* New upstream release.
[dgit import unpatched openldap 2.4.57+dfsg-1]
--- /dev/null
--- /dev/null
++# WARNING: Before tuning the following parameters, _PLEASE READ_
++# /usr/share/doc/slapd/README.DB_CONFIG.gz
++
++# Set the database in memory cache size.
++#
++# set_cachesize <gbytes> <bytes> <ncache>
++# Sets the database in memory cache size.
++# Database entries and indexes will be stored in this cache to
++# avoid disk access during database read and write operations.
++# Tuning this value can greatly effect your database performance.
++# The parameters are:
++# <gbytes>: The number of gigabytes of memory to allocate to the cache.
++# <bytes>: The number of bytes of memory to allocate to the cache.
++# <ncache>: The number of cache segments to use. If this value is set to
++# 0 or 1 then Berkeley DB will try to allocate one contiguous section
++# of memory for the cache. If this value is greater than 1, the cache
++# will be split into that number of segments.
++#set_cachesize 0 52428800 0
++
++# For the Debian package we use 2MB as default but be sure to update this
++# value if you have plenty of RAM
++set_cachesize 0 2097152 0
++
++# Sets the database startup flags.
++#
++# set_flags <flag>
++# There are various flag options that may be set. The DB_TXN_NOSYNC flag
++# tells the database not to immediately flush transaction buffers to disk.
++# Setting this flag can help speed up database access during periods of
++# database write activity BUT at expense of data safety. Enable it only
++# to load data with slapadd, while slapd is not running.
++#set_flags DB_TXN_NOSYNC
++
++
++# Set the maximum in memory cache in <bytes> for database file name caching.
++#
++# set_lg_regionmax <bytes>
++# This value should be increased as the number of database files increases
++# (tables and indexes).
++#set_lg_regionmax 1048576
++
++# Set the maximum size of log files in <bytes>.
++#
++# set_lg_max <bytes>
++# Logs will be rotated when <bytes> amount of data have been written to
++# one log file. This value should be at least four times the size of
++# set_lg_bsize.
++#set_lg_max 10485760
++
++# Set the in memory cache for log information.
++#
++# set_lg_bsize <bytes>
++# When <bytes> amount of logging information have been written to this
++# cache it will be flushed to disk.
++#set_lg_bsize 2097152
++# For the Debian package we use 512kByte which should suffice for typical
++# directory usage (read often, write seldom)
++set_lg_bsize 524288
++
++# Set the log file directory to <directory>.
++#
++# set_lg_dir /usr/local/var/openldap-logs
++# Log files should preferably be on a different disk than the
++# database files. This both improves reliability (for disastrous
++# recovery) and speed of the database.
++#set_lg_dir <directory>
++
++
++# Sven Hartge reported that he had to set this value incredibly high
++# to get slapd running at all. See http://bugs.debian.org/303057
++# for more information.
++
++# Number of objects that can be locked at the same time.
++set_lk_max_objects 5000
++# Number of locks (both requested and granted)
++set_lk_max_locks 5000
++# Number of lockers
++set_lk_max_lockers 5000
--- /dev/null
--- /dev/null
++For good performance using the BDB backend, a good DB_CONFIG file in the
++database directory (usually /var/lib/ldap) is crucial. The following two
++articles should help you to determine a good configuration for your
++requirements. A standard DB_CONFIG is installed but it may not be adequate
++for your system.
++
++The current version of OpenLDAP supports putting DB_CONFIG parameters into
++slapd.conf instead by prefixing those options with dbconfig. See the
++slapd-bdb(5) man page for more information. If there is no DB_CONFIG file
++when slapd starts and there are dbconfig lines in slapd.conf, slapd will
++write out a DB_CONFIG file with those settings before initializing the
++database.
++
++With the current version of OpenLDAP, any changes to DB_CONFIG will take
++effect automatically after restarting slapd. Running db_recover is no
++longer required.
++
++ -- Torsten Landschoff <torsten@debian.org> Sun, 29 May 2005 18:08:10 +0200
++ Russ Allbery <rra@debian.org> Fri, 01 Jun 2007 23:57:33 -0700
++
++How do I configure the BDB backend?
++-----------------------------------
++(Taken from http://www.openldap.org/faq/data/cache/893.html, author unknown)
++
++The BDB backend ("back-bdb") uses a lot of special features of Sleepycat's
++Berkeley DB library, and there are a lot of details that must be set correctly
++to get the best results from it. Even though the LDBM backend ("back-ldbm") can
++use the BerkeleyDB library, the BDB and LDBM backends have some very important
++differences, as already noted in (Xref) What are the different backends? What
++are their differences?.
++
++Because back-bdb is transaction-based and uses write-ahead logging to ensure
++data consistency, it has much heavier I/O demands than back-ldbm. Also, the
++transaction log files accumulate as data is written to the directory, and these
++log files must be cleaned out periodically. Otherwise the log files will
++consume enormous amounts of disk space. The cleanup procedures are described in
++(Xref) How to maintain Berkeley DB (logs etc.) ?.
++
++The information needed to fully understand things and to properly configure
++back-bdb is divided among the slapd-bdb(5) manual page and the SleepyCat
++BerkeleyDB documentation (http://www.sleepycat.com/docs/).
++
++You should read the entire slapd-bdb(5) manpage before proceeding. The only
++mandatory keyword is "directory" for setting the location of the database
++files. The other keywords control tradeoffs between data reliability,
++performance, and memory use. To ensure that committed transactions actually get
++flushed to disk, you should use the "checkpoint" keyword, otherwise your data
++is vulnerable to loss due to system failures. See the SleepyCat documentation
++for more information about checkpoints. (In fact, you should read all of
++chapter 9 "Berkeley DB Transactional Data Store Applications" in the SleepyCat
++reference manual. At least, read sections 1-3 and 13-24.)
++
++The "dbnosync" keyword is provided for compatibility with back-ldbm; the
++preferred method of setting this is to use the BDB DB_CONFIG file option
++set_flags DB_TXN_NOSYNC. The "lockdetect" keyword is also deprecated, you
++should instead use the BDB DB_CONFIG file set_lk_detect keyword. (It's safe to
++leave this at the default setting.)
++
++A number of important items must be configured in the BDB DB_CONFIG file and
++not in slapd.conf. You should, at least, read about these items:
++
++set_cachesize
++ The BDB library maintains its own cache separate from the back-bdb entry
++ cache. You must set this cache to a size appropriate for your database and
++ physical memory size. Note that this is a persistent setting - after you
++ set it the first time, further changes will be ignored until you recreate
++ the environment using db_recover.
++set_lg_dir
++ Set the directory for storing transaction logs. For best performance,
++ the transaction logs must be located on a different physical disk from
++ the database files.
++set_lg_bsize
++ Set the buffer size for the transaction log. Larger is better, but it
++ doesn't have much effect unless you're also using the DB_TXN_NOSYNC
++ option. With a default log file size of 10MB I usually set this to 2MB.
++ The default is only 32K, which is too small for back-bdb.
++
++On a very busy system you might see error messages talking about running out of
++locks, lockers, or lock objects. Usually the default values are plenty, and in
++older versions of the BDB library the errors were more likely due to library
++bugs than actual system load. However, it is possible that you have actually
++run out of lock resources due to heavy system usage. If this happens, you
++should read about the set_lk_max_lockers, set_lk_max_locks, and
++set_lk_max_objects keywords.
++
++How do I determine the proper BDB/HDB database cache size?
++----------------------------------------------------------
++(Taken from http://www.openldap.org/faq/data/cache/1075.html, written by
++hyc@openldap.org, Kurt@OpenLDAP.org)
++
++Not having a proper database cache size will cause performance issues. (Note:
++in older versions of Berkeley DB, an improper database case size could also
++cause the server to hang.)
++
++These issues are not an indication of corruption occurring in the database. It
++is merely the fact that the cache is thrashing itself that causes
++performance/response time to slowdown. If you take the time to read and
++understand the Berkeley DB documentation, measure the library performance using
++db_stat, and tune your settings, you will avoid these problems.
++
++It is not absolutely necessary to configure a BerkeleyDB cache equal in size to
++your entire database. All that you need is a cache that's large enough for your
++"working set." That means, large enough to hold all of the most frequently
++accessed data, plus a few less-frequently accessed items.
++
++You should really read the BDB documentation referenced above, but let me spell
++out what that really means here, in detail. The discussion here is focused on
++back-bdb and back-hdb, but most of it also applies to back-ldbm when using
++BerkeleyDB as the underlying database engine.
++
++Start with the most obvious - the back-bdb database lives in two main files,
++dn2id.bdb and id2entry.bdb. These are B-tree databases. We have never
++documented the back-bdb internal layout before, because it didn't seem like
++something anyone should have to worry about, nor was it necessarily cast in
++stone. But here's how it works today, in OpenLDAP 2.1 and 2.2. (All of the
++database files in back-ldbm are B-trees by default.)
++
++A B-tree is a balanced tree; it stores data in its leaf nodes and bookkeeping
++data in its interior nodes. (If you don't know what tree data structures look
++like in general, Google for some references, because that's getting far too
++elementary for the purposes of this discussion.)
++
++For decent performance, you need enough cache memory to contain all the nodes
++along the path from the root of the tree down to the particular data item
++you're accessing. That's enough cache for a single search. For the general
++case, you want enough cache to contain all the internal nodes in the database.
++"db_stat -d" will tell you how many internal pages are present in a database.
++You should check this number for both dn2id and id2entry.
++
++Also note that id2entry always uses 16KB per "page", while dn2id uses whatever
++the underlying filesystem uses, typically 4 or 8KB. To avoid thrashing the
++cache and triggering these infinite hang bugs in BDB 4.1.25, your cache must be
++at least as large as the number of internal pages in both the dn2id and
++id2entry databases, plus some extra space to accomodate the actual leaf data
++pages.
++
++For example, in my OpenLDAP 2.2 test database, I have an input LDIF file that's
++about 360MB. With the back-hdb backend this creates a dn2id.bdb that's 68MB,
++and an id2entry that's 800MB. db_stat tells me that dn2id uses 4KB pages, has
++433 internal pages, and 6378 leaf pages. The id2entry uses 16KB pages, has 52
++internal pages, and 45912 leaf pages. In order to efficiently retrieve any
++single entry in this database, the cache should be at least
++
++(433+1) * 4KB + (52+1) * 16KB in size: 1736KB + 848KB =~ 2.5MB.
++
++This doesn't take into account other library overhead, so this is even lower
++than the barest minimum. The default cache size, when nothing is configured, is
++only 256KB. If you tried to do much of anything with this database and only
++default settings, BDB 4.1.25 would lock up in an infinite loop.
++
++This 2.5MB number also doesn't take indexing into account. Each indexed
++attribute uses another database file of its own, using a Hash structure.
++(Again, in back-ldbm, the indexes also use B-trees by default, so this part of
++the discussion doesn't apply unless back-ldbm was explicitly compiled to use
++Hashes instead. Also, in OpenLDAP 2.2 onward, all of the indexes use B-trees,
++there are no more Hash database files. So just use the B-tree information above
++and ignore this Hash discussion.)
++
++Unlike the B-trees, where you only need to touch one data page to find an entry
++of interest, doing an index lookup generally touches multiple keys, and the
++point of a hash structure is that the keys are evenly distributed across the
++data space. That means there's no convenient compact subset of the database
++that you can keep in the cache to insure quick operation, you can pretty much
++expect references to be scattered across the whole thing. My strategy here
++would be to provide enough cache for at least 50% of all of the hash data.
++(Number of hash buckets + number of overflow pages + number of duplicate pages)
++* page size / 2.
++
++The objectClass index for my example database is 5.9MB and uses 3 hash buckets
++and 656 duplicate pages. So ( 3 + 656 ) * 4KB / 2 =~ 1.3MB.
++
++With only this index enabled, I'd figure at least a 4MB cache for this backend.
++(Of course you're using a single cache shared among all of the database files,
++so the cache pages will most likely get used for something other than what you
++accounted for, but this gives you a fighting chance.)
++
++With this 4MB cache I can slapcat this entire database on my 1.3GHz PIII in 1
++minute, 40 seconds. With the cache doubled to 8MB, it still takes the same
++1:40s. Once you've got enough cache to fit the B-tree internal pages,
++increasing it further won't have any effect until the cache really is large
++enough to hold 100% of the data pages. I don't have enough free RAM to hold all
++the 800MB id2entry data, so 4MB is good enough.
++
++With back-bdb and back-hdb you can use "db_stat -m" to check how well the
++database cache is performing. Unfortunately you can't do this with back-ldbm,
++as the statistics are not accessible when slapd is running, nor are they saved
++anywhere when slapd is stopped. (Yet another reason not to use back-ldbm.)
--- /dev/null
--- /dev/null
++openldap2.2 (2.2.23-4) unstable; urgency=low
++
++ * debian/slapd.NEWS: Summarize the upstream changes and make clear that
++ the upgrade may be problemated. Sketch the upgrade procedure.
++ * debian/README.Debian: Explain what to check for if upgrading fails and
++ how to recover.
++ * CARLO: debian/slapd.scripts-common: Handle all UTF-8 supported characters
++ in organization field by converting the locale specific input into
++ utf-8 and base64 encoding the result (closes: #236097).
++ * Maintainer scripts: Handle the configuration to enable ldif dumping
++ correctly: Dump if requested and only slapadd the data if it is
++ supposed to be there.
++ * Check ITS#3267 (possible data loss) and apply the patch to the
++ package.
++ * CARLO: Escape special chars in the names of backup LDIF files using
++ the %xx syntax.
++ * Check lintian warning: Postinst uses db_input. I think the usage is
++ okay as it is an error message IIRC which is also output using cat
++ in case debconf is not available.
++
++ -- Torsten Landschoff <torsten@debian.org> Sun, 3 Apr 2005 20:24:52 +0200
++
++openldap2.2 (2.2.23-5) unstable; urgency=low
++
++ * Refactoring of the maintainer scripts. Goals:
++ + No more direct access to global variables but accessor functions
++ to check for invalid uses. Example: Don't use $OLD_VERSION but
++ `get_previous_version`. That way invalid uses can easily be flagged
++ if that information is not available anymore.
++ * Remove perl script to hash a password and use slappasswd instead.
++
++ -- Torsten Landschoff <torsten@debian.org> Sun, 3 Apr 2005 20:24:52 +0200
--- /dev/null
--- /dev/null
++Some ideas what to check and what the desired results would be:
++
++- running dpkg-reconfigure with an already configured slapd
++
++ Should either backup the database or ask before killing it.
++ Same for slapd.conf. Neither old configuration or old database
++ should be lost without the user confirming that this is what he wants.
--- /dev/null
--- /dev/null
++openldap (2.4.57+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++
++ -- Ryan Tandy <ryan@nardis.ca> Sat, 23 Jan 2021 08:57:07 -0800
++
++openldap (2.4.56+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++ - Fixed slapd abort due to assertion failure in Certificate List syntax
++ validation (ITS#9383) (CVE-2020-25709)
++ - Fixed slapd abort due to assertion failure in CSN normalization with
++ invalid input (ITS#9384) (CVE-2020-25710)
++
++ -- Ryan Tandy <ryan@nardis.ca> Wed, 11 Nov 2020 09:13:56 -0800
++
++openldap (2.4.55+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++ - Fixed slapd normalization handling with modrdn
++ (ITS#9370) (CVE-2020-25692)
++
++ -- Ryan Tandy <ryan@nardis.ca> Tue, 27 Oct 2020 21:07:29 -0700
++
++openldap (2.4.54+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++ * Change upstream Homepage and get-orig-source URLs to HTTPS.
++ * Create debian/gbp.conf.
++
++ -- Ryan Tandy <ryan@nardis.ca> Sun, 18 Oct 2020 16:03:46 +0000
++
++openldap (2.4.53+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++
++ -- Ryan Tandy <ryan@nardis.ca> Mon, 07 Sep 2020 09:47:28 -0700
++
++openldap (2.4.51+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++ - Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols.
++ * Merge some changes from Ubuntu:
++ - slapd.default, slapd.README.Debian: update to refer to slapd.d instead
++ of slapd.conf.
++ - debian/slapd.scripts-common: dump_databases: make slapcat_opts a local
++ variable.
++ * Drop paragraph about patch gnutls-altname-nulterminated (#465197) from
++ slapd.README.Debian. The patch referred to was dropped in 2.4.7-6.
++ * debian/patches/set-maintainer-name: Extract maintainer address dynamically
++ from debian/control. (Closes: #960448)
++ * Fix Torsten's email address in a historic debian/changelog entry to
++ resolve a Lintian error (bogus-mail-host-in-debian-changelog).
++ * Rename debian/source.lintian-overrides to debian/source/lintian-overrides.
++ Fixes a Lintian pedantic tag (old-source-override-location).
++ * Override Lintian pedantic tag maintainer-manual-page for
++ slapo-pw-pbkdf2.5, which will be included upstream in a future release.
++ * Remove the trailing whitespaces from debian/changelog, debian/control, and
++ debian/rules. Fixes a Lintian pedantic tag (trailing-whitespace).
++ * Convert debian/po/de.po to UTF-8. Fixes a Lintian warning
++ (national-encoding).
++ * Relax libldap's dependency on libldap-common to Recommends.
++ This is intended to mitigate the impact of bug #915948 in the case where
++ the arch:all build is delayed for so long that the old libldap-common
++ disappears. Previously, a delayed arch:all build could become
++ BD-Uninstallable if new amd64 binaries were published before the arch:all
++ build starts, due to the transitive build-dependency on libldap.
++ Although libldap works fine without libldap-common, in normal
++ installations it is still recommended to install libldap-common.
++ * Append a timestamp to the backup directory created by dpkg-reconfigure.
++ (Closes: #599585, #960449)
++ * Remove the redundant cn=admin,<suffix> entry from the default DIT for new
++ installs. For new installs going forward, the root credentials will be
++ stored in olcRootDN/olcRootPW only. (Closes: #821331)
++ * Change slapd's Suggests: ldap-utils to Recommends. While any LDAP client
++ suffices, ldap-utils contains the standard tools recommended by upstream
++ for basic administration and management.
++ * Relax Recommends: libsasl2-modules to Suggests on slapd and ldap-utils.
++ Many deployments do not use SASL at all, and therefore SASL mechanisms are
++ not needed "in all but unusual installations".
++
++ -- Ryan Tandy <ryan@nardis.ca> Sun, 23 Aug 2020 11:09:57 -0700
++
++openldap (2.4.50+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++ - Fixed slapd to limit depth of nested filters
++ (ITS#9202) (CVE-2020-12243)
++ - Drop patches included upstream: argon2.patch, ITS#9171, ITS#8650.
++ * Update Spanish debconf translation.
++ Thanks to Camaleón. (Closes: #958869)
++
++ -- Ryan Tandy <ryan@nardis.ca> Tue, 28 Apr 2020 10:18:12 -0700
++
++openldap (2.4.49+dfsg-4) unstable; urgency=medium
++
++ * Annotate libsodium-dev dependency with <!pkg.openldap.noslapd>.
++ Thanks to Helmut Grohne. (Closes: #955993)
++ * Add the man page for the Argon2 password module.
++ Thanks to Peter Marschall. (Closes: #955977)
++ * Build the Argon2 password module with libargon2-dev instead of
++ libsodium-dev. Rationale:
++ - libargon2 contains the specific functionality needed; libsodium is a
++ larger library and contains many features not used here
++ - libsodium does not support configuring the p= (parallelism) parameter
++ * Import upstream patch to properly retry gnutls_handshake() after it
++ returns GNUTLS_E_AGAIN. (ITS#8650) (Closes: #861838)
++ * Update the Argon2 password module to upstream commit feb6f21d2e.
++
++ -- Ryan Tandy <ryan@nardis.ca> Tue, 14 Apr 2020 21:33:16 -0700
++
++openldap (2.4.49+dfsg-3) unstable; urgency=medium
++
++ * Drop patch no-AM_INIT_AUTOMAKE. Instead, configure dh_autoreconf to skip
++ automake by setting AUTOMAKE=/bin/true. (Closes: #864637)
++ * debian/patches/debian-version: Show Debian version, instead of upstream
++ version, in version strings.
++ * Add ${perl:Depends} to slapd Depends to silence a dpkg-gencontrol warning.
++ This is practically a no-op since slapd explicitly Depends on perl because
++ of the maintainer scripts.
++ * Import the Argon2 password module from upstream git and install it in
++ slapd-contrib. New Build-Depends: libsodium-dev. (Closes: #920283)
++
++ -- Ryan Tandy <ryan@nardis.ca> Sat, 04 Apr 2020 10:43:56 -0700
++
++openldap (2.4.49+dfsg-2) unstable; urgency=medium
++
++ * slapd.README.Debian: Document the initial setup performed by slapd's
++ maintainer scripts in more detail. Thanks to Karl O. Pinc.
++ (Closes: #952501)
++ * Import upstream patch to fix slapd crashing in certain configurations when
++ a client attempts a login to a locked account.
++ (ITS#9171) (Closes: #953150)
++
++ -- Ryan Tandy <ryan@nardis.ca> Thu, 05 Mar 2020 12:59:46 -0800
++
++openldap (2.4.49+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++ - Drop patch no-gnutls_global_set_mutex, applied upstream.
++ * When validating the DNS domain chosen for slapd's default suffix, set
++ LC_COLLATE explicitly for grep to ensure character ranges behave as
++ expected. Thanks to Fredrik Roubert. (Closes: #940908)
++ * Backport proposed upstream patch to emit detailed messages about errors in
++ the TLS configuration. (ITS#9086) (Closes: #837341)
++ * slapd.scripts-common: Delete unused copy_example_DB_CONFIG function.
++ * Remove debconf support for choosing a database backend. Always use the
++ LMDB backend for new installs, as recommended by upstream.
++ * Remove the empty olcBackend section from the default configuration.
++ * Remove the unused slapd.conf template from /usr/share/slapd. Continue
++ shipping it as an example in /usr/share/doc/slapd.
++ * Fix a typo in index-files-created-as-root patch.
++ Thanks to Quanah Gibson-Mount.
++ * Annotate slapd's Depends on perl with :any. Fixes installation of
++ foreign-arch slapd. Thanks to Andreas Hasenack.
++ * Rename 'stage1' build profile to 'pkg.openldap.noslapd'.
++ Thanks to Helmut Grohne. (Closes: #949722)
++ * Drop Build-Conflicts: libicu-dev as upstream's configure no longer tests
++ for or links with libicu.
++ * Note ITS#9126 recommendation in slapd.NEWS.
++ * Update Standards-Version to 4.5.0; no changes required.
++
++ -- Ryan Tandy <ryan@nardis.ca> Thu, 06 Feb 2020 10:08:12 -0800
++
++openldap (2.4.48+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++ - fixed slapd to restrict rootDN proxyauthz to its own databases
++ (CVE-2019-13057) (ITS#9038) (Closes: #932997)
++ - fixed slapd to enforce sasl_ssf ACL statement on every connection
++ (CVE-2019-13565) (ITS#9052) (Closes: #932998)
++ - added new openldap.h header with OpenLDAP specific libldap interfaces
++ (ITS#8671)
++ - updated lastbind overlay to support forwarding authTimestamp updates
++ (ITS#7721) (Closes: #880656)
++ * Update Standards-Version to 4.4.0.
++ * Add a systemd drop-in to set RemainAfterExit=no on the slapd service, so
++ that systemd marks the service as dead after it crashes or is killed.
++ Thanks to Heitor Alves de Siqueira. (Closes: #926657, LP: #1821343)
++ * Use more entropy for generating a random admin password, if none was set
++ during initial configuration. Thanks to Judicael Courant.
++ (Closes: #932270)
++ * Replace debian/rules calls to dpkg-architecture and dpkg-parsechangelog
++ with variables provided by dpkg-dev includes.
++ * Declare R³: no.
++ * Create a simple autopkgtest that tests installing slapd and connecting to
++ it with an ldap tool.
++ * Install the new openldap.h header in libldap2-dev.
++
++ -- Ryan Tandy <ryan@nardis.ca> Thu, 25 Jul 2019 08:32:00 -0700
++
++openldap (2.4.47+dfsg-3) unstable; urgency=medium
++
++ * Restore patches to contrib Makefiles to set CFLAGS, CPPFLAGS, and LDFLAGS
++ individually in the relevant command lines instead of overriding OPT. The
++ change to use OPT caused FTBFS on some ports arches where PIE enablement
++ uses spec files, by mixing compile-time and link-time flags.
++ (Closes: #919136)
++ * Fix architecture-specific path in smbk5pwd's binary-or-shlib-defines-rpath
++ Lintian override.
++ * Skip exporting cn=config to LDIF in preinst for upgrades where nothing
++ needs to be checked in it.
++ * Update Standards-Version to 4.3.0.
++
++ -- Ryan Tandy <ryan@nardis.ca> Sat, 02 Feb 2019 10:30:10 -0800
++
++openldap (2.4.47+dfsg-2) unstable; urgency=medium
++
++ * Reintroduce slapi-dev binary package. (Closes: #711469)
++ Thanks to Florian Schlichting.
++ * Do not call gnutls_global_set_mutex(). (Closes: #803197)
++ * Use dh_auto_* to build and install contrib modules.
++ - Stop patching the clean rule in smbk5pwd's Makefile.
++ * Explicitly list overlays and man pages installed by slapd package in
++ slapd.install and slapd.manpages files.
++ * Set common variables for contrib Makefiles by make(1) command line instead
++ of patching every Makefile.
++ * Build and install more contrib plugins in a new slapd-contrib package:
++ - pw-apr1 and pw-netscape (Closes: #592362)
++ - pw-pbkdf2 (Closes: #794999)
++ * Import the slapo-pw-pbkdf2 man page from upstream git master and install
++ it with the slapd-contrib package.
++ * Add smbk5pwd to slapd-contrib and turn slapd-smbk5pwd into a transitional
++ package. Drop smbk5pwd README since it now has a man page which is a
++ better resource for users.
++ - Use Breaks to ensure that slapd is not upgraded in between removing the
++ old smbk5pwd module and installing the new one.
++ * Include the apr1-atol.pl and apr1-lota.pl helper scripts in the
++ slapd-contrib package as examples.
++ * Merge remaining contrib Makefile patches into a single contrib-makefiles
++ patch.
++
++ -- Ryan Tandy <ryan@nardis.ca> Sat, 12 Jan 2019 11:18:03 -0800
++
++openldap (2.4.47+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++ - reverted GnuTLS handshake change in libldap as it regressed slapd
++ (Reopens: #861838)
++ * Update Standards-Version to 4.2.1.
++
++ -- Ryan Tandy <ryan@nardis.ca> Sun, 23 Dec 2018 12:50:40 -0800
++
++openldap (2.4.46+dfsg-5) unstable; urgency=medium
++
++ * Restore slapd-smbk5pwd now that libldap is installable in unstable.
++ This reverts the changes from -3 and -4.
++
++ -- Ryan Tandy <ryan@nardis.ca> Fri, 04 May 2018 16:12:27 -0700
++
++openldap (2.4.46+dfsg-4) unstable; urgency=medium
++
++ * Disable building the smbk5pwd plugin temporarily.
++
++ -- Ryan Tandy <ryan@nardis.ca> Fri, 04 May 2018 08:06:58 -0700
++
++openldap (2.4.46+dfsg-3) unstable; urgency=medium
++
++ * Build without heimdal temporarily to resolve BD-Uninstallable loop.
++
++ -- Ryan Tandy <ryan@nardis.ca> Fri, 04 May 2018 07:36:58 -0700
++
++openldap (2.4.46+dfsg-2) unstable; urgency=medium
++
++ * Remove version constraint from libldap-2.4-2 dependency on libldap-common.
++
++ -- Ryan Tandy <ryan@nardis.ca> Thu, 03 May 2018 14:16:49 -0700
++
++openldap (2.4.46+dfsg-1) unstable; urgency=medium
++
++ * Move the repository to Salsa.
++ Update debian/control Vcs-* fields.
++ * Remove Matthijs Möhlmann from Uploaders. (Closes: #891308)
++ Thank you Matthijs for your past contributions.
++ * New upstream release.
++ - fixed slapd out-of-sync issue with delta-MMR and memberof overlay
++ (ITS#8444) (Closes: #877166)
++ * Rebase patch no-AM_INIT_AUTOMAKE to apply cleanly.
++ * Drop patch ITS8650-retry-gnutls_handshake-after-GNUTLS_E_AGAIN, applied
++ upstream.
++ * Really fix upgrades when the config contains backslash-escaped special
++ characters. The previous fix was incomplete and didn't fully fix upgrades
++ involving a database reload. (Closes: #864719)
++ * Update Standards-Version to 4.1.4.
++ - Change the Priority of libldap-2.4-2 and libldap-common to optional.
++ * Change download URL in debian/watch to https. Fixes a Lintian info.
++ * Override the binary-or-shlib-defines-rpath Lintian tag for slapd-smbk5pwd.
++ The rpath is set by krb5-config.heimdal; see bug #868840.
++
++ -- Ryan Tandy <ryan@nardis.ca> Thu, 03 May 2018 07:03:30 -0700
++
++openldap (2.4.45+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++ - fixed a use-after-free in GnuTLS options handling
++ (ITS#8385) (Closes: #820244) (LP: #1557248)
++ - fixed unsafe concurrent SASL calls causing memory corruption
++ (ITS#8648) (Closes: #860947) (LP: #1688575)
++ - fixed syncrepl infinite looping with multi-master delta-syncrepl
++ (ITS#8432) (Closes: #868753)
++ * Rebase patches to apply cleanly:
++ - do-not-second-guess-sonames
++ - no-AM_INIT_AUTOMAKE
++ * Drop patches applied upstream:
++ - ITS-8554-kFreeBSD-is-like-BSD.patch
++ - ITS-8644-wait-for-slapd-to-start-in-test064.patch
++ - ITS-8655-paged-results-double-free.patch
++ * Upgrade to debhelper compat level 10.
++ - Depend on debhelper 10.
++ - Stop enabling parallel and autoreconf explicitly. They are now enabled
++ by default.
++ - Drop dh-autoreconf from build-depends since debhelper requires it.
++ * Add -Wno-format-extra-args to CFLAGS to reduce the noise in the build
++ logs, as this warning is emitted on each use of the Debug() macro.
++ * Drop libldap-2.4-4-dbg and slapd-dbg binary packages in favour of
++ automatic dbgsym packages.
++ * Update Standards-Version to 4.0.0; no changes required.
++ * Drop Priority and Section from binary package stanzas when they only
++ duplicate information from the source stanza.
++ * Update Priority of slapd-smbk5pwd and libldap2-dev to optional to match
++ the archive.
++ * Remove retired developer, Roland Bauerschmidt, from Uploaders.
++ (Closes: #856422)
++ * Remove Timo Aaltonen from Uploaders, with his agreement.
++ * debian/patches/ITS8650-retry-gnutls_handshake-after-GNUTLS_E_AGAIN.patch:
++ If gnutls_handshake() returns EAGAIN, call it again. Fixes TLS handshake
++ failures when the ServerHello message exceeds 16K.
++ (ITS#8650) (Closes: #861838)
++ * Drop time from Build-Depends. The upstream testsuite no longer calls it.
++
++ -- Ryan Tandy <ryan@nardis.ca> Thu, 27 Jul 2017 18:04:41 -0700
++
++openldap (2.4.44+dfsg-8) unstable; urgency=medium
++
++ * Disable test060-mt-hot on ppc64el temporarily to avoid failing tests until
++ the underlying kernel bug #866122 is fixed.
++ * Fix FTBFS with Heimdal 7.2.0: Drop patch heimdal-fix as the
++ hdb_generate_key_set_password change was reverted in heimdal. Depend on an
++ appropriate minimum version of heimdal.
++
++ -- Ryan Tandy <ryan@nardis.ca> Sun, 16 Jul 2017 12:57:41 -0700
++
++openldap (2.4.44+dfsg-7) unstable; urgency=medium
++
++ * Relax the dependency of libldap-2.4-2 on libldap-common to also permit
++ later versions. (Closes: #860774)
++
++ -- Ryan Tandy <ryan@nardis.ca> Tue, 27 Jun 2017 18:53:12 -0700
++
++openldap (2.4.44+dfsg-6) unstable; urgency=medium
++
++ * Update the list of non-translatable strings for the
++ slapd/ppolicy_schema_needs_update template. Thanks Ferenc Wágner.
++ * Fix upgrade failure when olcSuffix contains a backslash. (Closes: #864719)
++
++ -- Ryan Tandy <ryan@nardis.ca> Mon, 26 Jun 2017 19:42:02 -0700
++
++openldap (2.4.44+dfsg-5) unstable; urgency=medium
++
++ * debian/patches/ITS-8644-wait-for-slapd-to-start-in-test064.patch: Fix an
++ intermittently failing test by waiting for slapd to start before running
++ tests. (ITS#8644) (Closes: #770890)
++ * debian/patches/ITS-8655-paged-results-double-free.patch: Fix a double free
++ in the MDB backend on a search including the Paged Results control with a
++ page size of 0. (ITS#8655) (CVE-2017-9287) (Closes: #863563)
++
++ -- Ryan Tandy <ryan@nardis.ca> Sun, 28 May 2017 09:59:46 -0700
++
++openldap (2.4.44+dfsg-4) unstable; urgency=medium
++
++ * Improve the slapd/ppolicy_schema_needs_update debconf template. Thanks to
++ Justin B Rye for the review.
++ * Update Catalan debconf translation. (Closes: #851905)
++ Thanks to Innocent De Marchi.
++ * Update Czech debconf translation. (Closes: #852190)
++ Thanks to Miroslav Kure.
++ * Update Danish debconf translation. (Closes: #850859)
++ Thanks to Joe Dalton.
++ * Update German debconf translation. (Closes: #851480)
++ Thanks to Helge Kreutzmann.
++ * Update Basque debconf translation. (Closes: #850812)
++ Thanks to Iñaki Larrañaga Murgoitio.
++ * Update French debconf translation. (Closes: #852459)
++ Thanks to Jean-Pierre Giraud.
++ * Update Italian debconf translation. (Closes: #852074)
++ Thanks to Luca Monducci.
++ * Update Japanese debconf translation. (Closes: #851457)
++ Thanks to Kenshi Muto.
++ * Update Dutch debconf translation. (Closes: #852405)
++ Thanks to Frans Spiesschaert.
++ * Update Brazilian Portuguese debconf translation. (Closes: #852443)
++ Thanks to Adriano Rafael Gomes.
++ * Update Russian debconf translation. (Closes: #850833)
++ Thanks to Yuri Kozlov.
++ * Update Slovak debconf translation. (Closes: #850796)
++ Thanks to Ivan Masár.
++ * Update Swedish debconf translation. (Closes: #851168)
++ Thanks to Martin Bagge.
++ * Update Turkish debconf translation. (Closes: #851470)
++ Thanks to Atila KOÇ.
++ * Update Vietnamese debconf translation.
++ Thanks to Trần Ngọc Quân.
++ * Update Build-Depends on debhelper to ensure shlibs files are installed at
++ the expected time during build. (Closes: #854158)
++ * Update Portuguese debconf translation. (Closes: #859943)
++ Thanks to Rui Branco and DebianPT.
++ * Dump the configuration and databases to LDIF before removing slapd, so
++ that they are available if a newer version requiring migration is
++ installed later. (Closes: #665199)
++ * When creating a new configuration with dpkg-reconfigure, back up the old
++ configuration before overwriting it.
++
++ -- Ryan Tandy <ryan@nardis.ca> Sun, 16 Apr 2017 20:10:43 -0700
++
++openldap (2.4.44+dfsg-3) unstable; urgency=medium
++
++ * Apply upstream patch to fix FTBFS on kFreeBSD. (Closes: #845394)
++ * Restore heimdal support to the smbk5pwd overlay.
++
++ -- Ryan Tandy <ryan@nardis.ca> Sun, 01 Jan 2017 19:47:36 -0800
++
++openldap (2.4.44+dfsg-2) unstable; urgency=medium
++
++ [ Ryan Tandy ]
++ * Update Standards-Version to 3.9.8; no changes required.
++ * Enable dh_makeshlibs for libldap-2.4-2. Remove libldap-2.4-2.postinst, now
++ replaced by the automatic ldconfig trigger.
++ * Don't execute slapd's override_dh_install when building only
++ arch-independent packages. (Closes: #845506)
++ * Override lintian false positives on slapd.README.Debian,
++ slapd-smbk5pwd.postinst, and slapd-smbk5pwd triggering ldconfig.
++ * Perform permissions changes in override_dh_fixperms instead of in
++ override_dh_install.
++ * Remove manual chmod of schema files since dh_fixperms sets correct
++ permissions automatically.
++ * Fix slapd-smbk5pwd failing to upgrade when there are no instances of the
++ overlay configured.
++
++ [ Helmut Grohne ]
++ * Fix FTCBFS: Pass CC to make explicitly. (Closes: #839251)
++
++ -- Ryan Tandy <ryan@nardis.ca> Thu, 01 Dec 2016 19:40:20 -0800
++
++openldap (2.4.44+dfsg-1) unstable; urgency=medium
++
++ [ Ryan Tandy ]
++ * New upstream release.
++ - Fixed ppolicy not unlocking policy entry after initialization failure
++ (ITS#7537) (Closes: #702414)
++ * Drop ITS8240-remove-obsolete-assert.patch, included upstream.
++ * Update debian/schema/ppolicy.schema to add the pwdMaxRecordedFailure
++ attribute.
++ * Update libldap-2.4-2.symbols with new ldap_build_*_req symbols.
++ * Mark the build target in debian/rules as phony, since the upstream source
++ includes a build/ directory.
++ * Correct the list of files to be cleaned for the pw-sha2 contrib module.
++ * Fix a typo (slpad -> slapd) in the Catalan debconf translation.
++ * Disable OpenSLP support and remove libslp-dev from Build-Depends.
++ (Closes: #815364)
++ * Ensure /var/run/slapd exists when starting slapd, even if the pid file is
++ somewhere else. Thanks to Dave Beach for the report. (Closes: #815571)
++ * Create the pidfile directory when starting slapd, but not when running the
++ init script in other modes.
++ * Remove support for enabling the obsolete LDAPv2 protocol via debconf.
++ * debian/copyright: Update the OpenLDAP copyright and license.
++ * debian/control: Update VCS URIs to the modern canonical form.
++ * Override Lintian errors about schema files derived from RFC documents.
++ Copyrightable content has been removed from these files; however, the
++ copyright notices have been retained to preserve attribution.
++ * On upgrade, if the cn=config database contains the ppolicy schema, add the
++ new pwdMaxRecordedFailure attribute to it.
++ * Add debian/patches/set-maintainer-name to omit the builder's username and
++ working directory from version strings and thereby make the build
++ reproducible. Thanks to Daniel Shahaf for the patch. (Closes: #833179)
++ * Build smbk5pwd without Kerberos support and drop the build-dependency on
++ heimdal. (Closes: #836885)
++ * On upgrade, comment the krb5 setting on any instances of the smbk5pwd
++ overlay in slapd.conf. Require cn=config users to disable krb5 manually
++ before upgrading.
++
++ [ Helmut Grohne ]
++ * Fix policy 8.2 violation (Closes: #330695)
++ + Move /etc/ldap/ldap.conf and manpage to new package libldap-common.
++
++ -- Ryan Tandy <ryan@nardis.ca> Mon, 14 Nov 2016 18:59:30 -0800
++
++openldap (2.4.42+dfsg-2) unstable; urgency=medium
++
++ [ Ryan Tandy ]
++ * Change explicit Pre-Depends: multiarch-support to ${misc:Pre-Depends}, as
++ recommended by lintian.
++ * Omit slapd, slapd-dbg, and slapd-smbk5pwd from the stage1 build profile.
++ This allows the dependency loop with heimdal to be broken for
++ bootstrapping, and the dependency on libperl-dev to be avoided for
++ cross-building. Thanks Daniel Schepler and Helmut Grohne.
++ (Closes: #724518)
++ * Apply wrap-and-sort to the Build-Depends field.
++ * Drop libncurses5-dev from Build-Depends, no longer needed since the ud
++ tool was removed in OpenLDAP 2.1.4.
++ * Drop libltdl3-dev as an alternate Build-Depends, since that package was
++ removed after lenny.
++ * Annotate Build-Depends on perl with :any to allow running the system perl
++ interpreter during cross builds.
++ * Ensure CC is set correctly for cross builds. Thanks Helmut Grohne.
++ * Build-Depend on dpkg-dev (>= 1.17.14) and debhelper (>= 9.20141010) for
++ restriction formula support.
++ * Override the 'dev-pkg-without-shlib-symlink' lintian tag. The symlink is
++ actually in the form libldap_r.so -> libldap_r-2.4.so.xyz and the tag is a
++ false positive; see #687022.
++ * Include the smbk5pwd man page in the slapd-smbk5pwd package.
++ * Allow anonymous read access to the shadowLastChange attribute by default,
++ allowing nss-ldap/nss-ldapd to handle password expiry correctly even when
++ bound anonymously. This was the only restricted shadow attribute, the
++ others were already world-readable. (Closes: #669235)
++ * Drop the redundant default ACL for dn.base="" from the database entry.
++ It's already covered by the fallback case below.
++ * Copy more comments from the slapd.conf template to slapd.init.ldif. Also
++ comment the shadowLastChange access rule.
++ * Import upstream patch to remove an unnecessary assert(0) that could be
++ triggered remotely by an unauthenticated user by sending a malformed BER
++ element. (ITS#8240) (CVE-2015-6908) (Closes: #798622)
++
++ [ Peter Marschall ]
++ * Add a manual page slapo-smbk5pwd.5 and update smbk5pwd's Makefile to
++ install the new manual page. (Closes: #794998)
++
++ -- Ryan Tandy <ryan@nardis.ca> Thu, 10 Sep 2015 20:13:17 -0700
++
++openldap (2.4.42+dfsg-1) unstable; urgency=medium
++
++ [ Peter Marschall ]
++ * slapd.scripts-common:
++ - Use update_permissions instead of direct calls to chown and chgrp.
++ - Make variables only used within a function local to that function.
++ - Restore databases ordered by increasing suffix path length.
++ This should help configurations with databases glued together using the
++ 'subordinate' keyword / 'olcSubordinate' attribute in slapd's
++ configuration.
++ (Closes: #794996)
++ * Install slapo-lastbind.5 man page. (Closes: #794997)
++
++ [ Ryan Tandy ]
++ * slapd.scripts-common: Delete an outdated comment.
++ * New upstream release.
++ * Enable the MDB backend again on GNU/kFreeBSD. The new pthread library
++ provides all the required interfaces, and the test suite now passes.
++ Leave it disabled on the Hurd. LMDB requires POSIX semaphores, which have
++ not yet been implemented.
++ * Disable the BDB/HDB backends on the Hurd. BDB requires record locks
++ (F_SETLK), which have not yet been implemented; see #693971.
++
++ -- Ryan Tandy <ryan@nardis.ca> Fri, 21 Aug 2015 13:07:51 -0700
++
++openldap (2.4.41+dfsg-1) unstable; urgency=medium
++
++ * New upstream release.
++ * Update patches for upstream changes, drop patches included upstream.
++ * debian/rules: Adjust get-orig-source target to add +dfsg to version.
++ * Convert to source format 3.0 (quilt).
++ * debian/slapd.scripts-common: Fix nesting of fold markers.
++
++ -- Ryan Tandy <ryan@nardis.ca> Wed, 08 Jul 2015 21:07:24 -0700
++
++openldap (2.4.40+dfsg-2) unstable; urgency=medium
++
++ * Actually install libldap-2.4-2.symbols.
++ * Update Standards-Version to 3.9.6.
++ * Build-Depend on debhelper (>= 9) to fix a Lintian warning.
++ * Import upstream patch to fix FTBFS with gcc-5. (Addresses #778045)
++
++ -- Ryan Tandy <ryan@nardis.ca> Sun, 28 Jun 2015 20:40:37 -0700
++
++openldap (2.4.40+dfsg-1) unstable; urgency=medium
++
++ * Remove inetorgperson.schema from the upstream source. Replace it with a
++ copy stripped of RFC text. (Closes: #780283)
++ * Adjust debian/watch for +dfsg versioning.
++ * debian/patches/ITS7975-fix-mdb-onelevel-search.patch: Import upstream
++ patch to fix scope=onelevel searches wrongly including the search base in
++ results under the MDB backend. (ITS#7975) (Closes: #782212)
++
++ -- Ryan Tandy <ryan@nardis.ca> Thu, 09 Apr 2015 08:38:38 -0700
++
++openldap (2.4.40-4) unstable; urgency=medium
++
++ * debian/patches/ITS8027-deref-reject-empty-attr-list.patch: Import upstream
++ patch to fix a crash when a search includes the Deref control with an
++ empty attribute list. (ITS#8027) (CVE-2015-1545, Closes: #776988)
++ * debian/patches/ITS8046-fix-vrFilter_free-crash.patch: Import upstream
++ patch to fix a double free triggered by certain search queries using the
++ Matched Values control. (ITS#8046) (CVE-2015-1546, Closes: #776991)
++
++ -- Ryan Tandy <ryan@nardis.ca> Sun, 08 Feb 2015 20:19:11 +0000
++
++openldap (2.4.40-3) unstable; urgency=medium
++
++ * Remove trailing spaces from slapd.templates.
++ * Update Vietnamese debconf translation.
++ Thanks to Trần Ngọc Quân.
++ * Update Danish debconf translation.
++ Thanks to Joe Hansen. (Closes: #766848)
++ * Update Japanese debconf translation.
++ Thanks to Kenshi Muto. (Closes: #766824)
++ * Update Russian debconf translation.
++ Thanks to Yuri Kozlov. (Closes: #766825)
++ * Update Basque translation.
++ Thanks to Iñaki Larrañaga Murgoitio. (Closes: #767070)
++ * Update French debconf translation.
++ Thanks to Christian Perrier. (Closes: #767634)
++ * Update German debconf translation.
++ Thanks to Helge Kreutzmann. (Closes: #767686)
++ * Update Portuguese debconf translation.
++ Thanks to Ricardo Silva. (Closes: #768085)
++ * Update Italian debconf translation.
++ Thanks to Luca Monducci. (Closes: #768195)
++ * Update Turkish debconf translation.
++ Thanks to Atila KOÇ. (Closes: #768409)
++ * Update Czech debconf translation.
++ Thanks to Miroslav Kure. (Closes: #768591)
++ * Update Catalan debconf translation.
++ Thanks to Innocent De Marchi. (Closes: #768605)
++ * Update Dutch debconf translation.
++ Thanks to Frans Spiesschaert. (Closes: #769024)
++ * Update Brazilian Portuguese debconf translation.
++ Thanks to Adriano Rafael Gomes. (Closes: #769717)
++ * Update Galician debconf translation.
++ Thanks to Jorge Barreiro.
++ * Update Swedish debconf translation.
++ Thanks to Martin Bagge / brother. (Closes: #769867)
++ * Update Spanish debconf translation.
++ Thanks to Camaleón. (Closes: #770715)
++ * Fix doubled spaces in po files, caused by trailing spaces in the templates
++ file.
++ * Run debconf-updatepo to refresh PO files.
++
++ -- Ryan Tandy <ryan@nardis.ca> Sun, 23 Nov 2014 10:33:10 -0800
++
++openldap (2.4.40-2) unstable; urgency=medium
++
++ * Fix typo (chmod/chgrp) in previous changelog, spotted by Ferenc Wagner.
++ * debian/patches/contrib-modules-use-dpkg-buildflags: Also use CPPFLAGS from
++ dpkg-buildflags. Spotted by Lintian.
++ * debian/slapd.init.ldif: Don't bother explicitly granting rights to the
++ rootdn, since it already has unlimited privileges. Thanks Ferenc Wagner.
++ * Recommend MDB for new installations, per upstream's recommendation.
++ * Don't re-create the default DB_CONFIG if there wasn't one in the backup,
++ for example if the active backend doesn't use it. Thanks Ferenc Wagner.
++ * On upgrade, if an access rule begins with "to * by self write", show a
++ debconf note warning that it should be changed. (Closes: #761406)
++ * Build and install the lastbind contrib module. (Closes: #701111)
++ * Build and install the passwd/sha2 contrib module. (Closes: #746727)
++
++ -- Ryan Tandy <ryan@nardis.ca> Mon, 20 Oct 2014 22:19:24 -0700
++
++openldap (2.4.40-1) unstable; urgency=low
++
++ [ Ryan Tandy ]
++ * New upstream release.
++ - fixed ldap_get_dn(3) ldap_ava definition (ITS#7860) (Closes: #465024)
++ - fixed slapcat with external schema (ITS#7895) (Closes: #599235)
++ - fixed double free with invalid ciphersuite (ITS#7500) (Closes: #640384)
++ - fixed modrdn crash on naming attr with no matching rule (ITS#7850)
++ (Closes: #666515)
++ - fixed slapacl causing unclean database (ITS#7827) (Closes: #741248)
++ * slapd.scripts-common:
++ - Anchor grep patterns to avoid matching commented lines in ldif files
++ under cn=config. (Closes: #723957)
++ - Don't silently ignore nonexistent directories that should be dumped.
++ - Invoke find, chown, and chgrp with -H in case /var/lib/ldap is a
++ symlink. (Closes: #742862)
++ - When upgrading a database, ignore extra nested directories as they might
++ contain other databases. Patch from Kenny Millington. (LP: #1003854)
++ - Fix dumping and reloading when multiple databases hold the same suffix,
++ thanks Peder Stray. (Closes: #759596, LP: #1362481)
++ - Remove trailing dot from slapd/domain. (Closes: #637996)
++ * debian/rules:
++ - Enable parallel building.
++ - Copy libldap-2.4-2.shlibs into place manually, as a workaround for
++ #676168. (Closes: #742841)
++ * debian/slapd.README.Debian: Add a note about database format upgrades and
++ the consequences of missing one. (Closes: #594711)
++ * Build with GnuTLS 3 (Closes: #745231, #760559).
++ * Drop debian/patches/fix-ftbfs-binutils-gold, no longer needed.
++ * Drop debconf-utils from Build-Depends, no longer used (replaced by
++ po-debconf). Thanks Johannes Schauer.
++ * Acknowledge NMU fixing #729367, thanks to Michael Gilbert.
++ * Offer the MDB backend as a choice during initial configuration. (Closes:
++ #750022)
++ * debian/slapd.init.ldif:
++ - Disallow modifying one's own entry by default, except specific
++ attributes. (Closes: #761406)
++ - Index some more common search attributes by default. (Closes: #762111)
++ * Introduce a symbols file for libldap-2.4-2.
++ * debian/schema/pmi.schema: Add a copyright clarification. There does not
++ appear to be any copyrighted text in this file, only ASN.1 assignments and
++ LDAP schema definitions. Fixes a Lintian error on the original.
++ * debian/schema/duaconf.schema: Strip Internet-Draft text from
++ duaconf.schema.
++ * Drop debian/patches/CVE-2013-4449.patch, applied upstream.
++ * Update debian/patches/no-AM_INIT_AUTOMAKE with upstream changes.
++ * debian/schema/ppolicy.schema: Update with ordering rules added in
++ draft-behera-ldap-password-policy-11.
++ * Suggest GSSAPI SASL modules. (Closes: #762424)
++ * debian/patches/ITS6035-olcauthzregex-needs-restart.patch: Document in
++ slapd-config.5 the fact that changes to olcAuthzRegexp only take effect
++ after the server is restarted. (Closes: #761407)
++ * Add myself to Uploaders.
++
++ [ Jelmer Vernooij ]
++ * Depend on heimdal-multidev rather than heimdal-dev. (Closes: #745356,
++ #706123)
++
++ [ Updated debconf translations ]
++ * Turkish, thanks to Atila KOÇ <akoc@artielektronik.com.tr>.
++ (Closes: #661641)
++
++ -- Ryan Tandy <ryan@nardis.ca> Fri, 17 Oct 2014 08:19:28 -0700
++
++openldap (2.4.39-1.1) unstable; urgency=high
++
++ * Non-maintainer upload by the Security Team.
++ * Fix CVE-2013-4449: reference counting logic issue (closes: #729367).
++
++ -- Michael Gilbert <mgilbert@debian.org> Sat, 09 Aug 2014 09:26:51 +0000
++
++openldap (2.4.39-1) unstable; urgency=low
++
++ [ Peter Marschall ]
++ * debian/patches/wrong-database-location: fix database location in
++ doc/man/man5/slapd-mdb.5
++ * debian/configure.options: add info on --enable-mdb
++
++ [ Russ Allbery ]
++ * Remove myself from Uploaders.
++
++ [ Steve Langasek ]
++ * Remove Stephen Frost from Uploaders, per discussion with him. Thanks for
++ your contributions, Stephen!
++ * Adjust dh_autoreconf usage to update all config.sub/config.guess
++ instances in the source, so that we can be forwards-compatible with new
++ ports. Thanks to Colin Watson <cjwatson@ubuntu.com> for the patch.
++ Closes: #725824.
++ * Add Timo to Uploaders.
++ * Update Vcs-* fields to point at the new git repo; thanks to Timo for
++ driving this migration!
++ * Rebuild against db5.3, with a corresponding dump/restore of the database
++ on upgrade. Closes: #738641.
++
++ [ Timo Aaltonen ]
++ * contrib-modules-use-dpkg-buildflags, autogroup-makefile,
++ smbk5pwd-makefile:
++ - Updated for current upstream.
++ * Refresh patches to apply cleanly.
++ * rules: Use dpkg-parsechangelog to determine the upstream version for
++ get-orig-source.
++ * source: Add lintian overrides for non-transatable internal
++ templates.
++
++ -- Steve Langasek <vorlon@debian.org> Mon, 17 Mar 2014 15:27:31 -0700
++
++openldap (2.4.31-1) unstable; urgency=low
++
++ * New upstream release.
++ - Fixes a denial of service attack, CVE-2012-1164, when using the rwm
++ overlay. Closes: #663644.
++ - Fixes a bug with ldap_result always returning -1 when called from
++ sssd. Closes: #666230.
++ - Fix a build failure on armel due to unaligned memory access.
++ Closes: #677158.
++ * Incorporate NMU (thanks, Julien Cristau, Mattias Ellert):
++ - Disable the mdb backend on non-Linux, it looks like it doesn't work
++ with linuxthreads (closes: #654824).
++ - Backport fix for shell backend configuration. Closes: #662940.
++
++ [ Peter Marschall ]
++ * debian/slapd.scripts-common: avoid grep warnings
++ * debian/patches/heimdal-fix: fix arguments of
++ hdb_generate_key_set_password(). Closes: #664930
++
++ [ Steve Langasek ]
++ * debian/patches/contrib-modules-use-dpkg-buildflags: pass CFLAGS to
++ contrib builds. Thanks to Simon Ruderich <simon@ruderich.org>.
++ Closes: #663724.
++
++ -- Steve Langasek <vorlon@debian.org> Wed, 27 Jun 2012 03:27:34 +0000
++
++openldap (2.4.28-1) unstable; urgency=low
++
++ * New upstream release.
++ - Fixes CVE-2011-4079. Closes: #647610.
++ - Fixes support for proxy authorization with SASL-GSSAPI.
++ Closes: #608815.
++ - Drop patch service-operational-before-detach, which came from upstream.
++ - Drop patch fix-its6898-locking-issue, included upstream.
++ - Refresh other patches as needed.
++ * debian/slapd.scripts-common: quote the argument to slappasswd, to cope
++ with shell characters in the string. Thanks to Nicolai Ehemann
++ <en@englightened.de> for the patch. Closes: #635931.
++ * Install ldif.h in libldap2-dev, now that it's been blessed upstream.
++ Closes: #644985.
++ * debian/patches/no-bdb-ABI-second-guessing: don't force an exact match on
++ the upstream version of libdb; this is redundant with our packaging
++ system, and causes spurious errors when there's a non-ABI-breaking
++ BDB upstream release. Closes: #651333.
++ * Build-conflict with the ancient autoconf2.13, which is incompatible with
++ dh-autoreconf. (Maybe dh-autoreconf itself should conflict with it?)
++ Closes: #651598.
++
++ [ Updated debconf translations ]
++ * Dutch, thanks to Jeroen Schot <schot@A-Eskwadraat.nl>. Closes: #651400.
++
++ -- Steve Langasek <vorlon@debian.org> Thu, 05 Jan 2012 06:07:11 +0000
++
++openldap (2.4.25-4) unstable; urgency=low
++
++ * Drop explicit depends on libdb4.8, since we're now linking against
++ libdb5.1. Thanks to Peter Marschall for catching. Closes: #621403
++ again.
++ * Rebuild against cyrus-sasl2 2.1.25. Closes: #628237.
++ * Use dh_autoreconf instead of a locally-patched autogen.sh.
++ * debian/patches/no-AM_INIT_AUTOMAKE: don't use AM_INIT_AUTOMAKE macro
++ when we aren't using automake.
++ * Convert debian/rules to dh(1).
++ * use DEB_CFLAGS_MAINT_APPEND with appropriate versioned dependency on
++ debhelper and dpkg-dev, so we can pick up dpkg-buildflags for our
++ policy-mandated flags - as well as our security-enhancing ones!
++ Closes: #644427.
++ * Also set hardening=+pie,+bindnow buildflags options for maximum
++ security, since this is a security-sensitive daemon dealing with
++ untrusted input. Ubuntu has been building with these flags for a
++ while via hardening-wrappers, so the change is presumed safe.
++ * Drop debian/check_config. The upstream configure script now enforces
++ --with-cyrus-sasl, so there's no need for a second check.
++ * debian/po/es.po: tweak an ambiguous string in the Spanish debconf
++ translation, noticed in response to a submitted Catalan translation
++ * debian/patches/switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.diff:
++ Switch to lt_dlopenadvise() so back_perl can be opened with RTLD_GLOBAL.
++ Thanks to Jan-Marek Glogowski <jan-marek.glogowski@muenchen.de> for the
++ patch. Closes: #327585.
