> $output 2>&1 || : else %{_sbindir}/setup-ds.pl -u -s General.UpdateMode=offline >> $output 2>&1 || : fi # restart instances that require it for inst in $instances ; do echo restarting instance $inst >> $output 2>&1 || : /bin/systemctl start $inst >> $output 2>&1 || : done #END UPGRADE exit 0 %endif #endif use_legacy %files %if %{bundle_jemalloc} %doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.jemalloc %license COPYING.jemalloc %else %doc LICENSE LICENSE.GPLv3+ LICENSE.openssl %endif %dir %{_sysconfdir}/%{pkgname} %dir %{_sysconfdir}/%{pkgname}/schema %config(noreplace)%{_sysconfdir}/%{pkgname}/schema/*.ldif %dir %{_sysconfdir}/%{pkgname}/config %dir %{_sysconfdir}/systemd/system/%{groupname}.wants %config(noreplace)%{_sysconfdir}/%{pkgname}/config/slapd-collations.conf %config(noreplace)%{_sysconfdir}/%{pkgname}/config/certmap.conf %{_datadir}/%{pkgname} %{_datadir}/gdb/auto-load/* %{_unitdir} %{_bindir}/dbscan %{_mandir}/man1/dbscan.1.gz %{_bindir}/ds-replcheck %{_mandir}/man1/ds-replcheck.1.gz %{_bindir}/ds-logpipe.py %{_mandir}/man1/ds-logpipe.py.1.gz %{_bindir}/ldclt %{_mandir}/man1/ldclt.1.gz %{_bindir}/logconv.pl %{_mandir}/man1/logconv.pl.1.gz %{_bindir}/pwdhash %{_mandir}/man1/pwdhash.1.gz %{_bindir}/readnsstate %{_mandir}/man1/readnsstate.1.gz # We have to seperate this from being a glob to ensure the caps are applied. # %caps(CAP_NET_BIND_SERVICE=pe) {_sbindir}/ns-slapd %{_sbindir}/ns-slapd %{_mandir}/man8/ns-slapd.8.gz %{_libexecdir}/%{pkgname}/ds_systemd_ask_password_acl %{_mandir}/man5/99user.ldif.5.gz %{_mandir}/man5/certmap.conf.5.gz %{_mandir}/man5/slapd-collations.conf.5.gz %{_mandir}/man5/dirsrv.5.gz %{_mandir}/man5/dirsrv.systemd.5.gz %{_libdir}/%{pkgname}/python %dir %{_libdir}/%{pkgname}/plugins %{_libdir}/%{pkgname}/plugins/*.so # This has to be hardcoded to /lib - $libdir changes between lib/lib64, but # sysctl.d is always in /lib. %{_prefix}/lib/sysctl.d/* %dir %{_localstatedir}/lib/%{pkgname} %dir %{_localstatedir}/log/%{pkgname} %ghost %dir %{_localstatedir}/lock/%{pkgname} %exclude %{_sbindir}/ldap-agent* %exclude %{_mandir}/man1/ldap-agent.1.gz %exclude %{_unitdir}/%{pkgname}-snmp.service %if %{bundle_jemalloc} %{_libdir}/%{pkgname}/lib/ %{_libdir}/%{pkgname}/bin/ %exclude %{_libdir}/%{pkgname}/bin/jemalloc-config %exclude %{_libdir}/%{pkgname}/bin/jemalloc.sh %exclude %{_libdir}/%{pkgname}/lib/libjemalloc.a %exclude %{_libdir}/%{pkgname}/lib/libjemalloc.so %exclude %{_libdir}/%{pkgname}/lib/libjemalloc_pic.a %exclude %{_libdir}/%{pkgname}/lib/pkgconfig %endif %files devel %doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel %{_mandir}/man3/* %{_includedir}/svrcore.h %{_includedir}/%{pkgname} %{_libdir}/libsvrcore.so %{_libdir}/%{pkgname}/libslapd.so %{_libdir}/%{pkgname}/libns-dshttpd.so %{_libdir}/%{pkgname}/libsds.so %{_libdir}/%{pkgname}/libldaputil.so %{_libdir}/pkgconfig/svrcore.pc %{_libdir}/pkgconfig/dirsrv.pc %{_libdir}/pkgconfig/libsds.pc %files libs %doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel %dir %{_libdir}/%{pkgname} %{_libdir}/libsvrcore.so.* %{_libdir}/%{pkgname}/libslapd.so.* %{_libdir}/%{pkgname}/libns-dshttpd-*.so %{_libdir}/%{pkgname}/libsds.so.* %{_libdir}/%{pkgname}/libldaputil.so.* %{_libdir}/%{pkgname}/librewriters.so* %if %{bundle_jemalloc} %{_libdir}/%{pkgname}/lib/libjemalloc.so.2 %endif %if %{use_legacy} %files legacy-tools %doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel %{_bindir}/infadd %{_mandir}/man1/infadd.1.gz %{_bindir}/ldif %{_mandir}/man1/ldif.1.gz %{_bindir}/migratecred %{_mandir}/man1/migratecred.1.gz %{_bindir}/mmldif %{_mandir}/man1/mmldif.1.gz %{_bindir}/rsearch %{_mandir}/man1/rsearch.1.gz %{_libexecdir}/%{pkgname}/ds_selinux_enabled %{_libexecdir}/%{pkgname}/ds_selinux_port_query %config(noreplace)%{_sysconfdir}/%{pkgname}/config/template-initconfig %{_mandir}/man5/template-initconfig.5.gz %{_datadir}/%{pkgname}/properties/*.res %{_datadir}/%{pkgname}/script-templates %{_datadir}/%{pkgname}/updates %{_sbindir}/ldif2ldap %{_mandir}/man8/ldif2ldap.8.gz %{_sbindir}/bak2db %{_mandir}/man8/bak2db.8.gz %{_sbindir}/db2bak %{_mandir}/man8/db2bak.8.gz %{_sbindir}/db2index %{_mandir}/man8/db2index.8.gz %{_sbindir}/db2ldif %{_mandir}/man8/db2ldif.8.gz %{_sbindir}/dbverify %{_mandir}/man8/dbverify.8.gz %{_sbindir}/ldif2db %{_mandir}/man8/ldif2db.8.gz %{_sbindir}/restart-dirsrv %{_mandir}/man8/restart-dirsrv.8.gz %{_sbindir}/start-dirsrv %{_mandir}/man8/start-dirsrv.8.gz %{_sbindir}/status-dirsrv %{_mandir}/man8/status-dirsrv.8.gz %{_sbindir}/stop-dirsrv %{_mandir}/man8/stop-dirsrv.8.gz %{_sbindir}/upgradedb %{_mandir}/man8/upgradedb.8.gz %{_sbindir}/vlvindex %{_mandir}/man8/vlvindex.8.gz %{_sbindir}/monitor %{_mandir}/man8/monitor.8.gz %{_sbindir}/dbmon.sh %{_mandir}/man8/dbmon.sh.8.gz %{_sbindir}/dn2rdn %{_mandir}/man8/dn2rdn.8.gz %{_sbindir}/restoreconfig %{_mandir}/man8/restoreconfig.8.gz %{_sbindir}/saveconfig %{_mandir}/man8/saveconfig.8.gz %{_sbindir}/suffix2instance %{_mandir}/man8/suffix2instance.8.gz %{_sbindir}/upgradednformat %{_mandir}/man8/upgradednformat.8.gz %{_mandir}/man1/dbgen.pl.1.gz %{_bindir}/repl-monitor %{_mandir}/man1/repl-monitor.1.gz %{_bindir}/repl-monitor.pl %{_mandir}/man1/repl-monitor.pl.1.gz %{_bindir}/cl-dump %{_mandir}/man1/cl-dump.1.gz %{_bindir}/cl-dump.pl %{_mandir}/man1/cl-dump.pl.1.gz %{_bindir}/dbgen.pl %{_mandir}/man8/bak2db.pl.8.gz %{_sbindir}/bak2db.pl %{_sbindir}/cleanallruv.pl %{_mandir}/man8/cleanallruv.pl.8.gz %{_sbindir}/db2bak.pl %{_mandir}/man8/db2bak.pl.8.gz %{_sbindir}/db2index.pl %{_mandir}/man8/db2index.pl.8.gz %{_sbindir}/db2ldif.pl %{_mandir}/man8/db2ldif.pl.8.gz %{_sbindir}/fixup-linkedattrs.pl %{_mandir}/man8/fixup-linkedattrs.pl.8.gz %{_sbindir}/fixup-memberof.pl %{_mandir}/man8/fixup-memberof.pl.8.gz %{_sbindir}/ldif2db.pl %{_mandir}/man8/ldif2db.pl.8.gz %{_sbindir}/migrate-ds.pl %{_mandir}/man8/migrate-ds.pl.8.gz %{_sbindir}/ns-accountstatus.pl %{_mandir}/man8/ns-accountstatus.pl.8.gz %{_sbindir}/ns-activate.pl %{_mandir}/man8/ns-activate.pl.8.gz %{_sbindir}/ns-inactivate.pl %{_mandir}/man8/ns-inactivate.pl.8.gz %{_sbindir}/ns-newpwpolicy.pl %{_mandir}/man8/ns-newpwpolicy.pl.8.gz %{_sbindir}/remove-ds.pl %{_mandir}/man8/remove-ds.pl.8.gz %{_sbindir}/schema-reload.pl %{_mandir}/man8/schema-reload.pl.8.gz %{_sbindir}/setup-ds.pl %{_mandir}/man8/setup-ds.pl.8.gz %{_sbindir}/syntax-validate.pl %{_mandir}/man8/syntax-validate.pl.8.gz %{_sbindir}/usn-tombstone-cleanup.pl %{_mandir}/man8/usn-tombstone-cleanup.pl.8.gz %{_sbindir}/verify-db.pl %{_mandir}/man8/verify-db.pl.8.gz %{_libdir}/%{pkgname}/perl %endif #endif use_legacy %files snmp %doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel %config(noreplace)%{_sysconfdir}/%{pkgname}/config/ldap-agent.conf %{_sbindir}/ldap-agent* %{_mandir}/man1/ldap-agent.1.gz %{_unitdir}/%{pkgname}-snmp.service %files -n python%{python3_pkgversion}-lib389 %doc LICENSE LICENSE.GPLv3+ %{python3_sitelib}/lib389* %{_sbindir}/dsconf %{_mandir}/man8/dsconf.8.gz %{_sbindir}/dscreate %{_mandir}/man8/dscreate.8.gz %{_sbindir}/dsctl %{_mandir}/man8/dsctl.8.gz %{_sbindir}/dsidm %{_mandir}/man8/dsidm.8.gz %{_libexecdir}/%{pkgname}/dscontainer %files -n cockpit-389-ds -f cockpit.list %{_datarootdir}/metainfo/389-console/org.port389.cockpit_console.metainfo.xml %doc README.md %changelog * Mon Dec 21 2015 Mark Reynolds - 1.3.4.1-3 - Ticket 48376 - Create subpackage for lib389 CI tests * Mon Dec 14 2015 Mark Reynolds - 1.3.4.1-2 - Ticket 48377 - Include the jemalloc library * Tue Jun 23 2015 Noriko Hosoi - 1.3.4.1-1 - Release 1.3.4.1-1 * Fri Jun 19 2015 Noriko Hosoi - 1.3.4.0-1 - Release 1.3.4.0-1 (rebase) * Wed Feb 25 2015 Noriko Hosoi - 1.3.3.8-2 - Ticket 48030 - DNS errors after IPA upgrade due to broken ReplSync Fixes spec file to make sure all the server instances are stopped before upgrade * Sat Jun 15 2013 Noriko Hosoi - 1.3.1.2-1 - bump version to 1.3.1.2 - Ticket 47391 - deleting and adding userpassword fails to update the password - Coverity Fixes (Part 7) * Fri Jun 14 2013 Noriko Hosoi - 1.3.1.1-1 - bump version to 1.3.1.1 - Ticket 402 - nhashed#user#password in entry extension - Ticket 511 - Revision - allow turning off vattr lookup in search entry return - Ticket 580 - Wrong error code return when using EXTERNAL SASL and no client certificate - Ticket 47327 - error syncing group if group member user is not synced - Ticket 47355 - dse.ldif doesn't replicate update to nsslapd-sasl-mapping-fallback - Ticket 47359 - new ldap connections can block ldaps and ldapi connections - Ticket 47362 - ipa upgrade selinuxusermap data not replicating - Ticket 47375 - flush_ber error