diff options
Diffstat (limited to 'main/openldap')
-rw-r--r-- | main/openldap/APKBUILD | 152 |
1 files changed, 77 insertions, 75 deletions
diff --git a/main/openldap/APKBUILD b/main/openldap/APKBUILD index 877dd274c1..d8d01f1ccf 100644 --- a/main/openldap/APKBUILD +++ b/main/openldap/APKBUILD @@ -1,4 +1,9 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> +# +# secfixes: +# 2.4.44-r5: +# - CVE-2017-9287 +# pkgname=openldap pkgver=2.4.45 pkgrel=0 @@ -6,19 +11,14 @@ pkgdesc="LDAP Server" url="http://www.openldap.org/" arch="all" license="custom" -depends= +depends="" pkgusers="ldap" pkggroups="ldap" depends_dev="libressl-dev cyrus-sasl-dev util-linux-dev" makedepends="$depends_dev db-dev groff unixodbc-dev libtool mosquitto-dev autoconf automake libtool" -subpackages="$pkgname-dev $pkgname-doc libldap $pkgname-back-sql:sql - $pkgname-back-bdb:bdb $pkgname-back-hdb:hdb $pkgname-back-ldap:ldap - $pkgname-back-meta:meta $pkgname-back-monitor:monitor $pkgname-clients - $pkgname-mqtt - $pkgname-passwd-pbkdf2:passwd_pbkdf2 - " - +subpackages="$pkgname-dev $pkgname-doc libldap + $pkgname-clients $pkgname-mqtt $pkgname-passwd-pbkdf2:passwd_pbkdf2" install="$pkgname.pre-install" source="ftp://ftp.$pkgname.org/pub/OpenLDAP/$pkgname-release/$pkgname-$pkgver.tgz openldap-2.4-ppolicy.patch @@ -31,23 +31,24 @@ source="ftp://ftp.$pkgname.org/pub/OpenLDAP/$pkgname-release/$pkgname-$pkgver.tg slapd.confd slurpd.initd " +builddir="$srcdir/$pkgname-$pkgver" -# secfixes: -# 2.4.44-r5: -# - CVE-2017-9287 +for _name in bdb hdb ldap meta monitor sql; do + subpackages="$subpackages $pkgname-back-$_name:_backend" +done prepare() { - cd "$srcdir"/$pkgname-$pkgver - update_config_sub || return 1 - default_prepare || return 1 + cd "$builddir" + update_config_sub + default_prepare - sed -e '/^STRIP/s,-s,,g' \ - -i build/top.mk || return 1 - libtoolize --force && aclocal && autoconf || return 1 + sed -i '/^STRIP/s,-s,,g' build/top.mk + libtoolize --force && aclocal && autoconf } build () { - cd "$srcdir"/$pkgname-$pkgver + cd "$builddir" + ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -74,94 +75,95 @@ build () { --enable-sql=mod \ --enable-overlays=mod \ --with-tls=openssl \ - --with-cyrus-sasl \ - || return 1 - make || return 1 + --with-cyrus-sasl + make - # build mqtt overlay + # Build MQTT overlay. make prefix=/usr libexec=/usr/lib \ - -C contrib/slapd-modules/mqtt || return 1 + -C contrib/slapd-modules/mqtt - # build passwd pbkdf2 + # Build passwd pbkdf2. make prefix=/usr libexecdir=/usr/lib \ - -C contrib/slapd-modules/passwd/pbkdf2 || return 1 + -C contrib/slapd-modules/passwd/pbkdf2 } package() { - cd "$srcdir"/$pkgname-$pkgver - make DESTDIR="$pkgdir" install || return 1 + cd "$builddir" + + make DESTDIR="$pkgdir" install + + # Install MQTT overlay. + make DESTDIR="$pkgdir" prefix=/usr libexec=/usr/lib \ + -C contrib/slapd-modules/mqtt install + + # Install passwd pbkdf2. + make DESTDIR="$pkgdir" prefix=/usr libexecdir=/usr/lib \ + -C contrib/slapd-modules/passwd/pbkdf2 install + + cd "$pkgdir" + + mv usr/lib/slapd usr/sbin/ - install -d -o ldap -g ldap "$pkgdir"/var/run/openldap \ - "$pkgdir"/var/lib/openldap sed -i -e 's:/var/lib/openldap/run:/var/run/openldap:g' \ -e 's:back_bdb.la:back_bdb.so:' \ -e 's:back_hdb.la:back_hdb.so:' \ -e 's:back_ldap.la:back_ldap.so:' \ - "$pkgdir"/etc/openldap/slapd.conf || return 1 - - mv "$pkgdir"/usr/lib/slapd "$pkgdir"/usr/sbin/ || reteurn 1 - chgrp ldap "$pkgdir"/etc/openldap/slapd.conf - chmod g+r "$pkgdir"/etc/openldap/slapd.conf - chown -R ldap.ldap "$pkgdir"/var/lib/openldap/openldap-data - chmod 700 "$pkgdir"/var/lib/openldap \ - "$pkgdir"/var/lib/openldap/openldap-data - chown -R ldap.ldap "$pkgdir"/var/lib/openldap/openldap-data - - install -Dm755 "$srcdir"/slapd.initd "$pkgdir"/etc/init.d/slapd - install -Dm755 "$srcdir"/slapd.confd "$pkgdir"/etc/conf.d/slapd - install -Dm755 "$srcdir"/slurpd.initd "$pkgdir"/etc/init.d/slurpd - # FIXME: symlinks in sbin are symlinked to /usr/lib/slapd - ln -s /usr/sbin/slapd "$pkgdir"/usr/lib/slapd + etc/openldap/slapd.conf + chgrp ldap etc/openldap/slapd.conf + chmod g+r etc/openldap/slapd.conf - # install mqtt overlay - make DESTDIR="$pkgdir" prefix=/usr libexec=/usr/lib \ - -C contrib/slapd-modules/mqtt install || return 1 + install -d -m 700 -o ldap -g ldap \ + var/lib/openldap \ + var/lib/openldap/openldap-data - # install passwd pbkdf2 - make DESTDIR="$pkgdir" prefix=/usr libexecdir=/usr/lib \ - -C contrib/slapd-modules/passwd/pbkdf2 install || return 1 + install -D -m 755 "$srcdir"/slapd.initd etc/init.d/slapd + install -D -m 644 "$srcdir"/slapd.confd etc/conf.d/slapd + install -D -m 755 "$srcdir"/slurpd.initd etc/init.d/slurpd + + # FIXME: symlinks in sbin are symlinked to /usr/lib/slapd + ln -s ../sbin/slapd usr/lib/slapd } libldap() { pkgdesc="OpenLDAP libraries" - depends= - install= - mkdir -p "$subpkgdir"/usr/lib "$subpkgdir"/etc/openldap - mv "$pkgdir"/usr/lib/*.so* "$subpkgdir"/usr/lib/ - mv "$pkgdir"/etc/openldap/ldap.conf "$subpkgdir"/etc/openldap/ -} + depends="" + install="" -_backend() { - pkgdesc="OpenLDAP ${2:-$1} backend" - mkdir -p "$subpkgdir"/usr/lib/openldap - mv "$pkgdir"/usr/lib/openldap/back_$1* "$subpkgdir"/usr/lib/openldap/ + _submv "usr/lib/*.so*" etc/openldap/ldap.conf } -bdb() { _backend bdb ; } -hdb() { _backend hdb ; } -sql() { _backend sql ODBC; } -ldap() { _backend ldap LDAP; } -meta() { _backend meta; } -monitor() { _backend monitor; } - clients() { pkgdesc="LDAP client utilities" - mkdir -p "$subpkgdir"/usr - mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ + + _submv usr/bin } mqtt() { pkgdesc="OpenLDAP MQTT overlay" - depends=$pkgname - mkdir -p "$subpkgdir"/usr/lib/openldap - mv "$pkgdir"/usr/lib/openldap/mqtt.* "$subpkgdir"/usr/lib/openldap || return 1 + depends="$pkgname" + + _submv "usr/lib/openldap/mqtt.*" } passwd_pbkdf2() { pkgdesc="PBKDF2 OpenLDAP support" - depends=$pkgname - mkdir -p "$subpkgdir"/usr/lib/openldap - mv "$pkgdir"/usr/lib/openldap/pw-pbkdf2.* "$subpkgdir"/usr/lib/openldap || return 1 + depends="$pkgname" + + _submv "usr/lib/openldap/pw-pbkdf2.*" +} + +_backend() { + backend_name="${subpkgname#openldap-back-}" + pkgdesc="OpenLDAP $backend_name backend" + + _submv "usr/lib/openldap/back_$backend_name*" +} + +_submv() { + local path; for path in "$@"; do + mkdir -p "$subpkgdir"/${path%/*} + mv "$pkgdir"/$path "$subpkgdir"/${path%/*}/ + done } sha512sums="1c9fc84efed8998f107ce6e1c6be3f5466388241afdca0cb3847720c9def0bc263a2dbc15bf0f9112d1b4c391fd01e8531a4fb08c5532c30fb86924c08daedab openldap-2.4.45.tgz |