Compare commits
43 commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
8a9948f3e4 | ||
|
|
3c0bb74a19 | ||
|
|
37d3885cd6 | ||
|
|
330bbd7429 | ||
|
|
ab263e5d71 | ||
|
|
57fabb52ff | ||
|
|
3a334db318 | ||
|
|
a90afeeee9 | ||
|
|
2e446e705c | ||
|
|
d9d9c78113 | ||
|
|
67446e0c97 | ||
|
|
e2ad30845c | ||
|
|
bb544851e3 | ||
|
|
80a1759536 | ||
|
|
f4a9c1febb | ||
|
|
7525daf192 | ||
|
05a4a08431 | ||
|
|
95ab1da8cf | ||
|
|
9a50eb29de | ||
|
|
78005abd06 | ||
|
|
a61c388ea3 | ||
|
|
b37a20ff60 | ||
|
|
fa954e1398 | ||
|
|
28ee6cd220 | ||
|
ed00f21842 | ||
|
|
7b3679c797 | ||
|
f1fc4bd472 | ||
|
|
470859aad1 | ||
|
|
257b40a5bd | ||
|
|
7f75c09d37 | ||
|
|
fab8eb9d1c | ||
|
|
cd4b6e9d78 | ||
|
|
88af4667c6 | ||
|
353946930a | ||
|
|
7d4a4686d2 | ||
|
|
e7c15754ef | ||
|
|
2aed25ab8d | ||
|
3390e66684 | ||
|
|
9abe38c9ec | ||
|
|
518e0de228 | ||
|
|
bbbf3ad499 | ||
|
|
275c8d9d58 | ||
|
ce8a8cffe4 |
7 changed files with 164 additions and 33 deletions
19
.gitignore
vendored
19
.gitignore
vendored
|
|
@ -1,2 +1,19 @@
|
||||||
*~
|
*~
|
||||||
/389-admin-1.1.11.tar.bz2
|
389-admin-1.1.12.tar.bz2
|
||||||
|
/389-admin-1.1.13.tar.bz2
|
||||||
|
/389-admin-1.1.14.tar.bz2
|
||||||
|
/389-admin-1.1.15.tar.bz2
|
||||||
|
/389-admin-1.1.16.tar.bz2
|
||||||
|
/389-admin-1.1.17.tar.bz2
|
||||||
|
/389-admin-1.1.18.tar.bz2
|
||||||
|
/389-admin-1.1.19.tar.bz2
|
||||||
|
/389-admin-1.1.20.tar.bz2
|
||||||
|
/389-admin-1.1.21.tar.bz2
|
||||||
|
/389-admin-1.1.22.tar.bz2
|
||||||
|
/389-admin-1.1.23.tar.bz2
|
||||||
|
/389-admin-1.1.24.tar.bz2
|
||||||
|
/389-admin-1.1.25.tar.bz2
|
||||||
|
/389-admin-1.1.26.tar.bz2
|
||||||
|
/389-admin-1.1.27.tar.bz2
|
||||||
|
/389-admin-1.1.28.tar.bz2
|
||||||
|
/389-admin-1.1.29.tar.bz2
|
||||||
|
|
|
||||||
|
|
@ -1,12 +1,14 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
DATE=`date +%Y%m%d`
|
DATE=`date +%Y%m%d`
|
||||||
VERSION=1.1.11
|
VERSION=1.1.29
|
||||||
PKGNAME=389-admin
|
PKGNAME=389-admin
|
||||||
TAG=${TAG:-$PKGNAME-$VERSION}
|
TAG=${TAG:-$PKGNAME-$VERSION}
|
||||||
SRCNAME=${PKGNAME}-${VERSION}
|
SRCNAME=${PKGNAME}-${VERSION}
|
||||||
echo you must be in the admin server git repo to use this
|
echo you must be in the admin server git repo to use this
|
||||||
test -d .git || {echo bye ; exit 1 }
|
test -d .git || {
|
||||||
|
echo bye ; exit 1
|
||||||
|
}
|
||||||
if [ -z "$1" ] ; then
|
if [ -z "$1" ] ; then
|
||||||
dir=.
|
dir=.
