[pkg-kolab] r959 - in kolabd/trunk/debian: . patches

mparent-guest at alioth.debian.org mparent-guest at alioth.debian.org
Mon Oct 27 17:32:20 UTC 2008 

Author: mparent-guest
Date: 2008-10-27 17:32:19 +0000 (Mon, 27 Oct 2008)
New Revision: 959

Modified:
   kolabd/trunk/debian/changelog
   kolabd/trunk/debian/patches/30-bootstrap.dpatch
Log:
slapcat run under openldap user to prevent creation of files as root


Modified: kolabd/trunk/debian/changelog
===================================================================
--- kolabd/trunk/debian/changelog	2008-10-27 16:33:15 UTC (rev 958)
+++ kolabd/trunk/debian/changelog	2008-10-27 17:32:19 UTC (rev 959)
@@ -22,6 +22,7 @@
   * updated patch 30-bootstrap
     - run newaliases at the end of kolab_bootstrap
     - gethostname rewriten upstream to use Net::Domain
+    - slapcat run under openldap user to prevent creation of files as root
   * new patch 40-disable-amavis: amavis is suggested, so disabled as default
   * new patch 50-postfix-hashes: Postfix hashes templates
     - Added RUNONCHANGE=/usr/sbin/postmap -o @emailserver_confdir@/... so that 
@@ -49,7 +50,7 @@
   * debian/preinst: remove unused_conffile
     /etc/kolab/templates/fbview.conf.template 
 
- -- Mathieu Parent <math.parent at gmail.com>  Mon, 27 Oct 2008 17:30:56 +0100
+ -- Mathieu Parent <math.parent at gmail.com>  Mon, 27 Oct 2008 18:29:50 +0100
 
 kolabd (2.1.0-20070510.dfsg-3) unstable; urgency=low
 

Modified: kolabd/trunk/debian/patches/30-bootstrap.dpatch
===================================================================
--- kolabd/trunk/debian/patches/30-bootstrap.dpatch	2008-10-27 16:33:15 UTC (rev 958)
+++ kolabd/trunk/debian/patches/30-bootstrap.dpatch	2008-10-27 17:32:19 UTC (rev 959)
@@ -4,18 +4,18 @@
 ## DP: Fixups for Debian
 
 @DPATCH@
-diff -urNad kolabd-2.1.99-20080521.dfsg~/kolab_bootstrap.in kolabd-2.1.99-20080521.dfsg/kolab_bootstrap.in
---- kolabd-2.1.99-20080521.dfsg~/kolab_bootstrap.in	2008-05-26 19:18:22.000000000 +0200
-+++ kolabd-2.1.99-20080521.dfsg/kolab_bootstrap.in	2008-05-26 19:21:49.000000000 +0200
-@@ -21,6 +21,7 @@
+diff -urNad kolabd-2.2.0-20080709.dfsg~/kolab_bootstrap.in kolabd-2.2.0-20080709.dfsg/kolab_bootstrap.in
+--- kolabd-2.2.0-20080709.dfsg~/kolab_bootstrap.in	2008-10-27 18:26:09.000000000 +0100
++++ kolabd-2.2.0-20080709.dfsg/kolab_bootstrap.in	2008-10-27 18:28:24.000000000 +0100
+@@ -22,6 +22,7 @@
  use Net::LDAP::Entry;
  use Net::Netmask;
  use File::Copy;
 +use File::Path;
  use Getopt::Std;
  use Term::ReadKey;
- use Term::Local;
-@@ -90,7 +91,7 @@
+ use Time::Local;
+@@ -69,7 +70,7 @@
      print ("Error: Found $name running on Port $port\n");
      print ("Check your installation!\n");
      print ("You must stop the service $name before running Kolab\n");
@@ -24,7 +24,16 @@
      exit 1;
    }
  }
-@@ -226,7 +227,7 @@
+@@ -181,7 +182,7 @@
+ 
+ print ("Excellent all required Ports are available!\n");
+ 
+-system("@sbindir@/slapcat >/dev/null 2>&1");
++system("su  --shell /bin/sh --command @sbindir@/slapcat @ldapserver_usr@ >/dev/null 2>&1");
+ if ($?==0) {
+   print ("\nFound existing configuration\n");
+   print "\nBootstrapping Kolab will overwrite old configuration\n";
+@@ -203,7 +204,7 @@
    }
    my $epochseconds = timelocal(gmtime);
    my $backupdir="@backupdir@/backup".$epochseconds;
@@ -33,7 +42,7 @@
  
    print "creating backup of LDAP repository\n";
    system("cp -pRP \"@ldapserver_dir@\" \"$backupdir/openldap-data\"");
-@@ -398,8 +399,23 @@
+@@ -375,8 +376,23 @@
    };
  
    my $confname = "@sasl_smtpconffile@";
@@ -57,7 +66,7 @@
    getopts('b');
  
    if ($opt_b) {
-@@ -441,6 +457,7 @@
+@@ -418,6 +434,7 @@
        undef $slpd;
        undef $tmpl;
        kolab_chown "@ldapserver_usr@","@ldapserver_grp@","@ldapserver_confdir@/slapd.conf";
@@ -65,7 +74,7 @@
        
        my $tmplname = "@sysconfdir@/kolab/templates/slapd.replicas.template";
        $confname = "@ldapserver_confdir@/slapd.replicas";
-@@ -489,7 +506,7 @@
+@@ -466,7 +483,7 @@
        $ldap_uri = "ldap://127.0.0.1:389/";
        # ensure that the database has correct permissions
        system("chown @ldapserver_rusr@:@ldapserver_grp@ @ldapserver_dir@/*");
@@ -74,7 +83,7 @@
        print ("Waiting for OpenLDAP to start\n");
        sleep 10;
  
-@@ -655,7 +672,7 @@
+@@ -632,7 +649,7 @@
  
     if ($ldap_uri =~ /127\.0\.0\.1/ || $ldap_uri =~ /localhost/) {
        print "\nkill temporary slapd\n\n";
@@ -83,7 +92,7 @@
        sleep 1; # actually race should be impossible
        system("killall -9 slapd >/dev/null 2>&1");
     }
-@@ -703,7 +720,7 @@
+@@ -680,7 +697,7 @@
    ##### Slave server setup
  
    print "stop running slapd (if any)\n";
@@ -92,7 +101,7 @@
  
    # Make sure that no rogue demons are running
    tryConnect( '127.0.0.1', 389 ) && die "A process is already listening to port 389 (ldap)\n"
-@@ -823,9 +840,9 @@
+@@ -800,9 +817,9 @@
  is copied over to this slave. Please make sure that this slave is entered into the list 
  of kolabhosts on the master before proceeding.
  EOS
@@ -104,7 +113,7 @@
  
    # FIXME: we should get rid of this construct because it makes the code hard to read.
    #        A if (-e @sysconfdir@/rc.conf) statement should be enough.
-@@ -892,6 +909,8 @@
+@@ -869,6 +886,8 @@
    }
  
    kolab_system("@sbindir@/kolabconf -n");
@@ -113,7 +122,7 @@
  
    $fd = IO::File->new($kolab_config, "w+") || die "could not open $kolab_config";
    print $fd "fqdnhostname : $fqdn\n";
-@@ -914,6 +933,6 @@
+@@ -891,6 +910,6 @@
  
  #system("@sysconfdir@/kolab/kolab_sslcert.sh $fqdn");
  print "kolab is now ready to run!\n";

More information about the pkg-kolab-devel mailing list