++
++ [ Updated debconf translations ]
++ * Catalan, thanks to Innocent De Marchi <tangram.peces@gmail.com>.
++ Closes: #644274.
++
++ -- Steve Langasek <vorlon@debian.org> Tue, 18 Oct 2011 01:08:34 +0000
++
++openldap (2.4.25-3) unstable; urgency=low
++
++ * Brown paper bag: really fix the .links.in handling, so we don't generate
++ broken /usr/lib/${DEB_HOST_MULTIARCH} dirs.
++
++ -- Steve Langasek <vorlon@debian.org> Mon, 15 Aug 2011 09:50:37 +0000
++
++openldap (2.4.25-2) unstable; urgency=low
++
++ [ Matthijs Möhlmann ]
++ * Change to bdb 5.1 (Closes: #621403)
++ * Add note to ldap-utils package how to unfold lines. (Closes: #530519)
++ (Thanks to Peter Marschall and Javier Barroso)
++
++ [ Steve Langasek ]
++ * Acknowledge NMU for bug #596343; thanks to Thijs Kinkhorst for the fix!
++ * Bump to compat level 7, so we don't have to spell out debian/tmp in
++ every single .install file
++ * Build for multiarch.
++
++ -- Steve Langasek <vorlon@debian.org> Sun, 14 Aug 2011 23:17:09 -0700
++
++openldap (2.4.25-1.1) unstable; urgency=low
++
++ * Non-maintainer upload to fix RC bug.
++ * Fix "dpkg-reconfigure slapd". Closes: #596343
++
++ -- Thijs Kinkhorst <thijs@debian.org> Tue, 31 May 2011 11:57:29 +0200
++
++openldap (2.4.25-1) unstable; urgency=low
++
++ * New upstream version (Closes: #617606, #618904, #606815, #608813)
++ - Fixes CVE-2011-1024, CVE-2011-1025, CVE-2011-1081
++ - slapd server process frequently hangs during everyday usage is fixed in
++ newer versions of openldap according to the bug submitter
++ * Refresh all patches
++ * Remove manpage-tlscyphersuite-additions, applied upstream
++ * Remove issue-6534-patch, applied upstream
++ * Add Slovak translation, thanks Slavko <linux@slavino.sk> (Closes: #608699)
++ * Add debian specific patch for ldap.conf. Add TLS_CACERT option and set it
++ by default to /etc/ssl/certs/ca-certificates.crt (Closes: #555409, #616703)
++ * Add patch to fix a FTBFS with binutils-gold (Closes: #555867)
++ * Add slapschema, just hardlink it (Closes: #601569)
++ * Update patch service-operational-before-detach (Closes: #616164, #598361)
++ * Add ldif_* symbols to libldap-2.4-2
++ * Add upstream patch for a locking issue in libldap_r
++ * Fix build failure, use @SHELL@ instead of hardcoded /bin/sh (build/top.mk)
++ (Closes: #621925)
++
++ -- Matthijs Möhlmann <matthijs@cacholong.nl> Mon, 11 Apr 2011 22:10:14 +0200
++
++openldap (2.4.23-7) unstable; urgency=low
++
++ * Updated vietnamese translation, thanks Clytie Siddall
++ (Closes: #601537, #598575)
++ * Updated portuguese translation, thanks Traduz (Closes: #599760)
++ * Updated danish translation, thanks Joe Dalton (Closes: #599835)
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Sat, 06 Nov 2010 12:13:01 +0100
++
++openldap (2.4.23-6) unstable; urgency=high
++
++ * Check for an empty directory to prevent an rm -f /*. (Closes: #597704)
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Thu, 23 Sep 2010 10:17:50 +0200
++
++openldap (2.4.23-5) unstable; urgency=high
++
++ [ Steve Langasek ]
++ * High-urgency upload for RC bugfix.
++ * debian/slapd.scripts-common: fix gratuitous (and wrong) use of grep in
++ get_suffix(), which causes us to incorrectly parse any slapd.conf that
++ uses tabs instead of spaces. Closes: #595672.
++ * debian/slapd.init, debian/slapd.scripts-common: when $SLAPD_CONF is not
++ set in /etc/default/slapd, we should always set a default value, giving
++ precedence to slapd.d and falling back to slapd.conf. Users who don't
++ want to use an existing slapd.d should point at slapd.conf explicitly.
++ Closes: #594714, #596343.
++ * debian/slapd.init: 'invoke-rc.d slapd stop' should not fail due to the
++ absence of a slapd configuration; we should still exit 0 so that the
++ package can be removed gracefully. Closes: #596100.
++ * drop build-conflicts with libssl-dev; we explicitly pass
++ --with-tls=gnutls to configure, so there's no risk of a misbuild here.
++ * debian/slapd.default: now that we have a sensible default behavior in
++ both slapd.init and the maintainer scripts, leave SLAPD_CONF empty to
++ save pain later.
++ * debian/slapd.scripts-common: ... and do the same in
++ migrate_to_slapd_d_style, we just need to comment out the user's
++ previous entry instead of blowing it away.
++ * debian/slapd.scripts-common: call get_suffix in a way that lets us
++ separate responses by newlines, to properly handle the case when a
++ DN has embedded spaces. Introduces a few more stupid fd tricks to work
++ around possible problems with debconf. Closes: #595466.
++ * debian/slapd.scripts-common: when parsing the names of includes, handle
++ double-quotes and escape characters as described in slapd.conf(5).
++ Closes: #595784.
++ * debian/slapd.scripts-common, debian/slapd.postinst: on upgrade from
++ versions <= 2.4.23-4, explicitly grant access to cn=Subschema, which
++ otherwise is blocked by our added olcAccess settings. Closes: #596326.
++ * debian/slapd.init.ldif: set the acl in the default LDIF for new installs,
++ too.
++ * Likewise, grant access to dn.exact="" so that base dn autodiscovery
++ works as intended. Closes: #596049.
++ * debian/slapd.init.ldif: synchronize our behavior on new installs with
++ that on upgrades, avoiding the non-standard cn=localroot,cn=config.
++ * debian/slapd.scripts-common: don't run the migration code if slapd.d
++ already exists. Closes: #593965.
++
++ [ Matthijs Mohlmann ]
++ * Remove upgrade_supported_from_backend, implemented patch from
++ Peter Marschall <peter@adpm.de> to automatically detect if an upgrade is
++ supported. (Closes: #594712)
++
++ [ Peter Marschall ]
++ * debian/slapd.init: correctly set the slapd.conf argument even when
++ SLAPD_PIDFILE is non-empty in /etc/default/slapd. Closes: #593880.
++ * debian/slapd.scripts-common: pass -g to slapadd/slapcat, so that
++ subordinate databases aren't incorrectly included in the dump/restore of
++ the parent database. Closes: #594821.
++
++ -- Steve Langasek <vorlon@debian.org> Mon, 13 Sep 2010 06:59:11 +0000
++
++openldap (2.4.23-4) unstable; urgency=low
++
++ [ Steve Langasek ]
++ * Bump the database upgrade version check to 2.4.23-4; should have been
++ set to 2.4.23-1 when we switched to db4.8, but was missed so we need to
++ clean up. Closes: #593550.
++
++ [ Matthijs Mohlmann ]
++ * Fix root access to cn=config on upgrades from configuration style slapd.conf
++ Thanks to Mathias Gug (Closes: #593566, #593878)
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Thu, 26 Aug 2010 20:30:51 +0200
++
++openldap (2.4.23-3) unstable; urgency=low
++
++ * Configure the newly installed openldap package using slapd.d instead of
++ slapd.conf, merged from ubuntu. (Closes: #562723, #494155, #333428)
++ * Update the debconf templates by running debconf-updatepo.
++ * We do not support upgrades from older releases then lenny, so removed some
++ upgrade functions from slapd.scripts-common.
++ * Updated japanese translation, thanks Kenshi Muto (Closes: #589508)
++ * Updated czech translation, thanks Miroslav Kure (Closes: #589569)
++ * Update slapd.README.Debian and slapd.NEWS and note the new configuration
++ style.
++ * Fixes CVE-2010-0211 and CVE-2010-0212 (Closes: #589852)
++ * Update italian translation, thanks Luca Monducci (Closes: #590154)
++ * Update spanish translation, thanks Francisco Javier Cuadrado
++ (Closes: #590829)
++ * Update basque translation, thanks Iñaki Larrañaga Murgoitio
++ * Bump Standards-Version to 3.9.1
++ * Added debian specific patch to wait until slapd is operational before
++ detaching to the terminal (Closes: #589915)
++ * Add a lintian overrides for libldap.
++ * Empty dependency_libs line in .la files. (Closes: #591550)
++ * Update galician translation, thanks Jorge Barreiro (Closes: #592815)
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Tue, 17 Aug 2010 22:00:16 +0200
++
++openldap (2.4.23-2) unstable; urgency=medium
++
++ * Depend on libdb4.8 >= 4.8.30 (Closes: #588969)
++ * Urgency previous as previous version fixes a RC bug.
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Wed, 14 Jul 2010 10:17:27 +0200
++
++openldap (2.4.23-1) unstable; urgency=low
++
++ * New upstream version
++ * Change to build dependency libdb4.8-dev instead of libdb4.7-dev
++ * Updated french translation thanks Christian Perrier (Closes: #579192)
++ * Updated swedish translation thanks Martin Bagge (Closes: #580145)
++ * Updated german translation thanks Helge Kreutzmann (Closes: #579582)
++ * Updated russian translation thanks Yuri Kozlov (Closes: #585688)
++ * Fix bashisms in debian/rules (Closes: #581454)
++ * Add documentation patch (Closes: #513270)
++ * Refreshed all quilt patches.
++ * Bump Standards-Version to 3.9.0
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Mon, 12 Jul 2010 13:25:00 +0200
++
++openldap (2.4.21-1) unstable; urgency=low
++
++ [ Steve Langasek ]
++ * New upstream version
++ (Closes: #561144, #465024, #502769, #528695, #564686, #504728)
++ * Add upstream manpage for ldapexop; thanks to Peter Marschall
++ <peter@adpm.de>. Closes: #549291.
++
++ [ Matthijs Mohlmann ]
++ * Ack NMU (Closes: #553432)
++ * Update Standards-Version to 3.8.4
++ * Fix NEWS entry to have the correct version number
++ * Improve the wording for the slapd/invalid_config question (Closes: #452834)
++ * Make lintian a bit more happy (Closes: #518660)
++ * Fix bashism (Closes: #518657)
++ * Refresh all patches
++ * Add patch from upstream (Closes: #549642)
++ * Reworked the configure.options a bit to include some more options
++ * Enable dynamic acls
++ * Use slappasswd to create a secure password (Closes: #490930)
++ * Set a rootdn and rootpw if no password is given by debconf (Closes: #231950)
++ * Better document the TLSCipherSuite in slapd.conf manpage (Closes: #563113)
++ * Better document the TLS_CIPHER_SUITE in ldap.conf manpage (Closes: #510346)
++ * Add smbk5pwd slapd module, used patch from Mark Hymers (Closes: #443073)
++ * Add autogroup slapd module, used patch from Mathieu Parent (Closes: #575900)
++ * Add lsb logging, used patch from David Härdeman (Closes: #385898)
++ * Use dh_lintian to install the lintian-overrides
++ * Added critical error report when slapcat fails (Closes: #226090)
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Thu, 22 Apr 2010 23:40:30 +0200
++
++openldap (2.4.17-2.1) unstable; urgency=high
++
++ * Non-maintainer upload by the Security Team.
++ * Fixed CVE-2009-3767: libraries/libldap/tls_o.c doesn't properly handle NULL
++ character in subject Common Name (Closes: #553432)
++
++ -- Giuseppe Iuculano <iuculano@debian.org> Tue, 10 Nov 2009 19:09:45 +0100
++
++openldap (2.4.17-2) unstable; urgency=low
++
++ * Fix up the lintian warnings:
++ - add missing misc-depends on all packages
++ - slapd, libldap-2.4-2-dbg sections changed to 'debug' to match archive
++ overrides
++ - bump Standards-Version to 3.8.2, no changes required.
++ * slapd.scripts-common: fix upgrade to correctly handle multiple database
++ declarations; thanks, Peter Marschall <peter@adpm.de>! Closes: #517556
++ * Add 'status' argument to init script; thanks to Peter Eisentraut
++ <petere@debian.org>. Closes: #545898.
++ * New patch, do-not-second-guess-sonames, to remove an incorrect check for
++ the Cyrus SASL version number at runtime. If there's any reason this is
++ needed, it needs to be addressed in the cyrus-sasl soname and Debian
++ shlibs, not here. Closes: #546885.
++
++ -- Steve Langasek <vorlon@debian.org> Tue, 22 Sep 2009 20:06:34 -0700
++
++openldap (2.4.17-1) unstable; urgency=low
++
++ * New upstream version.
++ - Fixes FTBFS on ia64 with -fPIE. Closes: #524770.
++ - Fixes some TLS issues with GnuTLS. Closes: #505191.
++ * Update priority of libldap-2.4-2 to match the archive override.
++ * Add the missing ldapexop and ldapurl tools to ldap-utils, as well as the
++ ldapurl(1) manpage. Thanks to Peter Marschall for the patch.
++ Closes: #496749.
++ * Bump build-dependency on debhelper to 6 instead of 5, since that's
++ what we're using. Closes: #498116.
++ * Set the default SLAPD_SERVICES to ldap:/// ldapi:///, instead of using
++ the built-in default of ldap:/// only.
++ * Build-depend on libltdl-dev | libltdl3-dev (>= 1.4.3), for the package
++ name change. Closes: #522965.
++
++ [ Updated debconf translations ]
++ * Spanish, thanks to Francisco Javier Cuadrado <fcocuadrado@gmail.com>.
++ Closes: #521804.
++
++ -- Steve Langasek <vorlon@debian.org> Tue, 28 Jul 2009 10:17:15 -0700
++
++openldap (2.4.15-1) unstable; urgency=low
++
++ * New upstream version
++ - Fixes a bug with the pcache overlay not returning cached entries
++ (closes: #497697)
++ - Update evolution-ntlm patch to apply to current Makefiles.
++ - (tentatively) drop gnutls-ciphers, since this bug was reported to be
++ fixed upstream in 2.4.8. The fix applied in 2.4.8 didn't match the
++ patch from the bug report, so this should be watched for regressions.
++ * Build against db4.7 instead of db4.2 at last! Closes: #421946.
++ * Build with --disable-ndb, to avoid a misbuild when libmysqlclient is
++ installed in the build environment.
++ * Add -D_GNU_SOURCE to CFLAGS, apparently required for building with
++ current headers in unstable
++
++ -- Steve Langasek <vorlon@debian.org> Tue, 24 Feb 2009 14:27:35 -0800
++
++openldap (2.4.11-1) unstable; urgency=low
++
++ * New upstream version (closes: #499560).
++ - Fixes a crash with syncrepl and delcsn (closes: #491066).
++ - Fix CRL handling with GnuTLS (closes: #498410).
++ - Drop patches no_backend_inter-linking,
++ CVE-2008-2952_BER-decoding-assertion, and gnutls-ssf, applied
++ upstream.
++
++ [ Russ Allbery ]
++ * New patch, back-perl-init, which updates the calling conventions
++ around initialization and shutdown of the Perl interpreter to match
++ the current perlembed recommendations. Fixes probable hangs on HPPA
++ in back-perl. Thanks, Niko Tyni. (Closes: #495069)
++
++ [ Steve Langasek ]
++ * Drop the conflict with libldap2, which is not the standard means of
++ handling symbol conflicts in Debian and which causes serious upgrade
++ problems from etch. Closes: #487211.
++
++ -- Steve Langasek <vorlon@debian.org> Sat, 11 Oct 2008 01:53:55 -0700
++
++openldap (2.4.10-3) unstable; urgency=low
++
++ [ Steve Langasek ]
++ * New patch, CVE-2008-2952_BER-decoding-assertion, to fix a remote DoS
++ vulnerability in the BER decoder. Addresses CVE-2008-2952,
++ closes: #488710.
++ * debian/slapd.scripts-common, debian/slapd.postinst: drop
++ update_path_argsfile_pidfile function, not needed for updates from etch
++ or newer.
++ * Drop the code to check for and upgrade ldbm databases. The etch
++ release of slapd had already dropped support for them and direct
++ upgrades from sarge are not supported.
++
++ [ Russ Allbery ]
++ * Apply upstream patch to convert GnuTLS cipher strength from bytes to
++ bits, as expected by OpenLDAP. (Closes: #473796)
++ * Add Build-Depends on time, used by the test suite and only a shell
++ built-in with bash. Thanks, Daniel Schepler. (Closes: #490754)
++ * Refresh all patches, convert all patches to -p1, and remove extraneous
++ Index: lines. (Closes: #485263)
++ * Unless DFSG_NONFREE is set, also check whether the upstream schemas
++ with RFC comments are included.
++ * Update standards version to 3.8.0.
++ - Include debian/README.source pointing to the quilt README.source.
++ - Wrap Uploaders for readability.
++ * Wrap slapd's Depends for readability.
++
++ [ Updated debconf translations ]
++ * Swedish, thanks to Martin Ågren <martin.agren@gmail.com>.
++ Closes: #492748.
++
++ -- Steve Langasek <vorlon@debian.org> Mon, 28 Jul 2008 15:26:06 -0700
++
++openldap (2.4.10-2) unstable; urgency=low
++
++ * Support DEB_BUILD_OPTIONS=nocheck to disable running the test suite at
++ build time
++ * Hack around glibc behavior when resolving localhost, by exporting
++ RESOLV_MULTI=off when invoking the test suite
++ * Reclaim the 'openldap' source package name; openldap2.3 has been a
++ misnomer for some time, causing undue confusion, so switch to a
++ permanent source package name that we won't need to change again later.
++ - Along the way, kill off non-DFSG-compliant schema files that snuck
++ back into the archive due to my bad merge of 2.4.10.
++
++ -- Steve Langasek <vorlon@debian.org> Sun, 06 Jul 2008 22:03:32 -0700
++
++openldap2.3 (2.4.10-1) unstable; urgency=low
++
++ [ Steve Langasek ]
++ * New upstream release.
++ - Clean up ld_defconn if it was freed, fixing an assertion failure in
++ various clients. Closes: #469232.
++ - Fixes slapd syncrepl hang on back-config. Closes: #471253.
++ - Drop patch hurd-path-max, integrated upstream.
++ * Drop spurious build-dependency on heimdal-dev, introduced accidentally
++ as part of an aborted attempt to build the smbk5pwd overlay.
++ * Use hardlinks instead of symlinks for the various slap* commands; this
++ is functionally equivalent for us, and reduces divergence from
++ derivatives such as Ubuntu that use apparmor. Closes: #488409.
++ * New patch, no_backend_inter-linking, to fix the meta backend to not
++ try to look up symbols in external objects (back_ldap) that it
++ doesn't link against.
++ * Turn on 'make test' during builds, now that back_meta is fixed.
++
++ [ Matthijs Mohlmann ]
++ * All manpages in category 5 were missing, wrong directory.
++ (Closes: #474976, #483631, #483633)
++
++ -- Steve Langasek <vorlon@debian.org> Mon, 30 Jun 2008 04:28:34 -0700
++
++openldap2.3 (2.4.9-1) unstable; urgency=low
++
++ [ Updated debconf translations ]
++ * French, thanks to Christian Perrier <bubulle@debian.org>.
++ Closes: #471792.
++ * Finnish, thanks to Esko Arajärvi <edu@iki.fi>. Closes: #475238.
++ * Czech, thanks to Miroslav Kure <kurem@upcase.info.upol.cz>.
++ Closes: #480138.
++ * Basque, thanks to Piarres Beobide <pi+debian@beobide.net>.
++ Closes: #480177.
++ * Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au>.
++ Closes: #480181.
++ * Galician, thanks to Jacobo Tarrio <jtarrio@trasno.net>. Closes: #480218.
++ * Japanese, thanks to Kenshi Muto <kmuto@debian.org>. Closes: #480247.
++ * Italian, thanks to Luca Monducci <luca.mo@tiscali.it>. (Closes: #477718)
++ * Brazilian Portuguese, thanks to Eder L. Marques <eder@edermarques.net>
++ (Closes: #480172)
++ * Portuguese, thanks to Tiago Fernandes <tjg.fernandes@gmail.com>
++ (Closes: #481126)
++ * Russian, thanks to Yuri Kozlov <kozlov.y@gmail.com> (Closes: #481214)
++ * Dutch, thanks to "cobaco (aka Bart Cornelis)" <cobaco@skolelinux.no>.
++ Closes: #483014.
++
++ [ Matthijs Mohlmann ]
++ * New upstream release.
++ - Bad entryUUID no longer crashes slapd. (Closes: #471867)
++ - Fix assertion failure in some modify operations. (Closes: #474161)
++ - Mention index in slapd.conf's man page. (Closes: #414650)
++ - Fixes to slapd include handling. (Closes: #457261)
++ - Fix syncrepl cookie truncation. (Closes: #464024)
++ - Fix memory allocation in ldap_parse_page_control. (Closes: #464877)
++ - Fix slapd crash when accessed by multiple threads. (Closes: #479237)
++ * Acknowledge NMU.
++ (Closes: #474976, #471225, #475856, #474652, #465875)
++ * Bump Standards-Version to 3.7.3
++ * Add versioned build dependency on libgnutls-dev (Closes: #466558)
++ * Bump debhelper compat level to 6.
++
++ [ Russ Allbery ]
++ * Use MAXPATHLEN rather than PATH_MAX, since OpenLDAP defines the
++ former and the latter isn't defined on GNU Hurd. Thanks, Samuel
++ Thibault. (Closes: #475744)
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Mon, 26 May 2008 22:34:16 +0200
++
++openldap2.3 (2.4.7-6.3) unstable; urgency=low
++
++ * Non-maintainer upload.
++ * Install all slapd relevant manpages into slapd package.
++ (closes: #474976)
++ * Make libldap-2.4-2 conflict against libldap2. (closes: #475856)
++
++ -- Bastian Blank <waldi@debian.org> Tue, 29 Apr 2008 18:00:23 +0200
++
++openldap2.3 (2.4.7-6.2) unstable; urgency=low
++
++ * Non-maintainer upload to solve release goal issues.
++ * Add LSB dependency header to init.d scripts (Closes: #474652)
++
++ -- Petter Reinholdtsen <pere@debian.org> Wed, 16 Apr 2008 08:04:49 +0200
++
++openldap2.3 (2.4.7-6.1) unstable; urgency=high
++
++ * Non-maintainer upload by security team.
++ * Fix possible remote denial of service vulnerability in the BDB backend
++ via a modrdn operation with a NOOP control
++ (CVE-2008-0658; Closes: #465875).
++
++ -- Nico Golde <nion@debian.org> Tue, 04 Mar 2008 14:34:44 +0100
++
++openldap2.3 (2.4.7-6) unstable; urgency=low
++
++ [ Updated debconf translations ]
++ * Dutch, thanks to Bart Cornelis <cobaco@skolelinux.no>. Closes: #452950.
++ * Brazilian Portuguese, thanks to Eder L. Marques <frolic@debian-ce.org>.
++ Closes: #463460.
++ * German, thanks to Helge Kreutzmann <debian@helgefjell.de>.
++ Closes: #465784.
++
++ [ Steve Langasek ]
++ * Relax build-dependency on libsasl2-dev now that the versioned dependency
++ is satisfied by all extant versions (including in oldstable), fixing a
++ lintian warning about versioned build-deps on Debian revisions.
++ * Avoid using a mutex around getaddrinfo() and getnameinfo() calls, which
++ are guaranteed by glibc to be threadsafe; this fixes a deadlock when
++ using nss_ldap for host lookups. Closes: #340601.
++ * debian/libldap2-dev.manpages: install all of man3/* instead of
++ enumerating specific manpages to install. Closes: #320073.
++ * Add new patch, sasl-cleartext-strncasecmp, to correct a regression that
++ prevented the use of the {CLEARTEXT} password scheme with SASL.
++ Closes LP: #191563.
++ * drop LGPL from debian/copyright; there is no longer any code under this
++ license in the package.
++ * Drop patch gnutls-altname-nulterminated; it's been determined that the
++ "length" discrepancy was a bug in gnutls, and fixed in that package.
++ * debian/configure.options: explicitly pass --with-odbc=unixodbc, so
++ that we depend on the right ODBC implementation when both happen to
++ be installed at build time.
++
++ [ Russ Allbery ]
++ * Add a stamp file for the configure rule to avoid rerunning configure
++ needlessly. Closes: #465588.
++ * Don't create the openldap user if slapd has been configured to run as
++ a different user. If slapd has been configured to run as openldap, do
++ create the user on reconfigure. Closes: #452438.
++ * Reformat, reorganize, and update slapd's README.Debian.
++ - Include SASL configuration information.
++ - Remove LDBM information, since upstream no longer even ships LDBM
++ and the debconf prompting and maintainer scripts already take care
++ of any lingering databases.
++ - Document the differences between the Debian OpenLDAP packages and
++ upstream.
++
++ -- Steve Langasek <vorlon@debian.org> Thu, 28 Feb 2008 22:15:17 -0800
++
++openldap2.3 (2.4.7-5) unstable; urgency=low
++
++ [ Updated debconf translations ]
++ * Finnish, thanks to Esko Arajärvi <edu@iki.fi>. Closes: #462688.
++ * Galician, thanks to Jacobo Tarrio <jtarrio@trasno.net>. Closes: #462987.
++ * French, thanks to Christian Perrier <bubulle@debian.org>.
++ Closes: #463149.
++ * Russian, thanks to Yuri Kozlov <kozlov.y@gmail.com>. Closes: #463442.
++ * Czech, thanks to Miroslav Kure <kurem@debian.cz>. Closes: #463472.
++ * German, thanks to Helge Kreutzmann <debian@helgefjell.de>.
++ Closes: #464718.
++
++ [ Steve Langasek ]
++ * Fix various regressions related to the introduction of GnuTLS:
++ - Add new patch, gnutls-ciphers, to fix support for specifying multiple
++ ciphers with TLSCipherSuite option in slapd.conf. Thanks to Kyle
++ Moffett <kyle@moffetthome.net> for the patch. Closes LP: #188200.
++ - Add new patch, slapd-tlsverifyclient-default, to set the intended
++ default value of "TLSVerifyClient never" in the right place.
++ - Add new patch, gnutls-altname-nulterminated, to account for differences
++ in how the "length" is returned for commonName vs. subjectAltName.
++ - Comment out TLSCipherSuite settings on upgrade from all versions prior
++ to 2.4.7-5, and throw a debconf error to the user notifying them of
++ this, since all OpenSSL cipher suite values are incompatible with
++ GnuTLS.
++ Closes: #462588.
++ * Add new patch from upstream, entryCSN-backwards-compatibility, to support
++ auto-converting entryCSN attributes in a previously supported old format,
++ fixing an upgrade failure. Closes: #462099.
++ * Use --retry TERM/10 instead of --retry 10 when stopping slapd, since the
++ latter resorts to a SIGKILL and may corrupt backend data; whereas the
++ former will exit non-zero if slapd is still running but won't directly
++ cause data-loss. Thanks to Mark McDonald for the patch. LP: #92139.
++ * Fix manpage symlinks in libldap2-dev; thanks to Reuben Thomas for
++ reporting. Closes: #463971.
++ * Fix a superfluous space in the debconf templates, due to a trailing space
++ in the templates. Closes: #464719.
++
++ -- Steve Langasek <vorlon@debian.org> Sat, 09 Feb 2008 14:25:55 -0800
++
++openldap2.3 (2.4.7-4) unstable; urgency=high
++
++ [ Steve Langasek ]
++ * Build-conflict with libicu-dev, for consistent dependencies in all
++ build environments.
++ * Fix an oversight in the checkpoint migration, which caused the checkpoint
++ option to not be moved far enough down. Closes: #462304, LP: #185257.
++ * Build-depend on unixodbc instead of iODBC.
++
++ [ Updated debconf translations ]
++ * Japanese, thanks to Kenshi Muto <kmuto@debian.org>. Closes: #462191.
++
++ -- Steve Langasek <vorlon@debian.org> Fri, 25 Jan 2008 02:17:23 -0800
++
++openldap2.3 (2.4.7-3) unstable; urgency=low
++
++ * Add missing build-dependency on groff-base, to allow use of soelim during
++ build.
++
++ -- Steve Langasek <vorlon@debian.org> Mon, 21 Jan 2008 15:18:27 -0800
++
++openldap2.3 (2.4.7-2) unstable; urgency=low
++
++ * Temporarily drop slapi-dev from the package to get through NEW; this
++ functionality should be readded later, either by restoring the slapi-dev
++ package or by moving it to libldap2-dev, depending on the outcome of
++ discussion with the ftp-masters.
++
++ -- Steve Langasek <vorlon@debian.org> Mon, 21 Jan 2008 06:13:21 -0800
++
++openldap2.3 (2.4.7-1) unstable; urgency=low
++
++ [ Steve Langasek ]
++ * New upstream version; closes: #449354.
++ - remove another schema from upstream source, collective.schema,
++ that contains text from the IETF RFCs and include a stripped copy
++ in debian/schema.
++ - drop patches slurpd-in-spool and man-slurpd, since slurpd is no
++ longer provided upstream.
++ - libldap2.3-0 is now libldap2.4-2
++ - build libldap2-dev from this source package now, superseding
++ openldap2; closes: #428385, #260118, #262539, #391899, #393215.
++ - lastmod and denyop have been moved to contrib upstream and are no
++ longer shipped as supported overlays
++ - drop dependency on libldap2 and take ownership of the
++ /etc/ldap/ldap.conf conffile, since libldap2 is now obsolete
++ - need to dump and reload databases again for the upgrade from 2.3.39.
++ - ldap_init(3) no longer attempts to document the internals of the
++ LDAP opaque type. Closes: #320072.
++ - ldap-utils utilities find LDAP servers via SRV records when given a
++ URL with -H and no host in the URL. Closes: #221173.
++ - if the old slapd.conf included any replica commands, automatically
++ enable syncprov for the corresponding database and print an error
++ with debconf.
++ * slapd.conf and DB_CONFIG are used in the postinst, they shouldn't be
++ shipped under doc/examples because /usr/share/doc can't be depended
++ on per policy; ship the files under /usr/share/slapd and symlink the
++ /other/ way, which also spares us from dh_compress trying to gzip
++ slapd.conf. Closes: #452749.
++ * Drop libldap.so as was done for libldap2, making it a link to
++ libldap_r.so to avoid unfortunate symbol collisions.
++ * Add new patch, libldap-symbol-versions, to build libldap and liblber
++ with symbol versions; needed to avoid segfaults when applications
++ manage to pull both libldap2 and the new libldap-2.4-2 into the same
++ process (as during a partial upgrade or the initial soname
++ transition), and also when the library soname changes again in the
++ future (as it's likely to do).
++ * Reintroduce add-autogen-sh patch, with build deps on libtool, automake,
++ and autoconf, required due to the previous patch; this time around, take
++ care to clean up the autogenerated files in the clean target as well
++ * Build-depend on libgnutls-dev instead of on libssl-dev, so that at long
++ last we can build the server and lib from the same source package again
++ without licensing problems. Closes: #457182, #407334, #428468, #381788.
++ Closes: #412706.
++ * slapd.prerm, slapd.postinst: drop no-longer-needed upgrade code for
++ openldap < 2.1.22
++ * Ask about ldbm to bdb migration in the preinst, since there is no
++ guarantee that the debconf config script will be run before the unpack
++ phase.
++ * Don't stop slapd in the preinst by hand, the prerm already stops the
++ old slapd using the standard interfaces.
++ * Don't build with LAN Manager password support; these passwords are more
++ insecure than traditional Unix crypt, and only relevant when talking to
++ Windows 98.
++ * Move libslapi into the slapd package and provide a virtual package for
++ library dependencies, since this is expected to stay lockstep with the
++ server.
++ * Split slapi dev support into a new libslapi-dev package, as this is
++ unrelated to libldap; and drop libslapi.a since it would be insane to try
++ to statically link a dynamically-loaded slapi plugin.
++ * "checkpoint" directives are no longer supported as part of the backend
++ config, only as part of the database config; move the lines around in
++ slapd.conf on upgrade.
++ * "schemacheck" directives are no longer supported; comment them out
++ on upgrade since this option was set by default in sarge.
++ * Package description updates; thanks to Christian Perrier
++ <bubulle@debian.org> and the Smith review project for these
++ improvements.
++ * Incorporate debconf template changes suggested by the debian-l10n-english
++ team as part of the Smith review project. Closes: #447224.
++
++ [ Russ Allbery ]
++ * Removed fix_ldif and all remaining code to try running it on LDIF
++ dumps. Schema checking has been imposed since 2.1 and it's highly
++ unlikely that anyone still needs this.
++ * Move the checkpoint directive in the default slapd.conf below the
++ database and suffix directives for the primary database. This is now
++ required for OpenLDAP 2.4.
++ * Create /etc/ldap/slapd.conf owned by the openldap group and mode 640
++ by default so that slapindex and friends can read it when run as the
++ openldap user. Fix permissions on upgrade if slapd.conf is owned by
++ root and mode 600. Closes: #432662.
++ * Drop slapd patch to read slapd.conf before dropping privileges, since
++ slapd.conf should now be readable by SLAPD_GROUP.
++ * If SLAPD_CONF is set to a directory in /etc/default/slapd, assume
++ the cn=config backend is used and start slapd with the appropriate
++ options. Based on a patch from Mike Burr. Closes: #411413.
++ * Rework slapd's README.Debian:
++ - Document the BerkeleyDB version. Closes: #438127.
++ - Document how to direct slapd's logs to another file. Closes: #258931.
++ - Remove obsolete information about TLS/SSL and OpenLDAP 2.0 upgrades.
++ - Recommend HDB instead of BDB.
++ - Generally reformat and reorganize.
++ * Patch cleanup:
++ - Combine the NTLM patches for Evolution into a single patch.
++ - Add explanatory comments to every patch.
++ - Refresh all patches to remove diff garbage and trailing whitespace.
++ * debian/rules cleanup:
++ - Fix patch dependencies for parallel build (hopefully).
++ - Tell configure the system type.
++ - Rewrite upstream_strip_nondfsg.sh as a get-orig-source target.
++ - Remove stamp files as the first step of the clean target.
++ - Add trivial build-arch and build-indep targets.
++ - Remove dead code and unnecessary comments.
++ * Remove postrm code to delete /var/lib/slapd/upgrade* flag files. We
++ haven't used those since the 2.1 upgrade.
++ * Update Vcs-* headers for new repository layout.
++ * Remove versioned dependency on an ancient dpkg-dev.
++ * Wrap and reorder Build-Depends for readability.
++
++ [ Updated debconf translations ]
++ * Czech, thanks to Miroslav Kure <kurem@debian.cz>. Closes: #458215.
++ * German, thanks to Helge Kreutzmann <debian@helgefjell.de>.
++ Closes: #452833.
++ * Spanish
++ * Finnish, thanks to Esko Arajärvi <edu@iki.fi>. Closes: #448061.
++ * French, thanks to Christian Perrier <bubulle@debian.org>.
++ Closes: #452632.
++ * Galician, thanks to Jacobo Tarrio <jtarrio@trasno.net>.
++ Closes: #451158.
++ * Italian, thanks to Luca Monducci <luca.mo@tiscali.it>. Closes: #449442.
++ * Japanese, thanks to Kenshi Muto <kmuto@debian.org>. Closes: #451325.
++ * Dutch, thanks to Bart Cornelis <cobaco@skolelinux.no>. Closes: #448935.
++ * Brazilian Portuguese
++ * Portuguese, thanks to Tiago Fernandes <tjg.fernandes@gmail.com>.
++ Closes: #453341.
++ * Russian, thanks to Yuri Kozlov <kozlov.y@gmail.com>. Closes: #453318.
++ * Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au>.
++ Closes: #453411.
++
++ -- Steve Langasek <vorlon@debian.org> Mon, 21 Jan 2008 04:58:24 -0800
++
++openldap2.3 (2.3.39-1) unstable; urgency=medium
++
++ * Medium severity due to denial of service fix.
++ * New upstream release.
++ - CVE-2007-5708: Fix remote denial of service attack in slapo-pcache
++ (the overlay for proxy caching). (Closes: #448644)
++ - Multiple additional more minor bug fixes.
++ * Document in the default slapd.conf that dbconfig options only generate
++ the DB_CONFIG file on first slapd start and have no effect afterwards
++ unless DB_CONFIG is removed. (Closes: #442191)
++ * Inline the checkpoint and BerkeleyDB backend settings in the default
++ slapd.conf rather than generating them dynamically in postinst. All
++ the allowable default database choices are now BerekelyDB variants and
++ will probably continue to be so for the forseeable future, and this is
++ easier to maintain.
++ * Drop debconf questions, warnings, and maintainer script functions
++ dealing with upgrades from OpenLDAP 2.1, which is now too hold for
++ supported direct upgrades. (Closes: #444806)
++ * Add a watch file. Thanks, Fernando Ribeiro. (Closes: #435290)
++ * Add Homepage, Vcs-Svn, and Vcs-Browser control fields.
++
++ -- Russ Allbery <rra@debian.org> Mon, 12 Nov 2007 16:00:47 -0800
++
++openldap2.3 (2.3.38-1) unstable; urgency=low
++
++ [ Steve Langasek ]
++ * Drop debian/patches/use-lpthread, which is no longer needed on mips*
++ because gcc has been fixed.
++ * Drop debian/patches/add-autogen-sh, also no longer needed now that
++ the above patch is gone.
++
++ [ Matthijs Mohlmann ]
++ * Fix bashism in initscript. (Closes: #428883)
++ * Drop upstream patches ITS4924, ITS4925 and ITS4966.
++ * Add patch for objectClasses which causes slapd to crash. (Closes: #440632)
++ - CVE-2007-5707.
++ - Upstream bug ITS5119.
++ * Change default loglevel to none, to log high priority messages.
++ (Closes: #442000)
++ * Tighten up the build dependencies, now that autogen patch is removed.
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Mon, 17 Sep 2007 22:58:54 +0200
++
++openldap2.3 (2.3.35-2) unstable; urgency=low
++
++ * Enable LAN Manager password support in slapd. (Closes: #245341)
++ * If automatic configuration is selected and slapd.conf doesn't exist
++ during an upgrade, treat this as a fresh installation rather than
++ aborting with an error. Also try to provide a better error message if
++ the user has deleted /etc/ldap/schema but we just generated a new
++ configuration that references it. These cases can occur if someone
++ removes (rather than purges) the package, manually deletes /etc/ldap,
++ and then reinstalls. (Closes: #205010)
++ * Don't fail in slapd's postrm if /etc/ldap/schema has already been
++ deleted.
++ * Remove slapd conflicts with libbind-dev and bind-dev. There no longer
++ appears to be anything in those packages that would break slapd's
++ resolver. (Closes: #225896)
++ * Add libldap-2.3-0-dbg and slapd-dbg packages with detached debugging
++ information.
++ * db_recover is no longer required after changing DB_CONFIG; slapd now
++ detects changes itself and does the right thing. Also note in
++ README.DB_CONFIG the existence of the dbconfig slapd.conf parameter
++ and slapd's DB_CONFIG writing support. (Closes: #412575)
++ * Add options to /etc/default/slapd to let the system administrator tell
++ the init script to not start slapd on boot. (Closes: #254999)
++ * Redirect fd 3 to /dev/null in the slapd init script for additional
++ robustness when debconf is running. (Closes: #227482)
++ * Add to /etc/default/slapd a commented-out example of how to change the
++ keytab file used for GSSAPI authentication. (Closes: #412017)
++ * Use variables in /etc/init.d/slapd for the paths to slapd and slurpd
++ so that someone who really wants to can override them in
++ /etc/default/slapd. (Closes: #403948)
++ * Allow people building packages for outside Debian to skip the checks
++ for non-DFSG-free material by setting a variable. Thanks, Peter
++ Marschall. (Closes: #427245)
++ * Remove duplicate libldap-2.3-0 dependencies. (Closes: #408987)
++ * Use binary:Version instead of Source-Version for the tight
++ dependencies between slapd and ldap-utils and libldap-2.3-0.
++
++ -- Russ Allbery <rra@debian.org> Mon, 11 Jun 2007 20:26:26 -0700
++
++openldap2.3 (2.3.35-1) unstable; urgency=low
++
++ * New upstream release with many bug fixes.
++ - Allow syncprov to follow aliases. (Closes: #422087)
++ * Apply upstream patches:
++ - ITS#4924: client crash on incorrectly tagged result from server.
++ - ITS#4925: NOOP modify with BDB backend crashed slapd.
++ - ITS#4966: Delete of valsort-controlled entries crashed slapd.
++ * Enable SLAPI support. (Closes: #390954)
++ * Re-enable use of the epoll system call since Debian no longer supports
++ 2.4 kernels. This means that the OpenLDAP packages will not work on
++ pre-2.6 kernels.
++ * Remove schema files that contain text from IETF RFCs from the upstream
++ source since that text is not DFSG-free. Instead, install stripped
++ versions of those schema files containing only the functional
++ interface specifications, a comment explaining why this is needed, and
++ a pointer to the relevant RFC. (Closes: #361846)
++ * Document the repackaging of the upstream source in debian/copyright.
++ * Update config.guess and config.sub during the build instead of in the
++ clean target and remove them in the clean target for a clean diff.
++ Build-depend on autotools-dev so that we can unconditionally copy over
++ the latest versions.
++ * Added commentary and upstream ITS numbers for several patches
++ applicable upstream.
++ * Use debian/compat rather than the deprecated DH_COMPAT rules setting.
++ * Update to debhelper compatibility level V5 (no changes required).
++
++ -- Russ Allbery <rra@debian.org> Wed, 30 May 2007 22:42:28 -0700
++
++openldap2.3 (2.3.30-5) unstable; urgency=low
++
++ [ Steve Langasek ]
++ * Add Portuguese debconf translation; thanks to Tiago Fernandes.
++ Closes: #409632.
++ * Re-add .la files to the slapd package, for greater compatibility
++ with upstream documentation.
++
++ [ Russ Allbery ]
++ * When starting slapd, create a symlink from /var/run/ldapi to
++ /var/run/slapd/ldapi for compatibility with 2.1 client libraries.
++ Closes: #385809.
++ * Apply upstream patch to prevent a race condition in slapd when
++ shutting down connections.
++ * Update the Brazilian Portuguese debconf translation; thanks to Felipe
++ Augusto van de Wiel.
++
++ -- Russ Allbery <rra@debian.org> Thu, 8 Mar 2007 18:21:02 -0800
++
++openldap2.3 (2.3.30-4) unstable; urgency=low
++
++ * Ok, argh, it helps to check that the function being re-added to the
++ preinst hasn't been removed again from the common include. Re-add
++ break_on_ldbm_to_bdb_migration_disagree, because by all appearances
++ we /should/ be using this in the preinst. Closes: #411474.
++
++ -- Steve Langasek <vorlon@debian.org> Mon, 19 Feb 2007 03:55:22 -0800
++
++openldap2.3 (2.3.30-3) unstable; urgency=medium
++
++ [ Matthijs Mohlmann ]
++ * Added spanish translation. (Closes: #404250)
++ * Documentation updates backported from upstream.
++ * Fix a security bug in kerberos kbind code. (Only used when enabling with
++ --enable-kbind option) But better safe then sorry.
++ * Backported a mem leak fix on failed binds.
++ * Added patch from upstream that fixes a memory leak in ACLs that use sets.
++
++ [ Steve Langasek ]
++ * *Really* abort in preinst if the user doesn't accept the upgrade
++ from ldbm to bdb. Closes: #392747.
++ * Set the name of debian/slapd.NEWS right so that it gets
++ installed in the binary package. Closes: #409923.
++ * Add Russian debconf translation; thanks to Yuri Kozlov.
++ Closes: #405706.
++ * Add Galician debconf translation; thanks to Jacobo Tarrio.
++ Closes: #407267.
++
++ -- Steve Langasek <vorlon@debian.org> Sun, 18 Feb 2007 16:47:16 -0800
++
++openldap2.3 (2.3.30-2) unstable; urgency=low
++
++ * Make sure that the pidfile directory doesn't exist in the init script.
++ (Closes: #402705)
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Tue, 12 Dec 2006 21:34:44 +0100
++
++openldap2.3 (2.3.30-1) unstable; urgency=low
++
++ * New upstream release.
++ - Fixed authzTo/authzFrom URL matching.
++ - Fixed syncrepl consumer memory leaks.
++ - Fixed slapd-hdb livelock.
++ - Fixed slapo-ppolicy external quality check.
++ - Fixed ldapsearch(1) man page acknowledgement.
++ * Added patch to make sure that the pidfile directory exists.
++ (Closes: #390337)
++ * Do not ask the question allow ldap v2 logins when user wants manual
++ configuration. (Closes: #401003)
++ * Add patch to look also in /etc/ldap/sasl2 for sasl configuration.
++ (Closes: #398657)
++ * Removed db4.2-util recommend, the slapd binary includes checking code to
++ fix DB errors.
++ * Updated README in schema directory. It doesn't list collective.schema
++ anymore. (Closes: #287358)
++ * Updated manpages to point to right paths. (Closes: #398790)
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Sat, 9 Dec 2006 20:50:58 +0100
++
++openldap2.3 (2.3.29-1) unstable; urgency=medium
++
++ [ Matthijs Mohlmann ]
++ * New upstream release.
++ - Fixes Denial of Service through a certain combination of LDAP BIND
++ requests (CVE-2006-5779) (Closes: #397673)
++ * LSB section added to the init script.
++ * Updated README.Debian about running as non-root user (Closes: #389369)
++ * Updated de translation (Closes: #396096)
++ * Added some documentation / warning when running slapindex as root.
++ * Remove drafts and rfc from the tarball. (Closes: #393404)
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Sat, 11 Nov 2006 11:24:42 +0100
++
++openldap2.3 (2.3.27-1) unstable; urgency=low
++
++ [ Matthijs Mohlmann ]
++ * New upstream release.
++ * pidfile location is changed 3 years ago, when people are upgrading from
++ back then they have a broken slapd because the openldap user is not able
++ to write to /var/run. (Closes: #380687)
++ * Patches by Quanah Gibson-Mount <quanah@stanford.edu>
++ - Fix one time memleak on startup in the accesslog db.
++ * Changed priority of libldap-2.3-0 to optional as it is only used by slapd.
++
++ [ Torsten Landschoff ]
++ * Remove RFC documents as they do not meet the DFSG.
++ + debian/rules: Check that the RFCs are gone to make sure it does not
++ get included again by accident.
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Sat, 2 Sep 2006 00:33:44 +0200
++
++openldap2.3 (2.3.25-1) unstable; urgency=low
++
++ [ Matthijs Mohlmann ]
++ * New upstream release:
++ - Accepts 'require none' in slapd.conf (closes: #370023).
++ - Added patch to fix a bold issue in the manpage ldapsearch. Thanks to
++ Matt Kraai. (Closes: #355670)
++ * Added commented out rootdn parameter in slapd.conf. (Closes: #303245)
++ * Make the scripts output a bit more consistent.
++ * Fix a regression in the slapd packages. Data directory is /var/lib/ldap
++ and not /var/openldap-data, also adjust the manpages to reflect these
++ change. Thanks to Peter Marschall. (Closes: #368891)
++ * Removed script move_files, dh_install is used instead. (Closes: #368896)
++ * Dutch translation already updated. Closes: #375101)
++ * Documented that slapd is compiled with TCP wrappers (Closes: #351428)
++ * dpkg-reconfigure slapd now just reinstalls slapd and moves old databases
++ to /var/backups. Already done in previous version (Closes: #230366, #208056)
++
++ [ Torsten Landschoff ]
++ * debian/libldap-2.3-0.install: Ignore version information when installing
++ libraries. This way it does not need updating for each new upstream
++ release.
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Wed, 26 Jul 2006 18:05:40 +0200
++
++openldap2.3 (2.3.24-2) unstable; urgency=low
++
++ * Switch slapd from running as root to running as user.
++ (Closes: #292845, #261696)
++ * Changing configuration in slapd.conf by the postinst will now also follow
++ includes. (Closes: #304488)
++ * Patches by Quanah Gibson-Mount <quanah@stanford.edu>
++ - fix a lock bug with a virtual root entry in the BDB backend.
++ - fix boolean logic in the overlays.
++ - fix that slurpd can use ldaps.
++ - fix initialization of auditdb.
++ - fix TLS concurrency issues.
++ - fix exop password change that didn't reset pwdMustChange.
++ - fix syncrepl that fails when no rootdn is defined.
++ * Add dependency on adduser.
++ * Specify the PATH variable in the init script. (Closes: #367981)
++ * Added patch to read config before dropping privileges.
++ * epoll(4) system call is missing on kernels <2.6, this causes slapd to
++ not work on 2.4 kernels. Added patch that remove the #define in
++ portable.in (Closes: #369352, #372194, #373233)
++ * In 2.3.24 slapd won't segfault if the moduleload directive appears
++ somewhere else. (Closes: #349011)
++ * Removed fileutils dependency, it's superseeded in Sarge already.
++ (Closes: #370013)
++ * Use find in combination with mv to move an old directory away.
++ (Closes: #306435)
++ * Updated Dutch debconf translation (Closes: #365172)
++ * Added an example backup script that can be put into cron (Closes: #319477)
++ * Make the db directories 0700. On new installations this is the default.
++ (Closes: #354450)
++ * Get rid of a '.' in front of a domain. (Closes: #318143)
++ * Added shadowLastChange to the ACL in the default slapd.conf
++ (Closes: #370550)
++ * Updated Japanese translation (Closes: #378565)
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Mon, 17 Jul 2006 18:22:45 +0200
++
++openldap2.3 (2.3.24-1) unstable; urgency=low
++
++ [ Matthijs Mohlmann ]
++ * New upstream version. (Closes: #369544)
++ * Update patch slurpd-in-spool. (Closes: #368586, #368709, #368889)
++ * Added slapi-errorlog-file to be into /var/log (Closes: #368895)
++ * Removed patch configure.in-fix, incorporated upstream.
++ * Move debian/configure.options.new to debian/configure.options.
++ * Added patch to put ldapi socket in /var/run/slapd.
++ * Removed bdb recovery from the init.d script. This was introduced to fix
++ bug #255276. Now that slapd has the ability to check and recover from bdb
++ failures, this function is not needed anymore. (Closes: #369484, #369093)
++ * Updated the lintian overrides.
++
++ [ Torsten Landschoff ]
++ * Include man pages for accesslog and auditlog overlays, patch by
++ Peter Marschall (closes: #368888).
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Thu, 1 Jun 2006 08:16:02 +0200
++
++openldap2.3 (2.3.23-1) unstable; urgency=low
++
++ [ Matthijs Mohlmann ]
++ * New upstream release. (Closes: #308906, #310282, #353877, #335618, #315158)
++ (Closes: #310282, #319155)
++ * OpenLDAP checks database before starting up.
++ (Closes: #190165, #195079, #294701, #308416)
++ * move_old_database_away isn't called in a while loop anymore (which would
++ kill debconf interaction) (Closes: #299100)
++ * BDB_CONFIG file will be installed on new installations (Closes: #301292)
++ * Move to dh_install.
++ * Move to quilt patch system.
++ * Fix manpage.
++ * Make ldiftopasswd and fix_ldif executable. (fixes lintian warnings)
++ * Wipe passwords after we created the initial configuration.
++ * The config scripts is runned twice, this causes the password in
++ slapd/internal/adminpw to be empty. This fixes the issue with having an
++ empty password in the ldap database. (Closes: #343113, #347725)
++ * Added #DEBHELPER# token to fix a lintian warning.
++ * bdb has changed between major versions, so dump the database and import it
++ again for versions before 2.3.19.
++ * Remove comments from debian/control (The out commented control information
++ is actually in debian/control.dev)
++ * Enable all backends and overlays with: --enable-backends=mod and
++ --enable-overlays=mod
++ * Add | debconf-2.0 to unblock cdebconf transition (Closes: #332053)
++ * Added Danish debconf translation (Closes: #353897)
++ * Updated French debconf translation (Closes: #320739)
++ * Updated Vietnamese debconf translation (Closes: #319706)
++ * Updated Czech debconf translation (Closes: #356554)
++ * Encode the organization to utf8 (Closes: #236097)
++ * Disabled the LDBM backend. Break in preinstallation if user doesn't want
++ to migrate to BDB backend.
++ * Removed choice for LDBM backend from slapd templates. And some explanation
++ in that question about the LDBM backend.
++ * Add sizelimit and tool-threads and some documentation to slapd.conf
++ (Closes: #327808)
++ * slapd.scripts-common had two functions with the same name.
++ * Don't return a error message if hostname fails.
++ * Backup the config only once on upgrade.
++ * For new installations do not install a DB_CONFIG file but use the
++ slapd.conf as file for BDB/HDB configuration parameters. See: slapd-bdb(5)
++ * Added various "exit 0" to the installation scripts.
++ * Add configure.in patch to fix C comparison what should be bash (ITS#4416)
++ * Raise debconf configuration level from low to medium for
++ slapd/no_configuration.
++ * Updated Standards-Version to 3.7.2.0
++ * Added build-dependency on perl which is used in the debian/rules file.
++ Considered by lintian.
++ * Added lintian override for too-long-extended-description-in-templates, it
++ is an explanation about the backends.
++
++ [ Steve Langasek ]
++ * debian/slapd.templates: Fix typo durin -> during; re-run
++ debconf-updatepo, fixing up the fuzzies (closes: #319596).
++
++ [ Torsten Landschoff ]
++ * debian/slapd.scripts-common: Rename backend_supported to
++ upgrade_supported_from_backend for more clarity.
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Sat, 13 May 2006 00:28:11 +0200
++
++openldap2.2 (2.2.26-4) unstable; urgency=low
++
++ * [l10n] Vietnamese translations by Clytie Siddall (closes: #316623).
++ * debian/slapd.templates: Fix typos occured -> occurred (closes: #316624).
++ * libraries/libldap/url.c: Apply patch from upstream CVS to fix URI
++ parsing (closes: #317100).
++
++ -- Torsten Landschoff <torsten@debian.org> Tue, 19 Jul 2005 20:52:17 +0200
++
++openldap2.2 (2.2.26-3) unstable; urgency=low
++
++ * [SECURITY] Applied the patch available at
++ http://bugzilla.padl.com/show_bug.cgi?id=210
++ to force libldap to really use TLS when requested in /etc/ldap/ldap.conf
++ (cf. CAN-2005-2069). Clients still will use libldap2 from openldap2
++ source package so this is only to prepare unleashing the libraries of
++ OpenLDAP 2.2 for unstable...
++
++ -- Torsten Landschoff <torsten@debian.org> Sun, 3 Jul 2005 10:41:37 +0200
++
++openldap2.2 (2.2.26-2) unstable; urgency=low
++
++ * Assembled changes from patches supplied by Peter Marschall (thanks,
++ Peter):
++ | debian/move_files: Move slapd and slurpd to /usr/sbin and adjust symlinks
++ (closes: #316354).
++ + debian/slapd.links: Remove symlinks from /usr/sbin to /usr/lib.
++ | debian/rules: Don't install cron jobs needed for GnuTLS as long as we are
++ using OpenSSL.
++ | debian/control: Remove build-dependencies needed for GnuTLS
++ (closes: #316355).
++ + Require libsasl >= 2.1.18 as recommended by OpenLDAP project.
++ | Update quicktool patch from Quanah Gibson-Mount (closes: #316361).
++ | debian/slapd.init: Use /bin/sh as shell when running db_recover
++ (closes: #316350).
++ | debian/configure.options: Enabled dynlist and proxycache overlays
++ (closes: #316351).
++
++ * debian/po/de.po: Apply typo correction patch (closes: #313809).
++ * debian/po/fr.po: Apply updates by Christian Perrier (closes: #315122).
++
++ -- Torsten Landschoff <torsten@debian.org> Fri, 1 Jul 2005 12:53:18 +0200
++
++openldap2.2 (2.2.26-1) unstable; urgency=low
++
++ * New upstream release.
++ * debian/slapd.init: Run db_recover as the user configured for slapd
++ (closes: #311331).
++ * debian/po/cs.po: Add Czech translation by Miroslav Kure (closes: #312064).
++ * Run debconf-updatepo, oh my :(
++ * Update configure via libtoolize -cf; aclocal-1.4; autoconf2.50.
++ * configure.in: Try to fix memcmp check (probably does not work anymore, but
++ we should have a working memcmp on all Debian systems anyway).
++ * debian/rules: Remove config.{sub,guess} before installing new versions
++ (just in case there were symlinks for them...).
++
++ -- Torsten Landschoff <torsten@debian.org> Tue, 21 Jun 2005 12:06:40 +0200
++
++openldap2.2 (2.2.23-8) unstable; urgency=low
++
++ * debian/DB_CONFIG: Fixed the log cache configuration (used the wrong
++ command so there was about no effect).
++
++ -- Torsten Landschoff <torsten@debian.org> Mon, 30 May 2005 08:48:10 +0200
++
++openldap2.2 (2.2.23-7) unstable; urgency=low
++
++ * debian/slapd.scripts-common: Install the default DB_CONFIG for each
++ database loaded from LDIF which didn't have a DB_CONFIG before.
++ * (automatic) Updated config.sub and config.guess from autotools-dev.
++
++ -- Torsten Landschoff <torsten@debian.org> Mon, 30 May 2005 08:08:37 +0200
++
++openldap2.2 (2.2.23-6) unstable; urgency=low
++
++ Torsten Landschoff <torsten@debian.org>:
++ * debian/po/ja.po: Merge updates from Kenshi Muto (closes: #303505).
++ * debian/po/fr.po: Merge updates from Christian Perrier (closes: #306229).
++ * debian/slapd.scripts-common: If the user enters the empty value for
++ the database dumping directory use the default value. Seems like the
++ readline interface does not care about the default value
++ (closes: #308234).
++ * debian/slapd.postinst: Make sure the debhelper commands are executed
++ in all cases (closes: #310422).
