From 38c3c43418ca81bb395eda161ea2c281e328e08c Mon Sep 17 00:00:00 2001 From: Paul Howarth Date: Aug 08 2012 08:37:26 +0000 Subject: Update to 0.9.9 - New upstream release 0.9.9 - smbldap-userlist, smbldap-grouplist: specify Net::LDAP search attributes as an array ref, not a string (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681350) - smbldap-useradd: fix smbldap-passwd name - smbldap_tools.pm: $config{masterLDAP} and $config{slaveLDAP} can take a LDAP URI - smbldap_tools.pm: non-root user cannot run smbldap-passwd, smbldap-userinfo, smbldap-userlist and smbldap-grouplist with SSL-enabled LDAP server (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=647860) - Update config patch to reflect use of URIs for LDAP servers - Drop upstreamed samba net location patch --- diff --git a/smbldap-tools-0.9.6-config.patch b/smbldap-tools-0.9.6-config.patch deleted file mode 100644 index 54ae547..0000000 --- a/smbldap-tools-0.9.6-config.patch +++ /dev/null @@ -1,67 +0,0 @@ -diff -up smbldap-tools-0.9.6/smbldap.conf.orig smbldap-tools-0.9.6/smbldap.conf ---- smbldap-tools-0.9.6/smbldap.conf.orig 2011-03-07 13:11:01.360239462 +0000 -+++ smbldap-tools-0.9.6/smbldap.conf 2011-03-07 13:12:49.050071016 +0000 -@@ -33,12 +33,12 @@ - - # Put your own SID. To obtain this number do: "net getlocalsid". - # If not defined, parameter is taking from "net getlocalsid" return --SID="S-1-5-21-2252255531-4061614174-2474224977" -+#SID="S-1-5-21-2252255531-4061614174-2474224977" - - # Domain name the Samba server is in charged. - # If not defined, parameter is taking from smb.conf configuration file - # Ex: sambaDomain="IDEALX-NT" --sambaDomain="DOMSMB" -+#sambaDomain="DOMSMB" - - ############################################################################## - # -@@ -70,7 +70,6 @@ masterLDAP="ldap.example.com" - - # Master LDAP port - # If not defined, parameter is set to "389" --#masterPort="389" - masterPort="389" - - # Use TLS for LDAP -@@ -91,15 +90,15 @@ verify="require" - - # CA certificate - # see "man Net::LDAP" in start_tls section for more details --cafile="/etc/smbldap-tools/ca.pem" -+cafile="/etc/pki/tls/certs/ldapserverca.pem" - - # certificate to use to connect to the ldap server - # see "man Net::LDAP" in start_tls section for more details --clientcert="/etc/smbldap-tools/smbldap-tools.example.com.pem" -+clientcert="/etc/pki/tls/certs/ldapclient.pem" - - # key certificate to use to connect to the ldap server - # see "man Net::LDAP" in start_tls section for more details --clientkey="/etc/smbldap-tools/smbldap-tools.example.com.key" -+clientkey="/etc/pki/tls/certs/ldapclientkey.pem" - - # LDAP Suffix - # Ex: suffix=dc=IDEALX,dc=ORG -@@ -108,7 +107,7 @@ suffix="dc=example,dc=com" - # Where are stored Users - # Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG" - # Warning: if 'suffix' is not set here, you must set the full dn for usersdn --usersdn="ou=Users,${suffix}" -+usersdn="ou=People,${suffix}" - - # Where are stored Computers - # Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG" -@@ -118,10 +117,10 @@ computersdn="ou=Computers,${suffix}" - # Where are stored Groups - # Ex: groupsdn="ou=Groups,dc=IDEALX,dc=ORG" - # Warning: if 'suffix' is not set here, you must set the full dn for groupsdn --groupsdn="ou=Groups,${suffix}" -+groupsdn="ou=Group,${suffix}" - - # Where are stored Idmap entries (used if samba is a domain member server) --# Ex: groupsdn="ou=Idmap,dc=IDEALX,dc=ORG" -+# Ex: idmapdn="ou=Idmap,dc=IDEALX,dc=ORG" - # Warning: if 'suffix' is not set here, you must set the full dn for idmapdn - idmapdn="ou=Idmap,${suffix}" - diff --git a/smbldap-tools-0.9.8-samba-net-path.patch b/smbldap-tools-0.9.8-samba-net-path.patch deleted file mode 100644 index 1e37e3f..0000000 --- a/smbldap-tools-0.9.8-samba-net-path.patch +++ /dev/null @@ -1,13 +0,0 @@ -Samba's "net" command is /usr/bin/net on all Fedora/RHEL releases. - ---- smbldap_tools.pl -+++ smbldap_tools.pl -@@ -243,7 +243,7 @@ - my %smbconf = read_smbconf(); - - sub getLocalSID { -- open my $fh, "-|" or exec("$samba_bindir/netx", "getlocalsid") || exit(1); -+ open my $fh, "-|" or exec("$samba_bindir/net", "getlocalsid") || exit(1); - - my $line = <$fh>; - if (!defined($line)) { diff --git a/smbldap-tools-0.9.9-config.patch