diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..fb37de3 --- /dev/null +++ b/.gitignore @@ -0,0 +1,19 @@ +*~ +389-admin-1.1.12.tar.bz2 +/389-admin-1.1.13.tar.bz2 +/389-admin-1.1.14.tar.bz2 +/389-admin-1.1.15.tar.bz2 +/389-admin-1.1.16.tar.bz2 +/389-admin-1.1.17.tar.bz2 +/389-admin-1.1.18.tar.bz2 +/389-admin-1.1.19.tar.bz2 +/389-admin-1.1.20.tar.bz2 +/389-admin-1.1.21.tar.bz2 +/389-admin-1.1.22.tar.bz2 +/389-admin-1.1.23.tar.bz2 +/389-admin-1.1.24.tar.bz2 +/389-admin-1.1.25.tar.bz2 +/389-admin-1.1.26.tar.bz2 +/389-admin-1.1.27.tar.bz2 +/389-admin-1.1.28.tar.bz2 +/389-admin-1.1.29.tar.bz2 diff --git a/389-admin-git-local.sh b/389-admin-git-local.sh new file mode 100755 index 0000000..b474d73 --- /dev/null +++ b/389-admin-git-local.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +DATE=`date +%Y%m%d` +VERSION=1.1.29 +PKGNAME=389-admin +TAG=${TAG:-$PKGNAME-$VERSION} +SRCNAME=${PKGNAME}-${VERSION} +echo you must be in the admin server git repo to use this +test -d .git || { +echo bye ; exit 1 +} +if [ -z "$1" ] ; then + dir=. +else + dir="$1" +fi +git archive --prefix=$SRCNAME/ $TAG | bzip2 > $dir/$SRCNAME.tar.bz2 diff --git a/389-admin-git.sh b/389-admin-git.sh new file mode 100755 index 0000000..4b53603 --- /dev/null +++ b/389-admin-git.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +DATE=`date +%Y%m%d` +VERSION=1.1.29 +PKGNAME=389-admin +#SRCNAME=$PKGNAME-$VERSION-$DATE +SRCNAME=$PKGNAME-$VERSION +TAG=${PKGNAME}-${VERSION} +URL="http://git.fedorahosted.org/git/?p=389/admin.git;a=snapshot;h=$TAG;sf=tgz" + +wget -O $SRCNAME.tar.gz "$URL" + +echo convert tgz format to tar.bz2 format + +gunzip $PKGNAME-$VERSION.tar.gz +bzip2 $PKGNAME-$VERSION.tar diff --git a/389-admin.spec b/389-admin.spec new file mode 100644 index 0000000..944214b --- /dev/null +++ b/389-admin.spec @@ -0,0 +1,529 @@ +%global pkgname dirsrv +# for a pre-release, define the prerel field - comment out for official release +# % global prerel .a1 +# also need the relprefix 0. field for a pre-release - also comment out for official release +# % global relprefix 0. + +%global selinux_variants strict targeted + +Summary: 389 Administration Server (admin) +Name: 389-admin +Version: 1.1.29 +Release: %{?relprefix}1%{?prerel}%{?dist} +License: GPLv2 and ASL 2.0 +URL: http://port389.org/ +Group: System Environment/Daemons +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Provides: fedora-ds-admin = %{version}-%{release} +Obsoletes: fedora-ds-admin < 1.1.8-1 +Obsoletes: %{name}-selinux + +BuildRequires: nspr-devel +BuildRequires: nss-devel +BuildRequires: svrcore-devel +BuildRequires: mozldap-devel +BuildRequires: cyrus-sasl-devel +BuildRequires: icu +BuildRequires: libicu-devel +BuildRequires: httpd-devel +BuildRequires: apr-devel +BuildRequires: mod_nss +BuildRequires: 389-adminutil-devel + +# The following are needed to build the SELinux policy +BuildRequires: checkpolicy +BuildRequires: selinux-policy-devel +BuildRequires: /usr/share/selinux/devel/Makefile +BuildRequires: 389-ds-base-selinux-devel + +Requires: 389-ds-base +Requires: mod_nss + +# this is needed for using semanage from our setup scripts +Requires: policycoreutils + +# this is needed