[Fedora-directory-commits] ldapserver Makefile.am, 1.59, 1.60 configure.ac, 1.38, 1.39 aclocal.m4, 1.53, 1.54 configure, 1.68, 1.69 missing, 1.40, 1.41 install-sh, 1.40, 1.41 compile, 1.39, 1.40 depcomp, 1.40, 1.41 Makefile.in, 1.73, 1.74 config.sub, 1.39, 1.40 config.guess, 1.39, 1.40
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29223/ldapserver
Modified Files:
Makefile.am configure.ac aclocal.m4 configure missing
install-sh compile depcomp Makefile.in config.sub config.guess
Log Message:
Resolves: bug 248169
Bug Description: init script modification needed for kerberos auth
Reviewed by: nhosoi (Thanks!)
Fix Description: I just took Simo's initial patch and ran with it. The initconfigdir parameter is the directory containing the config file for the init script. configure will first try to use $(sysconfdir)/sysconfig, then $(sysconfdir)/default (Solaris and Debian, among others), then the package config directory (the default on HP-UX), for this parameter. The init script and startup script will look in the initconfigdir to find the init config file to source. For directory server, an instance specific file can be used, named e.g. dirsrv-localhost which will apply to the slapd-localhost instance only.
A default init config file is provided for dirsrv and dirsrv-admin, with some examples of how it could be used.
Platforms tested: RHEL5 x86_64
Flag Day: Yes - autotool file changes
Doc impact: Yes. We will need to document how the user can supply environment to the servers at startup time without having to edit the init scripts or the startup scripts.
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/ldapserver/Makefile.am,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- Makefile.am 1 Oct 2007 23:22:37 -0000 1.59
+++ Makefile.am 5 Oct 2007 23:45:49 -0000 1.60
@@ -78,6 +78,7 @@
serverplugindir = $(libdir)@serverplugindir@
taskdir = $(datadir)@scripttemplatedir@
initdir = $(sysconfdir)@initdir@
+initconfigdir = $(sysconfdir)@initconfigdir@
instconfigdir = @instconfigdir@
perldir = $(libdir)@perldir@
infdir = $(datadir)@infdir@
@@ -241,6 +242,8 @@
init_SCRIPTS = wrappers/$(PACKAGE_NAME)
+initconfig_SCRIPTS = ldap/admin/src/$(PACKAGE_NAME)
+
inf_DATA = ldap/admin/src/slapd.inf \
ldap/admin/src/scripts/dscreate.map \
ldap/admin/src/scripts/dsorgentries.map
@@ -1039,7 +1042,8 @@
-e 's,@defaultuser\@,$(defaultuser),g' \
-e 's,@defaultgroup\@,$(defaultgroup),g' \
-e 's,@with_fhs_opt\@,@with_fhs_opt@,g' \
- -e 's,@perlexec\@,@perlexec@,g'
+ -e 's,@perlexec\@,@perlexec@,g' \
+ -e 's,@initconfigdir\@,$(initconfigdir),g'
else
fixupcmd = sed \
-e 's,@bindir\@,$(bindir),g' \
@@ -1086,7 +1090,8 @@
-e 's,@defaultuser\@,$(defaultuser),g' \
-e 's,@defaultgroup\@,$(defaultgroup),g' \
-e 's,@with_fhs_opt\@,@with_fhs_opt@,g' \
- -e 's,@perlexec\@,@perlexec@,g'
+ -e 's,@perlexec\@,@perlexec@,g' \
+ -e 's,@initconfigdir\@,$(initconfigdir),g'
endif
%: %.in
@@ -1094,4 +1099,9 @@
$(fixupcmd) $^ > $@
%/$(PACKAGE_NAME): %/initscript.in
+ if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi
+ $(fixupcmd) $^ > $@
+
+%/$(PACKAGE_NAME): %/initconfig.in
+ if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi
$(fixupcmd) $^ > $@
Index: configure.ac
===================================================================
RCS file: /cvs/dirsec/ldapserver/configure.ac,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -r1.38 -r1.39
--- configure.ac 1 Oct 2007 23:22:38 -0000 1.38
+++ configure.ac 5 Oct 2007 23:45:49 -0000 1.39
@@ -275,6 +275,7 @@
# assume 64 bit
perlexec='/opt/perl_64/bin/perl'
platform="hpux"
+ initconfigdir="/$PACKAGE_NAME/config"
;;
hppa*-hp-hpux*)
AC_DEFINE([XP_UNIX], [1], [UNIX])
@@ -287,6 +288,7 @@
AC_DEFINE([_POSIX_C_SOURCE], [199506L], [POSIX revision])
AC_DEFINE([_HPUX_SOURCE], [1], [Source namespace])
# assume 64 bit
+ initconfigdir="/$PACKAGE_NAME/config"
perlexec='/opt/perl_64/bin/perl'
platform="hpux"
;;
@@ -327,6 +329,19 @@
AC_SUBST(initdir)
AC_SUBST(perlexec)
+# set default initconfigdir if not already set
+# value will be set so as to be relative to $(sysconfdir)
+if test -z "$initconfigdir" ; then
+ if test -d /etc/sysconfig ; then
+ initconfigdir=/sysconfig
+ elif test -d /etc/default ; then
+ initconfigdir=/default
+ else
+ initconfigdir="/$PACKAGE_NAME/config"
+ fi
+fi
+AC_SUBST(initconfigdir)
+
AM_CONDITIONAL(HPUX,test "$platform" = "hpux")
AM_CONDITIONAL(SOLARIS,test "$platform" = "solaris")
Index: configure
===================================================================
RCS file: /cvs/dirsec/ldapserver/configure,v
retrieving revision 1.68
retrieving revision 1.69
diff -u -r1.68 -r1.69
--- configure 1 Oct 2007 23:22:38 -0000 1.68
+++ configure 5 Oct 2007 23:45:49 -0000 1.69
@@ -465,7 +465,7 @@
#endif"
ac_default_prefix=/opt/$PACKAGE_NAME
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CP!
P CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS debug_defs BUNDLE_TRUE BUNDLE_FALSE enable_pam_passthru_TRUE enable_pam_passthru_FALSE enable_dna_TRUE enable_dna_FALSE enable_ldapi_TRUE enable_ldapi_FALSE enable_bitwise_TRUE enable_bitwise_FALSE with_fhs_opt configdir sampledatadir propertydir schemadir serverdir serverplugindir scripttemplatedir perldir infdir defaultuser defaultgroup instconfigdir WINNT_TRUE WINNT_FALSE LIBSOCKET LIBNSL LIBDL LIBCSTD LIBCRUN initdir perlexec HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG NETSNMP_CONFIG PACKAGE_BASE_VERSION nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir ldapsdk_bindir db_inc db_incdir db_lib db_libdir db_bindir db_libver sasl_inc sasl_lib sasl_libdir sasl_path svrcore_inc svrcore_lib icu_lib icu_inc icu_bin netsnmp_inc netsnmp_lib netsnmp_libdir netsnmp_link brand capbrand vendor LTLIBOBJS'
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CP!
P CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS debug_defs BUNDLE_TRUE BUNDLE_FALSE enable_pam_passthru_TRUE enable_pam_passthru_FALSE enable_dna_TRUE enable_dna_FALSE enable_ldapi_TRUE enable_ldapi_FALSE enable_bitwise_TRUE enable_bitwise_FALSE with_fhs_opt configdir sampledatadir propertydir schemadir serverdir serverplugindir scripttemplatedir perldir infdir defaultuser defaultgroup instconfigdir WINNT_TRUE WINNT_FALSE LIBSOCKET LIBNSL LIBDL LIBCSTD LIBCRUN initdir perlexec initconfigdir HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG NETSNMP_CONFIG PACKAGE_BASE_VERSION nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir ldapsdk_bindir db_inc db_incdir db_lib db_libdir db_bindir db_libver sasl_inc sasl_lib sasl_libdir sasl_path svrcore_inc svrcore_lib icu_lib icu_inc icu_bin netsnmp_inc netsnmp_lib netsnmp_libdir netsnmp_link brand capbrand vendor LTLIBOBJS'
ac_subst_files=''
# Initialize some variables set by options.
@@ -23342,6 +23342,7 @@
# assume 64 bit
perlexec='/opt/perl_64/bin/perl'
platform="hpux"
+ initconfigdir="/$PACKAGE_NAME/config"
;;
hppa*-hp-hpux*)
@@ -23390,6 +23391,7 @@
_ACEOF
# assume 64 bit
+ initconfigdir="/$PACKAGE_NAME/config"
perlexec='/opt/perl_64/bin/perl'
platform="hpux"
;;
@@ -23477,6 +23479,19 @@
+# set default initconfigdir if not already set
+# value will be set so as to be relative to $(sysconfdir)
+if test -z "$initconfigdir" ; then
+ if test -d /etc/sysconfig ; then
+ initconfigdir=/sysconfig
+ elif test -d /etc/default ; then
+ initconfigdir=/default
+ else
+ initconfigdir="/$PACKAGE_NAME/config"
+ fi
+fi
+
+
if test "$platform" = "hpux"; then
@@ -26076,6 +26091,7 @@
s,@LIBCRUN@,$LIBCRUN,;t t
s,@initdir@,$initdir,;t t
s,@perlexec@,$perlexec,;t t
+s,@initconfigdir@,$initconfigdir,;t t
s,@HPUX_TRUE@,$HPUX_TRUE,;t t
s,@HPUX_FALSE@,$HPUX_FALSE,;t t
s,@SOLARIS_TRUE@,$SOLARIS_TRUE,;t t
Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/Makefile.in,v
retrieving revision 1.73
retrieving revision 1.74
diff -u -r1.73 -r1.74
--- Makefile.in 1 Oct 2007 23:22:37 -0000 1.73
+++ Makefile.in 5 Oct 2007 23:45:49 -0000 1.74
@@ -93,11 +93,12 @@
am__installdirs = "$(DESTDIR)$(serverdir)" \
"$(DESTDIR)$(serverplugindir)" "$(DESTDIR)$(bindir)" \
"$(DESTDIR)$(sbindir)" "$(DESTDIR)$(bindir)" \
- "$(DESTDIR)$(initdir)" "$(DESTDIR)$(perldir)" \
- "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(taskdir)" \
- "$(DESTDIR)$(configdir)" "$(DESTDIR)$(infdir)" \
- "$(DESTDIR)$(propertydir)" "$(DESTDIR)$(propertydir)" \
- "$(DESTDIR)$(sampledatadir)" "$(DESTDIR)$(schemadir)"
+ "$(DESTDIR)$(initdir)" "$(DESTDIR)$(initconfigdir)" \
+ "$(DESTDIR)$(perldir)" "$(DESTDIR)$(sbindir)" \
+ "$(DESTDIR)$(taskdir)" "$(DESTDIR)$(configdir)" \
+ "$(DESTDIR)$(infdir)" "$(DESTDIR)$(propertydir)" \
+ "$(DESTDIR)$(propertydir)" "$(DESTDIR)$(sampledatadir)" \
+ "$(DESTDIR)$(schemadir)"
serverLTLIBRARIES_INSTALL = $(INSTALL)
serverpluginLTLIBRARIES_INSTALL = $(INSTALL)
LTLIBRARIES = $(server_LTLIBRARIES) $(serverplugin_LTLIBRARIES)
@@ -690,11 +691,12 @@
$(am__DEPENDENCIES_1)
binSCRIPT_INSTALL = $(INSTALL_SCRIPT)
initSCRIPT_INSTALL = $(INSTALL_SCRIPT)
+initconfigSCRIPT_INSTALL = $(INSTALL_SCRIPT)
perlSCRIPT_INSTALL = $(INSTALL_SCRIPT)
sbinSCRIPT_INSTALL = $(INSTALL_SCRIPT)
taskSCRIPT_INSTALL = $(INSTALL_SCRIPT)
-SCRIPTS = $(bin_SCRIPTS) $(init_SCRIPTS) $(perl_SCRIPTS) \
- $(sbin_SCRIPTS) $(task_SCRIPTS)
+SCRIPTS = $(bin_SCRIPTS) $(init_SCRIPTS) $(initconfig_SCRIPTS) \
+ $(perl_SCRIPTS) $(sbin_SCRIPTS) $(task_SCRIPTS)
DEFAULT_INCLUDES = -I. -I$(srcdir) -I.