++ * Merged suggested changes by Eugene Konev to automatically run
++ db_recover before starting slapd (closes: #255276).
++ + debian/slapd.init: Run db_recover if enabled and available and no
++ slapd process running.
++ + debian/slapd.default: Add configuration option to disable it.
++ * Applied and improved patch by Matthijs Mohlmann to support migration
++ from ldbm to bdb backend.
++ + debian/slapd.config: Ask if migration is wanted.
++ + debian/slapd.postinst: Update configuration from ldbm to bdb if yes.
++ + debian/slapd.scripts-common: Implemented some parts in their own
++ functions.
++ * Add a README.DB_CONFIG.gz and reference it where referring to BDB
++ configuration.
++ * Update default DB_CONFIG with some senseful values.
++
++ Steve Langasek <vorlon@debian.org>:
++ * libraries/libldap_r/Makefile.in: make sure the ximian-connector ntlm
++ patch is applied to libldap_r, not just to libldap
++ * debian/move_files: make libldap a symlink to libldap_r, as carrying
++ two versions of this library around is more trouble than it's worth,
++ and can cause glorious segfaults down the line
++
++ -- Torsten Landschoff <torsten@debian.org> Mon, 30 May 2005 08:07:49 +0200
++
++openldap2.2 (2.2.23-5) unstable; urgency=low
++
++ Torsten Landschoff <torsten@debian.org>:
++ * debian/lintian-overrides: Add. Contains lintian warnings/errors to
++ override for each package (plus comments).
++ + debian/move_files: Automatically install applying overrides into
++ each package.
++
++ Steve Langasek <vorlon@debian.org>:
++ * configure.in: reinstate the remainder of the fix for 195990 from
++ 2.1.22-2: give preference to -lpthread over -pthread in configure.in,
++ because some archs (mipsel, at least) don't like -pthread.
++
++ -- Steve Langasek <vorlon@debian.org> Sun, 24 Apr 2005 05:01:02 -0700
++
++openldap2.2 (2.2.23-4) unstable; urgency=low
++
++ Torsten Landschoff <torsten@debian.org>:
++ * debian/control: Make the requirement for debconf a pre-dependency as
++ we are using it from the maintainer scripts.
++ * debian/slapd.preinst: Always use debconf (don't check for availability).
++ * debian/slapd.scripts-common: Remove the alert_user function which
++ was there to output an error message in case debconf is not available.
++
++ Steve Langasek <vorlon@debian.org>:
++ * debian/fix_ldif: Add code to fix up oddly formatted integer attribs;
++ limited use because it only fixes those attributes that we have
++ prior knowledge of (i.e., those in the default schemas we ship), but
++ it's something at least. Closes: #302629.
++ * debian/fix_ldif: Also change fix_ldif to not chew up everything that
++ has a # in the line: treat lines beginning with # as comments, but #
++ is a valid character in an attribute value.
++ * debian/rules: Fix the check for missing lib symbols to use
++ LD_LIBRARY_PATH, so the package builds on systems that don't already
++ have libldap-2.2-7 installed. Closes: #305785.
++ * debian/po/ja.po: Use the partial translation provided by Kenshi Muto.
++
++ Stephen Frost <sfrost@debian.org>:
++ * debian/slapd.scripts-common: Make sure - ends up at the end of the
++ bracket expression given to grep so it's not treated as a range
++ (closes: #302743).
++
++ -- Steve Langasek <vorlon@debian.org> Sat, 23 Apr 2005 22:01:20 -0700
++
++openldap2.2 (2.2.23-3) unstable; urgency=low
++
++ Steve Langasek <vorlon@debian.org>
++ * libraries/libldap_r/Makefile.in: Code that uses pthreads *must* be
++ linked with -pthread, even if it's a library; without this, the
++ libldap_r library ends up with dangling unversioned reference to
++ pthread_create() which gets resolved to a wrong version that causes
++ segfaults on 64-bit platforms. Closes: #304549.
++ * debian/rules: error out on build if an installed library has
++ undefined symbols; future-proofing against a repeat of #304549.
++ * debian/slapd.postinst: don't dump and reload directories unless we
++ know we're upgrading from an incompatible version! Closes: #304840.
++ * debian/slapd.scripts-common: don't use merge_logical_lines for
++ functions that will be writing back to the config; the code is not
++ as pretty now, but the output is much less ugly. Closes: #303243.
++ * debian/slapd.examples, debian/slapd.scripts-common,
++ debian/slapd.links, debian/move_files: install DB_CONFIG in
++ /usr/share/slapd/ instead of /usr/share/doc/slapd/examples/; this
++ simplifies the code, and ensures users who don't install
++ /usr/share/doc aren't penalized. Create links for the DB_CONFIG and
++ slapd.confg templates to /usr/share/doc/slapd/examples, since these
++ are worthwhile examples as well.
++ * Updated maintainer scripts to keep DB_CONFIG for LDAP databases over
++ upgrades (closes: #265860).
++ * Move slappasswd to the slapd package, since it's now a symlink and
++ isn't actually useful without the slapd binary (closes: #304339).
++
++ -- Torsten Landschoff <torsten@debian.org> Thu, 21 Apr 2005 01:29:57 +0200
++
++openldap2.2 (2.2.23-2) unstable; urgency=low
++
++ * debian/configure.options: Change localstatedir to /var from /var/run
++ as the current upstream version adds /run to that during runtime for
++ slapi sockets etc. Problem: The database location is specified relative
++ to localstatedir/openldap-data. Another thing to fix...
++ (closes: #298271, #304491).
++ * debian/slapd.scripts-common (load_databases): Reimplement automatic
++ fixing of LDIF data via the fix_ldif script. Only tried if an
++ initial slapadd using the original LDIF data fails. With this change
++ upgrading from woody for some simple cases does work again.
++ * Disabled the version check for Berkeley DB in upstream code. Any
++ libdb4.2 package should work but of course using the latest will give
++ you the best results (closes: #300851).
++ * debian/slapd.scripts-common (import_database): Removed, no longer used.
++ * debian/slapd.scripts-common: Store the diagnostic output from
++ slapadd and output it before aborting if the command failed.
++ * debian/po/fr.po: Use the translations provided by Christian Perrier
++ (closes: #304141).
++ * debian/slapd.scripts-common: Use the -q option during slapadd to
++ improve performance.
++ * debian/slapd.templates (slapd/dump_database_destdir): Apply rewording
++ changes from Thomas Prokosch. Gives the user more information about
++ the usage of that directory.
++ + Run debconf-updatepo to update the translation templates.
++ * debian/slapd.templates: Clean up the debconf templates of the slapd
++ packages by merging the changes suggested by Christian Perrier
++ (closes: #302829). Thanks, Christian!
++ + Changed the wording of some of the templates.
++ + Adapt to the DTSG (Debconf Templates Style Guide).
++ + Removed item slapd/admin which is not used anymore.
++ + Run debconf-updatepo and send new fr.po to Christian Perrier.
++ * debian/slapd.postinst: Make a backup copy of slapd.conf before changing
++ anything (closes: #304485).
++ * Trivial improvements:
++ + Don't ask to move contents of /var/lib/ldap if it does not even
++ exist (but also is not an empty directory...) in initial config.
++ + Move check for current installation status out of configure_dumping.
++
++ -- Torsten Landschoff <torsten@debian.org> Thu, 14 Apr 2005 19:57:11 +0200
++
++openldap2.2 (2.2.23-1) unstable; urgency=low
++
++ * debian/slapd.scripts-common: Move all shell functions of the maintainer
++ scripts here to have it all in one place.
++ * Another pass over the maintainer scripts to remove cruft and tidy up
++ the code a bit. Fixed some bugs on the way.
++ * Test upgrade and installation revealed some bugs, mostly typos:
++ + return in shell actually is "return $?", not "return 0" as I though
++ + Referenced $src where $srcdir was meant.
++ + Only load old directories on upgrade and not during initial
++ installation.
++
++ -- Torsten Landschoff <torsten@debian.org> Fri, 1 Apr 2005 18:50:21 +0200
++
++openldap2.2 (2.2.23-0.pre6) experimental; urgency=low
++
++ Torsten Landschoff <torsten@debian.org>:
++ * debian/slapd.postinst: Add a testing interface to test the helper
++ functions.
++ * debian/slapd.postinst: Make sure that debconf actually displays the
++ error message even if the user has already seen it before.
++ * debian/slapd.postinst (compute_backup_path): Make function more robust
++ in case we don't know the old version or the suffix of the database.
++ Converted the backup dir to a more simple scheme which should be save
++ against accidental overwriting.
++ * Rewrote part of the maintainer scripts for correct handling of
++ directory dumps in preinst. New debconf questions etc.
++ * Move the manpage of slappasswd to ldap-utils where slappasswd itself
++ is included (closes: #300212).
++ + debian/control: Add Replaces: slapd << 2.2.23-0.pre6 to ldap-utils.
++ + debian/move_files: Move slappasswd manpage into ldap-utils.
++ * debian/slapd.config: Don't fail if hostname is unset (pulled from
++ Ubuntu, thanks to Jeff Bailey).
++ * Applied patch by Quanah Gibson-Mount (directory administrator of Stanford)
++ to add -q option to some tools for quick operation without updating
++ logs. This is mostly for importing directories from LDIF backups.
++ * Go back to libdb4.2 as OpenLDAP is known to have problems with BDB 4.3.
++ + debian/control: Update dependencies for BDB 4.2.
++ + debian/slapd.scripts-common: Mark all databases before this version
++ as incompatible.
++ * Fix some bashisms in maintainer scripts.
++ * debian/slapd.postinst: Include the version of the backup in the
++ backup of a database directory.
++
++ Carlo Contavalli <ccontavalli@debian.org>:
++ * debian/slapd.init: Print command line if starting a daemon failed.
++ * debian/slapd.postinst: Handle hdb backend just as if it was bdb.
++ * debian/README.Debian: Add some notes about DB_CONFIG and how to run
++ slapd under a different uid/gid.
++ * Install an example DB_CONFIG file during initial configuration
++ + slapd.postinst: Add a function to implement this and hook it into
++ create_new_configuration.
++ + debian/DB_CONFIG: Example DB_CONFIG that is installed.
++ + debian/slapd.examples: Mark DB_CONFIG as an example.
++ * servers/slapd/daemon.c: Actually change the permissions of the
++ unix socket if requested using an ldapi url with x-mod.
++ * debian/slapd.scripts-common: change privileges of upgraded databases
++ as indicated by SLAPD_USER and SLAPD_GROUP variables.
++ * debian/slapd.scripts-common,slapd.postinst: corrected some minor
++ typos.
++
++ -- Torsten Landschoff <torsten@debian.org> Fri, 1 Apr 2005 12:26:35 +0200
++
++openldap2.2 (2.2.23-0.pre5) experimental; urgency=low
++
++ * Apply NTLM patch from ximian-connector source package.
++ * debian/slapd.postinst: Fix small typo leading to upgrade failures.
++ Added some notes while wading through maintainer scripts.
++ * debian/slapd.postinst: Make slapadd more noisy, writing the new
++ directory to stderr if something goes wrong (should help for
++ bug #236097).
++ * Make slapd.init idempotent by adding --oknodo to start-stop-daemon
++ invocations (closes: #298741). Kudos to Bill Allombert for this
++ patch.
++ * slapd.postinst: Try to fix slapd.conf for syntactic and semantic changes
++ introduced upstream into 2.2.x.
++ * slapd.scripts-common: Make sure directories before 2.2.23 are dumped
++ and reloaded on upgrade.
++
++ -- Torsten Landschoff <torsten@debian.org> Fri, 11 Mar 2005 18:54:57 +0100
++
++openldap2.2 (2.2.23-0.pre4) experimental; urgency=low
++
++ * Rename libldap2.2 to libldap-2.2-7 to match soname. Updated
++ debian/{control,rules,...}.
++ * Checked the usage of the ucdata files shipped with libldap2 before.
++ Actually they stem from liblunicode which is only linked to slapd.
++ Therefore those files are shipped with slapd now. This change is
++ relevant so that multiple libldap-2.2-x packages can coexist later.
++ * debian/control: Updated for slapd replacing files from libldap2.
++ * debian/control: Recommend db4.3-util instead of db4.2-util as we are
++ using the former version now for slapd.
++ * debian/control: Add Build-Depends for libperl-dev, this time for
++ real. I wonder what went wrong last time as it built correctly with
++ pdebuild (closes: #297123).
++
++ -- Torsten Landschoff <torsten@debian.org> Mon, 28 Feb 2005 15:17:52 +0100
++
++openldap2.2 (2.2.23-0.pre3) experimental; urgency=low
++
++ * debian/slapd.prerm: Reformat and fix double stopping of slapd. Find
++ out which bug we are working around and document it.
++ * debian/configure.options: Enable ACI support (closes: #101602).
++ Looked through the source code and it seems to be properly
++ insulated to not make a difference when not used.
++ * .../Makefile.in: Remove -s option from install invocations and let
++ dh_strip handle stripping binaries (closes: #264448).
++ * debian/slapd.postinst: Code cleanup and reading, unused and duplicate
++ code removed. Main body still needs fixing.
++ * debian/slapd.postinst: Fixed chmod --reference calls to keep the
++ permissions of slapd.conf. Putting data into the file using shell
++ redirection recreates the file with default umask and owner, killing
++ the permissions we applied using chod --reference after creating the
++ file. Instead we change the permissions directly before renaming the
++ file now. Wrapped it into a function and update the owner as well.
++ How do we do this correctly for ACLs etc.!? Thanks to Carlo Contavalli
++ for pointing this out.
++ * servers/slapd/main.c: Log a warning if writing the pidfile or writing
++ the arguments file fails (closes: #261696).
++ * debian/control: Add missing build dependency for perl development
++ library (closes: #297123).
++
++ -- Torsten Landschoff <torsten@debian.org> Sun, 27 Feb 2005 17:44:03 +0100
++
++openldap2.2 (2.2.23-0.pre2) experimental; urgency=low
++
++ * servers/slurpd/slurp.h: Relocate the default spool directory to
++ /var/spool/slurpd again.
++ * Merged some changes done by Fabio M. Di Nitto for the ubuntu
++ distribution (thanks, Fabio!):
++ + debian/slapd.{postinst,conf}: Checkpoint BDB databases every 512kb
++ or 30 minutes by default.
++ + debian/slapd.scripts-common: Make is_empty_dir less noisy on first
++ install (cosmetic).
++ * Applied some changes suggested by Ondrej Sury:
++ + debian/rules: Add MAKEVARS variable and set datadir =
++ /usr/share/libldap2.2/ucdata instead of changing build/top.mk as
++ suggested.
++ + debian/move_files: Install /usr/share/libldap2.2 into libldap2.2
++ and remove duplicate ldap.conf manpage.
++ + debian/control: Let libldap2.2 dependon libldap2 for config files.
++ * Also in Ondrej's patch:
++ + doc/man/man8/slapd.8: Refer to slapd.conf instead of ldap.h for
++ loglevel documentation. Changed by ubuntu? I don't know...
++ * debian/slapd.README.Debian: Update TLS/SSL information.
++
++ -- Torsten Landschoff <torsten@debian.org> Fri, 25 Feb 2005 14:44:59 +0100
++
++openldap2.2 (2.2.23-0.pre1) experimental; urgency=low
++
++ * Merge new upstream release 2.2.23.
++ * Change name of source package to openldap2.2.
++ * configure.in: Fix AC_LIBOBJ for configure2.50.
++ * Run libtoolize, aclocal-1.4 and autoconf2.50 to get a working
++ configure script.
++ * debian/slapd.init: Output failure reasons using "$failure" so that
++ no glob substitution is done. Had a hard time grokking why slapd
++ would mention the contents of the current directory in its error
++ message...
++ * debian/rules: Disable building -dev packages as we don't want
++ other packages to link against the new libraries before sarge.
++ Remove the binary-indep target from the binary dependends list.
++ * debian/control: Move packages that are no longer build into control-dev.
++ * debian/configure.options: Build against OpenSSL with --with-tls
++ (this can only be done for slapd itself, we need GnuTLS support
++ before enabling this for libldap2.2-dev).
++ * debian/control: Update build dependencies for libdb4.3 and OpenSSL.
++
++ -- Torsten Landschoff <torsten@debian.org> Wed, 23 Feb 2005 19:29:38 +0100
++
++openldap2 (2.2.18-0.pre2) experimental; urgency=low
++
++ * debian/check_config: Make sasl2 check more robust against file
++ format changes in config.status.
++ * debian/libldap2.shlibs: Remove.
++ * Update configure script using libtoolize, aclocal-1.4 and autoconf2.50
++ to fix wrong shared library dependency in libldap2.2 (depended on
++ libldap2 by linking against the system's liblber).
++ * debian/libldap2.README.Debian: Move to libldap2.2.README.Debian.
++ * Lintian cleanup:
++ + Run debconf-updatepo for debian/rules clean and manually as
++ requested.
++ + Update config.guess and config.sub in debian/rules clean as well.
++ First update done.
++ + debian/rules (install): Fix the manpage section of the admin commands
++ from 8C to 8.
++ + debian/rules (binary-arch): Run dh_fixperms to fix the permissions
++ on shared libraries.
++
++ -- Torsten Landschoff <torsten@debian.org> Thu, 13 Jan 2005 11:53:28 +0100
++
++openldap2 (2.2.18-0.pre1) experimental; urgency=low
++
++ * New upstream release.
++ * Disable TLS for now.
++ * debian/rules: Don't run autoheader and autoconf.
++ * debian/configure.options: Recreated and updated for new setup.
++ * debian/rules: Move slapd, slurpd from /usr/lib to /usr/sbin.
++ * Rename library packages to include the OpenLDAP version.
++ * Remove /etc/ldap/ldap*.conf from libldap2.2 to avoid clash with
++ libldap2. Also add Replaces entry for libldap2 to allow overwriting
++ for now. Needs fixing...
++ * Instead of moving slapd from /usr/lib to /usr/sbin create a symlink.
++ Seems like slapadd etc. are now all included in the slapd binary
++ and all link to its binary.
++ * debian/rules: Run dh_link for arch dependend packages.
++ * configure: Fix broken libdb checking which forced static building of
++ back-bdb.
++ * debian/slapd.conf: Fix access directive to use "attrs=" instead of
++ "attribute=" which wasn't officially supported anyway.
++
++ -- Torsten Landschoff <torsten@debian.org> Wed, 3 Nov 2004 09:57:14 +0100
++
++openldap2 (2.1.30-3) unstable; urgency=high
++
++ * Urgeny high since previous releases were hardly usable (at least
++ with TLS).
++ * Roland Bauerschmidt <rb@debian.org>
++ + libraries/libldap/gnutls.c, libraries/libldap/tls.c,
++ include/ldap_pvt_gnutls.h: Use callback with
++ gnutls_certificate_set_params_function to generate dh_params and
++ rsa_params (this is also the way, it's done with OpenSSL). We need
++ GNUTLS 1.0.9 for this. With the new version of libgcrypt, we also
++ need to initialize threading explicitly. The previous
++ segmentation faults resulted from the *global* param structure
++ being recreated and freed for every session. Many thanks to
++ Matthias Urlichs who helped debugging a lot and also packaged
++ GNUTLS 1.0.16 very quickly... Closes: #244827.
++ + debian/control: Add build dependency to libgcrypt11-dev (we're
++ initializing it directly now) and change libgnutls10-dev to
++ libgnutls11-dev.
++ + libraries/libldap/gnutls.c: in tls_gnutls_need_{dh,rsa}_params
++ (formerly ldap_gnutls_need_...), create temp files more securely,
++ doing unlink before opening and opening them with O_EXCL. This is
++ necessary because under Linux 2.6 all threads have the same PID.
++ Thanks to Andrew Suffield for pointing this out.
++ + debian/slapd.cron.daily: cron job to remove GNUTLS rsa_export and
++ dh param cache files every day.
++ + debian/slapd.README.Debian: add note that we use GNUTLS rather
++ than OpenSSL.
++
++ -- Roland Bauerschmidt <rb@debian.org> Mon, 26 Jul 2004 18:41:23 +0200
++
++openldap2 (2.1.30-2) unstable; urgency=low
++
++ * Roland Bauerschmidt <rb@debian.org>
++ + debian/slapd.scripts-common: add missing space before !
++ Closes: #251036, #253633, #257513.
++ * Torsten Landschoff <torsten@debian.org>
++ + Applied patch by Ralf Hack to support non-standard config file
++ location in /etc/default/slapd (closes: #229195).
++ + Applied patch to fix handling of abandoned commands
++ (closes: #254183). Thanks to Peter Marschall for submitting it.
++ + Applied patch to fix memory leak after search (closes: #254184).
++ Thanks again, Peter!
++ + Applied trivial patch to support logging to DAEMON facility
++ as well as LOCAL* (closes: #254186). Here you are, Peter ;)
++
++ -- Roland Bauerschmidt <rb@debian.org> Fri, 09 Jul 2004 15:56:06 +0200
++
++openldap2 (2.1.30-1) unstable; urgency=low
++
++ * Torsten Landschoff <torsten@debian.org>:
++ + debian/control: Have slapd conflict with libltdl3 version 1.5.4-1
++ as with that version loading of .so files is broken which breaks
++ slapd (closes: #249152).
++ + Applied patch to fix Perl backend (closes: #245347). Kudos
++ to Peter Marschall.
++ + debian/configure.options: Enable building of Perl backend.
++
++ * Roland Bauerschmidt <rb@debian.org>
++ + debian/slapd.templates: replace 'domain' with 'DNS domain name'
++ which is little more specific
++ + debian/slapd.config: check if the domain has a valid syntax to
++ prevent slapadd from failing. Closes: #235749.
++ + New upstream version with fix for NS-MTA-MD5 hash length
++ checking. Closes: #226583.
++
++ -- Torsten Landschoff <torsten@debian.org> Mon, 24 May 2004 23:33:21 +0200
++
++openldap2 (2.1.29-2) unstable; urgency=low
++
++ * Roland Bauerschmidt <rb@debian.org>
++ + debian/rules: Revert change to install ldapadd as symlink.
++ Somehow, with that change, ldapadd didn't get installed at all.
++ Closes: #243537.
++
++ -- Roland Bauerschmidt <rb@debian.org> Tue, 13 Apr 2004 19:49:55 +0200
++
++openldap2 (2.1.29-1) unstable; urgency=low
++
++ * Stephen Frost <sfrost@debian.org>
++ + libraries/gnutls.c: Generate and store RSA/DH parameters,
++ based off a patch by Petr Vandrovec (though changed alot).
++ Closes: #234639, #234593
++
++ * Roland Bauerschmidt <rb@debian.org>
++ + Merged new upstream release.
++ + debian/slapd.prerm: add #DEBHELPER# token.
++ + debian/control: have slapd depend on debconf (>= 0.5) to ensure
++ it supports the seen flag.
++ + debian/rules: ldapadd is installed as a hardlink to ldapmodify;
++ use a symlink instead.
++ + debian/slapd.{scripts-common,postinst,preinst,config}: Add new
++ function read_slapd_conf that evaluates include statements.
++
++ -- Torsten Landschoff <torsten@debian.org> Mon, 12 Apr 2004 15:27:55 +0200
++
++openldap2 (2.1.26-1) unstable; urgency=low
++
++ * Torsten Landschoff <torsten@debian.org>:
++ + Merged new upstream release.
++ + debian/slapd.templates (slapd/purge_database): Set default value to
++ false.
++ + debian/slapd.config (manual_configuration_wanted): Don't exit
++ from the script directly if the user wants to configure
++ slapd manually (exit 0 -> return 0).
++ + Build-depend on libgnutls10-dev instead of libgnutls7-dev and
++ rebuild (closes: #233833).
++ + Move previous content of /var/lib/ldap away during creation of
++ an initial directory (closes: #228886, #233512).
++ + debian/slapd.postrm: Remove flag files in /var/lib/slapd on purge.
++ + Removed functionality (verbose error messages) from gnutls.c until
++ it compiled with libgnutls10-dev :-((
++ + debian/slapd.postinst: Overwrite existing /etc/ldap/slapd.conf (only
++ reached during initial installation/dpkg-reconfigure).
++
++ -- Torsten Landschoff <torsten@debian.org> Mon, 23 Feb 2004 09:36:32 +0100
++
++openldap2 (2.1.25-1) unstable; urgency=low
++
++ * Roland Bauerschmidt <rb@debian.org>:
++ + New upstream version.
++ - Build against libdb4.2. Hopefully, this resolves the BDB
++ lock ups when configured improperly.
++ + debian/control: Have ldap-utils depend on the same version of
++ libldap2, and libldap2 conflict with ldap-utils (<= 2.1.23-1).
++ Closes: #216661.
++ + debian/slapd.{templates,config}: Check if there are slave
++ databases in slapd.conf lacking an updateref option, and warn
++ about it. Closes: #216797.
++ + debian/slapd.{templates,config,postinst,conf}: Ask which
++ database backend to use (BDB or LDBM).
++ + debian/slapd.README.Debian: cleanup
++ + servers/slapd/back-bdb/dbcache.c: Turn off subdatabases. This
++ is an incompatible database format change, but according to
++ Howard Chu "using them (subdatabases) is known to cause deadlocks
++ on multiprocessor machines, among other issues."
++ + debian/control: add Recommends: db4.2-util to slapd
++ + debian/control: add Recommends: libsasl2-modules to slapd and
++ ldap-utils. Closes: #224058.
++ + debian/slapd.{scripts-common,preinst,postinst}: Extended dump
++ and restore code to deal with different versions for different
++ backends.
++ + debian/control: Geez, centipede seems to have vanished a long
++ time ago. So don't claim it's included in the slapd package.
++ + debian/slapd.docs: created with servers/slapd/back-sql/
++ rdbms_depends. Closes: #225807.
++
++ * Torsten Landschoff <torsten@debian.org>:
++ + debian/move_files: Install slappasswd into ldap-utils instead
++ of slapd as it's useful without slapd as well (closes: #228705).
++ + debian/control: Make ldap-utils Replaces: slapd < 2.1.25 because
++ of that change.
++ + debian/control: Use libdb4.2-dev instead of libdb4.1-dev as a
++ number of problems seem to be related to DB 4.1.
++
++ -- Torsten Landschoff <torsten@debian.org> Fri, 6 Feb 2004 20:48:22 +0100
++
++openldap2 (2.1.23-1) unstable; urgency=low
++
++ * Roland Bauerschmidt <rb@debian.org>:
++ + New upstream version.
++ + Applied fix for admin password breakage from Michael Beattie
++ <mjb@debian.org>. Closes: #214270.
++ + Added Dutch Debconf template translation by cobaco@linux.be.
++ Closes: #215373.
++ + Bumped Standards-Version (no changes needed).
++
++ * Torsten Landschoff <torsten@debian.org>:
++ + debian/move_files: Install slappasswd into ldap-utils instead
++ of slapd (closes: #228705).
++
++ -- Roland Bauerschmidt <rb@debian.org> Sat, 18 Oct 2003 19:56:54 +0200
++
++openldap2 (2.1.22-3) unstable; urgency=low
++
++ * Call perl -w to run debian/dh_installscripts-common. Closes: #214054.
++
++ -- Roland Bauerschmidt <rb@debian.org> Sat, 4 Oct 2003 14:22:11 +0200
++
++openldap2 (2.1.22-2) unstable; urgency=high
++
++ * Stephen Frost <sfrost@debian.org>
++ + servers/slapd/daemon.c: Apply patch from head for select handling.
++ + debian/rules: Fix build options to optimize correctly and to use
++ DEB_BUILD_OPTIONS (Policy, 10.1). Closes: #202306
++ + debian/slapd.conf: Add in ACL for root DSE explicitly.
++ + debian/slapd.init: Add --oknodo in stop_slurpd. Closes: #202592
++ + debian/rules: Need quotes around $(CFLAGS) on configure line.
++ + debian/slapd.init: Remove \'s before quotes around pidfile.
++ + debian/slapd.init: Add support for -h slapd flag. Closes: #201991
++ + debian/slapd.default: Add variable $SLAPD_SERVICES for slapd -h.
++ + libraries/libldap/tls.c: Apply patch from asuffield in #202741 to
++ fix subjectAltName usage. Closes: #202741
++
++ * Torsten Landschoff <torsten@debian.org>:
++ + Fix invocation of "head" in maintainer scripts and replace usage of
++ [ foo -a bar ] by [ foo ] && [ bar ] (closes: #203292).
++ + debian/slapd.postrm: Small cleanup, only remove the directory, not
++ the backups, on purge.
++ + debian/rules: Don't run the upstream install target if we did not
++ rebuild the whole tree. Makes debugging maintainer script much more
++ tolerable.
++ + debian/slapd.config: Cleaned up and restructured for readability.
++ + debian/slapd.templates: Replaced the invalid_suffix template with
++ invalid_config which is more general and can be used for any
++ inconsistency in the initial configuration.
++ + debian/slapd.postinst: Rewritten to eliminate all that spaghetti.
++ Did not yet implement all old features again...
++ - Now the #DEBHELPER# part is always reached so that the daemon
++ will be restarted even if no automatic configuration is wanted
++ (closes: #204008).
++ + Fixed the undefined symbols in libldap_r.so.2 (closes: #195990).
++ | configure.in: Try -lpthread before -pthread to link the thread
++ library. libtool does not pass -pthread through, -lpthread seems
++ to work though.
++ | libraries/libldap_r/Makefile.in: Add $(LTHREAD_LIBS) to
++ UNIX_LINK_LIBS so that pthread is linked when creating a shared library
++ as well.
++
++ * Roland Bauerschmidt <rb@debian.org>:
++ + debian/configure.options: change --localstatedir=/var/lib to
++ --localstatedir=/var/run. Since localstatedir isn't used anywhere
++ in the code, except for the ldapi socket (and examples in the
++ manpages which are correct at the moment anyway), all this change
++ does should be changing the default location of the ldapi socket
++ from /var/lib/ldapi to /var/run/ldapi. Closes: #160965.
++ + libraries/libldap/tls.c: In get_ca_list, walk through CACERTDIR
++ manually if building against GNUTLS (since there is no equivalent
++ to SSL_add_dir_cert_subjects_to_stack). Closes: #205609.
++ + debian/slapd.preinst: create /var/backups/ldap/$oldver with
++ permissions 0700. Also change permissions for /var/backups/ldap
++ to 0700 if it already exists. Closes: #209019.
++ + Added Japanese translation of Debconf templates by Kenshi Muto
++ <kmuto@debian.org>. Closes: #210731.
++ + debian/slapd.{postinst,preinst,config}: Replaced duplicate
++ implementations of the same functions with one version and moved
++ those into debian/slapd.scripts-common which will be included by
++ debian/dh_installscripts-common.
++ + debian/slapd.preinst: before dumping the database, check if the
++ backend is supported
++ + debian/slapd.postinst:
++ - add -q to grep call for allow bind_v2
++ - readded pre-2.1 (woody) upgrade path (that is, dumping, fixing
++ and reimporting the database)
++
++ -- Roland Bauerschmidt <rb@debian.org> Fri, 3 Oct 2003 15:35:29 +0200
++
++openldap2 (2.1.22-1) unstable; urgency=low
++
++ * Stephen Frost <sfrost@debian.org>:
++ + New upstream version (minor changes).
++ + debian/control: Change build-deps to autoconf2.13, Closes: #201482
++ + debian/rules: Add dh_compress -i for binary-indep.
++ + debian/slapd.postinst: Give variable for read (avoids bashism).
++ + configure/.in: Use upstream's version of back-meta/back-ldap fix.
++
++ -- Stephen Frost <sfrost@debian.org> Wed, 16 Jul 2003 08:42:23 -0400
++
++openldap2 (2.1.21-2) unstable; urgency=low
++
++ * Stephen Frost <sfrost@debian.org>:
++ + debian/slapd.preinst: slapcat here if possible, if slapcat not
++ available then slapcat in postinst. Also remove old unused
++ function.
++ + debian/slapd.postinst: Check if slapcat in preinst worked and use
++ those results in preference. Also moved to using /var/backups/ldap.
++ + servers/slapd/daemon.c: Provide more information on socket/bind
++ failures. Patch submitted upstream. Closes: #94967.
++ + ./configure, ./configure.in: Fix check for back_ldap in back_meta.
++ back_ldap now included as module. back_ldap and back_meta appear
++ to load fine, though order may matter. Closes: #196995.
++ + debian/control: Add versioned Depends on perl, need recent version
++ for migration script.
++ + debian/slapd.{pre,post}inst: Allow for whitespace in postinst
++ before database definitions
++ + debian/control: Drop the libldap2-dev Depends that aren't actually
++ necessary.
++ + debian/slapd.preinst: Add create_sed_script to create the script to
++ deal with multi-line commands in slapd.conf. Modify things to use
++ sed script to preprocess slapd.conf before using it. Remove
++ support for whitespace preceeding commands.
++ + debian/slapd.postinst: Add create_sed_script here too and modify
++ everything to use it as necessary. Also change everything to
++ reference $SLAPD_CONF instead of /etc/ldap/slapd.conf everywhere.
++ Remove support for whitespace preceeding commands.
++ + debian/slapd.postinst: Removed all tabs. Changed all sed scripts
++ to used [:space:] instead of [space tab].
++ + debian/slapd.postinst: Removed debugging statements from ldap_v2
++ support handling code.
++ + debian/slapd.preinst: Changed to use mktemp for sed script.
++ + debian/slapd.postinst: Changed to use mktemp for sed script.
++ + debian/slapd.config: If no hostname set just use debian.org.
++ + contrib/ldapc++/config.{sub,guess}: Resync back to upstream, no
++ reason not to, we don't even build this stuff...
++ + debian/control: Change build-depends to libgnutls7-dev instead of
++ libssl-dev.
++ + debian/rules: Now run autoconf && autoheader to pick up on the
++ configure.in changes needed for GNU TLS.
++ + debian/copyright: Added Steve Langasek (SL) copyright statement.
++ + Patch from Steve Langasek for GNU TLS support, Closes: #198553
++ | include/ldap_pvt_gnutls.h: Added for GNU TLS
++ | configure.in: Now uses GNU TLS where available.
++ | servers/slapd/schema_init.c: Modified for GNU TLS- some functions
++ removed because GNU TLS layer does not support them yet.
++ | build/install-sh: Added for new autoconf.
++ | libraries/libldap/Makefile.in: Changed to compile GNU TLS portions.
++ | libraries/libldap/getdn.c: Stub function added, GNU TLS layer does
++ not support TLS certificates for authentication yet.
++ | libraries/libldap/tls.c: Now calls GNU TLS functions instead of
++ OpenSSL.
++ | libraries/libldap/gnutls.c: Added to support GNU TLS in place of
++ OpenSSL for TLS connections.
++ | libraries/libldap_r/Makefile.in: Changed to compile GNU TLS portions.
++ + debian/slapd.postinst: remove temp file if upgrading or doing a
++ reconfigure but the OLDSUFFIX and basedn match so that we do not
++ move an empty file overtop of slapd.conf. Closes: #190797.
++ + debian/slapd.init: Inform user when not starting slapd due to
++ no configuration file found. Deals with users who select to not
++ configure slapd during installation.
++ + debian/slapd.init: Removed cat <<-EOF and got rid of associated
++ tabs; best to not depend on tab vs. space distinction.
++ + debian/slapd.config: Change debconf question names to be fully
++ qualified in the $var from the for loop- organization is under
++ shared/ and domain is under slapd/, not both under slapd/.
++ + debian/slapd.postrm: Can not depend on debconf being around in
++ postrm so check before attempting to source it. Also protect
++ against failure from db_get.
++ + debian/slapd.postinst: Check for old directory and move it out
++ of the way if it exists on new configure or reconfigure.
++ + debian/slapd.postinst: Fix db_input's for error messages,
++ should be high priority and need to || true them.
++ + debian/slapd.postinst: Do not error exit once we've told the
++ user about the problem, if there was one, with slapcat/slapadd.
++ + debian/slapd.postinst: Make sure we get the organization before
++ we attempt to fix_ldif on old slapcat output. Default to unknown
++ if the organization is not set.
++ + debian/slapd.postinst: Be sure that slapd has been stopped before
++ attempting to fix and slapadd old slapcat.
++ + debian/slapd.postinst: Do not use --exec with s-s-d in postinst.
++ + debian/slapd.postinst: grep calls need to be || true'd when no
++ matching lines found is possible (this case is handled).
++ + debian/slapd.postinst: Be very sure slapd has stopped before
++ attempting to upgrade database.
++ + debian/slapd.preinst: Use either the pidfile or exec if pidfile
++ is not available when stopping. Do not put \"\" around pidfile.
++ Use $oldver instead of $2.
++ + debian/slapd.config: Reask questions on a reconfigure. Use the
++ same logic as slapd.postinst for when to ask questions regarding
++ the db. Be sure to db_go after db_input's.
++ + debian/slapd.templates: Fix allow_bind_v2 short description to
++ make more sense since the default is off.
++ + debian/slapd.preinst: Use perl instead of sed for handling conf.
++ + debian/slapd.postinst: Use perl instead of sed for handling conf,
++ use old sed method to insert \n's, user invoke-rc.d when slapd
++ needs to be stopped. Assume preinst shuts slapd down for upgrade.
++ + debian/slapd.postinst: Only stop slapd on reconfigure.
++
++ * Torsten Landschoff <torsten@debian.org>:
++ + doc/man/man8/slapd.8: Refer to slapd.conf(5) for a description of
++ the debugging level (closes: #176980).
++ + debian/move_files: Kill of the static archives of our backend
++ modules as they are of absolutely no use.
++
++ * Steve Langasek <vorlon@debian.org>:
++ + debian/slapd.postinst: Add a new function, get_database_list, that
++ prints out the list of configured databases from slapd.conf
++ one row at a time. Move all of the upgrade handling into a
++ loop, and iterate through the configured databases. Since the
++ while loop is in fact a subshell, be sure to handle errors
++ correctly. We also have to look at the configured directory
++ for each database, instead of assuming /var/lib/ldap.
++ Closes: #190155, #190156.
++ + debian/slapd.preinst: Simplify the handling of error status: if
++ the slapcat fails, just remove the ldif file. Also, add the
++ suffix to the name of the output file, and add the
++ get_database_list function here as well.
++
++ * Roland Bauerschmidt <rb@debian.org>:
++ + debian/rules: call dh_makeshlibs with -plibldap2 rather than just
++ with libldap2
++ + debian/slapd.postinst: Add question about no configuration.
++ + debian/slapd.templates: Add template for no config question.
++ + debian/slapd.templates: Add template for invalid suffix.
++ + debian/slapd.config: Add no configuration option. Closes: #87986
++ + debian/slapd.config: Complain to the user on invalid domain/org.
++
++ -- Stephen Frost <sfrost@debian.org> Tue, 15 Jul 2003 12:37:05 -0400
++
++openldap2 (2.1.21-1) unstable; urgency=low
++
++ * Torsten Landschoff <torsten@debian.org>:
++ + Merged new upstream release.
++
++ * Stephen Frost <sfrost@debian.org>:
++ + debian/control: Add libbind-dev and bind-dev to the conflicts for
++ slapd, the libs in them can end up being used even when not
++ compiled against causing getaddrinfo() to fail. Closes: #166777
++ + debian/copyright: Flush out the copyright file to include all found
++ copyrights and updates to those.
++ + debian/copyright: Add clarification of MA license
++ + debian/copyright: Add clarification of JC license
++ + debian/slapd.templates: More clearly inform users of important
++ config change. Closes: #194192.
++ + debian/control: Remove patch from build-depends (dpkg-dev depends on it)
++ + debian/fix_ldif: Correctly handle base64-encoded DNs. Closes: #197014.
++ + debian/slapd.templates: Added templates for asking about LDAPv2 support
++ and telling the user of slapcat/slapadd failures during upgrade.
++ + debian/slapd.postinst: Added support for adding LDAPv2 support
++ + debian/slapd.postinst: Modified to handle slapcat/slapadd failure.
++ In the event of an upgrade failure the database will be left untouched
++ and the user notified. Closes: #192431
++ + debian/slapd.postinst: Use ldif_dump_location in more places...
++ + debian/slapd.prerm: Check if upgrade failed and assume bad old init.d
++ script was used and attempt to shut down slapd with --oknodo in case
++ slapd isn't running. Closes: #193854. (Again)
++ + debian/slapd.conf: Add commented out allow line
++ + debian/rules: Tell dh_installinit to not touch slapd.prerm now.
++ + debian/slapd.postinst: Do a dry-run with slapadd first and check if
++ that worked or not. If it did not work then tell the user, otherwise
++ do a real slapadd which should work.
++ + debian/slapd.postinst: Make sure slapd is stopped before doing
++ slapadd/slapcat's and the like. (Note: The woody version does not
++ stop slapd). Closes: #189777.
++ + debian/slapd.postinst: Check if directories exist before attempting
++ to mkdir them. Closes: #189947
++ + debian/slapd.README.debian: Add note about runlevel issue.
++ Closes: #175736
++ + debian/move_files: Copy ldiftopasswd into /usr/share/slapd for users
++ to use, if they find it useful. Closes: #94963.
++ + debian/slapd.README.Debian: Added note about ldiftopasswd.
++
++ * Roland Bauerschmidt <rb@debian.org>:
++ + debian/slapd.postinst: fixed typos and check for the existence of
++ slapd.conf before reading it.
++
++ -- Torsten Landschoff <torsten@debian.org> Thu, 19 Jun 2003 17:35:32 +0200
++
++openldap2 (2.1.17-3) unstable; urgency=low
++
++ * Stephen Frost <sfrost@debian.org>:
++ + debian/slapd.init: Add --oknodo for stopping slapd. Closes: #192423, #193854.
++ + debian/slapd.init: Change START_SLURPD to SLURPD_START. Closes: #190724.
++ + debian/libldap2.shlibs: Bump to 2.1.17- 2.1.12 never hit the archive.
++ These should only be bumped when new symbols are added so we should
++ figure out a way to handle checking that.
++ + debian/slapd.dirs: Added /var/run/slapd for pidfile
++ + debian/slapd.conf: Moved pidfile to /var/run/slapd; Needed if running
++ non-root.
++ + debian/slapd.conf: Clean up config file, be more explicit about what
++ directives are 'general', 'backend', and 'database'. Moved and
++ commented out 'replogfile' since it is database specific, wasn't doing
++ anything where it was and use of it depends on slurpd usage.
++ I consider this solving #151511 since we don't ask if you want to use
++ replication anymore anyway. Closes: #151511
++ + debian/copy_slapd_dev_files: Added to copy the include files for
++ building slapd back-ends.
++ + debian/control: Add warning about libslapd2-dev
++ + debian/control: Add build-depend on po-debconf for dh_installdebconf
++ + debian/slapd.default: Add option for settings SLAPD_CONF file
++ + debian/slapd.init: Changed to use SLAPD_CONF, setting it to
++ /etc/ldap/slapd.conf if it is not specified. Closes: #91318
++ + debian/control: Added libslapd2-dev to control file. Closes: #192163.
++ + debian/rules: Added binary-indep to the binary: build line and flushed
++ it out to build the libslapd2-dev deb. Added -k to dh_clean since we're
++ building arch and indep debs now.
++ + Maintainer upload, acknowledge NMU. Closes: #98039.
++ + Add debian/po/fr.po from 194740. Closes: #194740
++ + Add space before ']' on line 113 of postinst. Closes: #194192, #194943
++
++ * Torsten Landschoff <torsten@debian.org>:
++ + debian/control: Enforce libldap2 to be the same version as slapd
++ as slapd (legitimately) uses internal functions of that library
++ (closes: #190164).
++ + debian/slapd.postinst: Fix the regexp for finding the database
++ definitions.
++
++ * Steve Langasek <vorlon@debian.org>:
++ + debian/slapd.preinst: don't use debconf or ldapsearch in the
++ preinst, as this is a policy violation (even if a previous
++ version was installed, it could've been removed-but-not-purged).
++ Closes: #189811, #195029.
++ + debian/slapd.{pre,post}inst: dump & fix up the directory in the
++ postinst, not in the preinst -- using slapcat/slapadd, not
++ ldapmodify. This ensures that the dump will succeed whenever the
++ database is present, rather than depending on access to an admin
++ dn. Closes: #190085.
++ + debian/fix_ldif, debian/move_files, debian/copyright: add Dave
++ Horsfall's dn-fixing script, to handle objectClass upgrading
++ + debian/slapd.postinst: Skip the duplicate prompting for the
++ organization name; we're guaranteed to always have one.
++
++ -- Torsten Landschoff <torsten@debian.org> Fri, 6 Jun 2003 16:56:16 +0200
++
++openldap2 (2.1.17-2) unstable; urgency=low
++
++ * The who-says-slavery-is-dead upload.
++ * Steve Langasek <vorlon@debian.org>:
++ + debian/slapd.postinst: Fix the database regexp.
++ + debian/slapd.postinst: Only add moduleload lines *once* on upgrade
++ from 2.0. Wrap the backup code with a check for
++ /var/lib/slapd/upgrade_2.0, to guarantee idempotency.
++ Closes: #190401.
++ + debian/slapd.{config,templates,postinst}: On dpkg-reconfigure,
++ don't wipe out an existing config; only merge in any requested
++ changes. Also, prompt before wiping out the existing db.
++ Closes: #190799.
++ + debian/slapd.{postinst,examples},debian/rules: Move slapd.conf
++ from doc/slapd/examples to /usr/share/slapd, per policy.
++ + debian/slapd.postinst: make sure slapd.conf is always created
++ atomically.
++ + debian/slapd.postrm: If removing databases on package purge,
++ remove any database backups as well.
++
++ * Torsten Landschoff <torsten@debian.org>:
++ + debian/configure.options: Disable ACIs because they are still
++ experimental.
++ + debian/control: Change section and priority of libldap2-dev to
++ libdevel and extra respectively (dinstall message).
++ + debian/slapd.preinst: Only query the object classes of the root
++ dn if there was no error parsing the config.
++ + Update templates for po-debconf using the patch submitted by
++ Andre Luis Lopes (closes: #189933).
++ + Use [[:space:]] instead of [\t ] in sed invocations since the
++ latter does not seem to work (reported by Daniel Lutz).
++ + debian/control: Add Replaces: entry for openldapd since ldif.5.gz
++ was included in the potato package of that name (closes: #190660).
++ + debian/control: Tighten the build dependency on libtldl3-dev as
++ versions before 1.4.3 required the .la file for dynamic binding
++ (thanks to Josip Rodin for pointing this out).
++
++ -- Torsten Landschoff <torsten@debian.org> Sat, 19 Apr 2003 02:28:32 +0200
++
++openldap2 (2.1.17-1) unstable; urgency=low
++
++ * New upstream release.
++ * Torsten Landschoff <torsten@debian.org>:
++ + debian/slapd.init: Improve the error reporting. If nothing is output
++ by the failing command don't leave the user alone but print a hint
++ to look into the logfile etc.
++ + debian/control: Require at least version 2.1.3 of libsasl2-dev
++ as this is what the configure script checks for. Pointed out by
++ Norbert Tretkowski.
++ + debian/slapd.{pre,post}inst: Small cleanups, added some comments,
++ adapted for the removal of the .la files in slapd package.
++
++ -- Torsten Landschoff <torsten@debian.org> Sat, 19 Apr 2003 01:59:26 +0200
++
++openldap2.1 (2.1.16-1) unstable; urgency=low
++
++ * New upstream release.
++ + build/top.mk: Remove patch to omit "-static" at linking time. Upstream
++ now respects the --enable-shared flag used at configuration time.
++ + debian/slapd.postinst: Automagically add the module load directives
++ after upgrade as needed.
++ + debian/slapd.config:
++ - Only ask questions to create a new directory on fresh install.
++ - Ask wether the right modules should automatically be loaded in
++ slapd.conf.
++ + debian/slapd.templates: Add the templates for autoloading modules
++ and fixing the directory.
++ + debian/slapd.preinst: New script to support upgrading from 2.0.
++ The old prerm did not stop the daemon so we have to do it here.
++ Also a first attempt to fix broken LDAP directories not acceptable
++ to 2.1.
++ - Conditionally load debconf when upgrading as it only has to
++ be available in that case.
++ + debian/slapd.preinst: Dump database before upgrade.
++ + debian/slapd.postinst: Recreate database from dump after upgrade.
++ Move old database out of the way.
++
++ * Roland Bauerschmidt <rb@debian.org>
++ + debian/slapd.README.Debian: mention that backend database modules are
++ now compiled as shared objects
++
++ * Stephen Frost <sfrost@debian.org>
++ + debian/slapd.conf: Drop the '.la' file extension
++ + debian/move_files: Drop and rm the .la files, they aren't necessary.
++ + debian/slapd.README.Debian: Dropped the .la from the module_load line.
++ + servers/slapd/daemon.c: check slapd_srvurls is not NULL before
++ deref; included in upstream CVS.
++ + servers/slapd/back-*/init.c: Change the munged symbol names to
++ init_module, they do not need to be munged, and cause problems when
++ they are and not using .la files (which cause other problems)
++ + servers/slapd/module.c: Change to use lt_dlopenext() so we don't
++ need the .la files
++
++ -- Torsten Landschoff <torsten@debian.org> Wed, 26 Mar 2003 20:34:35 +0100
++
++openldap2.1 (2.1.12-1) experimental; urgency=low
++
++ * Initial release of OpenLDAP 2.1 packages. Closes: #167566, #178014.
++ - this includes support for the >= and <= operators. Closes: #159078.
++ - fixes various upstream bugs. Closes: #171008.
++
++ * Torsten Landschoff <torsten@debian.org>
++ - debian/check_config: Added script to check if OpenLDAP was configured
++ the way we want it.
++ - Don't build special TLS packages anymore - SSL is enabled in the
++ stock ldap library. Everything else will just give me more headaches.
++ - Build against libsasl2 instead of libsasl1. Closes: #176462.
++ - debian/control:
++ - Build-depend on debhelper 4.0 as debian/rules uses DH_COMPAT=4.
++ - Depend on coreutils | fileutils. Closes: #175704, #185676.
++ - Make libldap2 conflict with libldap2-tls which is obsolete now.
++ - debian/rules: Move the long list of configure options to a new
++ file debian/configure.options and read $(CONFIG) from that file.
++ - configure with --enable-aci. Closes: #101602.
++ - debian/slapd.init: Rewrite and add comments.
++ - Add support for running as non-root (closes: #111765, #157037).
++ - servers/slapd/main.c (main): Remove pid file on exit (closes: #162284).
++ - servers/slurpd/slurp.h: Change the default spool directory to
++ /var/spool/slurpd (avoids passing it via -t in init.d).
++ - servers/{slapd,slurpd}/Makefile.in: Install binaries into sbindir
++ instead of libexecdir.
++ - debian/control: Add Stephen Frost to the Uploaders field. Thanks
++ for your help, Stephen!
++ - contrib/ldapc++/config.{guess,sub}: Replaced with current files from
++ autotools-dev (lintian). Not actually neccessary since this part of
++ the package is not currently built but I think this is the best way
++ to shut up lintian :)
++ - build/mod.mk: Use -m 644 instead of -m 755 in installing shared
++ libraries. Shared libraries should not be marked as executable
++ (lintian).
++ - debian/libldap2.conffiles: Remove, since we are using version 4
++ of debhelper which tags everything in /etc as conffile by default.
++ - debian/rules: Change the mode of everything upstream installed into
++ /etc to 0644 as required by policy (lintian).
++ - debian/rules: Call dh_installdeb later in the binary target so that
++ the conffiles are already there for listing. Without this nothing in
++ /etc gets tagged as conffile... (lintian).
++ - debian/rules: Pass the start and stop priority of slapd to
++ dh_installinit in preparation for a postinst supported by debhelper.
++ - debian/rules: Call dh_installdirs again.
++ - Rewrite slapd.config, slapd.postinst, slapd.templates - a first try
++ in getting slapd to configure itself. Way to go.
++
++ * Roland Bauerschmidt <rb@debian.org>
++ - debian/control:
++ - build-depend on libdb4.1-dev instead of libdb4.0-dev
++ - conflict, replace, and provide libldap2-tls (libldap2)
++ - removed ldap-gateways binary package
++ - drop suggestion to obsolete openldap-guide. Closes: #171894, #146968.
++ - debian/rules:
++ - build with BDB backend
++ - run dh_installdeb
++ - only run dh_makeshlibs for libldap2
++ - debian/slapd.dirs: added to create /var/lib/ldap and /var/spool/slurpd
++ - debian/slapd.postinst:
++ - properly remove temporary files on errors. Closes: #160412.
++ - install init.d link if slapd.conf already exists. Closes: #159542.
++ - run db_stop even if package isn't configured for the first time. This
++ prevents hanging during upgrades.
++ - added debian/slapd.default and use it from debian/slapd.init.
++ Closes: #160964, #176832.
++ - added debian/slapd.README.Debian
++ - added versioned dependency on coreutils to make lintian quiet.
++ - added debian/slapd.postrm
++ - remove slapd.conf when package is purged
++ - remove /var/lib/ldap when slapd/purge_database is true
++ - remove /etc/ldap/schema if empty. Closes: #185173.
++ - debian/templates: added slapd/purge_database template
++ - build/top.mk: link against libcrypt before other SECURITY_LIBS
++ - debian/libldap2.shlibs: tighten dependencies. Closes: #181168.
++
++ * Stephen Frost <sfrost@debian.org>
++ - debian/control: added libltdl2-dev and libslp-dev to the build-depends
++ - Correct typo for back-sql init routine; already in OpenLDAP upstream
++ CVS
++ - Correct free of SASL interact results; already in OpenLDAP upstream CVS
++ - Duplicate the DN from SASL to ensure '\0' termination; already in
++ OpenLDAP upstream CVS
++ - debian/control: added Replaces: slapd (<< 2.1) for ldap-utils due to
++ ldif.5 move.
++ - Add modulepath /usr/lib/ldap to default slapd config
++ - Add moduleload back_bdb to default slapd config
++ - Changed libexecdir to ${prefix}/lib
++ - Add usr/lib/ldap to slapd portion of move_files
++ - Modified backend types to be built as modules for dynamic loading
++ - Fixed pt_BR translation
++
++ -- Roland Bauerschmidt <rb@debian.org> Sat, 15 Mar 2003 21:35:24 +0100
++
++openldap2 (2.0.27-3) unstable; urgency=high
++
++ * [SECURITY]: Apply the patch used by SuSE in SuSE-SA:2002:047
++ (or rather the parts of it not yet included upstream).
++
++ -- Torsten Landschoff <torsten@debian.org> Fri, 20 Dec 2002 04:47:15 +0100
++
++openldap2 (2.0.27-2) unstable; urgency=low
++
++ * debian/control: Make libldap2-dev depend on libssl-dev and
++ libsasl-dev, since those libs are pulled via the libldap.la file
++ (closes: #164791).
++ * debian/control: Add shlibs:Depends to libldap2-tls as well. Most
++ of those depends are pulled via libldap2 but of course libssl
++ is not among those. (closes: #169950).
++ * debian/libldap2-tls: Remove old divertions on "configure" and not
++ on "upgrade" - the latter is not really called.
++
++ -- Torsten Landschoff <torsten@debian.org> Fri, 22 Nov 2002 00:35:29 +0100
++
++openldap2 (2.0.27-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Torsten Landschoff <torsten@debian.org> Wed, 6 Nov 2002 01:12:06 +0100
++
++openldap2 (2.0.23-14) unstable; urgency=low
++
++ * debian/rules: Remove search paths from .la files using some perl
++ trickery (closes: #110479).
++ * debian/libldap2.README.debian: Document the NSS problem which stops /usr
++ from being unmounted cleanly when using libnss-ldap (for more info
++ see bug#159771).
++
++ * Started cleaning up the maintainer scripts:
++ - Remove creation of the /usr/doc symlinks (lintian).
++ - Don't run ldconfig in prerm scripts (lintian).
++
++ -- Torsten Landschoff <torsten@debian.org> Mon, 30 Sep 2002 12:10:05 +0200
++
++openldap2 (2.0.23-13) unstable; urgency=low
++
++ * As Ashley Clark found out the preinst of libldap-tls fails for a new
++ install. My fault - I did not check that (removing ldap is cumbersome
++ if you are using it... :) and the scripts were only checked without
++ "set -e" in effect.
++ + debian/libldap2-tls.preinst: Apply Ashley's patch (thanks a lot,
++ Ashley. closes: #162123).
++ + Coincidently the other installation scripts seem to be okay, the
++ failing command is in the middle of a pipe and therefore ignored.
++
++ -- Torsten Landschoff <torsten@debian.org> Tue, 24 Sep 2002 12:56:18 +0200
++
++openldap2 (2.0.23-12) unstable; urgency=low
++
++ * Apply the patch from upstream ITS#2012 to support MD5 hashes. Problem
++ is that OpenSSL comes with its own version of the crypt() function
++ which is linked in instead of the system's version from libcrypt.
++ The patch changes the link order so that slapd takes the system's
++ implementation.
++ * debian/rules: Pass --enable-crypt-first to configure to enable the
++ patch (closes: #160763).
++ * Fix the diversion handling of libldap2-tls:
++ - preinst: Only install diversions that are not there.
++ - postrm: Remove this package's diversions.
++ - postinst: Remove obsolete diversions after upgrade.
++ - Removal of diversions is done in reverted order of the installation.
++
++ * Enable DNSSRV support as requested by Turbo. No Kerberos for now, sorry.
++ * debian/control: Updates Standards-Version to 3.5.7 and fix running
++ of ldconfig in maintainer scripts.
++
++ -- Torsten Landschoff <torsten@debian.org> Mon, 23 Sep 2002 12:18:40 +0200
++
++openldap2 (2.0.23-11) unstable; urgency=low
++
++ * debian/rules: Build with --with-tls (closes: #80591, #155937).
++ * debian/control:
++ + Add build dependency on libssl-dev.
++ + Specify Roland Bauerschmidt as co maintainer.
