Compare commits
43 commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
8a9948f3e4 | ||
|
|
3c0bb74a19 | ||
|
|
37d3885cd6 | ||
|
|
330bbd7429 | ||
|
|
ab263e5d71 | ||
|
|
57fabb52ff | ||
|
|
3a334db318 | ||
|
|
a90afeeee9 | ||
|
|
2e446e705c | ||
|
|
d9d9c78113 | ||
|
|
67446e0c97 | ||
|
|
e2ad30845c | ||
|
|
bb544851e3 | ||
|
|
80a1759536 | ||
|
|
f4a9c1febb | ||
|
|
7525daf192 | ||
|
05a4a08431 | ||
|
|
95ab1da8cf | ||
|
|
9a50eb29de | ||
|
|
78005abd06 | ||
|
|
a61c388ea3 | ||
|
|
b37a20ff60 | ||
|
|
fa954e1398 | ||
|
|
28ee6cd220 | ||
|
ed00f21842 | ||
|
|
7b3679c797 | ||
|
f1fc4bd472 | ||
|
|
470859aad1 | ||
|
|
257b40a5bd | ||
|
|
7f75c09d37 | ||
|
|
fab8eb9d1c | ||
|
|
cd4b6e9d78 | ||
|
|
88af4667c6 | ||
|
353946930a | ||
|
|
7d4a4686d2 | ||
|
|
e7c15754ef | ||
|
|
2aed25ab8d | ||
|
3390e66684 | ||
|
|
9abe38c9ec | ||
|
|
518e0de228 | ||
|
|
bbbf3ad499 | ||
|
|
275c8d9d58 | ||
|
ce8a8cffe4 |
7 changed files with 164 additions and 33 deletions
19
.gitignore
vendored
19
.gitignore
vendored
|
|
@ -1,2 +1,19 @@
|
|||
*~
|
||||
/389-admin-1.1.11.tar.bz2
|
||||
389-admin-1.1.12.tar.bz2
|
||||
/389-admin-1.1.13.tar.bz2
|
||||
/389-admin-1.1.14.tar.bz2
|
||||
/389-admin-1.1.15.tar.bz2
|
||||
/389-admin-1.1.16.tar.bz2
|
||||
/389-admin-1.1.17.tar.bz2
|
||||
/389-admin-1.1.18.tar.bz2
|
||||
/389-admin-1.1.19.tar.bz2
|
||||
/389-admin-1.1.20.tar.bz2
|
||||
/389-admin-1.1.21.tar.bz2
|
||||
/389-admin-1.1.22.tar.bz2
|
||||
/389-admin-1.1.23.tar.bz2
|
||||
/389-admin-1.1.24.tar.bz2
|
||||
/389-admin-1.1.25.tar.bz2
|
||||
/389-admin-1.1.26.tar.bz2
|
||||
/389-admin-1.1.27.tar.bz2
|
||||
/389-admin-1.1.28.tar.bz2
|
||||
/389-admin-1.1.29.tar.bz2
|
||||
|
|
|
|||
|
|
@ -1,12 +1,14 @@
|
|||
#!/bin/bash
|
||||
|
||||
DATE=`date +%Y%m%d`
|
||||
VERSION=1.1.11
|
||||
VERSION=1.1.29
|
||||
PKGNAME=389-admin
|
||||
TAG=${TAG:-$PKGNAME-$VERSION}
|
||||
SRCNAME=${PKGNAME}-${VERSION}
|
||||
echo you must be in the admin server git repo to use this
|
||||
test -d .git || {echo bye ; exit 1 }
|
||||
test -d .git || {
|
||||
echo bye ; exit 1
|
||||
}
|
||||
if [ -z "$1" ] ; then
|
||||
dir=.
