b682e9
b682e9
%global pkgname   dirsrv
b682e9
%global srcname   389-ds-base
b682e9
b682e9
# Exclude i686 bit arches
b682e9
ExcludeArch: i686
b682e9
b682e9
# for a pre-release, define the prerel field e.g. .a1 .rc2 - comment out for official release
b682e9
# also remove the space between % and global - this space is needed because
b682e9
# fedpkg verrel stupidly ignores comment lines
b682e9
#% global prerel .rc3
b682e9
# also need the relprefix field for a pre-release e.g. .0 - also comment out for official release
b682e9
#% global relprefix 0.
b682e9
b682e9
# If perl-Socket-2.000 or newer is available, set 0 to use_Socket6.
b682e9
%global use_Socket6 0
b682e9
b682e9
%global use_asan 0
5d81fc
%global use_rust 1
8394b4
%global use_legacy 1
b682e9
%global bundle_jemalloc 1
b682e9
%if %{use_asan}
b682e9
%global bundle_jemalloc 0
b682e9
%endif
b682e9
b682e9
%if %{bundle_jemalloc}
b682e9
%global jemalloc_name jemalloc
8394b4
%global jemalloc_ver 5.2.1
b682e9
%global __provides_exclude ^libjemalloc\\.so.*$
b682e9
%endif
b682e9
b682e9
# Use Clang instead of GCC
b682e9
%global use_clang 0
b682e9
b682e9
# fedora 15 and later uses tmpfiles.d
b682e9
# otherwise, comment this out
b682e9
%{!?with_tmpfiles_d: %global with_tmpfiles_d %{_sysconfdir}/tmpfiles.d}
b682e9
b682e9
# systemd support
b682e9
%global groupname %{pkgname}.target
b682e9
b682e9
# set PIE flag
b682e9
%global _hardened_build 1
b682e9
5d81fc
# Filter argparse-manpage from autogenerated package Requires
5d81fc
%global __requires_exclude ^python.*argparse-manpage
5d81fc
b682e9
Summary:          389 Directory Server (base)
b682e9
Name:             389-ds-base
b2bc38
Version:          1.4.3.28
d4a1c3
Release:          %{?relprefix}8%{?prerel}%{?dist}
b682e9
License:          GPLv3+
b682e9
URL:              https://www.port389.org
b682e9
Group:            System Environment/Daemons
b682e9
Conflicts:        selinux-policy-base < 3.9.8
b682e9
Conflicts:        freeipa-server < 4.0.3
b682e9
Obsoletes:        %{name} <= 1.4.0.9
b682e9
Provides:         ldif2ldbm >= 0
b682e9
5d81fc
##### Bundled cargo crates list - START #####
5d81fc
Provides:  bundled(crate(ansi_term)) = 0.11.0
5d81fc
Provides:  bundled(crate(atty)) = 0.2.14
5d81fc
Provides:  bundled(crate(autocfg)) = 1.0.1
b2bc38
Provides:  bundled(crate(base64)) = 0.13.0
b2bc38
Provides:  bundled(crate(bitflags)) = 1.3.2
b2bc38
Provides:  bundled(crate(byteorder)) = 1.4.3
5d81fc
Provides:  bundled(crate(cbindgen)) = 0.9.1
b2bc38
Provides:  bundled(crate(cc)) = 1.0.71
5d81fc
Provides:  bundled(crate(cfg-if)) = 1.0.0
5d81fc
Provides:  bundled(crate(clap)) = 2.33.3
b2bc38
Provides:  bundled(crate(entryuuid)) = 0.1.0
b2bc38
Provides:  bundled(crate(entryuuid_syntax)) = 0.1.0
b2bc38
Provides:  bundled(crate(fernet)) = 0.1.4
5d81fc
Provides:  bundled(crate(foreign-types)) = 0.3.2
5d81fc
Provides:  bundled(crate(foreign-types-shared)) = 0.1.1
b2bc38
Provides:  bundled(crate(getrandom)) = 0.2.3
b2bc38
Provides:  bundled(crate(hermit-abi)) = 0.1.19
b2bc38
Provides:  bundled(crate(itoa)) = 0.4.8
b2bc38
Provides:  bundled(crate(jobserver)) = 0.1.24
5d81fc
Provides:  bundled(crate(lazy_static)) = 1.4.0
b2bc38
Provides:  bundled(crate(libc)) = 0.2.104
5d81fc
Provides:  bundled(crate(librnsslapd)) = 0.1.0
5d81fc
Provides:  bundled(crate(librslapd)) = 0.1.0
b2bc38
Provides:  bundled(crate(log)) = 0.4.14
b2bc38
Provides:  bundled(crate(once_cell)) = 1.8.0
b2bc38
Provides:  bundled(crate(openssl)) = 0.10.36
b2bc38
Provides:  bundled(crate(openssl-sys)) = 0.9.67
b2bc38
Provides:  bundled(crate(paste)) = 0.1.18
b2bc38
Provides:  bundled(crate(paste-impl)) = 0.1.18
b2bc38
Provides:  bundled(crate(pkg-config)) = 0.3.20
b2bc38
Provides:  bundled(crate(ppv-lite86)) = 0.2.14
b2bc38
Provides:  bundled(crate(proc-macro-hack)) = 0.5.19
b2bc38
Provides:  bundled(crate(proc-macro2)) = 1.0.30
b2bc38
Provides:  bundled(crate(quote)) = 1.0.10
b2bc38
Provides:  bundled(crate(rand)) = 0.8.4
b2bc38
Provides:  bundled(crate(rand_chacha)) = 0.3.1
b2bc38
Provides:  bundled(crate(rand_core)) = 0.6.3
b2bc38
Provides:  bundled(crate(rand_hc)) = 0.3.1
b2bc38
Provides:  bundled(crate(redox_syscall)) = 0.2.10
5d81fc
Provides:  bundled(crate(remove_dir_all)) = 0.5.3
5d81fc
Provides:  bundled(crate(rsds)) = 0.1.0
5d81fc
Provides:  bundled(crate(ryu)) = 1.0.5
b2bc38
Provides:  bundled(crate(serde)) = 1.0.130
b2bc38
Provides:  bundled(crate(serde_derive)) = 1.0.130
b2bc38
Provides:  bundled(crate(serde_json)) = 1.0.68
5d81fc
Provides:  bundled(crate(slapd)) = 0.1.0
b2bc38
Provides:  bundled(crate(slapi_r_plugin)) = 0.1.0
5d81fc
Provides:  bundled(crate(strsim)) = 0.8.0
b2bc38
Provides:  bundled(crate(syn)) = 1.0.80
b2bc38
Provides:  bundled(crate(synstructure)) = 0.12.6
b2bc38
Provides:  bundled(crate(tempfile)) = 3.2.0
5d81fc
Provides:  bundled(crate(textwrap)) = 0.11.0
5d81fc
Provides:  bundled(crate(toml)) = 0.5.8
b2bc38
Provides:  bundled(crate(unicode-width)) = 0.1.9
b2bc38
Provides:  bundled(crate(unicode-xid)) = 0.2.2
b2bc38
Provides:  bundled(crate(uuid)) = 0.8.2
b2bc38
Provides:  bundled(crate(vcpkg)) = 0.2.15
5d81fc
Provides:  bundled(crate(vec_map)) = 0.8.2
b2bc38
Provides:  bundled(crate(wasi)) = 0.10.2+wasi_snapshot_preview1
5d81fc
Provides:  bundled(crate(winapi)) = 0.3.9
5d81fc
Provides:  bundled(crate(winapi-i686-pc-windows-gnu)) = 0.4.0
5d81fc
Provides:  bundled(crate(winapi-x86_64-pc-windows-gnu)) = 0.4.0
b2bc38
Provides:  bundled(crate(zeroize)) = 1.4.2
b2bc38
Provides:  bundled(crate(zeroize_derive)) = 1.2.0
5d81fc
##### Bundled cargo crates list - END #####
5d81fc
b682e9
BuildRequires:    nspr-devel
b682e9
BuildRequires:    nss-devel >= 3.34
b682e9
BuildRequires:    perl-generators
b682e9
BuildRequires:    openldap-devel
b682e9
BuildRequires:    libdb-devel
b682e9
BuildRequires:    cyrus-sasl-devel
b682e9
BuildRequires:    icu
b682e9
BuildRequires:    libicu-devel
b682e9
BuildRequires:    pcre-devel
b682e9
BuildRequires:    cracklib-devel
b682e9
%if %{use_clang}
b682e9
BuildRequires:    libatomic
b682e9
BuildRequires:    clang
b682e9
%else
b682e9
BuildRequires:    gcc
b682e9
BuildRequires:    gcc-c++
b682e9
%endif
b682e9
# The following are needed to build the snmp ldap-agent
b682e9
BuildRequires:    net-snmp-devel
b682e9
BuildRequires:    lm_sensors-devel
b682e9
BuildRequires:    bzip2-devel
b682e9
BuildRequires:    zlib-devel
b682e9
BuildRequires:    openssl-devel
b682e9
# the following is for the pam passthru auth plug-in
b682e9
BuildRequires:    pam-devel
b682e9
BuildRequires:    systemd-units
b682e9
BuildRequires:    systemd-devel
b682e9
%if %{use_asan}
b682e9
BuildRequires:    libasan
b682e9
%endif
b682e9
# If rust is enabled
b682e9
%if %{use_rust}
b682e9
BuildRequires: cargo
b682e9
BuildRequires: rust
b682e9
%endif
b682e9
BuildRequires:    pkgconfig
b682e9
BuildRequires:    pkgconfig(systemd)
232633
BuildRequires:    pkgconfig(krb5)
