/
openldap.spec
669 lines (577 loc) · 20.5 KB
/
openldap.spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
# wine uses openldap
%ifarch %{x86_64}
%bcond_without compat32
%endif
%global _hardened_build 1
%define _disable_ld_no_undefined 1
%define _disable_lto 1
%global systemctl_bin /usr/bin/systemctl
%global check_password_version 1.1
%global so_ver 2
%global so_ver_compat 2
# When you change "Version: " to the new major version, remember to change this value too
%global major_version 2.6
# Disable automatic .la file removal
%global __brp_remove_la_files %nil
%if %{cross_compiling}
# Workaround for libtool brokenness being unable to handle spaces
# in $CC (such as "clang -target whatever")
%define prefer_gcc 1
%endif
%define libname %mklibname ldap
%define lberlibname %mklibname lber
%define slapilibname %mklibname slapi
%define devname %mklibname -d ldap
%define compatname %mklibname ldap2.4
%define lib32name %mklib32name ldap
%define dev32name %mklib32name -d ldap
%bcond_without perl
Name: openldap
Version: 2.6.6
Release: 2
Summary: LDAP support libraries
License: OpenLDAP
URL: http://www.openldap.org/
Source0: https://openldap.org/software/download/OpenLDAP/openldap-release/openldap-%{version}.tgz
Source1: slapd.service
Source2: slapd.tmpfiles
Source3: slapd.ldif
Source4: ldap.conf
Source5: UPGRADE_INSTRUCTIONS
Source10: https://github.com/ltb-project/openldap-ppolicy-check-password/archive/v%{check_password_version}/openldap-ppolicy-check-password-%{check_password_version}.tar.gz
Source50: libexec-functions
Source52: libexec-check-config.sh
# Patches for 2.6
Patch0: openldap-manpages.patch
Patch1: openldap-reentrant-gethostby.patch
Patch3: openldap-smbk5pwd-overlay.patch
Patch4: openldap-ai-addrconfig.patch
Patch5: openldap-allop-overlay.patch
# fix back_perl problems with lt_dlopen()
# might cause crashes because of symbol collisions
# the proper fix is to link all perl modules against libperl
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327585
Patch6: openldap-switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.patch
# System-wide default for CA certs
Patch7: openldap-openssl-manpage-defaultCA.patch
Patch8: openldap-add-export-symbols-LDAP_CONNECTIONLESS.patch
# check-password module specific patches
Patch90: check-password-makefile.patch
Patch91: check-password.patch
Patch200: openldap-2.6.6-clang16.patch
Patch201: openldap-2.6.6-compat-2.4.patch
# memcmp works on all OM targets, but detection
# doesn't work reliably when crosscompiling, so
# disable it
Patch202: openldap-2.6-cross.patch
BuildRequires: pkgconfig(libsasl2)
BuildRequires: locales-extra-charsets
BuildRequires: groff
BuildRequires: krb5-devel
BuildRequires: libltdl-devel
BuildRequires: pkgconfig(libevent)
BuildRequires: make
BuildRequires: pkgconfig(libcrypto)
BuildRequires: perl(ExtUtils::Embed)
BuildRequires: perl-devel
BuildRequires: perl-generators
BuildRequires: perl-interpreter
BuildRequires: unixODBC-devel
Requires: %{libname} = %{EVRD}
Requires: %{lberlibname} = %{EVRD}
Requires: %{slapilibname} = %{EVRD}
%if %{with compat32}
BuildRequires: devel(libkrb5)
BuildRequires: devel(libncurses)
BuildRequires: devel(libssl)
BuildRequires: devel(libcom_err)
BuildRequires: devel(libltdl)
BuildRequires: libcrypt-devel
%endif
%description
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools. LDAP is a set of
protocols for accessing directory services (usually phone book style
information, but other information is possible) over the Internet,
similar to the way DNS (Domain Name System) information is propagated
over the Internet. The openldap package contains configuration files,
libraries, and documentation for OpenLDAP.
