Version bump in the 2.1 series. These latest ebuilds are now setup

so that ldap services drop root privileges on startup.  Please
comment on bug #8780.

7 files changed, 287 insertions, 1 deletions

diff --git a/net-nds/openldap/ChangeLog b/net-nds/openldap/ChangeLog
index 8ddcdc0e50ff..f08ac8c2cd89 100644
--- a/net-nds/openldap/ChangeLog
+++ b/net-nds/openldap/ChangeLog
@@ -1,6 +1,17 @@
 # ChangeLog for net-nds/openldap
 # Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL
-# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.21 2002/12/21 21:20:03 raker Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/ChangeLog,v 1.22 2003/01/01 22:02:35 raker Exp $
+
+*openldap-2.0.27-r1 (01 Jan 2002)
+*openldap-2.1.10 (01 Jan 2002)
+
+  01 Jan 2002; Nick Hadaway <raker@gentoo.org> openldap-2.0.27-r1.ebuild,
+  openldap-2.1.10.ebuild, files/digest-openldap-2.0.27-r1,
+  files/digest-openldap-2.1.10, files/slapd-2.1.rc6,
+  files/slurpd-2.1.rc6 :
+  Version bump in the 2.1 series.  These latest ebuilds are now setup
+  so that ldap services drop root privileges on startup.  Please
+  comment on bug #8780.
 
 *openldap-2.1.9 (18 Dec 2002)
 