to load and unload the policy module +Requires(post): policycoreutils +Requires(preun): policycoreutils +Requires(postun): policycoreutils + +# the following are needed for some of our scripts +Requires: perl-Mozilla-LDAP +Requires: nss-tools + +# for the init script +Requires(post): /sbin/chkconfig +Requires(preun): /sbin/chkconfig +Requires(preun): /sbin/service + +Source0: http://port389.org/sources/%{name}-%{version}%{?prerel}.tar.bz2 +# 389-admin-git.sh should be used to generate the source tarball from git +Source1: %{name}-git.sh +Patch1: selinux-policy.patch + +%description +389 Administration Server is an HTTP agent that provides management features +for 389 Directory Server. It provides some management web apps that can +be used through a web browser. It provides the authentication, access control, +and CGI utilities used by the console. + +%prep +%setup -q -n %{name}-%{version}%{?prerel} +%patch1 + +%build +%configure --disable-rpath --with-selinux --enable-service + +# Generate symbolic info for debuggers +export XCFLAGS=$RPM_OPT_FLAGS + +%ifarch x86_64 ppc64 ia64 s390x sparc64 +export USE_64=1 +%endif + +make %{?_smp_mflags} + +# Build the SELinux policy module for each variant +cd selinux-built +cp %{_datadir}/%{pkgname}-selinux/%{pkgname}.if . +cp %{_datadir}/%{pkgname}-selinux/%{pkgname}.te . +for selinuxvariant in %{selinux_variants} +do + make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile + mv %{pkgname}-admin.pp %{pkgname}-admin.pp.${selinuxvariant} + make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile clean +done +cd - + +%install +rm -rf $RPM_BUILD_ROOT + +make DESTDIR="$RPM_BUILD_ROOT" install + +# make console jars directory +mkdir -p $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java + +#remove libtool and static libs +rm -f $RPM_BUILD_ROOT%{_libdir}/*.a +rm -f $RPM_BUILD_ROOT%{_libdir}/*.so +rm -f $RPM_BUILD_ROOT%{_libdir}/*.la +rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/modules/*.a +rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/modules/*.la + +# Install the SELinux policy +cd selinux-built +for selinuxvariant in %{selinux_variants} +do + install -d %{buildroot}%{_datadir}/selinux/${selinuxvariant} + install -p -m 644 %{pkgname}-admin.pp.${selinuxvariant} \ + %{buildroot}%{_datadir}/selinux/${selinuxvariant}/%{pkgname}-admin.pp +done +cd - + +%clean +rm -rf $RPM_BUILD_ROOT + +%pre -p +-- save ownership/permissions on the dirs/files that rpm changes +-- if these don't exist, the vars will be nil +%{pkgname}admin_adminserv = posix.stat('%{_sysconfdir}/%{pkgname}/admin-serv') +%{pkgname}admin_consoleconf = posix.stat('%{_sysconfdir}/%{pkgname}/admin-serv/console.conf') +-- save the run level configuration, if any +rc = os.execute('rpm --quiet -q fedora-ds-admin') +if rc == 0 then + %{pkgname}admin_exists = true + %{pkgname}admin_savelinks = {} + for dir in posix.files("%{_sysconfdir}/rc.d") do + if string.find(dir, "rc%d.d") then +-- print("looking in %{_sysconfdir}/rc.d/"..dir) + for link in posix.files("%{_sysconfdir}/rc.d/"..dir) do + if string.find(link, "[SK]%d%d%{pkgname}-admin") then + fullname = "%{_sysconfdir}/rc.d/"..dir.."