%package -n %{libname}
Summary: Libraries for the OpenLDAP LDAP environment
Group: System/Libraries
%description -n %{libname}
Libraries for the OpenLDAP LDAP environment
%package -n %{lberlibname}
Summary: LBER libraries for the OpenLDAP LDAP environment
Group: System/Libraries
%description -n %{lberlibname}
LBER libraries for the OpenLDAP LDAP environment
%package -n %{slapilibname}
Summary: SLAPI libraries for the OpenLDAP LDAP environment
Group: System/Libraries
%description -n %{slapilibname}
SLAPI libraries for the OpenLDAP LDAP environment
%package -n %{devname}
Summary: LDAP development libraries and header files
Requires: openldap%{?_isa} = %{EVRD}
Requires: %{libname}%{?_isa} = %{EVRD}
Requires: %{lberlibname}%{?_isa} = %{EVRD}
Requires: %{slapilibname}%{?_isa} = %{EVRD}
Requires: pkgconfig(libsasl2)
%rename %mklibname -d ldap 2.4
%description -n %{devname}
The openldap-devel package includes the development libraries and
header files needed for compiling applications that use LDAP
(Lightweight Directory Access Protocol) internals. LDAP is a set of
protocols for enabling directory services over the Internet. Install
this package only if you plan to develop or will need to compile
customized LDAP clients.
%package -n %{compatname}
Summary: Package providing legacy non-threaded libldap
Requires: %{libname}%{?_isa} = %{EVRD}
Requires: %{lberlibname}%{?_isa} = %{EVRD}
Requires: %{slapilibname}%{?_isa} = %{EVRD}
%rename %mklibname ldap2.4 %{so_ver_compat}
# since libldap is manually linked from libldap_r, the provides is not generated automatically
%if "%_lib" == "lib"
Provides: libldap-2.4.so.%{so_ver_compat}
Provides: libldap_r-2.4.so.%{so_ver_compat}
Provides: liblber-2.4.so.%{so_ver_compat}
Provides: libslapi-2.4.so.%{so_ver_compat}
%else
Provides: libldap-2.4.so.%{so_ver_compat}()(%{__isa_bits}bit)
Provides: libldap_r-2.4.so.%{so_ver_compat}()(%{__isa_bits}bit)
Provides: liblber-2.4.so.%{so_ver_compat}()(%{__isa_bits}bit)
Provides: libslapi-2.4.so.%{so_ver_compat}()(%{__isa_bits}bit)
Provides: libldap-2.4.so.%{so_ver_compat}(OPENLDAP_2.4_2)(%{__isa_bits}bit)
Provides: libldap_r-2.4.so.%{so_ver_compat}(OPENLDAP_2.4_2)(%{__isa_bits}bit)
Provides: liblber-2.4.so.%{so_ver_compat}(OPENLDAP_2.4_2)(%{__isa_bits}bit)
%endif
%description -n %{compatname}
The %{compatname} package contains shared libraries named as libldap-2.4.so,
libldap_r-2.4.so, liblber-2.4.so and libslapi-2.4.so.
The libraries are just links to the current version shared libraries,
and are available for compatibility reasons.
%package servers
Summary: LDAP server
License: OpenLDAP
Requires: openldap%{?_isa} = %{EVRD}
Requires(pre): shadow-utils
BuildRequires: systemd
BuildRequires: cracklib-devel
# migrationtools (slapadd functionality):
Provides: ldif2ldbm
%{?systemd_requires}
%description servers
OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools. LDAP is a set of
protocols for accessing directory services (usually phone book style
information, but other information is possible) over the Internet,
similar to the way DNS (Domain Name System) information is propagated
over the Internet. This package contains the slapd server and related files.
%package clients
Summary: LDAP client utilities
Requires: openldap%{?_isa} = %{EVRD}
%description clients
OpenLDAP is an open-source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools. LDAP is a set of
protocols for accessing directory services (usually phone book style
information, but other information is possible) over the Internet,
similar to the way DNS (Domain Name System) information is propagated
over the Internet. The openldap-clients package contains the client
programs needed for accessing and modifying OpenLDAP directories.
%if %{with compat32}
%package -n %{lib32name}
Summary: OpenLDAP libraries (32-bit)
Group: System/Libraries
Requires: %{name}
%description -n %{lib32name}
This package includes the libraries needed by ldap applications.
%package -n %{dev32name}
Summary: OpenLDAP development libraries and header files (32-bit)
Group: Development/C
Requires: %{devname} = %{version}-%{release}
Requires: %{lib32name} = %{version}-%{release}
%description -n %{dev32name}
This package includes the development libraries and header files
needed for compiling applications that use LDAP internals. Install
this package only if you plan to develop or will need to compile
32-bit LDAP clients.
%endif
%prep
%autosetup -p1 -a 10
autoconf
# build smbk5pwd with other overlays
ln -s ../../../contrib/slapd-modules/smbk5pwd/smbk5pwd.c servers/slapd/overlays
mv contrib/slapd-modules/smbk5pwd/README contrib/slapd-modules/smbk5pwd/README.smbk5pwd
# build allop with other overlays
ln -s ../../../contrib/slapd-modules/allop/allop.c servers/slapd/overlays
mv contrib/slapd-modules/allop/README contrib/slapd-modules/allop/README.allop
mv contrib/slapd-modules/allop/slapo-allop.5 doc/man/man5/slapo-allop.5
mv servers/slapd/back-perl/README{,.back_perl}
# fix documentation encoding
for filename in doc/drafts/draft-ietf-ldapext-acl-model-xx.txt; do
iconv -f iso-8859-1 -t utf-8 "$filename" > "$filename.utf8"
mv "$filename.utf8" "$filename"
done
%build
%set_build_flags
# enable experimental support for LDAP over UDP (LDAP_CONNECTIONLESS)
export CFLAGS="${CFLAGS} ${LDFLAGS} -Wl,--as-needed -DLDAP_CONNECTIONLESS"
# FIXME in the cross_compiling case, we assume we're crosscompiling
# to something with a yielding select -- this assumption may not
# always be true -- some ifos/ifarch switches may be necessary
%configure \
--enable-debug \
--enable-dynamic \
--enable-versioning \
\
--enable-dynacl \
--enable-cleartext \
--enable-crypt \
--enable-lmpasswd \
--enable-spasswd \
--enable-modules \
%if %{with perl}
--enable-perl \
%else
--disable-perl \
%endif
--enable-rewrite \
--enable-rlookups \
--enable-slapi \
--disable-slp \
\
--enable-backends=mod \
--enable-bdb=yes \
--enable-hdb=yes \
--enable-mdb=yes \
--enable-monitor=yes \
--disable-ndb \
--disable-sql \
--disable-wt \
\
--enable-overlays=mod \
\
--disable-static \
\
--enable-balancer=mod \
\
--with-cyrus-sasl \
--without-fetch \
--with-threads \
--with-pic \
--with-gnu-ld \
\
%if %{cross_compiling}
--with-yielding_select=yes \
%endif
\
--libexecdir=%{_libdir}
%make_build
pushd openldap-ppolicy-check-password-%{check_password_version}
%make_build CC="%{__cc}" LDAP_INC="-I../include \
-I../servers/slapd \
-I../build-servers/include"
popd
%if %{with compat32}
CONFIGURE_TOP="$(pwd)"
mkdir build32
cd build32
%configure32 \
--with-subdir=%{name} \
--localstatedir=/var/run/ldap \
--enable-dynamic \
--enable-syslog \
--enable-ipv6 \
--enable-local \
--with-threads \
--with-tls \
--disable-slapd \
--enable-aci \
--enable-versioning \
\
--enable-dynacl \
--enable-cleartext \
--enable-crypt \
--enable-spasswd \
--enable-modules \
--enable-perl \
--enable-rlookups \
--disable-wrappers \
--enable-slapi \
--disable-slp \
--enable-backends=mod \
--disable-perl \
--disable-sql \
--disable-wt \
\
--enable-overlays=mod \
--enable-shared
make depend
%make_build PROGRAMS=""
cd ..