|
||||||
else
|
else
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
DATE=`date +%Y%m%d`
|
DATE=`date +%Y%m%d`
|
||||||
VERSION=1.1.11
|
VERSION=1.1.29
|
||||||
PKGNAME=389-admin
|
PKGNAME=389-admin
|
||||||
#SRCNAME=$PKGNAME-$VERSION-$DATE
|
#SRCNAME=$PKGNAME-$VERSION-$DATE
|
||||||
SRCNAME=$PKGNAME-$VERSION
|
SRCNAME=$PKGNAME-$VERSION
|
||||||
|
|
|
||||||
122
389-admin.spec
122
389-admin.spec
|
|
@ -1,14 +1,14 @@
|
||||||
%global pkgname dirsrv
|
%global pkgname dirsrv
|
||||||
# for a pre-release, define the prerel field - comment out for official release
|
# for a pre-release, define the prerel field - comment out for official release
|
||||||
# % global prerel .rc2
|
# % global prerel .a1
|
||||||
# also need the relprefix 0. field for a pre-release - also comment out for official release
|
# also need the relprefix 0. field for a pre-release - also comment out for official release
|
||||||
# % global relprefix 0.
|
# % global relprefix 0.
|
||||||
|
|
||||||
%global selinux_variants mls targeted
|
%global selinux_variants strict targeted
|
||||||
|
|
||||||
Summary: 389 Administration Server (admin)
|
Summary: 389 Administration Server (admin)
|
||||||
Name: 389-admin
|
Name: 389-admin
|
||||||
Version: 1.1.11
|
Version: 1.1.29
|
||||||
Release: %{?relprefix}1%{?prerel}%{?dist}
|
Release: %{?relprefix}1%{?prerel}%{?dist}
|
||||||
License: GPLv2 and ASL 2.0
|
License: GPLv2 and ASL 2.0
|
||||||
URL: http://port389.org/
|
URL: http://port389.org/
|
||||||
|
|
@ -40,7 +40,7 @@ Requires: 389-ds-base
|
||||||
Requires: mod_nss
|
Requires: mod_nss
|
||||||
|
|
||||||
# this is needed for using semanage from our setup scripts
|
# this is needed for using semanage from our setup scripts
|
||||||
Requires: policycoreutils-python
|
Requires: policycoreutils
|
||||||
|
|
||||||
# this is needed to load and unload the policy module
|
# this is needed to load and unload the policy module
|
||||||
Requires(post): policycoreutils
|
Requires(post): policycoreutils
|
||||||
|
|
@ -59,7 +59,7 @@ Requires(preun): /sbin/service
|
||||||
Source0: http://port389.org/sources/%{name}-%{version}%{?prerel}.tar.bz2
|
Source0: http://port389.org/sources/%{name}-%{version}%{?prerel}.tar.bz2
|
||||||
# 389-admin-git.sh should be used to generate the source tarball from git
|
# 389-admin-git.sh should be used to generate the source tarball from git
|
||||||
Source1: %{name}-git.sh
|
Source1: %{name}-git.sh
|
||||||
Patch1: f11-httpd.patch
|
Patch1: selinux-policy.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
389 Administration Server is an HTTP agent that provides management features
|
389 Administration Server is an HTTP agent that provides management features
|
||||||
|
|
@ -72,7 +72,7 @@ and CGI utilities used by the console.
|
||||||
%patch1
|
%patch1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%configure --disable-rpath --with-selinux
|
%configure --disable-rpath --with-selinux --enable-service
|
||||||
|
|
||||||
# Generate symbolic info for debuggers
|
# Generate symbolic info for debuggers
|
||||||
export XCFLAGS=$RPM_OPT_FLAGS
|
export XCFLAGS=$RPM_OPT_FLAGS
|
||||||
|
|
@ -217,30 +217,126 @@ end
|
||||||
%{_mandir}/man8/*
|
%{_mandir}/man8/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Mar 27 2012 Rich Megginson <rmeggins@redhat.com> - 1.1.29-1
|
||||||
|
- 4ec23c0 If htmladmin fails to connect to the server, the cgi could crash.
