[Pkg-openldap-devel] r940 - in openldap/trunk/debian: . patches
Russ Allbery
rra at alioth.debian.org
Fri Dec 21 07:32:58 UTC 2007
Author: rra
Date: 2007-12-21 07:32:58 +0000 (Fri, 21 Dec 2007)
New Revision: 940
Removed:
openldap/trunk/debian/patches/read-config-before-dropping-privileges
Modified:
openldap/trunk/debian/changelog
openldap/trunk/debian/patches/series
openldap/trunk/debian/patches/slapi-errorlog-file
Log:
root and mode 600. Closes: #432662.
* Drop slapd patch to read slapd.conf before dropping privileges, since
slapd.conf should now be readable by SLAPD_GROUP.
Modified: openldap/trunk/debian/changelog
===================================================================
--- openldap/trunk/debian/changelog 2007-12-21 07:30:16 UTC (rev 939)
+++ openldap/trunk/debian/changelog 2007-12-21 07:32:58 UTC (rev 940)
@@ -56,7 +56,9 @@
* Create /etc/ldap/slapd.conf owned by the openldap group and mode 640
by default so that slapindex and friends can read it when run as the
openldap user. Fix permissions on upgrade if slapd.conf is owned by
- root and mode 600. Closes: #432662
+ root and mode 600. Closes: #432662.
+ * Drop slapd patch to read slapd.conf before dropping privileges, since
+ slapd.conf should now be readable by SLAPD_GROUP.
* If SLAPD_CONF is set to a directory in /etc/default/slapd, assume
the cn=config backend is used and start slapd with the appropriate
options. Based on a patch from Mike Burr. Closes: #411413.
@@ -69,7 +71,7 @@
* Remove versioned dependency on an ancient dpkg-dev.
* Wrap and reorder Build-Depends for readability.
- -- Russ Allbery <rra at debian.org> Thu, 20 Dec 2007 23:05:17 -0800
+ -- Russ Allbery <rra at debian.org> Thu, 20 Dec 2007 23:32:40 -0800
openldap2.3 (2.3.39-1) unstable; urgency=medium
Deleted: openldap/trunk/debian/patches/read-config-before-dropping-privileges
===================================================================
--- openldap/trunk/debian/patches/read-config-before-dropping-privileges 2007-12-21 07:30:16 UTC (rev 939)
+++ openldap/trunk/debian/patches/read-config-before-dropping-privileges 2007-12-21 07:32:58 UTC (rev 940)
@@ -1,28 +0,0 @@
---- servers/slapd/main.c.orig
-+++ servers/slapd/main.c
-@@ -648,12 +648,6 @@
- }
- #endif
-
--#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
-- if ( username != NULL || groupname != NULL ) {
-- slap_init_user( username, groupname );
-- }
--#endif
--
- extops_init();
- lutil_passwd_init();
-
-@@ -674,6 +668,12 @@
- goto destroy;
- }
-
-+#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
-+ if ( username != NULL || groupname != NULL ) {
-+ slap_init_user( username, groupname );
-+ }
-+#endif
-+
- if ( debug_unknowns ) {
- rc = parse_debug_unknowns( debug_unknowns, &slap_debug );
- ldap_charray_free( debug_unknowns );
Modified: openldap/trunk/debian/patches/series
===================================================================
--- openldap/trunk/debian/patches/series 2007-12-21 07:30:16 UTC (rev 939)
+++ openldap/trunk/debian/patches/series 2007-12-21 07:32:58 UTC (rev 940)
@@ -5,7 +5,6 @@
add-autogen-sh
slapi-errorlog-file -p0
ldapi-socket-place -p0
-read-config-before-dropping-privileges -p0
wrong-database-location -p0
index-files-created-as-root -p0
sasl-default-path -p0
Modified: openldap/trunk/debian/patches/slapi-errorlog-file
===================================================================
--- openldap/trunk/debian/patches/slapi-errorlog-file 2007-12-21 07:30:16 UTC (rev 939)
+++ openldap/trunk/debian/patches/slapi-errorlog-file 2007-12-21 07:32:58 UTC (rev 940)
@@ -1,8 +1,6 @@
-Index: servers/slapd/slapi/slapi_overlay.c
-===================================================================
--- servers/slapd/slapi/slapi_overlay.c.orig
+++ servers/slapd/slapi/slapi_overlay.c
-@@ -882,7 +882,7 @@
+@@ -927,7 +927,7 @@
ldap_pvt_thread_mutex_init( &slapi_printmessage_mutex );
if ( slapi_log_file == NULL )
More information about the Pkg-openldap-devel
mailing list