++ * Added the trickery to have libldap2 without TLS and libldap2-tls
++ with the TLS stuff. Otherwise we have to change the base system,
++ and god knows how long that would take.
++
++ Most of the changes done by Roland Bauerschmidt. We now build the
++ source two times - with and without ssl. We mostly use the ssl enabled
++ stuff with the exception of a libldap2 package which does not have
++ support for that. If you need TLS support you have to install
++ libldap2-tls, which diverts the libraries from libldap2 out of the
++ way and replaces them with the TLS enabled version.
++
++ -- Torsten Landschoff <torsten@debian.org> Thu, 29 Aug 2002 13:35:39 +0200
++
++openldap2 (2.0.23-10) unstable; urgency=low
++
++ * debian/control: Build depend on libdb4.0-dev instead of libdb3-dev.
++ This should fix the index corruption problems (closes: #152959).
++
++ -- Torsten Landschoff <torsten@debian.org> Sun, 18 Aug 2002 19:47:02 +0200
++
++openldap2 (2.0.23-9) unstable; urgency=low
++
++ * debian/slapd.init: Wait for the daemons to actually terminate for
++ the stop action (which is used for restart) and trap all errors
++ (closes: #148033).
++ * debian/rules: Build with -D_FILE_OFFSET_BITS=64 to support files
++ bigger than 2GB on all architectures (closes: #155197). As off_t is
++ about never used in the source that should not create any problems.
++ * debian/control: Make libldap2-dev depend on libsasl-dev
++ (closes: #135223, #96957).
++ * doc/man/man1/ldapmodify.1: Fix typo (closes: #105905).
++ * debian/rules: Create symlinks for some manpages (closes: #99547).
++ * Fix spelling error in description of ldap-gateways (closes: #124859).
++ * debian/copyright: Include the full content of the LICENSE file
++ (closes: #151222).
++
++ -- Torsten Landschoff <torsten@debian.org> Thu, 8 Aug 2002 15:54:46 +0200
++
++openldap2 (2.0.23-8) unstable; urgency=low
++
++ * New maintainer.
++ * debian/control: Build-Conflict with libbind-dev to use the right
++ resolver library everywhere (closes: #112459). Of course, the
++ real solution must be to fix the configure script to not detect
++ libbind-dev and use the right resolver all the time. But a work around
++ is better than nothing I would say...
++
++ -- Torsten Landschoff <torsten@debian.org> Wed, 7 Aug 2002 14:53:39 +0200
++
++openldap2 (2.0.23-7) unstable; urgency=low
++
++ * Add Brazilian translation for debconf templates. Closes: Bug#114021
++ * Fix hostless LDAP URLs, patch from Lamont Jones. Closes: Bug#140387
++
++ -- Wichert Akkerman <wakkerma@debian.org> Sat, 4 May 2002 20:05:32 +0200
++
++openldap2 (2.0.23-6) unstable; urgency=high
++
++ * Make slapd.config idempotent, so that calling it once (during
++ preconfiguration) and again (during postinst) doesn't break things.
++ Patch from Anthony Towns. Closes: Bug#137552).
++
++ -- Wichert Akkerman <wakkerma@debian.org> Sun, 14 Apr 2002 19:10:50 +0200
++
++openldap2 (2.0.23-5) unstable; urgency=high
++
++ * Fix slurpd invocation in slapd.init. Closes: Bug#141959
++ * Ask for admin DN when using LDIF initialization as well.
++ Lets hope this finally Closes: Bug#137552
++ * Merge German translation for debconf templates. Closes: Bug#141712
++ * Add Build-Depends on debconf-utils since we use debconf-mergetemplate
++ * Remove bogus error from slapd.init. Closes: Bug#137718
++
++ -- Wichert Akkerman <wakkerma@debian.org> Tue, 9 Apr 2002 14:49:27 +0200
++
++openldap2 (2.0.23-4) unstable; urgency=high
++
++ * Only show already-configured note on initial installs. Closes: Bug#137100
++ * Supply -t option to slurpd when starting it, not when stopping it.
++ Closes: Bug#136240
++ * Use db_input instead of db_get for notes in the slapd postinst.
++ * Only fetch password from debconf when not using ldif initialization.
++ Closes: Bug#138558,#137552
++ * Check if slapd.conf exists in slapd postinst. Closes: Bug#138136
++
++ -- Wichert Akkerman <wakkerma@debian.org> Sat, 6 Apr 2002 23:02:42 +0200
++
++openldap2 (2.0.23-3) unstable; urgency=high
++
++ * If can not get a password for the admin entry when installing slapd
++ generate one randomly. Closes: Bug#134774
++ * Bump shlibs dependency to 2.0.23
++
++ -- Wichert Akkerman <wakkerma@debian.org> Thu, 21 Feb 2002 23:23:57 +0100
++
++openldap2 (2.0.23-2) unstable; urgency=high
++
++ * Create /var/spool/slurpd and tell slurpd to use that as temporary
++ directory. Closes: Bug#134564
++ * Improve debconf prompts a bit. Closes: Bug#134945
++ * Properly set default value for domain
++ * Clear crypted password from debconf after creating the LDAP directory
++
++ -- Wichert Akkerman <wakkerma@debian.org> Sun, 17 Feb 2002 16:07:18 +0100
++
++openldap2 (2.0.23-1) unstable; urgency=high
++
++ * Upstream updated config.{guess,sub} so we are back to zero patches
++ again.
++ * Apply fix from Klaus Duscher for the missing password problem: the
++ config script did not check if it was run twice without slapd.conf
++ being generated in between and would abort with a missing password
++ error. Closes: Bug#132566
++ * Change slapd priority for boot sequence to start earlier and stop
++ later so people can use LDAP for NSS purposes. Closes: Bug#130277
++
++ -- Wichert Akkerman <wakkerma@debian.org> Sun, 17 Feb 2002 16:07:18 +0100
++
++openldap2 (2.0.22-2) unstable; urgency=low
++
++ * Update config.{guess,sub} again. Closes: Bug#131469
++
++ -- Wichert Akkerman <wakkerma@debian.org> Thu, 7 Feb 2002 22:33:01 +0100
++
++openldap2 (2.0.22-1) unstable; urgency=low
++
++ * New upstream version
++ * Build properly as non-native package
++
++ -- Wichert Akkerman <wakkerma@debian.org> Wed, 6 Feb 2002 00:17:20 +0100
++
++openldap2 (2.0.21-3) unstable; urgency=high
++
++ * Add logic to config and postinst to configure replication as well
++ * Don't fail in slapd postinst if we can't stop slapd. Closes: Bug#131617
++ * Change localstatedir to /var/lib
++ * Remove /var/lib/ldap when purging slapd
++ * Don't remove user-supplied ldif file after creating the directory
++ * Set default replogfile
++ * Fix typo in severity for no_password note
++ * Encrypt admin password and remove it from the debconf database
++
++ -- Wichert Akkerman <wakkerma@debian.org> Thu, 31 Jan 2002 17:03:36 +0100
++
++openldap2 (2.0.21-2) unstable; urgency=medium
++
++ * Update config.{guess,sub} and forwarded upstream (ITS#1567).
++ Closes: Bug#131469
++ * Remove -x from slapd postinst. Closes: Bug#131502
++
++ -- Wichert Akkerman <wakkerma@debian.org> Wed, 30 Jan 2002 10:53:45 +0100
++
++openldap2 (2.0.21-1) unstable; urgency=high
++
++ * New upstream version,
++ * Update copyright
++ * Update config.guess and config.sub
++ * Redone packaging, no more dbs or debhelper
++ * Drop all patches, they are either unnecessary or alternatives have
++ been made upstream
++
++ -- Wichert Akkerman <wakkerma@debian.org> Tue, 29 Jan 2002 17:04:10 +0100
++
++openldap2 (2.0.14-1) unstable; urgency=high
++
++ * New upstream version, which includes a billion second bug.
++ Closes: Bug#111833
++ * Drop 005_libldbm_dbopen, upgrading the database in place no longer works
++ with the new db-env code.
++ * Redo 008_porting_maxpathlen
++
++ -- Wichert Akkerman <wakkerma@debian.org> Sat, 15 Sep 2001 13:39:46 +0200
++
++openldap2 (2.0.11-2) unstable; urgency=low
++
++ * Test if /etc/init.d/slapd is executable when purging slapd.
++ Closes: Bug#100938
++ * Update 008_porting_maxpathlen. Closes: Bug#100584
++ * Don't use four11 as referral example anymore. Closes: Bug#99998
++ * Fix synopsis of slapindex manpage. Added to 002_man_fixes.
++ Closes: Bug#98805
++ * Removed stray backup file from 002_man_fixes
++
++ -- Wichert Akkerman <wakkerma@debian.org> Tue, 19 Jun 2001 01:01:17 +0200
++
++openldap2 (2.0.11-1) unstable; urgency=low
++
++ * New upstream version
++ * Add autoconf to Build-Depends. Closes: Bug#99440
++ * Fix new db upgrade patch. Closes: Bug#98853
++
++ -- Wichert Akkerman <wakkerma@debian.org> Sun, 3 Jun 2001 00:25:47 +0200
++
++openldap2 (2.0.10-2) unstable; urgency=low
++
++ * Tighten shlibs dependency to >= 2.0.1-1. Closes: Bug#98683
++
++ -- Wichert Akkerman <wakkerma@debian.org> Fri, 25 May 2001 16:32:35 +0200
++
++openldap2 (2.0.10-1) unstable; urgency=low
++
++ * New upstream version
++ * New maintainer
++ * Remove useless LINE_WIDTH bit from patch 000_clients
++ * Patch 004_ssl_fix has been merged upstream, removed
++ * Redo 005_db3_upgrade
++ * Rediff all other patches
++
++ -- Wichert Akkerman <wakkerma@debian.org> Thu, 24 May 2001 14:56:02 +0200
++
++openldap2 (2.0.7-6) unstable; urgency=low
++
++ * Make sure autoconf is run if configure.in is changed (for Hurd patch),
++ closes: #96145
++ * Fix slapd.postinst in the case of using an ldif file, closes: #95600
++ * Use a var for slapd.conf in slapd init script. Partially fixes bug
++ 91318.
++ * Fixed hurd patch for strrchr in replog.c, closes: #93605
++
++ -- Ben Collins <bcollins@debian.org> Mon, 7 May 2001 23:00:27 -0400
++
++openldap2 (2.0.7-5) unstable; urgency=low
++
++ * Fixed db3 upgrade code, closes: #92331, #92916
++ * m68k should compile fine with db3 now, closes: #90165
++ * Included provided patch for Hurd compilation, closes: #88079
++
++ -- Ben Collins <bcollins@debian.org> Wed, 4 Apr 2001 17:46:47 -0400
++
++openldap2 (2.0.7-4) unstable; urgency=low
++
++ * slapd.conf is no longer a conffile, and not provided by the package.
++ Instead, it is only generated. closes: #81359
++ * Fixed by previous upload, closes: #71852, #78950, #82491
++ * Actually install the netscape schema, closes: #90323
++ * Add comment to README.Debian about being compiled with libwrap,
++ closes: #84954
++ * Provide example sasl config file, closes: #90855
++ * Conflict replace openldap-utils (ldap-utils), and libopenldap-dev
++ (libldap2-dev), closes: #71471
++ * Revert to using some code to upgrade previous db's. Remove slapd's dep
++ on db3-util, and remove postinst code that upgrades the db's.
++
++ -- Ben Collins <bcollins@debian.org> Sat, 24 Mar 2001 21:59:20 -0500
++
++openldap2 (2.0.7-3) unstable; urgency=low
++
++ * netscape-profile.schema: new schema for old roaming support
++ * 004_ssl_fix.diff: Fix for SSL support (not compiled in, but some
++ people use it).
++ * slapd.config: FINALLY fix the "dc=" base bug.
++ * Build-Depend on libdb3-dev now that it is available.
++ * Now that we use db3, make sure we upgrade existing databases to the
++ db3 format with db3_upgrade.
++
++ -- Ben Collins <bcollins@debian.org> Sun, 11 Mar 2001 23:36:34 -0500
++
++openldap2 (2.0.7-2) unstable; urgency=low
++
++ * slapd.postinst: fix debhelper wraper so it gets the right @argv,
++ closes: #71854
++ * sendmail appears to be compiled against glibc2.2/libdb2 now,
++ closes: #71602
++ * %strace ldapsearch cn=admin | & grep /etc | grep ldap
++ open("/etc/ldap/ldap.conf", O_RDONLY) = 3
++ closes: #71716
++ * ldap_first_attribute.3: s/ber_free(3)/ber_free/. closes: #76719
++ * init.d/slapd: fix reference to pidfile, and also remove the pidfile
++ after killing the daemon, closes: #77633, #77635
++ * Fix fgets buffer size thinko in slurpd. closes: #78003
++ * slapd.8: s/ldap.h/slapd.conf(5)/. closes: #80457
++
++ -- Ben Collins <bcollins@debian.org> Sun, 31 Dec 2000 00:02:46 -0500
++
++openldap2 (2.0.7-1) unstable; urgency=low
++
++ * New upstream
++ * Removed hack for shlibs now that dpkg 1.7 is available, added dpkg-dev
++ 1.7.1 to build-depends.
++ * start using DH_COMPAT=2
++
++ -- Ben Collins <bcollins@debian.org> Fri, 10 Nov 2000 18:53:25 -0500
++
++openldap2 (2.0.2-2) unstable; urgency=low
++
++ * Recompile against libdb2/glibc 2.1.94/sasl
++
++ -- Ben Collins <bcollins@debian.org> Wed, 27 Sep 2000 11:31:59 -0400
++
++openldap2 (2.0.2-1) unstable; urgency=low
++
++ * New upstream version, includes some patches from me that fix some
++ stability issues
++ * debian/control:Build-Depends: change libwrap-dev to libwrap0-dev for
++ clarity, closes: #71366
++ * debian/rules: make sure mail500 docs do not get installed under bogus
++ subdirs, closes: #71473
++ * debian/README.build,debian/scripts/dbs-build.mk: Fix and document
++ build system better, closes: #71584
++ * debian/local/slapd.conf: Setup default ACL's to work with openldap2
++ correctly, closes: #71127, #71131
++ * debian/README: document how to access OpenLDAP 1 servers via
++ ldap-utils, closes: #71469
++ * debian/rules:CFLAGS: add -I/usr/include/db2 to make sure we get the
++ right <db.h> header, closes: #71470
++ * I cannot reproduce this. In debian/rules I have done exactly what is
++ needed to keep it from happening, and sparc, i386 and powerpc builds
++ do not show it, closes: #71472
++
++ -- Ben Collins <bcollins@debian.org> Wed, 13 Sep 2000 22:32:35 -0400
++
++openldap2 (2.0.1-2) unstable; urgency=low
++
++ * Fixed up depend for libldap2 on itself
++
++ -- Ben Collins <bcollins@debian.org> Wed, 6 Sep 2000 13:24:06 -0400
++
++openldap2 (2.0.1-1) unstable; urgency=low
++
++ * New upstream version
++ * Added libsasl-dev to build-deps, closes: #70923
++
++ -- Ben Collins <bcollins@debian.org> Tue, 5 Sep 2000 06:49:05 -0400
++
++openldap2 (2.0-1) unstable; urgency=low
++
++ * Initial release of OpenLDAP 2 test code
++
++ -- Ben Collins <bcollins@debian.org> Tue, 29 Aug 2000 14:28:39 -0400
--- /dev/null
--- /dev/null
++debian/libldap-2.4-2.links
++debian/libldap2-dev.links
--- /dev/null
--- /dev/null
++10
--- /dev/null
--- /dev/null
++#`configure' configures this package to adapt to many kinds of systems.
++#
++#Usage: ./configure [OPTION]... [VAR=VALUE]...
++#
++#To assign environment variables (e.g., CC, CFLAGS...), specify them as
++#VAR=VALUE. See below for descriptions of some of the useful variables.
++#
++#Defaults for the options are specified in brackets.
++#
++#Configuration:
++# -h, --help display this help and exit
++# --help=short display options specific to this package
++# --help=recursive display the short help of all the included packages
++# -V, --version display version information and exit
++# -q, --quiet, --silent do not print `checking...' messages
++# --cache-file=FILE cache test results in FILE [disabled]
++# -C, --config-cache alias for `--cache-file=config.cache'
++# -n, --no-create do not create output files
++# --srcdir=DIR find the sources in DIR [configure dir or `..']
++#
++#Installation directories:
++# --prefix=PREFIX install architecture-independent files in PREFIX
++# [/usr/local]
++--prefix=/usr
++# --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
++# [PREFIX]
++#
++#By default, `make install' will install all the files in
++#`/usr/local/bin', `/usr/local/lib' etc. You can specify
++#an installation prefix other than `/usr/local' using `--prefix',
++#for instance `--prefix=$HOME'.
++#
++#For better control, use the options below.
++#
++#Fine tuning of the installation directories:
++# --bindir=DIR user executables [EPREFIX/bin]
++# --sbindir=DIR system admin executables [EPREFIX/sbin]
++# --libexecdir=DIR program executables [EPREFIX/libexec]
++--libexecdir='${prefix}/lib'
++# --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
++--sysconfdir=/etc
++# --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
++# --localstatedir=DIR modifiable single-machine data [PREFIX/var]
++--localstatedir=/var
++# --libdir=DIR object code libraries [EPREFIX/lib]
++# --includedir=DIR C header files [PREFIX/include]
++# --oldincludedir=DIR C header files for non-gcc [/usr/include]
++# --datarootdir=DIR read-only arch.-independent data root [PREFIX/share]
++# --datadir=DIR read-only architecture-independent data [DATAROOTDIR]
++# --infodir=DIR info documentation [DATAROOTDIR/info]
++# --localedir=DIR locale-dependent data [DATAROOTDIR/locale]
++# --mandir=DIR man documentation [DATAROOTDIR/man]
++--mandir='${prefix}/share/man'
++# --docdir=DIR documentation root [DATAROOTDIR/doc/PACKAGE]
++# --htmldir=DIR html documentation [DOCDIR]
++# --dvidir=DIR dvi documentation [DOCDIR]
++# --pdfdir=DIR pdf documentation [DOCDIR]
++# --psdir=DIR ps documentation [DOCDIR]
++#
++#Program names:
++# --program-prefix=PREFIX prepend PREFIX to installed program names
++# --program-suffix=SUFFIX append SUFFIX to installed program names
++# --program-transform-name=PROGRAM run sed PROGRAM on installed program names
++#
++#System types:
++# --build=BUILD configure for building on BUILD [guessed]
++# --host=HOST cross-compile to build programs to run on HOST [BUILD]
++# --target=TARGET configure for building compilers for TARGET [HOST]
++#
++#Optional Features:
++# --disable-option-checking ignore unrecognized --enable/--with options
++# --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
++# --enable-FEATURE[=ARG] include FEATURE [ARG=yes]
++# --enable-debug enable debugging no|yes|traditional [yes]
++--enable-debug
++# --enable-dynamic enable linking built binaries with dynamic libs [no]
++--enable-dynamic
++# --enable-syslog enable syslog support [auto]
++--enable-syslog
++# --enable-proctitle enable proctitle support [yes]
++--enable-proctitle
++# --enable-ipv6 enable IPv6 support [auto]
++--enable-ipv6
++# --enable-local enable AF_LOCAL (AF_UNIX) socket support [auto]
++--enable-local
++#
++#SLAPD (Standalone LDAP Daemon) Options:
++# --enable-slapd enable building slapd [yes]
++--enable-slapd
++# --enable-dynacl enable run-time loadable ACL support (experimental) [no]
++--enable-dynacl
++# --enable-aci enable per-object ACIs (experimental) no|yes|mod [no]
++--enable-aci
++# --enable-cleartext enable cleartext passwords [yes]
++--enable-cleartext
++# --enable-crypt enable crypt(3) passwords [no]
++--enable-crypt
++# --enable-lmpasswd enable LAN Manager passwords [no]
++--disable-lmpasswd
++# --enable-spasswd enable (Cyrus) SASL password verification [no]
++--enable-spasswd
++# --enable-modules enable dynamic module support [no]
++--enable-modules
++# --enable-rewrite enable DN rewriting in back-ldap and rwm overlay [auto]
++--enable-rewrite
++# --enable-rlookups enable reverse lookups of client hostnames [no]
++--enable-rlookups
++# --enable-slapi enable SLAPI support (experimental) [no]
++--enable-slapi
++# --enable-slp enable SLPv2 support [no]
++--disable-slp
++# --enable-wrappers enable tcp wrapper support [no]
++--enable-wrappers
++#
++#SLAPD Backend Options:
++# --enable-backends enable all available backends no|yes|mod
++--enable-backends=mod
++# --enable-bdb enable Berkeley DB backend no|yes|mod [yes]
++# --enable-dnssrv enable dnssrv backend no|yes|mod [no]
++# --enable-hdb enable Hierarchical DB backend no|yes|mod [yes]
++# --enable-ldap enable ldap backend no|yes|mod [no]
++# --enable-mdb enable mdb database backend no|yes|mod [yes]
++# --enable-meta enable metadirectory backend no|yes|mod [no]
++# --enable-monitor enable monitor backend no|yes|mod [yes]
++# --enable-ndb enable MySQL NDB Cluster backend no|yes|mod [no]
++--disable-ndb
++# --enable-null enable null backend no|yes|mod [no]
++# --enable-passwd enable passwd backend no|yes|mod [no]
++# --enable-perl enable perl backend no|yes|mod [no]
++# --enable-relay enable relay backend no|yes|mod [yes]
++# --enable-shell enable shell backend no|yes|mod [no]
++# --enable-sock enable sock backend no|yes|mod [no]
++# --enable-sql enable sql backend no|yes|mod [no]
++#
++#SLAPD Overlay Options:
++# --enable-overlays enable all available overlays no|yes|mod
++--enable-overlays=mod
++# --enable-accesslog In-Directory Access Logging overlay no|yes|mod [no]
++# --enable-auditlog Audit Logging overlay no|yes|mod [no]
++# --enable-collect Collect overlay no|yes|mod [no]
++# --enable-constraint Attribute Constraint overlay no|yes|mod [no]
++# --enable-dds Dynamic Directory Services overlay no|yes|mod [no]
++# --enable-deref Dereference overlay no|yes|mod [no]
++# --enable-dyngroup Dynamic Group overlay no|yes|mod [no]
++# --enable-dynlist Dynamic List overlay no|yes|mod [no]
++# --enable-memberof Reverse Group Membership overlay no|yes|mod [no]
++# --enable-ppolicy Password Policy overlay no|yes|mod [no]
++# --enable-proxycache Proxy Cache overlay no|yes|mod [no]
++# --enable-refint Referential Integrity overlay no|yes|mod [no]
++# --enable-retcode Return Code testing overlay no|yes|mod [no]
++# --enable-rwm Rewrite/Remap overlay no|yes|mod [no]
++# --enable-seqmod Sequential Modify overlay no|yes|mod [no]
++# --enable-sssvlv ServerSideSort/VLV overlay no|yes|mod [no]
++# --enable-syncprov Syncrepl Provider overlay no|yes|mod [yes]
++# --enable-translucent Translucent Proxy overlay no|yes|mod [no]
++# --enable-unique Attribute Uniqueness overlay no|yes|mod [no]
++# --enable-valsort Value Sorting overlay no|yes|mod [no]
++#
++#Library Generation & Linking Options
++# --enable-static[=PKGS] build static libraries [default=yes]
++# --enable-shared[=PKGS] build shared libraries [default=yes]
++# --enable-fast-install[=PKGS]
++# optimize for fast installation [default=yes]
++# --disable-dependency-tracking speeds up one-time build
++# --enable-dependency-tracking do not reject slow dependency extractors
++# --disable-libtool-lock avoid locking (might break parallel builds)
++#
++#Optional Packages:
++# --with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
++# --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
++# --with-subdir=DIR change default subdirectory used for installs
++--with-subdir=ldap
++# --with-cyrus-sasl with Cyrus SASL support [auto]
++--with-cyrus-sasl
++# --with-fetch with fetch(3) URL support [auto]
++# --with-threads with threads [auto]
++--with-threads
++# --with-tls with TLS/SSL support auto|openssl|gnutls|moznss [auto]
++--with-tls=gnutls
++# --with-yielding-select with implicitly yielding select [auto]
++# --with-mp with multiple precision statistics auto|longlong|long|bignum|gmp [auto]
++# --with-odbc with specific ODBC support iodbc|unixodbc|odbc32|auto [auto]
++--with-odbc=unixodbc
++# --with-gnu-ld assume the C compiler uses GNU ld [default=no]
++# --with-pic try to use only PIC/non-PIC objects [default=use
++# both]
++# --with-tags[=TAGS] include additional configurations [automatic]
++#
++#See INSTALL file for further details.
++#
++#Some influential environment variables:
++# CC C compiler command
++# CFLAGS C compiler flags
++# LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
++# nonstandard directory <lib dir>
++# LIBS libraries to pass to the linker, e.g. -l<library>
++# CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
++# you have headers in a nonstandard directory <include dir>
++# CPP C preprocessor
++#
++#Use these variables to override the choices made by `configure' or to help
++#it to find libraries and programs with nonstandard names/locations.
++#
++#Report bugs to the package provider.
--- /dev/null
--- /dev/null
++Source: openldap
++Section: net
++Priority: optional
++Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
++Uploaders: Steve Langasek <vorlon@debian.org>,
++ Torsten Landschoff <torsten@debian.org>,
++ Ryan Tandy <ryan@nardis.ca>
++Build-Depends: debhelper (>= 10),
++ dpkg-dev (>= 1.17.14),
++ groff-base,
++ heimdal-multidev (>= 7.4.0.dfsg.1-1~) <!pkg.openldap.noslapd>,
++ libargon2-dev <!pkg.openldap.noslapd>,
++ libdb5.3-dev <!pkg.openldap.noslapd>,
++ libgnutls28-dev,
++ libltdl-dev <!pkg.openldap.noslapd>,
++ libperl-dev (>= 5.8.0) <!pkg.openldap.noslapd>,
++ libsasl2-dev,
++ libwrap0-dev <!pkg.openldap.noslapd>,
++ nettle-dev <!pkg.openldap.noslapd>,
++ perl:any,
++ po-debconf,
++ unixodbc-dev <!pkg.openldap.noslapd>
++Build-Conflicts: libbind-dev, bind-dev, autoconf2.13
++Standards-Version: 4.5.0
++Homepage: https://www.openldap.org/
++Rules-Requires-Root: no
++Vcs-Git: https://salsa.debian.org/openldap-team/openldap.git
++Vcs-Browser: https://salsa.debian.org/openldap-team/openldap
++
++Package: slapd
++Architecture: any
++Build-Profiles: <!pkg.openldap.noslapd>
++Pre-Depends: debconf (>= 0.5) | debconf-2.0, ${misc:Pre-Depends}
++Depends: ${shlibs:Depends}, libldap-2.4-2 (= ${binary:Version}),
++ coreutils (>= 4.5.1-1), psmisc, perl:any (>> 5.8.0) | libmime-base64-perl,
++ adduser, lsb-base (>= 3.2-13), ${perl:Depends}, ${misc:Depends}
++Recommends: ldap-utils
++Suggests: libsasl2-modules,
++ libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal
++Conflicts: umich-ldapd, ldap-server, libltdl3 (= 1.5.4-1)
++Replaces: libldap2, ldap-utils (<< 2.2.23-3)
++Provides: ldap-server, ${slapd:Provides}
++Description: OpenLDAP server (slapd)
++ This is the OpenLDAP (Lightweight Directory Access Protocol) server
++ (slapd). The server can be used to provide a standalone directory
++ service.
++
++Package: slapd-contrib
++Architecture: any
++Build-Profiles: <!pkg.openldap.noslapd>
++Depends: slapd (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}
++Provides: slapd-smbk5pwd
++Breaks: slapd-smbk5pwd (<< 2.4.47+dfsg-2~)
++Replaces: slapd-smbk5pwd (<< 2.4.47+dfsg-2~)
++Description: contributed plugins for OpenLDAP slapd
++ This package contains a number of slapd overlays and plugins contributed by
++ the OpenLDAP community. While distributed as part of OpenLDAP Software, they
++ are not necessarily supported by the OpenLDAP Project.
++
++Package: slapd-smbk5pwd
++Architecture: all
++Section: oldlibs
++Build-Profiles: <!pkg.openldap.noslapd>
++Depends: slapd-contrib, ${misc:Depends}
++Breaks: slapd (<< 2.4.47+dfsg-2~)
++Description: transitional package for slapd-contrib
++ This is a transitional package from slapd-smbk5pwd to slapd-contrib. It can be
++ safely removed.
++
++Package: ldap-utils
++Architecture: any
++Depends: ${shlibs:Depends}, libldap-2.4-2 (= ${binary:Version}), ${misc:Depends}
++Suggests: libsasl2-modules,
++ libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal
++Conflicts: umich-ldap-utils, openldap-utils, ldap-client
++Replaces: openldap-utils, slapd (<< 2.2.23-0.pre6), openldapd
++Provides: ldap-client, openldap-utils
++Description: OpenLDAP utilities
++ This package provides utilities from the OpenLDAP (Lightweight
++ Directory Access Protocol) package. These utilities can access a
++ local or remote LDAP server and contain all the client programs
++ required to access LDAP servers.
++
++Package: libldap-2.4-2
++Section: libs
++Architecture: any
++Multi-Arch: same
++Conflicts: ldap-utils (<= 2.1.23-1)
++Pre-Depends: ${misc:Pre-Depends}
++Depends: ${shlibs:Depends}, ${misc:Depends}
++Recommends: libldap-common
++Replaces: libldap2, libldap-2.3-0
++Description: OpenLDAP libraries
++ These are the run-time libraries for the OpenLDAP (Lightweight Directory
++ Access Protocol) servers and clients.
++
++Package: libldap-common
++Section: libs
++Architecture: all
++Multi-Arch: foreign
++Depends: ${misc:Depends}
++Replaces: libldap-2.4-2 (<< 2.4.44+dfsg-1)
++Description: OpenLDAP common files for libraries
++ These are common files for the run-time libraries for the OpenLDAP
++ (Lightweight Directory Access Protocol) servers and clients.
++
++Package: libldap2-dev
++Section: libdevel
++Architecture: any
++Multi-Arch: same
++Conflicts: libldap-dev, libopenldap-dev
++Replaces: libopenldap-dev
++Provides: libldap-dev
++Depends: libldap-2.4-2 (= ${binary:Version}), ${misc:Depends}
++Description: OpenLDAP development libraries
++ This package allows development of LDAP applications using the OpenLDAP
++ libraries. It includes headers, libraries and links to allow static and
++ dynamic linking.
++
++Package: slapi-dev
++Section: libdevel
++Architecture: any
++Build-Profiles: <!pkg.openldap.noslapd>
++Depends: slapd (= ${binary:Version}), ${misc:Depends}
++Description: development libraries for OpenLDAP SLAPI plugin interface
++ This package allows development of plugins for the OpenLDAP slapd server
++ using the SLAPI interface. It includes the headers and libraries needed
++ to build such plugins.
--- /dev/null
--- /dev/null
++This package was downloaded from:
++
++ <http://www.openldap.org/>
++
++The upstream distribution has been repackaged to remove the RFCs and
++Internet-Drafts included in the upstream distribution, since the Internet
++Society license does not meet the Debian Free Software Guidelines. The
++schema files that contain verbatim text from RFCs or Internet-Drafts have
++similarly been removed and are replaced during the package build with
++versions stripped of the literal RFC or Internet-Draft text.
++
++Copyright:
++
++Copyright 1998-2016 The OpenLDAP Foundation
++All rights reserved.
++
++Redistribution and use in source and binary forms, with or without
++modification, are permitted only as authorized by the OpenLDAP
++Public License.
++
++A copy of this license is available in the file LICENSE in the
++top-level directory of the distribution or, alternatively, at
++<http://www.OpenLDAP.org/license.html>.
++
++OpenLDAP is a registered trademark of the OpenLDAP Foundation.
++
++Individual files and/or contributed packages may be copyright by
++other parties and/or subject to additional restrictions.
++
++This work is derived from the University of Michigan LDAP v3.3
++distribution. Information concerning this software is available
++at <http://www.umich.edu/~dirsvcs/ldap/ldap.html>.
++
++This work also contains materials derived from public sources.
++
++Additional information about OpenLDAP can be obtained at
++<http://www.openldap.org/>.
++
++---
++
++The OpenLDAP Public License
++ Version 2.8, 17 August 2003
++
++Redistribution and use of this software and associated documentation
++("Software"), with or without modification, are permitted provided
++that the following conditions are met:
++
++1. Redistributions in source form must retain copyright statements
++ and notices,
++
++2. Redistributions in binary form must reproduce applicable copyright
++ statements and notices, this list of conditions, and the following
++ disclaimer in the documentation and/or other materials provided
++ with the distribution, and
++
++3. Redistributions must contain a verbatim copy of this document.
++
++The OpenLDAP Foundation may revise this license from time to time.
++Each revision is distinguished by a version number. You may use
++this Software under terms of this license revision or under the
++terms of any subsequent revision of the license.
++
++THIS SOFTWARE IS PROVIDED BY THE OPENLDAP FOUNDATION AND ITS
++CONTRIBUTORS ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
++INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
++AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
++SHALL THE OPENLDAP FOUNDATION, ITS CONTRIBUTORS, OR THE AUTHOR(S)
++OR OWNER(S) OF THE SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
++INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
++BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
++CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
++ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
++POSSIBILITY OF SUCH DAMAGE.
++
++The names of the authors and copyright holders must not be used in
++advertising or otherwise to promote the sale, use or other dealing
++in this Software without specific, written prior permission. Title
++to copyright in this Software shall at all times remain with copyright
++holders.
++
++---
++Noted above is that various files can be copyrighted individually.
++The licenses found in the OpenLDAP tree are as follows:
++
++CRL
++-----------------------------------
++# Copyright 1999 Computing Research Labs, New Mexico State University
++#
++# Permission is hereby granted, free of charge, to any person obtaining a
++# copy of this software and associated documentation files (the "Software"),
++# to deal in the Software without restriction, including without limitation
++# the rights to use, copy, modify, merge, publish, distribute, sublicense,
++# and/or sell copies of the Software, and to permit persons to whom the
++# Software is furnished to do so, subject to the following conditions:
++#
++# The above copyright notice and this permission notice shall be included in
++# all copies or substantial portions of the Software.
++#
++# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
++# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
++# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
++# THE COMPUTING RESEARCH LAB OR NEW MEXICO STATE UNIVERSITY BE LIABLE FOR ANY
++# CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
++# OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR
++# THE USE OR OTHER DEALINGS IN THE SOFTWARE.
++
++-----------------------------------
++
++
++FSF
++-----------------------------------
++# Copyright (C) 1994, 1995-8, 1999, 2001 Free Software Foundation, Inc.
++# This Makefile.in is free software; the Free Software Foundation
++# gives unlimited permission to copy and/or distribute it,
++# with or without modifications, as long as this notice is preserved.
++
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
++# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
++# PARTICULAR PURPOSE.
++
++-----------------------------------
++
++
++HC
++-----------------------------------
++ * Permission is granted to anyone to use this software for any purpose
++ * on any computer system, and to alter it and redistribute it, subject
++ * to the following restrictions:
++ *
++ * 1. The author is not responsible for the consequences of use of this
++ * software, no matter how awful, even if they arise from flaws in it.
++ *
++ * 2. The origin of this software must not be misrepresented, either by
++ * explicit claim or by omission. Since few users ever read sources,
++ * credits should appear in the documentation.
++ *
++ * 3. Altered versions must be plainly marked as such, and must not be
++ * misrepresented as being the original software. Since few users
++ * ever read sources, credits should appear in the
++ * documentation.
++ *
++ * 4. This notice may not be removed or altered.
++
++-----------------------------------
++
++
++IBM
++-----------------------------------
++ * Portions Copyright (c) 1995 by International Business Machines, Inc.
++ *
++ * International Business Machines, Inc. (hereinafter called IBM) grants
++ * permission under its copyrights to use, copy, modify, and distribute this
++ * Software with or without fee, provided that the above copyright notice and
++ * all paragraphs of this notice appear in all copies, and that the name of IBM
++ * not be used in connection with the marketing of any product incorporating
++ * the Software or modifications thereof, without specific, written prior
++ * permission.
++ *
++ * To the extent it has a right to do so, IBM grants an immunity from suit
++ * under its patents, if any, for the use, sale or manufacture of products to
++ * the extent that such products are used for performing Domain Name System
++ * dynamic updates in TCP/IP networks by means of the Software. No immunity is
++ * granted for any product per se or for any other function of any product.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
++ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
++ * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
++ * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
++ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
++ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
++
++-----------------------------------
++
++
++IS
++-----------------------------------
++# Full Copyright Statement
++#
++# Copyright (C) The Internet Society (1999). All Rights Reserved.
++#
++# This document and translations of it may be copied and furnished to
++# others, and derivative works that comment on or otherwise explain it
++# or assist in its implementation may be prepared, copied, published
++# and distributed, in whole or in part, without restriction of any
++# kind, provided that the above copyright notice and this paragraph are
++# included on all such copies and derivative works. However, this
++# document itself may not be modified in any way, such as by removing
++# the copyright notice or references to the Internet Society or other
++# Internet organizations, except as needed for the purpose of
++# developing Internet standards in which case the procedures for
++# copyrights defined in the Internet Standards process must be
++# followed, or as required to translate it into languages other than
++# English.
++#
++# The limited permissions granted above are perpetual and will not be
++# revoked by the Internet Society or its successors or assigns.
++#
++# This document and the information contained herein is provided on an
++# "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
++# TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
++# BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
++# HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
++# MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
++
++This license was present in the copies of several schema files and one
++LDIF file as distributed upstream. The relevant content has been removed
++except where it is purely functional (descriptions of an LDAP schema).
++The copyright notice has been retained with a clarifying comment. The
++provisions in the above license that prohibit modification therefore
++should no longer apply to any files distributed with the Debian package.
++
++Several files in libraries/libldap also reference this license as the
++copyright on ABNF sequences embedded as comments in those files. These
++too are purely functional interface specifications distributed as part of
++the LDAP protocol standard and do not contain creative work such as
++free-form text.
++-----------------------------------
++
++
++ISC
++-----------------------------------
++ * Copyright (c) 1996, 1998 by Internet Software Consortium.
++ *
++ * Permission to use, copy, modify, and distribute this software for any
++ * purpose with or without fee is hereby granted, provided that the above
++ * copyright notice and this permission notice appear in all copies.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
++ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
++ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
++ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
++ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
++ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
++ * SOFTWARE.
++
++-----------------------------------
++
++
++JC
++-----------------------------------
++ * This software is not subject to any license of Silicon Graphics
++ * Inc. or Purdue University.
++ *
++ * Redistribution and use in source and binary forms are permitted
++ * without restriction or fee of any kind as long as this notice
++ * is preserved.
++
++The following is additional information from Juan C. Gomez on how
++this license is to be interpreted:
++-----
++Local-Date: Fri, 06 Jun 2003 13:18:52 -0400
++Date: Fri, 6 Jun 2003 10:18:52 -0700
++From: Juan Gomez <juang@us.ibm.com>
++To: Stephen Frost <sfrost@debian.org>
++X-Mailer: Lotus Notes Release 5.0.2a (Intl) 23 November 1999
++Subject: Re: Juan C. Gomez license in OpenLDAP Source
++
++Stephen,
++
++"There is no restriction on modifications and derived works" on the work I
++did for the openldap server as long as this is consistent with the openldap
++license. Please forward this email to Kurt so he does the appropriate
++changes to the files to reflect this.
++
++
++Regards, Juan
++-----------------------------------
++
++
++MA
++-----------------------------------
++ * Copyright (c) 2000, Mark Adamson, Carnegie Mellon. All rights reserved.
++ * This software is not subject to any license of Carnegie Mellon University.
++ *
++ * Redistribution and use in source and binary forms are permitted without
++ * restriction or fee of any kind as long as this notice is preserved.
++ *
++ * The name "Carnegie Mellon" must not be used to endorse or promote
++ * products derived from this software without prior written permission.
++
++The following is additional information from Mark Adamson on how this license
++is to be interpreted:
++------
++Local-Date: Thu, 05 Jun 2003 16:53:32 -0400
++Date: Thu, 5 Jun 2003 16:53:32 -0400 (EDT)
++From: Mark Adamson <adamson@andrew.cmu.edu>
++To: Stephen Frost <sfrost@debian.org>
++Subject: Re: Mark Adamson license in OpenLDAP source
++
++Hi Stephen,
++
++ I don't see how this conflicts with the Debian FSG. The first statement
++in the copyright pertaining to CMU say only that we don't license out the
++software. The second mention denies the right to say things like,
++"Now! Powered by software from Carnegie Mellon!" There is no restriction
++on modifications and derived works.
++
++-Mark
++------
++-----------------------------------
++
++
++MIT
++-----------------------------------
++# Copyright 1991 by the Massachusetts Institute of Technology
++#
++# Permission to use, copy, modify, distribute, and sell this software and its
++# documentation for any purpose is hereby granted without fee, provided that
++# the above copyright notice appear in all copies and that both that
++# copyright notice and this permission notice appear in supporting
++# documentation, and that the name of M.I.T. not be used in advertising or
++# publicity pertaining to distribution of the software without specific,
++# written prior permission. M.I.T. makes no representations about the
++# suitability of this software for any purpose. It is provided "as is"
++# without express or implied warranty.
++
++-----------------------------------
++
++
++OL2
++-----------------------------------
++Copyright 1999-2001 The OpenLDAP Foundation, Redwood City,
++California, USA. All Rights Reserved. Permission to copy and
++distribute verbatim copies of this document is granted.
++-----------------------------------
++
++
++PM
++-----------------------------------
++ * Copyright (C) 2000 Pierangelo Masarati, <ando@sys-net.it>
++ * All rights reserved.
++ *
++ * Permission is granted to anyone to use this software for any purpose
++ * on any computer system, and to alter it and redistribute it, subject
++ * to the following restrictions:
++ *
++ * 1. The author is not responsible for the consequences of use of this
++ * software, no matter how awful, even if they arise from flaws in it.
++ *
++ * 2. The origin of this software must not be misrepresented, either by
++ * explicit claim or by omission. Since few users ever read sources,
++ * credits should appear in the documentation.
++ *
++ * 3. Altered versions must be plainly marked as such, and must not be
++ * misrepresented as being the original software. Since few users
++ * ever read sources, credits should appear in the documentation.
++ *
++ * 4. This notice may not be removed or altered.
++ *
++-----------------------------------
++
++
++PM2
++-----------------------------------
++ * Redistribution and use in source and binary forms are permitted only
++ * as authorized by the OpenLDAP Public License. A copy of this
++ * license is available at http://www.OpenLDAP.org/license.html or
++ * in file LICENSE in the top-level directory of the distribution.
++-----------------------------------
++
++
++UoC
++-----------------------------------
++ * Redistribution and use in source and binary forms are permitted
++ * provided that the above copyright notice and this paragraph are
++ * duplicated in all such forms and that any documentation,
++ * advertising materials, and other materials related to such
++ * distribution and use acknowledge that the software was developed
++ * by the University of California, Berkeley. The name of the
++ * University may not be used to endorse or promote products derived
++ * from this software without specific prior written permission.
++ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
++ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
++
++NOTE: The Regents have since retroactively removed the advertising
++clause from above.
++
++-----------------------------------
++
++
++UoC2
++-----------------------------------
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ * 3. All advertising materials mentioning features or use of this software
++ * must display the following acknowledgement:
++ * This product includes software developed by the University of
++ * California, Berkeley and its contributors.
++ * 4. Neither the name of the University nor the names of its contributors
++ * may be used to endorse or promote products derived from this software
++ * without specific prior written permission.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
++ * SUCH DAMAGE.
++
++NOTE: The Regents have since retroactively removed the advertising
++clause from above.
++See:
++ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
++
++-----------------------------------
++
++
++UoM
++-----------------------------------
++ * Redistribution and use in source and binary forms are permitted
++ * provided that this notice is preserved and that due credit is given
++ * to the University of Michigan at Ann Arbor. The name of the University
++ * may not be used to endorse or promote products derived from this
++ * software without specific prior written permission. This software
++ * is provided ``as is'' without express or implied warranty.
++---
++After discussing this license with the OpenLDAP Foundation we received
++clarification on it:
++---
++
++ * To: Stephen Frost <sfrost@snowman.net>
++ * Subject: Re: OpenLDAP Licenseing issues
++ * From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
++ * Date: Wed, 28 May 2003 10:55:44 -0700
++ * Cc: Steve Langasek <vorlon@netexpress.net>,debian-legal@lists.debian.org, openldap-devel@OpenLDAP.org
++ * In-reply-to: <20030528162613.GB8524@ns.snowman.net>
++ * Message-id: <5.2.0.9.0.20030528094229.02924780@127.0.0.1>
++ * Old-return-path: <Kurt@OpenLDAP.org>
++
++Steven,
++
++The OpenLDAP Foundation believes it the Regents' statement grants a
++license to redistribute derived works and is confident that the University,
++who is quite aware of our actions (as they actively participate in them),
++does not consider our actions to infringe on their rights. You are
++welcomed to your opinions. I suggest, however, that before you rely
++on your or other people's opinions (including ours), that you consult
++with a lawyer familiar with applicable law and the particulars of your
++situation.
++
++The Foundation sees no reason for it to expend its limited resources
++seeking clarifications which it believes are unnecessary. You are,
++of course, welcomed to expend time and energy seeking clarifications
++you think are necessary. I suggest you contact University's general
++counsel office (http://www.umich.edu/~vpgc/).
++
++Regards, Kurt
++-----------------------------------
++
++
--- /dev/null
--- /dev/null
++#!/usr/bin/perl -w
++
++use strict;
++use Debian::Debhelper::Dh_Lib;
++
++init();
++
++foreach my $package (@{$dh{DOPACKAGES}}) {
++ my $tmp=tmpdir($package);
++ my $ext=pkgext($package);
++
++ if (! -d "$tmp/DEBIAN") {
++ next;
++ }
++
++ foreach my $file (qw{postinst preinst prerm postrm config}) {
++ my $f="$tmp/DEBIAN/$file";
++ if ($f) {
++ complex_doit("perl -pe 's~#SCRIPTSCOMMON#~qx{cat debian/${ext}scripts-common}~eg' -i $f");
++ }
++ }
++}
--- /dev/null
--- /dev/null
++[DEFAULT]
++debian-branch = master
++upstream-branch = upstream
++debian-tag = %(version)s
++upstream-tag = upstream/%(version)s
++pristine-tar = True
--- /dev/null
--- /dev/null
++If you want to play with shell and ldapsearch output, be sure your dn
++entries are one per line. A perl script could be:
++
++ ldapsearch ... | perl -p -0040 -e 's/\n //'
++
--- /dev/null
--- /dev/null
++usr/bin
++usr/share/man
--- /dev/null
--- /dev/null
++debian/tmp/usr/bin/ldapadd usr/bin
++debian/tmp/usr/bin/ldapdelete usr/bin
++debian/tmp/usr/bin/ldapmodrdn usr/bin
++debian/tmp/usr/bin/ldapsearch usr/bin
++debian/tmp/usr/bin/ldapcompare usr/bin
++debian/tmp/usr/bin/ldapmodify usr/bin
++debian/tmp/usr/bin/ldappasswd usr/bin
++debian/tmp/usr/bin/ldapwhoami usr/bin
++debian/tmp/usr/bin/ldapexop usr/bin
++debian/tmp/usr/bin/ldapurl usr/bin
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man1/ldapcompare.1
++debian/tmp/usr/share/man/man1/ldapdelete.1
++debian/tmp/usr/share/man/man1/ldapexop.1
++debian/tmp/usr/share/man/man1/ldapmodify.1
++debian/tmp/usr/share/man/man1/ldapmodrdn.1
++debian/tmp/usr/share/man/man1/ldappasswd.1
++debian/tmp/usr/share/man/man1/ldapsearch.1
++debian/tmp/usr/share/man/man1/ldapwhoami.1
++debian/tmp/usr/share/man/man1/ldapurl.1
++debian/tmp/usr/share/man/man1/ldapadd.1
++debian/tmp/usr/share/man/man5/ldif.5
--- /dev/null
--- /dev/null
++#!/usr/bin/perl -w
++#
++#
++# Comments on usage from the email we received:
++# I showed a friend the following script. He said I should submit it for
++# inclusion in openldap, because it might useful for others.
++#
++# The attached perl script, when used like
++#
++# ldapsearch | ldiftopasswd
++#
++# will automatically:
++#
++# 1. create /etc/passwd, /etc/shadow, /etc/group, and /etc/gshadow
++#
++# 2. append /etc/passwd.top, /etc/shadow.top, /etc/group.top, and /etc/gshadow.top to respective files.
++#
++# 3. use data from ldap to create the files (note: gshadow isn't really
++# supported, because I don't use it, nor could I find any
++# documentation. Adding support for other files should be easy).
++#
++# (of course you need access to all fields including the password field
++# for this, so use correct parameters to ldapsearch).
++#
++# This could be useful for instance on laptop computers where you don't
++# want to run a slave slapd server for some reason (perhaps memory
++# constraints).
++# ----------------------------------------
++use strict;
++use Getopt::Long;
++use MIME::Base64;
++use IO::File;
++
++my $passwdfile="/etc/passwd";
++my $shadowfile="/etc/shadow";
++my $groupfile="/etc/group";
++my $gshadowfile="/etc/gshadow";
++my $help;
++GetOptions (
++ '--passwd=s',\$passwdfile,
++ '--shadow=s',\$shadowfile,
++ '--group=s',\$groupfile,
++ '--gshadow=s',\$gshadowfile,
++ '--help',\$help,
++ ) or die "Bad options\n";
++
++if ($help or $#ARGV != -1) {
++ print STDERR "usage: $0 [etcfile=filename] [--help]\n";
++ exit 255;
++}
++
++sub start_file($) {
++ my ($file) = @_;
++ my $outhandle = new IO::File;
++ $outhandle->open(">$file") or die "Cannot open $file for writing";
++
++ open(TMP,"<$file.top") or die "cannot open $file.top for reading";
++ while (<TMP>) { $outhandle->print($_); }
++ close(TMP) or die "cannot close $file for reading";
++
++ return($outhandle);
++}
++
++my $PASSWD = start_file($passwdfile);
++my $SHADOW = start_file($shadowfile);
++my $GROUP = start_file($groupfile);
++my $GSHADOW = start_file($gshadowfile);
++
++sub dopasswd($) {
++ my ($record) = @_;
++ my $userPassword="*";
++
++ $PASSWD->print(
++ $record->{"uid"},":",
++ "x",":",
++ $record->{"uidNumber"},":",
++ $record->{"gidNumber"},":",
++ $record->{"gecos"},":",
++ $record->{"homeDirectory"},":",
++ $record->{"loginShell"},"\n");
++
++ if (defined($record->{"userPassword"}) &&
++ $record->{"userPassword"} =~ /^{(crypt)}(.*)$/)
++ { $userPassword = $2; }
++
++ $SHADOW->print(
++ $record->{"uid"},":",
++ $userPassword,":",
++ $record->{"shadowLastChange"} || "10706",":",
++ $record->{"shadowMin"} || "0",":",
++ $record->{"shadowMax"} || "99999",":",
++ $record->{"shadowWarning"} || "7",":",
++ $record->{"shadowInactive"} || "",":",
++ $record->{"shadowExpire"} || "",":",
++ "","\n");
++}
++
++sub dogroup($) {
++ my ($record) = @_;
++ my $userPassword="*";
++
++ my $members="";
++ if (defined($record->{"memberUid"})) {
++ $members = join(",",@{$record->{"memberUid"}});
++ }
++
++ $GROUP->print(
++ $record->{"cn"},":",
++ "x",":",
++ $record->{"gidNumber"},":",
++ $members,"\n");
++
++ if (defined($record->{"userPassword"}) &&
++ $record->{"userPassword"} =~ /^{(crypt)}(.*)$/)
++ { $userPassword = $2; }
++
++# !FIXME!
++# $GSHADOW->print
++# $record->{"cn"},":",
++# "*",":",
++# "",":",
++# "","\n";
++}
++
++
++my %record;
++my $user=0;
++my $group=0;
++
++while (<>) {
++ if (/^$/) {
++ if ($user) {
++ dopasswd(\%record);
++ }
++ if ($group) {
++ dogroup(\%record);
++ }
++
++ $user = $group = 0;
++ %record=();
++ }
++ elsif (/^objectClass: posixAccount$/) {
++ $user = 1;
++ }
++ elsif (/^objectClass: posixGroup$/) {
++ $group = 1;
++ }
++ elsif (/^(uid|uidNumber|gidNumber|gecos|homeDirectory|loginShell): (.*)$/) {
++ if (!defined($record{$1})) { $record{$1} = $2; }
++ }
++ elsif (/^(userPassword|shadowLastChange|shadowMin|shadowMax|shadowWarning|shadowInactive|shadowExpire): (.*)$/) {
++ if (!defined($record{$1})) { $record{$1} = $2; }
++ }
++ elsif (/^(cn): (.*)$/) {
++ if (!defined($record{$1})) { $record{$1} = $2; }
++ }
++ elsif (/^(uniqueMember): (.*)$/) {
++ push @{$record{$1}},$2;
++ if ($2 =~ /uid=([a-zA-Z]*),/) {
++ push @{$record{"memberUid"}},$1;
++ }
++ }
++ elsif (/^(memberUid): (.*)$/) {
++ push @{$record{$1}},$2;
++ }
++ elsif (/^(userPassword):: (.*)$/) {
++ $record{$1} = decode_base64($2);
++ }
++}
++
++$PASSWD->close or die "Cannot close $passwdfile for writing";
++$SHADOW->close or die "Cannot close $shadowfile for writing";
++$GROUP->close or die "Cannot close $groupfile for writing";
++$GSHADOW->close or die "Cannot close $gshadowfile for writing";
--- /dev/null
--- /dev/null
++Notes about Debian's libldap2 package
++-------------------------------------
++
++It has been reported that using libnss-ldap can cause a failure to
++unmount /usr on system shutdown. The reason is that the nss module
++uses libldap from /usr and is used by the shell in the system
++scripts executed on shutdown/reboot.
++
++More precisely bash uses the getpwuid function to get the data of
++the current user which pulls in the nss modules which includes
++the ldap libraries if you are using that module.
++
++Possible solutions to this problem are:
++
++a) use another shell that does not utilize getpwuid for getting info
++ about the current user (take dash for example).
++b) make sure that the nsswitch.conf is replaced by a version which does
++ not mention ldap before the system is shut down (and have a startup
++ script that installs the "full" version of that file).
++c) move the libraries to /lib (not recommended).
++
++ -- Torsten Landschoff <torsten@debian.org> Mon, 30 Sep 2002 11:06:22 +0200
--- /dev/null
--- /dev/null
++usr/lib/*/liblber-2.4.so.2
++usr/lib/*/liblber-2.4.so.2.*.*
++usr/lib/*/libldap_r-2.4.so.2
++usr/lib/*/libldap_r-2.4.so.2.*.*
--- /dev/null
--- /dev/null
++usr/lib/${DEB_HOST_MULTIARCH}/libldap_r-2.4.so.2 usr/lib/${DEB_HOST_MULTIARCH}/libldap-2.4.so.2
--- /dev/null
--- /dev/null
++libldap-2.4-2: package-name-doesnt-match-sonames liblber-2.4-2 libldap-r-2.4-2
++# #687022
++libldap-2.4-2: dev-pkg-without-shlib-symlink */liblber-2.4.so.* *
++libldap-2.4-2: dev-pkg-without-shlib-symlink */libldap_r-2.4.so.* *
--- /dev/null
--- /dev/null
++# While only libldap_r is packaged, the client programs are linked
++# against libldap during build. This is here just to satisfy
++# dpkg-shlibdeps for ldap-utils: libldap is not around when
++# dpkg-gensymbols runs, so it's not listed in the symbols file. A better
++# long-term workaround will be to patch the upstream build system so the
++# client programs are linked against libldap_r.