diff --git a/net-nds/openldap/files/digest-openldap-2.0.27-r1 b/net-nds/openldap/files/digest-openldap-2.0.27-r1
new file mode 100644
index 000000000000..06cad419992d
--- /dev/null
+++ b/net-nds/openldap/files/digest-openldap-2.0.27-r1
@@ -0,0 +1 @@
+MD5 a1e6508c471dd47205a3492cf57110a6 openldap-2.0.27.tgz 1305050
diff --git a/net-nds/openldap/files/digest-openldap-2.1.10 b/net-nds/openldap/files/digest-openldap-2.1.10
new file mode 100644
index 000000000000..6fc6b4ed1170
--- /dev/null
+++ b/net-nds/openldap/files/digest-openldap-2.1.10
@@ -0,0 +1 @@
+MD5 a716dd0307c6145679fd3e1e41b78ad5 openldap-2.1.10.tgz 2057363
diff --git a/net-nds/openldap/files/slapd-2.1.rc6 b/net-nds/openldap/files/slapd-2.1.rc6
new file mode 100644
index 000000000000..f51d9568a959
--- /dev/null
+++ b/net-nds/openldap/files/slapd-2.1.rc6
@@ -0,0 +1,20 @@
+#!/sbin/runscript
+# Copyright 1999-2002 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License, v2 or later
+# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/files/slapd-2.1.rc6,v 1.1 2003/01/01 22:02:35 raker Exp $
+
+depend() {
+	need net
+}
+
+start() {
+	ebegin "Starting ldap-server"
+	start-stop-daemon --start --quiet --pidfile /var/state/openldap/slapd.pid --exec /usr/lib/openldap/slapd -- -u ldap -g ldap
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping ldap-server"
+	start-stop-daemon --stop --quiet --pidfile /var/state/openldap/slapd.pid --exec /usr/lib/openldap/slapd -- -u ldap -g ldap
+	eend $?
+}
diff --git a/net-nds/openldap/files/slurpd-2.1.rc6 b/net-nds/openldap/files/slurpd-2.1.rc6
new file mode 100644
index 000000000000..d0d6a19280fd
--- /dev/null
+++ b/net-nds/openldap/files/slurpd-2.1.rc6
@@ -0,0 +1,20 @@
+#!/sbin/runscript
+# Copyright 1999-2002 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License, v2 or later
+# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/files/slurpd-2.1.rc6,v 1.1 2003/01/01 22:02:35 raker Exp $
+
+depend() {
+	need net
+}
+
+start() {
+	ebegin "Starting slurpd"
+	start-stop-daemon --start --quiet --exec /usr/lib/openldap/slurpd
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping slurpd"
+	start-stop-daemon --stop --quiet --exec /usr/lib/openldap/slurpd
+	eend $?
+}
diff --git a/net-nds/openldap/openldap-2.0.27-r1.ebuild b/net-nds/openldap/openldap-2.0.27-r1.ebuild
new file mode 100644
index 000000000000..fc9a4135eeb0
--- /dev/null
+++ b/net-nds/openldap/openldap-2.0.27-r1.ebuild
@@ -0,0 +1,111 @@
+# Copyright 1999-2002 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/openldap-2.0.27-r1.ebuild,v 1.1 2003/01/01 22:02:35 raker Exp $
+
+DESCRIPTION="LDAP suite of application and development tools"
+SRC_URI="ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/${P}.tgz"
+HOMEPAGE="http://www.OpenLDAP.org/"
+
+SLOT="0"
+KEYWORDS="~x86 ~ppc"
+LICENSE="OPENLDAP"
+IUSE="ssl tcpd readline ipv6 gdbm ldap kerberos odbc"
+
+DEPEND="virtual/glibc
+	>=sys-libs/ncurses-5.1
+	>=sys-libs/db-3
+	tcpd?	  ( >=sys-apps/tcp-wrappers-7.6 )
+	ssl?	  ( >=dev-libs/openssl-0.9.6 )
+	readline? ( >=sys-libs/readline-4.1 )
+	gdbm?     ( >=sys-libs/gdbm-1.8.0 )
+	kerberos? ( >=app-crypt/krb5-1.2.6 )
+	odbc?     ( dev-db/unixODBC )"
+
+RDEPEND="virtual/glibc
+	>=sys-libs/ncurses-5.1
+	gdbm? ( >=sys-libs/gdbm-1.8.0 )"
+
+pkg_preinst() {
+        if ! grep -q ^ldap: /etc/group
+        then
+                groupadd -g 439 ldap || die "problem adding group ldap"
+        fi
+        if ! grep -q ^ldap: /etc/passwd
+        then
+                useradd -u 439 -d /usr/lib/openldap -g ldap -s /dev/null ldap \
+                        || die "problem adding user ldap"
+        fi
+}
+
+
+src_compile() {
+	local myconf
+
+	if [ -n "$DEBUG" ]; then
+		myconf="--enable-debug"
+	else
+		myconf="--disable-debug"
+	fi
+
+	use kerberos \
+		&& myconf="${myconf} --with-kerberos --enable-kpasswd" \
+		|| myconf="${myconf} --without-kerberos --disable-kpasswd"
+
+	use readline \
+		&& myconf="${myconf} --with-readline" \
+		|| myconf="${myconf} --without-readline"
+
+	use ssl \
+		&& myconf="${myconf} --with-tls" \
+		|| myconf="${myconf} --without-tls"
+
+	use tcpd \
+		&& myconf="${myconf} --enable-wrappers" \
+		|| myconf="${myconf} --disable-wrappers"
+
+	use ipv6 && myconf="${myconf} --enable-ipv6" \
+		|| myconf="${myconf} --disable-ipv6"
+
+	use odbc && myconf="${myconf} --enable-sql" \
