Import databases/openldap-server, formerly a part of databases/openldap but

now split off.  This package contains only the slapd and slurpd servers.  

Please note that both slapd and slurpd now run unprivileged by default (as
slapd:ldap and slurpd:ldap, respectively).  An upgrade scenaria is described
in MESSAGE.  This change addresses PR pkg/31959.  

5 files changed, 213 insertions, 0 deletions

diff --git a/databases/openldap-server/DESCR b/databases/openldap-server/DESCR
new file mode 100644
index 00000000000..fed46859f9d
--- /dev/null
+++ b/databases/openldap-server/DESCR
@@ -0,0 +1,5 @@
+OpenLDAP is an open source implementation of the Lightweight Directory Access
+Protocol.  This package includes:
+
+* slapd - stand-alone LDAP daemon (server)
+* slurpd - stand-alone LDAP update replication daemon
diff --git a/databases/openldap-server/MESSAGE b/databases/openldap-server/MESSAGE
new file mode 100644
index 00000000000..c20319ef011
--- /dev/null
+++ b/databases/openldap-server/MESSAGE
@@ -0,0 +1,16 @@
+===========================================================================
+$NetBSD: MESSAGE,v 1.1.1.1 2006/05/31 18:18:36 ghen Exp $
+
+Note to users who have been running slapd and/or slurpd as root before:
+
+As both slapd and slurpd now run unprivileged by default (as ${SLAPD_USER}:${LDAP_GROUP}
+and ${SLURPD_USER}:${LDAP_GROUP}, respectively), you'll have to adapt some permissions:
+
+  ${CHOWN} -R ${SLAPD_USER}:${LDAP_GROUP} ${OPENLDAP_VARDIR}/openldap-data/*
+  ${CHOWN} -R ${SLURPD_USER}:${LDAP_GROUP} ${OPENLDAP_VARDIR}/openldap-slurp/*
+  ${CHOWN} :${LDAP_GROUP} ${OPENLDAP_ETCDIR}/slapd.conf
+  ${CHMOD} 640 ${OPENLDAP_ETCDIR}/slapd.conf
+
+You may have to repeat the first command after running administrative tools
+such as slapadd and slapindex as root.
+===========================================================================
diff --git a/databases/openldap-server/Makefile b/databases/openldap-server/Makefile
new file mode 100644
index 00000000000..bf89d3cca52
--- /dev/null
+++ b/databases/openldap-server/Makefile
@@ -0,0 +1,77 @@
+# $NetBSD: Makefile,v 1.1.1.1 2006/05/31 18:18:36 ghen Exp $
+
+PKGNAME=		${DISTNAME:S/-/-server-/}
+COMMENT=		Lightweight Directory Access Protocol server suite
+
+CONFLICTS+=		openldap<2.3.23nb1
+
+DEPENDS+=		openldap-client>=2.3.23:../../databases/openldap-client
+
+# slapd options
+CONFIGURE_ARGS+=	--enable-slapd
+CONFIGURE_ARGS+=	--enable-crypt
+CONFIGURE_ARGS+=	--enable-wrappers
+
+# slapd backends
+CONFIGURE_ARGS+=	--enable-dnssrv
+CONFIGURE_ARGS+=	--enable-ldap
+CONFIGURE_ARGS+=	--enable-ldbm
+CONFIGURE_ARGS+=	--enable-meta
+CONFIGURE_ARGS+=	--enable-monitor
+CONFIGURE_ARGS+=	--enable-null