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -917,6 +919,7 @@
includedir = @includedir@
infdir = $(datadir)@infdir@
infodir = @infodir@
+initconfigdir = $(sysconfdir)@initconfigdir@
initdir = $(sysconfdir)@initdir@
install_sh = @install_sh@
instconfigdir = @instconfigdir@
@@ -1153,6 +1156,7 @@
ldap/admin/src/scripts/template-dbverify
init_SCRIPTS = wrappers/$(PACKAGE_NAME)
+initconfig_SCRIPTS = ldap/admin/src/$(PACKAGE_NAME)
inf_DATA = ldap/admin/src/slapd.inf \
ldap/admin/src/scripts/dscreate.map \
ldap/admin/src/scripts/dsorgentries.map
@@ -1910,7 +1914,8 @@
@BUNDLE_FALSE@ -e 's,@defaultuser\@,$(defaultuser),g' \
@BUNDLE_FALSE@ -e 's,@defaultgroup\@,$(defaultgroup),g' \
@BUNDLE_FALSE@ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g' \
-@BUNDLE_FALSE@ -e 's,@perlexec\@,@perlexec@,g'
+@BUNDLE_FALSE@ -e 's,@perlexec\@,@perlexec@,g' \
+@BUNDLE_FALSE@ -e 's,@initconfigdir\@,$(initconfigdir),g'
# these are for the config files and scripts that we need to generate and replace
@@ -1967,7 +1972,8 @@
@BUNDLE_TRUE@ -e 's,@defaultuser\@,$(defaultuser),g' \
@BUNDLE_TRUE@ -e 's,@defaultgroup\@,$(defaultgroup),g' \
@BUNDLE_TRUE@ -e 's,@with_fhs_opt\@,@with_fhs_opt@,g' \
-@BUNDLE_TRUE@ -e 's,@perlexec\@,@perlexec@,g'
+@BUNDLE_TRUE@ -e 's,@perlexec\@,@perlexec@,g' \
+@BUNDLE_TRUE@ -e 's,@initconfigdir\@,$(initconfigdir),g'
all: $(BUILT_SOURCES) config.h
$(MAKE) $(AM_MAKEFLAGS) all-am
@@ -3742,6 +3748,25 @@
echo " rm -f '$(DESTDIR)$(initdir)/$$f'"; \
rm -f "$(DESTDIR)$(initdir)/$$f"; \
done
+install-initconfigSCRIPTS: $(initconfig_SCRIPTS)
+ @$(NORMAL_INSTALL)
+ test -z "$(initconfigdir)" || $(mkdir_p) "$(DESTDIR)$(initconfigdir)"
+ @list='$(initconfig_SCRIPTS)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ if test -f $$d$$p; then \
+ f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
+ echo " $(initconfigSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(initconfigdir)/$$f'"; \
+ $(initconfigSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(initconfigdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-initconfigSCRIPTS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(initconfig_SCRIPTS)'; for p in $$list; do \
+ f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
+ echo " rm -f '$(DESTDIR)$(initconfigdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(initconfigdir)/$$f"; \
+ done
install-perlSCRIPTS: $(perl_SCRIPTS)
@$(NORMAL_INSTALL)
test -z "$(perldir)" || $(mkdir_p) "$(DESTDIR)$(perldir)"
@@ -8876,7 +8901,7 @@
all-am: Makefile $(LIBRARIES) $(LTLIBRARIES) $(PROGRAMS) $(SCRIPTS) \
$(DATA) config.h
installdirs:
- for dir in "$(DESTDIR)$(serverdir)" "$(DESTDIR)$(serverplugindir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(initdir)" "$(DESTDIR)$(perldir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(taskdir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(infdir)" "$(DESTDIR)$(propertydir)" "$(DESTDIR)$(propertydir)" "$(DESTDIR)$(sampledatadir)" "$(DESTDIR)$(schemadir)"; do \
+ for dir in "$(DESTDIR)$(serverdir)" "$(DESTDIR)$(serverplugindir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(initdir)" "$(DESTDIR)$(initconfigdir)" "$(DESTDIR)$(perldir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(taskdir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(infdir)" "$(DESTDIR)$(propertydir)" "$(DESTDIR)$(propertydir)" "$(DESTDIR)$(sampledatadir)" "$(DESTDIR)$(schemadir)"; do \
test -z "$$dir" || $(mkdir_p) "$$dir"; \
done
install: $(BUILT_SOURCES)
@@ -9001,9 +9026,9 @@
info-am:
install-data-am: install-configDATA install-infDATA \
- install-initSCRIPTS install-nodist_propertyDATA \
- install-perlSCRIPTS install-propertyDATA \
- install-sampledataDATA install-schemaDATA \
+ install-initSCRIPTS install-initconfigSCRIPTS \
+ install-nodist_propertyDATA install-perlSCRIPTS \
+ install-propertyDATA install-sampledataDATA install-schemaDATA \
install-serverLTLIBRARIES install-serverpluginLTLIBRARIES \
install-taskSCRIPTS
@@ -9038,12 +9063,12 @@
uninstall-am: uninstall-binPROGRAMS uninstall-binSCRIPTS \
uninstall-configDATA uninstall-infDATA uninstall-info-am \
- uninstall-initSCRIPTS uninstall-nodist_propertyDATA \
- uninstall-perlSCRIPTS uninstall-propertyDATA \
- uninstall-sampledataDATA uninstall-sbinPROGRAMS \
- uninstall-sbinSCRIPTS uninstall-schemaDATA \
- uninstall-serverLTLIBRARIES uninstall-serverpluginLTLIBRARIES \
- uninstall-taskSCRIPTS
+ uninstall-initSCRIPTS uninstall-initconfigSCRIPTS \
+ uninstall-nodist_propertyDATA uninstall-perlSCRIPTS \
+ uninstall-propertyDATA uninstall-sampledataDATA \
+ uninstall-sbinPROGRAMS uninstall-sbinSCRIPTS \
+ uninstall-schemaDATA uninstall-serverLTLIBRARIES \
+ uninstall-serverpluginLTLIBRARIES uninstall-taskSCRIPTS
.PHONY: CTAGS GTAGS all all-am am--refresh check check-am clean \
clean-binPROGRAMS clean-generic clean-libtool \
@@ -9057,10 +9082,10 @@
install-binPROGRAMS install-binSCRIPTS install-configDATA \
install-data install-data-am install-exec install-exec-am \
install-infDATA install-info install-info-am \
- install-initSCRIPTS install-man install-nodist_propertyDATA \
- install-perlSCRIPTS install-propertyDATA \
- install-sampledataDATA install-sbinPROGRAMS \
- install-sbinSCRIPTS install-schemaDATA \
+ install-initSCRIPTS install-initconfigSCRIPTS install-man \
+ install-nodist_propertyDATA install-perlSCRIPTS \
+ install-propertyDATA install-sampledataDATA \
+ install-sbinPROGRAMS install-sbinSCRIPTS install-schemaDATA \
install-serverLTLIBRARIES install-serverpluginLTLIBRARIES \
install-strip install-taskSCRIPTS installcheck installcheck-am \
installdirs maintainer-clean maintainer-clean-generic \
@@ -9068,12 +9093,12 @@
mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \
uninstall-am uninstall-binPROGRAMS uninstall-binSCRIPTS \
uninstall-configDATA uninstall-infDATA uninstall-info-am \
- uninstall-initSCRIPTS uninstall-nodist_propertyDATA \
- uninstall-perlSCRIPTS uninstall-propertyDATA \
- uninstall-sampledataDATA uninstall-sbinPROGRAMS \
- uninstall-sbinSCRIPTS uninstall-schemaDATA \
- uninstall-serverLTLIBRARIES uninstall-serverpluginLTLIBRARIES \
- uninstall-taskSCRIPTS
+ uninstall-initSCRIPTS uninstall-initconfigSCRIPTS \
+ uninstall-nodist_propertyDATA uninstall-perlSCRIPTS \
+ uninstall-propertyDATA uninstall-sampledataDATA \
+ uninstall-sbinPROGRAMS uninstall-sbinSCRIPTS \
+ uninstall-schemaDATA uninstall-serverLTLIBRARIES \
+ uninstall-serverpluginLTLIBRARIES uninstall-taskSCRIPTS
dirver.h: Makefile
@@ -9093,6 +9118,11 @@
$(fixupcmd) $^ > $@
%/$(PACKAGE_NAME): %/initscript.in
+ if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi
+ $(fixupcmd) $^ > $@
+
+%/$(PACKAGE_NAME): %/initconfig.in
+ if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi
$(fixupcmd) $^ > $@
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
16 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts template-start-slapd.in, 1.7, 1.8
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29223/ldapserver/ldap/admin/src/scripts
Modified Files:
template-start-slapd.in
Log Message:
Resolves: bug 248169
Bug Description: init script modification needed for kerberos auth
Reviewed by: nhosoi (Thanks!)