/"..link + linked = posix.readlink(fullname) +-- print(fullname.." is linked to "..linked) + %{pkgname}_savelinks[fullname] = linked + end + end + end + end +end + +%post -p +-- do the usual daemon post setup stuff +os.execute('/sbin/chkconfig --add %{pkgname}-admin') +os.execute('/sbin/ldconfig') +-- restore permissions if upgrading +if %{pkgname}admin_adminserv then + posix.chmod('%{_sysconfdir}/%{pkgname}/admin-serv', %{pkgname}admin_adminserv.mode) + posix.chown('%{_sysconfdir}/%{pkgname}/admin-serv', %{pkgname}admin_adminserv.uid, %{pkgname}admin_adminserv.gid) +end +if %{pkgname}admin_consoleconf then + posix.chmod('%{_sysconfdir}/%{pkgname}/admin-serv/console.conf', %{pkgname}admin_consoleconf.mode) + posix.chown('%{_sysconfdir}/%{pkgname}/admin-serv/console.conf', %{pkgname}admin_consoleconf.uid, %{pkgname}admin_consoleconf.gid) +end +-- load the selinux policy module +variants = "%{selinux_variants}" +for selinuxvariant in string.gfind(variants, "%a+") do + os.execute('semodule -s '..selinuxvariant..' -i %{_datadir}/selinux/'..selinuxvariant..'/%{pkgname}-admin.pp > /dev/null 2>&1') +end +-- label the files installed by this package +os.execute('fixfiles -R %{name} restore > /dev/null 2>&1') + +%preun +if [ $1 = 0 ]; then + /sbin/service %{pkgname}-admin stop >/dev/null 2>&1 || : + /sbin/chkconfig --del %{pkgname}-admin + for selinuxvariant in %{selinux_variants} + do + semodule -s ${selinuxvariant} -r %{pkgname}-admin 2>/dev/null || : + done +fi + +%postun +/sbin/ldconfig +if [ "$1" -ge "1" ]; then # Upgrade +for selinuxvariant in %{selinux_variants} +do + semodule -s ${selinuxvariant} -i %{_datadir}/selinux/${selinuxvariant}/%{pkgname}-admin.pp 2>/dev/null || : +done +fi + +%posttrans -p +-- if we saved the run level configuration in %pre, restore it now +-- we can get rid of this code once Fedora 11 becomes obsolete +if %{pkgname}admin_savelinks then + for fullpath,link in pairs(%{pkgname}admin_savelinks) do + posix.symlink(link,fullpath) +-- print("posttrans - restored run level "..fullpath.." to "..link) + end +end +if %{pkgname}admin_exists then + os.execute('/sbin/service %{pkgname}-admin start >/dev/null 2>&1') +end + + +%files +%defattr(-,root,root,-) +%doc LICENSE +%dir %{_sysconfdir}/%{pkgname}/admin-serv +%config(noreplace)%{_sysconfdir}/%{pkgname}/admin-serv/*.conf +%{_datadir}/%{pkgname} +%{_datadir}/selinux/*/%{pkgname}-admin.pp +%{_sysconfdir}/rc.d/init.d/%{pkgname}-admin +%config(noreplace)%{_sysconfdir}/sysconfig/%{pkgname}-admin +%{_sbindir}/* +%{_libdir}/*.so.* +%{_libdir}/%{pkgname} +%{_mandir}/man8/* + +%changelog +* Tue Mar 27 2012 Rich Megginson - 1.1.29-1 +- 4ec23c0 If htmladmin fails to connect to the server, the cgi could crash. + +* Thu Mar 22 2012 Rich Megginson - 1.1.28-1 +- Ticket #307 - htmladmin keeps segfaulting +- Ticket #286 - compilation fixes for 'format-security' + +* Fri Feb 3 2012 Rich Megginson - 1.1.27-1 +- Ticket #281 - TLS not working with latest openldap +- Ticket #161 - Review and address latest Coverity issues + +* Wed Jan 25 2012 Rich Megginson - 1.1.26-1 +- Bug 767823 - selinux: need to allow admin server to connect to ldap port + +* Fri Oct 28 2011 Rich Megginson - 1.1.25-1 +- Bug 740959 - 389-console put CA certificates into wrong database + +* Wed Sep 21 2011 Rich Megginson - 1.1.24-1 +- Bug 695741 - Providing native systemd file + +* Thu Aug 11 2011 Rich Megginson - 1.1.23-1 +- Bug 730079 - Update SELinux policy during upgrades + +* Thu Aug 11 2011 Rich Megginson - 1.1.22-1 +- Bug 724808 - startup CGIs write temp file to / +- add man pages for ds_removal and ds_unregister +- fixes for the makeUpgradeTar.sh script + +* Tue Aug 2 2011 Rich Megginson - 1.1.21-1 +- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user + +* Tue Jul 5 2011 Rich Megginson - 1.1.20-1 +- Bug 719056 - migrate-ds-admin.pl needs to update SELinux policy +- Bug 718285 - AdminServer should use "service" command instead of start/stop/restart scripts +- Bug 718079 - Perl errors when running migrate-ds-admin.pl +- Bug 713000 - Migration stops if old admin server cannot be stopped +- added tests for the security cgi +- fix typo in NSS_Shutdown warning message +- better NSS error handling - reduce memory leaks +- Bug 710372 - Not able to open the Manage Certificate from DS-console + +* Tue Jun 28 2011 Rich Megginson - 1.1.19-1 +- look for separate openldap ldif library + +* Tue Jun 21 2011 Rich Megginson - 1.1.18-1 +- skip rebranding current brand +- support for skins + +* Fri May 13 2011 Rich Megginson - 1.1.17-1 +- 1.1.17 +- support "in-place" upgrade and rebranding from Red Hat to 389 +- many fixes for coverity issues + +* Tue Mar 29 2011 Rich Megginson - 1.1.16-1 +- 389-admin-1.1.16 +- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user +- Bug 614690 - Don't use exec to call genrb +- Bug 158926 - Unable to install CA certificate when using +- hardware token ( LunaSA ) +- Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc) + +* Wed Feb 23 2011 Rich Megginson - 1.1.15-1 +- 1.1.15 release - git tag 389-admin-1.1.15 +- Bug 493424 - remove unneeded modules for admin server apache config +- Bug 618897 - Wrong permissions when creating instance from Console +- Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH +- Bug 245278 - Changing to a password with a single quote does not work +- Bug 604881 - admin server log files have incorrect permissions/ownerships +- Bug 387981 - plain files can be chosen on the Restore Directory dialog +- Bug 668950 - Add posix group support to Console +- Bug 618858 - move start-ds-admin env file into main admin server config path +- Bug 616260 - libds-admin-serv linking fails due to unresolved link-time depe +ndencies +- start-ds-admin.in -- replaced "return 1" with "exit 1" +- Bug 151705 - Need to update Console Cipher Preferences with new ciphers +- Bug 470576 - Migration could do addition checks before commiting actions + +* Wed Jan 5 2011 Rich Megginson - 1.1.14-1 +- 1.1.14 release +- Bug 664671 - Admin server segfault when full SSL access (http+ldap+console) +required +- Bug 638511 - dirsrv-admin crashes at startup with SELinux enabled + +* Tue Nov 23 2010 Rich Megginson - 1.1.13-1 +- This is the final 1.1.13 release +- git tag 389-admin-1.1.13 +- Bug 656441 - Missing library path entry causes LD_PRELOAD error +- setup-ds-admin.pl -u exits with ServerAdminID and as_uid related error + +* Fri Nov 