-
Committer:
Bazaar Package Importer
-
Author(s):
Colin Watson
-
Date:
2009-06-24 10:45:20 UTC
-
mfrom:
(0.1.3 sid)
-
Revision ID:
james.westby@ubuntu.com-20090624104520-cxv9b4danof26g39
Tags: 2.4.15-1.1ubuntu1
* Resynchronise with Debian. Remaining changes:
- AppArmor support:
- debian/apparmor-profile: add AppArmor profile
- debian/slapd.postinst: Reload AA profile on configuration
- updated debian/slapd.README.Debian for note on AppArmor
- debian/control: Recommends apparmor >= 2.1+1075-0ubuntu6
- debian/control: Conflicts with apparmor-profiles <<
2.1+1075-0ubuntu4 to make sure that if earlier version of
apparmor-profiles gets installed it won't overwrite our profile.
- follow ApparmorProfileMigration and force apparmor complain mode on
some upgrades
- debian/slapd.dirs: add etc/apparmor.d/force-complain
- debian/slapd.preinst: create symlink for force-complain on
pre-feisty upgrades, upgrades where apparmor-profiles profile is
unchanged (ie non-enforcing) and upgrades where apparmor profile
does not exist.
- debian/slapd.postrm: remove symlink in force-complain/ on purge
- debian/patches/autogen.sh:
- Call libtoolize with the --install option to install
config.{guess,sub} files.
- Don't use local statement in config script as it fails if /bin/sh
points to bash.
- debian/slapd.postinst, debian/slapd.script-common: set correct
ownership and permissions on /var/lib/ldap, /etc/ldap/slapd.d (group
readable) and /var/run/slapd (world readable).
- Enable nssoverlay:
- debian/patches/nssov-build, debian/rules: Build and package the nss
overlay.
- debian/schema/misc.ldif: add ldif file for the misc schema which
defines rfc822MailMember (required by the nss overlay).
- debian/{control,rules}: enable PIE hardening
- Use cn=config as the default configuration backend instead of
slapd.conf. Migrate slapd.conf file to /etc/ldap/slapd.d/ on upgrade
asking the end user to enter a new password to control the access to
the cn=config tree.
- Update priority of libldap-2.4-2 to match the archive override.
- Add the missing ldapexop and ldapurl tools to ldap-utils, as well as
the ldapurl(1) manpage.
- Bump build-dependency on debhelper to 6 instead of 5, since that's
what we're using.
- Set the default SLAPD_SERVICES to ldap:/// ldapi:///, instead of using
the built-in default of ldap:/// only.
- debian/patches/fix-ldap_back_entry_get_rwa.patch: fix test-0034
failure when built with PIE.
- debian/patches/gnutls-enable-v1-ca-certs: Enable V1 CA certs to be
trusted.
- debian/slapd.postinst: create /var/run/slapd before updating its
permissions.
- debian/slapd.init: Correctly set slapd config backend option even if
the pidfile is configured in slapd default file.
* Drop patch to avoid the test suite on hppa, as hppa is EOL.