Fix Description: I just took Simo's initial patch and ran with it. The initconfigdir parameter is the directory containing the config file for the init script. configure will first try to use $(sysconfdir)/sysconfig, then $(sysconfdir)/default (Solaris and Debian, among others), then the package config directory (the default on HP-UX), for this parameter. The init script and startup script will look in the initconfigdir to find the init config file to source. For directory server, an instance specific file can be used, named e.g. dirsrv-localhost which will apply to the slapd-localhost instance only.
A default init config file is provided for dirsrv and dirsrv-admin, with some examples of how it could be used.
Platforms tested: RHEL5 x86_64
Flag Day: Yes - autotool file changes
Doc impact: Yes. We will need to document how the user can supply environment to the servers at startup time without having to edit the init scripts or the startup scripts.
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: template-start-slapd.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/template-start-slapd.in,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- template-start-slapd.in 12 Feb 2007 19:55:10 -0000 1.7
+++ template-start-slapd.in 5 Oct 2007 23:45:50 -0000 1.8
@@ -6,6 +6,12 @@
SHLIB_PATH=$prefix{{SERVER-DIR}}:$prefix@nss_libdir@:$prefix@libdir@:@nss_libdir@
export SHLIB_PATH
+# source env. for all instances
+[ -f @initconfigdir@/@package_name@ ] && . @initconfigdir@/@package_name@
+
+# source env. for this instance
+[ -f @initconfigdir@/@package_name@-{{SERV-ID}} ] && . @initconfigdir@/@package_name@-{{SERV-ID}}
+
# Script that starts the ns-slapd server.
# Exit status can be:
# 0: Server started successfully
16 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/admin/src initconfig.in, NONE, 1.1
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/admin/src
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29223/ldapserver/ldap/admin/src
Added Files:
initconfig.in
Log Message:
Resolves: bug 248169
Bug Description: init script modification needed for kerberos auth
Reviewed by: nhosoi (Thanks!)
Fix Description: I just took Simo's initial patch and ran with it. The initconfigdir parameter is the directory containing the config file for the init script. configure will first try to use $(sysconfdir)/sysconfig, then $(sysconfdir)/default (Solaris and Debian, among others), then the package config directory (the default on HP-UX), for this parameter. The init script and startup script will look in the initconfigdir to find the init config file to source. For directory server, an instance specific file can be used, named e.g. dirsrv-localhost which will apply to the slapd-localhost instance only.
A default init config file is provided for dirsrv and dirsrv-admin, with some examples of how it could be used.
Platforms tested: RHEL5 x86_64
Flag Day: Yes - autotool file changes
Doc impact: Yes. We will need to document how the user can supply environment to the servers at startup time without having to edit the init scripts or the startup scripts.
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
--- NEW FILE initconfig.in ---
# This file is sourced by @package_name@ upon startup to set
# the default environment for all directory server instances.
# To set instance specific defaults, make a copy of this
# file in the same directory called @package_name@-instance
# where "instance" is the name of your directory server
# instance e.g. @package_name@-localhost for the
# slapd-localhost instance
# In order to make more file descriptors available
# to the directory server, first make sure the system
# hard limits are raised, then use ulimit - uncomment
# out the following line and change the value to the
# desired value
# ulimit -n 8192
# In order to use SASL/GSSAPI the directory
# server needs to know where to find its keytab
# file - uncomment the following line and set
# the path and filename appropriately
# KRB5_KTNAME=@instconfigdir@/slapd-instance/keytab ; export KRB5_KTNAME
# other environment settings can be added here too
16 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd modify.c, 1.14, 1.15 pblock.c, 1.10, 1.11 pw_retry.c, 1.6, 1.7 slapi-plugin.h, 1.18, 1.19 slapi-private.h, 1.16, 1.17 ssl.c, 1.13, 1.14
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28865
Modified Files:
modify.c pblock.c pw_retry.c slapi-plugin.h slapi-private.h
ssl.c
Log Message:
Resolves: 268101
Summary: Added new operation flag to skip writing modifiresname and related attributes. Updated password policy internal operations to use this new flag.
Index: modify.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/modify.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- modify.c 10 Nov 2006 23:45:40 -0000 1.14
+++ modify.c 5 Oct 2007 23:31:07 -0000 1.15
@@ -536,7 +536,7 @@
LDAPMod **mods, *pw_mod, **tmpmods = NULL;
Slapi_Mods smods;
Slapi_Mods unhashed_pw_smod;
- int repl_op, internal_op, lastmod;
+ int repl_op, internal_op, lastmod, skip_modified_attrs;
char *unhashed_pw_attr = NULL;
Slapi_Operation *operation;
char errorbuf[BUFSIZ];
@@ -551,6 +551,7 @@
slapi_pblock_get (pb, SLAPI_IS_REPLICATED_OPERATION, &repl_op);
slapi_pblock_get (pb, SLAPI_OPERATION, &operation);
internal_op= operation_is_flag_set(operation, OP_FLAG_INTERNAL);
+ slapi_pblock_get (pb, SLAPI_SKIP_MODIFIED_ATTRS, &skip_modified_attrs);
if (dn == NULL)
{
@@ -667,8 +668,9 @@
/* can get lastmod only after backend is selected */
slapi_pblock_get(pb, SLAPI_BE_LASTMOD, &lastmod);
- /* if this is replication session - leave mod attributes alone */
- if (!repl_op && lastmod)
+ /* if this is replication session or the operation has been
+ * flagged - leave mod attributes alone */
+ if (!repl_op && !skip_modified_attrs && lastmod)
{
modify_update_last_modified_attr(pb, &smods);
}
Index: pblock.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/pblock.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- pblock.c 7 Sep 2007 19:08:45 -0000 1.10
+++ pblock.c 5 Oct 2007 23:31:07 -0000 1.11
@@ -360,6 +360,16 @@
case SLAPI_REQUESTOR_ISROOT:
(*(int *)value) = pblock->pb_requestor_isroot;
break;
+ case SLAPI_SKIP_MODIFIED_ATTRS:
+ if(pblock->pb_op==NULL)
+ {
+ (*(int *)value) = 0; /* No Operation -> No skip */
+ }
+ else
+ {
+ (*(int *)value) = (pblock->pb_op->o_flags & OP_FLAG_SKIP_MODIFIED_ATTRS);
+ }
+ break;
case SLAPI_IS_REPLICATED_OPERATION:
if(pblock->pb_op==NULL)
{
Index: pw_retry.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/pw_retry.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- pw_retry.c 10 Nov 2006 23:45:40 -0000 1.6
+++ pw_retry.c 5 Oct 2007 23:31:07 -0000 1.7
@@ -226,12 +226,14 @@
if (mods && (slapi_mods_get_num_mods(mods) > 0))
{
pblock_init(&pb);
+ /* We don't want to overwrite the modifiersname, etc. attributes,
+ * so we set a flag for this operation */
slapi_modify_internal_set_pb (&pb, dn,
- slapi_mods_get_ldapmods_byref(mods),
- NULL, /* Controls */
- NULL, /* UniqueID */
- pw_get_componentID(), /* PluginID */
- 0); /* Flags */
+ slapi_mods_get_ldapmods_byref(mods),
+ NULL, /* Controls */
+ NULL, /* UniqueID */
+ pw_get_componentID(), /* PluginID */
+ OP_FLAG_SKIP_MODIFIED_ATTRS); /* Flags */
slapi_modify_internal_pb (&pb);
slapi_pblock_get(&pb, SLAPI_PLUGIN_INTOP_RESULT, &res);
Index: slapi-plugin.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/slapi-plugin.h,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- slapi-plugin.h 4 Oct 2007 16:27:47 -0000 1.18
+++ slapi-plugin.h 5 Oct 2007 23:31:07 -0000 1.19
@@ -1360,6 +1360,7 @@
#define SLAPI_IS_REPLICATED_OPERATION 142
#define SLAPI_IS_MMR_REPLICATED_OPERATION 153
#define SLAPI_IS_LEGACY_REPLICATED_OPERATION 154
+#define SLAPI_SKIP_MODIFIED_ATTRS 155
/* connection */
#define SLAPI_CONN_DN 143
Index: slapi-private.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/slapi-private.h,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- slapi-private.h 7 Sep 2007 19:08:45 -0000 1.16
+++ slapi-private.h 5 Oct 2007 23:31:07 -0000 1.17
@@ -380,22 +380,27 @@
/* operation.c */
-#define OP_FLAG_PS 0x0001
-#define OP_FLAG_PS_CHANGESONLY 0x0002
-#define OP_FLAG_GET_EFFECTIVE_RIGHTS 0x0004
-#define OP_FLAG_REPLICATED 0x0008 /* A Replicated Operation */
-#define OP_FLAG_REPL_FIXUP 0x0010 /* A Fixup Operation, generated as a consequence of a Replicated Operation. */
-#define OP_FLAG_INTERNAL 0x0020 /* An operation generated by the core server or a plugin. */
-#define OP_FLAG_ACTION_LOG_ACCESS 0x0040
-#define OP_FLAG_ACTION_LOG_AUDIT 0x0080
-#define OP_FLAG_ACTION_SCHEMA_CHECK 0x0100
-#define OP_FLAG_ACTION_LOG_CHANGES 0x0200
-#define OP_FLAG_ACTION_INVOKE_FOR_REPLOP 0x0400
+#define OP_FLAG_PS 0x00001
+#define OP_FLAG_PS_CHANGESONLY 0x00002
+#define OP_FLAG_GET_EFFECTIVE_RIGHTS 0x00004
+#define OP_FLAG_REPLICATED 0x00008 /* A Replicated Operation */
+#define OP_FLAG_REPL_FIXUP 0x00010 /* A Fixup Operation, generated as a
+ * consequence of a Replicated Operation. */
+#define OP_FLAG_INTERNAL 0x00020 /* An operation generated by the core
+ * server or a plugin. */
+#define OP_FLAG_ACTION_LOG_ACCESS 0x00040
+#define OP_FLAG_ACTION_LOG_AUDIT 0x00080
+#define OP_FLAG_ACTION_SCHEMA_CHECK 0x00100
+#define OP_FLAG_ACTION_LOG_CHANGES 0x00200
+#define OP_FLAG_ACTION_INVOKE_FOR_REPLOP 0x00400
#define OP_FLAG_NEVER_CHAIN SLAPI_OP_FLAG_NEVER_CHAIN /* 0x0800 */
-#define OP_FLAG_TOMBSTONE_ENTRY 0x1000
-#define OP_FLAG_RESURECT_ENTRY 0x2000
-#define OP_FLAG_LEGACY_REPLICATION_DN 0x4000 /* Operation done by legacy replication DN */
-#define OP_FLAG_ACTION_NOLOG 0x8000 /* Do not log the entry in audit log or change log */
+#define OP_FLAG_TOMBSTONE_ENTRY 0x01000
+#define OP_FLAG_RESURECT_ENTRY 0x02000
+#define OP_FLAG_LEGACY_REPLICATION_DN 0x04000 /* Operation done by legacy replication DN */
+#define OP_FLAG_ACTION_NOLOG 0x08000 /* Do not log the entry in audit log or
+ * change log */
+#define OP_FLAG_SKIP_MODIFIED_ATTRS 0x10000 /* Do not update the modifiersname,
+ * modifiedtimestamp, etc. attributes */
CSN *operation_get_csn(Slapi_Operation *op);
void operation_set_csn(Slapi_Operation *op,CSN *csn);
Index: ssl.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/ssl.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- ssl.c 29 Jan 2007 23:44:49 -0000 1.13
+++ ssl.c 5 Oct 2007 23:31:07 -0000 1.14
@@ -884,7 +884,7 @@
"slapd_ssl_init2", "tmp dir = %s\n", tmpDir);
rv = SSL_ConfigServerSessionIDCache(0, stimeout, stimeout, tmpDir);
- slapi_ch_free(&tmpDir);
+ slapi_ch_free_string(&tmpDir);
if (rv) {
errorCode = PR_GetError();
if (errorCode == ENOSPC) {
16 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd log.c, 1.17, 1.18 libglobs.c, 1.21, 1.22
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1833
Modified Files:
log.c libglobs.c
Log Message:
Resolves: #173873
Summary: Directory Server should shutdown if it fails to write logs (comment #7)
Change Description:
1. introduced a new static function log__error_emergency, which is called at
emergency to log to the syslog and at least try to log into the errors log one
more time.