|
||||
else
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
DATE=`date +%Y%m%d`
|
||||
VERSION=1.1.11
|
||||
VERSION=1.1.29
|
||||
PKGNAME=389-admin
|
||||
#SRCNAME=$PKGNAME-$VERSION-$DATE
|
||||
SRCNAME=$PKGNAME-$VERSION
|
||||
|
|
|
|||
122
389-admin.spec
122
389-admin.spec
|
|
@ -1,14 +1,14 @@
|
|||
%global pkgname dirsrv
|
||||
# for a pre-release, define the prerel field - comment out for official release
|
||||
# % global prerel .rc2
|
||||
# % global prerel .a1
|
||||
# also need the relprefix 0. field for a pre-release - also comment out for official release
|
||||
# % global relprefix 0.
|
||||
|
||||
%global selinux_variants mls targeted
|
||||
%global selinux_variants strict targeted
|
||||
|
||||
Summary: 389 Administration Server (admin)
|
||||
Name: 389-admin
|
||||
Version: 1.1.11
|
||||
Version: 1.1.29
|
||||
Release: %{?relprefix}1%{?prerel}%{?dist}
|
||||
License: GPLv2 and ASL 2.0
|
||||
URL: http://port389.org/
|
||||
|
|
@ -40,7 +40,7 @@ Requires: 389-ds-base
|
|||
Requires: mod_nss
|
||||
|
||||
# this is needed for using semanage from our setup scripts
|
||||
Requires: policycoreutils-python
|
||||
Requires: policycoreutils
|
||||
|
||||
# this is needed to load and unload the policy module
|
||||
Requires(post): policycoreutils
|
||||
|
|
@ -59,7 +59,7 @@ Requires(preun): /sbin/service
|
|||
Source0: http://port389.org/sources/%{name}-%{version}%{?prerel}.tar.bz2
|
||||
# 389-admin-git.sh should be used to generate the source tarball from git
|
||||
Source1: %{name}-git.sh
|
||||
Patch1: f11-httpd.patch
|
||||
Patch1: selinux-policy.patch
|
||||
|
||||
%description
|
||||
389 Administration Server is an HTTP agent that provides management features
|
||||
|
|
@ -72,7 +72,7 @@ and CGI utilities used by the console.
|
|||
%patch1
|
||||
|
||||
%build
|
||||
%configure --disable-rpath --with-selinux
|
||||
%configure --disable-rpath --with-selinux --enable-service
|
||||
|
||||
# Generate symbolic info for debuggers
|
||||
export XCFLAGS=$RPM_OPT_FLAGS
|
||||
|
|
@ -217,30 +217,126 @@ end
|
|||
%{_mandir}/man8/*
|
||||
|
||||
%changelog
|
||||
* Tue Mar 27 2012 Rich Megginson <rmeggins@redhat.com> - 1.1.29-1
|
||||
- 4ec23c0 If htmladmin fails to connect to the server, the cgi could crash.
|
||||
|
||||
* Thu Mar 22 2012 Rich Megginson <rmeggins@redhat.com> - 1.1.28-1
|
||||
- Ticket #307 - htmladmin keeps segfaulting
|
||||
- Ticket #286 - compilation fixes for 'format-security'
|
||||
|
||||
* Fri Feb 3 2012 Rich Megginson <rmeggins@redhat.com> - 1.1.27-1
|
||||
- Ticket #281 - TLS not working with latest openldap
|
||||
- Ticket #161 - Review and address latest Coverity issues
|
||||
|
||||
* Wed Jan 25 2012 Rich Megginson <rmeggins@redhat.com> - 1.1.26-1
|
||||
- Bug 767823 - selinux: need to allow admin server to connect to ldap port
|
||||
|
||||
* Fri Oct 28 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.25-1
|
||||
- Bug 740959 - 389-console put CA certificates into wrong database
|
||||
|
||||
* Wed Sep 21 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.24-1
|
||||
- Bug 695741 - Providing native systemd file
|
||||
|
||||
* Thu Aug 11 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.23-1
|
||||
- Bug 730079 - Update SELinux policy during upgrades
|
||||
|
||||
* Thu Aug 11 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.22-1
|
||||
- Bug 724808 - startup CGIs write temp file to /
|
||||
- add man pages for ds_removal and ds_unregister
|
||||
- fixes for the makeUpgradeTar.sh script
|
||||
|
||||
* Tue Aug 2 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.21-1
|
||||
- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
|
||||
|
||||
* Tue Jul 5 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.20-1
|
||||
- Bug 719056 - migrate-ds-admin.pl needs to update SELinux policy
|
||||