|
||||||
|
|
||||||
|
* Thu Mar 22 2012 Rich Megginson <rmeggins@redhat.com> - 1.1.28-1
|
||||||
|
- Ticket #307 - htmladmin keeps segfaulting
|
||||||
|
- Ticket #286 - compilation fixes for 'format-security'
|
||||||
|
|
||||||
|
* Fri Feb 3 2012 Rich Megginson <rmeggins@redhat.com> - 1.1.27-1
|
||||||
|
- Ticket #281 - TLS not working with latest openldap
|
||||||
|
- Ticket #161 - Review and address latest Coverity issues
|
||||||
|
|
||||||
|
* Wed Jan 25 2012 Rich Megginson <rmeggins@redhat.com> - 1.1.26-1
|
||||||
|
- Bug 767823 - selinux: need to allow admin server to connect to ldap port
|
||||||
|
|
||||||
|
* Fri Oct 28 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.25-1
|
||||||
|
- Bug 740959 - 389-console put CA certificates into wrong database
|
||||||
|
|
||||||
|
* Wed Sep 21 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.24-1
|
||||||
|
- Bug 695741 - Providing native systemd file
|
||||||
|
|
||||||
|
* Thu Aug 11 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.23-1
|
||||||
|
- Bug 730079 - Update SELinux policy during upgrades
|
||||||
|
|
||||||
|
* Thu Aug 11 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.22-1
|
||||||
|
- Bug 724808 - startup CGIs write temp file to /
|
||||||
|
- add man pages for ds_removal and ds_unregister
|
||||||
|
- fixes for the makeUpgradeTar.sh script
|
||||||
|
|
||||||
|
* Tue Aug 2 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.21-1
|
||||||
|
- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
|
||||||
|
|
||||||
|
* Tue Jul 5 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.20-1
|
||||||
|
- Bug 719056 - migrate-ds-admin.pl needs to update SELinux policy
|
||||||
|
- Bug 718285 - AdminServer should use "service" command instead of start/stop/restart scripts
|
||||||
|
- Bug 718079 - Perl errors when running migrate-ds-admin.pl
|
||||||
|
- Bug 713000 - Migration stops if old admin server cannot be stopped
|
||||||
|
- added tests for the security cgi
|
||||||
|
- fix typo in NSS_Shutdown warning message
|
||||||
|
- better NSS error handling - reduce memory leaks
|
||||||
|
- Bug 710372 - Not able to open the Manage Certificate from DS-console
|
||||||
|
|
||||||
|
* Tue Jun 28 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.19-1
|
||||||
|
- look for separate openldap ldif library
|
||||||
|
|
||||||
|
* Tue Jun 21 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.18-1
|
||||||
|
- skip rebranding current brand
|
||||||
|
- support for skins
|
||||||
|
|
||||||
|
* Fri May 13 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.17-1
|
||||||
|
- 1.1.17
|
||||||
|
- support "in-place" upgrade and rebranding from Red Hat to 389
|
||||||
|
- many fixes for coverity issues
|
||||||
|
|
||||||
|
* Tue Mar 29 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.16-1
|
||||||
|
- 389-admin-1.1.16
|
||||||
|
- Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
|
||||||
|
- Bug 614690 - Don't use exec to call genrb
|
||||||
|
- Bug 158926 - Unable to install CA certificate when using
|
||||||
|
- hardware token ( LunaSA )
|
||||||
|
- Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
|
||||||
|
|
||||||
|
* Wed Feb 23 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.15-1
|
||||||
|
- 1.1.15 release - git tag 389-admin-1.1.15
|
||||||
|
- Bug 493424 - remove unneeded modules for admin server apache config
|
||||||
|
- Bug 618897 - Wrong permissions when creating instance from Console
|
||||||
|
- Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