2. added an error parameter to the macro LOG_WRITE_NOW to return if the writing
to the log was successful or not.
3. if opening an errors log or writing to an errors log failed, call
g_set_shutdown to shutdown the server gracefully.
4. log__error_emergency calls writing log function (LDAPDebug --> slapd_log_error_proc_internal) with ERROR_LOCK_WRITE unlocked, if locked.
Index: log.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/log.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- log.c 3 Oct 2007 20:17:22 -0000 1.17
+++ log.c 5 Oct 2007 17:00:04 -0000 1.18
@@ -126,7 +126,7 @@
static int log__getfilesize(LOGFD fp);
static int log__enough_freespace(char *path);
-static int vslapd_log_error(LOGFD fp, char *subsystem, char *fmt, va_list ap );
+static int vslapd_log_error(LOGFD fp, char *subsystem, char *fmt, va_list ap, int locked );
static int vslapd_log_access(char *fmt, va_list ap );
static void log_convert_time (time_t ctime, char *tbuf, int type);
static time_t log_reverse_convert_time (char *tbuf);
@@ -134,7 +134,7 @@
static void log_append_buffer2(time_t tnl, LogBufferInfo *lbi, char *msg1, size_t size1, char *msg2, size_t size2);
static void log_flush_buffer(LogBufferInfo *lbi, int type, int sync_now);
static void log_write_title(LOGFD fp);
-
+static void log__error_emergency(const char *errstr, int reopen, int locked);
static int
slapd_log_error_proc_internal(
@@ -154,8 +154,8 @@
* LOG_OPEN_WRITE(fd, filename, mode) is the same but truncates the file and
* starts writing at the beginning of the file.
* LOG_WRITE(fd, buffer, size, headersize) writes into a LOGFD
- * LOG_WRITE_NOW(fd, buffer, size, headersize) writes into a LOGFD and flushes the
- * buffer if necessary
+ * LOG_WRITE_NOW(fd, buffer, size, headersize, err) writes into a LOGFD and
+ * flushes the buffer if necessary
* LOG_CLOSE(fd) closes the logfile
*/
#ifdef XP_WIN32
@@ -168,10 +168,12 @@
{\
ReportSlapdEvent(EVENTLOG_INFORMATION_TYPE, MSG_SERVER_FAILED_TO_WRITE_LOG, 1, (buffer)); \
}
-#define LOG_WRITE_NOW(fd, buffer, size, headersize) do {\
+#define LOG_WRITE_NOW(fd, buffer, size, headersize, err) do {\
+ (err) = 0; \
if ( fwrite((buffer), (size), 1, (fd)) != 1 ) \
{ \
ReportSlapdEvent(EVENTLOG_INFORMATION_TYPE, MSG_SERVER_FAILED_TO_WRITE_LOG, 1, (buffer)); \
+ (err) = 1; \
}; \
fflush((fd)); \
} while (0)
@@ -190,11 +192,13 @@
PRErrorCode prerr = PR_GetError(); \
syslog(LOG_ERR, "Failed to write log, " SLAPI_COMPONENT_NAME_NSPR " error %d (%s): %s\n", prerr, slapd_pr_strerror(prerr), (buffer)+(headersize) ); \
}
-#define LOG_WRITE_NOW(fd, buffer, size, headersize) do {\
+#define LOG_WRITE_NOW(fd, buffer, size, headersize, err) do {\
+ (err) = 0; \
if ( slapi_write_buffer((fd), (buffer), (size)) != (size) ) \
{ \
PRErrorCode prerr = PR_GetError(); \
syslog(LOG_ERR, "Failed to write log, " SLAPI_COMPONENT_NAME_NSPR " error %d (%s): %s\n", prerr, slapd_pr_strerror(prerr), (buffer)+(headersize) ); \
+ (err) = prerr; \
} \
/* Should be a flush in here ?? Yes because PR_SYNC doesn't work ! */ \
PR_Sync(fd); \
@@ -528,10 +532,13 @@
/* try to open the file, we may have a incorrect path */
if (! LOG_OPEN_APPEND(fp, pathname, loginfo.log_error_mode)) {
- LDAPDebug(LDAP_DEBUG_ANY, "WARNING: can't open file %s. "
- "errno %d (%s)\n",
- pathname, errno, slapd_system_strerror(errno));
+ char buffer[SLAPI_LOG_BUFSIZ];
+ PRErrorCode prerr = PR_GetError();
/* stay with the current log file */
+ PR_snprintf(buffer, sizeof(buffer),
+ "Failed to open file %s. error %d (%s). Exiting...",
+ pathname, prerr, slapd_pr_strerror(prerr));
+ log__error_emergency(buffer, 0, 0);
return LDAP_UNWILLING_TO_PERFORM;
}
@@ -1589,11 +1596,12 @@
char *buildnum = config_get_buildnum();
char buff[512];
int bufflen = sizeof(buff);
+ int err = 0;
PR_snprintf(buff, bufflen, "\t%s B%s\n",
fe_cfg->versionstring ? fe_cfg->versionstring : "Fedora-Directory",
buildnum ? buildnum : "");
- LOG_WRITE_NOW(fp, buff, strlen(buff), 0);
+ LOG_WRITE_NOW(fp, buff, strlen(buff), 0, err);
if (fe_cfg->localhost) {
PR_snprintf(buff, bufflen, "\t%s:%d (%s)\n\n",
@@ -1608,7 +1616,7 @@
PR_snprintf(buff, bufflen, "\t<host>:<port> (%s)\n\n",
fe_cfg->configdir ? fe_cfg->configdir : "");
}
- LOG_WRITE_NOW(fp, buff, strlen(buff), 0);
+ LOG_WRITE_NOW(fp, buff, strlen(buff), 0, err);
slapi_ch_free((void **)&buildnum);
}
@@ -1696,6 +1704,7 @@
char *buffer,
int buf_len)
{
+ int err;
if ( (loginfo.log_audit_state & LOGGING_ENABLED) && (loginfo.log_audit_file != NULL) ){
LOG_AUDIT_LOCK_WRITE( );
if (log__needrotation(loginfo.log_audit_fdes,
@@ -1715,7 +1724,7 @@
log_write_title( loginfo.log_audit_fdes);
loginfo.log_audit_state &= ~LOGGING_NEED_TITLE;
}
- LOG_WRITE_NOW(loginfo.log_audit_fdes, buffer, buf_len, 0);
+ LOG_WRITE_NOW(loginfo.log_audit_fdes, buffer, buf_len, 0, err);
LOG_AUDIT_UNLOCK_WRITE();
return 0;
}
@@ -1755,6 +1764,8 @@
SLAPD_ERROR_LOG) == LOG_ROTATE) {
if (log__open_errorlogfile(LOGFILE_NEW, 1) != LOG_SUCCESS) {
LOG_ERROR_UNLOCK_WRITE();
+ /* shouldn't continue. error is syslog'ed in open_errorlogfile */
+ g_set_shutdown( SLAPI_SHUTDOWN_EXIT );
return 0;
}
while (loginfo.log_error_rotationsyncclock <= loginfo.log_error_ctime) {
@@ -1763,19 +1774,19 @@
}
if (!(detached)) {
- rc = vslapd_log_error( NULL, subsystem, fmt, ap_err );
+ rc = vslapd_log_error( NULL, subsystem, fmt, ap_err, 1 );
}
if ( loginfo.log_error_fdes != NULL ) {
if (loginfo.log_error_state & LOGGING_NEED_TITLE) {
log_write_title(loginfo.log_error_fdes);
loginfo.log_error_state &= ~LOGGING_NEED_TITLE;
}
- rc = vslapd_log_error( loginfo.log_error_fdes, subsystem, fmt, ap_file );
+ rc = vslapd_log_error( loginfo.log_error_fdes, subsystem, fmt, ap_file, 1 );
}
LOG_ERROR_UNLOCK_WRITE();
} else {
/* log the problem in the stderr */
- rc = vslapd_log_error( NULL, subsystem, fmt, ap_err );
+ rc = vslapd_log_error( NULL, subsystem, fmt, ap_err, 0 );
}
return( rc );
}
@@ -1785,17 +1796,19 @@
LOGFD fp,
char *subsystem, /* omitted if NULL */
char *fmt,
- va_list ap )
+ va_list ap,
+ int locked )
{
- time_t tnl;
- long tz;
- struct tm *tmsp, tms;
- char tbuf[ TBUFSIZE ];
- char sign;
- char buffer[SLAPI_LOG_BUFSIZ];
- int blen;
- char *vbuf;
- int header_len = 0;
+ time_t tnl;
+ long tz;
+ struct tm *tmsp, tms;
+ char tbuf[ TBUFSIZE ];
+ char sign;
+ char buffer[SLAPI_LOG_BUFSIZ];
+ int blen;
+ char *vbuf;
+ int header_len = 0;
+ int err = 0;
tnl = current_time();
#ifdef _WIN32
@@ -1813,50 +1826,67 @@
#else /* BSD_TIME */
tz = - timezone;
if ( tmsp->tm_isdst ) {
- tz += 3600;
+ tz += 3600;
}
#endif /* BSD_TIME */
sign = ( tz >= 0 ? '+' : '-' );
if ( tz < 0 ) {
- tz = -tz;
+ tz = -tz;
}
(void)strftime( tbuf, (size_t)TBUFSIZE, "%d/%b/%Y:%H:%M:%S", tmsp);
sprintf( buffer, "[%s %c%02d%02d]%s%s - ", tbuf, sign,
- (int)( tz / 3600 ), (int)( tz % 3600 ),
- subsystem ? " " : "",
- subsystem ? subsystem : "");
-
- /* Bug 561525: to be able to remove timestamp to not over pollute syslog, we may need
- to skip the timestamp part of the message.
