[pkg-kolab] r959 - in kolabd/trunk/debian: . patches
mparent-guest at alioth.debian.org
mparent-guest at alioth.debian.org
Mon Oct 27 17:32:20 UTC 2008
Author: mparent-guest
Date: 2008-10-27 17:32:19 +0000 (Mon, 27 Oct 2008)
New Revision: 959
Modified:
kolabd/trunk/debian/changelog
kolabd/trunk/debian/patches/30-bootstrap.dpatch
Log:
slapcat run under openldap user to prevent creation of files as root
Modified: kolabd/trunk/debian/changelog
===================================================================
--- kolabd/trunk/debian/changelog 2008-10-27 16:33:15 UTC (rev 958)
+++ kolabd/trunk/debian/changelog 2008-10-27 17:32:19 UTC (rev 959)
@@ -22,6 +22,7 @@
* updated patch 30-bootstrap
- run newaliases at the end of kolab_bootstrap
- gethostname rewriten upstream to use Net::Domain
+ - slapcat run under openldap user to prevent creation of files as root
* new patch 40-disable-amavis: amavis is suggested, so disabled as default
* new patch 50-postfix-hashes: Postfix hashes templates
- Added RUNONCHANGE=/usr/sbin/postmap -o @emailserver_confdir@/... so that
@@ -49,7 +50,7 @@
* debian/preinst: remove unused_conffile
/etc/kolab/templates/fbview.conf.template
- -- Mathieu Parent <math.parent at gmail.com> Mon, 27 Oct 2008 17:30:56 +0100
+ -- Mathieu Parent <math.parent at gmail.com> Mon, 27 Oct 2008 18:29:50 +0100
kolabd (2.1.0-20070510.dfsg-3) unstable; urgency=low
Modified: kolabd/trunk/debian/patches/30-bootstrap.dpatch
===================================================================
--- kolabd/trunk/debian/patches/30-bootstrap.dpatch 2008-10-27 16:33:15 UTC (rev 958)
+++ kolabd/trunk/debian/patches/30-bootstrap.dpatch 2008-10-27 17:32:19 UTC (rev 959)
@@ -4,18 +4,18 @@
## DP: Fixups for Debian
@DPATCH@
-diff -urNad kolabd-2.1.99-20080521.dfsg~/kolab_bootstrap.in kolabd-2.1.99-20080521.dfsg/kolab_bootstrap.in
---- kolabd-2.1.99-20080521.dfsg~/kolab_bootstrap.in 2008-05-26 19:18:22.000000000 +0200
-+++ kolabd-2.1.99-20080521.dfsg/kolab_bootstrap.in 2008-05-26 19:21:49.000000000 +0200
-@@ -21,6 +21,7 @@
+diff -urNad kolabd-2.2.0-20080709.dfsg~/kolab_bootstrap.in kolabd-2.2.0-20080709.dfsg/kolab_bootstrap.in
+--- kolabd-2.2.0-20080709.dfsg~/kolab_bootstrap.in 2008-10-27 18:26:09.000000000 +0100
++++ kolabd-2.2.0-20080709.dfsg/kolab_bootstrap.in 2008-10-27 18:28:24.000000000 +0100
+@@ -22,6 +22,7 @@
use Net::LDAP::Entry;
use Net::Netmask;
use File::Copy;
+use File::Path;
use Getopt::Std;
use Term::ReadKey;
- use Term::Local;
-@@ -90,7 +91,7 @@
+ use Time::Local;
+@@ -69,7 +70,7 @@
print ("Error: Found $name running on Port $port\n");
print ("Check your installation!\n");
print ("You must stop the service $name before running Kolab\n");
@@ -24,7 +24,16 @@
exit 1;
}
}
-@@ -226,7 +227,7 @@
+@@ -181,7 +182,7 @@
+
+ print ("Excellent all required Ports are available!\n");
+
+-system("@sbindir@/slapcat >/dev/null 2>&1");
++system("su --shell /bin/sh --command @sbindir@/slapcat @ldapserver_usr@ >/dev/null 2>&1");
+ if ($?==0) {
+ print ("\nFound existing configuration\n");
+ print "\nBootstrapping Kolab will overwrite old configuration\n";
+@@ -203,7 +204,7 @@
}
my $epochseconds = timelocal(gmtime);
my $backupdir="@backupdir@/backup".$epochseconds;
@@ -33,7 +42,7 @@
print "creating backup of LDAP repository\n";
system("cp -pRP \"@ldapserver_dir@\" \"$backupdir/openldap-data\"");
-@@ -398,8 +399,23 @@
+@@ -375,8 +376,23 @@
};
my $confname = "@sasl_smtpconffile@";
@@ -57,7 +66,7 @@
getopts('b');
if ($opt_b) {
-@@ -441,6 +457,7 @@
+@@ -418,6 +434,7 @@
undef $slpd;
undef $tmpl;
kolab_chown "@ldapserver_usr@","@ldapserver_grp@","@ldapserver_confdir@/slapd.conf";
@@ -65,7 +74,7 @@
my $tmplname = "@sysconfdir@/kolab/templates/slapd.replicas.template";
$confname = "@ldapserver_confdir@/slapd.replicas";
-@@ -489,7 +506,7 @@
+@@ -466,7 +483,7 @@
$ldap_uri = "ldap://127.0.0.1:389/";
# ensure that the database has correct permissions
system("chown @ldapserver_rusr@:@ldapserver_grp@ @ldapserver_dir@/*");
@@ -74,7 +83,7 @@
print ("Waiting for OpenLDAP to start\n");
sleep 10;
-@@ -655,7 +672,7 @@
+@@ -632,7 +649,7 @@
if ($ldap_uri =~ /127\.0\.0\.1/ || $ldap_uri =~ /localhost/) {
print "\nkill temporary slapd\n\n";
@@ -83,7 +92,7 @@
sleep 1; # actually race should be impossible
system("killall -9 slapd >/dev/null 2>&1");
}
-@@ -703,7 +720,7 @@
+@@ -680,7 +697,7 @@
##### Slave server setup
print "stop running slapd (if any)\n";
@@ -92,7 +101,7 @@
# Make sure that no rogue demons are running
tryConnect( '127.0.0.1', 389 ) && die "A process is already listening to port 389 (ldap)\n"
-@@ -823,9 +840,9 @@
+@@ -800,9 +817,9 @@
is copied over to this slave. Please make sure that this slave is entered into the list
of kolabhosts on the master before proceeding.
EOS
@@ -104,7 +113,7 @@
# FIXME: we should get rid of this construct because it makes the code hard to read.
# A if (-e @sysconfdir@/rc.conf) statement should be enough.
-@@ -892,6 +909,8 @@
+@@ -869,6 +886,8 @@
}
kolab_system("@sbindir@/kolabconf -n");
@@ -113,7 +122,7 @@
$fd = IO::File->new($kolab_config, "w+") || die "could not open $kolab_config";
print $fd "fqdnhostname : $fqdn\n";
-@@ -914,6 +933,6 @@
+@@ -891,6 +910,6 @@
#system("@sysconfdir@/kolab/kolab_sslcert.sh $fqdn");
print "kolab is now ready to run!\n";
More information about the pkg-kolab-devel
mailing list