diff --git a/.gitignore b/.gitignore index 1a46d94..612b207 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,22 @@ *~ /389-admin-1.1.13.tar.bz2 +/389-admin-1.1.14.tar.bz2 +/389-admin-1.1.15.tar.bz2 +/389-admin-1.1.16.tar.bz2 +/389-admin-1.1.17.tar.bz2 +/389-admin-1.1.18.tar.bz2 +/389-admin-1.1.19.tar.bz2 +/389-admin-1.1.20.tar.bz2 +/389-admin-1.1.21.tar.bz2 +/389-admin-1.1.22.tar.bz2 +/389-admin-1.1.23.tar.bz2 +/389-admin-1.1.24.tar.bz2 +/389-admin-1.1.25.tar.bz2 +/389-admin-1.1.26.tar.bz2 +/389-admin-1.1.27.tar.bz2 +/389-admin-1.1.28.tar.bz2 +/389-admin-1.1.29.tar.bz2 +/389-admin-1.1.30.tar.bz2 +/389-admin-1.1.31.tar.bz2 +/389-admin-1.1.35.tar.bz2 +/389-admin-1.1.43.tar.bz2 diff --git a/389-admin-git-local.sh b/389-admin-git-local.sh index f6f6b45..0c67d30 100755 --- a/389-admin-git-local.sh +++ b/389-admin-git-local.sh @@ -1,7 +1,7 @@ #!/bin/bash DATE=`date +%Y%m%d` -VERSION=1.1.13 +VERSION=1.1.35 PKGNAME=389-admin TAG=${TAG:-$PKGNAME-$VERSION} SRCNAME=${PKGNAME}-${VERSION} diff --git a/389-admin-git.sh b/389-admin-git.sh index f6866f5..0b5093e 100755 --- a/389-admin-git.sh +++ b/389-admin-git.sh @@ -1,7 +1,7 @@ #!/bin/bash DATE=`date +%Y%m%d` -VERSION=1.1.13 +VERSION=1.1.35 PKGNAME=389-admin #SRCNAME=$PKGNAME-$VERSION-$DATE SRCNAME=$PKGNAME-$VERSION diff --git a/389-admin.spec b/389-admin.spec index 32b5d0e..1bc41a0 100644 --- a/389-admin.spec +++ b/389-admin.spec @@ -1,21 +1,17 @@ %global pkgname dirsrv # for a pre-release, define the prerel field - comment out for official release -# % global prerel .a2 +# % global prerel .a1 # also need the relprefix 0. field for a pre-release - also comment out for official release # % global relprefix 0. Summary: 389 Administration Server (admin) Name: 389-admin -Version: 1.1.13 +Version: 1.1.43 Release: %{?relprefix}1%{?prerel}%{?dist} License: GPLv2 and ASL 2.0 -URL: http://port389.org/ +URL: https://port389.org/ Group: System Environment/Daemons BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Provides: fedora-ds-admin = %{version}-%{release} -Obsoletes: fedora-ds-admin < 1.1.8-1 -Obsoletes: %{name}-selinux -Conflicts: selinux-policy-base < 3.9.8 BuildRequires: nspr-devel BuildRequires: nss-devel @@ -48,10 +44,9 @@ Requires(post): /sbin/chkconfig Requires(preun): /sbin/chkconfig Requires(preun): /sbin/service -Source0: http://port389.org/sources/%{name}-%{version}%{?prerel}.tar.bz2 +Source0: https://port389.org/sources/%{name}-%{version}%{?prerel}.tar.bz2 # 389-admin-git.sh should be used to generate the source tarball from git Source1: %{name}-git.sh -Patch1: f11-httpd.patch %description 389 Administration Server is an HTTP agent that provides management features @@ -61,10 +56,9 @@ and CGI utilities used by the console. %prep %setup -q -n %{name}-%{version}%{?prerel} -%patch1 %build -%configure --disable-rpath --with-selinux --with-openldap +%configure --disable-rpath --with-selinux --with-openldap --enable-service # Generate symbolic info for debuggers export XCFLAGS=$RPM_OPT_FLAGS @@ -100,25 +94,6 @@ rm -rf $RPM_BUILD_ROOT -- if these don't exist, the vars will be nil %{pkgname}admin_adminserv = posix.stat('%{_sysconfdir}/%{pkgname}/admin-serv') %{pkgname}admin_consoleconf = posix.stat('%{_sysconfdir}/%{pkgname}/admin-serv/console.conf') --- save the run level configuration, if any -rc = os.execute('rpm --quiet -q fedora-ds-admin') -if rc == 0 then - %{pkgname}admin_exists = true - %{pkgname}admin_savelinks = {} - for dir in posix.files("%{_sysconfdir}/rc.d") do - if string.find(dir, "rc%d.d") then --- print("looking in %{_sysconfdir}/rc.d/"..dir) - for link in posix.files("%{_sysconfdir}/rc.d/"..dir) do - if string.find(link, "[SK]%d%d%{pkgname}-admin") then - fullname = "%{_sysconfdir}/rc.d/"..dir.."/"..link - linked = posix.readlink(fullname) --- print(fullname.." is linked to "..linked) - %{pkgname}_savelinks[fullname] = linked - end - end - end - end -end %post -p -- do the usual daemon post setup stuff @@ -143,20 +118,6 @@ fi %postun /sbin/ldconfig -%posttrans -p --- if we saved the run level configuration in %pre, restore it now --- we can get rid of this code once Fedora 11 becomes obsolete -if %{pkgname}admin_savelinks then - for fullpath,link in pairs(%{pkgname}admin_savelinks) do - posix.symlink(link,fullpath) --- print("posttrans - restored run level "..fullpath.." to "..link) - end -end -if %{pkgname}admin_exists then - os.execute('/sbin/service %{pkgname}-admin start >/dev/null 2>&1') -end - - %files %defattr(-,root,root,-) %doc LICENSE @@ -171,15 +132,165 @@ end %{_mandir}/man8/* %changelog +* Fri Jul 15 2016 Noriko Hosoi - 1.1.43-1 +- Release 1.1.43 +- 389-admin uses 389-admin-git.sh which uses HTTP to download content from git (should use HTTPS) (DS 48762) +- Resolves: Bug 1334480 - running remove-ds-admin.pl multiple times will make it so you cannot install DS (DS 48429) +- Resolves: Bug 1260445 - RHDS upgrade change Ownership of certificate files upon upgrade. (DS 48409) +- Resolves: Bug 1173249 - register-ds-admin - silent file incorrectly processed (DS 47548) +- Resolves: Bug 1173244 - Configuration Tab does not work with FIPS mode enabled (DS 47493) +- Resolves: Bug 1223845 - register-ds-admin.pl script prints clear text password in the terminal (DS 48186) +- Resolves: Bug 1173249 - register-ds-admin.pl fails to set local bind DN and password (DS 47548) +- Resolves: Bug 966958 - Improve Add CRL/CKL dialog and errors (DS 47467) +- Resolves: Bug 1217015 - remove-ds-admin.pl removes files in the rpm (DS 48171) +- Resolves: Bug 979419 - "Manage certificates" crashes admin server (DS 48153) +- Resolves: Bug 1162417 - repl-monitor invoked from adminserver cgi fails (DS 48024) +- Resolves: Bug 1183152 - CVE-2015-0233 389-admin: multiple /tmp/ file vulnerabilities [directory_server_10] (DS 47995) +- Resolves: Bug 1173252 - Admin Server reconfig breaks SSL config (DS 47901) +- Ticket 47929 - Admin Server - disable SSLv3 by default +- Ticket 201 - nCipher HSM cannot be configured via the console +- Ticket 47493 - Configuration Tab does not work with FIPS mode enabled +- Ticket 47697 - Resource leak in lib/libdsa/dsalib_updown.c +- Ticket 47860 - register-ds-admin.pl problem when following steps to replicate o=netscaperoot +- Ticket 47548 - register-ds-admin does not register into remote config ds +- Ticket 47893 - Admin Server should use Sys::Hostname instead Net::Domain +- Ticket 47891 - Admin Server reconfig breaks SSL config +- Ticket 47300 - Update man page for remove-ds-admin.pl +- Ticket 47850 - "nsslapd-allow-anonymous-access: rootdse" makes login as "admin" fail at the first time +- Ticket 47497 - Admin Express - remove "Security Level" +- Ticket 47495 - admin express: wrong instance creation time +- Ticket 47665 - Create new instance results in setting wrong ACI for the "cn=config" entry +- Ticket 47478 - No groups file? error restarting Admin server +- Ticket 47300 - [RFE] remove-ds-admin.pl: redesign the behaviour +- Ticket 434 - admin-serv logs filling with "admserv_host_ip_check: ap_get_remote_host could not resolve " +- Ticket 47563 - cannot restart directory server from console +- Ticket 222 - Admin Express issues "Internal Server Error" when the Config DS is down. +- Ticket 418 - Error with register-ds-admin.pl +- fix for bug 377 - Unchecked use of SELinux command Reviewed by: rmeggins +- Ticket 47498 - Error Message for Failed to create the configuration directory server + + + +* Tue Aug 20 2013 Rich Megginson - 1.1.35-1 +- 0417dc7 add Eclipse and patch files +- f2004ea compiler warning - ldif_read_record lineno type depends on openldap version +- Ticket #47413 389-admin fails to build with latest httpd +- 2a67826 add more debugging for SSL connection problems +- Ticket #47465 problem with 389-adminutil detection in m4/adminutil.m4 in 389-admin and 389-dsgw +- Ticket #47486 compiler warnings in adminutil, admin, dsgw +- 14b1bf9 ignore files generated by Eclipse +- Ticket 47467 - Improve CRL import error messages +- Ticket 362 - Directory Console generates insufficient key strength +- Ticket 47466 - Importing CA cert with existing name crashes security CGI +- Ticket 47468 - Change security password validation error is out of order +- Ticket #47334 - Avoid quoting all settings in console.conf +- Ticket #47333 - Relabel lockfile when starting Admin Server +- Ticket #47298 - remove-ds-admin.pl does not stop the admin server +- Ticket #567 - Restart of Admin server from console fails on segfault + +* Wed Jan 16 2013 Noriko Hosoi - 1.1.31-1 +- bump version to 1.1.31 +- Ticket #476 - 389 ds do not start on F18 due to missing modules +- Ticket #293 - remove-ds-admin.pl does not remove everything +- Ticket 400 - BIND operation result not checked properly in admin server +- Ticket 401 - Console login fails with anonymous access disabled + +* Tue Mar 27 2012 Rich Megginson - 1.1.29-1 +- 4ec23c0 If htmladmin fails to connect to the server, the cgi could crash. + +* Thu Mar 22 2012 Rich Megginson - 1.1.28-1 +- Ticket #307 - htmladmin keeps segfaulting +- Ticket #286 - compilation fixes for 'format-security' + +* Fri Feb 3 2012 Rich Megginson - 1.1.27-1 +- Ticket #281 - TLS not working with latest openldap +- Ticket #161 - Review and address latest Coverity issues + +* Wed Jan 25 2012 Rich Megginson - 1.1.26-1 +- Bug 767823 - selinux: need to allow admin server to connect to ldap port + +* Fri Oct 28 2011 Rich Megginson - 1.1.25-1 +- Bug 740959 - 389-console put CA certificates into wrong database + +* Wed Sep 21 2011 Rich Megginson - 1.1.24-1 +- Bug 695741 - Providing native systemd file + +* Thu Aug 11 2011 Rich Megginson - 1.1.23-1 +- Bug 730079 - Update SELinux policy during upgrades + +* Thu Aug 11 2011 Rich Megginson - 1.1.22-1 +- Bug 724808 - startup CGIs write temp file to / +- add man pages for ds_removal and ds_unregister +- fixes for the makeUpgradeTar.sh script + +* Tue Aug 2 2011 Rich Megginson - 1.1.21-1 +- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user + +* Tue Jul 5 2011 Rich Megginson - 1.1.20-1 +- Bug 719056 - migrate-ds-admin.pl needs to update SELinux policy +- Bug 718285 - AdminServer should use "service" command instead of start/stop/restart scripts +- Bug 718079 - Perl errors when running migrate-ds-admin.pl +- Bug 713000 - Migration stops if old admin server cannot be stopped +- added tests for the security cgi +- fix typo in NSS_Shutdown warning message +- better NSS error handling - reduce memory leaks +- Bug 710372 - Not able to open the Manage Certificate from DS-console + +* Tue Jun 28 2011 Rich Megginson - 1.1.19-1 +- look for separate openldap ldif library + +* Tue Jun 21 2011 Rich Megginson - 1.1.18-1 +- skip rebranding current brand +- support for skins + +* Fri May 13 2011 Rich Megginson - 1.1.17-1 +- 1.1.17 +- support "in-place" upgrade and rebranding from Red Hat to 389 +- many fixes for coverity issues + +* Tue Mar 29 2011 Rich Megginson - 1.1.16-1 +- 389-admin-1.1.16 +- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user +- Bug 614690 - Don't use exec to call genrb +- Bug 158926 - Unable to install CA certificate when using +- hardware token ( LunaSA ) +- Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc) + +* Wed Feb 23 2011 Rich Megginson - 1.1.15-1 +- 1.1.15 release - git tag 389-admin-1.1.15 +- Bug 493424 - remove unneeded modules for admin server apache config +- Bug 618897 - Wrong permissions when creating