- The size of the header is:
- the size of the time string
- + size of space
- + size of one char (sign)
- + size of 2 char
- + size of 2 char
- + size of [
- + size of ]
- */
+ (int)( tz / 3600 ), (int)( tz % 3600 ),
+ subsystem ? " " : "",
+ subsystem ? subsystem : "");
+
+ /* Bug 561525: to be able to remove timestamp to not over pollute syslog, we may need
+ to skip the timestamp part of the message.
+ The size of the header is:
+ the size of the time string
+ + size of space
+ + size of one char (sign)
+ + size of 2 char
+ + size of 2 char
+ + size of [
+ + size of ]
+ */
- header_len = strlen(tbuf) + 8;
+ header_len = strlen(tbuf) + 8;
if ((vbuf = PR_vsmprintf(fmt, ap)) == NULL) {
- return -1;
+ return -1;
}
blen = strlen(buffer);
- if ((unsigned int)(SLAPI_LOG_BUFSIZ - blen ) < strlen(vbuf)) {
- free (vbuf);
- return -1;
- }
-
- sprintf (buffer+blen, "%s", vbuf);
+ PR_snprintf (buffer+blen, sizeof(buffer)-blen, "%s", vbuf);
+ buffer[sizeof(buffer)-1] = '\0';
if (fp)
- LOG_WRITE_NOW(fp, buffer, strlen(buffer), header_len);
-
-
+#if 0
+ LOG_WRITE_NOW(fp, buffer, strlen(buffer), header_len, err);
+#else
+ do {
+ int size = strlen(buffer);
+ (err) = 0;
+ if ( slapi_write_buffer((fp), (buffer), (size)) != (size) )
+ {
+ PRErrorCode prerr = PR_GetError();
+ syslog(LOG_ERR, "Failed to write log, " SLAPI_COMPONENT_NAME_NSPR " error %d (%s): %s\n", prerr, slapd_pr_strerror(prerr), (buffer)+(header_len) );
+ (err) = prerr;
+ }
+ /* Should be a flush in here ?? Yes because PR_SYNC doesn't work ! */
+ PR_Sync(fp);
+ } while (0);
+#endif
else /* stderr is always unbuffered */
- fprintf(stderr, "%s", buffer);
+ fprintf(stderr, "%s", buffer);
+
+ if (err) {
+ PR_snprintf(buffer, sizeof(buffer),
+ "Writing to the errors log failed. Exiting...");
+ log__error_emergency(buffer, 1, locked);
+ /* failed to write to the errors log. should not continue. */
+ g_set_shutdown( SLAPI_SHUTDOWN_EXIT );
+ }
PR_smprintf_free (vbuf);
return( 0 );
@@ -1865,31 +1895,31 @@
int
slapi_log_error( int severity, char *subsystem, char *fmt, ... )
{
- va_list ap1;
- va_list ap2;
- int rc;
+ va_list ap1;
+ va_list ap2;
+ int rc;
if ( severity < SLAPI_LOG_MIN || severity > SLAPI_LOG_MAX ) {
- (void)slapd_log_error_proc( subsystem,
- "slapi_log_error: invalid severity %d (message %s)\n",
- severity, fmt );
- return( -1 );
+ (void)slapd_log_error_proc( subsystem,
+ "slapi_log_error: invalid severity %d (message %s)\n",
+ severity, fmt );
+ return( -1 );
}
-
+ if (
#ifdef _WIN32
- if ( *module_ldap_debug
+ *module_ldap_debug
#else
- if ( slapd_ldap_debug
+ slapd_ldap_debug
#endif
- & slapi_log_map[ severity ] ) {
- va_start( ap1, fmt );
- va_start( ap2, fmt );
- rc = slapd_log_error_proc_internal( subsystem, fmt, ap1, ap2 );
- va_end( ap1 );
- va_end( ap2 );
+ & slapi_log_map[ severity ] ) {
+ va_start( ap1, fmt );
+ va_start( ap2, fmt );
+ rc = slapd_log_error_proc_internal( subsystem, fmt, ap1, ap2 );
+ va_end( ap1 );
+ va_end( ap2 );
} else {
- rc = 0; /* nothing to be logged --> always return success */
+ rc = 0; /* nothing to be logged --> always return success */
}
return( rc );
@@ -1899,13 +1929,13 @@
slapi_is_loglevel_set ( const int loglevel )
{
- return (
+ return (
#ifdef _WIN32
*module_ldap_debug
#else
slapd_ldap_debug
#endif
- & slapi_log_map[ loglevel ] ? 1 : 0);
+ & slapi_log_map[ loglevel ] ? 1 : 0);
}
@@ -3474,6 +3504,31 @@
return logfile_type;
}
+static void
+log__error_emergency(const char *errstr, int reopen, int locked)
+{
+ syslog(LOG_ERR, "%s\n", errstr);
+
+ /* emergency open */
+ if (!reopen) {
+ return;
+ }
+ if (NULL != loginfo.log_error_fdes) {
+ LOG_CLOSE(loginfo.log_error_fdes);
+ }
+ if (! LOG_OPEN_APPEND(loginfo.log_error_fdes,
+ loginfo.log_error_file, loginfo.log_error_mode)) {
+ PRErrorCode prerr = PR_GetError();
+ syslog(LOG_ERR, "Failed to reopen errors log file, " SLAPI_COMPONENT_NAME_NSPR " error %d (%s)\n", prerr, slapd_pr_strerror(prerr));
+ } else {
+ /* LDAPDebug locks ERROR_LOCK_WRITE internally */
+ if (locked) LOG_ERROR_UNLOCK_WRITE();
+ LDAPDebug(LDAP_DEBUG_ANY, "%s\n", errstr, 0, 0);
+ if (locked) LOG_ERROR_LOCK_WRITE( );
+ }
+ return;
+}
+
/******************************************************************************
* log__open_errorlogfile
*
@@ -3485,7 +3540,7 @@
{
time_t now;
- LOGFD fp;
+ LOGFD fp = NULL;
LOGFD fpinfo = NULL;
char tbuf[TBUFSIZE];
struct logfileinfo *logp;
@@ -3500,6 +3555,9 @@
pw = slapdFrontendConfig->localuserinfo;
}
else {
+ PR_snprintf(buffer, sizeof(buffer),
+ "Invalid nsslapd-localuser. Cannot open the errors log. Exiting...");
+ log__error_emergency(buffer, 0, locked);
return LOG_UNABLE_TO_OPENFILE;
}
#endif
@@ -3541,6 +3599,14 @@
log_convert_time (log->l_ctime, tbuf, 1/*short */);
PR_snprintf(newfile, sizeof(newfile), "%s.%s", loginfo.log_error_file, tbuf);
if (PR_Rename (loginfo.log_error_file, newfile) != PR_SUCCESS) {
+ PRErrorCode prerr = PR_GetError();
+ PR_snprintf(buffer, sizeof(buffer),
+ "Failed to rename errors log file, "
+ SLAPI_COMPONENT_NAME_NSPR " error %d (%s). Exiting...",
+ prerr, slapd_pr_strerror(prerr));
+ log__error_emergency(buffer, 1, 1);
+ slapi_ch_free((void **)&log);
+ if (!locked) LOG_ERROR_UNLOCK_WRITE();
return LOG_UNABLE_TO_OPENFILE;
}
@@ -3551,15 +3617,17 @@
}
}
-
/* open a new log file */
if (! LOG_OPEN_APPEND(fp, loginfo.log_error_file, loginfo.log_error_mode)) {
- LDAPDebug(LDAP_DEBUG_ANY, "WARNING: can't open file %s. "
- "errno %d (%s)\n",
+ PR_snprintf(buffer, sizeof(buffer),
+ "Failed to open errors log file %s: error %d (%s); Exiting...",
loginfo.log_error_file, errno, slapd_system_strerror(errno));
+ log__error_emergency(buffer, 1, locked);
if (!locked) LOG_ERROR_UNLOCK_WRITE();
+ /* failed to write to the errors log. should not continue. */
+ g_set_shutdown( SLAPI_SHUTDOWN_EXIT );
/*if I have an old log file -- I should log a message
- ** that I can't open the new file. Let the caller worry
+ ** that I can't open the new file. Let the caller worry
** about logging message.
*/
return LOG_UNABLE_TO_OPENFILE;
@@ -3583,9 +3651,10 @@
loginfo.log_error_state |= LOGGING_NEED_TITLE;
if (! LOG_OPEN_WRITE(fpinfo, loginfo.log_errorinfo_file, loginfo.log_error_mode)) {
- LDAPDebug(LDAP_DEBUG_ANY, "WARNING: can't open file %s. "
- "errno %d (%s)\n",
- loginfo.log_errorinfo_file, errno, slapd_system_strerror(errno));
+ PR_snprintf(buffer, sizeof(buffer),
+ "Failed to open/write to errors log file %s: error %d (%s). Exiting...",
+ loginfo.log_error_file, errno, slapd_system_strerror(errno));
+ log__error_emergency(buffer, 1, locked);
if (!locked) LOG_ERROR_UNLOCK_WRITE();
return LOG_UNABLE_TO_OPENFILE;
}
@@ -3597,7 +3666,7 @@
LOG_WRITE(fpinfo, buffer, strlen(buffer), 0);
logp = loginfo.log_error_logchain;
- while ( logp) {
+ while (logp) {
log_convert_time (logp->l_ctime, tbuf, 1 /*short */);
PR_snprintf(buffer, sizeof(buffer), "LOGINFO:%s%s.%s (%lu) (%u)\n",
PREVLOGFILE, loginfo.log_error_file, tbuf, logp->l_ctime, logp->l_size);
