diff --git a/README.migration b/README.migration deleted file mode 100644 index a09ae1e..0000000 --- a/README.migration +++ /dev/null @@ -1,4 +0,0 @@ -As from Fedora 9, MigrationTools are shipped as separate package. -Install "migrationtools" package to get them, e.g.: - -yum install migrationtools \ No newline at end of file diff --git a/README.upgrading b/README.upgrading deleted file mode 100644 index d570c32..0000000 --- a/README.upgrading +++ /dev/null @@ -1,68 +0,0 @@ -Before upgrading from OpenLDAP 2.0 or 2.1 to OpenLDAP 2.2, the system -administrator should dump out the contents of the the directory server's -databases using the 'slapcat' utility included in the openldap-servers package -and save the LDIF files which it produces. - -After the upgrade is complete, the data can be re-imported using the 'slapadd' -utility. Some data which was exported from an OpenLDAP 2.0 server may not -import directly into an OpenLDAP 2.2 server. If this happens, check for these -common problems: - - * Missing parent entries. - Entries in the directory are no longer allowed to be children of entries - which are not present in the directory. For example, earlier releases - would allow an entry with distinguished name (DN) - "cn=foo,dc=devel,dc=example,dc=com" to be imported into a database for - suffix "dc=example,dc=com" which contained neither an entry for - "dc=devel,dc=example,dc=com" nor an entry for "dc=example,dc=com". - - * Deprecated objectclasses and attribute types. - Entries of these classes should be replaced by entries of a different - class. - * the automountMap objectclass - Use the nisMap objectclass instead, replacing these old attributes - with new attributes: - +====================================+ - | old attribute new attribute | - |------------------------------------| - | ou nisMapName | - +====================================+ - * the automount objectclass - Use the nisObject objectclass instead, replacing these old attributes - with new attributes: - +====================================+ - | old attribute new attribute | - |------------------------------------| - | cn cn | - | automountInformation nisMapEntry | - | (no counterpart) nisMapName | - +====================================+ - - * Missing objectclass definitions. - Some objectclasses are no longer defined because they are no longer used. - Remove the objectclass from the entry's list of objectclasses, and - remove any values for attributes which are unique to that objectclass. - These include: - * the "kerberosSecurityObject" objectclass and the "krbName" attribute - * the "dynamicObject" objectclass - * the "LDAPsubEntry" objectclass - - * Missing attribute values. - Some objectclass definitions mark a given attribute as both optional (MAY) - and required (MUST). While such attributes may have been treated as - optional before, they are now treated as required. Some examples: - * the "ipProtocol" object class and its "description" attribute - * the "rpcService" object class and its "description" attribute - * the "oncRpc" object class and its "description" attribute - * the "residentialPerson" object class and its "localityName" attribute - - * Structural vs. auxiliary objectclasses. - The set of objectclasses which any entry lists should include exactly one - STRUCTURAL class. This requirement may not have been enforced in previous - releases. - - * The entry does not contain its own RDN as an attribute-value pair. - The naming attribute and value used as the entry's relative distinguished - name (RDN) must be explicitly defined for the entry. For example, an - entry named "cn=contrived,dc=example,dc=com" must include "contrived" as a - value for its "cn" attribute. diff --git a/autofs.schema b/autofs.schema deleted file mode 100644 index 07e23b4..0000000 --- a/autofs.schema +++ /dev/null @@ -1,23 +0,0 @@ -# Depends upon core.schema and cosine.schema - -# OID Base is 1.3.6.1.4.1.2312.4 -# -# Attribute types are under 1.3.6.1.4.1.2312.4.1 -# Object classes are under 1.3.6.1.4.1.2312.4.2 -# Syntaxes are under 1.3.6.1.4.1.2312.4.3 - -# Attribute Type Definitions - -attributetype ( 1.3.6.1.4.1.2312.4.1.2 NAME 'automountInformation' - DESC 'Information used by the autofs automounter' - EQUALITY caseExactMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) - -objectclass ( 1.3.6.1.4.1.2312.4.2.3 NAME 'automount' SUP top STRUCTURAL - DESC 'An entry in an automounter map' - MUST ( cn $ automountInformation $ objectclass ) - MAY ( description ) ) - -objectclass ( 1.3.6.1.4.1.2312.4.2.2 NAME 'automountMap' SUP top STRUCTURAL - DESC 'An group of related automount objects' - MUST ( ou ) ) diff --git