19 2010 Nathan Kinder - 1.1.12-1 +- This is the final 1.1.12 release +- git tag 389-admin-1.1.12 + +* Tue Oct 26 2010 Rich Megginson - 1.1.12-0.2.a2 +- fix mozldap build breakage + +* Tue Sep 28 2010 Rich Megginson - 1.1.12-0.1.a1 +- This is the 1.1.12 alpha 1 release - with openldap support + +* Thu Aug 26 2010 Rich Megginson - 1.1.11-1 +- This is the final 1.1.11 release + +* Wed Aug 4 2010 Rich Megginson - 1.1.11-0.6.rc2 +- 1.1.11.rc2 release +- git tag 389-admin-1.1.11.rc2 +- Bug 594745 - Get rid of dirsrv_lib_t label + +* Wed Jun 9 2010 Rich Megginson - 1.1.11-0.5.rc1 +- 1.1.11.rc1 release + +* Wed May 26 2010 Rich Megginson - 1.1.11-0.4.a4 +- 1.1.11.a4 release + +* Tue Apr 7 2010 Nathan Kinder - 1.1.11-0.3.a3 +- 1.1.11.a3 release +- Bug 570912 - dirsrv-admin SELinux module fails to install +- Change parsing of start-slapd for instance name +- Bug 574233 - Updated requirements for selinux policy +- Moved selinux subpackage into base package + +* Fri Feb 26 2010 Rich Megginson - 1.1.11.a2-0.2 +- the 1.1.11.a2 release +- Bug 460162 - FedoraDS "with-FHS" installs init.d StartupScript in wrong location +- Bug 460209 - Correct configure help message +- Bug 560827 - Admin Server: DistinguishName validation fails +- Make check for threaded httpd work with Apache 2.0 + +* Thu Jan 21 2010 Nathan Kinder - 1.1.11.a1-0.1 +- the 1.1.11.a1 release +- added SELinux subpackage + +* Wed Jan 20 2010 Rich Megginson - 1.1.10-1 +- the 1.1.10 release +- allow server to run unconfined if not built with selinux support + +* Thu Jan 14 2010 Rich Megginson - 1.1.10.a3-0.3 +- the 1.1.10.a3 release +- make sure we can find ICU genrb on all platforms + +* Fri Dec 18 2009 Rich Megginson - 1.1.10.a2-0.2 +- the 1.1.10.a2 release +- fix problem with genrb path on F-12 and later + +* Thu Oct 8 2009 Rich Megginson - 1.1.10.a1-1 +- the 1.1.10.a1 release + +* Mon Sep 14 2009 Rich Megginson - 1.1.9-1 +- the 1.1.9 release + +* Tue Aug 25 2009 Rich Megginson - 1.1.8-6 +- rewrite perm/owner preservation code to use lua + +* Wed Aug 12 2009 Rich Megginson - 1.1.8-5 +- final rebuild for 1.1.8 release + +* Fri Jul 24 2009 Fedora Release Engineering - 1.1.8-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Tue Jul 21 2009 Rich Megginson - 1.1.8-3 +- bump rev for final rebuild + +* Tue Jul 21 2009 Rich Megginson - 1.1.8-2 +- change adminutil to 389-adminutil + +* Thu Jun 18 2009 Rich Megginson - 1.1.8-1 +- bump version to 1.1.8 +- change license to GPLv2 + ASL 2.0 +- changed files that were incorrectly licensed as GPLv2+ to plain GPLv2 + +* Wed May 13 2009 Rich Megginson - 1.1.7-5 +- rename to 389 + +* Thu Apr 9 2009 Rich Megginson - 1.1.7-4 +- Resolves: bug 493424 +- Description: dirsrv-admin initscript looks for nonexistent library +- Added patch to remove those modules from the httpd.conf + +* Wed Apr 8 2009 Rich Megginson - 1.1.7-3 +- Resolves: bug 494980 +- Description: setup-ds-admin.pl -u and silent setup complain about ServerIpAddress +- CVS tag FedoraDirSrvAdmin_1_1_7_RC3 FedoraDirSrvAdmin_1_1_7_RC3_20090408 + +* Fri Apr 3 2009 Rich Megginson - 1.1.7-2 +- Resolves: bug 493989 +- Description: Admin Server: valgrind invalid read in security.c when installing