b682e9
b682e9
# Needed to support regeneration of the autotool artifacts.
b682e9
BuildRequires:    autoconf
b682e9
BuildRequires:    automake
b682e9
BuildRequires:    libtool
b682e9
# For our documentation
b682e9
BuildRequires:    doxygen
b682e9
# For tests!
b682e9
BuildRequires:    libcmocka-devel
b682e9
BuildRequires:    libevent-devel
b682e9
# For lib389 and related components
b682e9
BuildRequires:    python%{python3_pkgversion}
b682e9
BuildRequires:    python%{python3_pkgversion}-devel
b682e9
BuildRequires:    python%{python3_pkgversion}-setuptools
b682e9
BuildRequires:    python%{python3_pkgversion}-ldap
b682e9
BuildRequires:    python%{python3_pkgversion}-six
b682e9
BuildRequires:    python%{python3_pkgversion}-pyasn1
b682e9
BuildRequires:    python%{python3_pkgversion}-pyasn1-modules
b682e9
BuildRequires:    python%{python3_pkgversion}-dateutil
b682e9
BuildRequires:    python%{python3_pkgversion}-argcomplete
b682e9
BuildRequires:    python%{python3_pkgversion}-argparse-manpage
b682e9
BuildRequires:    python%{python3_pkgversion}-policycoreutils
b682e9
BuildRequires:    python%{python3_pkgversion}-libselinux
b682e9
b682e9
# For cockpit
b682e9
BuildRequires:    rsync
b682e9
b682e9
Requires:         %{name}-libs = %{version}-%{release}
b682e9
Requires:         python%{python3_pkgversion}-lib389 = %{version}-%{release}
b682e9
b682e9
# this is needed for using semanage from our setup scripts
b682e9
Requires:         policycoreutils-python-utils
b682e9
Requires:         /usr/sbin/semanage
b682e9
Requires:         libsemanage-python%{python3_pkgversion}
b682e9
b682e9
Requires:         selinux-policy >= 3.14.1-29
b682e9
b682e9
# the following are needed for some of our scripts
b682e9
Requires:         openldap-clients
b682e9
Requires:         openssl-perl
b682e9
Requires:         python%{python3_pkgversion}-ldap
b682e9
b682e9
# this is needed to setup SSL if you are not using the
b682e9
# administration server package
b682e9
Requires:         nss-tools
b682e9
Requires:         nss >= 3.34
b682e9
b682e9
# these are not found by the auto-dependency method
b682e9
# they are required to support the mandatory LDAP SASL mechs
b682e9
Requires:         cyrus-sasl-gssapi
b682e9
Requires:         cyrus-sasl-md5
b682e9
Requires:         cyrus-sasl-plain
b682e9
b682e9
# this is needed for verify-db.pl
b682e9
Requires:         libdb-utils
b682e9
8394b4
# Needed for password dictionary checks
8394b4
Requires:         cracklib-dicts
8394b4
b682e9
# This picks up libperl.so as a Requires, so we add this versioned one
b682e9
Requires:         perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
b682e9
Requires:         perl-Errno >= 1.23-360
b682e9
b682e9
# Needed by logconv.pl
b682e9
Requires:         perl-DB_File
b682e9
Requires:         perl-Archive-Tar
b682e9
232633
# Needed for password dictionary checks
232633
Requires:         cracklib-dicts
232633
b682e9
# Picks up our systemd deps.
b682e9
%{?systemd_requires}
b682e9
b682e9
Obsoletes:        %{name} <= 1.3.5.4
b682e9
232633
Source0:          https://releases.pagure.org/389-ds-base/%{name}-%{version}.tar.bz2
b682e9
# 389-ds-git.sh should be used to generate the source tarball from git
b682e9
Source1:          %{name}-git.sh
b682e9
Source2:          %{name}-devel.README
b682e9
%if %{bundle_jemalloc}
b682e9
Source3:          https://github.com/jemalloc/%{jemalloc_name}/releases/download/%{jemalloc_ver}/%{jemalloc_name}-%{jemalloc_ver}.tar.bz2
b682e9
%endif
5d81fc
%if %{use_rust}
b2bc38
Source4:          vendor-%{version}-1.tar.gz
5d81fc
Source5:          Cargo.lock
5d81fc
%endif
b2bc38
b2bc38
Patch01:          0001-Issue-4678-RFE-automatique-disable-of-virtual-attrib.patch
b2bc38
Patch02:          0002-Issue-4943-Fix-csn-generator-to-limit-time-skew-drif.patch
b2bc38
Patch03:          0003-Issue-3584-Fix-PBKDF2_SHA256-hashing-in-FIPS-mode-49.patch
b2bc38
Patch04:          0004-Issue-4956-Automember-allows-invalid-regex-and-does-.patch
b2bc38
Patch05:          0005-Issue-4092-systemd-tmpfiles-warnings.patch
b2bc38
Patch06:          0006-Issue-4973-installer-changes-permissions-on-run.patch
b2bc38
Patch07:          0007-Issue-4973-update-snmp-to-use-run-dirsrv-for-PID-fil.patch
b2bc38
Patch08:          0008-Issue-4978-make-installer-robust.patch
b2bc38
Patch09:          0009-Issue-4972-gecos-with-IA5-introduces-a-compatibility.patch
b2bc38