sending back start_tls response will deadlock - Ticket 47376 - DESC should not be empty as per RFC 2252 (ldapv3) - Ticket 47377 - make listen backlog size configurable - Ticket 47378 - fix recent compiler warnings - Ticket 47383 - connections attribute in cn=snmp,cn=monitor is counted twice - Ticket 47385 - DS not shutting down when disk monitoring threshold is reached - Coverity Fixes (part 1) - Coverity Fixes (Part 2) - Coverity Fixes (Part 3) - Coverity Fixes (Part 4) - Coverity Fixes (Part 5) * Thu May 02 2013 Noriko Hosoi - 1.3.1.0-1 - bump version to 1.3.1.0 - Ticket 332 - Command line perl scripts should attempt most secure connection type first - Ticket 342 - better error message when cache overflows - Ticket 417 - RFE - forcing passwordmustchange attribute by non-cn=directory manager - Ticket 419 - logconv.pl - improve memory management - Ticket 422 - 389-ds-base - Can't call method "getText" - Ticket 433 - multiple bugs in start-dirsrv, stop-dirsrv, restart-dirsrv scripts - Ticket 458 - RFE - Make it possible for privileges to be provided to an admin user to import an LDIF file containing hashed passwords - Ticket 471 - logconv.pl tool removes the access logs contents if "-M" is not correctly used - Ticket 487 - Possible to add invalid attribute values to PAM PTA plugin configuration - Ticket 502 - setup-ds.pl script should wait if "semanage.trans.LOCK" presen - Ticket 505 - use lock-free access name2asi and oid2asi tables (additional) - Ticket 508 - lock-free access to FrontendConfig structure - Ticket 511 - allow turning off vattr lookup in search entry return - Ticket 525 - Introducing a user visible configuration variable for controlling replication retry time - Ticket 528 - RFE - get rid of instance specific scripts - Ticket 529 - dn normalization must handle multiple space characters in attributes - Ticket 532 - RUV is not getting updated for both Master and consumer - Ticket 533 - only scan for attributes to decrypt if there are encrypted attrs configured - Ticket 534 - RFE: Add SASL mappings fallback - Ticket 537 - Improvement of range search - Ticket 539 - logconv.pl should handle microsecond timing - Ticket 543 - Sorting with attributes in ldapsearch gives incorrect result - Ticket 545 - Segfault during initial LDIF import: str2entry_dupcheck() - Ticket 547 - Incorrect assumption in ndn cache - Ticket 550 - posix winsync will not create memberuid values if group entry become posix group in the same sync interval - Ticket 551 - Multivalued rootdn-days-allowed in RootDN Access Control plugin always results in access control violation - Ticket 552 - Adding rootdn-open-time without rootdn-close-time to RootDN Acess Control results in inconsistent configuration - Ticket 558 - Replication - make timeout for protocol shutdown configurable - Ticket 561 - disable writing unhashed#user#password to changelog - Ticket 563 - DSCreate.pm: Error messages cannot be used in the if expression since they could be localized. - Ticket 565 - turbo mode and replication - allow disable of turbo mode - Ticket 571 - server does not accept 0 length LDAP Control sequence - Ticket 574 - problems with dbcachesize disk space calculation - Ticket 583 - dirsrv fails to start on reboot due to /var/run/dirsrv permissions - Ticket 585 - Behaviours of "db2ldif -a " and "db2ldif.pl -a " are inconsistent - Ticket 587 - Replication error messages in the DS error logs - Ticket 588 - Create MAN pages for command line scripts - Ticket 600 - Server should return unavailableCriticalExtension when processing a badly formed critical control - Ticket 603 - A logic error in str2simple - Ticket 604 - Required attribute not checked during search operation - Ticket 608 - Posix Winsync plugin throws "posix_winsync_end_update_cb: failed to add task entry" error message - Ticket 611 - logconv.pl missing stats for StartTLS, LDAPI, and AUTOBIND - Ticket 612 - improve dbgen rdn generation, output - Ticket 613 - ldclt: add timestamp, interval, nozeropad, other improvements - Ticket 616 - High contention on computed attribute lock - Ticket 618 - Crash at shutdown while stopping replica agreements - Ticket 620 - Better logging of error messages for 389-ds-base - Ticket 621 - modify operations without values need to be written to the changelog - Ticket 622 - DS logging errors "libdb: BDB0171 seek: 2147483648: (262144 * 8192) + 0: No such file or directory - Ticket 631 - Replication: "Incremental update started" status message without consumer initialized - Ticket 633 - allow nsslapd-nagle to be disabled, and also tcp cork - Ticket 47299 - allow cmdline scripts to work with non-root user - Ticket 47302 - get rid of sbindir start/stop/restart slapd scripts - Ticket 47303 - start/stop/restart dirsrv scripts should report and error if no instances - Ticket 47304 - reinitialization of a master with a disabled agreement hangs - Ticket 47311 - segfault in db2ldif(trigger by a cleanallruv task) - Ticket 47312 - replace PR_GetFileInfo with PR_GetFileInfo64 - Ticket 47315 - filter option in fixup-memberof requires more clarification - Ticket 47325 - Crash at shutdown on a replica aggrement - Ticket 47330 - changelog db extension / upgrade is obsolete - Ticket 47336 - logconv.pl -m not working for all stats - Ticket 47341 - logconv.pl -m time calculation is wrong - Ticket 47343 - 389-ds-base: Does not support aarch64 in f19 and rawhide - Ticket 47347 - Simple paged results should support async search - Ticket 47348 - add etimes to per second/minute stats - Ticket 47349 - DS instance crashes under a high load * Thu Mar 28 2013 Noriko Hosoi - 1.3.0.5-1 - bump version to 1.3.0.5 - Ticket 47308 - unintended information exposure when anonymous access is set to rootdse - Ticket 628 - crash in aci evaluation - Ticket 627 - ns-slapd crashes sporadically with segmentation fault in libslapd.so - Ticket 634 - Deadlock in DNA plug-in Ticket #576 - DNA: use event queue for config update only at the start up - Ticket 632 - 389-ds-base cannot handle Kerberos tickets with PAC - Ticket 623 - cleanAllRUV task fails to cleanup config upon completion * Mon Mar 11 2013 Mark Reynolds - 1.3.0.4-1 - e53d691 bump version to 1.3.0.4 - Bug 912964 - CVE-2013-0312 389-ds: unauthenticated denial of service vulnerability in handling of LDAPv3 control data - Ticket 570 - DS returns error 20 when replacing values of a multi-valued attribute (only when replication is enabled) - Ticket 490 - Slow role performance when using a lot of roles - Ticket 590 - ns-slapd segfaults while trying to delete a tombstone entry * Wed Feb 13 2013 Noriko Hosoi - 1.3.0.3-1 - bump version to 1.3.0.3 - Ticket #584 - Existence of an entry is not checked when its password is to be deleted - Ticket 562 - Crash when deleting suffix * Fri Feb 01 2013 Parag Nemade - 1.3.0.2-2 - Rebuild for icu 50 * Wed Jan 16 2013 Noriko Hosoi - 1.3.0.2-1 - bump version to 1.3.0.2 - Ticket #542 - Cannot dynamically set nsslapd-maxbersize * Wed Jan 16 2013 Noriko Hosoi - 1.3.0.1-1 - bump version to 1.3.0.1 - Ticket 556 - Don't overwrite certmap.conf during upgrade * Tue Jan 08 2013 Noriko Hosoi - 1.3.0.0-1 - bump version to 1.3.0.0 * Tue Jan 08 2013 Noriko Hosoi - 1.3.0-0.3.rc3 - bump version to 1.3.0.rc3 - Ticket 549 - DNA plugin no longer reports additional info when range is depleted - Ticket 541 - need to set plugin as off in ldif template - Ticket 541 - RootDN Access Control plugin is missing after upgrade * Fri Dec 14 2012 Noriko Hosoi - 1.3.0-0.2.rc2 - bump version to 1.3.0.rc2 - Trac Ticket #497 - Escaped character cannot be used in the substring search filter - Ticket 509 - lock-free access to be->be_suffixlock - Trac Ticket #522 - betxn: upgrade is not implemented yet * Tue Dec 11 2012 Noriko Hosoi - 1.3.0-0.1.rc1 - bump version to 1.3.0.rc1 - Ticket #322 - Create DOAP description for the 389 Directory Server project - Trac Ticket #499 - Handling URP results is not corrrect - Ticket 509 - lock-free access to be->be_suffixlock - Ticket 456 - improve entry cache sizing - Trac Ticket #531 - loading an entry from the database should use str2entry_f - Trac Ticket #536 - Clean up compiler warnings for 1.3 - Trac Ticket #531 - loading an entry from the database should use str2entry_fast - Ticket 509 - lock-free access to be->be_suffixlock - Ticket 527 - ns-slapd segfaults if it cannot rename the logs - Ticket 395 - RFE: 389-ds shouldn't advertise in the rootDSE that we can handle a sasl mech if we really can't - Ticket 216 - disable replication agreements - Ticket 518 - dse.ldif is 0 length after server kill or machine kill - Ticket 393 - Change in winSyncInterval does not take immediate