CRL + +* Tue Mar 31 2009 Rich Megginson - 1.1.7-1 +- this is the 1.1.7 release +- added man pages for setup, migration, remove commands +- better error handling for command line utilities +- fixed remove from console +- added remove-ds-admin.pl +- added pre and post sections in order to preserve the permissions and ownerships +- CVS tag FedoraDirSrvAdmin_1_1_7_RC1 FedoraDirSrvAdmin_1_1_7_RC1_20090331 + +* Tue Feb 24 2009 Fedora Release Engineering - 1.1.6-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Mon Sep 15 2008 Rich Megginson - 1.1.6-2 +- patch for bug 451702 not required anymore - in upstream now + +* Wed Jul 2 2008 Rich Megginson - 1.1.6-1 +- add patch for bug 451702 +- The 1.1.6 release + +* Fri Jun 6 2008 Rich Megginson - 1.1.5-1 +- Resolves: Bug 448366 +- genrb no longer supports -p option + +* Tue Apr 15 2008 Rich Megginson - 1.1.4-1 +- Resolves: Bug 437301 +- Directory Server: shell command injection in CGI replication monitor +- Fix: rewrite the perl script to ignore all input parameters - replmon.conf +- file will have to be hard coded to be in the admin-serv directory +- Resolves: Bug 437320 +- Directory Server: unrestricted access to CGI scripts +- Fix: remove script alias for /bin/admin/admin/bin/ + +* Wed Jan 9 2008 Rich Megginson - 1.1.2-1 +- Fix issues associated with Fedora pkg review bug 249548 + +* Tue Dec 11 2007 Rich Megginson - 1.1.1-1 +- this is the final GA candidate + +* Tue Nov 6 2007 Rich Megginson - 1.1.0-1.16 +- fix several beta blocker issues + +* Mon Oct 15 2007 Rich Megginson - 1.1.0-1.15 +- fix bogus dist macro +- change mozldap6 to mozldap + +* Thu Oct 11 2007 Rich Megginson - 1.1.0-1.14 +- make admin server work with SELinux enabled +- fix wording errors in setup + +* Mon Oct 8 2007 Rich Megginson - 1.1.0-1.13 +- added /etc/sysconfig/dirsrv-admin the file that allows you to set +- the environment used to start up the admin server (e.g. keytab, ulimit, etc.) +- the initscript and admin start script use this file now +- This version also has a fix to print the correct error message if the admin +- server cannot be contacted during setup or migration. + +* Thu Sep 27 2007 Rich Megginson - 1.1.0-1.12 +- fix a couple of migration issues, including the rpath $libdir problem +- allow ds_remove from console to remove instances + +* Wed Sep 19 2007 Rich Megginson - 1.1.0-1.11 +- one line fix to fix of 295001 - console.conf clobbered + +* Tue Sep 18 2007 Rich Megginson - 1.1.0-1.10 +- fixed migration issue bugzilla 295001 - console.conf clobbered + +* Fri Sep 14 2007 Rich Megginson - 1.1.0-1.9 +- fix several more migration problems + +* Fri Sep 14 2007 Rich Megginson - 1.1.0-1.8 +- fix migration - servers are started as they are migrated now + +* Tue Aug 21 2007 Rich Megginson - 1.1.0-1.7 +- Fix the with-fhs-opt configure flag + +* Fri Aug 17 2007 Rich Megginson - 1.1.0-1.6 +- remove curses +- make mod_admserv link against sasl +- add the usual .m4 files to mod_admserv instead of having all of +- the component logic in configure.in + +* Thu Aug 16 2007 Rich Megginson - 1.1.0-1.5 +- incorporate Noriko's migration fix + +* Wed Aug 15 2007 Rich Megginson - 1.1.0-1.4 +- address several