a/migration-tools.txt b/migration-tools.txt deleted file mode 100644 index 5331913..0000000 --- a/migration-tools.txt +++ /dev/null @@ -1,179 +0,0 @@ -LDAP Migration Tools - -The MigrationTools are a set of Perl scripts for migrating users, groups, -aliases, hosts, netgroups, networks, protocols, RPCs, and services from -existing nameservices (flat files, NIS, and NetInfo) to LDAP. They are -located on a default installation under /usr/share/openldap/migration. - -The tools require the ldapadd and ldif2dbm commands, which are distributed -with most LDAP servers derived from the University of Michigan LDAP -distribution. The source code for these is available with OpenLDAP. -Additionally, Netscape provide an implementation of ldapmodify which -subsumes the functionality of ldapadd. If you are using Netscape's Directory -Server, you should set the $NSHOME and $serverId environment variables to -assist the MigrationTools in locating your LDAP database and LDIF tools; -they will use ldapmodify instead of ldapadd. - -These tools are freely redistributable according to the license included -with the source files. They may be bundled with LDAP/NIS migration products. -See RFC 2307 for more information on the schema used by these scripts. THIS -SOFTWARE IS PROVIDED "AS IS" WITHOUT EXPRESS OR IMPLIED WARRANTY AND WITHOUT -SUPPORT. - -Scripts - - * migrate_base.pl creates naming context entries, including - subordinate contexts such as ou=people and ou=devices. - * migrate_aliases.pl migrates aliases in /etc/aliases to entries - conforming to the rfc822MailGroup schema. Organizations who have - deployed LDAP-based messaging solutions, such as Netscape's - Messaging Server, may wish to use a different schema for - representing mail aliases. Ypldapd does not use X.500 groups (such - as groupOfUniqueNames) for mail alias expansion because - flattening an arbitrarily nested group at runtime may be - expensive. (It is possible to write a ypldapd plug-in to support - such a schema, however.) - * migrate_group.pl migrates groups in /etc/group - * migrate_hosts.pl migrates hosts in /etc/hosts - * migrate_networks.pl migrates networks in /etc/networks - * migrate_passwd.pl migrates users in /etc/passwd. Note that if - users are allowed read the userPassword attribute, and your LDAP - server doesn't support authenticating against hashed passwords - then anyone may read the userPassword attribute's value and - authenticate as that user. Modern LDAP servers, such as Netscape - Directory Server, support authenticating against hashed passwords, - so this is not an issue. The OpenLDAP LDAP server also supports - such authentication. - * migrate_protocols.pl migrates protocols in /etc/protocols - * migrate_services.pl migrates services in /etc/services - * migrate_netgroup.pl migrates netgroups in /etc/netgroup - * migrate_netgroup_byuser.pl migrates the netgroup.byuser map. It - requires revnetgroup. - * migrate_netgroup_byhost.pl migrates the netgroup.byhost map. It - requires revnetgroup. - * migrate_rpc.pl migrates RPCs in /etc/rpc - -Configuration - -The configuration for these Perl scripts is contained at the head of -migrate_common.ph: - - Perl variable Description - - $DEFAULT_MAIL_DOMAIN The mail domain used for the mail - attribute in migrate_passwd.pl when - extended schema support is enabled. You may - override this with the DEFAULT_MAIL_DOMAIN - environment variable. - - $DEFAULT_BASE The naming suffix to use in - entries' distinguished names. If - undefined, this will be constructed by - mapping the mail domain name into a - distinguished name (eg aceindustry.com - becomes dc=aceindustry,dc=com ). You may - override this with the LDAP_BASEDN - environment variable. - - $EXTENDED_SCHEMA Enables extended schema support. - This adds the organizationalPerson and - inetOrgPerson object classes, amongst - others, to users migrated by the - migrate_passwd.pl script. - - NAMINGCONTEXT Determines the LDAP/X.500 naming context - to use for a migration tool. The dictionary - is keyed by tool (as in migrate_ tool .pl ). - Values are concatenated with $DEFAULT_BASE - by the & getsuffix() subroutine. - -The following environment variables control the behavior of the -migration shell scripts: - - Environment variable Description - - DEFAULT_MAIL_DOMAIN See above - - LDAPADD Path the ldapadd executable, for online - migration (if not in the path or - /usr/local/bin or /usr/bin) - - LDIF2LDBM Path the ldif2ldbm executable, for offline - migration (if not in the path or - /usr/local/bin or /usr/bin) - - PERL Path to the Perl interpreter (if not - /usr/bin or /usr/local/bin) - - LDAPHOST Your LDAP server, for