+		|| myconf="${myconf} --disable-sql"
+
+	econf \
+		--libexecdir=/usr/lib/openldap \
+		--enable-crypt \
+		--enable-modules \
+		--enable-phonetic \
+		--enable-dynamic \
+		--enable-ldap \
+		--disable-sasl \
+		--disable-spasswd \
+		--enable-passwd \
+		--enable-shell \
+		--enable-slurpd \
+		--enable-ldbm \
+		--with-ldbm-api=auto \
+		${myconf} || die "configure failed"
+
+	make depend || die "make depend failed"
+
+	make || die "make failed"
+
+	cd tests ; make || die "make tests failed"
+
+}
+
+src_install() {
+
+	make DESTDIR=${D} install || die "make install failed"
+
+	chmod ldap:ldap ${D}/etc/openldap/slapd.conf
+	dodir /var/state/openldap/openldap-ldbm
+	chmod ldap:ldap ${D}var/state/openldap/openldap-ldbm
+
+	dodoc ANNOUNCEMENT CHANGES COPYRIGHT README LICENSE
+	docinto rfc ; dodoc doc/rfc/*.txt
+
+	exeinto /etc/init.d
+	newexe ${FILESDIR}/slapd-2.1.rc6 slapd
+	newexe ${FILESDIR}/slurpd-2.1.rc6 slurpd
+
+}
diff --git a/net-nds/openldap/openldap-2.1.10.ebuild b/net-nds/openldap/openldap-2.1.10.ebuild
new file mode 100644
index 000000000000..03b07e8494ae
--- /dev/null
+++ b/net-nds/openldap/openldap-2.1.10.ebuild
@@ -0,0 +1,122 @@
+# Copyright 1999-2002 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/openldap-2.1.10.ebuild,v 1.1 2003/01/01 22:02:35 raker Exp $
+
+IUSE="ssl tcpd readline ipv6 gdbm ldap sasl kerberos odbc"
+
+S=${WORKDIR}/${P}
+DESCRIPTION="LDAP suite of application and development tools"
+SRC_URI="ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/${P}.tgz"
+HOMEPAGE="http://www.OpenLDAP.org/"
+
+SLOT="0"
+KEYWORDS="-x86 -ppc"
+LICENSE="OPENLDAP"
+
+DEPEND="virtual/glibc
+	>=sys-libs/ncurses-5.1
+	>=sys-libs/readline-4.2a
+	>=sys-libs/db-4.0.14
+	tcpd?	  ( >=sys-apps/tcp-wrappers-7.6 )
+	ssl?	  ( >=dev-libs/openssl-0.9.6 )
+	readline? ( >=sys-libs/readline-4.1 )
+	gdbm?     ( >=sys-libs/gdbm-1.8.0 )
+	sasl?     ( >=dev-libs/cyrus-sasl-2.1.7-r3 )
+	kerberos? ( >=app-crypt/krb5-1.2.6 )
+	odbc?     ( dev-db/unixODBC )"
+
+RDEPEND="virtual/glibc
+	>=sys-libs/ncurses-5.1
+	gdbm? ( >=sys-libs/gdbm-1.8.0 )"
+
+pkg_preinst() {
+        if ! grep -q ^ldap: /etc/group
+        then
+                groupadd -g 439 ldap || die "problem adding group ldap"
+        fi
+        if ! grep -q ^ldap: /etc/passwd
+        then
+                useradd -u 439 -d /usr/lib/openldap -g ldap -s /dev/null ldap \
+                        || die "problem adding user ldap"
+        fi
+}
+
+
+src_compile() {
+	local myconf
+
+	if [ -z "$DEBUGBUILD" ]; then
+		myconf="--enable-debug"
+	else
+		myconf="--disable-debug"
+	fi
+
+	use sasl \
+		&& myconf="${myconf} --with-cyrus-sasl --enable-spasswd" \
+		|| myconf="${myconf} --without-cyrus-sasl --disable-spasswd"
+
+	use kerberos \
+		&& myconf="${myconf} --with-kerberos --enable-kpasswd" \
+		|| myconf="${myconf} --without-kerberos --disable-kpasswd"
+
+	use readline \
+		&& myconf="${myconf} --with-readline" \
+		|| myconf="${myconf} --without-readline"
+
+	use ssl \
+		&& myconf="${myconf} --with-tls" \
+		|| myconf="${myconf} --without-tls"
+
+	use tcpd \
+		&& myconf="${myconf} --enable-wrappers" \
+		|| myconf="${myconf} --disable-wrappers"
+
+	use ipv6 && myconf="${myconf} --enable-ipv6" \
+		|| myconf="${myconf} --disable-ipv6"
+
+        use odbc && myconf="${myconf} --enable-sql" \
+                || myconf="${myconf} --disable-sql"
+
+	econf \
+		--libexecdir=/usr/lib/openldap \
+		--enable-crypt \
+		--enable-dynamic \
+		--enable-lmpasswd \
+		--enable-modules \
+		--enable-phonetic \
+		--enable-rewrite \
+		--enable-slp \
+		--enable-meta \
+		--enable-monitor \
+		--enable-passwd \
+		--enable-perl \
+		--enable-shell \
+		--enable-slurpd \
+		--enable-ldbm \
+		--with-ldbm-api=auto \
+		${myconf} || die "configure failed"
+
+	make depend || die "make depend failed"
+
+	make || die "make failed"
+
+	cd tests ; make || die "make tests failed"
+
+}
+
+src_install() {
+
+	make DESTDIR=${D} install || die "make install failed"
+
+	chmod ldap:ldap ${D}/etc/openldap/slapd.conf
+        dodir /var/state/openldap/openldap-ldbm
+        chmod ldap:ldap ${D}var/state/openldap/openldap-ldbm
+
+	dodoc ANNOUNCEMENT CHANGES COPYRIGHT README LICENSE
+	docinto rfc ; dodoc doc/rfc/*.txt
+
+	exeinto /etc/init.d
+	newexe ${FILESDIR}/slapd-2.1.rc6 slapd
+	newexe ${FILESDIR}/slurpd-2.1.rc6 slurpd
+
+}