+CONFIGURE_ARGS+=	--enable-passwd
+CONFIGURE_ARGS+=	--enable-shell
+
+# slapd (stackable) overlays
+CONFIGURE_ARGS+=	--enable-overlays
+
+# slurpd options
+CONFIGURE_ARGS+=	--enable-slurpd
+
+BUILD_DIRS=		include libraries servers
+TEST_DIRS=		tests
+INSTALL_DIRS=		servers
+
+BUILD_DEFS+=		SLAPD_USER SLURPD_USER LDAP_GROUP
+BUILD_DEFS+=		OPENLDAP_ETCDIR OPENLDAP_VARDIR
+
+PKG_GROUPS=		${LDAP_GROUP}
+PKG_USERS=		${SLAPD_USER}:${LDAP_GROUP} ${SLURPD_USER}:${LDAP_GROUP}
+
+OPENLDAP_FILEPERMS=	${ROOT_USER} ${LDAP_GROUP} 0640
+SLAPD_DIRPERMS=		${SLAPD_USER} ${LDAP_GROUP} 0700
+SLURPD_DIRPERMS=	${SLURPD_USER} ${LDAP_GROUP} 0770
+RUN_DIRPERMS=		${ROOT_USER} ${LDAP_GROUP} 0770
+
+MAKE_DIRS=		${OPENLDAP_ETCDIR}/schema
+OWN_DIRS+=		${OPENLDAP_VARDIR}
+OWN_DIRS_PERMS=		${OPENLDAP_VARDIR}/openldap-data ${SLAPD_DIRPERMS}
+OWN_DIRS_PERMS+=	${OPENLDAP_VARDIR}/openldap-slurp ${SLURPD_DIRPERMS}
+OWN_DIRS_PERMS+=	${OPENLDAP_VARDIR}/run ${RUN_DIRPERMS}
+
+CNFS=			${CNFS_SCHEMAS_cmd:sh}
+CNFS_SCHEMAS_cmd=	${SED} -ne "/\.ldif$$/p;/\.schema$$/p" ${PKGDIR}/PLIST | ${SED} -e "s|share/examples/openldap/||"
+
+CNFS_PERMS=		slapd.conf
+
+DB_CONFIG=		DB_CONFIG
+
+RCD_SCRIPTS=		slapd slurpd
+
+FILES_SUBST+=		OPENLDAP_ETCDIR=${OPENLDAP_ETCDIR:Q}
+FILES_SUBST+=		SLAPD_USER=${SLAPD_USER}
+FILES_SUBST+=		SLURPD_USER=${SLURPD_USER}
+
+MESSAGE_SUBST+=		SLAPD_USER=${SLAPD_USER:Q}
+MESSAGE_SUBST+=		SLURPD_USER=${SLURPD_USER:Q}
+MESSAGE_SUBST+=		LDAP_GROUP=${LDAP_GROUP:Q}
+MESSAGE_SUBST+=		OPENLDAP_VARDIR=${OPENLDAP_VARDIR:Q}
+MESSAGE_SUBST+=		OPENLDAP_ETCDIR=${OPENLDAP_ETCDIR:Q}
+MESSAGE_SUBST+=		CHOWN=${CHOWN}
+MESSAGE_SUBST+=		CHMOD=${CHMOD}
+
+.include "../../databases/openldap/Makefile.common"
+
+CONF_FILES_PERMS+=	${EGDIR}/DB_CONFIG ${OPENLDAP_VARDIR}/openldap-data/DB_CONFIG ${OPENLDAP_FILEPERMS}
+
+.include "../../mk/bsd.pkg.mk"
diff --git a/databases/openldap-server/PLIST b/databases/openldap-server/PLIST
new file mode 100644
index 00000000000..c04b720a7d5
--- /dev/null
+++ b/databases/openldap-server/PLIST
@@ -0,0 +1,29 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2006/05/31 18:18:36 ghen Exp $
+libexec/slapd
+libexec/slurpd
+sbin/slapacl
+sbin/slapadd
+sbin/slapauth
+sbin/slapcat
+sbin/slapdn
+sbin/slapindex
+sbin/slappasswd
+sbin/slaptest
+share/examples/openldap/DB_CONFIG
+share/examples/openldap/schema/README
+share/examples/openldap/schema/corba.schema
+share/examples/openldap/schema/core.ldif
+share/examples/openldap/schema/core.schema
+share/examples/openldap/schema/cosine.schema
+share/examples/openldap/schema/dyngroup.schema
+share/examples/openldap/schema/inetorgperson.schema
+share/examples/openldap/schema/java.schema