effect - Ticket 20 - Allow automember to work on entries that have already been added - Coverity Fixes - Ticket 349 - nsViewFilter syntax issue in 389DS 1.2.5 - Ticket 337 - improve CLEANRUV functionality - Fix for ticket 504 - Ticket 394 - modify-delete userpassword - minor fixes for bdb 4.2/4.3 and mozldap - Trac Ticket #276 - Multiple threads simultaneously working on connection's private buffer causes ns-slapd to abort - Fix for ticket 465: cn=monitor showing stats for other db instances - Ticket 507 - use mutex for FrontendConfig lock instead of rwlock - Fix for ticket 510 Avoid creating an attribute just to determine the syntax for a type, look up the syntax directly by type - Coverity defect: Resource leak 13110 - Ticket 517 - crash in DNA if no dnaMagicRegen is specified - Trac Ticket #520 - RedHat Directory Server crashes (segfaults) when moving ldap entry - Trac Ticket #519 - Search with a complex filter including range search is slow - Trac Ticket #500 - Newly created users with organizationalPerson objectClass fails to sync from AD to DS with missing attribute error - Trac Ticket #311 - IP lookup failing with multiple DNS entries - Trac Ticket #447 - Possible to add invalid attribute to nsslapd-allowed-to-delete-attrs - Trac Ticket #443 - Deleting attribute present in nsslapd-allowed-to-delete-attrs returns Operations error - Ticket #503 - Improve AD version in winsync log message - Trac Ticket #190 - Un-resolvable server in replication agreement produces unclear error message - Coverity fixes - Trac Ticket #391 - Slapd crashes when deleting backends while operations are still in progress - Trac Ticket #448 - Possible to set invalid macros in Macro ACIs - Trac Ticket #498 - Cannot abaondon simple paged result search - Coverity defects - Trac Ticket #494 - slapd entered to infinite loop during new index addition - Fixing compiler warnings in the posix-winsync plugin - Coverity defects - Ticket 147 - Internal Password Policy usage very inefficient - Ticket 495 - internalModifiersname not updated by DNA plugin - Revert "Ticket 495 - internalModifiersname not updated by DNA plugin" - Ticket 495 - internalModifiersname not updated by DNA plugin - Ticket 468 - if pam_passthru is enabled, need to AC_CHECK_HEADERS([security/pam_appl.h]) - Ticket 486 - nsslapd-enablePlugin should not be multivalued - Ticket 488 - Doc: DS error log messages with typo - Trac Ticket #451 - Allow db2ldif to be quiet - Ticket #491 - multimaster_extop_cleanruv returns wrong error codes - Ticket #481 - expand nested posix groups - Trac Ticket #455 - Insufficient rights to unhashed#user#password when user deletes his password - Ticket #446 - anonymous limits are being applied to directory manager * Tue Oct 9 2012 Mark Reynolds - 1.3.0.a1-1 Ticket #28 MOD operations with chained delete/add get back error 53 on backend config Ticket #173 ds-logpipe.py script's man page and script help should be updated for -t option. Ticket #196 RFE: Interpret IPV6 addresses for ACIs, replication, and chaining Ticket #218 RFE - Make RIP working with Replicated Entries Ticket #328 make sure all internal search filters are properly escaped Ticket #329 389-admin build fails on F-18 with new apache Ticket #344 deadlock in replica_write_ruv Ticket #351 use betxn plugins by default Ticket #352 make cos, roles, views betxn aware Ticket #356 logconv.pl - RFE - track bind info Ticket #365 Audit log - clear text password in user changes Ticket #370 Opening merge qualifier CoS entry using RHDS console changes the entry. Ticket #372 Setting nsslapd-listenhost or nsslapd-securelistenhost breaks ACI processing Ticket #386 Overconsumption of memory with large cachememsize and heavy use of ldapmodify Ticket #402 unhashedTicket #userTicket #password in entry extension Ticket #408 Create a normalized dn cache Ticket #453 db2index with -tattrname:type,type fails Ticket #461 fix build problem with mozldap c sdk Ticket #462 add test for include file mntent.h Ticket #463 different parameters of getmntent in Solaris * Tue Sep 25 2012 Rich Megginson - 1.2.11.15-1 - Trac Ticket #470 - 389 prevents from adding a posixaccount with userpassword after schema reload - Ticket 477 - CLEANALLRUV if there are only winsync agmts task will hang - Ticket 457 - dirsrv init script returns 0 even when few or all instances fail to start - Ticket 473 - change VERSION.sh to have console version be major.minor - Ticket 475 - Root DN Access Control - improve value checking for config - Trac Ticket #466 - entry_apply_mod - ADD: Failed to set unhashed#user#password to extension - Ticket 474 - Root DN Access Control - days allowed not working correctly - Ticket 467 - CLEANALLRUV abort task should be able to ignore down replicas - 0b79915 fix compiler warnings in ticket 374 code - Ticket 452 - automember rebuild task adds users to groups that do not match the configuration scope * Fri Sep 7 2012 Rich Megginson - 1.2.11.14-1 - Ticket 450 - CLEANALLRUV task gets stuck on winsync replication agreement - Ticket 386 - large memory growth with ldapmodify(heap fragmentation) - this patch doesn't fix the bug - it allows us to experiment with - different values of mxfast - Ticket #374 - consumer can go into total update mode for no reason * Tue Sep 4 2012 Rich Megginson - 1.2.11.13-1 - Ticket #426 - support posix schema for user and group sync - 1) plugin config ldif must contain pluginid, etc. during upgrade or it - will fail due to schema errors - 2) posix winsync should have a lower precedence (25) than the default (50) - so that it will be run first - 3) posix winsync should support the Winsync API v3 - the v2 functions are - just stubs for now - but the precedence cb is active * Thu Aug 30 2012 Rich Megginson - 1.2.11.12-1 - 8e5087a Coverity defects - 13089: Dereference after null check ldbm_back_delete - Trac Ticket #437 - variable dn should not be used in ldbm_back_delete - ba1f5b2 fix coverity resource leak in windows_plugin_add - e3e81db Simplify program flow: change while loops to for - a0d5dc0 Fix logic errors: del_mod should be latched (might not be last mod), and avoid skipping add-mods (int value 0) - 0808f7e Simplify program flow: make adduids/moduids/deluids action blocks all similar - 77eb760 Simplify program flow: eliminate unnecessary continue - c9e9db7 Memory leaks: unmatched slapi_attr_get_valueset and slapi_value_new - a4ca0cc Change "return"s in modGroupMembership to "break"s to avoid leaking - d49035c Factorize into new isPosixGroup function - 3b61c03 coverity - posix winsync mem leaks, null check, deadcode, null ref, use after free - 33ce2a9 fix mem leaks with parent dn log message, setting winsync windows domain - Ticket #440 - periodic dirsync timed event causes server to loop repeatedly - Ticket #355 - winsync should not delete entry that appears to be out of scope - Ticket 436 - nsds5ReplicaEnabled can be set with any invalid values. - 487932d coverity - mbo dead code - winsync leaks, deadcode, null check, test code - 2734a71 CLEANALLRUV coverity fixes - Ticket #426 - support posix schema for user and group sync - Ticket #430 - server to server ssl client auth broken with latest openldap * Mon Aug 20 2012 Mark Reynolds - 1.2.11.11-1 6c0778f bumped version to 1.2.11.11 Ticket 429 - added nsslapd-readonly to DS schema Ticket 403 - fix CLEANALLRUV regression from last commit Trac Ticket #346 - Slow ldapmodify operation time for large quantities of multi-valued attribute values * Wed Aug 15 2012 Mark Reynolds - 1.2.11.10-1 db6b354 bumped version to 1.2.11.10 Ticket 403 - CLEANALLRUV revisions * Tue Aug 7 2012 Mark Reynolds - 1.2.11.9-1 ea05e69 Bumped version to 1.2.11.9 Ticket 407 - dna memory leak - fix crash from prev fix * Fri Aug 3 2012 Mark Reynolds - 1.2.11.8-1 ddcf669 bump version to 1.2.11.8 for offical release Ticket #425 - support multiple winsync plugins Ticket 403 - cleanallruv coverity fixes Ticket 407 - memory leak in dna plugin Ticket 403 - CLEANALLRUV feature Ticket 413 - "Server is unwilling to perform" when running ldapmodify on nsds5ReplicaStripAttrs 3168f04 Coverity defects 5ff0a02 COVERITY FIXES Ticket #388 - Improve replication agreement status messages 0760116 Update the slapi-plugin documentation on new slapi functions, and added a slapi function for checking on shutdowns Ticket #369 - restore of replica ldif file on second master after deleting two records shows only 1 deletion Ticket #409 - Report during startup if nsslapd-cachememsize is too small Ticket #412 - memberof performance enhancement 12813: Uninitialized pointer read string_values2keys Ticket #346 - Slow ldapmodify operation time for large quantities of multi-valued attribute values Ticket #346 - Slow ldapmodify operation time for large quantities of multi-valued attribute values Ticket #410 - Referential integrity plug-in does not work when update interval is not zero Ticket #406 - Impossible to rename entry (modrdn) with Attribute Uniqueness plugin enabled Ticket #405 - referint modrdn not working if case is different Ticket 399 - slapi_ldap_bind() doesn't check bind results * Wed Jul 18 2012 Fedora Release Engineering - 1.2.11.7-2.