Patch10:          0010-Issue-4997-Function-declaration-compiler-error-on-1..patch
b2bc38
Patch11:          0011-Issue-4978-use-more-portable-python-command-for-chec.patch
b2bc38
Patch12:          0012-Issue-4959-Invalid-etc-hosts-setup-can-cause-isLocal.patch
b2bc38
Patch13:          0013-CVE-2021-4091-BZ-2030367-double-free-of-the-virtual-.patch
b2bc38
Patch14:          0014-Issue-5127-run-restorecon-on-dev-shm-at-server-start.patch
b2bc38
Patch15:          0015-Issue-5127-ds_selinux_restorecon.sh-always-exit-0.patch
b2bc38
Patch16:          0016-Issue-4775-Add-entryuuid-CLI-and-Fixup-4776.patch
b2bc38
Patch17:          0017-Issue-4775-Fix-cherry-pick-error.patch
07ea61
Patch18:          0018-Issue-5221-User-with-expired-password-can-still-logi.patch
07ea61
Patch19:          0019-Issue-5242-Craft-message-may-crash-the-server-5243.patch
d4a1c3
Patch20:          0020-Issue-5418-Sync_repl-may-crash-while-managing-invali.patch
b682e9
b682e9
%description
b682e9
389 Directory Server is an LDAPv3 compliant server.  The base package includes
b682e9
the LDAP server and command line utilities for server administration.
b682e9
%if %{use_asan}
b682e9
WARNING! This build is linked to Address Sanitisation libraries. This probably
b682e9
isn't what you want. Please contact support immediately.
b682e9
Please see http://seclists.org/oss-sec/2016/q1/363 for more information.
b682e9
%endif
b682e9
b682e9
%package          libs
b682e9
Summary:          Core libraries for 389 Directory Server
b682e9
Group:            System Environment/Daemons
b682e9
BuildRequires:    nspr-devel
b682e9
BuildRequires:    nss-devel >= 3.34
b682e9
BuildRequires:    openldap-devel
b682e9
BuildRequires:    libdb-devel
b682e9
BuildRequires:    cyrus-sasl-devel
b682e9
BuildRequires:    libicu-devel
b682e9
BuildRequires:    pcre-devel
b682e9
BuildRequires:    libtalloc-devel
b682e9
BuildRequires:    libevent-devel
b682e9
BuildRequires:    libtevent-devel
b682e9
Requires:         krb5-libs
b682e9
Requires:         libevent
b682e9
BuildRequires:    systemd-devel
b682e9
Provides:         svrcore = 4.1.4
b682e9
Conflicts:        svrcore
b682e9
Obsoletes:        svrcore <= 4.1.3
b682e9
b682e9
%description      libs
b682e9
Core libraries for the 389 Directory Server base package.  These libraries
b682e9
are used by the main package and the -devel package.  This allows the -devel
b682e9
package to be installed with just the -libs package and without the main package.
b682e9
8394b4
%if %{use_legacy}
b682e9
%package          legacy-tools
8394b4
Summary:          Legacy utilities for 389 Directory Server
b682e9
Group:            System Environment/Daemons
b682e9
Obsoletes:        %{name} <= 1.4.0.9
232633
Requires:         %{name}-libs = %{version}-%{release}
b682e9
# for setup-ds.pl to support ipv6
b682e9
%if %{use_Socket6}
b682e9
Requires:         perl-Socket6
b682e9
%else
b682e9
Requires:         perl-Socket
b682e9
%endif
b682e9
Requires:         perl-NetAddr-IP
b682e9
# use_openldap assumes perl-Mozilla-LDAP is built with openldap support
b682e9
Requires:         perl-Mozilla-LDAP
b682e9
# for setup-ds.pl
b682e9
Requires:         bind-utils
8394b4
%global __provides_exclude_from %{_libdir}/%{pkgname}/perl
8394b4
%global __requires_exclude perl\\((DSCreate|DSMigration|DSUpdate|DSUtil|Dialog|DialogManager|FileConn|Inf|Migration|Resource|Setup|SetupLog)
b682e9
%{?perl_default_filter}
b682e9
b682e9
%description      legacy-tools
b682e9
Legacy (and deprecated) utilities for 389 Directory Server. This includes
b682e9
the old account management and task scripts. These are deprecated in favour of
b682e9
the dscreate, dsctl, dsconf and dsidm tools.
8394b4
%endif
b682e9
b682e9
%package          devel
b682e9
Summary:          Development libraries for 389 Directory Server
b682e9
Group:            Development/Libraries
b682e9
Requires:         %{name}-libs = %{version}-%{release}
b682e9
Requires:         pkgconfig
b682e9
Requires:         nspr-devel
b682e9
Requires:         nss-devel >= 3.34
b682e9
Requires:         openldap-devel
b682e9
Requires:         libtalloc
b682e9
Requires:         libevent
b682e9
Requires:         libtevent
b682e9
Requires:         systemd-libs
b682e9
Provides:         svrcore-devel = 4.1.4
b682e9
Conflicts:        svrcore-devel
b682e9
Obsoletes:        svrcore-devel <= 4.1.3
b682e9
b682e9
%description      devel
b682e9
Development Libraries and headers for the 389 Directory Server base package.