b/smbldap-tools-0.9.9-config.patch new file mode 100644 index 0000000..595c3df --- /dev/null +++ b/smbldap-tools-0.9.9-config.patch @@ -0,0 +1,54 @@ +--- smbldap.conf ++++ smbldap.conf +@@ -33,12 +33,12 @@ + + # Put your own SID. To obtain this number do: "net getlocalsid". + # If not defined, parameter is taking from "net getlocalsid" return +-SID="S-1-5-21-2252255531-4061614174-2474224977" ++#SID="S-1-5-21-2252255531-4061614174-2474224977" + + # Domain name the Samba server is in charged. + # If not defined, parameter is taking from smb.conf configuration file + # Ex: sambaDomain="IDEALX-NT" +-sambaDomain="DOMSMB" ++#sambaDomain="DOMSMB" + + ############################################################################## + # +@@ -76,15 +76,15 @@ verify="require" + + # CA certificate + # see "man Net::LDAP" in start_tls section for more details +-cafile="/etc/smbldap-tools/ca.pem" ++cafile="/etc/pki/tls/certs/ldapserverca.pem" + + # certificate to use to connect to the ldap server + # see "man Net::LDAP" in start_tls section for more details +-clientcert="/etc/smbldap-tools/smbldap-tools.example.com.pem" ++clientcert="/etc/pki/tls/certs/ldapclient.pem" + + # key certificate to use to connect to the ldap server + # see "man Net::LDAP" in start_tls section for more details +-clientkey="/etc/smbldap-tools/smbldap-tools.example.com.key" ++clientkey="/etc/pki/tls/certs/ldapclientkey.pem" + + # LDAP Suffix + # Ex: suffix=dc=IDEALX,dc=ORG +@@ -93,7 +93,7 @@ suffix="dc=example,dc=com" + # Where are stored Users + # Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG" + # Warning: if 'suffix' is not set here, you must set the full dn for usersdn +-usersdn="ou=Users,${suffix}" ++usersdn="ou=People,${suffix}" + + # Where are stored Computers + # Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG" +@@ -103,7 +103,7 @@ computersdn="ou=Computers,${suffix}" + # Where are stored Groups + # Ex: groupsdn="ou=Groups,dc=IDEALX,dc=ORG" + # Warning: if 'suffix' is not set here, you must set the full dn for groupsdn +-groupsdn="ou=Groups,${suffix}" ++groupsdn="ou=Group,${suffix}" + + # Where are stored Idmap entries (used if samba is a domain member server) + # Ex: idmapdn="ou=Idmap,dc=IDEALX,dc=ORG" diff --git a/smbldap-tools.spec b/smbldap-tools.spec index 418b727..8c9a6a4 100644 --- a/smbldap-tools.spec +++ b/smbldap-tools.spec @@ -1,13 +1,12 @@ Summary: User and group administration tools for Samba/OpenLDAP Name: smbldap-tools -Version: 0.9.8 -Release: 3%{?dist} +Version: 0.9.9 +Release: 1%{?dist} License: GPLv2+ Group: System Environment/Base URL: http://gna.org/projects/smbldap-tools/ Source0: http://download.gna.org/smbldap-tools/sources/%{version}/smbldap-tools-%{version}.tar.gz -Patch10: smbldap-tools-0.9.6-config.patch -Patch11: smbldap-tools-0.9.8-samba-net-path.patch +Patch10: smbldap-tools-0.9.9-config.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu) BuildRequires: openssl @@ -25,8 +24,7 @@ groups and passwords. %setup -q # Fedora integration -%patch10 -p1 -%patch11 +%patch10 # Figure out where ssl stuff goes %define use_pki %(if [ -f /etc/pki/tls/certs/ca-bundle.crt ]; then echo 1; else echo 0; fi) @@ -98,6 +96,20 @@ rm -rf %{buildroot} %{_mandir}/man8/smbldap-usershow.8* %changelog +* Wed Aug 8 2012 Paul Howarth - 0.9.9-1 +- Update to 0.9.9 + - smbldap-userlist, smbldap-grouplist: specify Net::LDAP search attributes + as an array ref, not a string + (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681350) + - smbldap-useradd: fix smbldap-passwd name + - smbldap_tools.pm: $config{masterLDAP} and $config{slaveLDAP} can take a + LDAP URI + - smbldap_tools.pm: non-root user cannot run smbldap-passwd, + smbldap-userinfo, smbldap-userlist and smbldap-grouplist with SSL-enabled + LDAP server (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=647860) +- Update config patch to reflect use of URIs for LDAP servers +- Drop upstreamed samba net location patch + * Sat Jul 21 2012 Fedora Release Engineering - 0.9.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild diff --git a/sources b/sources index 1eb9348..4b8b854 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -5b110aeeaa8afafa40d61ceed4d4f6a7 smbldap-tools-0.9.8.tar.gz +5084011003239a60ebe209c5fb570397 smbldap-tools-0.9.9.tar.gz