- Bug 718285 - AdminServer should use "service" command instead of start/stop/restart scripts
|
||||
- Bug 718079 - Perl errors when running migrate-ds-admin.pl
|
||||
- Bug 713000 - Migration stops if old admin server cannot be stopped
|
||||
- added tests for the security cgi
|
||||
- fix typo in NSS_Shutdown warning message
|
||||
- better NSS error handling - reduce memory leaks
|
||||
- Bug 710372 - Not able to open the Manage Certificate from DS-console
|
||||
|
||||
* Tue Jun 28 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.19-1
|
||||
- look for separate openldap ldif library
|
||||
|
||||
* Tue Jun 21 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.18-1
|
||||
- skip rebranding current brand
|
||||
- support for skins
|
||||
|
||||
* Fri May 13 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.17-1
|
||||
- 1.1.17
|
||||
- support "in-place" upgrade and rebranding from Red Hat to 389
|
||||
- many fixes for coverity issues
|
||||
|
||||
* Tue Mar 29 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.16-1
|
||||
- 389-admin-1.1.16
|
||||
- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
|
||||
- Bug 614690 - Don't use exec to call genrb
|
||||
- Bug 158926 - Unable to install CA certificate when using
|
||||
- hardware token ( LunaSA )
|
||||
- Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
|
||||
|
||||
* Wed Feb 23 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.15-1
|
||||
- 1.1.15 release - git tag 389-admin-1.1.15
|
||||
- Bug 493424 - remove unneeded modules for admin server apache config
|
||||
- Bug 618897 - Wrong permissions when creating instance from Console
|
||||
- Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
|
||||
- Bug 245278 - Changing to a password with a single quote does not work
|
||||
- Bug 604881 - admin server log files have incorrect permissions/ownerships
|
||||
- Bug 387981 - plain files can be chosen on the Restore Directory dialog
|
||||
- Bug 668950 - Add posix group support to Console
|
||||
- Bug 618858 - move start-ds-admin env file into main admin server config path
|
||||
- Bug 616260 - libds-admin-serv linking fails due to unresolved link-time depe
|
||||
ndencies
|
||||
- start-ds-admin.in -- replaced "return 1" with "exit 1"
|
||||
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
|
||||
- Bug 470576 - Migration could do addition checks before commiting actions
|
||||
|
||||
* Wed Jan 5 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.14-1
|
||||
- 1.1.14 release
|
||||
- Bug 664671 - Admin server segfault when full SSL access (http+ldap+console)
|
||||
required
|
||||
- Bug 638511 - dirsrv-admin crashes at startup with SELinux enabled
|
||||
|
||||
* Tue Nov 23 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.13-1
|
||||
- This is the final 1.1.13 release
|
||||
- git tag 389-admin-1.1.13
|
||||
- Bug 656441 - Missing library path entry causes LD_PRELOAD error
|
||||
- setup-ds-admin.pl -u exits with ServerAdminID and as_uid related error
|
||||
|
||||
* Fri Nov 19 2010 Nathan Kinder <nkinder@redhat.com> - 1.1.12-1
|
||||
- This is the final 1.1.12 release
|
||||
- git tag 389-admin-1.1.12
|
||||
|
||||
* Tue Oct 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.12-0.2.a2
|
||||
- fix mozldap build breakage
|
||||
|
||||
* Tue Sep 28 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.12-0.1.a1
|
||||
- This is the 1.1.12 alpha 1 release - with openldap support
|
||||
|
||||
* Thu Aug 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-1
|
||||
- This is the final 1.1.11 release
|
||||
|
||||
* Wed Aug 4 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.7.rc2
|
||||
* Wed Aug 4 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.6.rc2
|
||||
- 1.1.11.rc2 release
|
||||
- git tag 389-admin-1.1.11.rc2
|
||||
- Bug 594745 - Get rid of dirsrv_lib_t label
|
||||
|