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Thu Jun 28 2012 Petr Pisar - 1.2.11.7-2.1 - Perl 5.16 rebuild * Wed Jun 27 2012 Rich Megginson - 1.2.11.7-2 - Ticket 378 - unhashed#user#password visible after changing password - fix func declaration from previous patch - Ticket 366 - Change DS to purge ticket from krb cache in case of authentication error * Wed Jun 27 2012 Rich Megginson - 1.2.11.7-1 - Trac Ticket 396 - Account Usability Control Not Working * Thu Jun 21 2012 Rich Megginson - 1.2.11.6-1 - Ticket #378 - audit log does not log unhashed password: enabled, by default. - Ticket #378 - unhashed#user#password visible after changing password - Ticket #365 - passwords in clear text in the audit log * Tue Jun 19 2012 Rich Megginson - 1.2.11.5-2 - workaround for https://bugzilla.redhat.com/show_bug.cgi?id=833529 * Mon Jun 18 2012 Rich Megginson - 1.2.11.5-1 - Ticket #387 - managed entry sometimes doesn't delete the managed entry - 5903815 improve txn test index handling - Ticket #360 - ldapmodify returns Operations error - fix delete caching - bcfa9e3 Coverity Fix for CLEANALLRUV - Trac Ticket #335 - transaction retries need to be cache aware - Ticket #389 - ADD operations not in audit log - 44cdc84 fix coverity issues with uninit vals, no return checking - Ticket 368 - Make the cleanAllRUV task one step - Ticket #110 - RFE limiting root DN by host, IP, time of day, day of week * Mon Jun 11 2012 Petr Pisar - 1.2.11.4-1.1 - Perl 5.16 rebuild * Tue May 22 2012 Rich Megginson - 1.2.11.4-1 - Ticket #360 - ldapmodify returns Operations error - Ticket #321 - krbExtraData is being null modified and replicated on each ssh login - Trac Ticket #359 - Database RUV could mismatch the one in changelog under the stress - Ticket #361: Bad DNs in ACIs can segfault ns-slapd - Trac Ticket #338 - letters in object's cn get converted to lowercase when renaming object - Ticket #337 - Improve CLEANRUV task * Sat May 5 2012 Rich Megginson - 1.2.11.3-1 - Ticket #358 - managed entry doesn't delete linked entry * Fri May 4 2012 Rich Megginson - 1.2.11.2-1 - Ticket #351 - use betxn plugins by default - revert - make no plugins betxn by default - too great a risk - for deadlocks until we can test this better - Ticket #348 - crash in ldap_initialize with multiple threads - fixes PR_Init problem in ldclt * Wed May 2 2012 Rich Megginson - 1.2.11.1-1 - f227f11 Suppress alert on unavailable port with forced setup - Ticket #353 - coverity 12625-12629 - leaks, dead code, unchecked return - Ticket #351 - use betxn plugins by default - Trac Ticket #345 - db deadlock return should not log error - Ticket #348 - crash in ldap_initialize with multiple threads - Ticket #214 - Adding Replication agreement should complain if required nsds5ReplicaCredentials not supplied - Ticket #207 - [RFE] enable attribute that tracks when a password was last set - Ticket #216 - RFE - Disable replication agreements - Ticket #337 - RFE - Improve CLEANRUV functionality - Ticket #326 - MemberOf plugin should work on all backends - Trac Ticket #19 - Convert entryUSN plugin to transaction aware type - Ticket #347 - IPA dirsvr seg-fault during system longevity test - Trac Ticket #310 - Avoid calling escape_string() for logged DNs - Trac Ticket #338 - letters in object's cn get converted to lowercase when renaming object - Ticket #183 - passwordMaxFailure should lockout password one sooner - Trac Ticket #335 - transaction retries need to be cache aware - Ticket #336 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV) - Ticket #325 - logconv.pl : use of getopts to parse command line options - Ticket #336 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV) - 554e29d Coverity Fixes - Trac Ticket #46 - (additional 2) setup-ds-admin.pl does not like ipv6 only hostnames - Ticket #183 - passwordMaxFailure should lockout password one sooner - and should be configurable to avoid regressions - Ticket #315 - small fix to libglobs - Ticket #315 - ns-slapd exits/crashes if /var fills up - Ticket #20 - Allow automember to work on entries that have already been added - Trac Ticket #45 - Fine Grained Password policy: if passwordHistory is on, deleting the password fails. * Fri Mar 30 2012 Rich Megginson - 1.2.11-0.1.a1 - 453eb97 schema def must have DESC '' - close paren must be preceded by space - Trac Ticket #46 - (additional) setup-ds-admin.pl does not like ipv6 only hostnames - Ticket #331 - transaction errors with db 4.3 and db 4.2 - Ticket #261 - Add Solaris i386 - Ticket #316 and Ticket #70 - add post add/mod and AD add callback hooks - Ticket #324 - Sync with group attribute containing () fails - Ticket #319 - ldap-agent crashes on start with signal SIGSEGV - 77cacd9 coverity 12606 Logically dead code - Trac Ticket #303 - make DNA range requests work with transactions - Ticket #320 - allow most plugins to be betxn plugins - Ticket #24 - Add nsTLS1 to the DS schema - Ticket #271 - Slow shutdown when you have 100+ replication agreements - TIcket #285 - compilation fixes for '--format-security' - Ticket 211 - Avoid preop range requests non-DNA operations - Ticket #271 - replication code cleanup - Ticket 317 - RHDS fractional replication with excluded password policy attributes leads to wrong error messages. - Ticket #308 - Automembership plugin fails if data and config area mixed in the plugin configuration - Ticket #292 - logconv.pl reporting unindexed search with different search base than shown in access logs - 6f8680a coverity 12563 Read from pointer after free (fix 2) - e6a9b22 coverity 12563 Read from pointer after free - 245d494 Config changes fail because of unknown attribute "internalModifiersname" - Ticket #191 - Implement SO_KEEPALIVE in network calls - Ticket #289 - allow betxn plugin config changes - 93adf5f destroy the entry cache and dn cache in the dse post op delete callback - e2532d8 init txn thread private data for all database modes - Ticket #291 - cannot use & in a sasl map search filter - 6bf6e79 Schema Reload crash fix - 60b2d12 Fixing compiler warnings - Trac Ticket #260 - 389 DS does not support multiple paging controls on a single connection - Ticket #302 - use thread local storage for internalModifiersName & internalCreatorsName - fdcc256 Minor bug fix introcuded by commit 69c9f3bf7dd9fe2cadd5eae0ab72ce218b78820e - Ticket #306 - void function cannot return value - ticket 181 - Allow PAM passthru plug-in to have multiple config entries - ticket 211 - Use of uninitialized variables in ldbm_back_modify() - Ticket #74 - Add schema for DNA plugin (RFE) - Ticket #301 - implement transaction support using thread local storage - Ticket #211 - dnaNextValue gets incremented even if the user addition fails - 144af59 coverity uninit var and resource leak - Trac Ticket #34 - remove-ds.pl does not remove everything - Trac Ticket #169 - allow 389 to use db5 - bc78101 fix compiler warning in acct policy plugin - Trac Ticket #84 - 389 Directory Server Unnecessary Checkpoints - Trac Ticket #27 - SASL/PLAIN binds do not work - Ticket #129 - Should only update modifyTimestamp/modifiersName on MODIFYops - Ticket #17 - new replication optimizations * Tue Mar 27 2012 Noriko Hosoi - 1.2.10.4-4 - Ticket #46 - (revised) setup-ds-admin.pl does not like ipv6 only hostnames - Ticket #66 - 389-ds-base spec file does not have a BuildRequires on gcc-c++ * Fri Mar 23 2012 Noriko Hosoi - 1.2.10.4-3 - Ticket #46 - setup-ds-admin.pl does not like ipv6 only hostnames * Wed Mar 21 2012 Rich Megginson - 1.2.10.4-2 - get rid of posttrans - move update code to post * Tue Mar 13 2012 Rich Megginson - 1.2.10.4-1 - Ticket #305 - Certain CMP operations hang or cause ns-slapd to crash * Mon Mar 5 2012 Rich Megginson - 1.2.10.3-1 - b05139b memleak in normalize_mods2bvals - c0eea24 memleak in mep_parse_config_entry - 90bc9eb handle null smods - Ticket #305 - Certain CMP operations hang or cause ns-slapd to crash - Ticket #306 - void function cannot return value - ticket 304 - Fix kernel version checking in dsktune * Thu Feb 23 2012 Rich Megginson - 1.2.10.2-1 - Trac Ticket #298 - crash when replicating orphaned tombstone entry - Ticket #281 - TLS