@@ -3607,7 +3676,7 @@
/* Close the info file. We need only when we need to rotate to the
** next log file.
*/
- if (fpinfo) LOG_CLOSE(fpinfo);
+ if (fpinfo) LOG_CLOSE(fpinfo);
/* This is now the current error log */
loginfo.log_error_ctime = now;
@@ -3836,6 +3905,7 @@
static void log_flush_buffer(LogBufferInfo *lbi, int type, int sync_now)
{
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+ int err = 0;
if (type == SLAPD_ACCESS_LOG) {
@@ -3868,7 +3938,8 @@
if (!sync_now && slapdFrontendConfig->accesslogbuffering) {
LOG_WRITE(loginfo.log_access_fdes, lbi->top, lbi->current - lbi->top, 0);
} else {
- LOG_WRITE_NOW(loginfo.log_access_fdes, lbi->top, lbi->current - lbi->top, 0);
+ LOG_WRITE_NOW(loginfo.log_access_fdes, lbi->top,
+ lbi->current - lbi->top, 0, err);
}
lbi->current = lbi->top;
Index: libglobs.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/libglobs.c,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -r1.21 -r1.22
--- libglobs.c 20 Sep 2007 16:54:38 -0000 1.21
+++ libglobs.c 5 Oct 2007 17:00:04 -0000 1.22
@@ -3034,22 +3034,26 @@
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
if ( config_value_is_null( attrname, value, errorbuf, 1 )) {
- return LDAP_OPERATIONS_ERROR;
+ return LDAP_OPERATIONS_ERROR;
}
retVal = log_update_errorlogdir ( value, apply );
if ( retVal != LDAP_SUCCESS ) {
- PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE,
- "Cannot open errorlog directory \"%s\", errors will "
- "not be logged.", value );
+ PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE,
+ "Cannot open errorlog file \"%s\", errors cannot be logged. Exiting...",
+ value );
+ syslog(LOG_ERR,
+ "Cannot open errorlog file \"%s\", errors cannot be logged. Exiting...",
+ value );
+ g_set_shutdown( SLAPI_SHUTDOWN_EXIT );
}
if ( apply ) {
- CFG_LOCK_WRITE(slapdFrontendConfig);
- slapi_ch_free ( (void **) &(slapdFrontendConfig->errorlog) );
- slapdFrontendConfig->errorlog = slapi_ch_strdup ( value );
- CFG_UNLOCK_WRITE(slapdFrontendConfig);
+ CFG_LOCK_WRITE(slapdFrontendConfig);
+ slapi_ch_free ( (void **) &(slapdFrontendConfig->errorlog) );
+ slapdFrontendConfig->errorlog = slapi_ch_strdup ( value );
+ CFG_UNLOCK_WRITE(slapdFrontendConfig);
}
return retVal;
}
16 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts DSMigration.pm.in, 1.17, 1.18 migrate-ds.res, 1.5, 1.6
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25350/ldapserver/ldap/admin/src/scripts
Modified Files:
DSMigration.pm.in migrate-ds.res
Log Message:
Resolves: bug 249366
Bug Description: rhds71 - search filters returns too many entries on interger attributes value greater than 2 to the 31
Reviewed by: nhosoi, nkinder (Thanks!)
Fix Description: This handles the migration part. The first part is when migrating the schema. Look for all integer syntax attributes. This can be tricky if there are SUP attribute types derived from integer syntax attributes. numSubordinates and hasSubordinates are skipped because they are handled specially by the db code. The next step is to scan all of the index files in the new db directory. If any integer indexes are found, they will be removed and recreated.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: Yes. Will need to document that this happens during migration if not cross platform.
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: Will need to create some integer indexes and do same platform migration to see if this works
Index: DSMigration.pm.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/DSMigration.pm.in,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- DSMigration.pm.in 24 Sep 2007 22:54:47 -0000 1.17
+++ DSMigration.pm.in 5 Oct 2007 02:30:07 -0000 1.18
@@ -311,6 +311,45 @@
return $tmpldiffile;
}
+sub fixIntegerIndexes {
+ my $mig = shift;
+ my $inst_dir = shift;
+ my $newdbdir = shift;
+
+ if (!$mig->{integerattrs}) {
+ debug(1, "No integer syntax attributes, no indexes fixed\n");
+ return ();
+ }
+
+ # look at each index file in the db dir
+ # if it is on our list of integer attributes,
+ # remove it and re-create it
+ my $dbname = basename($newdbdir);
+ for (glob("$newdbdir/*.db4")) {
+ my $indexname = basename($_, '.db4');
+ if ($mig->{integerattrs}->{lc $indexname}) {
+ $mig->msg($INFO, 'fixing_integer_attr_index', $indexname, $newdbdir);
+ debug(1, "Removing file $_\n");
+ if (! unlink $_) {
+ debug(1, "Error: could not remove file $_: $!\n");
+ return ('error_removing_index_file', $_, $!);
+ }
+ my $cmd = "$inst_dir/db2index -n \"$dbname\" -t \"$indexname\"";
+ debug(1, "Re-creating index file $_: $cmd\n");
+ $? = 0; # clear error condition
+ my $output = `$cmd 2>&1`;
+ if ($?) {
+ return ('error_recreating_index_file', $_, $output);
+ }
+ debug(1, $output);
+ } else {
+ debug(3, "Index $indexname is not for an integer syntax attribute - skipping\n");
+ }
+ }
+
+ return ();
+}
+
# migrate all of the databases in an instance
sub migrateDatabases {
my $mig = shift; # the Migration object
@@ -436,6 +475,15 @@
if (@errs = copyDatabaseDirs($srcdir, "$newdbdir")) {
return @errs;
}
+ # fix up the integer indexes
+ if ($mig->{integerattrs}) {
+ debug(3, "The schema has some integer attributes\n");
+ if (@errs = fixIntegerIndexes($mig, $inst_dir, $newdbdir)) {
+ return @errs;
+ }
+ } else {
+ debug(3, "No integer attributes to fix for $newdbdir\n");
+ }
}
}
} while ($ent = $src->nextEntry());
@@ -680,6 +728,12 @@
'51ns-calendar' => '51ns-calendar.ldif'
);
+# these indexes are handled specially by the db code
+my %intattrstoskip = (
+ 'numsubordinates' => 'numSubordinates',
+ 'hassubordinates' => 'hasSubordinates'
+);
+
sub migrateSchema {
my $mig = shift; # the Migration object
my $inst = shift; # the instance name (e.g. slapd-instance)
@@ -700,6 +754,39 @@
}
}
+ if (!$mig->{crossplatform}) {
+ # now, for all of the new schema, we need to get the list of attribute
+ # types with INTEGER syntax, including derived types (e.g. SUP 'attr')
+ # not required for cross platform because import of the old ldif file
+ # will automatically recreate all indexes
+ my %intattrs = ();
+ for (glob("$newschemadir/*.ldif")) {
+ # read in schema entry from LDIF
+ open( MYSCHEMA, $_ ) || die "Can't open $_: $!";
+ my $in = new Mozilla::LDAP::LDIF(*MYSCHEMA);
+ while (my $ent = readOneEntry $in) {
+ my @attrs = $ent->getValues('attributeTypes');
+ foreach my $attr (@attrs) {
+ # first see if the attribute definition uses INTEGER syntax
+ # else see if the super uses INTEGER - note this assumes the attributes
+ # are listed in the files in SUP order - that is, an attribute does
+ # not reference a SUP before it is defined
+ if ($attr =~ / NAME (?:\(\s)?[\']?(\w+)[\']?.* SYNTAX 1.3.6.1.4.1.1466.115.121.1.27[\{\s]/) {
+ next if ($intattrstoskip{lc $1});
+ $intattrs{lc $1} = $1;
+ } elsif (($attr =~ / NAME (?:\(\s)?[\']?(\w+)[\']?.*SUP [\']?(\w+)[\']?/) &&
+ $intattrs{lc $2}) {
+ next if ($intattrstoskip{lc $1});
+ $intattrs{lc $1} = $1;
+ }
+ }
+ }
+ close MYSCHEMA;
+ }
+ # %intattrs now contains all of the integer valued attributes
+ $mig->{integerattrs} = \%intattrs; # hashref
+ }
+
return ();
}
Index: migrate-ds.res
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/migrate-ds.res,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- migrate-ds.res 30 Aug 2007 00:06:51 -0000 1.5
+++ migrate-ds.res 5 Oct 2007 02:30:07 -0000 1.6
@@ -22,3 +22,6 @@
database files are not binary compatible, and the new databases must\
be initialized from an LDIF export of the old databases. Please refer\
to the migration instructions for help with how to do this.\n\n
+fixing_integer_attr_index = The index for the attribute '%s' in the database directory '%s' will be removed and re-created.\n\n
+error_removing_index_file = Could not remove the index file '%s'. Error: %s\n\n
+error_recreating_index_file = Could not re-create the index file '%s'. Error: %s\n\n
16 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd attrsyntax.c, 1.5, 1.6 dn.c, 1.9, 1.10 libslapd.def, 1.17, 1.18 slapi-plugin.h, 1.17, 1.18
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv434/slapd
Modified Files:
attrsyntax.c dn.c libslapd.def slapi-plugin.h
Log Message:
Resolves: 288321
Summary: Handle poorly formatted DN's when normalizing. Also only check modify values against authenticated DN for DN syntax attributes.
Index: attrsyntax.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/attrsyntax.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- attrsyntax.c 10 Nov 2006 23:45:40 -0000 1.5
+++ attrsyntax.c 4 Oct 2007 16:27:47 -0000 1.6
@@ -731,6 +731,22 @@
}
}
+/* Returns the oid of the syntax of the Slapi_Attr that's passed in.
+ * The caller must dispose of oid by calling slapi_ch_free_string(). */
+int
+slapi_attr_get_syntax_oid_copy( const Slapi_Attr *a, char **oidp )
+{
+ void *pi = NULL;
+
+ if (a && (slapi_attr_type2plugin(a->a_type, &pi) == 0)) {
+ *oidp = slapi_ch_strdup(plugin_syntax2oid(pi));
+ return( 0 );
+ } else {
+ *oidp = NULL;
+ return( -1 );
+ }
+}
+
#ifdef ATTR_LDAP_DEBUG
PRIntn
Index: dn.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/dn.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- dn.c 10 Nov 2006 23:45:40 -0000 1.9
+++ dn.c 4 Oct 2007 16:27:47 -0000 1.10
@@ -342,7 +342,13 @@
/*
* Track and sort attribute values within multivalued RDNs.