||||
* Wed Jun 9 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.6.rc1
|
||||
* Wed Jun 9 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.5.rc1
|
||||
- 1.1.11.rc1 release
|
||||
|
||||
* Wed May 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.5.a4
|
||||
* Wed May 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.4.a4
|
||||
- 1.1.11.a4 release
|
||||
|
||||
* Tue Apr 7 2010 Nathan Kinder <nkinder@redhat.com> - 1.1.11-0.4.a3
|
||||
* Tue Apr 7 2010 Nathan Kinder <nkinder@redhat.com> - 1.1.11-0.3.a3
|
||||
- 1.1.11.a3 release
|
||||
- Bug 570912 - dirsrv-admin SELinux module fails to install
|
||||
- Change parsing of start-slapd for instance name
|
||||
- Bug 574233 - Updated requirements for selinux policy
|
||||
- Moved selinux subpackage into base package
|
||||
|
||||
* Fri Apr 02 2010 Caolán McNamara <caolanm@redhat.com> - 1.1.11.a2-0.3
|
||||
- rebuild for icu 4.4
|
||||
|
||||
* Fri Feb 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11.a2-0.2
|
||||
- the 1.1.11.a2 release
|
||||
- Bug 460162 - FedoraDS "with-FHS" installs init.d StartupScript in wrong location
|
||||
|
|
|
|||
|
|
@ -1,15 +0,0 @@
|
|||
--- admserv/cfgstuff/httpd-2.2.conf.in 1 Aug 2007 18:14:53 -0000 1.6
|
||||
+++ admserv/cfgstuff/httpd-2.2.conf.in 9 Apr 2009 16:07:53 -0000
|
||||
@@ -137,12 +137,10 @@
|
||||
LoadModule actions_module @moddir@/mod_actions.so
|
||||
LoadModule alias_module @moddir@/mod_alias.so
|
||||
LoadModule rewrite_module @moddir@/mod_rewrite.so
|
||||
LoadModule cache_module @moddir@/mod_cache.so
|
||||
LoadModule disk_cache_module @moddir@/mod_disk_cache.so
|
||||
-LoadModule file_cache_module @moddir@/mod_file_cache.so
|
||||
-LoadModule mem_cache_module @moddir@/mod_mem_cache.so
|
||||
LoadModule cgi_module @moddir@/mod_cgi.so
|
||||
LoadModule restartd_module @admmoddir@/mod_restartd.so
|
||||
LoadModule nss_module @nssmoddir@/libmodnss.so
|
||||
LoadModule admserv_module @admmoddir@/mod_admserv.so
|
||||
|
||||
31
selinux-policy.patch
Normal file
31
selinux-policy.patch
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
--- selinux/dirsrv-admin.if 2010-01-20 10:39:35.765329723 -0800
|
||||
+++ selinux/dirsrv-admin.if 2010-01-20 11:15:09.351304364 -0800
|
||||
@@ -25,7 +25,6 @@
|
||||
|
||||
files_exec_usr_files(httpd_t)
|
||||
files_manage_generic_tmp_files(httpd_t)
|
||||
- userdom_rw_user_tmp_files(httpd_t)
|
||||
corenet_tcp_connect_generic_port(httpd_t)
|
||||
|
||||
# Strict policy
|
||||
@@ -81,7 +80,7 @@
|
||||
|
||||
# Allow dirsrv to interact with CGIs
|
||||
allow dirsrv_t httpd_dirsrvadmin_script_t:unix_stream_socket { read write };
|
||||
- allow dirsrv_t dirsrvadmin_tmp_t:file write;
|
||||
+ allow dirsrv_t httpd_dirsrvadmin_script_rw_t:file write;
|
||||
|
||||
# Allow dirsrv domain to interact with httpd
|
||||
allow dirsrv_t httpd_t:fifo_file { write read };
|
||||
--- selinux/dirsrv-admin.te 2009-10-22 14:27:21.228545844 -0700
|
||||
+++ selinux/dirsrv-admin.te 2009-10-22 14:27:36.348546152 -0700
|
||||
@@ -113,9 +113,6 @@
|
||||
# The CGI scripts must be able to manage dirsrv-admin
|
||||
dirsrvadmin_run_exec(httpd_dirsrvadmin_script_t)
|
||||
dirsrvadmin_manage_config(httpd_dirsrvadmin_script_t)
|
||||
-manage_files_pattern(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, dirsrvadmin_tmp_t)
|
||||
-manage_dirs_pattern(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, dirsrvadmin_tmp_t)
|
||||
-files_tmp_filetrans(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, { file dir })
|
||||
|
||||
# The CGI scripts must be able to manage the dirsrv
|
||||
dirsrv_domtrans(httpd_dirsrvadmin_script_t)
|
||||
2
sources
2
sources
|
|
@ -1 +1 @@
|
|||
3301554c3cd9cb26216a43c037695559 389-admin-1.1.11.tar.bz2
|
||||
4bda83e9f5644e0bd25fdf7b6ce9e5ee 389-admin-1.1.29.tar.bz2
|
||||
|
|
|
|||
Reference in a new issue