OpenLDAP 2.1 packages in experimental
Preliminary packages for OpenLDAP 2.1 have just been uploaded to
experimental.
WARNING: ONLY USE THOSE PACKAGES IF YOU REALLY KNOW WHAT YOU ARE DOING.
When using them, be sure to consider these restrictions:
* No upgrade path from previous versions of slapd is currently
supported and upgrades _are_ likely to break. This is due to the
fact that OpenLDAP 2.1 is stricter about many things than OpenLDAP
2.0 was.
Unfortunately, the Debconf scripts of previous versions created
a non-conformant set-up that was accepted by OpenLDAP 2.0, but isn't
by OpenLDAP 2.1. Namely, when setting up the directory with
a dcObject as base (that is dc=foo,dc=bar,dc=...) no structual
objectClass was included (dcObject is not structural). In order to
fix your directory, add the organization objectClass to your base
dn (this will require you to set o to something). You can do this by
running something like the following command _before_ upgrading:
$ ldapmodify -x -h localhost -b <your base dn> -D <some admin dn> -W
dn: <your base dn>
changetype: modify
replace: objectClass
objectClass: organization
objectClass: dcObject
-
add: o
o: <name of your organization>
-
^D
* The Debconf scripts are being completely rewritten. Currently, only
the absolute minimum is implemented to set a up a directory with a
dc-structure.
* Backend modules are now compiled as shared modules. Some backends
such as back_sql will eventually be split off into their own
packages. At this point of time, you need to specify the modules
to load in slapd.conf like this:
modulepath /usr/lib/ldap
moduleload back_bdb.la
* TLS support is know included in the libldap2 packages and
libldap2-tls for that reason dropped. Once OpenLDAP 2.1 enters
unstable, either the the priority of libssl needs to be increased
or exim needs to load LDAP support dynamically.
* The packages are built against libsasl2 (instead of libsasl1).
If you are aware of solutions for any of the above issues, we'd be
interested in hearing them. Let us know at debian-openldap@snowman.net.
Here is the changelog for your information:
openldap2.1 (2.1.12-1) experimental; urgency=low
* Initial release of OpenLDAP 2.1 packages. Closes: #167566, #178014.
- this includes support for the >= and <= operators. Closes: #159078.
* Torsten Landschoff <torsten@debian.org>
- debian/check_config: Added script to check if OpenLDAP was configured
the way we want it.
- Don't build special TLS packages anymore - SSL is enabled in the
stock ldap library. Everything else will just give me more headaches.
- Build against libsasl2 instead of libsasl1. Closes: #176462.
- debian/control:
- Build-depend on debhelper 4.0 as debian/rules uses DH_COMPAT=4.
- Depend on coreutils | fileutils. Closes: #175704.
- Make libldap2 conflict with libldap2-tls which is obsolete now.
- debian/rules: Move the long list of configure options to a new
file debian/configure.options and read $(CONFIG) from that file.
- configure with --enable-aci. Closes: #101602.
- debian/slapd.init: Rewrite and add comments.
- Add support for running as non-root (closes: #111765, #157037).
- servers/slapd/main.c (main): Remove pid file on exit (closes: #162284).
- servers/slurpd/slurp.h: Change the default spool directory to
/var/spool/slurpd (avoids passing it via -t in init.d).
- servers/{slapd,slurpd}/Makefile.in: Install binaries into sbindir
instead of libexecdir.
- debian/control: Add Stephen Frost to the Uploaders field. Thanks
for your help, Stephen!
- contrib/ldapc++/config.{guess,sub}: Replaced with current files from
autotools-dev (lintian). Not actually neccessary since this part of
the package is not currently built but I think this is the best way
to shut up lintian :)
- build/mod.mk: Use -m 644 instead of -m 755 in installing shared
libraries. Shared libraries should not be marked as executable
(lintian).
- debian/libldap2.conffiles: Remove, since we are using version 4
of debhelper which tags everything in /etc as conffile by default.
- debian/rules: Change the mode of everything upstream installed into
/etc to 0644 as required by policy (lintian).
- debian/rules: Call dh_installdeb later in the binary target so that
the conffiles are already there for listing. Without this nothing in
/etc gets tagged as conffile... (lintian).
- debian/rules: Pass the start and stop priority of slapd to
dh_installinit in preparation for a postinst supported by debhelper.
- debian/rules: Call dh_installdirs again.
- Rewrite slapd.config, slapd.postinst, slapd.templates - a first try
in getting slapd to configure itself. Way to go.
* Roland Bauerschmidt <rb@debian.org>
- debian/control:
- build-depend on libdb4.1-dev instead of libdb4.0-dev
- conflict, replace, and provide libldap2-tls (libldap2)
- removed ldap-gateways binary package
- drop suggestion to obsolete openldap-guide. Closes: #171894.
- debian/rules:
- build with BDB backend
- run dh_installdeb
- only run dh_makeshlibs for libldap2
- debian/slapd.dirs: added to create /var/lib/ldap and /var/spool/slurpd
- debian/slapd.postinst:
- properly remove temporary files on errors. Closes: #160412.
- install init.d link if slapd.conf already exists. Closes: #159542.
- run db_stop even if package isn't configured for the first time. This
prevents hanging during upgrades.
- added debian/slapd.default and use it from debian/slapd.init.
Closes: #160964.
- added debian/slapd.README.Debian
- added versioned dependency on coreutils to make lintian quiet.
- added debian/slapd.postrm
- remove slapd.conf when package is purged
- remove /var/lib/ldap when slapd/purge_database is true
- remove /etc/ldap/schema if empty
- debian/templates: added slapd/purge_database template
- build/top.mk: link against libcrypt before other SECURITY_LIBS
* Stephen Frost <sfrost@debian.org>
- debian/control: added libltdl2-dev and libslp-dev to the build-depends
- Correct typo for back-sql init routine; already in OpenLDAP upstream
CVS
- Correct free of SASL interact results; already in OpenLDAP upstream CVS
- Duplicate the DN from SASL to ensure '\0' termination; already in
OpenLDAP upstream CVS
- debian/control: added Replaces: slapd (<< 2.1) for ldap-utils due to
ldif.5 move.
- Add modulepath /usr/lib/ldap to default slapd config
- Add moduleload back_bdb to default slapd config
- Changed libexecdir to ${prefix}/lib
- Add usr/lib/ldap to slapd portion of move_files
- Modified backend types to be built as modules for dynamic loading
- Fixed pt_BR translation
-- Roland Bauerschmidt <rb@debian.org> Sat, 15 Mar 2003 21:35:24 +0100
Have fun, the Debian OpenLDAP maintainers
(Torsten Landschoff, Stephen Frost, and me)
--
Roland Bauerschmidt
Reply to: