2 ## Copyright (C) 2019 Wind River Systems, Inc.
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
16 FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
19 file://rootdn-should-not-bypass-ppolicy.patch \
20 file://0021-openldap-and-stx-source-and-config-files.patch \
21 file://stx-slapd.service \
24 inherit pkgconfig useradd
26 USERADD_PACKAGES = "${PN}"
27 USERADD_PARAM_${PN} = "-r -g ldap -u 55 -d / -s /sbin/nologin -c 'OpenLDAP server' ldap"
28 GROUPADD_PARAM_${PN} = "-r -g 55 ldap"
30 PACKAGECONFIG_CONFARGS_remove = "--with-tls=gnutls "
39 RDEPENDS_${PN}_append = " bash"
41 # Do not remove libtool la files slapd.conf uses ppolicy.la
42 REMOVE_LIBTOOL_LA = "0"
49 # --enable-monitor=mod
52 # --enable-wrappers=yes
53 # --enable-moznss-compatibility=yes
57 # mysql_config: native command missing
74 --enable-wrappers=no \
75 --enable-backends=mod \
79 --enable-monitor=yes \
81 --enable-overlays=mod \
88 # --enable-moznss-compatibility=no
93 # --enable-moznss-compatibility=yes
95 do_configure_append () {
97 ln -f -s ${S}/contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
98 ln -f -s ${S}/contrib/slapd-modules/allop/allop.c servers/slapd/overlays
99 ln -f -s ${S}/contrib/slapd-modules/passwd/sha2/sha2.c servers/slapd/overlays
100 ln -f -s ${S}/contrib/slapd-modules/passwd/sha2/sha2.h servers/slapd/overlays
101 ln -f -s ${S}/contrib/slapd-modules/passwd/sha2/slapd-sha2.c servers/slapd/overlays
105 # If liblmdb is needed, then patch the Makefile
106 #do_compile_append () {
107 # cd ${S}/ltb-project-openldap-ppolicy-check-password-1.1
111 do_install_append () {
113 # For this we need to build ltb-project-openldap
114 #install -m 755 check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/
117 install -m 0755 -d ${D}/var/run/openldap
118 install -m 0755 -d ${D}/${sysconfdir}/tmpfiles.d
119 install -m 0755 ${S}/stx-sources/slapd.tmpfiles ${D}/${sysconfdir}/tmpfiles.d/slapd.conf
120 install -m 0755 ${S}/stx-sources/openldap.tmpfiles ${D}/${sysconfdir}/tmpfiles.d/openldap.conf
121 install -m 0755 ${S}/stx-sources/ldap.conf ${D}/${sysconfdir}/tmpfiles.d/ldap.conf
123 # The database directory MUST exist prior to running slapd AND
124 # should only be accessible by the slapd and slap tools.
125 # Mode 700 recommended.
126 echo "d /var/lib/openldap-data 0700 ldap ldap -" >> ${D}/${sysconfdir}/tmpfiles.d/slapd.conf
128 install -m 0644 libexec-functions ${D}/${libexecdir}/openldap/functions
129 install -m 0755 libexec-convert-config.sh ${D}/${libexecdir}/openldap/convert-config.sh
130 install -m 0755 libexec-check-config.sh ${D}/${libexecdir}/openldap/check-config.sh
131 install -m 0755 libexec-upgrade-db.sh ${D}/${libexecdir}/openldap/upgrade-db.sh
133 install -m 0755 libexec-create-certdb.sh ${D}/${libexecdir}/openldap/create-certdb.sh
134 install -m 0755 libexec-generate-server-cert.sh ${D}/${libexecdir}/openldap/generate-server-cert.sh
135 install -m 0755 libexec-update-ppolicy-schema.sh ${D}/${libexecdir}/openldap/update-ppolicy-schema.sh
137 install -m 0644 ${S}/../stx-slapd.service ${D}/${systemd_system_unitdir}/stx-slapd.service
138 install -m 0755 -d ${D}/${sysconfdir}/sysconfig
139 install -m 0644 slapd.sysconfig ${D}/${sysconfdir}/sysconfig/slapd
140 install -m 0755 -d ${D}/${datadir}/openldap-servers
141 install -m 0644 slapd.ldif ${D}/${datadir}/openldap-servers/slapd.ldif
142 install -m 0750 -d ${D}/${sysconfdir}/openldap/slapd.d
146 #oe_runmake -e -C servers/slapd/overlays DESTDIR=${D} install
147 sed -i -e 's:\(/sbin/runuser\):/usr\1:g' ${D}/usr/libexec/openldap/functions
151 #pkg_postinst_ontarget_libldap-2.4_append () {
152 # cp /usr/share/starlingx/slapd.service ${systemd_system_unitdir}/slapd.service
153 # chmod 644 ${systemd_system_unitdir}/slapd.service
154 # cp ${datadir}/starlingx/slapd.sysconfig ${sysconfdir}/sysconfig/slapd
155 # systemctl daemon-reload
156 # chmod 755 /etc/openldap
157 # chmod 755 /etc/openldap/slapd.d
160 FILES_${PN}_append = " \
161 ${datadir}/openldap-servers/ \
162 ${libexecdir}/openldap/ \
163 ${sysconfdir}/sysconfig \
164 ${sysconfdir}/tmpfiles.d \
165 ${systemd_system_unitdir}/stx-slapd.service \
168 # *.la are openldap modules, so re-define
169 # to remove the *.la from -dev package
170 FILES_${PN}-dev = " \
174 ${libexecdir}/openldap/*${SOLIBSDEV} \