*/
- if ( rdn_av_count > 0 ) {
+ /* We may still be in an unexpected state, such as B4TYPE if
+ * we encountered something odd like a '+' at the end of the
+ * rdn. If this is the case, we don't want to add this bogus
+ * rdn to our list to sort. We should only be in the INVALUE
+ * or B4SEPARATOR state if we have a valid rdn component to
+ * be added. */
+ if ((rdn_av_count > 0) && ((state == INVALUE) || (state == B4SEPARATOR))) {
add_rdn_av( typestart, d, &rdn_av_count,
&rdn_avs, initial_rdn_av_stack );
}
@@ -352,7 +358,6 @@
if ( rdn_av_count > 0 ) {
reset_rdn_avs( &rdn_avs, &rdn_av_count );
}
-
/* Trim trailing spaces */
while ( d != dn && *(d - 1) == ' ' ) d--; /* XXX 518524 */
Index: libslapd.def
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/libslapd.def,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- libslapd.def 13 Oct 2006 01:06:28 -0000 1.17
+++ libslapd.def 4 Oct 2007 16:27:47 -0000 1.18
@@ -1180,6 +1180,7 @@
sasl_map_done @1179
slapd_SECITEM_FreeItem @1180
slapi_op_type_to_string @1181
+ slapi_attr_get_syntax_oid_copy @1182
; password syntax functions
config_set_pw_mindigits @1190
config_set_pw_minalphas @1191
Index: slapi-plugin.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/slapi-plugin.h,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- slapi-plugin.h 2 Oct 2007 18:39:50 -0000 1.17
+++ slapi-plugin.h 4 Oct 2007 16:27:47 -0000 1.18
@@ -398,6 +398,7 @@
int slapi_attr_type2plugin( const char *type, void **pi );
int slapi_attr_get_type( Slapi_Attr *attr, char **type );
int slapi_attr_get_oid_copy( const Slapi_Attr *attr, char **oidp );
+int slapi_attr_get_syntax_oid_copy( const Slapi_Attr *a, char **oidp );
int slapi_attr_get_flags( const Slapi_Attr *attr, unsigned long *flags );
int slapi_attr_flag_is_set( const Slapi_Attr *attr, unsigned long flag );
int slapi_attr_value_cmp( const Slapi_Attr *attr, const struct berval *v1, const struct berval *v2 );
16 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/acl acl.c, 1.8, 1.9
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/acl
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv434/plugins/acl
Modified Files:
acl.c
Log Message:
Resolves: 288321
Summary: Handle poorly formatted DN's when normalizing. Also only check modify values against authenticated DN for DN syntax attributes.
Index: acl.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/acl/acl.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- acl.c 10 Nov 2006 23:44:49 -0000 1.8
+++ acl.c 4 Oct 2007 16:27:47 -0000 1.9
@@ -235,7 +235,7 @@
Slapi_PBlock *pb,
Slapi_Entry *e, /* The Slapi_Entry */
char *attr, /* Attribute of the entry */
- struct berval *val, /* value of attr. NOT USED */
+ struct berval *val, /* value of attr */
int access /* requested access rights */
)
{
@@ -341,21 +341,32 @@
acl_init_aclpb ( pb, aclpb, clientDn, 0 );
TNF_PROBE_0_DEBUG(acl_aclpbinit_end,"ACL","");
-
- /* Here we mean if "I am trying to add/delete "myself" ? " */
- if (val && (access & SLAPI_ACL_WRITE) && (val->bv_len > 0) ) {
- /* should use slapi_sdn_compare() but that'a an extra malloc/free */
-
- char *dn_val_to_write =
- slapi_dn_normalize(slapi_ch_strdup(val->bv_val));
-
- if ( aclpb->aclpb_authorization_sdn &&
- slapi_utf8casecmp((ACLUCHP)dn_val_to_write, (ACLUCHP)
- slapi_sdn_get_ndn(aclpb->aclpb_authorization_sdn)) == 0) {
- access |= SLAPI_ACL_SELF;
- }
+ /* Here we mean if "I am trying to add/delete "myself" to a group, etc." We
+ * basically just want to see if the value matches the DN of the user that
+ * we're checking access for */
+ if (val && (access & SLAPI_ACL_WRITE) && (val->bv_len > 0)) {
+ Slapi_Attr *sa = slapi_attr_new();
+ char *oid = NULL;
+
+ slapi_attr_init(sa, attr);
+ slapi_attr_get_syntax_oid_copy(sa, &oid);
+
+ /* We only want to perform this check if the attribute is
+ * defined using the DN syntax. */
+ if (oid && (strcasecmp(oid, DN_SYNTAX_OID) == 0)) {
+ /* should use slapi_sdn_compare() but that'a an extra malloc/free */
+ char *dn_val_to_write = slapi_dn_normalize(slapi_ch_strdup(val->bv_val));
+ if ( aclpb->aclpb_authorization_sdn &&
+ slapi_utf8casecmp((ACLUCHP)dn_val_to_write, (ACLUCHP)
+ slapi_sdn_get_ndn(aclpb->aclpb_authorization_sdn)) == 0) {
+ access |= SLAPI_ACL_SELF;
+ }
- slapi_ch_free( (void **)&dn_val_to_write);
+ slapi_ch_free_string(&dn_val_to_write);
+ }
+
+ slapi_ch_free_string(&oid);
+ slapi_attr_free(&sa);
}
/* Convert access to string of rights eg SLAPI_ACL_ADD->"add". */
16 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm dblayer.c, 1.22, 1.23 index.c, 1.12, 1.13
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23581/ldapserver/ldap/servers/slapd/back-ldbm
Modified Files:
dblayer.c index.c
Log Message:
Resolves: bug 249366
Bug Description: rhds71 - search filters returns too many entries on interger attributes value greater than 2 to the 31
Reviewed by: nkinder, nhosoi (Thanks!)
Fix Description: I found a bug in my previous patch. The bt_compare function is used not only for comparing the actual key values but also for comparing raw index keys - that is, keys with the leading '=' or '*'. If comparing two keys, we should only use the syntax specific compare function if we are comparing two valid equality keys. A valid equality key begins with EQ_PREFIX and has at least one character after that. In this case, we strip off the EQ_PREFIX and pass the values to the syntax specific compare function. Otherwise, we just use a simple berval compare function that is based on memcmp.
The code in index_range_read needs to use a similar comparison algorithm, so I beefed up DBTcmp.
Why is this necessary? When doing a >= search or a <= search, we need to get the upper (for >=) or lower (for <=) bound for the range, which will either be the last (for >=) or first (for <=) equality key in the index. The index code uses a key of '=' to find the lower bound (which is lower than any key "=value") and a key of '>' to find the upper bound. A '=' with no value will collate before any real eq key with a value, and the ascii value of '>' is one greater than the ascii value of '='.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: dblayer.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/dblayer.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- dblayer.c 2 Oct 2007 18:39:51 -0000 1.22
+++ dblayer.c 4 Oct 2007 03:28:19 -0000 1.23
@@ -232,22 +232,42 @@
always normalize both arguments. We need to add an additional
syntax compare function that does not normalize or takes
an argument like value_cmp to specify to normalize or not.
-*/
-typedef int (*syntax_cmp_fn_type)(struct berval *, struct berval *);
+ More fun - this function is used to compare both raw database
+ keys (e.g. with the prefix '=' or '+' or '*' etc.) and without
+ (in the case of two equality keys, we want to strip off the
+ leading '=' to compare the actual values). We only use the
+ value_compare function if both keys are equality keys with
+ some data after the equality prefix. In every other case,
+ we will just use a standard berval cmp function.
+
+ see also DBTcmp
+*/
static int
dblayer_bt_compare(DB *db, const DBT *dbt1, const DBT *dbt2)
{
struct berval bv1, bv2;
value_compare_fn_type syntax_cmp_fn = (value_compare_fn_type)db->app_private;
- bv1.bv_val = (char *)dbt1->data+1; /* remove leading '=' */
- bv1.bv_len = (ber_len_t)dbt1->size-1;
+ if ((dbt1->data && (dbt1->size>1) && (*((char*)dbt1->data) == EQ_PREFIX)) &&
+ (dbt2->data && (dbt2->size>1) && (*((char*)dbt2->data) == EQ_PREFIX))) {
+ bv1.bv_val = (char *)dbt1->data+1; /* remove leading '=' */
+ bv1.bv_len = (ber_len_t)dbt1->size-1;
+
+ bv2.bv_val = (char *)dbt2->data+1; /* remove leading '=' */
+ bv2.bv_len = (ber_len_t)dbt2->size-1;
+
+ return syntax_cmp_fn(&bv1, &bv2);
+ }
+
+ /* else compare two "raw" index keys */
+ bv1.bv_val = (char *)dbt1->data;
+ bv1.bv_len = (ber_len_t)dbt1->size;
- bv2.bv_val = (char *)dbt2->data+1; /* remove leading '=' */
- bv2.bv_len = (ber_len_t)dbt2->size-1;
+ bv2.bv_val = (char *)dbt2->data;
+ bv2.bv_len = (ber_len_t)dbt2->size;
- return syntax_cmp_fn(&bv1, &bv2);
+ return slapi_berval_cmp(&bv1, &bv2);
}
/* this flag use if user remotely turned batching off */
Index: index.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/index.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- index.c 28 Sep 2007 23:46:40 -0000 1.12
+++ index.c 4 Oct 2007 03:28:19 -0000 1.13
@@ -895,16 +895,50 @@
return( idl );
}
+/* This function compares two index keys. It is assumed
+ that the values are already normalized, since they should have
+ been when the index was created (by int_values2keys).
+
+ richm - actually, the current syntax compare functions
+ always normalize both arguments. We need to add an additional
+ syntax compare function that does not normalize or takes
+ an argument like value_cmp to specify to normalize or not.
+
+ More fun - this function is used to compare both raw database
+ keys (e.g. with the prefix '=' or '+' or '*' etc.) and without
+ (in the case of two equality keys, we want to strip off the
+ leading '=' to compare the actual values). We only use the
+ value_compare function if both keys are equality keys with
+ some data after the equality prefix. In every other case,
+ we will just use a standard berval cmp function.