not working with latest openldap - Trac Ticket #290 - server hangs during shutdown if betxn pre/post op fails - Trac Ticket #26 - Please support setting defaultNamingContext in the rootdse * Tue Feb 14 2012 Noriko Hosoi - 1.2.10.1-2 - Ticket #124 - add Provides: ldif2ldbm to rpm * Tue Feb 14 2012 Rich Megginson - 1.2.10.1-1 - Ticket #294 - 389 DS Segfaults during replica install in FreeIPA * Mon Feb 13 2012 Rich Megginson - 1.2.10.0-1 - Ticket 284 - Remove unnecessary SNMP MIB files - Ticket 51 - memory leaks in 389-ds-base-1.2.8.2-1.el5? - Ticket 175 - logconv.pl improvements * Fri Feb 10 2012 Noriko Hosoi - 1.2.10-0.10.rc1.2 - Introducing use_db4 macro to support db5 (libdb). * Fri Feb 10 2012 Petr Pisar - 1.2.10-0.10.rc1.1 - Rebuild against PCRE 8.30 * Thu Feb 2 2012 Rich Megginson - 1.2.10-0.10.rc1 - ad9dd30 coverity 12488 Resource leak In attr_index_config(): Leak of memory or pointers to system resources - Ticket #281 - TLS not working with latest openldap - Ticket #280 - extensible binary filters do not work - Ticket #279 - filter normalization does not use matching rules - Trac Ticket #275 - Invalid read reported by valgrind - Ticket #277 - cannot set repl referrals or state - Ticket #278 - Schema replication update failed: Invalid syntax - Ticket #39 - Account Policy Plugin does not work for simple binds when PAM Pass Through Auth plugin is enabled - Ticket #13 - slapd process exits when put the database on read only mode while updates are coming to the server - Ticket #87 - Manpages fixes - c493fb4 fix a couple of minor coverity issues - Ticket #55 - Limit of 1024 characters for nsMatchingRule - Trac Ticket #274 - Reindexing entryrdn fails if ancestors are also tombstoned - Ticket #6 - protocol error from proxied auth operation - Ticket #38 - nisDomain schema is incorrect - Ticket #273 - ruv tombstone searches don't work after reindex entryrdn - Ticket #29 - Samba3-schema is missing sambaTrustedDomainPassword - Ticket #22 - RFE: Support sendmail LDAP routing schema - Ticket #161 - Review and address latest Coverity issues - Ticket #140 - incorrect memset parameters - Trac Ticket 35 - Log not clear enough on schema errors - Trac Ticket 139 - eliminate the use of char *dn in favor of Slapi_DN *dn - Trac Ticket #52 - FQDN set to nsslapd-listenhost makes the server start fail if IPv4-mapped-IPv6 address is given * Tue Jan 24 2012 Rich Megginson - 1.2.10-0.9.a8 - Ticket #272 - add tombstonenumsubordinates to schema * Mon Jan 23 2012 Rich Megginson - 1.2.10-0.8.a7 - fixes for systemd - remove .pid files after shutting down servers - Ticket #263 - add systemd include directive - Ticket #264 - upgrade needs better check for "server is running" * Fri Jan 20 2012 Rich Megginson - 1.2.10-0.7.a7 - Ticket #262 - pid file not removed with systemd - Ticket #50 - server should not call a plugin after the plugin close function is called - Ticket #18 - Data inconsitency during replication - Ticket #49 - better handling for server shutdown while long running tasks are active - Ticket #15 - Get rid of rwlock.h/rwlock.c and just use slapi_rwlock instead - Ticket #257 - repl-monitor doesn't work if leftmost hostnames are the same - Ticket #12 - 389 DS DNA Plugin / Replication failing on GSSAPI - 6aaeb77 add a hack to disable sasl hostname canonicalization - Ticket 168 - minssf should not apply to rootdse - Ticket #177 - logconv.pl doesn't detect restarts - Ticket #159 - Managed Entry Plugin runs against managed entries upon any update without validating - Ticket 75 - Unconfigure plugin opperations are being called. - Ticket 26 - Please support setting defaultNamingContext in the rootdse. - Ticket #71 - unable to delete managed entry config - Ticket #167 - Mixing transaction and non-transaction plugins can cause deadlock - Ticket #256 - debug build assertion in ACL_EvalDestroy() - Ticket #4 - bak2db gets stuck in infinite loop - Ticket #162 - Infinite loop / spin inside strcmpi_fast, acl_read_access_allowed_on_attr, server DoS - Ticket #3: acl cache overflown problem - Ticket 1 - pre-normalize filter and pre-compile substring regex - and other optimizations - Ticket 2 - If node entries are tombstone'd, subordinate entries fail to get the full DN. * Thu Jan 12 2012 Fedora Release Engineering - 1.2.10-0.6.a6.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Thu Dec 15 2011 Rich Megginson - 1.2.10-0.6.a6 - Bug 755725 - 389 programs linked against openldap crash during shutdown - Bug 755754 - Unable to start dirsrv service using systemd - Bug 745259 - Incorrect entryUSN index under high load in replicated environment - d439e3a use slapi_hexchar2int and slapi_str_to_u8 everywhere - 5910551 csn_init_as_string should not use sscanf - b53ba00 reduce calls to csn_as_string and slapi_log_err - c897267 fix member variable name error in slapi_uniqueIDFormat - 66808e5 uniqueid formatting - use slapi_u8_to_hex instead of sprintf - 580a875 csn_as_string - use slapi_uN_to_hex instead of sprintf - Bug 751645 - crash when simple paged fails to send entry to client - Bug 752155 - Use restorecon after creating init script lock file * Fri Nov 4 2011 Rich Megginson - 1.2.10-0.5.a5 - Bug 751495 - 'setup-ds.pl -u' fails with undefined routine 'updateSystemD' - Bug 750625 750624 750622 744946 Coverity issues - Bug 748575 - part 2 - rhds81 modrdn operation and 100% cpu use in replication - Bug 748575 - rhds81 modrn operation and 100% cpu use in replication - Bug 745259 - Incorrect entryUSN index under high load in replicated environment - f639711 Reduce the number of DN normalization - c06a8fa Keep unhashed password psuedo-attribute in the adding entry - Bug 744945 - nsslapd-counters attribute value cannot be set to "off" - 8d3b921 Use new PLUGIN_CONFIG_ENTRY feature to allow switching between txn and regular - d316a67 Change referential integrity to be a betxnpostoperation plugin * Fri Oct 7 2011 Rich Megginson - 1.2.10-0.4.a4 - Bug 741744 - part3 - MOD operations with chained delete/add get back error 53 - 1d2f5a0 make memberof transaction aware and able to be a betxnpostoperation plug in - b6d3ba7 pass the plugin config entry to the plugin init function - 28f7bfb set the ENTRY_POST_OP for modrdn betxnpostoperation plugins - Bug 743966 - Compiler warnings in account usability plugin * Wed Oct 5 2011 Rich Megginson - 1.2.10.a3-0.3 - 498c42b fix transaction support in ldbm_delete * Wed Oct 5 2011 Rich Megginson - 1.2.10.a2-0.2 - Bug 740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations - Bug 741744 - MOD operations with chained delete/add get back error 53 on backend config - Bug 742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user * Wed Sep 21 2011 Rich Megginson - 1.2.10.a1-0.1 - Bug 695736 - Providing native systemd file * Wed Sep 7 2011 Rich Megginson - 1.2.9.10-2 - corrected source * Wed Sep 7 2011 Rich Megginson - 1.2.9.10-1 - Bug 735114 - renaming a managed entry does not update mepmanagedby * Thu Sep 1 2011 Rich Megginson - 1.2.9.9-1 - Bug 735121 - simple paged search + ip/dns based ACI hangs server - Bug 722292 - (cov#11030) Leak of mapped_sdn in winsync rename code - Bug 703990 - cross-platform - Support upgrade from Red Hat Directory Server - Introducing an environment variable USE_VALGRIND to clean up the entry cache and dn cache on exit. * Wed Aug 31 2011 Rich Megginson - 1.2.9.8-1 - Bug 732153 - subtree and user account lockout policies implemented? - Bug 722292 - Entries in DS are not updated properly when using WinSync API * Wed Aug 24 2011 Rich Megginson - 1.2.9.7-1 - Bug 733103 - large targetattr list with syntax errors cause server to crash or hang - Bug 633803 - passwordisglobalpolicy attribute brakes TLS chaining - Bug 732541 - Ignore error 32 when adding automember config - Bug 728592 - Allow ns-slapd to start with an invalid server cert * Wed Aug 10 2011 Rich Megginson - 1.2.9.6-1 - Bug 728510 - Run dirsync after sending updates to AD - Bug 729717 - Fatal error messages when syncing deletes from AD - Bug 729369 - upgrade DB to upgrade from entrydn to entryrdn format is not working. - Bug 729378 - delete user subtree container in AD + modify password in DS == DS crash - Bug 723937 - Slapi_Counter API broken on 32-bit F15 - fixed again - separate tests for atomic ops and atomic bool cas * Mon Aug 8 2011 Rich Megginson - 1.2.9.5-1 - Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error - Fix another coverity NULL deref in previous patch * Thu Aug 4 2011 Rich Megginson - 1.2.9.4-1 - Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error - Fix coverity NULL deref in previous patch * Wed Aug 3 2011 Rich Megginson - 1.2.9.3-1 - Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error - previous patch broke build on el5 * Wed Aug 3 2011 Rich Megginson - 1.2.9.2-1 - Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error * Tue Aug 2 2011 Rich Megginson - 1.2.9.1-2 - Bug 723937 - Slapi_Counter API broken on 32-bit F15 - fixed to use configure test for GCC provided 64-bit atomic functions * Wed Jul 27 2011 Rich Megginson - 1.2.9.1-1 - Bug 663752 - Cert renewal for attrcrypt and encchangelog - this was "re-fixed" due to a deadlock condition with cl2ldif task cancel - Bug 725953 - Winsync: DS entries fail to sync to AD, if the User's CN entry contains a comma - Bug 725743 - Make memberOf use PRMonitor for it's operation lock - Bug 725542 - Instance upgrade fails when upgrading 389-ds-base package - Bug 723937 - Slapi_Counter API broken on 32-bit F15 * Thu Jul 21 2011 Petr Sabata - 1.2.9.0-1.2 - Perl mass rebuild * Wed Jul 20 2011 Petr Sabata - 1.2.9.0-1.1 - Perl mass rebuild * Fri Jul 15 2011 Rich Megginson - 1.2.9.0-1 - Bug 720059 - RDN with % can cause crashes or missing entries - Bug 709468 - RSA Authentication Server timeouts when using simple paged results on RHDS 8.2. - Bug 691313 - Need TLS/SSL error messages in repl status and errors log - Bug 712855 - Directory Server 8.2 logs "Netscape Portable Runtime error -5961 (TCP connection reset by peer.)" to error log whereas Directory Server 8.1 did not - Bug 713209 - Update sudo schema - Bug 719069 - clean up compiler warnings in 389-ds-base 1.2.9 - Bug 718303 - Intensive updates on masters could break the consumer's cache - Bug 711679 - unresponsive LDAP service when deleting vlv on replica * Mon Jun 27 2011 Rich Megginson - 1.2.9-0.2.a2 - 389-ds-base-1.2.9.a2 - look for separate openldap ldif library - Split automember regex rules into separate entries - writing Inf file shows SchemaFile = ARRAY(0xhexnum) - add support for ldif files with changetype: add - Bug 716980 - winsync uses old AD entry if new one not found - Bug 697694 - rhds82 - incr update state stop_fatal_error "requires administrator action", with extop_result: 9 - bump console version to 1.2.6 - Bug 711679 - unresponsive LDAP service when deleting vlv on replica - Bug 703703 - setup-ds-admin.pl asks for legal agreement to a non-existant file - Bug 706209 - LEGAL: RHEL6.1 License issue for 389-ds-base package - Bug 663752 - Cert renewal for attrcrypt and encchangelog - Bug 706179 - DS can not restart after create a new objectClass has entryusn attribute - Bug 711906 - ns-slapd segfaults using suffix referrals - Bug 707384 - only allow FIPS approved cipher suites in FIPS mode - Bug 710377 - Import with chain-on-update crashes ns-slapd - Bug 709826 - Memory leak: when extra referrals configured * Fri Jun 17 2011 Marcela Mašláňová - 1.2.9-0.1.a1.2 - Perl mass rebuild * Fri Jun 10 2011 Marcela Mašláňová - 1.2.9-0.1.a1.1 - Perl 5.14 mass rebuild * Thu May 26 2011 Rich Megginson - 1.2.9-0.1.a1 - 389-ds-base-1.2.9.a1 - Auto Membership - More Coverity fixes * Mon May 2 2011 Rich Megginson - 1.2.8.3-1 - 389-ds-base-1.2.8.3 - Bug 700145 - userpasswd not replicating - Bug 700557 - Linked attrs callbacks access free'd pointers after close - Bug 694336 - Group sync hangs Windows initial Sync - Bug 700215 - ldclt core dumps - Bug 695779 - windows sync can lose old values when a new value is added - Bug 697027 - 12 - minor memory leaks found by Valgrind + TET * Thu Apr 14 2011 Rich Megginson - 1.2.8.2-1 - 389-ds-base-1.2.8.2 - Bug 696407 - If an entry with a mixed case RDN is turned to be - a tombstone, it fails to assemble DN from entryrdn * Fri Apr 8 2011 Rich Megginson - 1.2.8.1-1 - 389-ds-base-1.2.8.1 - Bug 693962 - Full replica push loses some entries with multi-valued RDNs * Tue Apr 5 2011 Rich Megginson - 1.2.8.0-1 - 389-ds-base-1.2.8.0 - Bug 693473 - rhds82 rfe - windows_tot_run to log Sizelimit exceeded instead of LDAP error - -1 - Bug 692991 - rhds82 - windows_tot_run: failed to obtain data to send to the consumer; LDAP error - -1 - Bug 693466 - Unable to change schema online - Bug 693503 - matching rules do not inherit from superior attribute type - Bug 693455 - nsMatchingRule does not work with multiple values - Bug 693451 - cannot use localized matching rules - Bug 692331 - Segfault on index update during full replication push on 1.2.7.5 * Mon Apr 4 2011 Rich Megginson - 1.2.8-0.10.rc5 - 389-ds-base-1.2.8.rc5 - Bug 692469 - Replica install fails after step for "enable GSSAPI for replication" * Tue Mar 29 2011 Rich Megginson - 1.2.8-0.9.rc4 - 389-ds-base-1.2.8.rc4 - Bug 668385 - DS pipe log script is executed as many times as the dirsrv serv ice is restarted - 389-ds-base-1.2.8.rc3 - Bug 690955 - Mrclone fails due to the replica generation id mismatch * Tue Mar 22 2011 Rich Megginson - 1.2.8-0.8.rc2 - 389-ds-base-1.2.8 release candidate 2 - git tag 389-ds-base-1.2.8.rc2 - Bug 689537 - (cov#10610) Fix Coverity NULL pointer dereferences - Bug 689866 - ns-newpwpolicy.pl needs to use the new DN format - Bug 681015 - RFE: allow fine grained password policy duration attributes - in days, hours, minutes, as well - Bug 684996 - Exported tombstone cannot be imported correctly - Bug 683250 - slapd crashing when traffic replayed - Bug 668909 - Can't modify replication agreement in some cases - Bug 504803 - Allow maxlogsize to be set if logmaxdiskspace is -1 - Bug 644784 - Memory leak in "testbind.c" plugin - Bug 680558 - Winsync plugin fails to restrain itself to the configured subtree * Mon Mar 7 2011 Caolán McNamara - 1.2.8-0.7.rc1 - rebuild for icu 4.6 * Wed Mar 2 2011 Rich Megginson - 1.2.8-0.6.rc1 - 389-ds-base-1.2.8 release candidate 1 - git tag 389-ds-base-1.2.8.rc1 - Bug 518890 - setup-ds-admin.pl - improve hostname validation - Bug 681015 - RFE: allow fine grained password policy duration attributes in - days, hours, minutes, as well - Bug 514190 - setup-ds-admin.pl --debug does not log to file - Bug 680555 - ns-slapd segfaults if I have more than 100 DBs - Bug 681345 - setup-ds.pl should set SuiteSpotGroup automatically - Bug 674852 - crash in ldap-agent when using OpenLDAP - Bug 679978 - modifying attr value crashes the server, which is supposed to - be indexed as substring type, but has octetstring syntax - Bug 676655 - winsync stops working after server restart - Bug 677705 - ds-logpipe.py script is failing to validate "-s" and - "--serverpid" options with "-t". - Bug 625424 - repl-monitor.pl doesn't work in hub node * Mon Feb 28 2011 Rich Megginson - 1.2.8-0.5.a3 - Bug 676598 - 389-ds-base multilib: file conflicts - split off libs into a separate -libs package * Thu Feb 24 2011 Rich Megginson - 1.2.8-0.4.a3 - do not create /var/run/dirsrv - setup will create it instead - remove the fedora-ds initscript upgrade stuff - we do not support that anymore - convert the remaining lua stuff to plain old shell script * Wed Feb 9 2011 Rich Megginson - 1.2.8-0.3.a3 - 1.2.8.a3 release - git tag 389-ds-base-1.2.8.a3 - Bug 675320 - empty modify operation with repl on or lastmod off will crash server - Bug 675265 - preventryusn gets added to entries on a failed delete - Bug 677774 - added support for tmpfiles.d - Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result search es - Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH - Bug 671199 - Don't allow other to write to rundir - Bug 678646 - Ignore tombstone operations in managed entry plug-in - Bug 676053 - export task followed by import task causes cache assertion - Bug 677440 - clean up compiler warnings in 389-ds-base 1.2.8 - Bug 675113 - ns-slapd core dump in windows_tot_run if oneway sync is used - Bug 676689 - crash while adding a new user to be synced to windows - Bug 604881 - admin server log files have incorrect permissions/ownerships - Bug 668385 - DS pipe log script is executed as many times as the dirsrv serv ice is restarted - Bug 675853 - dirsrv crash segfault in need_new_pw() * Mon Feb 07 2011 Fedora Release Engineering - 1.2.8-0.2.a2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Thu Feb 3 2011 Rich Megginson - 1.2.8-0.2.a2 - 1.2.8.a2 release - git tag 389-ds-base-1.2.8.a2 - Bug 674430 - Improve error messages for attribute uniqueness - Bug 616213 - insufficient stack size for HP-UX on PA-RISC - Bug 615052 - intrinsics and 64-bit atomics code fails to compile - on PA-RISC - Bug 151705 - Need to update Console Cipher Preferences with new ciphers - Bug 668862 - init scripts return wrong error code - Bug 670616 - Allow SSF to be set for local (ldapi) connections - Bug 667935 - DS pipe log script's logregex.py plugin is not redirecting the - log output to the text file - Bug 668619 - slapd stops responding - Bug 624547 - attrcrypt