%endif
%install
mkdir -p %{buildroot}%{_libdir}/
%if %{with compat32}
# Install 32-bit cruft first so the normal install can overwrite it
%make_install -C build32 STRIP="" PROGRAMS=""
%endif
%make_install STRIP_OPTS=""
# install check_password module
pushd openldap-ppolicy-check-password-%{check_password_version}
mv check_password.so check_password.so.%{check_password_version}
ln -s check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/check_password.so
install -m 755 check_password.so.%{check_password_version} %{buildroot}%{_libdir}/openldap/
# install -m 644 README %{buildroot}%{_libdir}/openldap
install -d -m 755 %{buildroot}%{_sysconfdir}/openldap
cat > %{buildroot}%{_sysconfdir}/openldap/check_password.conf <<EOF
# OpenLDAP pwdChecker library configuration
#useCracklib 1
#minPoints 3
#minUpper 0
#minLower 0
#minDigit 0
#minPunct 0
EOF
mv README{,.check_pwd}
popd
# setup directories for TLS certificates
mkdir -p %{buildroot}%{_sysconfdir}/openldap/certs
# setup data and runtime directories
mkdir -p %{buildroot}%{_sharedstatedir}
mkdir -p %{buildroot}%{_localstatedir}
install -m 0700 -d %{buildroot}%{_sharedstatedir}/ldap
install -m 0755 -d %{buildroot}%{_localstatedir}/run/openldap
# setup autocreation of runtime directories on tmpfs
mkdir -p %{buildroot}%{_tmpfilesdir}
install -m 0644 %SOURCE2 %{buildroot}%{_tmpfilesdir}/slapd.conf
# install default ldap.conf (customized)
rm %{buildroot}%{_sysconfdir}/openldap/ldap.conf
install -m 0644 %SOURCE4 %{buildroot}%{_sysconfdir}/openldap/ldap.conf
# setup maintainance scripts
mkdir -p %{buildroot}%{_libexecdir}
install -m 0755 -d %{buildroot}%{_libexecdir}/openldap
install -m 0644 %SOURCE50 %{buildroot}%{_libexecdir}/openldap/functions
install -m 0755 %SOURCE52 %{buildroot}%{_libexecdir}/openldap/check-config.sh
# remove build root from config files and manual pages
perl -pi -e "s|%{buildroot}||g" %{buildroot}%{_sysconfdir}/openldap/*.conf
perl -pi -e "s|%{buildroot}||g" %{buildroot}%{_mandir}/*/*.*
# we don't need the default files -- RPM handles changes
rm %{buildroot}%{_sysconfdir}/openldap/*.default
# install an init script for the servers
mkdir -p %{buildroot}%{_unitdir}
install -m 0644 %SOURCE1 %{buildroot}%{_unitdir}/slapd.service
# move slapd out of _libdir
mv %{buildroot}%{_libdir}/slapd %{buildroot}%{_sbindir}/
# setup tools as symlinks to slapd
for X in acl add auth cat dn index modify passwd test schema ; do
rm %{buildroot}%{_sbindir}/slap$X
ln -s slapd %{buildroot}%{_sbindir}/slap$X
done
%if %{with compat32}
# Deal with headers that differ between 32-bit and 64-bit builds
cd build32/include
for i in *.h; do
[ -e %{buildroot}%{_includedir}/$i ] || continue
cmp $i %{buildroot}%{_includedir}/$i && continue
mv %{buildroot}%{_includedir}/$i %{buildroot}%{_includedir}/${i/.h/-64.h}
cp $i %{buildroot}%{_includedir}/${i/.h/-32.h}
cat >%{buildroot}%{_includedir}/$i <<EOF
#ifdef __i386__
#include "${i/.h/-32.h}"
#else
#include "${i/.h/-64.h}"
#endif
EOF
done
cd -
%endif
# re-symlink unversioned libraries, so ldconfig is not confused
pushd %{buildroot}%{_libdir}
v=%{version}
version=$(echo ${v%.[0-9]*})
for lib in liblber libldap libslapi; do
rm -f ${lib}.so
ln -s ${lib}.so.%{so_ver} ${lib}.so
done
for lib in $(ls | grep libldap); do
IFS='.'
