-
Committer:
Bazaar Package Importer
-
Author(s):
Mathias Gug, Steve Langasek, Mathias Gug
-
Date:
2009-03-06 17:34:21 UTC
-
mfrom:
(1.1.3 upstream)
-
Revision ID:
james.westby@ubuntu.com-20090306173421-sxlko1f4w5dn4rgw
Tags: 2.4.15-1ubuntu1
[ Steve Langasek ]
* Update priority of libldap-2.4-2 to match the archive override.
* Add the missing ldapexop and ldapurl tools to ldap-utils, as well as the
ldapurl(1) manpage. Thanks to Peter Marschall for the patch.
Closes: #496749.
* Bump build-dependency on debhelper to 6 instead of 5, since that's
what we're using. Closes: #498116.
* Set the default SLAPD_SERVICES to ldap:/// ldapi:///, instead of using
the built-in default of ldap:/// only.
[ Mathias Gug ]
* Merge from debian unstable, remaining changes:
- Modify Maintainer value to match the DebianMaintainerField
speficication.
- AppArmor support:
- debian/apparmor-profile: add AppArmor profile
- debian/slapd.postinst: Reload AA profile on configuration
- updated debian/slapd.README.Debian for note on AppArmor
- debian/control: Recommends apparmor >= 2.1+1075-0ubuntu6
- debian/control: Conflicts with apparmor-profiles << 2.1+1075-0ubuntu4
to make sure that if earlier version of apparmour-profiles gets
installed it won't overwrite our profile.
- follow ApparmorProfileMigration and force apparmor compalin mode on
some upgrades (LP: #203529)
- debian/slapd.dirs: add etc/apparmor.d/force-complain
- debian/slapd.preinst: create symlink for force-complain on pre-feisty
upgrades, upgrades where apparmor-profiles profile is unchanged (ie
non-enforcing) and upgrades where apparmor profile does not exist.
- debian/slapd.postrm: remove symlink in force-complain/ on purge
- debian/control:
- Build-depend on libltdl7-dev rather then libltdl3-dev.
- debian/patches/autogen.sh:
- Call libtoolize with the --install option to install config.{guess,sub}
files.
- Don't use local statement in config script as it fails if /bin/sh
points to bash (LP: #286063).
- Disable the testsuite on hppa. Allows building of packages on this
architecture again, once this package is in the archive.
LP: #288908.
- debian/slapd.postinst, debian/slapd.script-common: set correct ownership
and permissions on /var/lib/ldap, /etc/ldap/slapd.d (group readable) and
/var/run/slapd (world readable). (LP: #257667).
- Enable nssoverlay:
- debian/patches/nssov-build, debian/rules: Build and package
the nss overlay.
- debian/schema/misc.ldif: add ldif file for the misc schema
which defines rfc822MailMember (required by the nss overlay).
- debian/{control,rules}: enable PIE hardening
- Use cn=config as the default configuration backend instead of
slapd.conf. Migrate slapd.conf file to /etc/ldap/slapd.d/ on upgrade
asking the end user to enter a new password to control the access to the
cn=config tree.
* Dropped:
- debian/patches/corrupt-contextCSN: The contextCSN can get corrupted at
times. (ITS: #5947) Fixed in new upstream version 2.4.15.
- debian/patches/fix-ucred-libc due to changes how newer glibc handle
the ucred struct now. Implemented in Debian.
* debian/patches/fix-ldap_back_entry_get_rwa.patch: fix test-0034 failure
when built with PIE.
* debian/patches/gnutls-enable-v1-ca-certs: Enable V1 CA certs to be
trusted (LP: #305264).