should query the given slot/token for - supported ciphers - Bug 646381 - Faulty password for nsmultiplexorcredentials does not give any - error message in logs * Fri Jan 21 2011 Nathan Kinder - 1.2.8-0.1.a1 - 1.2.8-0.1.a1 release - git tag 389-ds-base-1.2.8.a1 - many bug fixes * Thu Dec 16 2010 Rich Megginson - 1.2.7.5-1 - 1.2.7.5 release - git tag 389-ds-base-1.2.7.5 - Bug 663597 - Memory leaks in normalization code * Tue Dec 14 2010 Rich Megginson - 1.2.7.4-2 - Resolves: bug 656541 - use %ghost on files in /var/lock * Fri Dec 10 2010 Rich Megginson - 1.2.7.4-1 - 1.2.7.4 release - git tag 389-ds-base-1.2.7.4 - Bug 661792 - Valid managed entry config rejected * Wed Dec 8 2010 Rich Megginson - 1.2.7.3-1 - 1.2.7.3 release - git tag 389-ds-base-1.2.7.3 - Bug 658312 - Invalid free in Managed Entry plug-in - Bug 641944 - Don't normalize non-DN RDN values * Fri Dec 3 2010 Rich Megginson - 1.2.7.2-1 - 1.2.7.2 release - git tag 389-ds-base-1.2.7.2 - Bug 659456 - Incorrect usage of ber_printf() in winsync code - Bug 658309 - Process escaped characters in managed entry mappings - Bug 197886 - Initialize return value for UUID generation code - Bug 658312 - Allow mapped attribute types to be quoted - Bug 197886 - Avoid overflow of UUID generator * Tue Nov 23 2010 Rich Megginson - 1.2.7.1-2 - last commit had bogus commit log * Tue Nov 23 2010 Rich Megginson - 1.2.7.1-1 - 1.2.7.1 release - git tag 389-ds-base-1.2.7.1 - Bug 656515 - Allow Name and Optional UID syntax for grouping attributes - Bug 656392 - Remove calls to ber_err_print() - Bug 625950 - hash nsslapd-rootpw changes in audit log * Tue Nov 16 2010 Nathan Kinder - 1.2.7-2 - 1.2.7 release - git tag 389-ds-base-1.2.7 * Fri Nov 12 2010 Nathan Kinder - 1.2.7-1 - Bug 648949 - Merge dirsrv and dirsrv-admin policy modules into base policy * Tue Nov 9 2010 Rich Megginson - 1.2.7-0.6.a5 - 1.2.7.a5 release - git tag 389-ds-base-1.2.7.a5 - Bug 643979 - Strange byte sequence for attribute with no values (nsslapd-ref erral) - Bug 635009 - Add one-way AD sync capability - Bug 572018 - Upgrading from 1.2.5 to 1.2.6.a2 deletes userRoot - put replication config entries in separate file - Bug 567282 - server can not abandon searchRequest of "simple paged results" - Bug 329751 - "nested" filtered roles searches candidates more than needed - Bug 521088 - DNA should check ACLs before getting a value from the range * Mon Nov 1 2010 Rich Megginson - 1.2.7-0.5.a4 - 1.2.7.a4 release - git tag 389-ds-base-1.2.7.a4 - Bug 647932 - multiple memberOf configuration adding memberOf where there is no member - Bug 491733 - dbtest crashes - Bug 606545 - core schema should include numSubordinates - Bug 638773 - permissions too loose on pid and lock files - Bug 189985 - Improve attribute uniqueness error message - Bug 619623 - attr-unique-plugin ignores requiredObjectClass on modrdn operat ions - Bug 619633 - Make attribute uniqueness obey requiredObjectClass * Wed Oct 27 2010 Rich Megginson - 1.2.7-0.4.a3 - 1.2.7.a3 release - a2 was never released - this is a rebuild to pick up - Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs - Adding the ancestorid fix code to ##upgradednformat.pl. * Fri Oct 22 2010 Rich Megginson - 1.2.7-0.3.a3 - 1.2.7.a3 release - a2 was never released - Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs - Bug 629681 - Retro Changelog trimming does not behave as expected - Bug 645061 - Upgrade: 06inetorgperson.ldif and 05rfc4524.ldif - are not upgraded in the server instance schema dir * Tue Oct 19 2010 Rich Megginson - 1.2.7-0.2.a2 - 1.2.7.a2 release - a1 was the OpenLDAP testday release - git tag 389-ds-base-1.2.7.a2 - added openldap support on platforms that use openldap with moznss - for crypto (F-14 and later) - many bug fixes - Account Policy Plugin (keep track of last login, disable old accounts) * Fri Oct 8 2010 Rich Megginson - 1.2.7-0.1.a1 - added openldap support * Wed Sep 29 2010 Rich Megginson - 1.2.6.1-3 - bump rel to rebuild again * Mon Sep 27 2010 Rich Megginson - 1.2.6.1-2 - bump rel to rebuild * Thu Sep 23 2010 Rich Megginson - 1.2.6.1-1 - This is the 1.2.6.1 release - git tag 389-ds-base-1.2.6.1 - Bug 634561 - Server crushes when using Windows Sync Agreement - Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self - Bug 612264 - ACI issue with (targetattr='userPassword') - Bug 606920 - anonymous resource limit- nstimelimit - also applied to "cn=directory manager" - Bug 631862 - crash - delete entries not in cache + referint * Thu Aug 26 2010 Rich Megginson - 1.2.6-1 - This is the final 1.2.6 release * Tue Aug 10 2010 Rich Megginson - 1.2.6-0.11.rc7 - 1.2.6 release candidate 7 - git tag 389-ds-base-1.2.6.rc7 - Bug 621928 - Unable to enable replica (rdn problem?) on 1.2.6 rc6 * Mon Aug 2 2010 Rich Megginson - 1.2.6-0.10.rc6 - 1.2.6 release candidate 6 - git tag 389-ds-base-1.2.6.rc6 - Bug 617013 - repl-monitor.pl use cpu upto 90% - Bug 616618 - 389 v1.2.5 accepts 2 identical entries with different DN formats - Bug 547503 - replication broken again, with 389 MMR replication and TCP errors - Bug 613833 - Allow dirsrv_t to bind to rpc ports - Bug 612242 - membership change on DS does not show on AD - Bug 617629 - Missing aliases in new schema files - Bug 619595 - Upgrading sub suffix under non-normalized suffix disappears - Bug 616608 - SIGBUS in RDN index reads on platforms with strict alignments - Bug 617862 - Replication: Unable to delete tombstone errors - Bug 594745 - Get rid of dirsrv_lib_t label * Wed Jul 14 2010 Rich Megginson - 1.2.6-0.9.rc3 - make selinux-devel explicit Require the base package in order - to comply with Fedora Licensing Guidelines * Thu Jul 1 2010 Rich Megginson - 1.2.6-0.8.rc3 - 1.2.6 release candidate 3 - git tag 389-ds-base-1.2.6.rc3 - Bug 603942 - null deref in _ger_parse_control() for subjectdn - 609256 - Selinux: pwdhash fails if called via Admin Server CGI - 578296 - Attribute type entrydn needs to be added when subtree rename switch is on - 605827 - In-place upgrade: upgrade dn format should not run in setup-ds-admin.pl - Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll - Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll - 606920 - anonymous resource limit - nstimelimit - also applied to "cn=directory manager" * Wed Jun 16 2010 Rich Megginson - 1.2.6-0.7.rc2 - 1.2.6 release candidate 2 * Mon Jun 14 2010 Nathan Kinder - 1.2.6-0.6.rc1 - install replication session plugin header with devel package * Wed Jun 9 2010 Rich Megginson - 1.2.6-0.5.rc1 - 1.2.6 release candidate 1 * Tue Jun 01 2010 Marcela Maslanova - 1.2.6-0.4.a4.1 - Mass rebuild with perl-5.12.0 * Wed May 26 2010 Rich Megginson - 1.2.6-0.4.a4 - 1.2.6.a4 release * Wed Apr 7 2010 Nathan Kinder - 1.2.6-0.4.a3 - 1.2.6.a3 release - add managed entries plug-in - many bug fixes - moved selinux subpackage into base package * Fri Apr 2 2010 Caolán McNamara - 1.2.6-0.3.a2 - rebuild for icu 4.4 * Tue Mar 2 2010 Rich Megginson - 1.2.6-0.2.a2 - 1.2.6.a2 release - add support for matching rules - many bug fixes * Thu Jan 14 2010 Nathan Kinder - 1.2.6-0.1.a1 - 1.2.6.a1 release - Added SELinux policy and subpackages * Tue Jan 12 2010 Rich Megginson - 1.2.5-1 - 1.2.5 final release * Mon Jan 4 2010 Rich Megginson - 1.2.5-0.5.rc4 - 1.2.5.rc4 release * Thu Dec 17 2009 Rich Megginson - 1.2.5-0.4.rc3 - 1.2.5.rc3 release * Mon Dec 7 2009 Rich Megginson - 1.2.5-0.3.rc2 - 1.2.5.rc2 release * Wed Dec 2 2009 Rich Megginson - 1.2.5-0.2.rc1 - 1.2.5.rc1 release * Thu Nov 12 2009 Rich Megginson - 1.2.5-0.1.a1 - 1.2.5.a1 release * Thu Oct 29 2009 Rich Megginson - 1.2.4-1 - 1.2.4 release - resolves bug 221905 - added support for Salted MD5 (SMD5) passwords - primarily for migration - resolves bug 529258 - Make upgrade remove obsolete schema from 99user.ldif * Mon Sep 14 2009 Rich Megginson - 1.2.3-1 - 1.2.3 release - added template-initconfig to %files - %posttrans now runs update to update the server instances - servers are shutdown, then restarted if running before install - scriptlets mostly use lua now to pass data among scriptlet phases * Tue Sep 01 2009 Caolán McNamara - 1.2.2-2 - rebuild with new openssl to fix dependencies * Tue Aug 25 2009 Rich Megginson - 1.2.2-1 - backed out - added template-initconfig to %files - this change is for the next major release - bump version to 1.2.2 - fix reopened 509472 db2index all does not reindex all the db backends correctly - fix 518520 - pre hashed salted passwords do not work - see https://bugzilla.redhat.com/show_bug.cgi?id=518519 for the list of - bugs fixed in 1.2.2 * Fri Aug 21 2009 Tomas Mraz - 1.2.1-5 - rebuilt with new openssl * Wed Aug 19 2009 Noriko Hosoi - 1.2.1-4 - added template-initconfig to %files * Wed Aug 12 2009 Rich Megginson - 1.2.1-3 - added BuildRequires pcre * Fri Jul 24 2009 Fedora Release Engineering - 1.2.