|
||||||
|
- Bug 245278 - Changing to a password with a single quote does not work
|
||||||
|
- Bug 604881 - admin server log files have incorrect permissions/ownerships
|
||||||
|
- Bug 387981 - plain files can be chosen on the Restore Directory dialog
|
||||||
|
- Bug 668950 - Add posix group support to Console
|
||||||
|
- Bug 618858 - move start-ds-admin env file into main admin server config path
|
||||||
|
- Bug 616260 - libds-admin-serv linking fails due to unresolved link-time depe
|
||||||
|
ndencies
|
||||||
|
- start-ds-admin.in -- replaced "return 1" with "exit 1"
|
||||||
|
- Bug 151705 - Need to update Console Cipher Preferences with new ciphers
|
||||||
|
- Bug 470576 - Migration could do addition checks before commiting actions
|
||||||
|
|
||||||
|
* Wed Jan 5 2011 Rich Megginson <rmeggins@redhat.com> - 1.1.14-1
|
||||||
|
- 1.1.14 release
|
||||||
|
- Bug 664671 - Admin server segfault when full SSL access (http+ldap+console)
|
||||||
|
required
|
||||||
|
- Bug 638511 - dirsrv-admin crashes at startup with SELinux enabled
|
||||||
|
|
||||||
|
* Tue Nov 23 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.13-1
|
||||||
|
- This is the final 1.1.13 release
|
||||||
|
- git tag 389-admin-1.1.13
|
||||||
|
- Bug 656441 - Missing library path entry causes LD_PRELOAD error
|
||||||
|
- setup-ds-admin.pl -u exits with ServerAdminID and as_uid related error
|
||||||
|
|
||||||
|
* Fri Nov 19 2010 Nathan Kinder <nkinder@redhat.com> - 1.1.12-1
|
||||||
|
- This is the final 1.1.12 release
|
||||||
|
- git tag 389-admin-1.1.12
|
||||||
|
|
||||||
|
* Tue Oct 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.12-0.2.a2
|
||||||
|
- fix mozldap build breakage
|
||||||
|
|
||||||
|
* Tue Sep 28 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.12-0.1.a1
|
||||||
|
- This is the 1.1.12 alpha 1 release - with openldap support
|
||||||
|
|
||||||
* Thu Aug 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-1
|
* Thu Aug 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-1
|
||||||
- This is the final 1.1.11 release
|
- This is the final 1.1.11 release
|
||||||
|
|
||||||
* Wed Aug 4 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.7.rc2
|
* Wed Aug 4 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.6.rc2
|
||||||
- 1.1.11.rc2 release
|
- 1.1.11.rc2 release
|
||||||
- git tag 389-admin-1.1.11.rc2
|
- git tag 389-admin-1.1.11.rc2
|
||||||
- Bug 594745 - Get rid of dirsrv_lib_t label
|
- Bug 594745 - Get rid of dirsrv_lib_t label
|
||||||
|
|
||||||
* Wed Jun 9 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.6.rc1
|
* Wed Jun 9 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.5.rc1
|
||||||
- 1.1.11.rc1 release
|
- 1.1.11.rc1 release
|
||||||
|
|
||||||
* Wed May 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.5.a4
|
* Wed May 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11-0.4.a4
|
||||||
- 1.1.11.a4 release
|
- 1.1.11.a4 release
|
||||||
|
|
||||||
* Tue Apr 7 2010 Nathan Kinder <nkinder@redhat.com> - 1.1.11-0.4.a3
|
* Tue Apr 7 2010 Nathan Kinder <nkinder@redhat.com> - 1.1.11-0.3.a3
|
||||||
- 1.1.11.a3 release
|
- 1.1.11.a3 release
|
||||||
- Bug 570912 - dirsrv-admin SELinux module fails to install
|
- Bug 570912 - dirsrv-admin SELinux module fails to install
|
||||||
- Change parsing of start-slapd for instance name
|
- Change parsing of start-slapd for instance name
|
||||||
- Bug 574233 - Updated requirements for selinux policy
|
- Bug 574233 - Updated requirements for selinux policy
|
||||||