b682e9
b682e9
%package          snmp
b682e9
Summary:          SNMP Agent for 389 Directory Server
b682e9
Group:            System Environment/Daemons
b682e9
Requires:         %{name} = %{version}-%{release}
b682e9
b682e9
Obsoletes:        %{name} <= 1.4.0.0
b682e9
b682e9
%description      snmp
b682e9
SNMP Agent for the 389 Directory Server base package.
b682e9
b682e9
%package -n python%{python3_pkgversion}-lib389
b682e9
Summary:  A library for accessing, testing, and configuring the 389 Directory Server
b682e9
BuildArch:        noarch
b682e9
Group:            Development/Libraries
b682e9
Requires: openssl
b682e9
Requires: iproute
318adb
Requires: platform-python
ea1d1b
Recommends: bash-completion
b682e9
Requires: python%{python3_pkgversion}-ldap
b682e9
Requires: python%{python3_pkgversion}-six
b682e9
Requires: python%{python3_pkgversion}-pyasn1
b682e9
Requires: python%{python3_pkgversion}-pyasn1-modules
b682e9
Requires: python%{python3_pkgversion}-dateutil
b682e9
Requires: python%{python3_pkgversion}-argcomplete
b682e9
Requires: python%{python3_pkgversion}-libselinux
8394b4
Requires: python%{python3_pkgversion}-setuptools
8394b4
Requires: python%{python3_pkgversion}-distro
b682e9
%{?python_provide:%python_provide python%{python3_pkgversion}-lib389}
b682e9
b682e9
%description -n python%{python3_pkgversion}-lib389
b682e9
This module contains tools and libraries for accessing, testing,
b682e9
 and configuring the 389 Directory Server.
b682e9
b682e9
%package -n cockpit-389-ds
b682e9
Summary:          Cockpit UI Plugin for configuring and administering the 389 Directory Server
b682e9
BuildArch:        noarch
b682e9
Requires:         cockpit
b682e9
Requires:         platform-python
b682e9
Requires:         python%{python3_pkgversion}-lib389
b682e9
b682e9
%description -n cockpit-389-ds
b682e9
A cockpit UI Plugin for configuring and administering the 389 Directory Server
b682e9
b682e9
%prep
232633
%autosetup -p1 -v -n %{name}-%{version}%{?prerel}
5d81fc
%if %{use_rust}
5d81fc
tar xvzf %{SOURCE4}
5d81fc
cp %{SOURCE5} src/
5d81fc
%endif
b682e9
%if %{bundle_jemalloc}
232633
%setup -q -n %{name}-%{version}%{?prerel} -T -D -b 3
b682e9
%endif
b682e9
cp %{SOURCE2} README.devel
b682e9
b682e9
%build
b682e9
b682e9
OPENLDAP_FLAG="--with-openldap"
b682e9
%{?with_tmpfiles_d: TMPFILES_FLAG="--with-tmpfiles-d=%{with_tmpfiles_d}"}
b682e9
# hack hack hack https://bugzilla.redhat.com/show_bug.cgi?id=833529
b682e9
NSSARGS="--with-nss-lib=%{_libdir} --with-nss-inc=%{_includedir}/nss3"
b682e9
b682e9
%if %{use_asan}
b682e9
ASAN_FLAGS="--enable-asan --enable-debug"
b682e9
%endif
b682e9
b682e9
%if %{use_rust}
5d81fc
RUST_FLAGS="--enable-rust --enable-rust-offline"
b682e9
%endif
b682e9
8394b4
%if %{use_legacy}
8394b4
LEGACY_FLAGS="--enable-legacy --enable-perl"
232633
%else
8394b4
LEGACY_FLAGS="--disable-legacy --disable-perl"
b682e9
%endif
b682e9
b682e9
%if %{use_clang}
b682e9
export CC=clang
b682e9
export CXX=clang++
b682e9
CLANG_FLAGS="--enable-clang"
b682e9
%endif
b682e9
b682e9
%if %{bundle_jemalloc}
d69b2b
# Override page size, bz #1545539
d69b2b
# 4K
d69b2b
%ifarch %ix86 %arm x86_64 s390x
d69b2b
%define lg_page --with-lg-page=12
d69b2b
%endif
d69b2b
d69b2b
# 64K
d69b2b
%ifarch ppc64 ppc64le aarch64
d69b2b
%define lg_page --with-lg-page=16
d69b2b
%endif
d69b2b
d69b2b
# Override huge page size on aarch64
d69b2b
# 2M instead of 512M
d69b2b
%ifarch aarch64
d69b2b
%define lg_hugepage --with-lg-hugepage=21
d69b2b
%endif
d69b2b
b682e9
# Build jemalloc
b682e9
pushd ../%{jemalloc_name}-%{jemalloc_ver}
b682e9
%configure \
b682e9
        --libdir=%{_libdir}/%{pkgname}/lib \
d69b2b
        --bindir=%{_libdir}/%{pkgname}/bin \
d69b2b
        --enable-prof
d69b2b
make %{?_smp_mflags}        
b682e9
popd
b682e9
%endif
b682e9
d69b2b
b682e9
# Enforce strict linking
b682e9
%define _strict_symbol_defs_build 1
b682e9
b682e9
# Rebuild the autotool artifacts now.
b682e9
autoreconf -fiv
b682e9
b682e9
%configure --enable-autobind --with-selinux $OPENLDAP_FLAG $TMPFILES_FLAG \
b682e9
           --with-systemd \
b682e9
           --with-systemdsystemunitdir=%{_unitdir} \
b682e9
           --with-systemdsystemconfdir=%{_sysconfdir}/systemd/system \
b682e9
           --with-systemdgroupname=%{groupname}  \
b682e9
           --libexecdir=%{_libexecdir}/%{pkgname} \
8394b4
           $NSSARGS $ASAN_FLAGS $RUST_FLAGS $LEGACY_FLAGS $CLANG_FLAGS \
b682e9
           --enable-cmocka 
b682e9
b682e9
# lib389
b682e9
pushd ./src/lib389
b682e9
%py3_build
b682e9
popd
b682e9
# argparse-manpage dynamic man pages have hardcoded man v1 in header,
b682e9
# need to change it to v8
232633
sed -i  "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}%{?prerel}/src/lib389/man/dsconf.8
232633
sed -i  "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}%{?prerel}/src/lib389/man/dsctl.8
232633
sed -i  "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}%{?prerel}/src/lib389/man/dsidm.8
232633
sed -i  "1s/\"1\"/\"8\"/" %{_builddir}/%{name}-%{version}%{?prerel}/src/lib389/man/dscreate.8
b682e9
b682e9
# Generate symbolic info for debuggers
b682e9
export XCFLAGS=$RPM_OPT_FLAGS
b682e9
b682e9
#make %{?_smp_mflags}
b682e9
make
b682e9
b682e9
%install
b682e9
b682e9
mkdir -p %{buildroot}%{_datadir}/gdb/auto-load%{_sbindir}
b682e9
mkdir -p %{buildroot}%{_datadir}/cockpit
b682e9
make DESTDIR="$RPM_BUILD_ROOT" install
b682e9
8394b4
# Cockpit file list
b682e9
find %{buildroot}%{_datadir}/cockpit/389-console -type d | sed -e "s@%{buildroot}@@" | sed -e 's/^/\%dir /' > cockpit.list
b682e9
find %{buildroot}%{_datadir}/cockpit/389-console -type f | sed -e "s@%{buildroot}@@" >> cockpit.list