read -r -a libsplit <<< "$lib"
if [[ -z "${libsplit[3]}" && -n "${libsplit[2]}" ]]
then
so_ver_short_2_4="%{so_ver_compat}"
elif [ -n "${libsplit[3]}" ]
then
so_ver_full_2_4="%{so_ver_compat}.${libsplit[3]}.${libsplit[4]}"
fi
unset IFS
done
# Provide only libldap and copy it to libldap_r for both 2.4 and 2.6+ versions, make a versioned lib link
# We increase it by 2 because libldap-2.4 has the 'so.2' major version on 2.4.59 (one of the last versions which is EOF)
%__cc -shared -o "%{buildroot}%{_libdir}/libldap-2.4.so.${so_ver_short_2_4}" -Wl,--no-as-needed \
-Wl,-soname -Wl,libldap-2.4.so.${so_ver_short_2_4} -L "%{buildroot}%{_libdir}" -lldap
%__cc -shared -o "%{buildroot}%{_libdir}/libldap_r-2.4.so.${so_ver_short_2_4}" -Wl,--no-as-needed \
-Wl,-soname -Wl,libldap_r-2.4.so.${so_ver_short_2_4} -L "%{buildroot}%{_libdir}" -lldap
%__cc -shared -o "%{buildroot}%{_libdir}/liblber-2.4.so.${so_ver_short_2_4}" -Wl,--no-as-needed \
-Wl,-soname -Wl,liblber-2.4.so.${so_ver_short_2_4} -L "%{buildroot}%{_libdir}" -llber
%__cc -shared -o "%{buildroot}%{_libdir}/libslapi-2.4.so.${so_ver_short_2_4}" -Wl,--no-as-needed \
-Wl,-soname -Wl,libslapi-2.4.so.${so_ver_short_2_4} -L "%{buildroot}%{_libdir}" -lslapi
ln -s libldap-2.4.so.{${so_ver_short_2_4},${so_ver_full_2_4}}
ln -s libldap_r-2.4.so.{${so_ver_short_2_4},${so_ver_full_2_4}}
ln -s liblber-2.4.so.{${so_ver_short_2_4},${so_ver_full_2_4}}
ln -s libslapi-2.4.so.{${so_ver_short_2_4},${so_ver_full_2_4}}
popd
# tweak permissions on the libraries to make sure they're correct
chmod 0755 %{buildroot}%{_libdir}/lib*.so*
chmod 0644 %{buildroot}%{_libdir}/lib*.*a
chmod 0644 %{buildroot}%{_libdir}/openldap/*.la
# slapd.conf(5) is obsoleted since 2.3, see slapd-config(5)
mkdir -p %{buildroot}%{_datadir}
install -m 0755 -d %{buildroot}%{_datadir}/openldap-servers
install -m 0644 %SOURCE3 %{buildroot}%{_datadir}/openldap-servers/slapd.ldif
install -m 0644 %SOURCE5 %{buildroot}%{_datadir}/openldap-servers/UPGRADE_INSTRUCTIONS
install -m 0700 -d %{buildroot}%{_sysconfdir}/openldap/slapd.d
rm %{buildroot}%{_sysconfdir}/openldap/slapd.conf
rm %{buildroot}%{_sysconfdir}/openldap/slapd.ldif
# move doc files out of _sysconfdir
mv %{buildroot}%{_sysconfdir}/openldap/schema/README README.schema
# remove files which we don't want packaged
rm %{buildroot}%{_libdir}/*.la # because we do not want files in %{_libdir}/openldap/ removed, yet
# Create the ldap user and group
mkdir -p %{buildroot}%{_sysusersdir}
cat >%{buildroot}%{_sysusersdir}/ldap.conf <<'EOF'
g ldap 55 - -
u ldap 55:55 "OpenLDAP server" %{_sharedstatedir}/ldap /sbin/nologin
EOF
%post servers
%systemd_post slapd.service
# If it's not upgrade - we remove the UPGRADE_INSTRUCTIONS
if [ $1 -lt 2 ] ; then
rm %{_datadir}/openldap-servers/UPGRADE_INSTRUCTIONS
fi
# generate configuration if necessary
if [[ ! -f %{_sysconfdir}/openldap/slapd.d/cn=config.ldif && \
! -f %{_sysconfdir}/openldap/slapd.conf
]]; then
# if there is no configuration available, generate one from the defaults
mkdir -p %{_sysconfdir}/openldap/slapd.d/ &>/dev/null || :
/usr/sbin/slapadd -F %{_sysconfdir}/openldap/slapd.d/ -n0 -l %{_datadir}/openldap-servers/slapd.ldif
chown -R ldap:ldap %{_sysconfdir}/openldap/slapd.d/
%{systemctl_bin} try-restart slapd.service &>/dev/null
fi
# restart after upgrade
if [ $1 -ge 1 ]; then