instance from Console +- Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH +- Bug 245278 - Changing to a password with a single quote does not work +- Bug 604881 - admin server log files have incorrect permissions/ownerships +- Bug 387981 - plain files can be chosen on the Restore Directory dialog +- Bug 668950 - Add posix group support to Console +- Bug 618858 - move start-ds-admin env file into main admin server config path +- Bug 616260 - libds-admin-serv linking fails due to unresolved link-time depe +ndencies +- start-ds-admin.in -- replaced "return 1" with "exit 1" +- Bug 151705 - Need to update Console Cipher Preferences with new ciphers +- Bug 470576 - Migration could do addition checks before commiting actions + +* Wed Jan 5 2011 Rich Megginson - 1.1.14-1 +- 1.1.14 release +- Bug 664671 - Admin server segfault when full SSL access (http+ldap+console) +required +- Bug 638511 - dirsrv-admin crashes at startup with SELinux enabled + +* Mon Nov 29 2010 Rich Megginson - 1.1.13-2 +- fix Conflicts for selinux policy + * Tue Nov 23 2010 Rich Megginson - 1.1.13-1 - This is the final 1.1.13 release - git tag 389-admin-1.1.13 - Bug 656441 - Missing library path entry causes LD_PRELOAD error - setup-ds-admin.pl -u exits with ServerAdminID and as_uid related error -* Wed Nov 17 2010 Nathan Kinder - 1.1.1.12-2 +* Thu Nov 18 2010 Nathan Kinder - 1.1.12-2 - This is the final 1.1.12 release - git tag 389-admin-1.1.12 +- Corrected conflict version for selinux-policy * Fri Nov 12 2010 Nathan Kinder - 1.1.1.12-1 - This is the final 1.1.12 release @@ -197,27 +308,24 @@ end * Thu Aug 26 2010 Rich Megginson - 1.1.11-1 - This is the final 1.1.11 release -* Wed Aug 4 2010 Rich Megginson - 1.1.11-0.7.rc2 +* Wed Aug 4 2010 Rich Megginson - 1.1.11-0.6.rc2 - 1.1.11.rc2 release - git tag 389-admin-1.1.11.rc2 - Bug 594745 - Get rid of dirsrv_lib_t label -* Wed Jun 9 2010 Rich Megginson - 1.1.11-0.6.rc1 +* Wed Jun 9 2010 Rich Megginson - 1.1.11-0.5.rc1 - 1.1.11.rc1 release -* Wed May 26 2010 Rich Megginson - 1.1.11-0.5.a4 +* Wed May 26 2010 Rich Megginson - 1.1.11-0.4.a4 - 1.1.11.a4 release -* Tue Apr 7 2010 Nathan Kinder - 1.1.11-0.4.a3 +* Tue Apr 7 2010 Nathan Kinder - 1.1.11-0.3.a3 - 1.1.11.a3 release - Bug 570912 - dirsrv-admin SELinux module fails to install - Change parsing of start-slapd for instance name - Bug 574233 - Updated requirements for selinux policy - Moved selinux subpackage into base package -* Fri Apr 02 2010 Caolán McNamara - 1.1.11.a2-0.3 -- rebuild for icu 4.4 - * Fri Feb 26 2010 Rich Megginson - 1.1.11.a2-0.2 - the 1.1.11.a2 release - Bug 460162 - FedoraDS "with-FHS" installs init.d StartupScript in wrong location diff --git a/f11-httpd.patch b/f11-httpd.patch deleted file mode 100644 index 630ecb8..0000000 --- a/f11-httpd.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- admserv/cfgstuff/httpd-2.2.conf.in 1 Aug 2007 18:14:53 -0000 1.6 -+++ admserv/cfgstuff/httpd-2.2.conf.in 9 Apr 2009 16:07:53 -0000 -@@ -137,12 +137,10 @@ - LoadModule actions_module @moddir@/mod_actions.so - LoadModule alias_module @moddir@/mod_alias.so - LoadModule rewrite_module @moddir@/mod_rewrite.so - LoadModule cache_module @moddir@/mod_cache.so - LoadModule disk_cache_module @moddir@/mod_disk_cache.so --LoadModule file_cache_module @moddir@/mod_file_cache.so --LoadModule mem_cache_module @moddir@/mod_mem_cache.so - LoadModule cgi_module @moddir@/mod_cgi.so - LoadModule restartd_module @admmoddir@/mod_restartd.so - LoadModule nss_module @nssmoddir@/libmodnss.so - LoadModule admserv_module @admmoddir@/mod_admserv.so - diff --git a/sources b/sources index 6f775fd..22dccf8 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -0dd329ee4a20a86425e14e3f894e46ae 389-admin-1.1.13.tar.bz2 +322199f1776b96d5910400dd5b9dee2a 389-admin-1.1.43.tar.bz2