++liblber-2.4 2 libldap-2.4-2 (>= 2.4.7)
++libldap-2.4 2 libldap-2.4-2 (>= 2.4.7)
++libldap_r-2.4 2 libldap-2.4-2 (>= 2.4.7)
--- /dev/null
--- /dev/null
++liblber-2.4.so.2 libldap-2.4-2 #MINVER#
++ OPENLDAP_2.4_2@OPENLDAP_2.4_2 2.4.7
++ ber_alloc@OPENLDAP_2.4_2 2.4.7
++ ber_alloc_t@OPENLDAP_2.4_2 2.4.7
++ ber_bprint@OPENLDAP_2.4_2 2.4.7
++ ber_bvarray_add@OPENLDAP_2.4_2 2.4.7
++ ber_bvarray_add_x@OPENLDAP_2.4_2 2.4.7
++ ber_bvarray_dup_x@OPENLDAP_2.4_2 2.4.7
++ ber_bvarray_free@OPENLDAP_2.4_2 2.4.7
++ ber_bvarray_free_x@OPENLDAP_2.4_2 2.4.7
++ ber_bvdup@OPENLDAP_2.4_2 2.4.7
++ ber_bvecadd@OPENLDAP_2.4_2 2.4.7
++ ber_bvecadd_x@OPENLDAP_2.4_2 2.4.7
++ ber_bvecfree@OPENLDAP_2.4_2 2.4.7
++ ber_bvecfree_x@OPENLDAP_2.4_2 2.4.7
++ ber_bvfree@OPENLDAP_2.4_2 2.4.7
++ ber_bvfree_x@OPENLDAP_2.4_2 2.4.7
++ ber_bvreplace@OPENLDAP_2.4_2 2.4.7
++ ber_bvreplace_x@OPENLDAP_2.4_2 2.4.7
++ ber_decode_oid@OPENLDAP_2.4_2 2.4.7
++ ber_dump@OPENLDAP_2.4_2 2.4.7
++ ber_dup@OPENLDAP_2.4_2 2.4.7
++ ber_dupbv@OPENLDAP_2.4_2 2.4.7
++ ber_dupbv_x@OPENLDAP_2.4_2 2.4.7
++ ber_encode_oid@OPENLDAP_2.4_2 2.4.7
++ ber_errno_addr@OPENLDAP_2.4_2 2.4.7
++ ber_error_print@OPENLDAP_2.4_2 2.4.7
++ ber_first_element@OPENLDAP_2.4_2 2.4.7
++ ber_flatten2@OPENLDAP_2.4_2 2.4.7
++ ber_flatten@OPENLDAP_2.4_2 2.4.7
++ ber_flush2@OPENLDAP_2.4_2 2.4.7
++ ber_flush@OPENLDAP_2.4_2 2.4.7
++ ber_free@OPENLDAP_2.4_2 2.4.7
++ ber_free_buf@OPENLDAP_2.4_2 2.4.7
++ ber_get_bitstringa@OPENLDAP_2.4_2 2.4.7
++ ber_get_boolean@OPENLDAP_2.4_2 2.4.7
++ ber_get_enum@OPENLDAP_2.4_2 2.4.7
++ ber_get_int@OPENLDAP_2.4_2 2.4.7
++ ber_get_next@OPENLDAP_2.4_2 2.4.7
++ ber_get_null@OPENLDAP_2.4_2 2.4.7
++ ber_get_option@OPENLDAP_2.4_2 2.4.7
++ ber_get_stringa@OPENLDAP_2.4_2 2.4.7
++ ber_get_stringa_null@OPENLDAP_2.4_2 2.4.7
++ ber_get_stringal@OPENLDAP_2.4_2 2.4.7
++ ber_get_stringb@OPENLDAP_2.4_2 2.4.7
++ ber_get_stringbv@OPENLDAP_2.4_2 2.4.7
++ ber_get_stringbv_null@OPENLDAP_2.4_2 2.4.7
++ ber_get_tag@OPENLDAP_2.4_2 2.4.7
++ ber_init2@OPENLDAP_2.4_2 2.4.7
++ ber_init@OPENLDAP_2.4_2 2.4.7
++ ber_init_w_nullc@OPENLDAP_2.4_2 2.4.7
++ ber_int_errno_fn@OPENLDAP_2.4_2 2.4.7
++ ber_int_log_proc@OPENLDAP_2.4_2 2.4.7
++ ber_int_memory_fns@OPENLDAP_2.4_2 2.4.7
++ ber_int_options@OPENLDAP_2.4_2 2.4.7
++ ber_int_sb_close@OPENLDAP_2.4_2 2.4.7
++ ber_int_sb_destroy@OPENLDAP_2.4_2 2.4.7
++ ber_int_sb_init@OPENLDAP_2.4_2 2.4.7
++ ber_int_sb_read@OPENLDAP_2.4_2 2.4.7
++ ber_int_sb_write@OPENLDAP_2.4_2 2.4.7
++ ber_len@OPENLDAP_2.4_2 2.4.7
++ ber_log_bprint@OPENLDAP_2.4_2 2.4.7
++ ber_log_dump@OPENLDAP_2.4_2 2.4.7
++ ber_log_sos_dump@OPENLDAP_2.4_2 2.4.7
++ ber_mem2bv@OPENLDAP_2.4_2 2.4.7
++ ber_mem2bv_x@OPENLDAP_2.4_2 2.4.7
++ ber_memalloc@OPENLDAP_2.4_2 2.4.7
++ ber_memalloc_x@OPENLDAP_2.4_2 2.4.7
++ ber_memcalloc@OPENLDAP_2.4_2 2.4.7
++ ber_memcalloc_x@OPENLDAP_2.4_2 2.4.7
++ ber_memfree@OPENLDAP_2.4_2 2.4.7
++ ber_memfree_x@OPENLDAP_2.4_2 2.4.7
++ ber_memrealloc@OPENLDAP_2.4_2 2.4.7
++ ber_memrealloc_x@OPENLDAP_2.4_2 2.4.7
++ ber_memvfree@OPENLDAP_2.4_2 2.4.7
++ ber_memvfree_x@OPENLDAP_2.4_2 2.4.7
++ ber_next_element@OPENLDAP_2.4_2 2.4.7
++ ber_peek_element@OPENLDAP_2.4_2 2.4.21
++ ber_peek_tag@OPENLDAP_2.4_2 2.4.7
++ ber_printf@OPENLDAP_2.4_2 2.4.7
++ ber_ptrlen@OPENLDAP_2.4_2 2.4.7
++ ber_put_berval@OPENLDAP_2.4_2 2.4.7
++ ber_put_bitstring@OPENLDAP_2.4_2 2.4.7
++ ber_put_boolean@OPENLDAP_2.4_2 2.4.7
++ ber_put_enum@OPENLDAP_2.4_2 2.4.7
++ ber_put_int@OPENLDAP_2.4_2 2.4.7
++ ber_put_null@OPENLDAP_2.4_2 2.4.7
++ ber_put_ostring@OPENLDAP_2.4_2 2.4.7
++ ber_put_seq@OPENLDAP_2.4_2 2.4.7
++ ber_put_set@OPENLDAP_2.4_2 2.4.7
++ ber_put_string@OPENLDAP_2.4_2 2.4.7
++ ber_pvt_err_file@OPENLDAP_2.4_2 2.4.7
++ ber_pvt_log_output@OPENLDAP_2.4_2 2.4.7
++ ber_pvt_log_print@OPENLDAP_2.4_2 2.4.7
++ ber_pvt_log_printf@OPENLDAP_2.4_2 2.4.7
++ ber_pvt_opt_on@OPENLDAP_2.4_2 2.4.7
++ ber_pvt_sb_buf_destroy@OPENLDAP_2.4_2 2.4.7
++ ber_pvt_sb_buf_init@OPENLDAP_2.4_2 2.4.7
++ ber_pvt_sb_copy_out@OPENLDAP_2.4_2 2.4.7
++ ber_pvt_sb_do_write@OPENLDAP_2.4_2 2.4.7
++ ber_pvt_sb_grow_buffer@OPENLDAP_2.4_2 2.4.7
++ ber_pvt_socket_set_nonblock@OPENLDAP_2.4_2 2.4.7
++ ber_read@OPENLDAP_2.4_2 2.4.7
++ ber_realloc@OPENLDAP_2.4_2 2.4.7
++ ber_remaining@OPENLDAP_2.4_2 2.4.7
++ ber_reset@OPENLDAP_2.4_2 2.4.7
++ ber_rewind@OPENLDAP_2.4_2 2.4.7
++ ber_scanf@OPENLDAP_2.4_2 2.4.7
++ ber_set_option@OPENLDAP_2.4_2 2.4.7
++ ber_skip_data@OPENLDAP_2.4_2 2.4.7
++ ber_skip_element@OPENLDAP_2.4_2 2.4.21
++ ber_skip_tag@OPENLDAP_2.4_2 2.4.7
++ ber_sockbuf_add_io@OPENLDAP_2.4_2 2.4.7
++ ber_sockbuf_alloc@OPENLDAP_2.4_2 2.4.7
++ ber_sockbuf_ctrl@OPENLDAP_2.4_2 2.4.7
++ ber_sockbuf_free@OPENLDAP_2.4_2 2.4.7
++ ber_sockbuf_io_debug@OPENLDAP_2.4_2 2.4.7
++ ber_sockbuf_io_fd@OPENLDAP_2.4_2 2.4.7
++ ber_sockbuf_io_readahead@OPENLDAP_2.4_2 2.4.7
++ ber_sockbuf_io_tcp@OPENLDAP_2.4_2 2.4.7
++ ber_sockbuf_remove_io@OPENLDAP_2.4_2 2.4.7
++ ber_sos_dump@OPENLDAP_2.4_2 2.4.7
++ ber_start@OPENLDAP_2.4_2 2.4.7
++ ber_start_seq@OPENLDAP_2.4_2 2.4.7
++ ber_start_set@OPENLDAP_2.4_2 2.4.7
++ ber_str2bv@OPENLDAP_2.4_2 2.4.7
++ ber_str2bv_x@OPENLDAP_2.4_2 2.4.7
++ ber_strdup@OPENLDAP_2.4_2 2.4.7
++ ber_strdup_x@OPENLDAP_2.4_2 2.4.7
++ ber_strndup@OPENLDAP_2.4_2 2.4.7
++ ber_strndup_x@OPENLDAP_2.4_2 2.4.7
++ ber_strnlen@OPENLDAP_2.4_2 2.4.17
++ ber_write@OPENLDAP_2.4_2 2.4.7
++ der_alloc@OPENLDAP_2.4_2 2.4.7
++ lutil_debug@OPENLDAP_2.4_2 2.4.7
++ lutil_debug_file@OPENLDAP_2.4_2 2.4.7
++libldap_r-2.4.so.2 libldap-2.4-2 #MINVER#
++ OPENLDAP_2.4_2@OPENLDAP_2.4_2 2.4.7
++ ldap_X509dn2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_abandon@OPENLDAP_2.4_2 2.4.7
++ ldap_abandon_ext@OPENLDAP_2.4_2 2.4.7
++ ldap_add@OPENLDAP_2.4_2 2.4.7
++ ldap_add_ext@OPENLDAP_2.4_2 2.4.7
++ ldap_add_ext_s@OPENLDAP_2.4_2 2.4.7
++ ldap_add_result_entry@OPENLDAP_2.4_2 2.4.7
++ ldap_add_s@OPENLDAP_2.4_2 2.4.7
++ ldap_alloc_ber_with_options@OPENLDAP_2.4_2 2.4.7
++ ldap_append_referral@OPENLDAP_2.4_2 2.4.7
++ ldap_attributetype2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_attributetype2name@OPENLDAP_2.4_2 2.4.7
++ ldap_attributetype2str@OPENLDAP_2.4_2 2.4.7
++ ldap_attributetype_free@OPENLDAP_2.4_2 2.4.7
++ ldap_bind@OPENLDAP_2.4_2 2.4.7
++ ldap_bind_s@OPENLDAP_2.4_2 2.4.7
++ ldap_build_add_req@OPENLDAP_2.4_2 2.4.43
++ ldap_build_bind_req@OPENLDAP_2.4_2 2.4.43
++ ldap_build_compare_req@OPENLDAP_2.4_2 2.4.43
++ ldap_build_delete_req@OPENLDAP_2.4_2 2.4.43
++ ldap_build_extended_req@OPENLDAP_2.4_2 2.4.43
++ ldap_build_moddn_req@OPENLDAP_2.4_2 2.4.43
++ ldap_build_modify_req@OPENLDAP_2.4_2 2.4.43
++ ldap_build_search_req@OPENLDAP_2.4_2 2.4.7
++ ldap_bv2dn@OPENLDAP_2.4_2 2.4.7
++ ldap_bv2dn_x@OPENLDAP_2.4_2 2.4.7
++ ldap_bv2escaped_filter_value@OPENLDAP_2.4_2 2.4.7
++ ldap_bv2escaped_filter_value_len@OPENLDAP_2.4_2 2.4.7
++ ldap_bv2escaped_filter_value_x@OPENLDAP_2.4_2 2.4.7
++ ldap_bv2rdn@OPENLDAP_2.4_2 2.4.7
++ ldap_bv2rdn_x@OPENLDAP_2.4_2 2.4.7
++ ldap_cancel@OPENLDAP_2.4_2 2.4.7
++ ldap_cancel_s@OPENLDAP_2.4_2 2.4.7
++ ldap_charray2str@OPENLDAP_2.4_2 2.4.7
++ ldap_charray_add@OPENLDAP_2.4_2 2.4.7
++ ldap_charray_dup@OPENLDAP_2.4_2 2.4.7
++ ldap_charray_free@OPENLDAP_2.4_2 2.4.7
++ ldap_charray_inlist@OPENLDAP_2.4_2 2.4.7
++ ldap_charray_merge@OPENLDAP_2.4_2 2.4.7
++ ldap_chase_referrals@OPENLDAP_2.4_2 2.4.7
++ ldap_chase_v3referrals@OPENLDAP_2.4_2 2.4.7
++ ldap_clear_select_write@OPENLDAP_2.4_2 2.4.31
++ ldap_compare@OPENLDAP_2.4_2 2.4.7
++ ldap_compare_ext@OPENLDAP_2.4_2 2.4.7
++ ldap_compare_ext_s@OPENLDAP_2.4_2 2.4.7
++ ldap_compare_s@OPENLDAP_2.4_2 2.4.7
++ ldap_connect_to_host@OPENLDAP_2.4_2 2.4.7
++ ldap_connect_to_path@OPENLDAP_2.4_2 2.4.7
++ ldap_contentrule2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_contentrule2name@OPENLDAP_2.4_2 2.4.7
++ ldap_contentrule2str@OPENLDAP_2.4_2 2.4.7
++ ldap_contentrule_free@OPENLDAP_2.4_2 2.4.7
++ ldap_control_create@OPENLDAP_2.4_2 2.4.7
++ ldap_control_dup@OPENLDAP_2.4_2 2.4.7
++ ldap_control_find@OPENLDAP_2.4_2 2.4.7
++ ldap_control_free@OPENLDAP_2.4_2 2.4.7
++ ldap_controls_dup@OPENLDAP_2.4_2 2.4.7
++ ldap_controls_free@OPENLDAP_2.4_2 2.4.7
++ ldap_count_entries@OPENLDAP_2.4_2 2.4.7
++ ldap_count_messages@OPENLDAP_2.4_2 2.4.7
++ ldap_count_references@OPENLDAP_2.4_2 2.4.7
++ ldap_count_values@OPENLDAP_2.4_2 2.4.7
++ ldap_count_values_len@OPENLDAP_2.4_2 2.4.7
++ ldap_create@OPENLDAP_2.4_2 2.4.7
++ ldap_create_assertion_control@OPENLDAP_2.4_2 2.4.11
++ ldap_create_assertion_control_value@OPENLDAP_2.4_2 2.4.11
++ ldap_create_control@OPENLDAP_2.4_2 2.4.7
++ ldap_create_deref_control@OPENLDAP_2.4_2 2.4.15
++ ldap_create_deref_control_value@OPENLDAP_2.4_2 2.4.15
++ ldap_create_page_control@OPENLDAP_2.4_2 2.4.7
++ ldap_create_page_control_value@OPENLDAP_2.4_2 2.4.7
++ ldap_create_passwordpolicy_control@OPENLDAP_2.4_2 2.4.7
++ ldap_create_session_tracking_control@OPENLDAP_2.4_2 2.4.28
++ ldap_create_session_tracking_value@OPENLDAP_2.4_2 2.4.28
++ ldap_create_sort_control@OPENLDAP_2.4_2 2.4.7
++ ldap_create_sort_control_value@OPENLDAP_2.4_2 2.4.7
++ ldap_create_sort_keylist@OPENLDAP_2.4_2 2.4.7
++ ldap_create_vlv_control@OPENLDAP_2.4_2 2.4.7
++ ldap_create_vlv_control_value@OPENLDAP_2.4_2 2.4.7
++ ldap_dcedn2dn@OPENLDAP_2.4_2 2.4.7
++ ldap_delete@OPENLDAP_2.4_2 2.4.7
++ ldap_delete_ext@OPENLDAP_2.4_2 2.4.7
++ ldap_delete_ext_s@OPENLDAP_2.4_2 2.4.7
++ ldap_delete_result_entry@OPENLDAP_2.4_2 2.4.7
++ ldap_delete_s@OPENLDAP_2.4_2 2.4.7
++ ldap_derefresponse_free@OPENLDAP_2.4_2 2.4.15
++ ldap_destroy@OPENLDAP_2.4_2 2.4.25
++ ldap_dn2ad_canonical@OPENLDAP_2.4_2 2.4.7
++ ldap_dn2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_dn2bv_x@OPENLDAP_2.4_2 2.4.7
++ ldap_dn2dcedn@OPENLDAP_2.4_2 2.4.7
++ ldap_dn2domain@OPENLDAP_2.4_2 2.4.7
++ ldap_dn2str@OPENLDAP_2.4_2 2.4.7
++ ldap_dn2ufn@OPENLDAP_2.4_2 2.4.7
++ ldap_dn_normalize@OPENLDAP_2.4_2 2.4.7
++ ldap_dnfree@OPENLDAP_2.4_2 2.4.7
++ ldap_dnfree_x@OPENLDAP_2.4_2 2.4.7
++ ldap_domain2dn@OPENLDAP_2.4_2 2.4.7
++ ldap_domain2hostlist@OPENLDAP_2.4_2 2.4.7
++ ldap_dump_connection@OPENLDAP_2.4_2 2.4.7
++ ldap_dump_requests_and_responses@OPENLDAP_2.4_2 2.4.7
++ ldap_dup@OPENLDAP_2.4_2 2.4.25
++ ldap_err2string@OPENLDAP_2.4_2 2.4.7
++ ldap_explode_dn@OPENLDAP_2.4_2 2.4.7
++ ldap_explode_rdn@OPENLDAP_2.4_2 2.4.7
++ ldap_extended_operation@OPENLDAP_2.4_2 2.4.7
++ ldap_extended_operation_s@OPENLDAP_2.4_2 2.4.7
++ ldap_find_control@OPENLDAP_2.4_2 2.4.7
++ ldap_find_request_by_msgid@OPENLDAP_2.4_2 2.4.7
++ ldap_first_attribute@OPENLDAP_2.4_2 2.4.7
++ ldap_first_entry@OPENLDAP_2.4_2 2.4.7
++ ldap_first_message@OPENLDAP_2.4_2 2.4.7
++ ldap_first_reference@OPENLDAP_2.4_2 2.4.7
++ ldap_free_connection@OPENLDAP_2.4_2 2.4.7
++ ldap_free_request@OPENLDAP_2.4_2 2.4.7
++ ldap_free_select_info@OPENLDAP_2.4_2 2.4.7
++ ldap_free_sort_keylist@OPENLDAP_2.4_2 2.4.7
++ ldap_free_urldesc@OPENLDAP_2.4_2 2.4.7
++ ldap_free_urllist@OPENLDAP_2.4_2 2.4.7
++ ldap_get_attribute_ber@OPENLDAP_2.4_2 2.4.7
++ ldap_get_dn@OPENLDAP_2.4_2 2.4.7
++ ldap_get_dn_ber@OPENLDAP_2.4_2 2.4.7
++ ldap_get_entry_controls@OPENLDAP_2.4_2 2.4.7
++ ldap_get_message_ber@OPENLDAP_2.4_2 2.4.7
++ ldap_get_option@OPENLDAP_2.4_2 2.4.7
++ ldap_get_values@OPENLDAP_2.4_2 2.4.7
++ ldap_get_values_len@OPENLDAP_2.4_2 2.4.7
++ ldap_gssapi_bind@OPENLDAP_2.4_2 2.4.15
++ ldap_gssapi_bind_s@OPENLDAP_2.4_2 2.4.15
++ ldap_host_connected_to@OPENLDAP_2.4_2 2.4.7
++ ldap_init@OPENLDAP_2.4_2 2.4.7
++ ldap_init_fd@OPENLDAP_2.4_2 2.4.7
++ ldap_initialize@OPENLDAP_2.4_2 2.4.7
++ ldap_install_tls@OPENLDAP_2.4_2 2.4.7
++ ldap_int_bisect_delete@OPENLDAP_2.4_2 2.4.7
++ ldap_int_bisect_find@OPENLDAP_2.4_2 2.4.7
++ ldap_int_bisect_insert@OPENLDAP_2.4_2 2.4.7
++ ldap_int_check_async_open@OPENLDAP_2.4_2 2.4.28
++ ldap_int_client_controls@OPENLDAP_2.4_2 2.4.7
++ ldap_int_connect_cbs@OPENLDAP_2.4_2 2.4.15
++ ldap_int_error_init@OPENLDAP_2.4_2 2.4.7
++ ldap_int_flush_request@OPENLDAP_2.4_2 2.4.7
++ ldap_int_global_options@OPENLDAP_2.4_2 2.4.7
++ ldap_int_gmtime_mutex@OPENLDAP_2.4_2 2.4.23
++ ldap_int_hostname@OPENLDAP_2.4_2 2.4.7
++ ldap_int_hostname_mutex@OPENLDAP_2.4_2 2.4.39
++ ldap_int_inet4or6@OPENLDAP_2.4_2 2.4.7
++ ldap_int_initialize@OPENLDAP_2.4_2 2.4.7
++ ldap_int_initialize_global_options@OPENLDAP_2.4_2 2.4.7
++ ldap_int_msgtype2str@OPENLDAP_2.4_2 2.4.7
++ ldap_int_open_connection@OPENLDAP_2.4_2 2.4.7
++ ldap_int_parse_numericoid@OPENLDAP_2.4_2 2.4.7
++ ldap_int_parse_ruleid@OPENLDAP_2.4_2 2.4.7
++ ldap_int_poll@OPENLDAP_2.4_2 2.4.7
++ ldap_int_put_controls@OPENLDAP_2.4_2 2.4.7
++ ldap_int_resolv_mutex@OPENLDAP_2.4_2 2.4.7
++ ldap_int_sasl_bind@OPENLDAP_2.4_2 2.4.7
++ ldap_int_sasl_close@OPENLDAP_2.4_2 2.4.7
++ ldap_int_sasl_config@OPENLDAP_2.4_2 2.4.7
++ ldap_int_sasl_external@OPENLDAP_2.4_2 2.4.7
++ ldap_int_sasl_get_option@OPENLDAP_2.4_2 2.4.7
++ ldap_int_sasl_init@OPENLDAP_2.4_2 2.4.7
++ ldap_int_sasl_open@OPENLDAP_2.4_2 2.4.7
++ ldap_int_sasl_set_option@OPENLDAP_2.4_2 2.4.7
++ ldap_int_select@OPENLDAP_2.4_2 2.4.7
++ ldap_int_thread_destroy@OPENLDAP_2.4_2 2.4.7
++ ldap_int_thread_initialize@OPENLDAP_2.4_2 2.4.7
++ ldap_int_thread_pool_shutdown@OPENLDAP_2.4_2 2.4.7
++ ldap_int_thread_pool_startup@OPENLDAP_2.4_2 2.4.7
++ ldap_int_timeval_dup@OPENLDAP_2.4_2 2.4.7
++ ldap_int_tls_config@OPENLDAP_2.4_2 2.4.7
++ ldap_int_tls_destroy@OPENLDAP_2.4_2 2.4.7
++ ldap_int_tls_impl@OPENLDAP_2.4_2 2.4.15
++ ldap_int_tls_start@OPENLDAP_2.4_2 2.4.7
++ ldap_int_utils_init@OPENLDAP_2.4_2 2.4.7
++ ldap_is_ldap_url@OPENLDAP_2.4_2 2.4.7
++ ldap_is_ldapi_url@OPENLDAP_2.4_2 2.4.7
++ ldap_is_ldaps_url@OPENLDAP_2.4_2 2.4.7
++ ldap_is_read_ready@OPENLDAP_2.4_2 2.4.7
++ ldap_is_write_ready@OPENLDAP_2.4_2 2.4.7
++ ldap_ld_free@OPENLDAP_2.4_2 2.4.7
++ ldap_log_printf@OPENLDAP_2.4_2 2.4.7
++ ldap_mark_select_clear@OPENLDAP_2.4_2 2.4.7
++ ldap_mark_select_read@OPENLDAP_2.4_2 2.4.7
++ ldap_mark_select_write@OPENLDAP_2.4_2 2.4.7
++ ldap_matchingrule2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_matchingrule2name@OPENLDAP_2.4_2 2.4.7
++ ldap_matchingrule2str@OPENLDAP_2.4_2 2.4.7
++ ldap_matchingrule_free@OPENLDAP_2.4_2 2.4.7
++ ldap_matchingruleuse2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_matchingruleuse2name@OPENLDAP_2.4_2 2.4.7
++ ldap_matchingruleuse2str@OPENLDAP_2.4_2 2.4.7
++ ldap_matchingruleuse_free@OPENLDAP_2.4_2 2.4.7
++ ldap_memalloc@OPENLDAP_2.4_2 2.4.7
++ ldap_memcalloc@OPENLDAP_2.4_2 2.4.7
++ ldap_memfree@OPENLDAP_2.4_2 2.4.7
++ ldap_memrealloc@OPENLDAP_2.4_2 2.4.7
++ ldap_memvfree@OPENLDAP_2.4_2 2.4.7
++ ldap_modify@OPENLDAP_2.4_2 2.4.7
++ ldap_modify_ext@OPENLDAP_2.4_2 2.4.7
++ ldap_modify_ext_s@OPENLDAP_2.4_2 2.4.7
++ ldap_modify_s@OPENLDAP_2.4_2 2.4.7
++ ldap_modrdn2@OPENLDAP_2.4_2 2.4.7
++ ldap_modrdn2_s@OPENLDAP_2.4_2 2.4.7
++ ldap_modrdn@OPENLDAP_2.4_2 2.4.7
++ ldap_modrdn_s@OPENLDAP_2.4_2 2.4.7
++ ldap_mods_free@OPENLDAP_2.4_2 2.4.7
++ ldap_msgdelete@OPENLDAP_2.4_2 2.4.7
++ ldap_msgfree@OPENLDAP_2.4_2 2.4.7
++ ldap_msgid@OPENLDAP_2.4_2 2.4.7
++ ldap_msgtype@OPENLDAP_2.4_2 2.4.7
++ ldap_nameform2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_nameform2name@OPENLDAP_2.4_2 2.4.7
++ ldap_nameform2str@OPENLDAP_2.4_2 2.4.7
++ ldap_nameform_free@OPENLDAP_2.4_2 2.4.7
++ ldap_new_connection@OPENLDAP_2.4_2 2.4.7
++ ldap_new_select_info@OPENLDAP_2.4_2 2.4.7
++ ldap_next_attribute@OPENLDAP_2.4_2 2.4.7
++ ldap_next_entry@OPENLDAP_2.4_2 2.4.7
++ ldap_next_message@OPENLDAP_2.4_2 2.4.7
++ ldap_next_reference@OPENLDAP_2.4_2 2.4.7
++ ldap_ntlm_bind@OPENLDAP_2.4_2 2.4.7
++ ldap_objectclass2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_objectclass2name@OPENLDAP_2.4_2 2.4.7
++ ldap_objectclass2str@OPENLDAP_2.4_2 2.4.7
++ ldap_objectclass_free@OPENLDAP_2.4_2 2.4.7
++ ldap_open@OPENLDAP_2.4_2 2.4.7
++ ldap_open_defconn@OPENLDAP_2.4_2 2.4.7
++ ldap_open_internal_connection@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_deref_control@OPENLDAP_2.4_2 2.4.15
++ ldap_parse_derefresponse_control@OPENLDAP_2.4_2 2.4.15
++ ldap_parse_extended_result@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_intermediate@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_ntlm_bind_result@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_page_control@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_pageresponse_control@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_passwd@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_password_expiring_control@OPENLDAP_2.4_2 2.4.51
++ ldap_parse_passwordpolicy_control@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_reference@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_refresh@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_result@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_sasl_bind_result@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_session_tracking_control@OPENLDAP_2.4_2 2.4.28
++ ldap_parse_sortresponse_control@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_vlvresponse_control@OPENLDAP_2.4_2 2.4.7
++ ldap_parse_whoami@OPENLDAP_2.4_2 2.4.7
++ ldap_passwd@OPENLDAP_2.4_2 2.4.7
++ ldap_passwd_s@OPENLDAP_2.4_2 2.4.7
++ ldap_passwordpolicy_err2txt@OPENLDAP_2.4_2 2.4.7
++ ldap_perror@OPENLDAP_2.4_2 2.4.7
++ ldap_put_vrFilter@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_bv2scope@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_csnstr@OPENLDAP_2.4_2 2.4.23
++ ldap_pvt_ctime@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_discard@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_filter_value_unescape@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_find_wildcard@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_get_controls@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_get_fqdn@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_get_hname@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_gethostbyaddr_a@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_gethostbyname_a@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_gettime@OPENLDAP_2.4_2 2.4.23
++ ldap_pvt_hex_unescape@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_put_control@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_put_filter@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_runqueue_find@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_runqueue_insert@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_runqueue_isrunning@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_runqueue_next_sched@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_runqueue_persistent_backload@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_runqueue_remove@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_runqueue_resched@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_runqueue_runtask@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_runqueue_stoptask@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_sasl_generic_install@OPENLDAP_2.4_2 2.4.15
++ ldap_pvt_sasl_generic_remove@OPENLDAP_2.4_2 2.4.15
++ ldap_pvt_sasl_getmechs@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_sasl_install@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_sasl_mutex_dispose@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_sasl_mutex_lock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_sasl_mutex_new@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_sasl_mutex_unlock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_sasl_remove@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_sasl_secprops@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_sasl_secprops_unparse@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_scope2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_scope2str@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_search@OPENLDAP_2.4_2 2.4.15
++ ldap_pvt_search_s@OPENLDAP_2.4_2 2.4.15
++ ldap_pvt_sockbuf_io_sasl_generic@OPENLDAP_2.4_2 2.4.15
++ ldap_pvt_str2lower@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_str2lowerbv@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_str2scope@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_str2upper@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_str2upperbv@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_strtok@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_cond_broadcast@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_cond_destroy@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_cond_init@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_cond_signal@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_cond_wait@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_create@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_destroy@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_exit@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_get_concurrency@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_initialize@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_join@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_key_create@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_key_destroy@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_key_getdata@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_key_setdata@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_kill@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_mutex_destroy@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_mutex_init@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_mutex_lock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_mutex_trylock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_mutex_unlock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_backload@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_context@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_context_reset@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_destroy@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_getkey@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_idle@OPENLDAP_2.4_2 2.4.31
++ ldap_pvt_thread_pool_init@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_maxthreads@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_pause@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_pausecheck@OPENLDAP_2.4_2 2.4.9
++ ldap_pvt_thread_pool_pausing@OPENLDAP_2.4_2 2.4.9
++ ldap_pvt_thread_pool_purgekey@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_query@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_resume@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_retract@OPENLDAP_2.4_2 2.4.17
++ ldap_pvt_thread_pool_setkey@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_submit@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_tid@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_pool_unidle@OPENLDAP_2.4_2 2.4.31
++ ldap_pvt_thread_rdwr_destroy@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rdwr_init@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rdwr_rlock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rdwr_rtrylock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rdwr_runlock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rdwr_wlock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rdwr_wtrylock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rdwr_wunlock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rmutex_destroy@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rmutex_init@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rmutex_lock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rmutex_trylock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_rmutex_unlock@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_self@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_set_concurrency@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_sleep@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_thread_yield@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_accept@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_check_hostname@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_ctx_free@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_destroy@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_get_my_dn@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_get_option@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_get_peer_dn@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_get_strength@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_init@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_init_def_ctx@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_inplace@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_sb_ctx@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_tls_set_option@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_url_scheme2proto@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_url_scheme2tls@OPENLDAP_2.4_2 2.4.7
++ ldap_pvt_url_scheme_port@OPENLDAP_2.4_2 2.4.7
++ ldap_rdn2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_rdn2bv_x@OPENLDAP_2.4_2 2.4.7
++ ldap_rdn2str@OPENLDAP_2.4_2 2.4.7
++ ldap_rdnfree@OPENLDAP_2.4_2 2.4.7
++ ldap_rdnfree_x@OPENLDAP_2.4_2 2.4.7
++ ldap_refresh@OPENLDAP_2.4_2 2.4.7
++ ldap_refresh_s@OPENLDAP_2.4_2 2.4.7
++ ldap_rename2@OPENLDAP_2.4_2 2.4.7
++ ldap_rename2_s@OPENLDAP_2.4_2 2.4.7
++ ldap_rename@OPENLDAP_2.4_2 2.4.7
++ ldap_rename_s@OPENLDAP_2.4_2 2.4.7
++ ldap_result2error@OPENLDAP_2.4_2 2.4.7
++ ldap_result@OPENLDAP_2.4_2 2.4.7
++ ldap_return_request@OPENLDAP_2.4_2 2.4.7
++ ldap_sasl_bind@OPENLDAP_2.4_2 2.4.7
++ ldap_sasl_bind_s@OPENLDAP_2.4_2 2.4.7
++ ldap_sasl_interactive_bind@OPENLDAP_2.4_2 2.4.25
++ ldap_sasl_interactive_bind_s@OPENLDAP_2.4_2 2.4.7
++ ldap_scherr2str@OPENLDAP_2.4_2 2.4.7
++ ldap_search@OPENLDAP_2.4_2 2.4.7
++ ldap_search_ext@OPENLDAP_2.4_2 2.4.7
++ ldap_search_ext_s@OPENLDAP_2.4_2 2.4.7
++ ldap_search_s@OPENLDAP_2.4_2 2.4.7
++ ldap_search_st@OPENLDAP_2.4_2 2.4.7
++ ldap_send_initial_request@OPENLDAP_2.4_2 2.4.7
++ ldap_send_server_request@OPENLDAP_2.4_2 2.4.7
++ ldap_send_unbind@OPENLDAP_2.4_2 2.4.7
++ ldap_set_ber_options@OPENLDAP_2.4_2 2.4.7
++ ldap_set_nextref_proc@OPENLDAP_2.4_2 2.4.7
++ ldap_set_option@OPENLDAP_2.4_2 2.4.7
++ ldap_set_rebind_proc@OPENLDAP_2.4_2 2.4.7
++ ldap_set_urllist_proc@OPENLDAP_2.4_2 2.4.7
++ ldap_simple_bind@OPENLDAP_2.4_2 2.4.7
++ ldap_simple_bind_s@OPENLDAP_2.4_2 2.4.7
++ ldap_sort_entries@OPENLDAP_2.4_2 2.4.7
++ ldap_sort_strcasecmp@OPENLDAP_2.4_2 2.4.7
++ ldap_sort_values@OPENLDAP_2.4_2 2.4.7
++ ldap_start_tls@OPENLDAP_2.4_2 2.4.7
++ ldap_start_tls_s@OPENLDAP_2.4_2 2.4.7
++ ldap_str2attributetype@OPENLDAP_2.4_2 2.4.7
++ ldap_str2charray@OPENLDAP_2.4_2 2.4.7
++ ldap_str2contentrule@OPENLDAP_2.4_2 2.4.7
++ ldap_str2dn@OPENLDAP_2.4_2 2.4.7
++ ldap_str2matchingrule@OPENLDAP_2.4_2 2.4.7
++ ldap_str2matchingruleuse@OPENLDAP_2.4_2 2.4.7
++ ldap_str2nameform@OPENLDAP_2.4_2 2.4.7
++ ldap_str2objectclass@OPENLDAP_2.4_2 2.4.7
++ ldap_str2rdn@OPENLDAP_2.4_2 2.4.7
++ ldap_str2structurerule@OPENLDAP_2.4_2 2.4.7
++ ldap_str2syntax@OPENLDAP_2.4_2 2.4.7
++ ldap_strdup@OPENLDAP_2.4_2 2.4.7
++ ldap_structurerule2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_structurerule2name@OPENLDAP_2.4_2 2.4.7
++ ldap_structurerule2str@OPENLDAP_2.4_2 2.4.7
++ ldap_structurerule_free@OPENLDAP_2.4_2 2.4.7
++ ldap_sync_destroy@OPENLDAP_2.4_2 2.4.7
++ ldap_sync_init@OPENLDAP_2.4_2 2.4.7
++ ldap_sync_init_refresh_and_persist@OPENLDAP_2.4_2 2.4.7
++ ldap_sync_init_refresh_only@OPENLDAP_2.4_2 2.4.7
++ ldap_sync_initialize@OPENLDAP_2.4_2 2.4.7
++ ldap_sync_poll@OPENLDAP_2.4_2 2.4.7
++ ldap_syntax2bv@OPENLDAP_2.4_2 2.4.7
++ ldap_syntax2name@OPENLDAP_2.4_2 2.4.7
++ ldap_syntax2str@OPENLDAP_2.4_2 2.4.7
++ ldap_syntax_free@OPENLDAP_2.4_2 2.4.7
++ ldap_tls_inplace@OPENLDAP_2.4_2 2.4.7
++ ldap_turn@OPENLDAP_2.4_2 2.4.7
++ ldap_turn_s@OPENLDAP_2.4_2 2.4.7
++ ldap_ucs_to_utf8s@OPENLDAP_2.4_2 2.4.7
++ ldap_unbind@OPENLDAP_2.4_2 2.4.7
++ ldap_unbind_ext@OPENLDAP_2.4_2 2.4.7
++ ldap_unbind_ext_s@OPENLDAP_2.4_2 2.4.7
++ ldap_unbind_s@OPENLDAP_2.4_2 2.4.7
++ ldap_url_desc2str@OPENLDAP_2.4_2 2.4.7
++ ldap_url_dup@OPENLDAP_2.4_2 2.4.7
++ ldap_url_duplist@OPENLDAP_2.4_2 2.4.7
++ ldap_url_list2hosts@OPENLDAP_2.4_2 2.4.7
++ ldap_url_list2urls@OPENLDAP_2.4_2 2.4.7
++ ldap_url_parse@OPENLDAP_2.4_2 2.4.7
++ ldap_url_parse_ext@OPENLDAP_2.4_2 2.4.7
++ ldap_url_parsehosts@OPENLDAP_2.4_2 2.4.7
++ ldap_url_parselist@OPENLDAP_2.4_2 2.4.7
++ ldap_url_parselist_ext@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_bytes@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_charlen2@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_charlen@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_chars@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_copy@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_isalnum@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_isalpha@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_isascii@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_isdigit@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_islower@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_isspace@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_isupper@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_isxdigit@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_lentab@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_mintab@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_next@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_offset@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_prev@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_strchr@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_strcspn@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_strpbrk@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_strspn@OPENLDAP_2.4_2 2.4.7
++ ldap_utf8_strtok@OPENLDAP_2.4_2 2.4.7
++ ldap_value_dup@OPENLDAP_2.4_2 2.4.7
++ ldap_value_free@OPENLDAP_2.4_2 2.4.7
++ ldap_value_free_len@OPENLDAP_2.4_2 2.4.7
++ ldap_whoami@OPENLDAP_2.4_2 2.4.7
++ ldap_whoami_s@OPENLDAP_2.4_2 2.4.7
++ ldap_x_mb_to_utf8@OPENLDAP_2.4_2 2.4.7
++ ldap_x_mbs_to_utf8s@OPENLDAP_2.4_2 2.4.7
++ ldap_x_ucs4_to_utf8@OPENLDAP_2.4_2 2.4.7
++ ldap_x_utf8_to_mb@OPENLDAP_2.4_2 2.4.7
++ ldap_x_utf8_to_ucs4@OPENLDAP_2.4_2 2.4.7
++ ldap_x_utf8_to_wc@OPENLDAP_2.4_2 2.4.7
++ ldap_x_utf8s_to_mbs@OPENLDAP_2.4_2 2.4.7
++ ldap_x_utf8s_to_wcs@OPENLDAP_2.4_2 2.4.7
++ ldap_x_wc_to_utf8@OPENLDAP_2.4_2 2.4.7
++ ldap_x_wcs_to_utf8s@OPENLDAP_2.4_2 2.4.7
++ ldif_close@OPENLDAP_2.4_2 2.4.25
++ ldif_countlines@OPENLDAP_2.4_2 2.4.25
++ ldif_debug@OPENLDAP_2.4_2 2.4.25
++ ldif_fetch_url@OPENLDAP_2.4_2 2.4.25
++ ldif_getline@OPENLDAP_2.4_2 2.4.25
++ ldif_is_not_printable@OPENLDAP_2.4_2 2.4.25
++ ldif_must_b64_encode_register@OPENLDAP_2.4_2 2.4.25
++ ldif_must_b64_encode_release@OPENLDAP_2.4_2 2.4.25
++ ldif_open@OPENLDAP_2.4_2 2.4.25
++ ldif_open_url@OPENLDAP_2.4_2 2.4.25
++ ldif_parse_line2@OPENLDAP_2.4_2 2.4.25
++ ldif_parse_line@OPENLDAP_2.4_2 2.4.25
++ ldif_put@OPENLDAP_2.4_2 2.4.25
++ ldif_put_wrap@OPENLDAP_2.4_2 2.4.25
++ ldif_read_record@OPENLDAP_2.4_2 2.4.39
++ ldif_sput@OPENLDAP_2.4_2 2.4.25
++ ldif_sput_wrap@OPENLDAP_2.4_2 2.4.25
--- /dev/null
--- /dev/null
++etc/ldap/ldap.conf
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man5/ldap.conf.5
--- /dev/null
--- /dev/null
--- /dev/null
--- /dev/null
++usr/include/lber.h
++usr/include/lber_types.h
++usr/include/ldap_cdefs.h
++usr/include/ldap_features.h
++usr/include/ldap.h
++usr/include/ldap_schema.h
++usr/include/ldap_utf8.h
++usr/include/ldif.h
++usr/include/openldap.h
++usr/lib/*/liblber.a
++usr/lib/*/liblber.so
++usr/lib/*/libldap_r.a
++usr/lib/*/libldap_r.so
--- /dev/null
--- /dev/null
++usr/share/man/man3/lber-encode.3 usr/share/man/man3/ber_put_bitstring.3
++usr/share/man/man3/lber-encode.3 usr/share/man/man3/ber_put_boolean.3
++usr/share/man/man3/lber-encode.3 usr/share/man/man3/ber_start_seq.3
++usr/share/man/man3/lber-memory.3 usr/share/man/man3/ber_memalloc.3
++usr/share/man/man3/lber-memory.3 usr/share/man/man3/ber_memcalloc.3
++usr/share/man/man3/lber-memory.3 usr/share/man/man3/ber_memfree.3
++usr/share/man/man3/lber-memory.3 usr/share/man/man3/ber_memrealloc.3
++usr/share/man/man3/lber-types.3 usr/share/man/man3/ber_int_t.3
++usr/share/man/man3/lber-types.3 usr/share/man/man3/ber_len_t.3
++usr/share/man/man3/lber-types.3 usr/share/man/man3/ber_tag_t.3
++usr/lib/${DEB_HOST_MULTIARCH}/libldap_r.so usr/lib/${DEB_HOST_MULTIARCH}/libldap.so
++usr/lib/${DEB_HOST_MULTIARCH}/libldap_r.a usr/lib/${DEB_HOST_MULTIARCH}/libldap.a
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man3/*
--- /dev/null
--- /dev/null
++From 82ce81ee7ad4a252aed2d6a10ea808ff18a65ffd Mon Sep 17 00:00:00 2001
++From: Ryan Tandy <ryan@nardis.ca>
++Date: Sun, 22 Sep 2019 03:08:30 +0000
++Subject: [PATCH] ITS#9086 Add debug logging for more GnuTLS errors
++
++---
++ libraries/libldap/tls_g.c | 56 ++++++++++++++++++++++++++++++++++-----
++ 1 file changed, 49 insertions(+), 7 deletions(-)
++
++diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c
++index f3b4cd710..249f7e8d5 100644
++--- a/libraries/libldap/tls_g.c
+++++ b/libraries/libldap/tls_g.c
++@@ -188,9 +188,16 @@ tlsg_getfile( const char *path, gnutls_datum_t *buf )
++ {
++ int rc = -1, fd;
++ struct stat st;
+++ char ebuf[128];
++
++ fd = open( path, O_RDONLY );
++- if ( fd >= 0 && fstat( fd, &st ) == 0 ) {
+++ if ( fd < 0 ) {
+++ Debug( LDAP_DEBUG_ANY,
+++ "TLS: opening `%s' failed: %s\n",
+++ path, AC_STRERROR_R( errno, ebuf, sizeof ebuf ), NULL );
+++ return -1;
+++ }
+++ if ( fstat( fd, &st ) == 0 ) {
++ buf->size = st.st_size;
++ buf->data = LDAP_MALLOC( st.st_size + 1 );
++ if ( buf->data ) {
++@@ -236,7 +243,17 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
++ ctx->cred,
++ lt->lt_cacertfile,
++ GNUTLS_X509_FMT_PEM );
++- if ( rc < 0 ) return -1;
+++ if ( rc < 0 ) {
+++ Debug( LDAP_DEBUG_ANY,
+++ "TLS: could not use CA certificate file `%s': %s (%d)\n",
+++ lo->ldo_tls_cacertfile, gnutls_strerror( rc ), rc );
+++ return -1;
+++ } else if ( rc == 0 ) {
+++ Debug( LDAP_DEBUG_ANY,
+++ "TLS: warning: no certificate loaded from CA certificate file `%s'.\n",
+++ lo->ldo_tls_cacertfile, NULL, NULL );
+++ /* only warn, no return */
+++ }
++ }
++
++ if ( lo->ldo_tls_certfile && lo->ldo_tls_keyfile ) {
++@@ -254,18 +271,38 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
++ * do some special checks here...
++ */
++ rc = tlsg_getfile( lt->lt_keyfile, &buf );
++- if ( rc ) return -1;
+++ if ( rc ) {
+++ Debug( LDAP_DEBUG_ANY,
+++ "TLS: could not use private key file `%s`.\n",
+++ lt->lt_keyfile, NULL, NULL );
+++ return -1;
+++ }
++ rc = gnutls_x509_privkey_import( key, &buf,
++ GNUTLS_X509_FMT_PEM );
++ LDAP_FREE( buf.data );
++- if ( rc < 0 ) return rc;
+++ if ( rc < 0 ) {
+++ Debug( LDAP_DEBUG_ANY,
+++ "TLS: could not use private key: %s (%d)\n",
+++ gnutls_strerror( rc ), rc, NULL );
+++ return rc;
+++ }
++
++ rc = tlsg_getfile( lt->lt_certfile, &buf );
++- if ( rc ) return -1;
+++ if ( rc ) {
+++ Debug( LDAP_DEBUG_ANY,
+++ "TLS: could not use certificate file `%s`.\n",
+++ lt->lt_certfile, NULL, NULL );
+++ return -1;
+++ }
++ rc = gnutls_x509_crt_list_import( certs, &max, &buf,
++ GNUTLS_X509_FMT_PEM, 0 );
++ LDAP_FREE( buf.data );
++- if ( rc < 0 ) return rc;
+++ if ( rc < 0 ) {
+++ Debug( LDAP_DEBUG_ANY,
+++ "TLS: could not use certificate: %s (%d)\n",
+++ gnutls_strerror( rc ), rc, NULL );
+++ return rc;
+++ }
++
++ /* If there's only one cert and it's not self-signed,
++ * then we have to build the cert chain.
++@@ -282,7 +319,12 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
++ }
++ }
++ rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key );
++- if ( rc ) return -1;
+++ if ( rc ) {
+++ Debug( LDAP_DEBUG_ANY,
+++ "TLS: could not use certificate with key: %s (%d)\n",
+++ gnutls_strerror( rc ), rc, NULL );
+++ return -1;
+++ }
++ } else if ( lo->ldo_tls_certfile || lo->ldo_tls_keyfile ) {
++ Debug( LDAP_DEBUG_ANY,
++ "TLS: only one of certfile and keyfile specified\n",
++--
++2.20.1
++
--- /dev/null
--- /dev/null
++--- a/doc/man/man5/slapd-config.5
+++++ b/doc/man/man5/slapd-config.5
++@@ -409,6 +409,10 @@
++ and replacement patterns. The matching patterns are checked in the order they
++ appear in the attribute, stopping at the first successful match.
++
+++Note that changes to
+++.B olcAuthzRegexp
+++take effect the next time the server is started, not immediately upon
+++changing the configuration.
++ .\".B Caution:
++ .\"Because the plus sign + is a character recognized by the regular expression engine,
++ .\"and it will appear in names that include a REALM, be careful to escape the
--- /dev/null
--- /dev/null
++--- a/libraries/libldap/ldap.conf
+++++ b/libraries/libldap/ldap.conf
++@@ -11,3 +11,7 @@
++ #SIZELIMIT 12
++ #TIMELIMIT 15
++ #DEREF never
+++
+++# TLS certificates (needed for GnuTLS)
+++TLS_CACERT /etc/ssl/certs/ca-certificates.crt
+++
--- /dev/null
--- /dev/null
++--- a/contrib/slapd-modules/passwd/Makefile
+++++ b/contrib/slapd-modules/passwd/Makefile
++@@ -13,7 +13,7 @@
++ INCS = $(LDAP_INC)
++ LIBS = $(LDAP_LIB)
++
++-PROGRAMS = pw-kerberos.la pw-netscape.la pw-radius.la pw-apr1.la
+++PROGRAMS = pw-netscape.la pw-apr1.la
++ LTVER = 0:0:0
++
++ prefix=/usr/local
++@@ -27,24 +27,24 @@
++ .SUFFIXES: .c .o .lo
++
++ .c.lo:
++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
+++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $<
++
++ all: $(PROGRAMS)
++
++ pw-kerberos.la: kerberos.lo
++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \
++ -rpath $(moduledir) -module -o $@ $? -lkrb5
++
++ pw-netscape.la: netscape.lo
++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \
++ -rpath $(moduledir) -module -o $@ $?
++
++ pw-radius.la: radius.lo
++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \
++ -rpath $(moduledir) -module -o $@ $? -lradius
++
++ pw-apr1.la: apr1.lo
++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \
++ -rpath $(moduledir) -module -o $@ $?
++
++ clean:
++--- a/contrib/slapd-modules/passwd/pbkdf2/Makefile
+++++ b/contrib/slapd-modules/passwd/pbkdf2/Makefile
++@@ -12,7 +12,7 @@
++ #DEFS = -DSLAPD_PBKDF2_DEBUG
++
++ INCS = $(LDAP_INC)
++-LIBS = $(LDAP_LIB) -lcrypto
+++LIBS = $(LDAP_LIB) -lnettle
++
++ PROGRAMS = pw-pbkdf2.la
++ LTVER = 0:0:0
++@@ -30,12 +30,12 @@
++ .SUFFIXES: .c .o .lo
++
++ .c.lo:
++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
+++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $<
++
++ all: $(PROGRAMS)
++
++ pw-pbkdf2.la: pw-pbkdf2.lo
++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \
++ -rpath $(moduledir) -module -o $@ $? $(LIBS)
++
++ clean:
++--- a/contrib/slapd-modules/smbk5pwd/Makefile
+++++ b/contrib/slapd-modules/smbk5pwd/Makefile
++@@ -19,10 +19,10 @@
++ $(LDAP_BUILD)/libraries/liblber/liblber.la
++
++ SSL_INC =
++-SSL_LIB = -lcrypto
+++SSL_LIB = -lnettle
++
++-HEIMDAL_INC = -I/usr/heimdal/include
++-HEIMDAL_LIB = -L/usr/heimdal/lib -lkrb5 -lkadm5srv
+++HEIMDAL_INC = $(shell krb5-config.heimdal --cflags kadm-server)
+++HEIMDAL_LIB = $(shell krb5-config.heimdal --libs kadm-server)
++
++ LIBTOOL = $(LDAP_BUILD)/libtool
++ CC = gcc
++@@ -30,7 +30,8 @@
++ # Omit DO_KRB5, DO_SAMBA or DO_SHADOW if you don't want to support it.
++ DEFS = -DDO_KRB5 -DDO_SAMBA -DDO_SHADOW
++ INCS = $(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC)
++-LIBS = $(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB)
+++# put /usr/lib/heimdal before /usr/lib in case libkrb5-dev is installed, #745356
+++LIBS = $(HEIMDAL_LIB) $(LDAP_LIB) $(SSL_LIB)
++
++ PROGRAMS = smbk5pwd.la
++ LTVER = 0:0:0
++@@ -46,12 +47,12 @@
++ .SUFFIXES: .c .o .lo
++
++ .c.lo:
++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
+++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $<
++
++ all: $(PROGRAMS)
++
++ smbk5pwd.la: smbk5pwd.lo
++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \
++ -rpath $(moduledir) -module -o $@ $? $(LIBS)
++
++ clean:
++--- a/contrib/slapd-modules/autogroup/Makefile
+++++ b/contrib/slapd-modules/autogroup/Makefile
++@@ -27,12 +27,12 @@
++ .SUFFIXES: .c .o .lo
++
++ .c.lo:
++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
+++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $<
++
++ all: $(PROGRAMS)
++
++ autogroup.la: autogroup.lo
++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \
++ -rpath $(moduledir) -module -o $@ $? $(LIBS)
++
++ clean:
++--- a/contrib/slapd-modules/lastbind/Makefile
+++++ b/contrib/slapd-modules/lastbind/Makefile
++@@ -37,12 +37,12 @@
++ .SUFFIXES: .c .o .lo
++
++ .c.lo:
++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
+++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $<
++
++ all: $(PROGRAMS)
++
++ lastbind.la: lastbind.lo
++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \
++ -rpath $(moduledir) -module -o $@ $? $(LIBS)
++
++ clean:
++--- a/contrib/slapd-modules/passwd/sha2/Makefile
+++++ b/contrib/slapd-modules/passwd/sha2/Makefile
++@@ -28,12 +28,12 @@
++ .SUFFIXES: .c .o .lo
++
++ .c.lo:
++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
+++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $<
++
++ all: $(PROGRAMS)
++
++ pw-sha2.la: slapd-sha2.lo sha2.lo
++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \
++ -rpath $(moduledir) -module -o $@ $? $(LIBS)
++
++ clean:
++--- a/contrib/slapd-modules/passwd/argon2/Makefile
+++++ b/contrib/slapd-modules/passwd/argon2/Makefile
++@@ -14,7 +14,7 @@
++ INCS = $(LDAP_INC)
++ LIBS = $(LDAP_LIB)
++
++-implementation = sodium
+++implementation = argon2
++
++ ifeq ($(implementation),argon2)
++ LIBS += -largon2
++@@ -42,12 +42,12 @@
++ .SUFFIXES: .c .o .lo
++
++ .c.lo:
++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $<
+++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $<
++
++ all: $(PROGRAMS)
++
++ pw-argon2.la: pw-argon2.lo
++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \
+++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \
++ -rpath $(moduledir) -module -o $@ $? $(LIBS)
++
++ clean:
--- /dev/null
--- /dev/null
++Description: Replace upstream version with Debian version in version strings
++Forwarded: not-needed
++Author: Ryan Tandy <ryan@nardis.ca>
++--- a/build/version.sh
+++++ b/build/version.sh
++@@ -40,7 +40,7 @@
++ echo OL_API_INC=$ol_api_inc
++ echo OL_API_LIB_RELEASE=$ol_api_lib_release
++ echo OL_API_LIB_VERSION=$ol_api_lib_version
++-echo OL_VERSION=$ol_version
+++echo OL_VERSION=\"${DEB_VERSION:-$ol_version}\"
++ echo OL_TYPE=$ol_type
++ echo OL_STRING=\"${ol_string}\"
++ echo OL_RELEASE_DATE=\"${ol_release_date}\"
--- /dev/null
--- /dev/null
++Rip out code that second-guesses the libsasl soname / Debian shlibs. If
++cyrus sasl upstream is breaking the ABI, this needs to be fixed upstream
++there, not kludged around upstream here!
++
++Debian bug #546885
++
++Upstream ITS #6302 filed.
++
++--- a/libraries/libldap/cyrus.c
+++++ b/libraries/libldap/cyrus.c
++@@ -74,28 +74,6 @@
++ */
++ int ldap_int_sasl_init( void )
++ {
++-#ifdef HAVE_SASL_VERSION
++- /* stringify the version number, sasl.h doesn't do it for us */
++-#define VSTR0(maj, min, pat) #maj "." #min "." #pat
++-#define VSTR(maj, min, pat) VSTR0(maj, min, pat)
++-#define SASL_VERSION_STRING VSTR(SASL_VERSION_MAJOR, SASL_VERSION_MINOR, \
++- SASL_VERSION_STEP)
++- { int rc;
++- sasl_version( NULL, &rc );
++- if ( ((rc >> 16) != ((SASL_VERSION_MAJOR << 8)|SASL_VERSION_MINOR)) ||
++- (rc & 0xffff) < SASL_VERSION_STEP) {
++- char version[sizeof("xxx.xxx.xxxxx")];
++- sprintf( version, "%u.%d.%d", (unsigned)rc >> 24, (rc >> 16) & 0xff,
++- rc & 0xffff );
++-
++- Debug( LDAP_DEBUG_ANY,
++- "ldap_int_sasl_init: SASL library version mismatch:"
++- " expected " SASL_VERSION_STRING ","
++- " got %s\n", version, 0, 0 );
++- return -1;
++- }
++- }
++-#endif
++
++ /* SASL 2 takes care of its own memory completely internally */
++ #if SASL_VERSION_MAJOR < 2 && !defined(CSRIMALLOC)
++--- a/servers/slapd/sasl.c
+++++ b/servers/slapd/sasl.c
++@@ -1145,26 +1145,6 @@ int slap_sasl_init( void )
++ #endif
++
++ #ifdef HAVE_CYRUS_SASL
++-#ifdef HAVE_SASL_VERSION
++- /* stringify the version number, sasl.h doesn't do it for us */
++-#define VSTR0(maj, min, pat) #maj "." #min "." #pat
++-#define VSTR(maj, min, pat) VSTR0(maj, min, pat)
++-#define SASL_VERSION_STRING VSTR(SASL_VERSION_MAJOR, SASL_VERSION_MINOR, \
++- SASL_VERSION_STEP)
++-
++- sasl_version( NULL, &rc );
++- if ( ((rc >> 16) != ((SASL_VERSION_MAJOR << 8)|SASL_VERSION_MINOR)) ||
++- (rc & 0xffff) < SASL_VERSION_STEP)
++- {
++- char version[sizeof("xxx.xxx.xxxxx")];
++- sprintf( version, "%u.%d.%d", (unsigned)rc >> 24, (rc >> 16) & 0xff,
++- rc & 0xffff );
++- Debug( LDAP_DEBUG_ANY, "slap_sasl_init: SASL library version mismatch:"
++- " expected %s, got %s\n",
++- SASL_VERSION_STRING, version, 0 );
++- return -1;
++- }
++-#endif
++
++ sasl_set_mutex(
++ ldap_pvt_sasl_mutex_new,
--- /dev/null
--- /dev/null
++Patch from evolution-exchange (2.10.3). The ldap_ntlm_bind function is
++actually called by evolution-data-server, checked at version 1.12.2.