%{systemctl_bin} condrestart slapd.service &>/dev/null || :
fi
exit 0
%preun servers
%systemd_preun slapd.service
%postun servers
%systemd_postun_with_restart slapd.service
%files
%doc ANNOUNCEMENT
%doc CHANGES
%license COPYRIGHT
%license LICENSE
%doc README
%dir %{_sysconfdir}/openldap
%dir %{_sysconfdir}/openldap/certs
%config(noreplace) %{_sysconfdir}/openldap/ldap.conf
%dir %{_libexecdir}/openldap/
%{_mandir}/man5/ldif.5*
%{_mandir}/man5/ldap.conf.5*
%files -n %{libname}
%{_libdir}/libldap.so.*
%files -n %{lberlibname}
%{_libdir}/liblber.so.*
%files -n %{slapilibname}
%{_libdir}/libslapi.so.*
%files servers
%doc contrib/slapd-modules/smbk5pwd/README.smbk5pwd
%doc doc/guide/admin/*.html
%doc doc/guide/admin/*.png
%doc servers/slapd/back-perl/SampleLDAP.pm
%doc servers/slapd/back-perl/README.back_perl
%doc openldap-ppolicy-check-password-%{check_password_version}/README.check_pwd
%doc README.schema
%config(noreplace) %dir %attr(0750,ldap,ldap) %{_sysconfdir}/openldap/slapd.d
%config(noreplace) %{_sysconfdir}/openldap/schema
%config(noreplace) %{_sysconfdir}/openldap/check_password.conf
%{_tmpfilesdir}/slapd.conf
%dir %attr(0700,ldap,ldap) %{_sharedstatedir}/ldap
%dir %attr(-,ldap,ldap) %{_localstatedir}/run/openldap
%{_unitdir}/slapd.service
%{_datadir}/openldap-servers/
%{_libdir}/openldap/accesslog*
%{_libdir}/openldap/allop*
%{_libdir}/openldap/auditlog*
%{_libdir}/openldap/autoca*
%{_libdir}/openldap/back_asyncmeta*
%{_libdir}/openldap/back_dnssrv*
%{_libdir}/openldap/back_ldap*
%{_libdir}/openldap/back_meta*
%{_libdir}/openldap/back_null*
%{_libdir}/openldap/back_passwd*
%{_libdir}/openldap/back_relay*
%{_libdir}/openldap/back_sock*
%{_libdir}/openldap/check_password*
%{_libdir}/openldap/collect*
%{_libdir}/openldap/constraint*
%{_libdir}/openldap/dds*
%{_libdir}/openldap/deref*
%{_libdir}/openldap/dyngroup*
%{_libdir}/openldap/dynlist*
%{_libdir}/openldap/home*
%{_libdir}/openldap/lloadd*
%{_libdir}/openldap/memberof*
%{_libdir}/openldap/otp*
%{_libdir}/openldap/pcache*
%{_libdir}/openldap/ppolicy*
%{_libdir}/openldap/refint*
%{_libdir}/openldap/remoteauth*
%{_libdir}/openldap/retcode*
%{_libdir}/openldap/rwm*
%{_libdir}/openldap/seqmod*
%{_libdir}/openldap/smbk5pwd*
%{_libdir}/openldap/sssvlv*
%{_libdir}/openldap/syncprov*
%{_libdir}/openldap/translucent*
%{_libdir}/openldap/unique*
%{_libdir}/openldap/valsort*
%{_libexecdir}/openldap/functions
%{_libexecdir}/openldap/check-config.sh
%{_sbindir}/sl*
%{_mandir}/man8/*
%{_mandir}/man5/lloadd.conf.5*
%{_mandir}/man5/slapd*.5*
%{_mandir}/man5/slapo-*.5*
%{_mandir}/man5/slappw-argon2.5*
%{_sysusersdir}/*.conf
# obsolete configuration
%ghost %config(noreplace,missingok) %attr(0640,ldap,ldap) %{_sysconfdir}/openldap/slapd.conf
%files clients
%{_bindir}/*
%{_mandir}/man1/*
%files -n %{devname}
%doc doc/drafts doc/rfc
%{_libdir}/liblber.so
%{_libdir}/libldap.so
%{_libdir}/libslapi.so
%{_includedir}/*
%{_libdir}/pkgconfig/lber.pc
%{_libdir}/pkgconfig/ldap.pc
%{_mandir}/man3/*
%files -n %{compatname}
%{_libdir}/libldap-2.4*.so.*
%{_libdir}/libldap_r-2.4*.so.*
%{_libdir}/liblber-2.4*.so.*
%{_libdir}/libslapi-2.4*.so.*
%if %{with compat32}
%files -n %{lib32name}
%{_prefix}/lib/lib*.so.*
%files -n %{dev32name}
%{_prefix}/lib/libl*.so
%{_prefix}/lib/pkgconfig/*.pc
%endif