b682e9
b682e9
# Copy in our docs from doxygen.
232633
cp -r %{_builddir}/%{name}-%{version}%{?prerel}/man/man3 $RPM_BUILD_ROOT/%{_mandir}/man3
b682e9
b682e9
# lib389
b682e9
pushd src/lib389
b682e9
%py3_install
b682e9
popd
b682e9
b682e9
mkdir -p $RPM_BUILD_ROOT/var/log/%{pkgname}
b682e9
mkdir -p $RPM_BUILD_ROOT/var/lib/%{pkgname}
d69b2b
mkdir -p $RPM_BUILD_ROOT/var/3lock/%{pkgname}
b682e9
b682e9
# for systemd
b682e9
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/systemd/system/%{groupname}.wants
b682e9
b682e9
#remove libtool archives and static libs
b682e9
find %{buildroot} -type f -name "*.la" -delete
b682e9
find %{buildroot} -type f -name "*.a" -delete
b682e9
8394b4
%if %{use_legacy}
b682e9
# make sure perl scripts have a proper shebang
b682e9
sed -i -e 's|#{{PERL-EXEC}}|#!/usr/bin/perl|' $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/script-templates/template-*.pl
b682e9
%endif
b682e9
b682e9
%if %{bundle_jemalloc}
b682e9
pushd ../%{jemalloc_name}-%{jemalloc_ver}
b682e9
make DESTDIR="$RPM_BUILD_ROOT" install_lib install_bin
232633
cp -pa COPYING ../%{name}-%{version}%{?prerel}/COPYING.jemalloc
232633
cp -pa README ../%{name}-%{version}%{?prerel}/README.jemalloc
b682e9
popd
b682e9
%endif
b682e9
b682e9
%check
b682e9
# This checks the code, if it fails it prints why, then re-raises the fail to shortcircuit the rpm build.
b682e9
if ! make DESTDIR="$RPM_BUILD_ROOT" check; then cat ./test-suite.log && false; fi
b682e9
b682e9
%clean
b682e9
rm -rf $RPM_BUILD_ROOT
b682e9
b682e9
%post
b682e9
if [ -n "$DEBUGPOSTTRANS" ] ; then
b682e9
    output=$DEBUGPOSTTRANS
b682e9
    output2=${DEBUGPOSTTRANS}.upgrade
b682e9
else
b682e9
    output=/dev/null
b682e9
    output2=/dev/null
b682e9
fi
b682e9
b682e9
# reload to pick up any changes to systemd files
b682e9
/bin/systemctl daemon-reload >$output 2>&1 || :
b682e9
b682e9
# https://fedoraproject.org/wiki/Packaging:UsersAndGroups#Soft_static_allocation
b682e9
# Soft static allocation for UID and GID
b682e9
USERNAME="dirsrv"
b682e9
ALLOCATED_UID=389
b682e9
GROUPNAME="dirsrv"
b682e9
ALLOCATED_GID=389
b682e9
HOMEDIR="/usr/share/dirsrv"
b682e9
b682e9
getent group $GROUPNAME >/dev/null || /usr/sbin/groupadd -f -g $ALLOCATED_GID -r $GROUPNAME
b682e9
if ! getent passwd $USERNAME >/dev/null ; then
b682e9
    if ! getent passwd $ALLOCATED_UID >/dev/null ; then
b682e9
      /usr/sbin/useradd -r -u $ALLOCATED_UID -g $GROUPNAME -d $HOMEDIR -s /sbin/nologin -c "user for 389-ds-base" $USERNAME
b682e9
    else
b682e9
      /usr/sbin/useradd -r -g $GROUPNAME -d $HOMEDIR -s /sbin/nologin -c "user for 389-ds-base" $USERNAME
b682e9
    fi
b682e9
fi
b682e9
b682e9
# Reload our sysctl before we restart (if we can)
b682e9
sysctl --system &> $output; true
b682e9
b682e9
%preun
b682e9
if [ $1 -eq 0 ]; then # Final removal
b682e9
    # remove instance specific service files/links
b682e9
    rm -rf %{_sysconfdir}/systemd/system/%{groupname}.wants/* > /dev/null 2>&1 || :
b682e9
fi
b682e9
b682e9
%postun
b682e9
if [ $1 = 0 ]; then # Final removal
b682e9
    rm -rf /var/run/%{pkgname}
b682e9
fi
b682e9
b682e9
%post snmp
b682e9
%systemd_post %{pkgname}-snmp.service
b682e9
b682e9
%preun snmp
b682e9
%systemd_preun %{pkgname}-snmp.service %{groupname}
b682e9
b682e9
%postun snmp
b682e9
%systemd_postun_with_restart %{pkgname}-snmp.service
b682e9
8394b4
%if %{use_legacy}
b682e9
%post legacy-tools
b682e9
b682e9
# START UPGRADE SCRIPT
b682e9
b682e9
if [ -n "$DEBUGPOSTTRANS" ] ; then
b682e9
    output=$DEBUGPOSTTRANS
b682e9
    output2=${DEBUGPOSTTRANS}.upgrade
b682e9
else
b682e9
    output=/dev/null
b682e9
    output2=/dev/null
b682e9
fi
b682e9
b682e9
# find all instances
b682e9
instances="" # instances that require a restart after upgrade
b682e9
ninst=0 # number of instances found in total
b682e9
b682e9
echo looking for instances in %{_sysconfdir}/%{pkgname} > $output 2>&1 || :
b682e9
instbase="%{_sysconfdir}/%{pkgname}"
b682e9
for dir in $instbase/slapd-* ; do
b682e9
    echo dir = $dir >> $output 2>&1 || :
b682e9
    if [ ! -d "$dir" ] ; then continue ; fi
b682e9
    case "$dir" in *.removed) continue ;; esac
b682e9
    basename=`basename $dir`
b682e9
    inst="%{pkgname}@`echo $basename | sed -e 's/slapd-//g'`"
b682e9
    echo found instance $inst - getting status  >> $output 2>&1 || :
b682e9
    if /bin/systemctl -q is-active $inst ; then
b682e9
       echo instance $inst is running >> $output 2>&1 || :
b682e9
       instances="$instances $inst"
b682e9
    else
b682e9
       echo instance $inst is not running >> $output 2>&1 || :
b682e9
    fi
b682e9
    ninst=`expr $ninst + 1`
b682e9
done
b682e9
if [ $ninst -eq 0 ] ; then
b682e9
    echo no instances to upgrade >> $output 2>&1 || :
b682e9
    exit 0 # have no instances to upgrade - just skip the rest
b682e9
fi
b682e9
# shutdown all instances
b682e9
echo shutting down all instances . . . >> $output 2>&1 || :
b682e9
for inst in $instances ; do
b682e9
    echo stopping instance $inst >> $output 2>&1 || :
b682e9
    /bin/systemctl stop $inst >> $output 2>&1 || :
b682e9
done
b682e9
echo remove pid files . . . >> $output 2>&1 || :
b682e9
/bin/rm -f /var/run/%{pkgname}*.pid /var/run/%{pkgname}*.startpid
b682e9
# do the upgrade
b682e9
echo upgrading instances . . . >> $output 2>&1 || :
b682e9
DEBUGPOSTSETUPOPT=`/usr/bin/echo $DEBUGPOSTSETUP | /usr/bin/sed -e "s/[^d]//g"`
b682e9
if [ -n "$DEBUGPOSTSETUPOPT" ] ; then
b682e9
    %{_sbindir}/setup-ds.pl -$DEBUGPOSTSETUPOPT -u -s General.UpdateMode=offline >> $output 2>&1 || :
b682e9
else
b682e9
    %{_sbindir}/setup-ds.pl -u -s General.UpdateMode=offline >> $output 2>&1 || :
b682e9
fi
b682e9
b682e9
# restart instances that require it
b682e9
for inst in $instances ; do
b682e9
    echo restarting instance $inst >> $output 2>&1 || :
b682e9
    /bin/systemctl start $inst >> $output 2>&1 || :