++Without this patch, the Exchange addressbook integration uses simple binds
++with cleartext passwords.
++
++Russ checked with openldap-software for upstream's opinion on this patch
++on 2007-12-21. Upstream had never received it as a patch submission and
++given that it's apparently only for older Exchange servers that can't do
++SASL and DIGEST-MD5, it's not very appealing.
++
++Bug#457374 filed against evolution-data-server asking if this support is
++still required on 2007-12-21.
++
++--- a/include/ldap.h
+++++ b/include/ldap.h
++@@ -2517,5 +2517,25 @@ ldap_parse_deref_control LDAP_P((
++ LDAPControl **ctrls,
++ LDAPDerefRes **drp ));
++
+++/*
+++ * hacks for NTLM
+++ */
+++#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU)
+++#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU)
+++LDAP_F( int )
+++ldap_ntlm_bind LDAP_P((
+++ LDAP *ld,
+++ LDAP_CONST char *dn,
+++ ber_tag_t tag,
+++ struct berval *cred,
+++ LDAPControl **sctrls,
+++ LDAPControl **cctrls,
+++ int *msgidp ));
+++LDAP_F( int )
+++ldap_parse_ntlm_bind_result LDAP_P((
+++ LDAP *ld,
+++ LDAPMessage *res,
+++ struct berval *challenge));
+++
++ LDAP_END_DECL
++ #endif /* _LDAP_H */
++--- /dev/null
+++++ b/libraries/libldap/ntlm.c
++@@ -0,0 +1,138 @@
+++/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */
+++/*
+++ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+++ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+++ */
+++
+++/* Mostly copied from sasl.c */
+++
+++#include "portable.h"
+++
+++#include <stdlib.h>
+++#include <stdio.h>
+++
+++#include <ac/socket.h>
+++#include <ac/string.h>
+++#include <ac/time.h>
+++#include <ac/errno.h>
+++
+++#include "ldap-int.h"
+++
+++int
+++ldap_ntlm_bind(
+++ LDAP *ld,
+++ LDAP_CONST char *dn,
+++ ber_tag_t tag,
+++ struct berval *cred,
+++ LDAPControl **sctrls,
+++ LDAPControl **cctrls,
+++ int *msgidp )
+++{
+++ BerElement *ber;
+++ int rc;
+++ ber_int_t id;
+++
+++ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 );
+++
+++ assert( ld != NULL );
+++ assert( LDAP_VALID( ld ) );
+++ assert( msgidp != NULL );
+++
+++ if( msgidp == NULL ) {
+++ ld->ld_errno = LDAP_PARAM_ERROR;
+++ return ld->ld_errno;
+++ }
+++
+++ /* create a message to send */
+++ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) {
+++ ld->ld_errno = LDAP_NO_MEMORY;
+++ return ld->ld_errno;
+++ }
+++
+++ assert( LBER_VALID( ber ) );
+++
+++ LDAP_NEXT_MSGID( ld, id );
+++ rc = ber_printf( ber, "{it{istON}" /*}*/,
+++ id, LDAP_REQ_BIND,
+++ ld->ld_version, dn, tag,
+++ cred );
+++
+++ /* Put Server Controls */
+++ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) {
+++ ber_free( ber, 1 );
+++ return ld->ld_errno;
+++ }
+++
+++ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) {
+++ ld->ld_errno = LDAP_ENCODING_ERROR;
+++ ber_free( ber, 1 );
+++ return ld->ld_errno;
+++ }
+++
+++ /* send the message */
+++ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id );
+++
+++ if(*msgidp < 0)
+++ return ld->ld_errno;
+++
+++ return LDAP_SUCCESS;
+++}
+++
+++int
+++ldap_parse_ntlm_bind_result(
+++ LDAP *ld,
+++ LDAPMessage *res,
+++ struct berval *challenge)
+++{
+++ ber_int_t errcode;
+++ ber_tag_t tag;
+++ BerElement *ber;
+++ ber_len_t len;
+++
+++ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 );
+++
+++ assert( ld != NULL );
+++ assert( LDAP_VALID( ld ) );
+++ assert( res != NULL );
+++
+++ if ( ld == NULL || res == NULL ) {
+++ return LDAP_PARAM_ERROR;
+++ }
+++
+++ if( res->lm_msgtype != LDAP_RES_BIND ) {
+++ ld->ld_errno = LDAP_PARAM_ERROR;
+++ return ld->ld_errno;
+++ }
+++
+++ if ( ld->ld_error ) {
+++ LDAP_FREE( ld->ld_error );
+++ ld->ld_error = NULL;
+++ }
+++ if ( ld->ld_matched ) {
+++ LDAP_FREE( ld->ld_matched );
+++ ld->ld_matched = NULL;
+++ }
+++
+++ /* parse results */
+++
+++ ber = ber_dup( res->lm_ber );
+++
+++ if( ber == NULL ) {
+++ ld->ld_errno = LDAP_NO_MEMORY;
+++ return ld->ld_errno;
+++ }
+++
+++ tag = ber_scanf( ber, "{ioa" /*}*/,
+++ &errcode, challenge, &ld->ld_error );
+++ ber_free( ber, 0 );
+++
+++ if( tag == LBER_ERROR ) {
+++ ld->ld_errno = LDAP_DECODING_ERROR;
+++ return ld->ld_errno;
+++ }
+++
+++ ld->ld_errno = errcode;
+++
+++ return( ld->ld_errno );
+++}
+++
++--- a/libraries/libldap/Makefile.in
+++++ b/libraries/libldap/Makefile.in
++@@ -27,7 +27,7 @@ SRCS = bind.c open.c result.c error.c co
++ init.c options.c print.c string.c util-int.c schema.c \
++ charray.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \
++ tls2.c tls_o.c tls_g.c tls_m.c \
++- turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \
+++ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c ntlm.c \
++ assertion.c deref.c ldif.c fetch.c
++
++ OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \
++@@ -40,7 +40,7 @@ OBJS = bind.lo open.lo result.lo error.l
++ init.lo options.lo print.lo string.lo util-int.lo schema.lo \
++ charray.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \
++ tls2.lo tls_o.lo tls_g.lo tls_m.lo \
++- turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \
+++ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo ntlm.lo \
++ assertion.lo deref.lo ldif.lo fetch.lo
++
++ LDAP_INCDIR= ../../include
++--- a/libraries/libldap_r/Makefile.in
+++++ b/libraries/libldap_r/Makefile.in
++@@ -29,7 +29,7 @@ XXSRCS = apitest.c test.c \
++ init.c options.c print.c string.c util-int.c schema.c \
++ charray.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \
++ tls2.c tls_o.c tls_g.c tls_m.c \
++- turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \
+++ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c ntlm.c \
++ assertion.c deref.c ldif.c fetch.c
++ SRCS = threads.c rdwr.c rmutex.c tpool.c rq.c \
++ thr_posix.c thr_cthreads.c thr_thr.c thr_nt.c \
++@@ -47,7 +47,7 @@ OBJS = threads.lo rdwr.lo rmutex.lo tpoo
++ init.lo options.lo print.lo string.lo util-int.lo schema.lo \
++ charray.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \
++ tls2.lo tls_o.lo tls_g.lo tls_m.lo \
++- turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \
+++ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo ntlm.lo \
++ assertion.lo deref.lo ldif.lo fetch.lo
++
++ LDAP_INCDIR= ../../include
--- /dev/null
--- /dev/null
++--- a/build/top.mk
+++++ b/build/top.mk
++@@ -20,7 +20,7 @@
++ RELEASEDATE= @OPENLDAP_RELEASE_DATE@
++
++ @SET_MAKE@
++-SHELL = /bin/sh
+++SHELL = @SHELL@
++
++ top_builddir = @top_builddir@
++
--- /dev/null
--- /dev/null
++Author: Steve Langasek <vorlon@debian.org>
++
++OpenLDAP upstream conservatively assumes that certain resolver functions
++(getaddrinfo, getnameinfo, res_query, dn_expand) are not re-entrant; but we
++know that the glibc implementations of these functions are thread-safe, so
++we should bypass the use of this mutex. This fixes a locking problem when
++an application uses libldap and libnss-ldap is also used for hosts
++resolution.
++
++Closes Debian bug #340601.
++
++Not suitable for forwarding upstream; might be made suitable by adding a
++configure-time check for glibc and disabling the mutex only on known
++thread-safe implementations.
++
++--- a/libraries/libldap/os-ip.c
+++++ b/libraries/libldap/os-ip.c
++@@ -602,13 +602,7 @@ ldap_connect_to_host(LDAP *ld, Sockbuf *
++ hints.ai_socktype = socktype;
++ snprintf(serv, sizeof serv, "%d", port );
++
++- /* most getaddrinfo(3) use non-threadsafe resolver libraries */
++- LDAP_MUTEX_LOCK(&ldap_int_resolv_mutex);
++-
++ err = getaddrinfo( host, serv, &hints, &res );
++-
++- LDAP_MUTEX_UNLOCK(&ldap_int_resolv_mutex);
++-
++ if ( err != 0 ) {
++ osip_debug(ld, "ldap_connect_to_host: getaddrinfo failed: %s\n",
++ AC_GAI_STRERROR(err), 0, 0);
++--- a/libraries/libldap/util-int.c
+++++ b/libraries/libldap/util-int.c
++@@ -431,9 +431,7 @@ int ldap_pvt_get_hname(
++ int rc;
++ #if defined( HAVE_GETNAMEINFO )
++
++- LDAP_MUTEX_LOCK( &ldap_int_resolv_mutex );
++ rc = getnameinfo( sa, len, name, namelen, NULL, 0, 0 );
++- LDAP_MUTEX_UNLOCK( &ldap_int_resolv_mutex );
++ if ( rc ) *err = (char *)AC_GAI_STRERROR( rc );
++ return rc;
++
--- /dev/null
--- /dev/null
++Document in the man page that slapindex should be run as the same user
++as slapd, and print a warning if it's run as root (since Debian defaults
++to running slapd as openldap).
++
++Not suitable for upstream in this form. This patch needs to be reworked
++to check the BerkeleyDB database ownership and only warn if running as
++root with a database that's not owned by root.
++
++Upstream ITS #5356 filed requesting better handling of this. Current
++upstream discussion leans towards putting the check into the database
++backend and aborting if slapd is run as a different user than the database
++owner, which is an even better fix.
++
++--- a/doc/man/man8/slapindex.8
+++++ b/doc/man/man8/slapindex.8
++@@ -148,6 +148,10 @@
++ should not be running (at least, not in read-write
++ mode) when you do this to ensure consistency of the database.
++ .LP
+++slapindex ought to be run as the user specified for
+++.BR slapd (8)
+++to ensure correct database permissions.
+++.LP
++ This command provides ample opportunity for the user to obtain
++ and drink their favorite beverage.
++ .SH EXAMPLES
++--- a/servers/slapd/slapindex.c
+++++ b/servers/slapd/slapindex.c
++@@ -34,6 +34,8 @@
++ int
++ slapindex( int argc, char **argv )
++ {
+++ if (geteuid() == 0)
+++ fprintf( stderr, "\nWARNING!\nRunning as root!\nThere's a fair chance slapd will fail to start.\nCheck file permissions!\n\n");
++ ID id;
++ int rc = EXIT_SUCCESS;
++ const char *progname = "slapindex";
--- /dev/null
--- /dev/null
++--- a/contrib/slapd-modules/lastbind/Makefile
+++++ b/contrib/slapd-modules/lastbind/Makefile
++@@ -17,6 +17,7 @@
++ $(LDAP_BUILD)/libraries/liblber/liblber.la
++
++ LIBTOOL = $(LDAP_BUILD)/libtool
+++INSTALL = /usr/bin/install
++ CC = gcc
++ OPT = -g -O2 -Wall
++ DEFS = -DSLAPD_OVER_LASTBIND=SLAPD_MOD_DYNAMIC
++@@ -25,6 +26,7 @@
++
++ PROGRAMS = lastbind.la
++ LTVER = 0:0:0
+++MANPAGES = slapo-lastbind.5
++
++ prefix=/usr/local
++ exec_prefix=$(prefix)
++@@ -33,6 +35,8 @@
++ libdir=$(exec_prefix)/lib
++ libexecdir=$(exec_prefix)/libexec
++ moduledir = $(libexecdir)$(ldap_subdir)
+++mandir = $(exec_prefix)/share/man
+++man5dir = $(mandir)/man5
++
++ .SUFFIXES: .c .o .lo
++
++@@ -48,9 +52,17 @@
++ clean:
++ rm -rf *.o *.lo *.la .libs
++
++-install: $(PROGRAMS)
+++install: install-lib install-man FORCE
+++
+++install-lib: $(PROGRAMS)
++ mkdir -p $(DESTDIR)$(moduledir)
++ for p in $(PROGRAMS) ; do \
++ $(LIBTOOL) --mode=install cp $$p $(DESTDIR)$(moduledir) ; \
++ done
++
+++install-man: $(MANPAGES)
+++ mkdir -p $(DESTDIR)$(man5dir)
+++ $(INSTALL) -m 644 $(MANPAGES) $(DESTDIR)$(man5dir)
+++
+++FORCE:
+++
--- /dev/null
--- /dev/null
++--- a/doc/man/man5/ldap.conf.5
+++++ b/doc/man/man5/ldap.conf.5
++@@ -317,7 +317,7 @@ certificates in separate individual file
++ .B TLS_CACERT
++ is always used before
++ .B TLS_CACERTDIR.
++-This parameter is ignored with GnuTLS.
+++This parameter is ignored with GnuTLS. On Debian openldap is linked against GnuTLS.
++
++ When using Mozilla NSS, <path> may contain a Mozilla NSS cert/key
++ database. If <path> contains a Mozilla NSS cert/key database and
++@@ -428,7 +428,7 @@ This parameter is ignored with GnuTLS.
++ Specifies the file to obtain random bits from when /dev/[u]random is
++ not available. Generally set to the name of the EGD/PRNGD socket.
++ The environment variable RANDFILE can also be used to specify the filename.
++-This parameter is ignored with GnuTLS and Mozilla NSS.
+++This parameter is ignored with GnuTLS and Mozilla NSS. On Debian openldap is linked against GnuTLS.
++ .TP
++ .B TLS_REQCERT <level>
++ Specifies what checks to perform on server certificates in a TLS session,
++@@ -461,7 +461,7 @@ Specifies if the Certificate Revocation
++ used to verify if the server certificates have not been revoked. This
++ requires
++ .B TLS_CACERTDIR
++-parameter to be set. This parameter is ignored with GnuTLS and Mozilla NSS.
+++parameter to be set. This parameter is ignored with GnuTLS and Mozilla NSS. On Debian openldap is linked against GnuTLS.
++ .B <level>
++ can be specified as one of the following keywords:
++ .RS
--- /dev/null
--- /dev/null
++Move the ldapi socket to /var/run/slapd from /var/run, since /var/run
++is only writable by root and slapd runs as openldap.
++
++Debian-specific.
++
++--- a/include/ldap_defaults.h
+++++ b/include/ldap_defaults.h
++@@ -39,7 +39,7 @@
++ #define LDAP_ENV_PREFIX "LDAP"
++
++ /* default ldapi:// socket */
++-#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi"
+++#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "slapd" LDAP_DIRSEP "ldapi"
++
++ /*
++ * SLAPD DEFINITIONS
--- /dev/null
--- /dev/null
++Add symbol versioning to the public LDAP libraries. This is required for
++library transitions, such as the current transition from 2.1 to 2.4,
++since programs will sometimes have both libraries loaded by different
++dependency chains during the transition.
++
++Not yet contributed upstream.
++
++Upstream ITS #5365 filed requesting symbol versioning for libldap and
++libber.
++
++--- a/libraries/libldap_r/Makefile.in
+++++ b/libraries/libldap_r/Makefile.in
++@@ -61,6 +61,9 @@ XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS)
++ XXXLIBS = $(LTHREAD_LIBS)
++ NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
++ UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) $(LTHREAD_LIBS)
+++ifneq (,$(VERSION_OPTION))
+++ VERSION_FLAGS = "$(VERSION_OPTION)$(XXDIR)/libldap.map"
+++endif
++
++ .links : Makefile
++ @for i in $(XXSRCS); do \
++--- a/build/top.mk
+++++ b/build/top.mk
++@@ -104,6 +104,9 @@ LTFLAGS_MOD = $(@PLAT@_LTFLAGS_MOD)
++ # LINK_LIBS referenced in library and module link commands.
++ LINK_LIBS = $(MOD_LIBS) $(@PLAT@_LINK_LIBS)
++
+++# option to pass to $(CC) to support library symbol versioning, if any
+++VERSION_OPTION = @VERSION_OPTION@
+++
++ LTSTATIC = @LTSTATIC@
++
++ LTLINK = $(LIBTOOL) --mode=link \
++@@ -113,7 +116,7 @@ LTCOMPILE_LIB = $(LIBTOOL) $(LTONLY_LIB)
++ $(CC) $(LT_CFLAGS) $(LT_CPPFLAGS) $(LIB_DEFS) -c
++
++ LTLINK_LIB = $(LIBTOOL) $(LTONLY_LIB) --mode=link \
++- $(CC) $(LT_CFLAGS) $(LDFLAGS) $(LTFLAGS_LIB)
+++ $(CC) $(LT_CFLAGS) $(LDFLAGS) $(LTFLAGS_LIB) $(VERSION_FLAGS)
++
++ LTCOMPILE_MOD = $(LIBTOOL) $(LTONLY_MOD) --mode=compile \
++ $(CC) $(LT_CFLAGS) $(LT_CPPFLAGS) $(MOD_DEFS) -c
++--- a/build/openldap.m4
+++++ b/build/openldap.m4
++@@ -1136,3 +1136,54 @@ AC_DEFUN([OL_SSL_COMPAT],
++ #endif
++ ], [ol_cv_ssl_crl_compat=yes], [ol_cv_ssl_crl_compat=no])])
++ ])
+++
+++dnl ====================================================================
+++dnl check for symbol versioning support
+++AC_DEFUN([OL_SYMBOL_VERSIONING],
+++[AC_CACHE_CHECK([for .symver assembler directive],
+++ [ol_cv_asm_symver_directive],[
+++cat > conftest.s <<EOF
+++${libc_cv_dot_text}
+++_sym:
+++.symver _sym,sym@VERS
+++EOF
+++if ${CC-cc} -c $ASFLAGS conftest.s 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then
+++ ol_cv_asm_symver_directive=yes
+++else
+++ ol_cv_asm_symver_directive=no
+++fi
+++rm -f conftest*])
+++AC_CACHE_CHECK([for ld --version-script],
+++ [ol_cv_ld_version_script_option],[
+++if test $ol_cv_asm_symver_directive = yes; then
+++ cat > conftest.s <<EOF
+++${libc_cv_dot_text}
+++_sym:
+++.symver _sym,sym@VERS
+++EOF
+++ cat > conftest.map <<EOF
+++VERS_1 {
+++ global: sym;
+++};
+++
+++VERS_2 {
+++ global: sym;
+++} VERS_1;
+++EOF
+++ if ${CC-cc} -c $ASFLAGS conftest.s 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then
+++ if AC_TRY_COMMAND([${CC-cc} $CFLAGS $LDFLAGS -shared
+++ -o conftest.so conftest.o
+++ -Wl,--version-script,conftest.map
+++ 1>&AS_MESSAGE_LOG_FD]);
+++ then
+++ ol_cv_ld_version_script_option=yes
+++ else
+++ ol_cv_ld_version_script_option=no
+++ fi
+++ else
+++ ol_cv_ld_version_script_option=no
+++ fi
+++else
+++ ol_cv_ld_version_script_option=no
+++fi
+++rm -f conftest*])])
++--- a/configure.in
+++++ b/configure.in
++@@ -1909,6 +1909,13 @@ else
++ fi
++ AC_SUBST(LTSTATIC)dnl
++
+++VERSION_OPTION=""
+++OL_SYMBOL_VERSIONING
+++if test $ol_cv_ld_version_script_option = yes ; then
+++ VERSION_OPTION="-Wl,--version-script="
+++fi
+++AC_SUBST(VERSION_OPTION)
+++
++ dnl ----------------------------------------------------------------
++ if test $ol_enable_wrappers != no ; then
++ AC_CHECK_HEADERS(tcpd.h,[
++--- /dev/null
+++++ b/libraries/libldap/libldap.map
++@@ -0,0 +1,7 @@
+++OPENLDAP_2.4_2 {
+++ global:
+++ ldap_*;
+++ ldif_*;
+++ local:
+++ *;
+++};
++--- a/libraries/libldap/Makefile.in
+++++ b/libraries/libldap/Makefile.in
++@@ -52,6 +52,9 @@ XLIBS = $(LIBRARY) $(LDAP_LIBLBER_LA) $(
++ XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS)
++ NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
++ UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
+++ifneq (,$(VERSION_OPTION))
+++ VERSION_FLAGS = $(VERSION_OPTION)$(srcdir)/libldap.map
+++endif
++
++ apitest: $(XLIBS) apitest.o
++ $(LTLINK) -o $@ apitest.o $(LIBS)
++--- a/libraries/liblber/Makefile.in
+++++ b/libraries/liblber/Makefile.in
++@@ -38,6 +38,9 @@ XLIBS = $(LIBRARY) $(LDAP_LIBLUTIL_A)
++ XXLIBS =
++ NT_LINK_LIBS = $(AC_LIBS)
++ UNIX_LINK_LIBS = $(AC_LIBS)
+++ifneq (,$(VERSION_OPTION))
+++ VERSION_FLAGS = "$(VERSION_OPTION)$(srcdir)/liblber.map"
+++endif
++
++ dtest: $(XLIBS) dtest.o
++ $(LTLINK) -o $@ dtest.o $(LIBS)
++--- /dev/null
+++++ b/libraries/liblber/liblber.map
++@@ -0,0 +1,8 @@
+++OPENLDAP_2.4_2 {
+++ global:
+++ ber_*;
+++ der_alloc;
+++ lutil_*;
+++ local:
+++ *;
+++};
--- /dev/null
--- /dev/null
++Patch the slapd man page to not refer to a header file that isn't
++installed with the slapd package and to reference the correct path
++for slapd.
++
++Debian-specific.
++
++--- a/doc/man/man8/slapd.8
+++++ b/doc/man/man8/slapd.8
++@@ -5,7 +5,7 @@
++ .SH NAME
++ slapd \- Stand-alone LDAP Daemon
++ .SH SYNOPSIS
++-.B LIBEXECDIR/slapd
+++.B /usr/sbin/slapd
++ [\c
++ .BR \-4 | \-6 ]
++ [\c
++@@ -103,11 +103,10 @@
++ will not fork or disassociate from the invoking terminal. Some general
++ operation and status messages are printed for any value of \fIdebug-level\fP.
++ \fIdebug-level\fP is taken as a bit string, with each bit corresponding to a
++-different kind of debugging information. See <ldap_log.h> for details.
++-Comma-separated arrays of friendly names can be specified to select
++-debugging output of the corresponding debugging information.
++-All the names recognized by the \fIloglevel\fP directive
++-described in \fBslapd.conf\fP(5) are supported.
+++different kind of debugging information. Comma-separated arrays of friendly
+++names can be specified to select debugging output of the corresponding
+++debugging information. All the names recognized by the \fIloglevel\fP
+++directive described in \fBslapd.conf\fP(5) are supported.
++ If \fIdebug-level\fP is \fB?\fP, a list of installed debug-levels is printed,
++ and slapd exits.
++
++@@ -317,7 +316,7 @@
++ .LP
++ .nf
++ .ft tt
++- LIBEXECDIR/slapd
+++ /usr/sbin/slapd
++ .ft
++ .fi
++ .LP
++@@ -328,7 +327,7 @@
++ .LP
++ .nf
++ .ft tt
++- LIBEXECDIR/slapd \-f /var/tmp/slapd.conf \-d 255
+++ /usr/sbin/slapd \-f /var/tmp/slapd.conf \-d 255
++ .ft
++ .fi
++ .LP
++@@ -336,7 +335,7 @@
++ .LP
++ .nf
++ .ft tt
++- LIBEXECDIR/slapd \-Tt
+++ /usr/sbin/slapd \-Tt
++ .ft
++ .fi
++ .LP
--- /dev/null
--- /dev/null
++Author: Steve Langasek <vorlon@debian.org>
++Description: don't second-guess BDB ABI
++ OpenLDAP upstream conservatively assumes that any change to the version
++ number of libdb can result in an API-breaking change that could impact
++ the database. In Debian, we know that such changes require bumping the
++ library soname and changing the package name, and demand such rigor from
++ our package maintainers even when upstreams don't deliver; so any such
++ check in the source code works against the packaging system by forcing
++ database upgrades when we know none are required. Disable this check
++ so we rely on the packaging system to do its job.
++Bug-Debian: http://bugs.debian.org/651333
++Forwarded: not-needed
++
++--- a/servers/slapd/back-bdb/init.c
+++++ b/servers/slapd/back-bdb/init.c
++@@ -762,7 +762,7 @@ bdb_back_initialize(
++ bi->bi_controls = controls;
++
++ { /* version check */
++- int major, minor, patch, ver;
+++ int major, minor, patch;
++ char *version = db_version( &major, &minor, &patch );
++ #ifdef HAVE_EBCDIC
++ char v2[1024];
++@@ -776,17 +776,6 @@ bdb_back_initialize(
++ version = v2;
++ #endif
++
++- ver = (major << 24) | (minor << 16) | patch;
++- if( ver != DB_VERSION_FULL ) {
++- /* fail if a versions don't match */
++- Debug( LDAP_DEBUG_ANY,
++- LDAP_XSTRING(bdb_back_initialize) ": "
++- "BDB library version mismatch:"
++- " expected " DB_VERSION_STRING ","
++- " got %s\n", version, 0, 0 );
++- return -1;
++- }
++-
++ Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_back_initialize)
++ ": %s\n", version, 0, 0 );
++ }
--- /dev/null
--- /dev/null
++Add /etc/ldap/sasl2 to the SASL configuration search path.
++
++Not submitted upstream. Somewhat Debian-specific and probably not of
++interest upstream.
++
++--- a/include/ldap_defaults.h
+++++ b/include/ldap_defaults.h
++@@ -63,4 +63,6 @@
++ /* dn of the default "monitor" subentry */
++ #define SLAPD_MONITOR_DN "cn=Monitor"
++
+++#define SASL_CONFIGPATH LDAP_SYSCONFDIR LDAP_DIRSEP "sasl2"
+++
++ #endif /* _LDAP_CONFIG_H */
++--- a/servers/slapd/sasl.c
+++++ b/servers/slapd/sasl.c
++@@ -1103,12 +1103,38 @@ static const rewrite_mapper slapd_mapper
++ };
++ #endif
++
+++static int
+++slap_sasl_getconfpath( void * context, char ** path )
+++{
+++ char * sasl_default_configpath;
+++ size_t len;
+++
+++#if SASL_VERSION_MAJOR >= 2
+++ sasl_default_configpath = "/usr/lib/sasl2";
+++#else
+++ sasl_default_configpath = "/usr/lib/sasl";
+++#endif
+++
+++ len = strlen(SASL_CONFIGPATH) + 1 /* colon */ +
+++ strlen(sasl_default_configpath) + 1 /* \0 */;
+++ *path = malloc( len );
+++ if ( *path == NULL )
+++ return SASL_FAIL;
+++
+++ if (snprintf( *path, len, "%s:%s", SASL_CONFIGPATH,
+++ sasl_default_configpath ) != len-1 )
+++ return SASL_FAIL;
+++
+++ return SASL_OK;
+++}
+++
++ int slap_sasl_init( void )
++ {
++ #ifdef HAVE_CYRUS_SASL
++ int rc;
++ static sasl_callback_t server_callbacks[] = {
++ { SASL_CB_LOG, (slap_sasl_cb_ft)&slap_sasl_log, NULL },
+++ { SASL_CB_GETCONFPATH, (slap_sasl_cb_ft)&slap_sasl_getconfpath, NULL },
++ { SASL_CB_GETOPT, (slap_sasl_cb_ft)&slap_sasl_getopt, NULL },
++ { SASL_CB_LIST_END, NULL, NULL }
++ };
--- /dev/null
--- /dev/null
++debian-version
++man-slapd
++evolution-ntlm
++slapi-errorlog-file
++ldapi-socket-place
++wrong-database-location
++index-files-created-as-root
++sasl-default-path
++libldap-symbol-versions
++getaddrinfo-is-threadsafe
++do-not-second-guess-sonames
++contrib-makefiles
++smbk5pwd-makefile-manpage
++lastbind-makefile-manpage
++ldap-conf-tls-cacertdir
++add-tlscacert-option-to-ldap-conf
++fix-build-top-mk
++switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.diff
++no-bdb-ABI-second-guessing
++ITS6035-olcauthzregex-needs-restart.patch
++set-maintainer-name
++ITS-9086-Add-debug-logging-for-more-GnuTLS-errors.patch
--- /dev/null
--- /dev/null
++--- a/build/mkversion
+++++ b/build/mkversion
++@@ -50,12 +50,7 @@
++ fi
++
++ APPLICATION=$1
++-# Reproducible builds set SOURCE_DATE_EPOCH, want constant strings
++-if [ -n "${SOURCE_DATE_EPOCH}" ]; then
++- WHOWHERE="openldap"
++-else
++- WHOWHERE="$USER@$(uname -n):$(pwd)"
++-fi
+++WHOWHERE="${DEB_MAINTAINER:-openldap}"
++
++ cat << __EOF__
++ /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
--- /dev/null
--- /dev/null
++The slapi error log file defaults to /var/errors given our setting
++of --localstatedir. Move it to /var/log/slapi-errors instead.
++
++Debian-specific.
++
++--- a/servers/slapd/slapi/slapi_overlay.c
+++++ b/servers/slapd/slapi/slapi_overlay.c
++@@ -930,7 +930,7 @@ int slapi_over_config( BackendDB *be, Co
++ ldap_pvt_thread_mutex_init( &slapi_printmessage_mutex );
++
++ if ( slapi_log_file == NULL )
++- slapi_log_file = slapi_ch_strdup( LDAP_RUNDIR LDAP_DIRSEP "errors" );
+++ slapi_log_file = slapi_ch_strdup( LDAP_RUNDIR LDAP_DIRSEP "log" LDAP_DIRSEP "slapi-errors" );
++
++ rc = slapi_int_init_object_extensions();
++ if ( rc != 0 )
--- /dev/null
--- /dev/null
++From: Peter Marschall <peter@adpm.de>
++Date: Sun, 26 Jul 2015 15:04:26 +0200
++Subject: [PATCH] contrib/smbk5pwd: add man page, install it too
++
++Add a manual page slapo-smbk5pwd.5 and update smbk5pwd's Makefile to
++install the new manual page.
++
++This patch is derived from the corresponding patch upstreamed in ITS#8205
++
++---
++ contrib/slapd-modules/smbk5pwd/Makefile | 14 +-
++ contrib/slapd-modules/smbk5pwd/slapo-smbk5pwd.5 | 179 ++++++++++++++++++++++++
++ 2 files changed, 192 insertions(+), 1 deletion(-)
++ create mode 100644 contrib/slapd-modules/smbk5pwd/slapo-smbk5pwd.5
++
++diff --git a/contrib/slapd-modules/smbk5pwd/Makefile b/contrib/slapd-modules/smbk5pwd/Makefile
++index 676d914..0042a49 100644
++--- a/contrib/slapd-modules/smbk5pwd/Makefile
+++++ b/contrib/slapd-modules/smbk5pwd/Makefile
++@@ -25,6 +25,7 @@
++ HEIMDAL_LIB = $(shell krb5-config.heimdal --libs kadm-server)
++
++ LIBTOOL = $(LDAP_BUILD)/libtool
+++INSTALL = /usr/bin/install
++ CC = gcc
++ OPT = -g -O2 -Wall
++ # Omit DO_KRB5, DO_SAMBA or DO_SHADOW if you don't want to support it.
++@@ -34,6 +35,7 @@
++ LIBS = $(HEIMDAL_LIB) $(LDAP_LIB) $(SSL_LIB)
++
++ PROGRAMS = smbk5pwd.la
+++MANPAGES = slapo-smbk5pwd.5
++ LTVER = 0:0:0
++
++ prefix=/usr/local
++@@ -43,6 +45,8 @@
++ libdir=$(exec_prefix)/lib
++ libexecdir=$(exec_prefix)/libexec
++ moduledir = $(libexecdir)$(ldap_subdir)
+++mandir = $(exec_prefix)/share/man
+++man5dir = $(mandir)/man5
++
++ .SUFFIXES: .c .o .lo
++
++@@ -58,9 +62,17 @@
++ clean:
++ rm -rf *.o *.lo *.la .libs
++
++-install: $(PROGRAMS)
+++install: install-lib install-man FORCE
+++
+++install-lib: $(PROGRAMS)
++ mkdir -p $(DESTDIR)$(moduledir)
++ for p in $(PROGRAMS) ; do \
++ $(LIBTOOL) --mode=install cp $$p $(DESTDIR)$(moduledir) ; \
++ done
++
+++install-man: $(MANPAGES)
+++ mkdir -p $(DESTDIR)$(man5dir)
+++ $(INSTALL) -m 644 $(MANPAGES) $(DESTDIR)$(man5dir)
+++
+++FORCE:
+++
++diff --git a/contrib/slapd-modules/smbk5pwd/slapo-smbk5pwd.5 b/contrib/slapd-modules/smbk5pwd/slapo-smbk5pwd.5
++new file mode 100644
++index 0000000..431a765
++--- /dev/null
+++++ b/contrib/slapd-modules/smbk5pwd/slapo-smbk5pwd.5
++@@ -0,0 +1,179 @@
+++.TH SLAPO-SMBK5PWD 5 "RELEASEDATE" "OpenLDAP LDVERSION"
+++.\" Copyright 2015 The OpenLDAP Foundation All Rights Reserved.
+++.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+++.\" $OpenLDAP$
+++.SH NAME
+++slapo-smbk5pwd \- Samba & Kerberos password sync overlay to slapd
+++.SH SYNOPSIS
+++ETCDIR/slapd.conf
+++.RS
+++.LP
+++include
+++.B "<path to>/krb5-kdc.schema"
+++.LP
+++include
+++.B "<path to>/samba.schema"
+++.LP
+++moduleload
+++.B smbk5pwd.so
+++.LP
+++ ...
+++.LP
+++database mdb
+++.LP
+++ ...
+++.LP
+++overlay
+++.B smbk5pwd
+++.RE
+++
+++.SH DESCRIPTION
+++.LP
+++The
+++.B smbk5pwd
+++overlay to
+++.BR slapd (8)
+++overloads the Password Modify Extended Operation (RFC 3062) to update
+++Kerberos keys and Samba password hashes for an LDAP user, as well as
+++updating password change related attributes for Kerberos, Samba and/or
+++UNIX user accounts.
+++.LP
+++The Samba support is written using the Samba 3.0 LDAP schema;
+++Kerberos support is written for Heimdal using its hdb-ldap backend.
+++.LP
+++Additionally, a new
+++.B {K5KEY}
+++password hash mechanism is provided.
+++For
+++.B krb5KDCEntry
+++objects that have this scheme specifier in their
+++.I userPassword
+++attribute, Simple Binds will be checked against the Kerberos keys of the entry.
+++No data is needed after the
+++.B {K5KEY}
+++scheme specifier in the
+++.IR userPassword ,
+++it is looked up from the entry directly.
+++
+++.SH CONFIGURATION
+++The
+++.B smbk5pwd
+++overlay supports the following
+++.B slapd.conf
+++configuration options, which should appear after the
+++.B overlay
+++directive:
+++.TP
+++.BI smbk5pwd-enable " <module>"
+++can be used to enable only the desired modules.
+++Legal values for
+++.I <module>
+++are
+++.LP
+++.RS
+++.TP
+++.B krb5
+++If the user has the
+++.B krb5KDCEntry
+++objectclass, update the
+++.B krb5Key
+++and
+++.B krb5KeyVersionNumber
+++attributes using the new password in the Password Modify operation,
+++provided the Kerberos account is not expired.
+++Exiration is determined by evaluating the
+++.B krb5ValidEnd
+++attribute.
+++.TP
+++.B samba
+++If the user is a
+++.B sambaSamAccount
+++object, synchronize the
+++.B sambaLMPassword
+++and
+++.B sambaNTPassword
+++to the password entered in the Password Modify operation, and update
+++.B sambaPwdLastSet
+++accordingly.
+++.TP
+++.B shadow
+++Update the attribute
+++.BR shadowLastChange ,
+++if the entry has the objectclass
+++.BR shadowAccount .
+++.LP
+++By default all modules compiled in are enabled.
+++Setting the config statement restricts the enabled modules to the ones
+++explicitly mentioned.
+++.RE
+++.TP
+++.BI smbk5pwd-can-change " <seconds>"
+++If the
+++.B samba
+++module is enabled and the user is a
+++.BR sambaSamAccount ,
+++update the attribute
+++.B sambaPwdCanChange
+++to point
+++.I <seconds>
+++into the future, essentially denying any Samba password change until then.
+++A value of
+++.B 0
+++disables this feature.
+++.TP
+++.BI smbk5pwd-must-change " <seconds>"
+++If the
+++.B samba
+++module is enabled and the user is a
+++.BR sambaSamAccount ,
+++update the attribute
+++.B sambaPwdMustChange
+++to point
+++.I <seconds>
+++into the future, essentially setting the Samba password expiration time.
+++A value of
+++.B 0
+++disables this feature.
+++.LP
+++Alternatively, the overlay supports table-driven configuration,
+++and thus can be run-time loaded and configured via back-config.
+++
+++.SH EXAMPLE
+++The layout of a slapd.d based, table-driven configuration entry looks like:
+++.LP
+++.EX
+++ # {0}smbk5pwd, {1}bdb, config
+++ dn: olcOverlay={0}smbk5pwd,olcDatabase={1}mdb,cn=config
+++ objectClass: olcOverlayConfig
+++ objectClass: olcSmbK5PwdConfig
+++ olcOverlay: {0}smbk5pwd
+++ olcSmbK5PwdEnable: krb5
+++ olcSmbK5PwdEnable: samba
+++ olcSmbK5PwdMustChange: 2592000
+++.EE
+++.LP
+++which enables both
+++.B krb5
+++and
+++.B samba
+++modules with a Samba password expiration time of 30 days (=
+++.B 2592000
+++seconds).
+++
+++.SH SEE ALSO
+++.BR slapd.conf (5),
+++.BR ldappasswd (1),
+++.BR ldap (3),
+++.LP
+++"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
+++.LP
+++
+++.SH ACKNOWLEDGEMENTS
+++This manual page has been writen by Peter Marschall based on the
+++module's README file written by Howard Chu.
+++.LP
+++.B OpenLDAP
+++is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+++.B OpenLDAP
+++is derived from University of Michigan LDAP 3.3 Release.
+++
++--
++2.5.0
++
--- /dev/null
--- /dev/null
++From: Jan-Marek Glogowski <jan-marek.glogowski@muenchen.de>\r
++Date: Tue, 18 May 2010 17:47:05 +0200\r
++Subject: Switch to lt_dlopenadvise() so back_perl can be opened with RTLD_GLOBAL. \r
++ Open all modules with RTLD_GLOBAL, needed so that back_perl can load\r
++ non-trivial Perl extensions that require symbols from back_perl.so itself.\r
++Bug-Debian: http://bugs.debian.org/327585\r
++\r
++---\r
++--- a/servers/slapd/module.c
+++++ b/servers/slapd/module.c
++@@ -117,6 +117,20 @@ int module_unload( const char *file_name
++ return -1; /* not found */
++ }
++
+++static lt_dlhandle slapd_lt_dlopenext_global( const char *filename )
+++{
+++ lt_dlhandle handle = 0;
+++ lt_dladvise advise;
+++
+++ if (!lt_dladvise_init (&advise) && !lt_dladvise_ext (&advise)
+++ && !lt_dladvise_global (&advise))
+++ handle = lt_dlopenadvise (filename, advise);
+++
+++ lt_dladvise_destroy (&advise);
+++
+++ return handle;
+++}
+++
++ int module_load(const char* file_name, int argc, char *argv[])
++ {
++ module_loaded_t *module;
++@@ -180,7 +194,7 @@ int module_load(const char* file_name, i
++ * to calling Debug. This is because Debug is a macro that expands
++ * into multiple function calls.
++ */
++- if ((module->lib = lt_dlopenext(file)) == NULL) {
+++ if ((module->lib = slapd_lt_dlopenext_global(file)) == NULL) {
++ error = lt_dlerror();
++ #ifdef HAVE_EBCDIC
++ strcpy( ebuf, error );
--- /dev/null
--- /dev/null
++Move the default slapd database location to /var/lib/ldap instead of
++/var/openldap-data.
++
++Debian-specific.
++
++--- a/doc/man/man5/slapd-bdb.5
+++++ b/doc/man/man5/slapd-bdb.5
++@@ -131,7 +131,7 @@ Specify the directory where the BDB file
++ associated indexes live.
++ A separate directory must be specified for each database.
++ The default is
++-.BR LOCALSTATEDIR/openldap\-data .
+++.BR LOCALSTATEDIR/lib/ldap .
++ .TP
++ .B dirtyread
++ Allow reads of modified but not yet committed data.
++--- a/doc/man/man5/slapd.conf.5
+++++ b/doc/man/man5/slapd.conf.5
++@@ -2007,7 +2007,7 @@ suffix "dc=our\-domain,dc=com"
++ # The database directory MUST exist prior to
++ # running slapd AND should only be accessible
++ # by the slapd/tools. Mode 0700 recommended.
++-directory LOCALSTATEDIR/openldap\-data
+++directory LOCALSTATEDIR/lib/ldap
++ # Indices to maintain
++ index objectClass eq
++ index cn,sn,mail pres,eq,approx,sub
++--- a/include/ldap_defaults.h
+++++ b/include/ldap_defaults.h
++@@ -47,7 +47,7 @@
++ /* location of the default slapd config file */
++ #define SLAPD_DEFAULT_CONFIGFILE LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.conf"
++ #define SLAPD_DEFAULT_CONFIGDIR LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.d"
++-#define SLAPD_DEFAULT_DB_DIR LDAP_RUNDIR LDAP_DIRSEP "openldap-data"
+++#define SLAPD_DEFAULT_DB_DIR LDAP_RUNDIR LDAP_DIRSEP "lib" LDAP_DIRSEP "ldap"
++ #define SLAPD_DEFAULT_DB_MODE 0600
++ #define SLAPD_DEFAULT_UCDATA LDAP_DATADIR LDAP_DIRSEP "ucdata"
++ /* default max deref depth for aliases */
++--- a/servers/slapd/Makefile.in
+++++ b/servers/slapd/Makefile.in
++@@ -445,9 +445,9 @@ install-conf: FORCE
++
++ install-db-config: FORCE
++ @-$(MKDIR) $(DESTDIR)$(localstatedir) $(DESTDIR)$(sysconfdir)
++- @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/openldap-data
+++ @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/lib/ldap
++ $(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \
++- $(DESTDIR)$(localstatedir)/openldap-data/DB_CONFIG.example
+++ $(DESTDIR)$(localstatedir)/lib/ldap/DB_CONFIG.example
++ $(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \
++ $(DESTDIR)$(sysconfdir)/DB_CONFIG.example
++
++--- a/doc/man/man5/slapd-config.5
+++++ b/doc/man/man5/slapd-config.5
++@@ -2051,7 +2051,7 @@ olcSuffix: "dc=our\-domain,dc=com"
++ # The database directory MUST exist prior to
++ # running slapd AND should only be accessible
++ # by the slapd/tools. Mode 0700 recommended.
++-olcDbDirectory: LOCALSTATEDIR/openldap\-data
+++olcDbDirectory: LOCALSTATEDIR/lib/ldap
++ # Indices to maintain
++ olcDbIndex: objectClass eq
++ olcDbIndex: cn,sn,mail pres,eq,approx,sub
++--- a/doc/man/man5/slapd-mdb.5
+++++ b/doc/man/man5/slapd-mdb.5
++@@ -52,7 +52,7 @@ Specify the directory where the LMDB fil
++ associated indexes live.
++ A separate directory must be specified for each database.
++ The default is
++-.BR LOCALSTATEDIR/openldap\-data .
+++.BR LOCALSTATEDIR/lib/ldap .
++ .TP
++ \fBenvflags \fR{\fBnosync\fR,\fBnometasync\fR,\fBwritemap\fR,\fBmapasync\fR,\fBnordahead\fR}
++ Specify flags for finer-grained control of the LMDB library's operation.
--- /dev/null
--- /dev/null
++[type: gettext/rfc822deb] slapd.templates
--- /dev/null
--- /dev/null
++# openldap po-debconf translation to Catalan.
++# This file is distributed under the same license as the openldap package.
++# Innocent De Marchi <tangram.peces@gmail.com>, 2011-2017.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap 2.4.44+dfsg-4\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-19 19:35+0100\n"
++"Last-Translator: Innocent De Marchi <tangram.peces@gmail.com>\n"
++"Language-Team: catalan <debian-l10n-catalan@lists.debian.org>\n"
++"Language: ca_ES\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: Poedit 1.8.11\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Voleu ometre la configuració del servidor OpenLDAP?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Si desactivau aquesta opció, no es generarà la configuració ni la base de "
++"dades inicial."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "sempre"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "quan sigui necessari"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "mai"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Bolcar les bases de dades a un fitxer en fer l'actualització:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Abans d'actualitzar a una nova versió del servidor OpenLDAP, les dades dels "
++"seus directoris LDAP poden desar-se a fitxers de text en el format estàndard "
++"d'intercanvi de dades LDAP («LDAP Data Interchange Format»)."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Seleccionant «sempre» el bolcat de les bases de dades es farà sense "
++"condicions abans de l'actualització. Seleccionant «quan sigui necessari» "
++"només es farà el bolcat de les bases de dades si la nova versió és "
++"incompatible amb el format anterior de les bases de dades i és necessari re-"
++"importar-les. Si seleccionau «mai», no es farà el bolcat."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Directori a fer servir en el bolcat de les bases de dades:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Seleccionau el directori d'exportació de les bases de dades LDAP. En aquest "
++"directori, es generaran diversos fitxers LDIF que es corresponen amb les "
++"bases de dades localitzades en el servidor. Comproveu que hi ha espai lliure "
++"suficient a la partició on està ubicat el directori seleccionat. La primer "
++"aparició de la cadena «VERSION» serà reemplaçada per la versió del servidor "
++"de la qual està actualitzant."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Moure la base de dades anterior?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Hi ha fitxers a «/var/lib/ldap» que probablement interrompran el procés de "
++"configuració. Si activau aquesta opció, el guió de manteniment mourà els "
++"fitxers de les bases de dades anteriors fora del directori anterior abans de "
++"generar una nova base de dades."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Tornar a intentar la configuració?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"La configuració que ha introduït no és vàlida. Comproveu que el nom de "
++"domini DNS és sintàcticament correcte, que el camp del nom de l'organització "
++"està emplenat i que les contrasenyes de l'administrador coincideixen. Si "
++"decideix no tornar a intentar la configuració, el servidor LDAP quedarà "
++"sense configurar. Executi «dpkg-reconfigure slapd» per tornar a intentar-ho "
++"més tard."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "Nom del domini DNS:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"El nom de domini DNS es fa servir per construir el DN base del directori "
++"LDAP. Per exemple, si el vostre nom de domini és «elmeu.domini.org» es "
++"generarà el directori amb el DN base «dc=elmeu, dc=domini, dc=org»"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Nom de l'organització:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Escriviu el nom de l'organització per fer servir en el DN base del directori "
++"LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Contrasenya de l'administrador:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr ""
++"Escriviu la contrasenya per l'accés com administrador al vostre directori "
++"LDAP:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Confirmeu la vostra contrasenya:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Introduïu de nou la contrasenya d'administrador per al directori LDAP per "
++"comprovar que s'ha escrit correctament."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Les contrasenyes no coincideixen"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "Les dues contrasenyes no coincideixen. Tornau a provar-ho."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Desitjau que s'elimini la base de dades en purgar el paquet slapd?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "ha fallat «slapcat» durant l'actualització"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "S'ha produït un error en l'actualització del directori LDAP."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"El programa «slapcat» ha fallat en l'extracció del directori LDAP. Aquest "
++"error pot ésser causat per un fitxer de configuració incorrecte (per "
++"exemple, per que faltin línies «moduleload» necessàries pel motor de la base "
++"de dades)"
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Aquest error farà que «slapadd» torni a fallar més endavant. Els fitxers de "
++"la base de dades anterior es mouran a «/var/backups». Si desitjau tornar a "
++"intentar l'actualització, haureu de tornar a moure els fitxers de la base de "
++"dades anterior a la seva ubicació inicial, solucionar la causa de l'error i "
++"tornar a executar:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"A continuació, tornau els arxius de la base de dades a la zona de seguretat "
++"i després intenteu executar «slapadd» des de ${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Configuració de control d'accés de slapd potencialment insegur"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Una o més de les bases de dades configurades té una norma de control d'accés "
++"que permet als usuaris modificar la major part dels seus atributs. Aquest "
++"situació pot ser perillosa, depenent de com s'utilitza la base de dades."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"En el cas que les normes d'accés de slapd comencin per \"to *\", és "
++"recomanable eliminar totes les instàncies a \"by self write\", de manera que "
++"els usuaris només puguin modificar els atributs específicament permesos."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Consulteu «/usr/share/doc/slapd/README.Debian.gz» per a més detalls."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "aturar la instal·lació"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "continua sense tenir en compte"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr ""
++"Es recomana l'actualització manual de la directiva de contrasenya («ppolicy»)"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"La nova versió de la superposició de directiva de contrasenya («ppolicy») "
++"requereix que l'esquema defineixi el tipus d'atribut "
++"«pwdMaxRecordedFailure», que no està inclòs en l'esquema actualment en ús. "
++"És recomana aturar ara l'actualització, i actualitzar la directiva de "
++"contrasenya abans d'actualitzar «slapd». Si la replicació està en marxa, "
++"l'actualització de l'esquema s'ha d'aplicar a cada servidor abans de "
++"continuar amb l'actualització."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++"Un s'ha generat un fitxer LDIF amb els canvis necessaris per a "
++"l'actualització:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"per que si «slapd» fa servir les regles d'accés predeterminades, aquests "
++"canvis es poden fer efectius (després d'iniciar «slapd») fent servir l'ordre:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"En canvi, si decidiu continuar amb la instal·lació, el nou tipus d'atribut "
++"s'afegirà automàticament, però el canvi no es veurà afectat per les "
++"superposicions de «slapd», i la replicació amb altres servidors es pot veure "
++"afectada."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Motor de base de dades a fer servir:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB i BDB fan servir formats d'emmagatzematge semblants, però HDB permet "
++#~ "fer canvis de nom dels subarbres. Tots dos tenen les mateixes opcions de "
++#~ "configuració."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "El motor MDB és el recomanat. MDB fa servir un nou format "
++#~ "d'emmagatzematge i requereix menys tasques de configuració que BDB o HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "En qualsevol cas, heu de revisar la configuració de base de dades "
++#~ "resultant per ajustar-la a les vostres necessitats. Consulteu «/usr/share/"
++#~ "doc/slapd/README.Debian.gz» per a més detalls."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Desitjau permetre el protocol LDAPv2?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "El protocol obsolet LDAPv2 està desactivat per defecte a slapd. Els "
++#~ "programes i usuaris haurien d'actualitzar-se a LDAPv3. Si teniu "
++#~ "programes antics que no poden fer servir LDAPv3, seleccioneu aquesta "
++#~ "opció i s'afegirà l'opció «allow bind_v2» al vostre fitxer de "
++#~ "configuració slapd.conf."
--- /dev/null
--- /dev/null
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-22 11:49+0100\n"
++"Last-Translator: Miroslav Kure <kurem@debian.cz>\n"
++"Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n"
++"Language: cs\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Přeskočit nastavení OpenLDAP serveru?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Přistoupíte-li na tuto možnost, nevytvoří se databáze ani počáteční "
++"nastavení."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "vždy"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "v případě potřeby"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "nikdy"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Při aktualizaci uložit databáze do souboru:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Před aktualizací na novější verzi serveru OpenLDAP se mohou data z LDAP "
++"adresářů vyexportovat do textových souborů ve formátu LDAP Data Interchange "
++"Format, což je standardizovaný formát pro popis těchto dat."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Výběrem „“vždy“ zajistíte, že se databáze vyexportují do souborů před každou "
++"aktualizací. Volba „v případě potřeby“ znamená, že se databáze vyexportují "
++"pouze v případě, že je formát nové databáze nekompatibilní s předchozí verzí "
++"a tudíž je potřeba data znovu nahrát. Zvolíte-li „nikdy“, data se nebudou "
++"exportovat."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Adresář pro exportované databáze:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Zadejte prosím adresář, do kterého se budou exportovat LDAP databáze. V "
++"tomto adresáři se vytvoří několik LDIF souborů odpovídajících kořenům LDAP "
++"adresářů na daném serveru. Ujistěte se, že máte na dané oblasti dostatek "
++"místa. První výskyt řetězce \"VERSION\" se nahradí verzí LDAP serveru, ze "
++"kterého aktualizujete na novější verzi."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Přesunout starou databázi?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Ve /var/lib/ldap jsou stále soubory, které pravděpodobně naruší instalační "
++"proces. Budete-li souhlasit, instalační skripty před vytvořením nové "
++"databáze nejprve přesunou staré databázové soubory na jiné místo."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Zopakovat nastavení?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"Zadané nastavení není platné. Ujistěte se, že máte doménové jméno (DNS) ve "
++"správném formátu, že je vyplněné pole pro organizaci a že administrátorská "
++"hesla souhlasí. Jestliže znovu nespustíte tohoto průvodce, LDAP server "
++"nebude nakonfigurován. Budete-li chtít balík nastavit později, použijte "
++"příkaz „dpkg-reconfigure slapd“."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "DNS název domény:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"Název domény se používá pro vytvoření základního DN vašeho LDAP adresáře. "
++"Například zadáním „foo.bar.cz“ se vytvoří adresář se základním DN „dc=foo, "
++"dc=bar, dc=cz“."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Název organizace:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Zadejte prosím jméno organizace, které se použije v základním DN vašeho LDAP "
++"adresáře."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Administrátorské heslo:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr "Zadejte prosím heslo pro administrátorský záznam v LDAP adresáři."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Potvrzení hesla:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Zadejte prosím znovu administrátorské heslo k LDAP adresáři, abyste se "
++"ujistili, že jste jej zadali správně."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Hesla nesouhlasí"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "Zadaná hesla nejsou stejná. Zkuste to znovu."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Chcete při vyčištění balíku slapd ze systému smazat i databázi?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "slapcat během aktualizace selhal"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Při pokusu o aktualizaci LDAP adresáře se vyskytla chyba."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"Program „slapcat“ selhal. Tuto chybu může způsobit třeba chybný konfigurační "
++"soubor. (Například pokud chybí příslušné řádky „moduleload“ pro backend "
++"databáze, která uchovává obsah LDAP adresáře.)"
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Tato chyba později způsobí také selhání příkazu „slapadd“. Staré databázové "
++"soubory budou přesunuty do /var/backups. Budete-li chtít později zkusit "
++"provést tuto aktualizaci znovu, přesuňte staré databázové soubory zpět na "
++"jejich původní místo, spravte příčinu toho, proč slapcat selhal a spusťte:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Poté přesuňte databázové soubory zpět mezi zálohy a zkuste spustit slapadd z "
++"${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Potenciálně nebezpečné nastavení přístupu slapd"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Jedna nebo více nakonfigurovaných databází obsahuje pravidlo, které umožňuje "
++"uživatelům měnit většinu jejich vlastních atributů. V závislosti na způsobu "
++"používání databáze to může být nebezpečné."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"V případě přístupových pravidel slapd začínajících „to *“ je doporučeno "
++"odstranit výskyty „by self write“, aby uživatelé mohli měnit pouze "
++"explicitně povolené atributy."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Více informací naleznete v /usr/share/doc/slapd/README.Debian.gz."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "přerušit instalaci"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "přesto pokračovat"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Je doporučeno aktualizovat ppolicy schéma ručně"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"Nová verze politiky hesel (ppolicy) vyžaduje, aby schéma definovalo typ "
++"atributu pwdMaxRecordedFailure, který není v aktuálně používaném schématu "
++"přítomný. Doporučujeme nyní přerušit aktualizaci a aktualizovat ppolicy "
++"schéma ručně před samotnou aktualizací slapd. Pokud využíváte replikaci, "
++"měli byste před pokračováním aktualizovat schéma na všech serverech."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr "Byl vytvořen LDIF soubor se změnami potřebnými pro aktualizaci:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"pokud slapd používá výchozí přístupová oprávnění, můžete změny aplikovat "
++"příkazem (po spuštění slapd):"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Jestliže se rozhodnete pokračovat v instalaci, bude nový typ atributu přidán "
++"automaticky, avšak slapd overlaye tuto změnu nezaregistrují a může to mít "
++"vliv i na replikaci s ostatními servery."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Databázový backend:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB i BDB ukládají data obdobně, ale HDB přidává podporu pro přejmenování "
++#~ "podstromů. Oba backendy podporují stejné konfigurační parametry."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "Doporučenou volbou je backend MDB. MDB používá nový formát úložiště a "
++#~ "vyžaduje méně nastavování než BDB enbo HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "Ve všech případech byste měli zkontrolovat, zda nastavení databáze "
++#~ "odpovídá vašim potřebám. Více informací naleznete v souboru /usr/share/"
++#~ "doc/slapd/README.Debian.gz."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Povolit protokol LDAPv2?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "Zastaralý protokol LDAPv2 je nyní v slapd implicitně zakázán. Programy i "
++#~ "uživatelé by měli přejít na LDAPv3. Máte-li staré programy, které "
++#~ "nezvládají LDAPv3, povolte tuto možnost, což do souboru slapd.conf přidá "
++#~ "řádek „allow bind_v2“."