online - migration. This is optional; you'll be - prompted if the environment variable is not - set. - - LDAP_BASEDN See above ( $DEFAULT_BASE). This is - optional; you'll be prompted if the - environment variable is not set. - - LDAP_BINDDN The distinguished name to bind to the - LDAP server as, for online migration. This - is optional; you'll be prompted if the - environment variable is not set. - - LDAP_BINDCRED The password to bind to the LDAP server - with, for online migration. This is - optional; you'll be prompted if the - environment variable is not set. - -You will probably wish to use a shell script or makefile to automate -population of your LDAP database, either off-lien (with ldif2ldbm) or -on-line (with ldapadd). The migrate_all_*.sh shell scripts do this, but you -may wish to customize their behaviour. The following table explains which -migration scripts to use: - - Shell script Existing nameservice LDAP - running? - - migrate_all_online.sh /etc flat files Yes - - migrate_all_offline.sh /etc flat files No - - migrate_all_netinfo_online.sh NetInfo Yes - - migrate_all_netinfo_offline.sh NetInfo No - - migrate_all_nis_online.sh NIS/YP Yes - - migrate_all_nis_offline.sh NIS/YP No - -Below are examples of migrate_hosts.pl and migrate_passwd.plbeing used to -migrate hosts and users, respectively: - -$ migrate_hosts.pl /etc/hosts -dn: cn=mira.aceindustry.com,ou=devices,dc=aceindustry,dc=com -objectclass: ipHost -objectclass: device -objectclass: top -ipHostNumber: 10.1.70.5 -cn: mira -cn: www.aceindustry.com -cn: mira.aceindustry.com - -$ migrate_passwd.pl /etc/passwd -dn: cn=Joe Bloggs,ou=people,dc=aceindustry,dc=com -cn: Joe Bloggs -objectclass: top -objectclass: person -objectclass: organizationalPerson -objectclass: inetOrgPerson -objectclass: posixAccount -objectclass: account -mail: jbloggs@aceindustry.com -givenname: Joe -sn: Bloggs -uid: jbloggs -userPassword: {crypt}daCXgaxahRNkg -loginShell: /bin/csh -uidNumber: 20 -gidNumber: 20 -homeDirectory: /home/jbloggs - diff --git a/openldap.spec b/openldap.spec index eba85f9..951ca7d 100644 --- a/openldap.spec +++ b/openldap.spec @@ -7,7 +7,7 @@ Name: openldap Version: 2.4.23 -Release: 1%{?dist} +Release: 2%{?dist} Summary: LDAP support libraries Group: System Environment/Daemons License: OpenLDAP @@ -15,11 +15,7 @@ URL: http://www.openldap.org/ Source0: ftp://ftp.OpenLDAP.org/pub/OpenLDAP/openldap-release/openldap-%{version}.tgz Source1: ldap.init Source2: ldap.sysconfig -Source3: autofs.schema -Source4: migration-tools.txt -Source5: README.migration -Source6: README.upgrading -Source7: README.evolution +Source3: README.evolution # patches for 2.4 Patch0: openldap-slapd-conf.patch @@ -47,7 +43,7 @@ BuildRequires: glibc-devel, libtool, libtool-ltdl-devel, groff, perl BuildRequires: openssl-devel Obsoletes: compat-openldap < 2.4 -# provide ldif2ldbm functionality for migrationtools +# used by migrationtools: Provides: ldif2ldbm %description @@ -294,7 +290,7 @@ make install DESTDIR=%{buildroot} \ libdir=%{evolution_connector_libdir} \ LIBTOOL="$libtool" \ STRIP="" -install -m 644 %SOURCE7 \ +install -m 644 %SOURCE3 \ %{buildroot}/%{evolution_connector_prefix}/ popd @@ -310,10 +306,6 @@ popd mkdir -p %{buildroot}%{_sysconfdir}/openldap/cacerts mkdir -p %{buildroot}%{_sysconfdir}/pki/tls/certs -# install additional documentation -install -m 644 %SOURCE5 README.migration -install -m 644 %SOURCE6 README.upgrading - # setup data and runtime directories mkdir -p %{buildroot}/var/lib/ldap mkdir -p %{buildroot}/var/run/openldap @@ -334,11 +326,6 @@ install -m 755 %SOURCE1 %{buildroot}%{_sysconfdir}/rc.d/init.d/slapd mkdir -p %{buildroot}%{_sysconfdir}/sysconfig install -m 644 %SOURCE2 %{buildroot}%{_sysconfdir}/sysconfig/ldap -# add some more schema for the sake of migration scripts -install -d -m755 %{buildroot}%{_sysconfdir}/openldap/schema/redhat -install -m644 %SOURCE3 \ - %{buildroot}%{_sysconfdir}/openldap/schema/redhat/ - # move slapd out of _libdir mv %{buildroot}/%{_libdir}/slapd %{buildroot}/%{_sbindir}/ @@ -603,8 +590,6 @@ exit 0 %files servers %defattr(-,root,root) -%doc README.upgrading -%doc README.migration %doc openldap-%{version}/contrib/slapd-modules/smbk5pwd/README.smbk5pwd %doc openldap-%{version}/doc/guide/admin/*.html %doc openldap-%{version}/doc/guide/admin/*.png @@ -658,6 +643,11 @@ exit 0 %attr(0644,root,root) %{evolution_connector_libdir}/*.a %changelog +* Mon Nov 01 2010 Jan Vcelak 2.4.23-2 +- removed outdated autofs.schema (#643045) +- removed outdated README.upgrade +- removed relics of migrationtools + * Fri Aug 27 2010 Jan Vcelak 2.4.23-1 - rebase to 2.4.23 - embeded db4 library removed