b682e9
done
b682e9
#END UPGRADE
b682e9
%endif
b682e9
b682e9
exit 0
b682e9
b682e9
b682e9
%files
b682e9
%if %{bundle_jemalloc}
b682e9
%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.jemalloc
b682e9
%license COPYING.jemalloc
b682e9
%else
b682e9
%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl
b682e9
%endif
b682e9
%dir %{_sysconfdir}/%{pkgname}
b682e9
%dir %{_sysconfdir}/%{pkgname}/schema
b682e9
%config(noreplace)%{_sysconfdir}/%{pkgname}/schema/*.ldif
b682e9
%dir %{_sysconfdir}/%{pkgname}/config
b682e9
%dir %{_sysconfdir}/systemd/system/%{groupname}.wants
b682e9
%config(noreplace)%{_sysconfdir}/%{pkgname}/config/slapd-collations.conf
b682e9
%config(noreplace)%{_sysconfdir}/%{pkgname}/config/certmap.conf
b682e9
%{_datadir}/%{pkgname}
b682e9
%{_datadir}/gdb/auto-load/*
b682e9
%{_unitdir}
b682e9
%{_bindir}/dbscan
b682e9
%{_mandir}/man1/dbscan.1.gz
b682e9
%{_bindir}/ds-replcheck
b682e9
%{_mandir}/man1/ds-replcheck.1.gz
b682e9
%{_bindir}/ds-logpipe.py
b682e9
%{_mandir}/man1/ds-logpipe.py.1.gz
b682e9
%{_bindir}/ldclt
b682e9
%{_mandir}/man1/ldclt.1.gz
b682e9
%{_sbindir}/ldif2ldap
b682e9
%{_mandir}/man8/ldif2ldap.8.gz
b682e9
%{_bindir}/logconv.pl
b682e9
%{_mandir}/man1/logconv.pl.1.gz
b682e9
%{_bindir}/pwdhash
b682e9
%{_mandir}/man1/pwdhash.1.gz
b682e9
%{_bindir}/readnsstate
b682e9
%{_mandir}/man1/readnsstate.1.gz
b682e9
# Remove for now: %caps(CAP_NET_BIND_SERVICE=pe) {_sbindir}/ns-slapd
b682e9
%{_sbindir}/ns-slapd
b682e9
%{_mandir}/man8/ns-slapd.8.gz
b682e9
%{_libexecdir}/%{pkgname}/ds_systemd_ask_password_acl
b2bc38
%{_libexecdir}/%{pkgname}/ds_selinux_restorecon.sh
b682e9
%{_mandir}/man5/99user.ldif.5.gz
b682e9
%{_mandir}/man5/certmap.conf.5.gz
b682e9
%{_mandir}/man5/slapd-collations.conf.5.gz
b682e9
%{_mandir}/man5/dirsrv.5.gz
b682e9
%{_mandir}/man5/dirsrv.systemd.5.gz
b682e9
%{_libdir}/%{pkgname}/python
b682e9
%dir %{_libdir}/%{pkgname}/plugins
b682e9
%{_libdir}/%{pkgname}/plugins/*.so
b682e9
# This has to be hardcoded to /lib - $libdir changes between lib/lib64, but
b682e9
# sysctl.d is always in /lib.
b682e9
%{_prefix}/lib/sysctl.d/*
b682e9
%dir %{_localstatedir}/lib/%{pkgname}
b682e9
%dir %{_localstatedir}/log/%{pkgname}
b682e9
%ghost %dir %{_localstatedir}/lock/%{pkgname}
b682e9
%exclude %{_sbindir}/ldap-agent*
b682e9
%exclude %{_mandir}/man1/ldap-agent.1.gz
b682e9
%exclude %{_unitdir}/%{pkgname}-snmp.service
b682e9
%if %{bundle_jemalloc}
b682e9
%{_libdir}/%{pkgname}/lib/
b682e9
%{_libdir}/%{pkgname}/bin/
b682e9
%exclude %{_libdir}/%{pkgname}/bin/jemalloc-config
b682e9
%exclude %{_libdir}/%{pkgname}/bin/jemalloc.sh
b682e9
%exclude %{_libdir}/%{pkgname}/lib/libjemalloc.a
b682e9
%exclude %{_libdir}/%{pkgname}/lib/libjemalloc.so
b682e9
%exclude %{_libdir}/%{pkgname}/lib/libjemalloc_pic.a
b682e9
%exclude %{_libdir}/%{pkgname}/lib/pkgconfig
b682e9
%endif
b682e9
b682e9
%files devel
b682e9
%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel
b682e9
%{_mandir}/man3/*
b682e9
%{_includedir}/svrcore.h
b682e9
%{_includedir}/%{pkgname}
b682e9
%{_libdir}/libsvrcore.so
b682e9
%{_libdir}/%{pkgname}/libslapd.so
b682e9
%{_libdir}/%{pkgname}/libns-dshttpd.so
b682e9
%{_libdir}/%{pkgname}/libsds.so
b682e9
%{_libdir}/%{pkgname}/libldaputil.so
b682e9
%{_libdir}/pkgconfig/svrcore.pc
b682e9
%{_libdir}/pkgconfig/dirsrv.pc
b682e9
%{_libdir}/pkgconfig/libsds.pc
b682e9
b682e9
%files libs
b682e9
%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel
b682e9
%dir %{_libdir}/%{pkgname}
b682e9
%{_libdir}/libsvrcore.so.*
b682e9
%{_libdir}/%{pkgname}/libslapd.so.*
b682e9
%{_libdir}/%{pkgname}/libns-dshttpd-*.so
b682e9
%{_libdir}/%{pkgname}/libsds.so.*
b682e9
%{_libdir}/%{pkgname}/libldaputil.so.*
d69b2b
%{_libdir}/%{pkgname}/librewriters.so*
b682e9
%if %{bundle_jemalloc}
b682e9
%{_libdir}/%{pkgname}/lib/libjemalloc.so.2
b682e9
%endif
b682e9
8394b4
%if %{use_legacy}
b682e9
%files legacy-tools
b682e9
%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel
b682e9
%{_bindir}/infadd