++
++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand"
++#~ msgstr "slurpd je zastaralý, repliky se musí znovu nastavit ručně"
++
++#~ msgid ""
++#~ "One or more slurpd \"replica\" options were found in your slapd config "
++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, "
++#~ "you will need to migrate your replicas to use the syncrepl protocol "
++#~ "instead."
++#~ msgstr ""
++#~ "Při aktualizaci byla v konfiguračním souboru slapd nalezena nejméně jedna "
++#~ "volba „replica“ pro slurpd. Protože je slurpd od OpenLDAPu verze 2.4 "
++#~ "překonaný, budete muset své repliky převést, aby místo toho používaly "
++#~ "protokol syncrepl."
++
++#~ msgid ""
++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be "
++#~ "done automatically and you will need to configure your replica servers by "
++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for "
++#~ "details."
++#~ msgstr ""
++#~ "Konverzi ze slurpd na protokol syncrepl (založený na technologii pull) "
++#~ "nelze provést automaticky a budete muset své replikační servery nastavit "
++#~ "ručně. Podrobnosti naleznete na http://www.openldap.org/doc/admin24/"
++#~ "syncrepl.html."
++
++#~ msgid "TLSCipherSuite values have changed"
++#~ msgstr "Hodnota TLSCipherSuite se změnila"
++
++#~ msgid ""
++#~ "A \"TLSCipherSuite\" option was found in your slapd config when "
++#~ "upgrading. The values allowed for this option are determined by the SSL "
++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a "
++#~ "result, your existing TLSCipherSuite setting will not work with this "
++#~ "package."
++#~ msgstr ""
++#~ "Při aktualizaci byla ve vašem konfiguračním souboru programu slapd "
++#~ "nalezena volba „TLSCipherSuite“. Přípustné hodnoty, které můžete v této "
++#~ "volbě použít, jsou určeny použitou implementací SSL. Ta se změnila z "
++#~ "OpenSSL na GnuTLS, což znamená, že stávající nastavení TLSCipherSuite "
++#~ "nebude s tímto balíkem fungovat."
++
++#~ msgid ""
++#~ "This setting has been automatically commented out for you. If you have "
++#~ "specific encryption needs that require this option to be re-enabled, see "
++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of "
++#~ "ciphers supported by GnuTLS."
++#~ msgstr ""
++#~ "Toto nastavení bylo automaticky zakomentováno. Máte-li speciální "
++#~ "požadavky, které vyžadují opětovné zapnutí této volby, zjistěte si prosím "
++#~ "seznam šifer podporovaných v GnuTLS (např. příkazem „gnutls-cli -l“, "
++#~ "který se nachází v balíku gnutls-bin)."
++
++#~ msgid "Back up current database and create a new one?"
++#~ msgstr "Zazálohovat stávající databázi a vytvořit novou?"
++
++#~ msgid ""
++#~ "The directory suffix (domain) you specified doesn't match the one "
++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires "
++#~ "moving aside the current LDAP database and creating a new one. Please "
++#~ "confirm whether you want to back up and abandon the current database."
++#~ msgstr ""
++#~ "Zadali jste příponu adresáře (doménu), která neodpovídá té v souboru /etc/"
++#~ "ldap/slapd.conf. Změna přípony adresáře vyžaduje odsunutí stávající LDAP "
++#~ "databáze a vytvoření nové. Potvrďte prosím, zda chcete zazálohovat a "
++#~ "opustit stávající databázi."
--- /dev/null
--- /dev/null
++# Danish translation openldap.
++# Copyright (C) 2017 openldap & nedenstående oversættere.
++# This file is distributed under the same license as the openldap package.
++# Claus Hindsgaul <claus.hindsgaul@gmail.com>, 2005, 2006.
++# Joe Hansen <joedalton2@yahoo.dk>, 2010, 2014, 2017.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-10 05:26+0100\n"
++"Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n"
++"Language-Team: Danish <debian-l10n-danish@lists.debian.org>\n"
++"Language: da\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Undlad opsætning af OpenLDAP-server?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Hvis du aktiverer denne indstilling, vil der ikke blive oprettet en "
++"begyndelsesopsætning eller -database for dig."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "altid"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "når nødvendigt"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "aldrig"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Læg databaser i fil ved opgradering:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Inden du opgraderer til en ny version af OpenLDAP-serveren, kan dine LDAP-"
++"mappers data blive lagt som rene tekstfiler i formatet LDAP Data Interchange."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Angivelse af »altid«, vil få databaserne til at blive dumpet uden "
++"betingelser før en opgradering. Valg af »når nødvendigt« vil kun dumpe "
++"databasen, hvis den nye version er inkompatibel med det gamle "
++"databaseformat, og den skal genimporteres. Hvis du vælger »aldrig«, vil der "
++"ikke blive udført en dumpning."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Mappe til de dumpede databaser:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Angiv den mappe, LDAP-databasen skal eksporteres til. I denne mappe vil der "
++"blive oprettet adskillige LDIF-filer, som svarer til den søgedatabase, der "
++"ligger på serveren. Sørg for at du har nok fri plads på den partition, "
++"mappen ligger på. Første forekomst af strengen »VERSION« erstattes med den "
++"serverversion, du opgraderer fra."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Flyt gammel database?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Der er stadig filer i /var/lib/ldap, som sikkert vil forstyrre "
++"opsætningsprocessen. Hvis du aktiverer denne indstilling, vil "
++"vedligeholdelsesskriptene flytte de gamle filer, før de opretter en ny "
++"database."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Gentag opsætningen?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"Den opsætning, du har angivet, er ikke gyldig. Sørg for at DNS-domænenavnet "
++"har en gyldig syntaks, at organisationen er udfyldt, og at administrator-"
++"adgangskoderne er ens. Hvis du vælger ikke at gentage opsætningen af LDAP-"
++"serveren, vil den ikke blive sat op. Kør 'dpkg-reconfigure slapd', hvis du "
++"vil prøve igen senere."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "DNS-domænenavn:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"Domænenavnet bruges til at opbygge basis-DN for din LDAP-mappe. For eksempel "
++"vil 'foo.eksempel.org' oprette mappen med 'dc=foo, dc=eksempel, dc=org' som "
++"basis-DN."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Organisationsnavn:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Indtast venligst navnet på organisationen som skal bruges i basis-DN'en på "
++"din LDAP-mappe."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Administratoradgangskode:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr "Angiv administratoropslagets adgangskode i din LDAP-mappe."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Bekræft administratoradgangskode:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Indtast venligst administratoradgangskoden på din LDAP-mappe igen for at "
++"bekræfte, at du har tastet den korrekt."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Adgangskoderne var ikke ens"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "De to adgangskoder, du indtastede, var ikke ens. Prøv igen."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Ønsker du at databasen bliver fjernet, når slapd bliver afinstalleret?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "slapcatfejl under opgraderingen"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Der opstod en fejl under opgradering af din LDAP-mappe."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"Programmet 'slapcat' fejlede under udtrækning af LDAP-mappen. Fejlen kan "
++"skyldes en fejlbehæftet opsætningsfil (f.eks. kan de korrekte "
++"'moduleloadlinjer' til understøttelse af din motors database mangle)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Denne fejl vil også senere få 'slapadd' til at fejle. De gamle databasefiler "
++"er ved at blive flyttet til /var/backups. Hvis du vil forsøge denne "
++"opgradering igen, så flyt de gamle databasefiler tilbage, ret den fejl, der "
++"fik slapcat til at fejle, og kør:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Flyt derefter databasefilerne tilbage til et sikkerhedskopiområde, og prøv "
++"at køre slapadd fra ${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Potentiel usikker slapd-adgangskontrolkonfiguration"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"En eller flere af de konfigurerede databaser har en adgangskontrolregel, som "
++"giver brugere mulighed for at ændre deres egne attributter. Dette kan være "
++"usikkert, afhængig af hvordan databasen bruges."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"I tilfældet med slapd-adgangsregler som begynder med »to *«, anbefales det "
++"at fjerne alle instanser af »by self write«, så at brugerne kun kan ændre "
++"specifikt tilladte attributter."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Se /usr/share/doc/slapd/README.Debian.gz for yderligere detaljer."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "afbryd installation"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "fortsæt alligevel"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Manuel ppolicy-skemaopdatering anbefales"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"Den nye version af Password Policy-dækket (ppolicy) kræver skemaet for at "
++"definere attributtypen pwdMaxRecordedFailure, som ikke er til stede i "
++"skemaet i brug i øjeblikket. Det anbefales at afbryde opgraderingen nu, og "
++"opdatere ppolicy-skemaet før opgradering af slapd. Hvis replikering er i "
++"brug, så skal skemaopdateringen bruges på alle servere før opgraderingen "
++"fortsættes."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++"En LDIF-fil er blevet oprettet med ændringerne krævet for opgraderingen:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"så hvis slapd bruger standardreglerne for adgangskontrol, så kan disse "
++"ændringer anvendes (efter start af slapd) ved at bruge kommandoen:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Hvis du i stedet for vælger at fortsætte installationen, så vil den nye "
++"attributtype blive tilføjet automatisk, men der vil ikke blive handlet på "
++"ændringen af slapd-overdækker, og replikering med andre servere kan blive "
++"påvirket."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Databasemotor at bruge:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB og BDB bruger lignende lagerformater, men HDB tilføjer understøttelse "
++#~ "af omdøbning af undertræer. Begge understøtter de samme "
++#~ "konfigurationsindstillinger."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "MDB-motoren anbefales. MDB bruger et nyt lagerformat og kræver mindre "
++#~ "konfiguration end BDB eller HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "Uanset hvad bør du gennemse databasekonfigurationen for dine behov. Se /"
++#~ "usr/share/doc/slapd/README.Debian.gz for yderligere detaljer."
--- /dev/null
--- /dev/null
++# Translation of openldap debconf templates to German
++# Copyright (C) Helge Kreutzmann <debian@helgefjell.de>, 2006-2008, 2010, 2014, 2017.
++# This file is distributed under the same license as the openldap package.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap 2.4.44+dfsg-4\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-15 14:12+0100\n"
++"Last-Translator: Helge Kreutzmann <debian@helgefjell.de>\n"
++"Language-Team: de <debian-l10n-german@lists.debian.org>\n"
++"Language: de\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "OpenLDAP-Server-Konfiguration auslassen?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Falls Sie diese Option aktivieren, wird keine Startkonfiguration oder "
++"Datenbank für Sie erstellt."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "immer"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "wenn benötigt"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "nie"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Datenbank beim Upgrade in Datei ausgeben (»dump«):"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Bevor Sie ein Upgrade auf eine neue Version des OpenLDAP-Servers "
++"durchführen, können die Daten Ihres LDAP-Verzeichnisses in reine Text-"
++"Dateien im standardisierten »LDAP Data Interchange Format« ausgegeben werden."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Die Auswahl von »immer« führt dazu, dass die Datenbanken bedingungslos vor "
++"Upgrades ausgegeben werden. Die Auswahl von »wenn benötigt« führt dazu, dass "
++"die Datenbank nur ausgegeben wird, falls die neue Version nicht mit dem "
++"alten Datenbankformat kompatibel ist und die Datenbank re-importiert werden "
++"muss. Die »nie«-Auswahl führt dazu, dass keine Ausgabe der Daten erfolgt."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Verzeichnis für Datenbank-Ausgaben (»dumps«):"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Bitte geben Sie ein Verzeichnis an, in das die Datenbanken exportiert "
++"werden. Innerhalb dieses Verzeichnisses werden mehrere LDIF-Dateien "
++"erstellt, die zu den im Server befindlichen Suchbasen korrespondieren. "
++"Stellen Sie sicher, dass Sie genug freien Platz auf der Partition haben, auf "
++"der sich das Verzeichnis befindet. Das erste Auftreten der Zeichenkette "
++"»VERSION« wird durch die Server-Version ersetzt, von der aus Sie das Upgrade "
++"durchführen."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Alte Datenbank verschieben?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Es sind noch Dateien in /var/lib/ldap, die wahrscheinlich den "
++"Konfigurationsprozess durcheinander bringen werden. Wird diese Option "
++"aktiviert, dann werden die Betreuerskripte die alten Datenbankdateien "
++"beiseite schieben, bevor sie eine neue Datenbank erstellen."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Konfiguration erneut versuchen?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"Die von Ihnen eingegebene Konfiguration ist ungültig. Stellen Sie sicher, "
++"dass der DNS-Domainname einer gültigen Syntax folgt, das Feld für die "
++"Organisation nicht leer geblieben ist und dass die Administratorpasswörter "
++"übereinstimmen. Falls Sie sich entscheiden, die Konfiguration nicht erneut "
++"zu versuchen, wird der LDAP-Server nicht eingerichtet. Führen Sie »dpkg-"
++"reconfigure slapd« aus, falls Sie die Konfiguration später erneut versuchen "
++"wollen."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "DNS-Domainname:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"Der DNS-Domainname wird zur Erzeugung des Basis-DN Ihres LDAP-Verzeichnisses "
++"verwendet. Zum Beispiel erstellt »foo.example.org« das Verzeichnis mit der "
++"Basis-DN »dc=foo, dc=example, dc=org«."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Name der Organisation:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Bitte geben Sie den Namen der Organisation ein, die im Basis-DN Ihres LDAP-"
++"Verzeichnisses verwendet werden soll."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Administrator-Passwort:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr ""
++"Bitte geben Sie das Passwort für den Administrator-Eintrag in Ihrem LDAP-"
++"Verzeichnis ein."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Passwort bestätigen:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Bitte geben Sie das Passwort für den Administrator-Eintrag Ihres LDAP-"
++"Verzeichnisses nochmal ein, um sicher zu gehen, dass Sie es richtig "
++"eingegeben haben."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Passwörter stimmen nicht überein"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr ""
++"Die beiden eingegebenen Passwörter sind nicht gleich. Bitte versuchen Sie es "
++"noch einmal."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr ""
++"Soll die Datenbank entfernt werden, wenn slapd vollständig gelöscht wird?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "slapcat-Fehlschlag beim Upgrade"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr ""
++"Während des Versuchs, ein Upgrade des LDAP-Verzeichnisses durchzuführen, "
++"trat ein Fehler auf."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"Das Programm »slapcat« schlug beim Versuch, das LDAP-Verzeichnis zu "
++"extrahieren, fehl. Dies könnte durch eine inkorrekte Konfigurationsdatei "
++"verursacht worden sein (beispielsweise fehlende »moduleload«-Zeilen, um die "
++"Backend-Datenbank zu unterstützen)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Dieser Fehlschlag wird später dazu führen, dass auch »slapadd« fehlschlägt. "
++"Die alten Datenbankdateien werden jetzt nach /var/backups verschoben. Falls "
++"Sie dieses Upgrade erneut versuchen wollen, sollten Sie die alten "
++"Datenbankdateien wieder zurück an ihren Platz verschieben, den Grund für den "
++"Fehlschlag von slapcat beheben und folgendes ausführen:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Verschieben Sie dann die Datenbankdateien zurück in den Sicherungsbereich "
++"und versuchen Sie, Slapadd von ${location} auszuführen."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Möglicherweise unsichere Slapd-Zugriffssteuerkonfiguration"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Eine oder mehrere der konfigurierten Datenbanken hat eine "
++"Zugriffssteuerregel, die Benutzern erlaubt, die meisten ihrer eigenen "
++"Konfigurationsoptionen zu verändern. Dies kann unsicher sein, abhängig "
++"davon, wie die Datenbank verwandt wird."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"Im Falle der mit »to *« beginnenden Slapd-Zugriffsregeln, wird empfohlen, "
++"alle Instanzen von »by self write« zu entfernen, so dass Benutzer nur in der "
++"Lage sind, speziell erlaubte Attribute zu ändern."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Lesen Sie /usr/share/doc/slapd/README.Debian.gz für weitere Details."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "Installation abbrechen"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "Trotzdem fortfahren"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Manuelle Aktualisierung des Ppolicy-Schematas empfohlen"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"Die neue Version der Passwort-Richtlinien-Einblendung (Ppolicy) verlangt, "
++"dass im Schema der Attributstyp pwdMaxRecordedFailure definiert wird, der im "
++"aktuell benutzten Schema nicht vorhanden ist. Es wird empfohlen, die "
++"Aktualisierung jetzt abzubrechen und das Ppolicy-Schema zu aktualisieren, "
++"bevor das Upgrade von Slapd durchgeführt wird. Falls Replizierung verwandt "
++"wird, sollte die Schema-Aktualisierung auf jedem Server angewandt werden, "
++"bevor mit dem Upgrade fortgefahren wird."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++"Eine LDIF-Datei wurde mit den für das Upgrade benötigten Änderungen erstellt:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"Falls Slapd daher die Standardzugriffssteuerungsregeln verwendet, können "
++"diese Änderungen (nach dem Start von Slapd) mittels des folgenden Befehls "
++"angewandt werden:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Falls Sie sich stattdessen entscheiden, mit der Installation fortzufahren, "
++"wird der neue Attributstyp automatisch hinzugefügt, aber auf die Änderung "
++"wird nicht durch die Slapd-Überblendungen reagiert und die Replizierung mit "
++"anderen Servern könnte betroffen sein."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Zu verwendendes Datenbank-Backend:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB und BDB verwenden ähnliche Speicherformate, aber HDB enthält "
++#~ "zusätzlich Unterstützung für Teilbaum-Umbenennungen. Beide unterstützen "
++#~ "die gleichen Konfigurationsoptionen."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "Das MDB-Backend wird empfohlen. MDB verwendet ein neues Speicherformat "
++#~ "und benötigt weniger Konfiguration als BDB oder HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "In jedem Fall sollten Sie die erstellte Datenbankkonfiguration im "
++#~ "Hinblick auf Ihre Anforderungen prüfen. Lesen Sie /usr/share/doc/slapd/"
++#~ "README.Debian.gz für weitere Details."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "LDAPv2-Protokoll erlauben?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "Das veraltete LDAPv2-Protokoll ist standardmäßig in slapd deaktiviert. "
++#~ "Programme und Benutzer sollten ein Upgrade auf LDAPv3 durchführen. Falls "
++#~ "Sie alte Programme haben, die LDAPv3 nicht benutzen können, sollten Sie "
++#~ "diese Option wählen und »allow bind_v2« wird zu der Datei slapd.conf "
++#~ "hinzugefügt."
++
++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand"
++#~ msgstr "Slurpd ist veraltet; Replikas müssen von Hand rekonfiguriert werden"
++
++#~ msgid ""
++#~ "One or more slurpd \"replica\" options were found in your slapd config "
++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, "
++#~ "you will need to migrate your replicas to use the syncrepl protocol "
++#~ "instead."
++#~ msgstr ""
++#~ "In Ihrer Konfiguration wurde beim Upgrade eine oder mehrere »replica«-"
++#~ "Optionen gefunden. Da slurpd beginnend mit OpenLDAP 2.4 veraltet ist, "
++#~ "müssen Sie Ihre Repliken auf die Verwendung des Syncrepl-Protokolls "
++#~ "migrieren."
++
++#~ msgid ""
++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be "
++#~ "done automatically and you will need to configure your replica servers by "
++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for "
++#~ "details."
++#~ msgstr ""
++#~ "Die Umstellung von slurpd auf das »pull«-basierte Syncrepl-Protokoll kann "
++#~ "nicht automatisch geschehen und Sie müssen Ihre Repliken-Server von Hand "
++#~ "konfigurieren. Bitte lesen Sie http://www.openldap.org/doc/admin24/"
++#~ "syncrepl.html für Details."
++
++#~ msgid "TLSCipherSuite values have changed"
++#~ msgstr "TLSCipherSuite-Werte haben sich geändert"
++
++#~ msgid ""
++#~ "A \"TLSCipherSuite\" option was found in your slapd config when "
++#~ "upgrading. The values allowed for this option are determined by the SSL "
++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a "
++#~ "result, your existing TLSCipherSuite setting will not work with this "
++#~ "package."
++#~ msgstr ""
++#~ "Eine Option »TLSCipherSuite« wurde beim Upgrade in Ihrer Slapd-"
++#~ "Konfiguration gefunden. Die erlaubten Werte hierfür hängen von der "
++#~ "verwendeten SSL-Implementation ab, die von OpenSSL auf GnuTLS geändert "
++#~ "wurde. Im Ergebnis werden Ihre existierenden TLSCipherSuite-Einstellungen "
++#~ "nicht mit diesem Paket funktionieren."
++
++#~ msgid ""
++#~ "This setting has been automatically commented out for you. If you have "
++#~ "specific encryption needs that require this option to be re-enabled, see "
++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of "
++#~ "ciphers supported by GnuTLS."
++#~ msgstr ""
++#~ "Diese Einstellung wurde für Sie automatisch auskommentiert. Falls Sie "
++#~ "spezielle Anforderung an die Verschlüsselung haben, bei denen diese "
++#~ "Option wieder aktiviert werden muss, lesen Sie die Ausgabe von »gnutls-"
++#~ "cli -l« aus dem Paket Gnutls-bin für die Liste der von GnuTLS "
++#~ "unterstützen Chiffren."
++
++#~ msgid "Back up current database and create a new one?"
++#~ msgstr "Die aktuelle Datenbank sichern und eine neue erstellen?"
++
++#~ msgid ""
++#~ "The directory suffix (domain) you specified doesn't match the one "
++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires "
++#~ "moving aside the current LDAP database and creating a new one. Please "
++#~ "confirm whether you want to back up and abandon the current database."
++#~ msgstr ""
++#~ "Die von Ihnen angegebene Verzeichnisendung (Domain) passt nicht zu der "
++#~ "aktuell in /etc/ldap/slapd.conf eingetragenen. Eine Änderung der "
++#~ "Verzeichnisendung verlangt, dass die aktuelle LDAP-Datenbank beiseite "
++#~ "geschoben und eine neue erstellt wird. Bitte bestätigen Sie, ob Sie die "
++#~ "aktuelle Datenbank sichern und aufgeben wollen."
--- /dev/null
--- /dev/null
++# openldap po-debconf translation to Spanish
++# Copyright 2006 Rudy Godoy <rudy@kernel-panik.org>
++# Copyright 2008 Steve Langasek <vorlon@debian.org>
++# Copyright (C) 2009, 2010 Software in the Public Interest
++# This file is distributed under the same license as the openldap package.
++#
++# Changes:
++# - Initial translation
++# Rudy Godoy <rudy@kernel-panik.org>, 2006
++#
++# - Reviewer
++# Javier Fernandez-Sanguino
++#
++# - Updates
++# Steve Langasek <vorlon@debian.org>, 2008
++# Francisco Javier Cuadrado <fcocuadrado@gmail.com>, 2009, 2010
++# Camaleón <noelamac@gmail.com>, 2014, 2020
++#
++# Traductores, si no conocen el formato PO, merece la pena leer la
++# documentación de gettext, especialmente las secciones dedicadas a este
++# formato, por ejemplo ejecutando:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Equipo de traducción al español, por favor lean antes de traducir
++# los siguientes documentos:
++#
++# - El proyecto de traducción de Debian al español
++# http://www.debian.org/intl/spanish/coordinacion
++# especialmente las notas de traducción en
++# http://www.debian.org/intl/spanish/notas
++#
++# - La guía de traducción de po's de debconf:
++# /usr/share/doc/po-debconf/README-trans
++# o http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap 2.4.23-3exp1\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2020-04-14 07:14+0000\n"
++"Last-Translator: Camaleón <noelamac@gmail.com>\n"
++"Language-Team: Debian Spanish <debian-l10n-spanish@lists.debian.org>\n"
++"Language: es\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=utf-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "¿Desea omitir la configuración del servidor OpenLDAP?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"No se creará la configuración ni la base de datos inicial si habilita esta "
++"opción."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "siempre"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "cuando se necesite"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "nunca"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Volcar las bases de datos a un fichero al actualizar:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Antes de que actualice a una nueva versión del servidor OpenLDAP, se puede "
++"volcar la información de sus directorios LDAP en ficheros de texto plano en "
++"el formato estandarizado «LDAP Data Interchange Format» (formato de "
++"intercambio de datos de LDAP)."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Si selecciona «siempre» se volcarán sus bases de datos de forma "
++"incondicional antes de cada actualización. Si selecciona «cuando se "
++"necesite» sólo se hará un volcado si la nueva versión es incompatible con el "
++"formato de la base de datos antigua y la información se debe volver a "
++"importar. Si selecciona «nunca» no se hará ningún volcado."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Directorio donde volcar las bases de datos:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Especifique el directorio donde se exportarán las bases de datos de LDAP. En "
++"éste se crearán diversos ficheros LDIF que corresponden a las bases de datos "
++"ubicadas en el servidor. Asegúrese de que tiene suficiente espacio libre en "
++"la partición donde se ubica el directorio. La primera ocurrencia de la "
++"cadena «VERSION» se reemplaza con la versión del servidor desde la cual va a "
++"actualizar."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "¿Desea mover la base de datos antigua?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Existen ficheros en «/var/lib/ldap» que probablemente interrumpan el proceso "
++"de configuración. Si activa esta opción, se moverán los ficheros de las "
++"bases de datos antiguas antes de crear una nueva base de datos."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "¿Desea volver a intentar la configuración?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"La configuración que ha introducido no es válida. Asegúrese de que el nombre "
++"de dominio DNS es válido, que el campo de la organización no está en blanco "
++"y que las claves del administrador coinciden. El servidor LDAP quedará sin "
++"configurar si decide no volver a intentar la configuración. Ejecute «dpkg-"
++"reconfigure slapd» si desea volver a intentarlo más tarde."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "Introduzca el nombre de dominio DNS:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"El nombre de dominio DNS se utiliza para construir el DN base del directorio "
++"LDAP. Por ejemplo, si introduce «foo.example.org» el directorio se creará "
++"con un DN base de «dc=foo, dc=example, dc=org»."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Nombre de la organización:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Introduzca el nombre de la organización a utilizar en el DN base del "
++"directorio LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Contraseña del administrador:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr ""
++"Introduzca la contraseña para la entrada de administrador de su directorio "
++"LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Confirme la contraseña:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Introduzca de nuevo la misma contraseña de administrador para su directorio "
++"LDAP para verificar que la introdujo correctamente."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Las contraseñas no coinciden"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr ""
++"Las dos contraseñas que ha introducido son distintas. Inténtelo de nuevo."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr ""
++"¿Desea que se borre la base de datos cuando se purgue el paquete slapd?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "fallo de slapcat durante la actualización"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Se produjo un error mientras se actualizaba su directorio LDAP."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"El programa «slapcat» falló mientras extraía el directorio LDAP. Este fallo "
++"puede deberse a un fichero de configuración incorrecto (por ejemplo, que "
++"falte alguna línea «moduleload» necesaria para el motor del base de datos)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Este fallo hará que también falle «slapadd» más adelante. Se van a mover los "
++"ficheros de la base de datos antigua a «/var/backups». Si desea volver a "
++"intentar la actualización debe mover los ficheros de la base de datos a su "
++"ubicación normal, arreglar lo que hizo que fallara «slapcat» y ejecutar:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Mueva los ficheros de la base de datos de nuevo al área de la copia de "
++"seguridad e intente ejecutar «slapadd» desde «${location}»."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Configuración potencialmente insegura en el control de acceso de slapd"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Una o varias de las bases de datos configuradas contiene una regla de "
++"control de acceso que permite a los usuarios modificar la mayoría de sus "
++"propios atributos. Esta configuración puede ser insegura dependiendo de cómo "
++"se utilice la base de datos."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"Se recomienda que elimine cualquier instancia «by self write» en las reglas "
++"de acceso de slapd que empiecen con «to *» para que los usuarios sólo puedan "
++"modificar los atributos que se hayan permitido expresamente."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Consulte «/usr/share/doc/slapd/README.Debian.gz» para más detalles."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "cancelar la instalación"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "continuar de todas formas"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Se recomienda actualizar manualmente el esquema ppolicy"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"La nueva versión de la superposición Password Policy (ppolicy) requiere que "
++"el esquema defina el tipo de atributo PwdMaxRecordedFailure, no disponible "
++"en el esquema que está actualmente en uso. Se recomienda cancelar la "
++"instalación ahora y actualizar el esquema ppolicy antes de actualizar la "
++"versión de slapd. Si usa la replicación, debe aplicar la actualización del "
++"esquema en cada servidor antes de continuar con la actualización de la "
++"versión."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++"Se ha generado un archivo LDIF con los cambios requeridos para la "
++"actualización:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"por lo que si slapd utiliza las reglas de control de acceso predeterminadas, "
++"puede aplicar estos cambios (después de iniciar slapd) utilizando la orden:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Si decide continuar con la instalación, se añadirá el nuevo tipo de atributo "
++"automáticamente, pero el cambio no afectará a las superposiciones de slapd, "
++"lo que podría afectar a la replicación con otros servidores."
--- /dev/null
--- /dev/null
++# Basque translation for openldap_2.4.40-2_eu.po
++# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
++# This file is distributed under the same license as the PACKAGE package.
++#
++# Piarres Beobide <pi@beobide.net>, 2008.
++# Iñaki Larrañaga Murgoitio <dooteo@zundan.com>, 2010, 2014, 2017.
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap_2.4.40-2_eu\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-10 12:14+0100\n"
++"Last-Translator: Iñaki Larrañaga Murgoitio <dooteo@zundan.com>\n"
++"Language-Team: Basque <debian-l10n-basque@lists.debian.org>\n"
++"Language: eu\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: Lokalize 1.5\n"
++"Plural-Forms: nplurals=2; plural=(n != 1);\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Ez konfiguratu OpenLDAP zerbitzaria?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Aukera hau gaitzen baduzu, ez da hasierako konfigurazio edo datu-baserik "
++"sortuko."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "beti"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "beharrezkoa denean"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "inoiz ere ez"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Irauli datu-baseak fitxategi batetara bertsio-berritzean:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"OpenLDAP zerbitzariaren bertsio berri batetara bertsio-berritu aurretik, "
++"zure LDAP direktorioak testu lau fitxategietara irauliko dira LDAPen datuen "
++"elkartrukatzeko formatu estandarra erabiliz."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"\"Beti\" hautatzean, datu-baseak baldintzarik gabe irauliko dira bertsio-"
++"berritze baten aurretik. \"Beharrezkoa denean\" hautatuz, bertsio berria "
++"datu-base zaharraren formatuarekin bateragarria ez denean eta berriro "
++"inportatu behar denean bakarrik irauliko da datu-basea. \"Inoiz ere ez\" "
++"hautatzen baduzu, inoiz ez da datu-basea irauliko."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Datu-baseak iraultzean erabiliko den direktorioa:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Zehaztu LDAP esportatzeko erabiliko den direktorioa. Direktorio honetan "
++"zerbitzariko datu-base ezberdinei dagozkien LDIF fitxategiak sortuko dira. "
++"Ziurtatu zaitez direktorioaren partizioan behar duzun bezainbeste leku libre "
++"duzula. \"VERSION\" katearen lehenengo agerpena zerbitzariaren jatorrizko "
++"bertsio zenbakiagatik ordeztuko da."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Aldatu datu-base zaharra lekuz?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Konfigurazioko prozesua apur dezaketen fitxategiak daude oraindik /var/lib/"
++"ldap direktorioan. Aukera hau gaitzen baduzu mantentzailearen script-ek datu-"
++"base zaharreko fitxategiak hortik kenduko ditu datu-base berria sortu "
++"aurretik."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Berriz saiatu konfigurazioa egiten?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"Zuk sartutako konfigurazioa baliogabea da. Ziurtatu DNSaren domeinu-izena "
++"sintaktikoki zuzena dela, erakundeari dagokion eremua ezin da hutsik egon "
++"eta LDAPeko administratzailearen pasahitzak berdinak izan behar dira. "
++"Konfigurazioa ez berregitea hautatzen baduzu, LDAP zerbitzaria ez da "
++"konfiguratuko. Beranduago konfigurazioa egin nahi izanez gero, exekutatu "
++"'dpkg-reconfigure slapd'."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "DNSaren domeinu-izena:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"DNSaren domeinu-izena LDAP direktorioaren DN oinarria eraikitzeko erabiliko "
++"da. Adibidez, 'proba.adibide.org' erabiliz DN oinarri gisa 'dc=proba, "
++"dc=example, dc=org' edukiarekin sortuko du direktorioa."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Erakundearen izena:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Idatzi LDAP direktorioko DN oinarrian erabiliko den erakundearen izena."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Administratzailearen pasahitza:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr "Idatzi LDAP direktorioko administratzailearen sarrerarako pasahitza."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Berretsi pasahitza:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Idatzi LDAP direktorioko administratzailearen sarrerarako pasahitza berriro "
++"ondo idatzi duzula ziurtatzeko."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Pasahitzak ez dira berdinak"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "Idatzitako bi pasahitzak ez dira berdinak. Saiatu berriro."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Slapd kentzen bada, datu-basea ere ezabatzea nahi duzu?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "slapcat-ek huts egin du bertsio-berritzean"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Errorea gertatu da LDAP direktorioa bertsio-berritzean."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"'slapcat' programak huts egin du LDAP direktorioa erauztean. Konfigurazioko "
++"fitxategia oker egoteagatik gerta daiteke (adibidez, datu-basearen motorra "
++"onartzeko 'moduleload' lerroak falta badira)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Hutsegite honek 'slapdd'-ek lehenago edo beranduago hutsegitea eragingo du. "
++"Datu-base zaharra /var/backups karpetara eramango da. Bertsio-berritze hau "
++"berriro saiatzea nahi izanez gero, datu-base zaharreko fitxategiak aurreko "
++"kokalekura eraman beharko dituzu. Konpondu slapcat-en hutsegitea eragin "
++"duena eta exekutatu honako komandoa:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Ondoren, eraman datu-basearen fitxategiak babeskopiako kokaleku batera, eta "
++"saiatu slapadd ${location}(e)tik exekutatzen."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Potentzialki ez-segurua den slapd atzitzeko kontrolaren konfigurazioa"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Konfiguratutako datu-base batek (edo gehiagok) erabiltzaileek beraien "
++"atributu gehienak aldatzeko baimentzen duen atzipeneko kontrol-arau bat du. "
++"Hau ez-segurua izan daiteke, datu-basea nola erabiltzen den arabera."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"slapd-ren \"to *\"-rekin hasten diren atzipen arauen kasuan, \"by self write"
++"\"-ren instantziak kentzea gomendatzen da. Horrela, erabiltzaileek bereziki "
++"baimendutako atributuak soilik alda ditzakete."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Irakurri /usr/share/doc/slapd/README.Debian.gz xehetasun gehiagorako."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "utzi bertan behera instalazioa"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "jarraitu dena den"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "ppolicy eskema eskuz eguneratzea gomendatzen da"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"Pasahitzen politikaren (Password Policy, ppolicy) gainjarpenaren bertsio "
++"berriak eskema behar du, erabiltzen ari den uneko eskeman aurkitzen ez den "
++"\"pwdMaxRecordedFailure\" atributu mota definitzeko. Bertsio-berritzea "
++"oraintxe bertan behera botatzea gomendatzen da, eta \"ppolicy\" eskema "
++"eguneratu slapd bertsio-berritu aurretik. Erreplikazioa erabiltzen ari bada, "
++"eskemaren eguneraketa zerbitzari bakoitzean aplikatu beharko litzateke "
++"bertsio-berritzearekin jarraitu aurretik."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++"LDIF fitxategia sortu da bertsio-berritzeak eskatzen dituen aldaketekin:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"'slapd'-ek sarbidetzaren kontrolaren arau lehenetsiak erabiltzen baditu, "
++"aldaketa hauek aplikatzeko (slapd abiarazi ostean) erabili komando hau:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Horren ordez, instalazioarekin aurrera jarraitzea erabakitzen baduzu, "
++"atributu mota berria automatikoki gehituko da, baina aldaketak ez du "
++"eraginik izango slapd-ren gainjarpenetan, eta beste zerbitzariekin "
++"erreplikazioek eragina jasan dezakete."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Datu-basearen motorra:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB eta BDB motorrek antzeko biltegiratze formatuak erabiltzen dituzte, "
++#~ "baina HDB-ek azpizuhaitzak berrizendatzeko euskarria dauka. Biek "
++#~ "konfigurazioko aukera berdinak onartzen dituzte."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "MDB motorra gomendatzen da. MDB-ek biltegiratze formatu berri bat "
++#~ "erabiltzen du, eta BDB edo HDB baino konfigurazio gutxiago eskatzen du."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "Edozein kasutan, sortutako datu-basearen konfigurazioa gainbegiratu "
++#~ "beharko zenuke zure beharrei erantzuten diela ziurtatzeko. Irakurri /usr/"
++#~ "share/doc/slapd/README.Debian.gz xehetasun gehiagorako."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Onartu LDAPv2 protokoloa?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "Lehenespenez slapd-en LDAPv2 protokolo zaharkitua desgaituta dago. "
++#~ "Programa eta erabiltzaileak LDAPv3-ra migratu beharko lirateke. Hautatu "
++#~ "aukera hau baldin eta LDAPv3 erabili ezin duten programa zaharrak "
++#~ "badituzu, eta slapd.conf fitxategiari 'allow bind_v2' gehituko zaio."
--- /dev/null
--- /dev/null
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2008-04-09 20:55+0200\n"
++"Last-Translator: Esko Arajärvi <edu@iki.fi>\n"
++"Language-Team: Finnish <debian-l10n-finnish@lists.debian.org>\n"
++"Language: fi\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Poedit-Language: Finnish\n"
++"X-Poedit-Country: FINLAND\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Ohitetaanko OpenLDAP-palvelimen asetus?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr "Jos valitset tämän vaihtoehdon, asetuksia ja tietokantaa ei luoda."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "aina"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "tarvittaessa"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "ei koskaan"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Vedosta tietokannat tiedostoon päivitettäessä:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Ennen päivitystä OpenLDAP-palvelimen uuteen versioon, LDAP-hakemistoista "
++"voidaan tallentaa vedos standardissa LDAP-tiedonsiirtomuodossa oleviin "
++"tekstitiedostoihin."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Valinta ”aina” merkitsee, että tietokannat vedostetaan tilanteesta "
++"riippumatta ennen päivitystä. Valinta ”tarvittaessa” merkitsee, että "
++"tietokannoista otetaan vedos vain, jos uusi versio ei ole yhteensopiva "
++"vanhan tietokantamuodon kanssa ja tiedot tulee tuoda kantaan uudelleen. "
++"Valittaessa ”ei koskaan” vedostusta ei tehdä."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Tietokantavedosten hakemisto:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Anna hakemisto, johon LDAP-tietokannat vedostetaan. Hakemistoon luodaan "
++"useita LDIF-tiedostoja, joiden sisältö vastaa palvelimen hakukantoja. "
++"Varmista, että valitulla levyosiolla on tarpeeksi vapaata tilaa. Merkkijonon "
++"”VERSION” ensimmäinen esiintymä korvataan päivitettävän palvelimen "
++"versionumerolla."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Siirretäänkö vanha tietokanta?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Hakemistossa /var/lib/ldap on vielä tiedostoja ja ne luultavasti hajoavat "
++"asetusprosessissa. Jos valitset tämän vaihtoehdon, vanhat "
++"tietokantatiedostot siirretään syrjään ennen uuden tietokannan luomista."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Yritetäänkö asetusten tekoa uudelleen?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++#, fuzzy
++#| msgid ""
++#| "The configuration you entered is invalid. Make sure that the DNS domain "
++#| "name is syntactically valid, the organization is not left empty and the "
++#| "admin passwords match. If you decide not to retry the configuration the "
++#| "LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want "
++#| "to retry later."
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"Antamasi asetukset ovat epäkelpoja. Varmista, että DNS-aluenimen syntaksi on "
++"oikea, organisaatiokenttä ei ole tyhjä ja että ylläpitosalasanat täsmäävät. "
++"Jos päätät olla yrittämättä asetusten tekemistä uudelleen, LDAP-palvelimen "
++"asetukset eivät ole valmiit. Voit tehdä asetukset myöhemmin ajamalla "
++"komennon ”dpkg-reconfigure slapd”."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "DNS-aluenimi:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"DNS-aluenimeä käytetään perus-DN:n (erittelevä nimi) luomisessa LDAP-"
++"hakemistolle. Esimerkiksi ”foo.esimerkki.fi” luo hakemiston, jonka perus-DN "
++"on ”dc=foo, dc=esimerkki, dc=fi”."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Organisaation nimi:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr "Anna LDAP-hakemiston perus-DN:ssä käytettävä organisaation nimi."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Ylläpitosalasana:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr "Anna LDAP-hakemiston ylläpitosalasana."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Vahvista salasana:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Syötä LDAP-hakemiston ylläpitosalasana uudelleen varmistaaksesi, että "
++"kirjoitit sen oikein."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Salasanat eivät täsmää"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "Syöttämäsi kaksi salasanaa eivät olleet sama. Yritä uudelleen."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Haluatko, että tietokanta poistetaan siivottaessa paketti slapd?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "Toimintahäiriö ohjelmassa slapcat päivityksen aikana"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Päivitettäessä LDAP-hakemistoa tapahtui virhe."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"LDAP-hakemiston tuottavassa ohjelmassa ”slapcat” tapahtui toimintahäiriö. "
++"Tämä saattaa johtua virheellisestä asetustiedostosta (esimerkiksi "
++"puuttuvista, taustatietokannan tuen lisäävistä ”moduleload”-riveistä)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Tämän toimintahäiriön takia ohjelmassa ”slapadd” tulee myöhemmin ilmenemään "
++"toimintahäiriö. Vanhat tietokantatiedostot siirretään hakemistoon /var/"
++"backups. Jos haluat yrittää päivittämistä uudelleen, vanhat "
++"tietokantatiedostot tulisi siirtää takaisin paikoilleen, korjata "
++"toimintahäiriön aiheuttanut virhe ja ajaa:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++#, fuzzy
++#| msgid ""
++#| "Then move the database files back to a backup area and then try running "
++#| "slapadd from $location."
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Siirrä tämän jälkeen tietokantatiedostot takaisin varmuuskopiohakemistoon ja "
++"aja slapadd sijainnista $location."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr ""
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr ""
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr ""
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr ""
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr ""
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Käytettävä taustatietokanta:"
++
++#, fuzzy
++#~| msgid ""
++#~| "The HDB backend is recommended. HDB and BDB use similar storage formats, "
++#~| "but HDB adds support for subtree renames. Both support the same "
++#~| "configuration options."
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB-taustatietokantaa suositellaan. HDB ja BDB käyttävät samantapaisia "
++#~ "tallennusmuotoja, mutta HDB tukee lisäksi puun osien uudelleennimeämistä. "
++#~ "Molemmat tukevat samoja asetusvalintoja."
++
++#, fuzzy
++#~| msgid ""
++#~| "The HDB backend is recommended. HDB and BDB use similar storage formats, "
++#~| "but HDB adds support for subtree renames. Both support the same "
++#~| "configuration options."
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "HDB-taustatietokantaa suositellaan. HDB ja BDB käyttävät samantapaisia "
++#~ "tallennusmuotoja, mutta HDB tukee lisäksi puun osien uudelleennimeämistä. "
++#~ "Molemmat tukevat samoja asetusvalintoja."
++
++#, fuzzy
++#~| msgid ""
++#~| "In either case, you should review the resulting database configuration "
++#~| "for your needs. See /usr/share/doc/slapd/README.DB_CONFIG.gz for more "
++#~| "details."
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "Joka tapauksessa tulisi tarkistaa, että tuloksena olevat tietokanta-"
++#~ "asetukset vastaavat tarpeita. Tiedostosta /usr/share/doc/slapd/README."
++#~ "DB_CONFIG.gz löytyy lisätietoja (englanniksi)."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Sallitaanko LDAPv2-yhteyskäytäntö?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "Vanhentunut LDAPv2-yhteyskäytäntö on slapdissa oletuksena poissa "
++#~ "käytöstä. Järjestelmät ja ohjelmat päivittää käyttämään LDAPv3:a. Jos "
++#~ "jotkin vanhat ohjelmat eivät voi käyttää LDAPv3-yhteyskäytäntöä, valitse "
++#~ "tämä lisätäksesi asetuksen ”allow bind_v2” tiedostoon slapd.conf"
++
++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand"
++#~ msgstr ""
++#~ "slurpd on vanhentunut; kopioiden asetukset tulee tehdä käsin uudelleen"
++
++#~ msgid ""
++#~ "One or more slurpd \"replica\" options were found in your slapd config "
++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, "
++#~ "you will need to migrate your replicas to use the syncrepl protocol "
++#~ "instead."
++#~ msgstr ""
++#~ "Päivitettäessä slapdin asetuksista löytyi yksi tai useampia ”replica”-"
++#~ "asetuksia. Koska slurpd on vanhentunut OpenLDAPin versiosta 2.4 alkaen, "
++#~ "tulee kopiot vaihtaa käyttämään syncrepl-yhteyskäytäntöä."
++
++#~ msgid ""
++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be "
++#~ "done automatically and you will need to configure your replica servers by "
++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for "
++#~ "details."
++#~ msgstr ""
++#~ "Muunnosta slurpdista vetoon perustuvaan syncrepl-yhteyskäytäntöön ei "
++#~ "voida tehdä automaattisesti ja kopiopalvelimien asetukset tulee tehdä "
++#~ "käsin. Lisätietoja (englanniksi) löytyy tiedostosta http://www.openldap."
++#~ "org/doc/admin24/syncrepl.html."
++
++#~ msgid "TLSCipherSuite values have changed"
++#~ msgstr "TLSCipherSuite-arvot ovat muuttuneet"
++
++#~ msgid ""
++#~ "A \"TLSCipherSuite\" option was found in your slapd config when "
++#~ "upgrading. The values allowed for this option are determined by the SSL "
++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a "
++#~ "result, your existing TLSCipherSuite setting will not work with this "
++#~ "package."
++#~ msgstr ""
++#~ "Asetus ”TLSCipherSuite” löydettiin päivitettäessä slapdin asetuksista. "
++#~ "Tämän asetuksen sallitut arvot riippuvat käytetystä SSL-toteutuksesta. "
++#~ "Käytetty toteutus on vaihdettu OpenSSL:stä GnuTLS:ään. Tämän seurauksena "
++#~ "nykyinen TLSCipherSuite-asetus ei toimi tämän paketin kanssa."
++
++#~ msgid ""
++#~ "This setting has been automatically commented out for you. If you have "
++#~ "specific encryption needs that require this option to be re-enabled, see "
++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of "
++#~ "ciphers supported by GnuTLS."
++#~ msgstr ""
++#~ "Tämä asetus on automaattisesti kommentoitu pois käytöstä. Jos on tarpeen "
++#~ "asettaa tietty salaus tällä asetuksella, lista GnuTLS:n tukemista "
++#~ "salauksista voidaan tulostaa paketin gnutls-bin avulla komennolla ”gnutls-"
++#~ "cli -l”."
++
++#~ msgid "Back up current database and create a new one?"
++#~ msgstr "Tehdäänkö nykyisestä tietokannasta varmuuskopio ja luodaanko uusi?"
++
++#~ msgid ""
++#~ "The directory suffix (domain) you specified doesn't match the one "
++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires "
++#~ "moving aside the current LDAP database and creating a new one. Please "
++#~ "confirm whether you want to back up and abandon the current database."
++#~ msgstr ""
++#~ "Annettu hakemistopääte (verkkotunnus) ei täsmää tiedostossa /etc/ldap/"
++#~ "slapd.conf olevaan. Hakemistopäätteen muuttaminen vaatii, että nykyinen "
++#~ "LDAP-tietokanta siirretään syrjään ja luodaan uusi. Vahvista haluatko "
++#~ "tehdä tehdä varmuuskopion nykyisestä tietokannasta ja hylätä sen."
--- /dev/null
--- /dev/null
++# Translation of openldap debconf templates to French
++# Copyright (C) 2006-2010 Christian Perrier <bubulle@debian.org>
++# This file is distributed under the same license as the openldap package.
++#
++#
++# Christian Perrier <bubulle@debian.org>, 2006-2010, 2014.
++# Jean-Pierre Giraud <jean-pierregiraud@neuf.fr>, 2017.
++msgid ""
++msgstr ""
++"Project-Id-Version: \n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-21 16:28+0100\n"
++"Last-Translator: Jean-Pierre Giraud <jean-pierregiraud@neuf.fr>\n"
++"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
++"Language: fr\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: Lokalize 1.5\n"
++"Plural-Forms: nplurals=2; plural=(n > 1);\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Voulez-vous omettre la configuration d'OpenLDAP ?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Si vous choisissez cette option, aucune configuration par défaut et aucune "
++"base de données ne seront créées."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "Toujours"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "Lorsque nécessaire"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "Jamais"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr ""
++"Sauvegarde des bases de données dans un fichier pour la mise à niveau :"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Avant la mise à niveau du serveur OpenLDAP, les données des annuaires LDAP "
++"peuvent être exportées dans des fichiers au format texte LDIF (« LDAP Data "
++"Interchange Format » : format d'échange de données LDAP)."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Si vous choisissez l'option « Toujours », les données seront "
++"systématiquement exportées avant une mise à niveau. Si vous choisissez "
++"« Lorsque nécessaire », elles ne seront exportées que lorsque la nouvelle "
++"version utilisera un format incompatible avec l'ancienne, ce qui imposera de "
++"réimporter les données. Si vous choisissez « Jamais », les données ne seront "
++"jamais exportées."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Répertoire où exporter les bases de données :"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Veuillez indiquer le répertoire où les bases de données LDAP seront "
++"exportées. Plusieurs fichiers LDIF seront créés dans ce répertoire. Ils "
++"correspondent aux bases de recherche présentes sur le serveur. Veuillez "
++"vérifier que la partition où se trouve ce répertoire comporte suffisamment "
++"de place disponible. La première occurrence de « VERSION » dans le nom de ce "
++"répertoire sera remplacée par la version d'OpenLDAP utilisée avant la mise à "
++"niveau."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Faut-il déplacer l'ancienne base de données ?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Des fichiers présents dans /var/lib/ldap vont probablement provoquer l'échec "
++"de la procédure de configuration. Si vous choisissez cette option, les "
++"scripts de configuration déplaceront les anciens fichiers des bases de "
++"données avant de créer une nouvelle base de données."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Faut-il recommencer la configuration ?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"La configuration que vous avez indiquée n'est pas valable. Veuillez vérifier "
++"que le nom de domaine DNS utilise une syntaxe correcte, que « organisation » "
++"n'est pas vide et que les mots de passe d'administrateur correspondent. Si "
++"vous choisissez de ne pas recommencer la configuration, le serveur LDAP ne "
++"sera pas configuré. Si vous voulez recommencer ce processus, utilisez la "
++"commande « dpkg-reconfigure slapd »."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "Nom de domaine :"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"Le nom de domaine DNS est utilisé pour établir le nom distinctif de base "
++"(« base DN » ou « Distinguished Name ») de l'annuaire LDAP. Par exemple, si "
++"vous indiquez « toto.example.org » ici, le nom distinctif de base sera "
++"« dc=toto, dc=example, dc=org »."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Nom d'entité (« organization ») :"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Veuillez indiquer la valeur qui sera utilisée comme nom d'entité "
++"(« organization ») dans le nom distinctif de base de l'annuaire LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Mot de passe de l'administrateur :"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr ""
++"Veuillez indiquer le mot de passe de l'administrateur de l'annuaire LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Mot de passe de l'administrateur :"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Veuillez entrer à nouveau le mot de passe de l'administrateur de l'annuaire "
++"LDAP afin de vérifier qu'il a été saisi correctement."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Erreur de saisie du mot de passe"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr ""
++"Les deux mots de passe que vous avez entrés sont différents. Veuillez "
++"recommencer."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Faut-il supprimer la base de données lors de la purge du paquet ?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "Échec de slapcat durant la mise à niveau"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Une erreur s'est produite lors de la mise à niveau de l'annuaire LDAP."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"Le programme « slapcat » a échoué en extrayant les données du répertoire "
++"LDAP. Cela peut être dû à un fichier de configuration non valable (par "
++"exemple l'absence de lignes « moduleload » permettant de gérer les divers "
++"types de bases de données)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Cet échec provoquera l'échec ultérieur de « slapadd ». Les anciens fichiers "
++"de bases de données seront déplacés dans /var/backups. Si vous souhaitez "
++"tenter à nouveau la mise à jour, vous devrez les remettre en place, corriger "
++"l'erreur qui a provoqué l'échec de slapcat et utiliser la commande suivante :"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Déplacez ensuite les bases de données vers un emplacement de sauvegarde et "
++"tentez d'utiliser la commande « slapadd » depuis ${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Configuration potentiellement peu sûre du contrôle d'accès de slapd"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Une ou plusieurs des bases de données configurées comportent une règle de "
++"contrôle d'accès qui permet aux utilisateurs de modifier un ou plusieurs de "
++"leurs propres paramètres. Cela peut être peu sûr, selon la façon dont la "
++"base de données est configurée."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"Pour les règles d'accès à slapd qui commencent par « to * », il est "
++"recommandé de supprimer toute occurrence de « by self write », afin que les "
++"utilisateurs ne puissent modifier que des paramètres explicitement autorisés."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr ""
++"Veuillez consulter le fichier /usr/share/doc/slapd/README.Debian.gz pour "
++"plus d'informations."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "Abandonner l'installation"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "Continuer quand même"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Mise à jour manuelle du schéma ppolicy recommandée"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"La nouvelle version de la surcouche Password Policy (ppolicy – politique de "
++"mot de passe) nécessite que le schéma définisse le type d'attribut "
++"pwdMaxRecordedFailure qui n'est pas présent dans le schéma actuel. Il est "
++"recommandé d'abandonner la mise à niveau maintenant, et de mettre à jour le "
++"schéma ppolicy avant de mettre à niveau slapd. Si vous utilisez une "
++"réplication, la mise à jour du schéma doit être appliquée sur chaque serveur "
++"avant de poursuivre la mise à niveau."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++"Un fichier LDAP a été créé avec les modifications requises pour la mise à "
++"jour :"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"aussi, si slapd utilise les règles de contrôle d'accès par défaut, ces "
++"modifications peuvent être appliquées (après le démarrage de slapd) avec la "
++"commande :"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Si vous choisissez plutôt de poursuivre l'installation, le nouveau type "
++"d'attribut sera ajouté automatiquement, mais la modification ne sera pas "
++"appliquée par les surcouches de slapd, et la réplication sur d'autres "
++"serveurs peut être affectée."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Module de base de données à utiliser :"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB et BDB utilisent des formats de stockage analogues. Par contre, HDB "
++#~ "gère les renommages de sous-arbres. Les deux formats utilisent les mêmes "
++#~ "options de configuration."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "Le module MDB est recommandé. Il utilise un nouveau format de stockage et "
++#~ "est plus simple à configurer que BDB ou HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "Quel que soit votre choix, vous devriez vérifier les options de "
++#~ "configuration de la base de données. Pour plus d'informations, veuillez "
++#~ "consulter le fichier /usr/share/doc/slapd/README.Debian.gz."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Faut-il autoriser le protocole LDAPv2 ?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "L'ancien protocole LDAPv2 est désactivé dans slapd. Il est conseillé de "
++#~ "migrer les programmes et les utilisateurs vers la version LDAPv3. Si vous "
++#~ "utilisez d'anciens programmes qui ne gèrent pas encore LDAPv3, vous "
++#~ "devriez choisir cette option, ce qui ajoutera l'option « allow bind_v2 » "
++#~ "au fichier slapd.conf."
++
++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand"
++#~ msgstr "Programme slurpd obsolète : reconfiguration manuelle des réplicats"
++
++#~ msgid ""
++#~ "One or more slurpd \"replica\" options were found in your slapd config "
++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, "
++#~ "you will need to migrate your replicas to use the syncrepl protocol "
++#~ "instead."
++#~ msgstr ""
++#~ "Une ou plusieurs options « replica » de slurpd ont été trouvée dans le "
++#~ "fichier de configuration lors de la mise à niveau. Le programme slurpd "
++#~ "est obsolète à partir de la version 2.4 d'OpenLDAP et il est nécessaire "
++#~ "de migrer les réplicats pour qu'ils utilisent le protocole syncrepl à la "
++#~ "place."
++
++#~ msgid ""
++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be "
++#~ "done automatically and you will need to configure your replica servers by "
++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for "
++#~ "details."
++#~ msgstr ""
++#~ "Cette conversion ne peut se faire automatiquement et vous devez "
++#~ "configurer les serveurs réplicats vous-même. Veuillez consulter http://"
++#~ "www.openldap.org/doc/admin24/syncrepl.html pour plus d'informations."
++
++#~ msgid "TLSCipherSuite values have changed"
++#~ msgstr "Changement des valeurs possibles pour « TLSCipherSuite »"
++
++#~ msgid ""
++#~ "A \"TLSCipherSuite\" option was found in your slapd config when "
++#~ "upgrading. The values allowed for this option are determined by the SSL "
++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a "
++#~ "result, your existing TLSCipherSuite setting will not work with this "
++#~ "package."
++#~ msgstr ""
++#~ "L'option « TLSCipherSuite » a été trouvée dans le fichier de "
++#~ "configuration de slapd lors de la mise à niveau. Les valeurs possibles "
++#~ "pour cette option dépendent de l'implémentation de SSL qui est utilisée. "
++#~ "Comme OpenSSL a été remplacé par GnuTLS, les réglages actuels de "
++#~ "« TLSCipherSuite » ne fonctionnent plus avec cette version du paquet."
++
++#~ msgid ""
++#~ "This setting has been automatically commented out for you. If you have "
++#~ "specific encryption needs that require this option to be re-enabled, see "
++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of "
++#~ "ciphers supported by GnuTLS."