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Mon May 18 2009 Rich Megginson - 1.2.1-1 - change name to 389 - change version to 1.2.1 - added initial support for numeric string syntax - added initial support for syntax validation - added initial support for paged results including sorting * Tue Apr 28 2009 Rich Megginson - 1.2.0-4 - final release 1.2.0 - Resolves: bug 475338 - LOG: the intenal type of maxlogsize, maxdiskspace and minfreespace should be 64-bit integer - Resolves: bug 496836 - SNMP ldap-agent on Solaris: Unable to open semaphore for server: 389 - CVS tag: FedoraDirSvr_1_2_0 FedoraDirSvr_1_2_0_20090428 * Mon Apr 6 2009 Rich Megginson - 1.2.0-3 - re-enable ppc builds * Thu Apr 2 2009 Rich Megginson - 1.2.0-2 - exclude ppc builds - needs extensive porting work * Mon Mar 30 2009 Rich Megginson - 1.2.0-1 - new release 1.2.0 - Made devel package depend on mozldap-devel - only create run dir if it does not exist - CVS tag: FedoraDirSvr_1_2_0_RC1 FedoraDirSvr_1_2_0_RC1_20090330 * Thu Oct 30 2008 Noriko Hosoi - 1.1.3-7 - added db4-utils to Requires for verify-db.pl * Mon Oct 13 2008 Noriko Hosoi - 1.1.3-6 - Enabled LDAPI autobind * Thu Oct 9 2008 Rich Megginson - 1.1.3-5 - updated update to patch bug463991-bdb47.patch * Thu Oct 9 2008 Rich Megginson - 1.1.3-4 - updated patch bug463991-bdb47.patch * Mon Sep 29 2008 Rich Megginson - 1.1.3-3 - added patch bug463991-bdb47.patch - make ds work with bdb 4.7 * Wed Sep 24 2008 Rich Megginson - 1.1.3-2 - rolled back bogus winsync memory leak fix * Tue Sep 23 2008 Rich Megginson - 1.1.3-1 - winsync api improvements for modify operations * Fri Jun 13 2008 Rich Megginson - 1.1.2-1 - This is the 1.1.2 release. The bugs fixed can be found here - https://bugzilla.redhat.com/showdependencytree.cgi?id=452721 - Added winsync-plugin.h to the devel subpackage * Fri Jun 6 2008 Rich Megginson - 1.1.1-2 - bump rev to rebuild and pick up new version of ICU * Fri May 23 2008 Rich Megginson - 1.1.1-1 - 1.1.1 release candidate - several bug fixes * Wed Apr 16 2008 Rich Megginson - 1.1.0.1-4 - fix bugzilla 439829 - patch to allow working with NSS 3.11.99 and later * Tue Mar 18 2008 Tom "spot" Callaway - 1.1.0.1-3 - add patch to allow server to work with NSS 3.11.99 and later - do NSS_Init after fork but before detaching from console * Tue Mar 18 2008 Tom "spot" Callaway - 1.1.0.1-3 - add Requires for versioned perl (libperl.so) * Wed Feb 27 2008 Rich Megginson - 1.1.0.1-2 - previous fix for 434403 used the wrong patch - this is the right one * Wed Feb 27 2008 Rich Megginson - 1.1.0.1-1 - Resolves bug 434403 - GCC 4.3 build fails - Rolled new source tarball which includes Nathan's fix for the struct ucred - NOTE: Change version back to 1.1.1 for next release - this release was pulled from CVS tag FedoraDirSvr110_gcc43 * Tue Feb 19 2008 Fedora Release Engineering - 1.1.0-5 - Autorebuild for GCC 4.3 * Thu Dec 20 2007 Rich Megginson - 1.1.0-4 - This is the GA release of Fedora DS 1.1 - Removed version numbers for BuildRequires and Requires - Added full URL to source tarball * Fri Dec 07 2007 Release Engineering - 1.1.0-3 - Rebuild for deps * Wed Nov 7 2007 Rich Megginson - 1.1.0-2.0 - This is the beta2 release - new file added to package - /etc/sysconfig/dirsrv - for setting - daemon environment as is usual in other linux daemons * Thu Aug 16 2007 Rich Megginson - 1.1.0-1.2 - fix build breakage due to open() - mock could not find BuildRequires: db4-devel >= 4.2.52 - mock works if >= version is removed - it correctly finds db4.6 * Fri Aug 10 2007 Rich Megginson - 1.1.0-1.1 - Change pathnames to use the pkgname macro which is dirsrv - get rid of cvsdate in source name * Fri Jul 20 2007 Rich Megginson - 1.1.0-0.3.20070720 - Added Requires for perldap, cyrus sasl plugins - Removed template-migrate* files - Added perl module directory - Removed install.inf - setup-ds.pl can now easily generate one * Mon Jun 18 2007 Nathan Kinder - 1.1.0-0.2.20070320 - added requires for mozldap-tools * Tue Mar 20 2007 Rich Megginson - 1.1.0-0.1.20070320 - update to latest sources - added migrateTo11 to allow migrating instances from 1.0.x to 1.1 - ldapi support - fixed pam passthru plugin ENTRY method * Fri Feb 23 2007 Rich Megginson - 1.1.0-0.1.20070223 - Renamed package to fedora-ds-base, but keep names of paths/files/services the same - use the shortname macro (fedora-ds) for names of paths, files, and services instead - of name, so that way we can continue to use e.g. /etc/fedora-ds instead of /etc/fedora-ds-base - updated to latest sources * Tue Feb 13 2007 Rich Megginson - 1.1.0-0.1.20070213 - More cleanup suggested by Dennis Gilmore - This is the fedora extras candidate based on cvs tag FedoraDirSvr110a1 * Fri Feb 9 2007 Rich Megginson - 1.1.0-1.el4.20070209 - latest sources - added init scripts - use /etc as instconfigdir * Wed Feb 7 2007 Rich Megginson - 1.1.0-1.el4.20070207 - latest sources - moved all executables to _bindir * Mon Jan 29 2007 Rich Megginson - 1.1.0-1.el4.20070129 - latest sources - added /var/tmp/fedora-ds to dirs * Fri Jan 26 2007 Rich Megginson - 1.1.0-8.el4.20070125 - added logconv.pl - added slapi-plugin.h to devel package - added explicit dirs for /var/log/fedora-ds et. al. * Thu Jan 25 2007 Rich Megginson - 1.1.0-7.el4.20070125 - just move all .so files into the base package from the devel package * Thu Jan 25 2007 Rich Megginson - 1.1.0-6.el4.20070125 - Move the plugin *.so files into the main package instead of the devel - package because they are loaded directly by name via dlopen * Fri Jan 19 2007 Rich Megginson - 1.1.0-5.el4.20070125 - Move the script-templates directory to datadir/fedora-ds * Fri Jan 19 2007 Rich Megginson - 1.1.0-4.el4.20070119 - change mozldap to mozldap6 * Fri Jan 19 2007 Rich Megginson - 1.1.0-3.el4.20070119 - remove . from cvsdate define * Fri Jan 19 2007 Rich Megginson - 1.1.0-2.el4.20070119 - Having a problem building in Brew - may be Release format * Fri Jan 19 2007 Rich Megginson - 1.1.0-1.el4.cvs20070119 - Changed version to 1.1.0 and added Release 1.el4.cvs20070119 - merged in changes from Fedora Extras candidate spec file * Mon Jan 15 2007 Rich Megginson - 1.1-0.1.cvs20070115 - Bump component versions (nspr, nss, svrcore, mozldap) to their latest - remove unneeded patches * Tue Jan 09 2007 Dennis Gilmore - 1.1-0.1.cvs20070108 - update to a cvs snapshot - fedorafy the spec - create -devel subpackage - apply a patch to use mozldap not mozldap6 - apply a patch to allow --prefix to work correctly * Mon Dec 4 2006 Rich Megginson - 1.0.99-16 - Fixed the problem where the server would crash upon shutdown in dblayer - due to a race condition among the database housekeeping threads - Fix a problem with normalized absolute paths for db directories * Tue Nov 28 2006 Rich Megginson - 1.0.99-15 - Touch all of the ldap/admin/src/scripts/*.in files so that they - will be newer than their corresponding script template files, so - that make will rebuild them. * Mon Nov 27 2006 Rich Megginson - 1.0.99-14 - Chown new schema files when copying during instance creation * Tue Nov 21 2006 Rich Megginson - 1.0.99-13 - Configure will get ldapsdk_bindir from pkg-config, or $libdir/mozldap6 * Tue Nov 21 2006 Rich Megginson - 1.0.99-12 - use eval to sed ./configure into ../configure * Tue Nov 21 2006 Rich Megginson - 1.0.99-11 - jump through hoops to be able to run ../configure * Tue Nov 21 2006 Rich Megginson - 1.0.99-10 - Need to make built dir in setup section * Tue Nov 21 2006 Rich Megginson - 1.0.99-9 - The template scripts needed to use @libdir@ instead of hardcoding - /usr/lib - Use make DESTDIR=$RPM_BUILD_ROOT install instead of % makeinstall - do the actual build in a "built" subdirectory, until we remove - the old script templates * Thu Nov 16 2006 Rich Megginson - 1.0.99-8 - Make replication plugin link with libdb * Wed Nov 15 2006 Rich Megginson - 1.0.99-7 - Have make define LIBDIR, BINDIR, etc. for C code to use - especially for create_instance.h * Tue Nov 14 2006 Rich Megginson - 1.0.99-6 - Forgot to checkin new config.h.in for AC_CONFIG_HEADERS * Tue Nov 14 2006 Rich Megginson - 1.0.99-5 - Add perldap as a Requires; update sources * Thu Nov 9 2006 Rich Megginson - 1.0.99-4 - Fix ds_newinst.pl - Remove obsolete #defines * Thu Nov 9 2006 Rich Megginson - 1.0.99-3 - Update sources; rebuild to populate brew yum repo with dirsec-nss * Tue Nov 7 2006 Rich Megginson - 1.0.99-2 - Update sources * Thu Nov 2 2006 Rich Megginson - 1.0.99-1 - initial revision