b682e9
%{_mandir}/man1/infadd.1.gz
b682e9
%{_bindir}/ldif
b682e9
%{_mandir}/man1/ldif.1.gz
b682e9
%{_bindir}/migratecred
b682e9
%{_mandir}/man1/migratecred.1.gz
b682e9
%{_bindir}/mmldif
b682e9
%{_mandir}/man1/mmldif.1.gz
b682e9
%{_bindir}/rsearch
b682e9
%{_mandir}/man1/rsearch.1.gz
8394b4
%{_libexecdir}/%{pkgname}/ds_selinux_enabled
8394b4
%{_libexecdir}/%{pkgname}/ds_selinux_port_query
8394b4
%config(noreplace)%{_sysconfdir}/%{pkgname}/config/template-initconfig
8394b4
%{_mandir}/man5/template-initconfig.5.gz
8394b4
%{_datadir}/%{pkgname}/properties/*.res
8394b4
%{_datadir}/%{pkgname}/script-templates
8394b4
%{_datadir}/%{pkgname}/updates
8394b4
%{_sbindir}/ldif2ldap
8394b4
%{_mandir}/man8/ldif2ldap.8.gz
8394b4
%{_sbindir}/bak2db
8394b4
%{_mandir}/man8/bak2db.8.gz
8394b4
%{_sbindir}/db2bak
8394b4
%{_mandir}/man8/db2bak.8.gz
8394b4
%{_sbindir}/db2index
8394b4
%{_mandir}/man8/db2index.8.gz
8394b4
%{_sbindir}/db2ldif
8394b4
%{_mandir}/man8/db2ldif.8.gz
8394b4
%{_sbindir}/dbverify
8394b4
%{_mandir}/man8/dbverify.8.gz
8394b4
%{_sbindir}/ldif2db
8394b4
%{_mandir}/man8/ldif2db.8.gz
8394b4
%{_sbindir}/restart-dirsrv
8394b4
%{_mandir}/man8/restart-dirsrv.8.gz
8394b4
%{_sbindir}/start-dirsrv
8394b4
%{_mandir}/man8/start-dirsrv.8.gz
8394b4
%{_sbindir}/status-dirsrv
8394b4
%{_mandir}/man8/status-dirsrv.8.gz
8394b4
%{_sbindir}/stop-dirsrv
8394b4
%{_mandir}/man8/stop-dirsrv.8.gz
8394b4
%{_sbindir}/upgradedb
8394b4
%{_mandir}/man8/upgradedb.8.gz
8394b4
%{_sbindir}/vlvindex
8394b4
%{_mandir}/man8/vlvindex.8.gz
b682e9
%{_sbindir}/monitor
b682e9
%{_mandir}/man8/monitor.8.gz
b682e9
%{_sbindir}/dbmon.sh
b682e9
%{_mandir}/man8/dbmon.sh.8.gz
b682e9
%{_sbindir}/dn2rdn
b682e9
%{_mandir}/man8/dn2rdn.8.gz
b682e9
%{_sbindir}/restoreconfig
b682e9
%{_mandir}/man8/restoreconfig.8.gz
b682e9
%{_sbindir}/saveconfig
b682e9
%{_mandir}/man8/saveconfig.8.gz
b682e9
%{_sbindir}/suffix2instance
b682e9
%{_mandir}/man8/suffix2instance.8.gz
b682e9
%{_sbindir}/upgradednformat
b682e9
%{_mandir}/man8/upgradednformat.8.gz
b682e9
%{_mandir}/man1/dbgen.pl.1.gz
b682e9
%{_bindir}/repl-monitor
b682e9
%{_mandir}/man1/repl-monitor.1.gz
b682e9
%{_bindir}/repl-monitor.pl
b682e9
%{_mandir}/man1/repl-monitor.pl.1.gz
b682e9
%{_bindir}/cl-dump
b682e9
%{_mandir}/man1/cl-dump.1.gz
b682e9
%{_bindir}/cl-dump.pl
b682e9
%{_mandir}/man1/cl-dump.pl.1.gz
b682e9
%{_bindir}/dbgen.pl
b682e9
%{_mandir}/man8/bak2db.pl.8.gz
b682e9
%{_sbindir}/bak2db.pl
b682e9
%{_sbindir}/cleanallruv.pl
b682e9
%{_mandir}/man8/cleanallruv.pl.8.gz
b682e9
%{_sbindir}/db2bak.pl
b682e9
%{_mandir}/man8/db2bak.pl.8.gz
b682e9
%{_sbindir}/db2index.pl
b682e9
%{_mandir}/man8/db2index.pl.8.gz
b682e9
%{_sbindir}/db2ldif.pl
b682e9
%{_mandir}/man8/db2ldif.pl.8.gz
b682e9
%{_sbindir}/fixup-linkedattrs.pl
b682e9
%{_mandir}/man8/fixup-linkedattrs.pl.8.gz
b682e9
%{_sbindir}/fixup-memberof.pl
b682e9
%{_mandir}/man8/fixup-memberof.pl.8.gz
b682e9
%{_sbindir}/ldif2db.pl
b682e9
%{_mandir}/man8/ldif2db.pl.8.gz
b682e9
%{_sbindir}/migrate-ds.pl
b682e9
%{_mandir}/man8/migrate-ds.pl.8.gz
b682e9
%{_sbindir}/ns-accountstatus.pl
b682e9
%{_mandir}/man8/ns-accountstatus.pl.8.gz
b682e9
%{_sbindir}/ns-activate.pl
b682e9
%{_mandir}/man8/ns-activate.pl.8.gz
b682e9
%{_sbindir}/ns-inactivate.pl
b682e9
%{_mandir}/man8/ns-inactivate.pl.8.gz
b682e9
%{_sbindir}/ns-newpwpolicy.pl
b682e9
%{_mandir}/man8/ns-newpwpolicy.pl.8.gz
b682e9
%{_sbindir}/remove-ds.pl
b682e9
%{_mandir}/man8/remove-ds.pl.8.gz
b682e9
%{_sbindir}/schema-reload.pl
b682e9
%{_mandir}/man8/schema-reload.pl.8.gz
b682e9
%{_sbindir}/setup-ds.pl
b682e9
%{_mandir}/man8/setup-ds.pl.8.gz
b682e9
%{_sbindir}/syntax-validate.pl
b682e9
%{_mandir}/man8/syntax-validate.pl.8.gz
b682e9
%{_sbindir}/usn-tombstone-cleanup.pl
b682e9
%{_mandir}/man8/usn-tombstone-cleanup.pl.8.gz
b682e9
%{_sbindir}/verify-db.pl
b682e9
%{_mandir}/man8/verify-db.pl.8.gz
b682e9
%{_libdir}/%{pkgname}/perl
b682e9
%endif
b682e9
b682e9
%files snmp
b682e9