+share/examples/openldap/schema/misc.schema
+share/examples/openldap/schema/nis.schema
+share/examples/openldap/schema/openldap.ldif
+share/examples/openldap/schema/openldap.schema
+share/examples/openldap/schema/ppolicy.schema
+share/examples/openldap/slapd.conf
+share/examples/rc.d/slapd
+share/examples/rc.d/slurpd
+@dirrm share/examples/openldap/schema
diff --git a/databases/openldap-server/options.mk b/databases/openldap-server/options.mk
new file mode 100644
index 00000000000..c71ad9fdf12
--- /dev/null
+++ b/databases/openldap-server/options.mk
@@ -0,0 +1,86 @@
+# $NetBSD: options.mk,v 1.1.1.1 2006/05/31 18:18:36 ghen Exp $
+
+PKG_OPTIONS_VAR=	PKG_OPTIONS.openldap-server
+PKG_SUPPORTED_OPTIONS=	bdb kerberos sasl slp inet6
+PKG_OPTIONS_OPTIONAL_GROUPS+=	odbc
+PKG_OPTIONS_GROUP.odbc=	iodbc unixodbc
+PKG_SUGGESTED_OPTIONS=	bdb
+
+.include "../../mk/bsd.options.mk"
+
+###
+### Whether to build with the Berkeley DB based slapd backends.
+###
+### NOTE: that option is enabled, because the openldap server needs
+### 	  to have local storage support to work as standalone.
+###
+
+.if !empty(PKG_OPTIONS:Mbdb)
+BDB_ACCEPTED=		db4 # db3?
+.  include "../../mk/bdb.buildlink3.mk"
+.endif
+BDB_TYPE?=		none
+.if ${BDB_TYPE} != "none"
+CONFIGURE_ARGS+=	--enable-bdb --enable-hdb
+.else
+CONFIGURE_ARGS+=	--disable-bdb --disable-hdb
+.endif
+
+###
+### Whether to build with iODBC to enable SQL based slapd backends
+###
+.if !empty(PKG_OPTIONS:Miodbc)
+.  include "../../databases/iodbc/buildlink3.mk"
+CONFIGURE_ARGS+=	--enable-sql
+.endif
+
+###
+### Whether to build with unixODBC to enable SQL based slapd backends
+###
+.if !empty(PKG_OPTIONS:Munixodbc)
+.  include "../../databases/unixodbc/buildlink3.mk"
+.  include "../../devel/libltdl/buildlink3.mk"
+CONFIGURE_ARGS+=	--enable-sql
+.endif
+
+.if empty(PKG_OPTIONS:Miodbc) && empty(PKG_OPTIONS:Munixodbc)
+CONFIGURE_ARGS+=	--disable-sql
+.endif
+
+###
+### Kerberos authentication is via SASL.
+###
+.if !empty(PKG_OPTIONS:Mkerberos)
+.  if empty(PKG_OPTIONS:Msasl)
+PKG_OPTIONS+=		sasl
+.  endif
+.endif
+
+###
+### SASL authentication (requires SASL2)
+###
+.if !empty(PKG_OPTIONS:Msasl)
+CONFIGURE_ARGS+=		--with-cyrus-sasl
+CONFIGURE_ARGS+=		--with-spasswd
+BUILDLINK_API_DEPENDS.cyrus-sasl+=	cyrus-sasl>=2.1.15
+.  include "../../security/cyrus-sasl/buildlink3.mk"
+.else
+CONFIGURE_ARGS+=		--without-cyrus-sasl
+.endif
+
+###
+### SLP (Service Locator Protocol)
+###
+.if !empty(PKG_OPTIONS:Mslp)
+.  include "../../net/openslp/buildlink3.mk"
+CONFIGURE_ARGS+=	--enable-slp
+.endif
+
+###
+### IPv6 support
+###
+.if !empty(PKG_OPTIONS:Minet6)
+CONFIGURE_ARGS+=	--enable-ipv6
+.else
+CONFIGURE_ARGS+=	--disable-ipv6
+.endif