+
+ see also dblayer_bt_compare
+*/
static int
-DBTcmp (DBT* L, DBT* R)
+DBTcmp (DBT* L, DBT* R, value_compare_fn_type cmp_fn)
{
struct berval Lv;
struct berval Rv;
- Lv.bv_val = L->dptr; Lv.bv_len = L->dsize;
- Rv.bv_val = R->dptr; Rv.bv_len = R->dsize;
- return slapi_berval_cmp (&Lv, &Rv);
+
+ if ((L->data && (L->size>1) && (*((char*)L->data) == EQ_PREFIX)) &&
+ (R->data && (R->size>1) && (*((char*)R->data) == EQ_PREFIX))) {
+ Lv.bv_val = (char*)L->data+1; Lv.bv_len = (ber_len_t)L->size-1;
+ Rv.bv_val = (char*)R->data+1; Rv.bv_len = (ber_len_t)R->size-1;
+ /* use specific compare fn, if any */
+ cmp_fn = (cmp_fn ? cmp_fn : slapi_berval_cmp);
+ } else {
+ Lv.bv_val = (char*)L->data; Lv.bv_len = (ber_len_t)L->size;
+ Rv.bv_val = (char*)R->data; Rv.bv_len = (ber_len_t)R->size;
+ /* just compare raw bervals */
+ cmp_fn = slapi_berval_cmp;
+ }
+ return cmp_fn(&Lv, &Rv);
}
+/* This only works with normalized keys, which
+ should be ok because at this point both L and R
+ should have already been normalized
+*/
#define DBT_EQ(L,R) ((L)->dsize == (R)->dsize &&\
! memcmp ((L)->dptr, (R)->dptr, (L)->dsize))
@@ -1145,7 +1179,7 @@
"index_range_read(%s,%s) seek to end of index file err %i\n",
type, prefix, *err );
}
- } else if (DBTcmp (&upperkey, &cur_key) > 0) {
+ } else if (DBTcmp (&upperkey, &cur_key, ai->ai_key_cmp_fn) > 0) {
tmpbuf = slapi_ch_realloc (tmpbuf, cur_key.dsize);
memcpy (tmpbuf, cur_key.dptr, cur_key.dsize);
DBT_FREE_PAYLOAD(upperkey);
@@ -1233,8 +1267,8 @@
}
while (*err == 0 &&
(operator == SLAPI_OP_LESS) ?
- DBTcmp(&cur_key, &upperkey) < 0 :
- DBTcmp(&cur_key, &upperkey) <= 0) {
+ DBTcmp(&cur_key, &upperkey, ai->ai_key_cmp_fn) < 0 :
+ DBTcmp(&cur_key, &upperkey, ai->ai_key_cmp_fn) <= 0) {
/* exit the loop when we either run off the end of the table,
* fail to read a key, or read a key that's out of range.
*/
16 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd log.c, 1.16, 1.17
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24419
Modified Files:
log.c
Log Message:
Resolves: #304161
Summary: logrotation time of -1 causes hang
Change description:
1. slapd_log_audit_proc, slapd_log_error_proc_internal, and log_flush_buffer:
use absolute value of rotationtime_secs to calculate the rotationsyncclock.
2. when the result of "atoi" for nsslapd-XXX-logrotationtime is 0 due to the
invalid setting, logrotation time is reset to -1 (no rotation).
3. if nsslapd-XXX-logrotationtime and nsslapd-XXX-logexpirationtime is large
(near MAXINT) and calculated rotationtime_secs and/or exptime_secs is
overflown, set MAXINT to the sec value.
Index: log.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/log.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- log.c 17 Aug 2007 02:12:37 -0000 1.16
+++ log.c 3 Oct 2007 20:17:22 -0000 1.17
@@ -1050,6 +1050,10 @@
}
rtime = atoi(rtime_str);
+
+ if (0 == rtime) {
+ rtime = -1; /* Value Range: -1 | 1 to PR_INT32_MAX */
+ }
switch (logtype) {
case SLAPD_ACCESS_LOG:
@@ -1087,6 +1091,10 @@
value = -1;
}
+ if (rtime > 0 && value < 0) {
+ value = PR_INT32_MAX; /* overflown */
+ }
+
switch (logtype) {
case SLAPD_ACCESS_LOG:
fe_cfg->accesslog_rotationtime = rtime;
@@ -1116,7 +1124,7 @@
******************************************************************************/
int log_set_rotationtimeunit(const char *attrname, char *runit, int logtype, char *errorbuf, int apply)
{
- int value= 0;
+ int origvalue = 0, value = 0;
int runitType;
int rv = 0;
@@ -1150,15 +1158,15 @@
switch (logtype) {
case SLAPD_ACCESS_LOG:
LOG_ACCESS_LOCK_WRITE( );
- value = loginfo.log_access_rotationtime;
+ origvalue = loginfo.log_access_rotationtime;
break;
case SLAPD_ERROR_LOG:
LOG_ERROR_LOCK_WRITE( );
- value = loginfo.log_error_rotationtime;
+ origvalue = loginfo.log_error_rotationtime;
break;
case SLAPD_AUDIT_LOG:
LOG_AUDIT_LOCK_WRITE( );
- value = loginfo.log_audit_rotationtime;
+ origvalue = loginfo.log_audit_rotationtime;
break;
default:
rv = 1;
@@ -1166,23 +1174,27 @@
if (strcasecmp(runit, "month") == 0) {
runitType = LOG_UNIT_MONTHS;
- value *= 31 * 24 * 60 * 60;
+ value = origvalue * 31 * 24 * 60 * 60;
} else if (strcasecmp(runit, "week") == 0) {
runitType = LOG_UNIT_WEEKS;
- value *= 7 * 24 * 60 * 60;
+ value = origvalue * 7 * 24 * 60 * 60;
} else if (strcasecmp(runit, "day") == 0) {
runitType = LOG_UNIT_DAYS;
- value *= 24 * 60 * 60;
+ value = origvalue * 24 * 60 * 60;
} else if (strcasecmp(runit, "hour") == 0) {
runitType = LOG_UNIT_HOURS;
- value *= 3600;
+ value = origvalue * 3600;
} else if (strcasecmp(runit, "minute") == 0) {
runitType = LOG_UNIT_MINS;
- value *= 60;
+ value = origvalue * 60;
} else {
/* In this case we don't rotate */
runitType = LOG_UNIT_UNKNOWN;
- value = -1;
+ value = -1;
+ }
+
+ if (origvalue > 0 && value < 0) {
+ value = PR_INT32_MAX; /* overflown */
}
switch (logtype) {
@@ -1392,7 +1404,7 @@
return rv;
}
- exptime = atoi(exptime_str);
+ exptime = atoi(exptime_str); /* <= 0: no exptime */
switch (logtype) {
case SLAPD_ACCESS_LOG:
@@ -1429,9 +1441,12 @@
value = -1;
}
- if (value < rsec) {
+ if (value > 0 && value < rsec) {
value = rsec;
}
+ if (exptime > 0 && value < 0) {
+ value = PR_INT32_MAX; /* overflown */
+ }
switch (logtype) {
case SLAPD_ACCESS_LOG:
@@ -1534,7 +1549,7 @@
value = -1;
}
- if ((value> 0) && value < rsecs ) {
+ if ((value > 0) && value < rsecs) {
value = rsecs;
}
@@ -1693,7 +1708,7 @@
return 0;
}
while (loginfo.log_audit_rotationsyncclock <= loginfo.log_audit_ctime) {
- loginfo.log_audit_rotationsyncclock += loginfo.log_audit_rotationtime_secs;
+ loginfo.log_audit_rotationsyncclock += PR_ABS(loginfo.log_audit_rotationtime_secs);
}
}
if (loginfo.log_audit_state & LOGGING_NEED_TITLE) {
@@ -1743,7 +1758,7 @@
return 0;
}
while (loginfo.log_error_rotationsyncclock <= loginfo.log_error_ctime) {
- loginfo.log_error_rotationsyncclock += loginfo.log_error_rotationtime_secs;
+ loginfo.log_error_rotationsyncclock += PR_ABS(loginfo.log_error_rotationtime_secs);
}
}
@@ -2644,8 +2659,8 @@
if (loginfo.log_access_rotationsync_enabled &&
loginfo.log_access_rotationunit != LOG_UNIT_HOURS &&
loginfo.log_access_rotationunit != LOG_UNIT_MINS &&
- loginfo.log_access_ctime < loginfo.log_access_rotationsyncclock - loginfo.log_access_rotationtime_secs) {
- loginfo.log_access_rotationsyncclock -= loginfo.log_access_rotationtime_secs;
+ loginfo.log_access_ctime < loginfo.log_access_rotationsyncclock - PR_ABS(loginfo.log_access_rotationtime_secs)) {
+ loginfo.log_access_rotationsyncclock -= PR_ABS(loginfo.log_access_rotationtime_secs);
}
return logfile_type;
}
@@ -3365,8 +3380,8 @@
if (loginfo.log_error_rotationsync_enabled &&
loginfo.log_error_rotationunit != LOG_UNIT_HOURS &&
loginfo.log_error_rotationunit != LOG_UNIT_MINS &&
- loginfo.log_error_ctime < loginfo.log_error_rotationsyncclock - loginfo.log_error_rotationtime_secs) {
- loginfo.log_error_rotationsyncclock -= loginfo.log_error_rotationtime_secs;
+ loginfo.log_error_ctime < loginfo.log_error_rotationsyncclock - PR_ABS(loginfo.log_error_rotationtime_secs)) {
+ loginfo.log_error_rotationsyncclock -= PR_ABS(loginfo.log_error_rotationtime_secs);
}
return logfile_type;
@@ -3452,8 +3467,8 @@
if (loginfo.log_audit_rotationsync_enabled &&
loginfo.log_audit_rotationunit != LOG_UNIT_HOURS &&
loginfo.log_audit_rotationunit != LOG_UNIT_MINS &&
- loginfo.log_audit_ctime < loginfo.log_audit_rotationsyncclock - loginfo.log_audit_rotationtime_secs) {
- loginfo.log_audit_rotationsyncclock -= loginfo.log_audit_rotationtime_secs;
+ loginfo.log_audit_ctime < loginfo.log_audit_rotationsyncclock - PR_ABS(loginfo.log_audit_rotationtime_secs)) {
+ loginfo.log_audit_rotationsyncclock -= PR_ABS(loginfo.log_audit_rotationtime_secs);
}
return logfile_type;
@@ -3842,7 +3857,7 @@
return;
}
while (loginfo.log_access_rotationsyncclock <= loginfo.log_access_ctime) {
- loginfo.log_access_rotationsyncclock += loginfo.log_access_rotationtime_secs;
+ loginfo.log_access_rotationsyncclock += PR_ABS(loginfo.log_access_rotationtime_secs);
}
}
16 years, 7 months