%doc LICENSE LICENSE.GPLv3+ LICENSE.openssl README.devel
b682e9
%config(noreplace)%{_sysconfdir}/%{pkgname}/config/ldap-agent.conf
b682e9
%{_sbindir}/ldap-agent*
b682e9
%{_mandir}/man1/ldap-agent.1.gz
b682e9
%{_unitdir}/%{pkgname}-snmp.service
b682e9
b682e9
%files -n python%{python3_pkgversion}-lib389
b682e9
%doc LICENSE LICENSE.GPLv3+
b682e9
%{python3_sitelib}/lib389*
b682e9
%{_sbindir}/dsconf
b682e9
%{_mandir}/man8/dsconf.8.gz
b682e9
%{_sbindir}/dscreate
b682e9
%{_mandir}/man8/dscreate.8.gz
b682e9
%{_sbindir}/dsctl
b682e9
%{_mandir}/man8/dsctl.8.gz
b682e9
%{_sbindir}/dsidm
b682e9
%{_mandir}/man8/dsidm.8.gz
8394b4
%{_libexecdir}/%{pkgname}/dscontainer
b682e9
b682e9
%files -n cockpit-389-ds -f cockpit.list
232633
%{_datarootdir}/metainfo/389-console/org.port389.cockpit_console.metainfo.xml
b682e9
%doc README.md
b682e9
b682e9
%changelog
d4a1c3
* Tue Oct 11 2022 Mark Reynolds <mreynolds@redhat.com> - 1.4.3.28-8
d4a1c3
- Bump version to 1.4.3.28-8
d4a1c3
- Resolves: Bug 2131743 - SIGSEGV in sync_repl
d4a1c3
07ea61
* Thu May 19 2022 Thierry Bordaz <tbordaz@redhat.com> - 1.4.3.28-7
07ea61
- Bump version to 1.4.3.28-7
07ea61
- Resolves: Bug 2081008 - CVE-2022-0996 389-ds:1.4/389-ds-base: expired password was still allowed to access the database
07ea61
- Resolves: Bug 2081014 - CVE-2022-0918 389-ds:1.4/389-ds-base: sending crafted message could result in DoS
07ea61
b2bc38
* Thu Feb 3 2022 Mark Reynolds <mreynolds@redhat.com> - 1.4.3.28-6
b2bc38
- Bump version to 1.4.3.28-6
b2bc38
- Resolves: Bug 2047171 - Based on 1944494 (RFC 4530 entryUUID attribute) - plugin entryuuid failing
b2bc38
b2bc38
* Fri Jan 28 2022 Mark Reynolds <mreynolds@redhat.com> - 1.4.3.28-5
b2bc38
- Bump version to 1.4.3.28-5
b2bc38
- Resolves: Bug 2045223 - ipa-restore command is failing when restore after uninstalling the server (aprt 2)
b2bc38
b2bc38
* Tue Jan 25 2022 Mark Reynolds <mreynolds@redhat.com> - 1.4.3.28-4
b2bc38
- Bump version to 1.4.3.28-4
b2bc38
- Resolves: Bug 2045223 - ipa-restore command is failing when restore after uninstalling the server
b2bc38
b2bc38
* Thu Nov 18 2021 Mark Reynolds <mreynolds@redhat.com> - 1.4.3.28-3
b2bc38
- Bump version to 1.4.3.28-3
b2bc38
- Resolves: Bug 2030367 - EMBARGOED CVE-2021-4091 389-ds:1.4/389-ds-base: double-free of the virtual attribute context in persistent search
b2bc38
- Resolves: Bug 2033398 - PBKDF2 hashing does not work in FIPS mode
b2bc38
b2bc38
* Thu Nov 18 2021 Mark Reynolds <mreynolds@redhat.com> - 1.4.3.28-2
b2bc38
- Bump version to 1.4.3.28-2
b2bc38
- Resolves: Bug 2024695 - DB corruption "_entryrdn_insert_key - Same DN (dn: nsuniqueid=ffffffff-ffffffff-ffffffff-ffffffff,<SUFFIX>) is already in the entryrdn file"
b2bc38
- Resolves: Bug 1859210 - systemd-tmpfiles warnings
b2bc38
- Resolves: Bug 1913199 - IPA server (389ds) is very slow in execution of some searches (`&(memberOf=...)(objectClass=ipaHost)` in particular)
b2bc38
- Resolves: Bug 1974236 - automatique disable of virtual attribute checking
b2bc38
- Resolves: Bug 1976882 - logconv.pl -j: Use of uninitialized value $first in numeric gt (>)
b2bc38
- Resolves: Bug 1981281 - ipa user-add fails with "gecos: value invalid per syntax: Invalid syntax"
b2bc38
- Resolves: Bug 2015998 - Log the Auto Member invalid regex rules in the LDAP errors log
b2bc38
b2bc38
* Thu Oct 21 2021 Mark Reynolds <mreynolds@redhat.com> - 1.4.3.28-1
b2bc38
- Bump version to 1.4.3.28-1
b2bc38
- Resolves: Bug 2016014 - rebase RHEL 8.6 with 389-ds-base-1.4.3
b2bc38
- Resolves: Bug 1990002 - monitor displays wrong date for connection
b2bc38
- Resolves: Bug 1950335 - upgrade password hash on bind also causes passwordExpirationtime to be updated
b2bc38
- Resolves: Bug 1916292 - Indexing a single backend actually processes all configured backends
b2bc38
- Resolves: Bug 1780842 - [RFE] set db home directory to /dev/shm by default
b2bc38
- Resolves: Bug 2000975 - Retro Changelog does not trim changes
b2bc38
b2bc38
b2bc38
5d81fc