migration issues + +* Mon Aug 13 2007 Rich Megginson - 1.1.0-1.3 +- there is no devel package, so remove unused .so files + +* Mon Aug 13 2007 Rich Megginson - 1.1.0-1.2 +- forgot to tag the modules + +* Fri Aug 10 2007 Rich Megginson - 1.1.0-1.1 +- get rid of cvsdate +- use pkgname of dirsrv for filesystem path naming +- get rid of devel package +- simplify files section + +* Fri Aug 10 2007 Noriko Hosoi - 1.1.0-0.3.20070810 +- updated to latest sources +- upgraded the mozldap6 version to 6.0.4 + +* Wed Aug 8 2007 Noriko Hosoi - 1.1.0-0.2.20070808 +- updated to latest sources -- bug fixes in the setup scripts + +* Mon Aug 6 2007 Rich Megginson - 1.1.0-0.1.20070806 +- updated to latest sources + +* Thu Aug 2 2007 Rich Megginson - 1.1.0-0.4.20070802 +- There are no files in bindir anymore + +* Thu Aug 2 2007 Rich Megginson - 1.1.0-0.3.20070802 +- forgot to prepend build root to java dir creation + +* Thu Aug 2 2007 Rich Megginson - 1.1.0-0.2.20070802 +- forgot to add mod_admserv and mod_restartd to source + +* Thu Aug 2 2007 Rich Megginson - 1.1.0-0.1.20070802 +- updated to latest sources - fix build breakage +- add console jars dir under html + +* Mon Jul 23 2007 Rich Megginson - 1.1.0-0.1.20070725 +- Initial version based on fedora-ds-base.spec diff --git a/dead.package b/dead.package deleted file mode 100644 index a593431..0000000 --- a/dead.package +++ /dev/null @@ -1 +0,0 @@ -Retiring 389-admin as its been replaced by Cockpit UI plugin diff --git a/selinux-policy.patch b/selinux-policy.patch new file mode 100644 index 0000000..0203012 --- /dev/null +++ b/selinux-policy.patch @@ -0,0 +1,31 @@ +--- selinux/dirsrv-admin.if 2010-01-20 10:39:35.765329723 -0800 ++++ selinux/dirsrv-admin.if 2010-01-20 11:15:09.351304364 -0800 +@@ -25,7 +25,6 @@ + + files_exec_usr_files(httpd_t) + files_manage_generic_tmp_files(httpd_t) +- userdom_rw_user_tmp_files(httpd_t) + corenet_tcp_connect_generic_port(httpd_t) + + # Strict policy +@@ -81,7 +80,7 @@ + + # Allow dirsrv to interact with CGIs + allow dirsrv_t httpd_dirsrvadmin_script_t:unix_stream_socket { read write }; +- allow dirsrv_t dirsrvadmin_tmp_t:file write; ++ allow dirsrv_t httpd_dirsrvadmin_script_rw_t:file write; + + # Allow dirsrv domain to interact with httpd + allow dirsrv_t httpd_t:fifo_file { write read }; +--- selinux/dirsrv-admin.te 2009-10-22 14:27:21.228545844 -0700 ++++ selinux/dirsrv-admin.te 2009-10-22 14:27:36.348546152 -0700 +@@ -113,9 +113,6 @@ + # The CGI scripts must be able to manage dirsrv-admin + dirsrvadmin_run_exec(httpd_dirsrvadmin_script_t) + dirsrvadmin_manage_config(httpd_dirsrvadmin_script_t) +-manage_files_pattern(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, dirsrvadmin_tmp_t) +-manage_dirs_pattern(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, dirsrvadmin_tmp_t) +-files_tmp_filetrans(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, { file dir }) + + # The CGI scripts must be able to manage the dirsrv + dirsrv_domtrans(httpd_dirsrvadmin_script_t) diff --git a/sources b/sources new file mode 100644 index 0000000..f2ab5b7 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +4bda83e9f5644e0bd25fdf7b6ce9e5ee 389-admin-1.1.29.tar.bz2