- Moved selinux subpackage into base package
|
- Moved selinux subpackage into base package
|
||||||
|
|
||||||
* Fri Apr 02 2010 Caolán McNamara <caolanm@redhat.com> - 1.1.11.a2-0.3
|
|
||||||
- rebuild for icu 4.4
|
|
||||||
|
|
||||||
* Fri Feb 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11.a2-0.2
|
* Fri Feb 26 2010 Rich Megginson <rmeggins@redhat.com> - 1.1.11.a2-0.2
|
||||||
- the 1.1.11.a2 release
|
- the 1.1.11.a2 release
|
||||||
- Bug 460162 - FedoraDS "with-FHS" installs init.d StartupScript in wrong location
|
- Bug 460162 - FedoraDS "with-FHS" installs init.d StartupScript in wrong location
|
||||||
|
|
|
||||||
|
|
@ -1,15 +0,0 @@
|
||||||
--- admserv/cfgstuff/httpd-2.2.conf.in 1 Aug 2007 18:14:53 -0000 1.6
|
|
||||||
+++ admserv/cfgstuff/httpd-2.2.conf.in 9 Apr 2009 16:07:53 -0000
|
|
||||||
@@ -137,12 +137,10 @@
|
|
||||||
LoadModule actions_module @moddir@/mod_actions.so
|
|
||||||
LoadModule alias_module @moddir@/mod_alias.so
|
|
||||||
LoadModule rewrite_module @moddir@/mod_rewrite.so
|
|
||||||
LoadModule cache_module @moddir@/mod_cache.so
|
|
||||||
LoadModule disk_cache_module @moddir@/mod_disk_cache.so
|
|
||||||
-LoadModule file_cache_module @moddir@/mod_file_cache.so
|
|
||||||
-LoadModule mem_cache_module @moddir@/mod_mem_cache.so
|
|
||||||
LoadModule cgi_module @moddir@/mod_cgi.so
|
|
||||||
LoadModule restartd_module @admmoddir@/mod_restartd.so
|
|
||||||
LoadModule nss_module @nssmoddir@/libmodnss.so
|
|
||||||
LoadModule admserv_module @admmoddir@/mod_admserv.so
|
|
||||||
|
|
||||||
31
selinux-policy.patch
Normal file
31
selinux-policy.patch
Normal file
|
|
@ -0,0 +1,31 @@
|
||||||
|
--- selinux/dirsrv-admin.if 2010-01-20 10:39:35.765329723 -0800
|
||||||
|
+++ selinux/dirsrv-admin.if 2010-01-20 11:15:09.351304364 -0800
|
||||||
|
@@ -25,7 +25,6 @@
|
||||||
|
|
||||||
|
files_exec_usr_files(httpd_t)
|
||||||
|
files_manage_generic_tmp_files(httpd_t)
|
||||||
|
- userdom_rw_user_tmp_files(httpd_t)
|
||||||
|
corenet_tcp_connect_generic_port(httpd_t)
|
||||||
|
|
||||||
|
# Strict policy
|
||||||
|
@@ -81,7 +80,7 @@
|
||||||
|
|
||||||
|
# Allow dirsrv to interact with CGIs
|
||||||
|
allow dirsrv_t httpd_dirsrvadmin_script_t:unix_stream_socket { read write };
|
||||||
|
- allow dirsrv_t dirsrvadmin_tmp_t:file write;
|
||||||
|
+ allow dirsrv_t httpd_dirsrvadmin_script_rw_t:file write;
|
||||||
|
|
||||||
|
# Allow dirsrv domain to interact with httpd
|
||||||
|
allow dirsrv_t httpd_t:fifo_file { write read };
|
||||||
|
--- selinux/dirsrv-admin.te 2009-10-22 14:27:21.228545844 -0700
|
||||||
|
+++ selinux/dirsrv-admin.te 2009-10-22 14:27:36.348546152 -0700
|
||||||
|
@@ -113,9 +113,6 @@
|
||||||
|
# The CGI scripts must be able to manage dirsrv-admin
|
||||||
|
dirsrvadmin_run_exec(httpd_dirsrvadmin_script_t)
|
||||||
|
dirsrvadmin_manage_config(httpd_dirsrvadmin_script_t)
|
||||||
|
-manage_files_pattern(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, dirsrvadmin_tmp_t)
|
||||||
|
-manage_dirs_pattern(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, dirsrvadmin_tmp_t)
|
||||||
|
-files_tmp_filetrans(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, { file dir })
|
||||||
|
|
||||||
|
# The CGI scripts must be able to manage the dirsrv
|
||||||
|
dirsrv_domtrans(httpd_dirsrvadmin_script_t)
|
||||||
2
sources
2
sources
|
|
@ -1 +1 @@
|
||||||
3301554c3cd9cb26216a43c037695559 389-admin-1.1.11.tar.bz2
|
4bda83e9f5644e0bd25fdf7b6ce9e5ee 389-admin-1.1.29.tar.bz2
|
||||||
|
|
|
||||||
Reference in a new issue