++#~ msgstr ""
++#~ "Ce réglage a été automatiquement mis en commentaire. Si une méthode "
++#~ "spécifique de chiffrement impose de la réactiver, vous devriez consulter "
++#~ "l'affichage de la commande « gnutls-cli -l » du paquet gnutls-bin pour "
++#~ "une liste des méthodes de chiffrement gérées par GnuTLS."
++
++#~ msgid "Back up current database and create a new one?"
++#~ msgstr ""
++#~ "Faut-il sauvegarder l'ancienne base de données et en créer une nouvelle ?"
++
++#~ msgid ""
++#~ "The directory suffix (domain) you specified doesn't match the one "
++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires "
++#~ "moving aside the current LDAP database and creating a new one. Please "
++#~ "confirm whether you want to back up and abandon the current database."
++#~ msgstr ""
++#~ "Le suffixe d'annuaire (domaine) indiqué ne correspond pas à celui qui est "
++#~ "actuellement mentionné dans /etc/ldap/slapd.conf. Le changement du "
++#~ "suffixe d'annuaire nécessite de déplacer la base de données actuelle et "
++#~ "d'en créer une nouvelle. Veuillez confirmer si vous voulez délaisser la "
++#~ "base de données actuelle (une sauvegarde sera effectuée)."
--- /dev/null
--- /dev/null
++# translation of openldap_2.4.23-2_gl.po to Galician
++# Galician translation of openldap's debconf templates.
++# This file is distributed under the same license as the openldap package.
++#
++# Jacobo Tarrio <jtarrio@debian.org>, 2006.
++# Jorge Barreiro <yortx.barry@gmail.com>, 2010, 2014.
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap_2.4.40-2_gl\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2014-11-17 00:40+0100\n"
++"Last-Translator: Jorge Barreiro <yortx.barry@gmail.com>\n"
++"Language-Team: Galician <proxecto@trasno.net>\n"
++"Language: gl\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: Lokalize 1.4\n"
++"Plural-Forms: nplurals=2; plural=n != 1;\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Omitir a configuración do servidor OpenLDAP?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Se escolle esta opción non se creará ningunha configuración ou base de datos "
++"inicial."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "sempre"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "cando se precise"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "nunca"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Envorcar as bases de datos a un ficheiro na actualización:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Antes de actualizar a unha nova versión do servidor OpenLDAP, pódense "
++"envorcar os datos dos seus directorios LDAP a ficheiros de texto normal no "
++"formato estándar LDIF, formato de intercambio de datos LDAP."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"A opción «sempre» fará que as bases de datos se envorquen incondicionalmente "
++"antes dunha actualización. Se escolle «cando se precise» só se ha envorcar a "
++"base de datos se a nova versión é incompatíbel co formato antigo da base de "
++"datos e hai que reimportala. Se escolle «nunca» non se ha envorcar a base de "
++"datos."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Directorio para as bases de datos envorcadas:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Especifique o directorio no que se han exportar as bases de datos LDAP. "
++"Neste directorio hanse crear varios ficheiros LDIF que se corresponden coas "
++"bases de busca almacenadas no servidor. Asegúrese de ter espazo libre "
++"dabondo na partición na que reside o directorio. A primeira aparición da "
++"cadea «VERSION» substitúese pola versión do servidor a partires da que se "
++"actualiza."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Trasladar a base de datos antiga?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Aínda hai ficheiros en /var/lib/ldap que probablemente fagan fallar o "
++"proceso de configuración. Se activa esta opción, os «scripts» do mantedor "
++"apartarán os ficheiros da base de datos antiga antes de crear unha nova base "
++"de datos."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Volver tentar a configuración?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"A configuración que introduciu non é válida. Asegúrese de que o nome de "
++"dominio DNS teña unha sintaxe válida, o campo para a organización non quede "
++"baleiro e os contrasinais do administrador coincidan. Se decide non volver "
++"tentar a configuración non se ha configurar o servidor LDAP. Execute «dpkg-"
++"reconfigure slapd» se quere volver a tentalo noutro momento."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "Nome de dominio DNS:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"O nome de dominio DNS emprégase para construír o DN base do directorio LDAP. "
++"Por exemplo, «foo.example.org» creará o directorio con «dc=foo, dc=example, "
++"dc=org» coma DN base."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Nome da organización:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Introduza aquí o nome da organización a empregar no DN base do seu "
++"directorio LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Contrasinal do administrador:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr ""
++"Introduza o contrasinal para a entrada do administrador no directorio LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Confirme o contrasinal:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Volva introducir o contrasinal do administrador do seu directorio LDAP para "
++"comprobar que o introduciu correctamente."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Contrasinais distintos"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "Os dous contrasinais que introduciu non son iguais. Volva tentalo."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Quere que se elimine a base de datos ao purgar slapd?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "Fallou a execución de slapcat durante a actualización"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Produciuse un erro ao actualizar o directorio LDAP."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"O programa «slapcat» fallou ao extraer o directorio LDAP. Isto pode estar "
++"causado por un ficheiro de configuración incorrecto (por exemplo, se non hai "
++"liñas «moduleload» para o uso da base de datos)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Este fallo fará que «slapadd» tamén falle. Trasladaranse os ficheiros de "
++"base de datos antigos a /var/backups. Se quere volver tentar a "
++"actualización, debería mover os ficheiros da base de datos antiga ao seu "
++"sitio, arranxar o que fixo que fallara slapcat, e executar:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Despois volva trasladar os ficheiros da base de datos a unha zona de copias "
++"de seguridade e probe a executar slapadd desde ${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr ""
++"A configuración de control de acceso de slapd é potencialmente insegura"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Polo menos unha das bases de datos configuradas ten unha regra de control de "
++"acceso que permite aos usuarios modificar a maioría dos atributos. Isto pode "
++"ser inseguro dependendo da maneira en que se use a base de datos."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"No caso das regras de acceso de «slapd» que comezan con «to *», "
++"recoméndaselle eliminar calquera instancia de «by self write», de maneira "
++"que os usuarios só poidan modificar os atributos especificamente permitidos."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Pode obter máis información en /usr/share/doc/slapd/README.Debian.gz ."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr ""
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr ""
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr ""
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Motor de base de datos a empregar:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB e BDB empregan formatos de almacenamento semellantes, pero HDB "
++#~ "permite ademais o cambio de nome de subárbores. Ámbolos dous permiten "
++#~ "usar as mesmas opcións de configuración."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "Recoméndase o motor MDB. MDB usa un formato de almacenamento novo e "
++#~ "precisa menos configuración que BDB ou HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "En calquera caso, debería revisar que a configuración da base de datos se "
++#~ "axusta ás súas necesidades. Pode obter máis información en /usr/share/doc/"
++#~ "slapd/README.Debian.gz ."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Admitir o protocolo LDAPv2?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "O protocolo obsoleto LDAPv2 está desactivado por defecto en slapd. Os "
++#~ "programas e os usuarios deberíanse actualizar a LDAPv3. Se ten programas "
++#~ "antigos que non poidan empregar LDAPv3 debería escoller esta opción, que "
++#~ "fará que se engada «allow bind_v2» ao ficheiro slapd.conf ."
++
++#~ msgid "Back up current database and create a new one?"
++#~ msgstr "¿Facer unha copia da base de datos actual e crear unha nova?"
++
++#~ msgid ""
++#~ "The directory suffix (domain) you specified doesn't match the one "
++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires "
++#~ "moving aside the current LDAP database and creating a new one. Please "
++#~ "confirm whether you want to back up and abandon the current database."
++#~ msgstr ""
++#~ "O sufixo de directorio (dominio) que especificou non coincide co que hai "
++#~ "en /etc/ldap/slapd.conf. Para cambiar o sufixo do directorio hai que "
++#~ "apartar a base de datos LDAP actual e crear unha nova. Confirme se quere "
++#~ "facer unha copia de seguridade da base de datos actual e abandonala."
++
++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand"
++#~ msgstr "slurpd está obsoleto; é preciso reconfigurar as réplicas á man"
++
++#~ msgid ""
++#~ "One or more slurpd \"replica\" options were found in your slapd config "
++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, "
++#~ "you will need to migrate your replicas to use the syncrepl protocol "
++#~ "instead."
++#~ msgstr ""
++#~ "Atopouse unha ou máis opcións \"replica\" na configuración de slapd ao "
++#~ "actualizar. Como slurpd está obsoleto a partires de OpenLDAP 2.4, ha ter "
++#~ "que migrar as súas réplicas para que empreguen no seu canto o protocolo "
++#~ "syncrepl."
++
++#~ msgid ""
++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be "
++#~ "done automatically and you will need to configure your replica servers by "
++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for "
++#~ "details."
++#~ msgstr ""
++#~ "Non se pode realizar automaticamente a conversión de slurpd ao protocolo "
++#~ "syncrepl baseado en pull, e ha ter que configurar manualmente os seus "
++#~ "servidores réplica. Consulte http://www.openldap.org/doc/admin24/syncrepl."
++#~ "html para máis detalles."
++
++#~ msgid "TLSCipherSuite values have changed"
++#~ msgstr "Os valores de TLSCipherSuite cambiaron"
++
++#~ msgid ""
++#~ "A \"TLSCipherSuite\" option was found in your slapd config when "
++#~ "upgrading. The values allowed for this option are determined by the SSL "
++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a "
++#~ "result, your existing TLSCipherSuite setting will not work with this "
++#~ "package."
++#~ msgstr ""
++#~ "Atopouse unha opción \"TLSCipherSuite\" na configuración de slapd ao "
++#~ "actualizar. Os valores admitidos para esta opción están determinados pola "
++#~ "implementación de SSL en uso, que se cambiou de OpenSSL a GnuTLS. Coma "
++#~ "resultado, a configuración actual de TLSCipherSuite non ha funcionar con "
++#~ "este paquete."
++
++#~ msgid ""
++#~ "This setting has been automatically commented out for you. If you have "
++#~ "specific encryption needs that require this option to be re-enabled, see "
++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of "
++#~ "ciphers supported by GnuTLS."
++#~ msgstr ""
++#~ "Anulouse cun comentario esta configuración por vostede. Se ten "
++#~ "necesidades de cifrado específicas que precisan de que se volva activar "
++#~ "esta opción, consulte a saída de \"gnutls-cli -l\" no paquete gnutls-bin "
++#~ "para obter a lista de sistemas de cifrado soportados por GnuTLS."
--- /dev/null
--- /dev/null
++# Italian (it) translation of debconf templates for openldap
++# This file is distributed under the same license as the openldap package.
++# Luca Monducci <luca.mo@tiscali.it>, 2007-2017.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap 2.4.40-2 italian debconf templates\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-21 11:42+0100\n"
++"Last-Translator: Luca Monducci <luca.mo@tiscali.it>\n"
++"Language-Team: Italian <debian-l10n-italian@lists.debian.org>\n"
++"Language: it\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Omettere la configurazione del server OpenLDAP?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Se si accetta, non verranno creati la configurazione iniziale né il database."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "sempre"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "quando necessario"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "mai"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Fare il dump su file dei database prima dell'aggiornamento:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Prima dell'aggiornamento a una nuova versione del server OpenLDAP, è "
++"possibile fare il dump delle proprie directory LDAP in dei semplici file di "
++"testo in formato LDIF (lo standard per lo scambio di dati LDAP)."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Selezionando \"sempre\" il dump dei database verrà effettuato prima di ogni "
++"aggiornamento. Con \"quando necessario\" il dump dei database verrà fatto "
++"solo quando la nuova versione è incompatibile con il vecchio formato del "
++"database e quindi deve essere reimportato. Infine con \"mai\" il dump dei "
++"database non verrà mai fatto."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Directory per il dump dei database:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Indicare la directory in cui verranno esportati i database LDAP. In questa "
++"directory verrà creato un file LDIF per ogni base di ricerca presente sul "
++"server. Assicurarsi di avere spazio libero sufficiente sulla partizione che "
++"contiene la directory indicata. La prima occorrenza della stringa \"VERSION"
++"\" viene sostituita con la versione del server che si sta aggiornando."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Spostare il vecchio database?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Ci sono ancora dei file in /var/lib/ldap che potrebbero intralciare il "
++"processo di configurazione. Se si accetta, gli script di installazione "
++"toglieranno di mezzo i file dei vecchi database prima di creare il nuovo "
++"database."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Ripetere la configurazione?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"La configurazione inserita non è valida. Assicurarsi che il nome di dominio "
++"DNS sia sintatticamente corretto, che il campo per il nome "
++"dell'organizzazione non sia stato lasciato in bianco e che le password di "
++"amministrazione coincidano. Se si decide di non riprovare la configurazione, "
++"il server LDAP non verrà impostato. In seguito, per riprovare la "
++"configurazione, usare \"dpkg-reconfigure slapd\"."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "Nome di dominio DNS:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"Il nome DNS di dominio è usato per costruire la base DN della directory "
++"LDAP. Per esempio con \"pippo.esempio.org\" sarà creata una directory con "
++"\"dc=pippo, dc=esempio, dc=org\" come base DN."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Nome dell'organizzazione:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Inserire il nome dell'organizzazione da usare nella base DN della propria "
++"directory LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Password dell'amministratore:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr ""
++"Inserire la password per l'amministrazione della propria directory LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Conferma della password:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Inserire di nuovo la password per l'amministrazione della propria directory "
++"LDAP, per verificare che sia stata digitata correttamente."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Le password non coincidono"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "Le due password inserite non sono uguali; si prega di riprovare."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Eliminare il database in caso di rimozione completa di slapd?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "Problema con slapcat durante l'aggiornamento"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr ""
++"Si è verificato un errore durante l'aggiornamento della directory LDAP."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"Il programma \"slapcat\" ha riportato un errore durante l'estrazione della "
++"directory LDAP. L'errore potrebbe essere causato da un file di "
++"configurazione sbagliato (per esempio, la mancanza delle righe \"moduleload"
++"\" per il supporto al database di backend)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Questo errore provocherà anche il successivo fallimento di \"slapadd\". I "
++"file del vecchio database saranno spostati in /var/backups. Per riprovare "
++"l'aggiornamento è necessario riportare i file nella posizione originale, "
++"correggere ciò che ha causato il fallimento di slapcat ed eseguire:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Poi spostare i file del database in un'area di backup e provare a eseguire "
++"slapadd da ${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Configurazione degli accessi di slapd potenzialmente non sicura"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Uno o più dei database configurati hanno una regola di accesso che permette "
++"agli utenti di modificare la maggior parte dei propri attributi. Ciò è non "
++"sicuro, il livello di pericolosità dipende da qual è l'uso del database."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"Se esistono regole di accesso che iniziano con \"to *\", si raccomanda di "
++"togliere tutti i \"by self write\" in modo che gli utenti possano modificare "
++"solo gli attributi a loro consentiti."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr ""
++"Consultare /usr/share/doc/slapd/README.Debian.gz per maggiori informazioni."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "interrompi l'installazione"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "continua comunque"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Aggiornamento manuale dello schema ppolicy"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"La nuova versione dell'overlay Password Policy (ppolicy) richiede la "
++"definizione nello schema del tipo di attributo pwdMaxRecordedFailure il "
++"quale non è presente nello schema attualmente in uso. Si raccomanda di "
++"interrompere adesso l'aggiornamento e di preparare lo schema ppolicy prima "
++"di aggiornare slapd. Nel caso si utilizzi la replica, occorre preparare lo "
++"schema su ogni server prima di continuare con l'aggiornamento."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr "È stato generato un file LDIF con le necessarie modifiche allo schema:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"se slapd sta usando le regole di controllo d'accesso predefinite, le "
++"modifiche possono essere applicate (dopo aver avviato slapd) usando il "
++"comando:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Nel caso si decida di continuare l'installazione, il nuovo tipo di attributo "
++"verrà aggiunto automaticamente ma la modifica non agirà sul funzionamento "
++"degli overlay di slapd e potrebbe influenzare la replica con altri server."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Database di backend da usare:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB e BDB usano un formato di memorizzazione simile ma HDB dispone in più "
++#~ "del supporto per rinominare i sottoalberi. Entrambi hanno le stesse "
++#~ "opzioni da configurare."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "Si raccomanda MDB come backend. MDB usa un formato di memorizzazione "
++#~ "nuovo e richiede la configurazione di un minor numero di opzioni rispetto "
++#~ "a BDB e HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "In ogni caso è opportuno rivedere la configurazione del database in base "
++#~ "alle proprie necessità. Consultare /usr/share/doc/slapd/README.Debian.gz "
++#~ "per maggiori informazioni."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Abilitare il protocollo LDAPv2?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "Con la configurazione predefinita di slapd il vecchio protocollo LDAPv2 è "
++#~ "disabilitato. I programmi e gli utenti dovrebbero aggiornarsi a LDAPv3. "
++#~ "Se si usa qualche vecchio programma che non può usare LDAPv3, si dovrebbe "
++#~ "accettare in modo da aggiungere \"allow bind_v2\" al file di "
++#~ "configurazione slapd.conf."
--- /dev/null
--- /dev/null
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-15 13:46+0900\n"
++"Last-Translator: Kenshi Muto <kmuto@debian.org>\n"
++"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
++"Language: ja\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "OpenLDAP サーバの設定を省略しますか?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr "ここで「はい」を選ぶと、初期設定やデータベースは作成されません。"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "常に"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "必要なときに"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "行わない"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "更新時にデータベースをファイルにダンプ:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"OpenLDAP サーバの新しいバージョンへの更新の前に、LDAP ディレクトリのデータ"
++"を、標準 LDAP データ交換フォーマットのプレインテキストファイルにダンプできま"
++"す。"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"「常に」を選ぶと、無条件に更新の前にデータベースをダンプするようになります。"
++"「必要なときに」を選ぶと、新しいバージョンが古いデータベースフォーマットと非"
++"互換で、再インポートが必要なときに、データベースをダンプします。「行わない」"
++"を選ぶと、データベースのダンプを行いません。"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "データベースのダンプに使うディレクトリ:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"LDAP データベースをエキスポートするディレクトリを指定してください。このディレ"
++"クトリの中には、サーバ上に配置された検索ベースに関連するいくつかの LDIF ファ"
++"イルが作成されます。ディレクトリを格納するパーティションに十分な空き領域があ"
++"ることを確認してください。最初に出現する文字列 \"VERSION\" は、更新対象のサー"
++"バのバージョンで置き換えられます。"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "古いデータベースを移動しますか?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"おそらく設定手順を壊すと思われるファイルが、/var/lib/ldap にまだあります。こ"
++"の選択肢で「はい」を選ぶと、メンテナスクリプトは新しいデータベースを作成する"
++"前に古いデータベースファイルを別の場所に移動します。"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "設定を再試行しますか?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"入力された設定は無効です。DNS ドメイン名が有効な文法になっていること、組織名"
++"のフィールドが空になっていないことと、管理者パスワードが合っていることを確認"
++"してください。設定を再試行しないと、LDAP サーバはセットアップされません。あと"
++"で再試行するときには、\"dpkg-reconfigure slapd\" を実行してください。"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "DNS ドメイン名:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"DNS ドメイン名は LDAP ディレクトリのベース DN を形成するのに使われます。たと"
++"えば、'foo.example.org' は、ベース DN として 'dc=foo, dc=example, dc=org' の"
++"ディレクトリを作成します。"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "組織名:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr "LDAP ディレクトリのベース DN 内で使う組織の名前を入力してください。"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "管理者のパスワード:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr ""
++"あなたの LDAP ディレクトリでの管理者エントリのパスワードを入力してください。"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "パスワードの確認:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"正しくタイプしたかの確認のために、先ほど入力したのと同じ LDAP ディレクトリ用"
++"の admin のパスワードを再度入力してください。"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "パスワードが合致しません"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "2回入力されたパスワードは同じではありません。再度入力してください。"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "slapd をパージしたときにデータベースを削除しますか?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "更新中に slapcat が失敗"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "LDAP ディレクトリの更新中にエラーが発生しました。"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"LDAP ディレクトリの展開中に 'slapcat' プログラムが失敗しました。これは不正な"
++"設定ファイル (たとえばバックエンドデータベースをサポートするための "
++"'moduleload' 行がないなど) によって引き起こされた可能性があります。"
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"この失敗は、後で 'slapadd' を失敗させることになります。古いデータベースファイ"
++"ルは /var/backups に移動されます。更新を再試行したいのであれば、古いデータ"
++"ベースファイルを元の場所に戻して slapcat が失敗する原因を修正し、次のように実"
++"行します:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"そして、データベースファイルをバックアップ領域に戻し、slapadd を ${location} "
++"から実行してみます。"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "潜在的に安全でない slapd のアクセス制御設定です"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"設定されたデータベースには、ユーザに自身の属性のほとんどの変更を許容する 1 つ"
++"以上のアクセス制御ルールがあります。これはデータベースの使いようによっては安"
++"全でない可能性があります。"
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"\"to *\" で始まる slapd アクセスルールがある場合、各 \"by self write\" 記述を"
++"削除することをお勧めします。そうすれば、ユーザが変更できるのは明示的に許可さ"
++"れた属性のみになります。"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr ""
++"詳細については /usr/share/doc/slapd/README.Debian.gz を参照してください。"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "インストールの中止"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "かまわず続ける"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "手動の ppolicy スキーマ更新の推奨"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"Password Policy (ppolicy) オーバレイの新しいバージョンは、現在使用しているス"
++"キーマに存在しない pwdMaxRecordedFailure 属性型をスキーマに定義する必要があり"
++"ます。アップグレードを今すぐ中止し、slapd をアップグレードする前に ppolicy ス"
++"キーマを更新することをお勧めします。レプリケーションが使われている場合、この"
++"アップグレードを続ける前にスキーマの更新を各サーバに適用しておくべきです。"
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr "アップグレードに必要な変更付きの LDIF ファイルが生成されました:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"slapd がデフォルトのアクセス制御ルールを使っているのであれば、これらの変更は "
++"(slapd が開始した後に) 以下のコマンドによって適用できます:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"インストールを続けることを選ぶと、新しい属性型は自動的に追加されますが、この"
++"変更は slapd オーバレイで実行されず、他のサーバとのレプリケーションに影響する"
++"可能性があります。"
++
++#~ msgid "Database backend to use:"
++#~ msgstr "利用するデータベースバックエンド:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB と BDB は似たストレージフォーマットを使いますが、HDB にはサブツリーの"
++#~ "名前変更のサポートが加わっています。共に、同じ設定オプションをサポートしま"
++#~ "す。"
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "MDB バックエンドをお勧めします。MDB は新しいストレージフォーマットを採用し"
++#~ "ており、BDB や HDB よりも少ない設定で済みます。"
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "いずれの場合でも、必要に応じてデータベース設定の結果を再確認すべきです。詳"
++#~ "細については /usr/share/doc/slapd/README.Debian.gz を参照してください。"
--- /dev/null
--- /dev/null
++# Dutch translation of openldap debconf templates.
++# Copyright (C) 2008-2011 THE PACKAGE'S COPYRIGHT HOLDER
++# This file is distributed under the same license as the openldap package.
++# Bart Cornelis <cobaco@skolelinux.no>, 2008.
++# Jeroen Schot <schot@a-eskwadraat.nl>, 2011.
++# Frans Spiesschaert <Frans.Spiesschaert@yucom.be>, 2014, 2017.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap 2.4.44+dfsg-4\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-12 14:24+0100\n"
++"Last-Translator: Frans Spiesschaert <Frans.Spiesschaert@yucom.be>\n"
++"Language-Team: Debian Dutch l10n Team <debian-l10n-dutch@lists.debian.org>\n"
++"Language: nl\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"Plural-Forms: nplurals=2; plural=(n != 1);\n"
++"X-Generator: Gtranslator 2.91.6\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Wilt u het configureren van de OpenLDAP-server overslaan?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Wanneer u deze optie kiest, worden er geen initiële configuratie en databank "
++"voor u aangemaakt."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "altijd"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "wanneer nodig"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "nooit"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Bij de opwaardering de databanken exporteren naar bestand:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Vooraleer een opwaardering naar een nieuwe versie van de OpenLDAP-server "
++"uitgevoerd wordt, kunnen de data in uw LDAP-catalogi geëxporteerd worden "
++"naar een gewoon tekstbestand in LDIF-indeling (dit is het gestandaardiseerde "
++"'LDAP Data Interchange Format')."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Wanneer u 'altijd' selecteert, worden de databanken voor elke opwaardering "
++"onvoorwaardelijk naar een bestand geëxporteerd. Wanneer u 'wanneer nodig' "
++"selecteert, worden de databanken enkel geëxporteerd wanneer de nieuwe "
++"databank-indeling incompatibel is met de oude indeling en de data opnieuw "
++"geïmporteerd moeten worden. Wanneer u 'nooit' kiest wordt er geen databank-"
++"export gemaakt."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Voor databank-exports te gebruiken map:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Geef de map op waarnaar LDAP-databanken geëxporteerd moeten worden. In deze "
++"map worden verschillende LDIF-bestanden aangemaakt die overeenkomen met de "
++"zoekbasissen op de server. U dient ervoor te zorgen dat u genoeg vrije "
++"ruimte heeft op de partitie waar de map zich bevindt. Het eerste voorkomen "
++"van de tekst 'VERSION' wordt vervangen door de server-versie vanwaar u "
++"opwaardeert."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Wilt u de oude databank verplaatsen?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Er bevinden zich nog bestanden in /var/lib/ldap die het configuratieproces "
++"waarschijnlijk zullen verstoren. Als u voor deze optie kiest, zullen de "
++"scripts van de pakketbeheerder de oude databankbestanden wegzetten voordat "
++"ze de nieuwe databank aanmaken."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Configuratie opnieuw proberen?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"De door u ingevoerde configuratie is ongeldig. Zorg ervoor dat: de DNS-"
++"domeinnaam een geldige syntaxis heeft, het veld voor de organisatie niet "
++"leeg is, en de beheerderswachtwoorden overeenkomen. Wanneer u ervoor kiest "
++"om de configuratie niet opnieuw te proberen, wordt uw LDAP-server niet "
++"ingesteld. U kunt later altijd 'dpkg-reconfigure slapd' uitvoeren om de "
++"configuratie opnieuw te proberen. "
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "DNS-domeinnaam:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"De DNS-domeinnaam wordt gebruikt als de basis-DN van uw LDAP-catalogus. foo."
++"example.org invoeren geeft u de basis-DN dc=foo, dc=example, dc=org."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Organisatienaam:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Geef op welke organisatienaam gebruikt moet worden in de basis-DN van uw "
++"LDAP-catalogus."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Beheerderswachtwoord:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr ""
++"Gelieve het wachtwoord op te geven voor het beheerdersaccount in uw LDAP-"
++"catalogus."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Bevestig het wachtwoord:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Gelieve het beheerderswachtwoord van uw LDAP-catalogus nogmaals in te tikken "
++"(dit om tikfouten tegen te gaan)."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Wachtwoorden komen niet overeen"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr ""
++"De twee door u ingevoerde wachtwoorden kwamen niet overeen. Gelieve nogmaals "
++"te proberen."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Wilt u dat de databank verwijderd wordt wanneer slapd gewist wordt?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "slapcat gaf een fout tijdens de opwaardering"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr ""
++"Er is een fout opgetreden tijdens het opwaarderen van uw LDAP-catalogus."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"Bij het uitpakken van de LDAP-catalogus signaleerde het programma 'slapcat' "
++"een fout. Dit kan veroorzaakt worden door een onjuist configuratiebestand "
++"(bv. het ontbreken van 'moduleload'-regels voor het ondersteunen van de "
++"backenddatabank)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Deze mislukking zorgt ervoor dat 'slapadd' zo meteen ook mislukt. De oude "
++"databankbestanden worden verplaatst naar /var/backups . Als u deze "
++"opwaardering opnieuw wilt proberen, dient u eerst de oude databankbestanden "
++"terug te plaatsen, daarna de oorzaak van het mislukken van slapcat op te "
++"lossen, en tenslotte de volgende opdracht uit te voeren:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Vervolgens verplaatst u de databankbestanden terug naar de reservekopie-map "
++"en probeert u slapadd uit te voeren vanaf ${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "De configuratie van de slapd-toegangscontrole is mogelijk onveilig"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Een of meer van de geconfigureerde databanken gebruikt bij de "
++"toegangscontrole een regel die gebruikers toelaat om het grootste deel van "
++"hun eigen attributen te wijzigen. Afhankelijk van de wijze waarop de "
++"databank gebruikt wordt, is dit mogelijk onveilig."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"In het geval er slapd-toegangsregels van toepassing zijn die met \"to *\" "
++"beginnen, wordt aanbevolen om elk voorkomen van \"by self write\" te "
++"verwijderen, waardoor gebruikers enkel die attributen kunnen wijzigen "
++"waarvoor dit expliciet toegestaan wordt."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Raadpleeg /usr/share/doc/slapd/README.Debian.gz voor meer details."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "de installatie afbreken"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "desondanks toch voortgaan"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Het handmatig bijwerken van het ppolicy schema wordt aanbevolen"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"De nieuwe versie van de Password Policy (ppolicy) overlay vereist dat het "
++"schema het attribuuttype pwdMaxRecordedFailure definieert, maar dit komt "
++"niet voor in het schema dat momenteel in gebruik is. Het wordt aanbevolen om "
++"de opwaardering nu af te breken en het ppolicy-schema bij te werken "
++"vooraleer slapd opgewaardeerd wordt. Indien replicatie toegepast wordt, moet "
++"het bijwerken van het schema op elke server uitgevoerd worden voor u "
++"voortgaat met de opwaardering."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++"Er werd een LDIF-bestand gegenereerd met de voor de opwaardering vereiste "
++"wijzigingen:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"dus als slapd de standaardregels voor toegangscontrole gebruikt, kunnen deze "
++"wijzigingen toegepast worden door (na het starten van slapd) de volgende "
++"opdracht uit te voeren:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Indien u er integendeel voor kiest de installatie voort te zetten, zal het "
++"nieuwe attribuuttype automatisch toegevoegd worden, maar zullen de slapd-"
++"overlays geen rekening houden met de aanpassing en dit kan de replicatie met "
++"andere servers beïnvloeden."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Te gebruiken databankbackend:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB en BDB gebruiken een gelijkaardige opslagindeling, maar HDB "
++#~ "ondersteunt ook het hernoemen van deelbomen. Beide ondersteunen dezelfde "
++#~ "configuratieopties."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "Het MDB-backend is de aanbevolen keuze. MDB maakt gebruik van een nieuw "
++#~ "opslagformaat en vraagt minder configuratie dan BDB of HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "In elk geval is het een goed idee om te controleren of de resulterende "
++#~ "databankconfiguratie aan uw noden voldoet. Meer informatie vindt u in /"
++#~ "usr/share/doc/slapd/README.Debian.gz."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "LDAPv2-protocol toelaten?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "Het verouderde LDAPv2-protocol is standaard uitgeschakeld in slapd. "
++#~ "Programma's en gebruikers dienen op te waarderen naar LDAPv3. Als u oude "
++#~ "programma's heeft die geen LDAPv3 aankunnen, dient u deze optie te kiezen "
++#~ "(hierdoor wordt 'allow bind_v2' toegevoegd aan uw 'slapd.conf'-bestand)."
--- /dev/null
--- /dev/null
++# Portuguese translation for openldap debconf messages.
++# Copyright (C) Tiago Fernandes <tjg.fernandes@gmail.com>, 2006
++# This file is distributed under the same license as the openldap package.
++#
++# Tiago Fernandes <tjg.fernandes@gmail.com>, 2006,2008,2010.
++# Rui Branco - DebianPT <ruipb@debianpt.org>, 2017.
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap 2.4.44+dfsg-3\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-04-10 22:08+0000\n"
++"Last-Translator: Rui Branco - DebianPT <ruipb@debianpt.org>\n"
++"Language-Team: Portuguese <traduz@debianpt.org>\n"
++"Language: pt\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"Plural-Forms: nplurals=2;\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Omitir a configuração do servidor OpenLDAP?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Se activar esta opção, não será criada inicialmente uma configuração ou base "
++"de dados para si."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "sempre"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "quando necessário"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "nunca"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Despejar as bases de dados para ficheiro durante a actualização:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Antes de actualizar para uma nova versão do servidor OpenLDAP, os dados dos "
++"seu directórios LDAP podem ser despejados para ficheiros de texto simples no "
++"formato padronizado LDAP Data Interchange Format."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Seleccionar \"sempre\" fará com as bases de dados sejam despejadas "
++"incondicionalmente antes de uma actualização. Seleccionar \"quando necessário"
++"\" irá apenas despejar a base de dados se a nova versão for incompatível com "
++"o formato da base de dados antiga e for necessário reimportar-la. Se "
++"seleccionar \"nunca\", não será feito qualquer despejo."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Directório a utilizar para bases de dados despejadas:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Por favor, especifique o directório para onde as bases de dados LDAP serão "
++"exportadas. Dentro deste directório serão criados vários ficheiros LDIF que "
++"correspondem às bases de pesquisas localizadas no servidor. Assegure-se que "
++"tem espaço livre suficiente na partição onde se encontra o directório. A "
++"primeira ocorrência da string \"VERSION\" é substituída com a versão do "
++"servidor que está a actualizar."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Mover a base de dados antiga?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Ainda existem ficheiros em /var/lib/ldap que provavelmente irão parar o "
++"processo de configuração. Se activar esta opção, os scripts do maintainer "
++"irão mover os ficheiros antigos da base de dados para fora do caminho, antes "
++"de criar a nova base de dados."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Tentar novamente a configuração?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"A configuração que inseriu é inválida. Assegure-se que o nome do domínio DNS "
++"tem uma sintaxe válida, que a organização é preenchida e que as palavras-"
++"chave de administrador coincidem. Se decidir não tentar novamente a "
++"configuração, o servidor de LDAP não ficará configurado. Corra \"dpkg-"
++"reconfigure slapd\" se quiser tentar novamente mais tarde."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "Nome do domínio DNS:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"O nome do domínio DNS é usado para construir o DN base do seu directório "
++"LDAP. Por exemplo, 'foo.exemplo.org' irá criar o directório com 'dc=foo,"
++"dc=exemplo,dc=org' como DN base."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Nome da Organização:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Por favor, insira o nome da organização a usar, no DN base do seu directório "
++"LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Palavra-passe do administrador:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr ""
++"Por favor, insira a palavra-passe para a entrada admin do seu directório "
++"LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Confirme a palavra-passe:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Por favor introduza novamente a palavra-passe de admin do seu directório "
++"LDAP, para verificar se a introduziu correctamente."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "A palavra-passe não coincide"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr ""
++"As duas palavra-passe que você introduziu não são iguais. Por favor, tente "
++"novamente."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Quer que a base de dados seja removida quando o slapd for purgado?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "Falha do slapcat durante a actualização"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Ocorreu um erro durante a actualização do directório LDAP."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"O programa 'slapcat' falhou enquanto extraía o directório LDAP. Isto pode "
++"ter sido causado por um ficheiro de configuração incorrecto (por exemplo, "
++"linhas 'moduleload' em falta para suportar o backend da base de dados)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Esta falha irá fazer com que o 'slapadd' falhe também mais tarde. Os "
++"ficheiros antigos da base de dados serão movidos para /var/backups. Se "
++"quiser tentar novamente esta actualização, deverá mover os ficheiros antigos "
++"da base de dados antiga de volta para o seu lugar, corrigir o que possa ter "
++"causado a falha do slapcat, e executar:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Depois mova os ficheiros da base de dados de volta para a área de backup e a "
++"seguir tente correr o slapadd a partir de ${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Configuração de controlo de acesso ao slapd potencialmente insegura"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Uma ou mais das bases de dados configuradas têm uma regra de controlo de "
++"acesso que permite os utilizadores modificarem os seus próprios atributos. "
++"Isto pode ser inseguro, dependendo de como a base de dados é utilizada."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"No caso das regras de acesso do slapd que começam com \" até *\", é "
++"recomendado que se remova qualquer instância de \"by self write\", de "
++"maneira a que os utilizadores possam modificar especificamente atributos "
++"permitidos."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Ver /usr/share/doc/slapd/README.Debian.gz para mais detalhes."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "abortar a instalação"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "continuar de qualquer forma "
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Recomendada actualização manual do esquema ppolicy"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"A nova versão do overlay da politica de palavra-chave (ppolicy) requer ao "
++"esquema que seja definida um tipo de atributo pwdMaxRecordedFailure, o qual "
++"não está presente no esquema em uso. É recomendadoabortar a instalação neste "
++"momento, e actualizar o esquema ppolicy antes de actualizar o slapd. Se a "
++"replicação está em uso, a actualização do esquema deverá ser efectuada em "
++"cada servidor antes de continuar a actualização."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++"Um ficheiro LDIF foi criado com as alterações requeridas para a actualização:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"assim se o slapd estiver a usar as regras de controlo de acesso por "
++"predefinição, estas alterações podem ser aplicadas (depois de iniciar o "
++"slapd) ao usar o seguinte comando:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Se escolher continuar a instalação, o novo tipo de atributo será "
++"automaticamente adicionado, mas a alteração não terá efeito nos overlays "
++"slapd, e replicação com outros servidores pode ser afectada."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Backend a usar para a base de dados:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB e BDB usam formatos similares de armazenamento, mas o HDB adiciona "
++#~ "suporte para renomeação de sub-árvores. Ambos suportam as mesmas opções "
++#~ "de configuração."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "É recomendado o backend MDB. MDB utiliza um novo formato de armazenamento "
++#~ "e requer menos configurações do que BDB ou HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "Em qualquer caso, deverá rever a configuração da base de dados "
++#~ "resultante, para as suas necessidades. Ver /usr/share/doc/slapd/README."
++#~ "Debian.gz para mais detalhes."
++
++#~ msgid ""
++#~ "In the version of slapd about to be installed, the ppolicy overlay "
++#~ "requires the new pwdMaxRecordedFailure attribute to be defined in the "
++#~ "ppolicy schema. The schema contained in the cn=config database does not "
++#~ "currently include this attribute."
++#~ msgstr ""
++#~ "Na versão do slapd prestes a ser instalada, o 'overlay' ppolicy requer a "
++#~ "definição de um novo atributo pwdMaxRecordedFailure no esquema ppolicy. "
++#~ "O esquema contido na base de dados cn=config não inclui actualmente este "
++#~ "atributo."
++
++#~ msgid ""
++#~ "The ppolicy schema can be updated by applying the changes found in the "
++#~ "following LDIF file:"
++#~ msgstr ""
++#~ "O esquema ppolicy pode ser actualizado aplicando as alterações "
++#~ "encontradas no seguinte ficheiro LDIF:"
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Permitir o protocolo LDAPv2?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "O protocolo obsoleto LDAPv2 está desactivado por pré-definição no slapd. "
++#~ "Os programas e utilizadores devem actualizar para LDAPv3. Se tiver "
++#~ "programas antigos que não conseguem usar LDAPv3, deverá seleccionar esta "
++#~ "opção e será adicionado 'allow bind_v2' ao seu ficheiro slapd.conf."
++
++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand"
++#~ msgstr "o slurpd está obsoleto; as réplicas terão de ser configuradas á mão"
++
++#~ msgid ""
++#~ "One or more slurpd \"replica\" options were found in your slapd config "
++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, "
++#~ "you will need to migrate your replicas to use the syncrepl protocol "
++#~ "instead."
++#~ msgstr ""
++#~ "Foi encontrada, durante a actualização, uma ou mais opções \"replica\" do "
++#~ "slurpd na sua configuração do slapd. Devido ao slurpd estar obsoleto a "
++#~ "partir do OpenLDAP 2.4, terá de migrar as suas réplicas para usar o "
++#~ "protocolo syncrepl, em seu lugar."
++
++#~ msgid ""
++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be "
++#~ "done automatically and you will need to configure your replica servers by "
++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for "
++#~ "details."
++#~ msgstr ""
++#~ "A conversão do slurpd para o protocolo syncrepl (pull-based) não poderá "
++#~ "ser feita automaticamente e terá de configurar manualmente os seus "
++#~ "servidores replicados. Por favor, para mais detalhes veja http://www."
++#~ "openldap.org/doc/admin24/syncrepl.html ."
++
++#~ msgid "TLSCipherSuite values have changed"
++#~ msgstr "Os valores para TLSCipherSuite foram alterados"
++
++#~ msgid ""
++#~ "A \"TLSCipherSuite\" option was found in your slapd config when "
++#~ "upgrading. The values allowed for this option are determined by the SSL "
++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a "
++#~ "result, your existing TLSCipherSuite setting will not work with this "
++#~ "package."
++#~ msgstr ""
++#~ "Durante a actualização a opção \"TLSCipherSuite\" foi encontrada na "
++#~ "configuração do seu slapd. Os valores permitidos para esta opção são "
++#~ "determinados pela implementação SSL usada, a qual foi alterada de OpenSSL "
++#~ "para GnuTLS. Como resultado, a sua actual opção TLSCipherSuite não irá "
++#~ "funcionar com este pacote."
++
++#~ msgid ""
++#~ "This setting has been automatically commented out for you. If you have "
++#~ "specific encryption needs that require this option to be re-enabled, see "
++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of "
++#~ "ciphers supported by GnuTLS."
++#~ msgstr ""
++#~ "Esta opção foi comentada automaticamente para si. Se tiver necessidades "
++#~ "específicas de encriptação que necessitem que esta opção seja reactivada, "
++#~ "veja o output de 'gnutls-cli -l' que existe no pacote gnutls-bin, para "
++#~ "obter a lista de cifras suportadas pelo GnuTLS."
++
++#~ msgid "Back up current database and create a new one?"
++#~ msgstr "Fazer cópia de segurança da base de dados actual e criar uma nova?"
++
++#~ msgid ""
++#~ "The directory suffix (domain) you specified doesn't match the one "
++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires "
++#~ "moving aside the current LDAP database and creating a new one. Please "
++#~ "confirm whether you want to back up and abandon the current database."
++#~ msgstr ""
++#~ "O sufixo de directório (domínio) que especificou não coincide com o "
++#~ "actual em /etc/ldap/slapd.conf. Alterar o sufixo do directório requer "
++#~ "mover para outro local a actual base de dados LDAP e criar uma nova. Por "
++#~ "favor, confirme se deseja fazer cópia de segurança e abandonar a base de "
++#~ "dados actual."
--- /dev/null
--- /dev/null
++# openldap Brazilian Portuguese translation
++# Copyright (C) 2007 THE openldap'S COPYRIGHT HOLDER
++# This file is distributed under the same license as the openldap package.
++# André Luís Lopes <andrelop@debian.org>, 2003-2006.
++# Felipe Augusto van de Wiel (faw) <faw@debian.org>, 2007.
++# Steve Langasek <vorlon@debian.org>, 2008.
++# Eder L. Marques (frolic) <frolic@debian-ce.org>, 2008.
++# Adriano Rafael Gomes <adrianorg@debian.org>, 2011-2017.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap 2.4.44+dfsg-4\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-10 10:28-0200\n"
++"Last-Translator: Adriano Rafael Gomes <adrianorg@debian.org>\n"
++"Language-Team: l10n Portuguese <debian-l10n-portuguese@lists.debian.org>\n"
++"Language: pt_BR\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Omitir a configuração do servidor OpenLDAP?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Se você habilitar esta opção, nenhuma configuração inicial ou base de dados "
++"será criada para você."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "sempre"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "quando necessário"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "nunca"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Descarregar as bases de dados para arquivos na atualização:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Antes de atualizar para uma nova versão do servidor OpenLDAP, os dados dos "
++"seus diretórios LDAP podem ser descarregados em arquivos texto plano no "
++"formato padrão \"LDAP Interchange Format\" (Formato de Intercâmbio LDAP)."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Selecionar \"sempre\" fará com que as bases de dados sejam descarregadas "
++"incondicionalmente antes de atualizar. Selecionar \"quando necessário\" só "
++"descarregará a base de dados se a nova versão for incompatível com o formato "
++"da antiga base de dados e tiver que ser importada novamente. Se você "
++"selecionar \"nunca\", nenhum descarregamento será feito."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Diretório para descarregar suas bases de dados:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Por favor, especifique o diretório onde as bases de dados LDAP serão "
++"exportadas. Nesse diretório, vários arquivos LDIF serão criados "
++"correspondendo às bases de procura localizadas no servidor. Tenha certeza de "
++"ter espaço livre suficiente na partição onde este diretório está localizado. "
++"A primeira ocorrência da string \"VERSION\" é substituída com a versão do "
++"servidor a partir da qual você está atualizando."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Mover a base de dados antiga?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Ainda há arquivos em /var/lib/ldap que provavelmente quebrarão o processo de "
++"configuração. Se você habilitar esta opção, os scripts do mantenedor moverão "
++"os arquivos da antiga base de dados para fora do caminho antes de criar uma "
++"nova base de dados."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Tentar novamente a configuração?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"A configuração que você informou é inválida. Tenha certeza de que o nome de "
++"domínio DNS tem uma sintaxe válida, o campo para a organização não foi "
++"deixado vazio e as senhas do admin conferem. Se você decidir não tentar "
++"novamente a configuração, o servidor LDAP não será configurado. Execute "
++"\"dpkg-reconfigure slapd\" se você quiser tentar novamente mais tarde."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "Nome do domínio DNS:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"O nome do domínio DNS é usado para construir a base DN de seu diretório "
++"LDAP. Por exemplo, \"foo.example.org\" criará o diretório com \"dc=foo, "
++"dc=example, dc=org\" como base DN."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Nome da organização:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Por favor, informe o nome da organização para usar na base DN de seu "
++"diretório LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Senha do administrador:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr ""
++"Por favor, informe a senha para a entrada administrativa em seu diretório "
++"LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Confirme a senha:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Por favor, informe novamente a senha para a entrada administrativa de seu "
++"diretório LDAP para verificar se você a digitou corretamente."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "As senhas não conferem"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr ""
++"As duas senhas que você informou não foram as mesmas. Por favor, tente "
++"novamente."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr ""
++"Você deseja que a base de dados seja removida quando o pacote slapd for "
++"expurgado (\"purged\")?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "Falha do slapcat durante a atualização"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Um erro ocorreu durante a atualização do diretório LDAP."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"O programa \"slapcat\" falhou ao extrair o diretório LDAP. Isso pode ter "
++"sido causado por um arquivo de configuração incorreto (por exemplo, se "
++"estiverem faltando as linhas \"moduleload\" para suportar o \"backend\" da "
++"base de dados)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Esta falha fará com que o \"slapadd\" também falhe posteriormente. Os "
++"arquivos da antiga base de dados serão movidos para /var/backups. Se você "
++"quer tentar esta atualização novamente, você deve mover os arquivos da "
++"antiga base de dados de volta para o local original, corrigir o que quer que "
++"tenha causado a falha do slapcat e executar:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Então mova os arquivos da base de dados de volta para uma área de backup e "
++"depois tente executar slapadd a partir de ${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Configuração de controle de acesso do slapd potencialmente insegura"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Uma ou mais das bases de dados configuradas tem uma regra de controle de "
++"acesso que permite que usuários modifiquem a maioria dos seus próprios "
++"atributos. Isso pode ser inseguro, dependendo de como a base de dados é "
++"usada."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"No caso das regras de acesso do slapd que comecem com \"to *\", é "
++"recomendado remover quaisquer instâncias de \"by self write\", de modo que "
++"os usuários possam modificar somente atributos especificamente permitidos."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Veja /usr/share/doc/slapd/README.Debian.gz para mais detalhes."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "cancelar a instalação"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "continuar independentemente"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Recomendada a atualização manual do esquema ppolicy"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"A nova versão da sobreposição \"Password Policy\" (ppolicy) exige que o "
++"esquema defina o tipo do atributo pwdMaxRecordedFailure, o qual não está "
++"presente no esquema atualmente em uso. É recomendado cancelar a atualização "
++"agora e atualizar o esquema ppolicy antes de atualizar o slapd. Se a "
++"replicação estiver em uso, a atualização do esquema deverá ser aplicada em "
++"cada servidor antes de continuar com a atualização."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++"Um arquivo LDIF foi gerado com as modificações necessárias para a "
++"atualização:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"então se o slapd estiver usando as regras padrão de controle de acesso, "
++"essas modificações podem ser aplicadas (depois de iniciar o slapd) usando o "
++"comando:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Se em vez disso você escolher continuar a instalação, o tipo do novo "
++"atributo será adicionado automaticamente, mas a modificação não sofrerá "
++"ações por sobreposições do slapd, e a replicação com outros servidores pode "
++"ser afetada."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "\"Backend\" de base de dados a ser usado:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "O HDB e o BDB usam formatos de armazenamento similares, mas o HDB "
++#~ "adiciona suporte para renomeação de subárvores. Ambos suportam as mesmas "
++#~ "opções de configuração."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "O \"backend\" MDB é recomendado. O MDB usa um novo formato de "
++#~ "armazenamento e requer menos configuração que o BDB e o HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "Em qualquer caso, você deve revisar a configuração resultante da base de "
++#~ "dados para que atenda as suas necessidades. Veja /usr/share/doc/slapd/"
++#~ "README.Debian.gz para mais detalhes."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Permitir o protocolo LDAPv2?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "O protocolo obsoleto LDAPv2 é desabilitado por padrão no slapd. Os "
++#~ "programas e usuários devem atualizar-se para o LDAPv3. Se você tem "
++#~ "programas antigos que não usam LDAPv3, você deve selecionar esta opção e "
++#~ "\"allow bind_v2\" será adicionado ao seu arquivo slapd.conf."
++
++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand"
++#~ msgstr ""
++#~ "O slurpd está obsoleto, réplicas devem ser configuradas manualmente."
++
++#~ msgid ""
++#~ "One or more slurpd \"replica\" options were found in your slapd config "
++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, "
++#~ "you will need to migrate your replicas to use the syncrepl protocol "
++#~ "instead."
++#~ msgstr ""
++#~ "Uma ou mais opções slurpd \"replica\" foram encontradas em seu arquivo de "
++#~ "configuração slapd quando estava atualizando. Por causa de o slurpd está "
++#~ "obsoleto a partir do OpenLDAP 2.4, em vez disso você precisará migrar "
++#~ "suas replicas para usar o protocolo syncrepl."
++
++#~ msgid ""
++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be "
++#~ "done automatically and you will need to configure your replica servers by "
++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for "
++#~ "details."
++#~ msgstr ""
++#~ "A conversão de slurpd para o protocolo syncrepl baseado no método de "
++#~ "puxar (\"pull\") atualizações, não pode ser feito automaticamente e você "
++#~ "precisará configurar seus servidores de réplica manualmente. Por favor, "
++#~ "veja http://www.openldap.org/doc/admin24/syncrepl.html para detalhes."
++
++#~ msgid "TLSCipherSuite values have changed"
++#~ msgstr "Os valores da TLSCipherSuite mudou"
++
++#~ msgid ""
++#~ "A \"TLSCipherSuite\" option was found in your slapd config when "
++#~ "upgrading. The values allowed for this option are determined by the SSL "
++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a "
++#~ "result, your existing TLSCipherSuite setting will not work with this "
++#~ "package."
++#~ msgstr ""
++#~ "Uma opção \"TLSCipherSuite\" foi encontrada em seu arquivo slapd durante "
++#~ "a atualização. Os valores permitidos para esta opção são determinados "
++#~ "pela implementação SSL utilizada, a qual foi alterada de OpenSSL para "
++#~ "GnuTLS. Como resultado, sua configuração TLSCipherSuite existente não irá "
++#~ "funcionar com este pacote."
++
++#~ msgid ""
++#~ "This setting has been automatically commented out for you. If you have "
++#~ "specific encryption needs that require this option to be re-enabled, see "
++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of "
++#~ "ciphers supported by GnuTLS."
++#~ msgstr ""
++#~ "Esta configuração foi automaticamente comentada para você. Se você tem "
++#~ "necessidades específicas de criptografia que requerem que esta opção seja "
++#~ "reabilitada, veja a saída do comando 'gnutls-cli -l' no pacote gnutls-bin "
++#~ "para uma lista das cifras suportadas pelo GnuTLS."
++
++#~ msgid "Back up current database and create a new one?"
++#~ msgstr "Fazer backup da base de dados atual e criar uma nova?"
++
++#~ msgid ""
++#~ "The directory suffix (domain) you specified doesn't match the one "
++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires "
++#~ "moving aside the current LDAP database and creating a new one. Please "
++#~ "confirm whether you want to back up and abandon the current database."
++#~ msgstr ""
++#~ "O sufixo de diretório (domínio) que você especificou não confere com o "
++#~ "atual em /etc/ldap/slapd.conf. Mudar o sufixo do diretório requer mover a "
++#~ "atual base de dados LDAP e criar uma nova. Por favor, confirme se você "
++#~ "quer fazer um backup da base de dados atual e abandoná-la."
--- /dev/null
--- /dev/null
++# translation of openldap_2.4.21-1_ru.po to Russian
++#
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans#
++# Developers do not need to manually edit POT or PO files.
++#
++# Yuri Kozlov <kozlov.y@gmail.com>, 2007, 2008.
++# Yuri Kozlov <yuray@komyakino.ru>, 2010, 2014, 2017.
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap 2.4.44+dfsg-4\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-10 19:00+0300\n"
++"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n"
++"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
++"Language: ru\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: Lokalize 2.0\n"
++"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
++"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Не выполнять настройку сервера OpenLDAP?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Если вы ответите утвердительно, начальная конфигурация или база данных "
++"создаваться не будет."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "всегда"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "только при необходимости"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "никогда"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "При обновлении сохранять данные из базы данных в файл:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Перед обновлением до новой версии сервера OpenLDAP данные из ваших каталогов "
++"LDAP могут быть сохранены в текстовые файлы в стандартизованном формате "
++"обмена данных LDAP."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Если выбрать \"всегда\", то перед обновлением данные из баз будут "
++"обязательно сохранены. Если выбрать \"только при необходимости\", то база "
++"данных будет сохранена, только если новая версия не совместима со старым "
++"форматом базы данных и должна быть импортирована повторно. Если выбрать "
++"\"никогда\", то сохранение базы будет пропущено."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Каталог сохранения данных из баз:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Укажите каталог, куда будут экспортированы базы данных LDAP. В этом каталоге "
++"будет создано несколько файлов LDIF, которые соответствуют поисковым базам, "
++"расположенным на сервере. Убедитесь, что у вас достаточно места на разделе, "
++"где расположен каталог. Первое появление строки со словом \"VERSION\" "
++"заменяется на версию сервера, с которой производится обновление."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Переместить старую базу данных?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"В каталоге /var/lib/ldap находятся файлы, которые, вероятно, негативно "
++"повлияют на процесс настройки. Если вы ответите утвердительно, то "
++"сопровождающие сценарии, перед тем как создать новую базу, переместят старые "
++"файлы базы данных в другое место."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Повторить настройку?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"Введённая вами конфигурация неправильна. Убедитесь, что доменное имя DNS "
++"записано в правильном формате, что поле названия организации непустое и что "
++"пароль администратора верен. Если вы не станете повторять настройку, то "
++"сервер LDAP останется не настроенным. Если позднее вы захотите выполнить "
++"настройку, запустите команду «dpkg-reconfigure slapd»."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "Доменное имя DNS:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"Доменное имя DNS используется для построения базового DN каталога LDAP. "
++"Например, если ввести «foo.bar.org», то это даст базовый DN «dc=foo, dc=bar, "
++"dc=org»."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Название организации:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Введите название организации для использования в базовом DN каталога LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Пароль администратора:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr "Введите пароль для записи admin в каталоге LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Повторите ввод пароля:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Введите тот же пароль для admin в каталоге LDAP ещё раз, чтобы убедиться в "
++"правильности ввода."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Пароли не совпадают"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "Введённые вами пароли не совпадают. Попробуйте ещё раз."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Удалять базу данных при вычистке slapd?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "Ошибка slapcat при обновлении"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Возникла ошибка при попытке обновления каталога LDAP."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"Ошибка возникла при выполнении программы «slapcat», которая пыталась "
++"распаковать каталог LDAP. Это могло произойти из-за некорректного файла "
++"конфигурации (например, в случае отсутствия строк «moduleload» для вашего "
++"типа сервера базы данных)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"В дальнейшем, это также вызовет отказ в работе «slapadd». Старые файлы базы "
++"данных были перенесены в каталог /var/backups. Если вы хотите попытаться "
++"выполнить обновление ещё раз, переместите старые файлы базы данных обратно, "
++"исправьте ошибку, вызывающую отказ работы «slapcat» и выполните:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Переместите файлы базы данных обратно в место хранения резервной копии и "
++"затем попытайтесь запустить slapadd из ${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Потенциально небезопасная настройка управления доступом slapd"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"В одной или более базах данных настроено правило контроля доступа, которое "
++"позволяет пользователям изменять не только собственные атрибуты. Это может "
++"быть небезопасно, в зависимости от использования базы данных."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"В случае, когда правила доступа slapd начинаются с «to *», рекомендуется "
++"удалять все экземпляры «by self write» для того, чтобы пользователи могли "
++"изменять только явно разрешённые атрибуты."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Смотрите подробности в файле /usr/share/doc/slapd/README.Debian.gz."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "прервать установку"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "продолжить"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Рекомендуется обновление схемы ppolicy вручную"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"Для новой версии оверлея Password Policy (ppolicy) требуется определение "
++"типа атрибутов pwdMaxRecordedFailure, который отсутствует в используемой в "
++"данной момент схеме. Рекомендуется прервать установку прямо сейчас и "
++"обновить схему ppolicy перед обновлением slapd. Если используется "
++"репликация, то обновление схемы должно быть выполнено на каждом сервере "
++"перед продолжением обновления."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr "Был создан файл LDIF с изменениями, требующимися для обновления:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"и если в slapd используются правила управления доступом по умолчанию, то эти "
++"изменения можно применить (после запуска slapd) командой:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Если вы выберете продолжение установки, то новый тип атрибута будет добавлен "
++"автоматически, но изменение не будет применено в оверлеях slapd, и это может "
++"повлиять на другие серверы при репликации."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Используемые серверы баз данных:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB и BDB используют схожие форматы хранения, но в HDB добавлена "
++#~ "поддержка переименования поддеревьев. Оба типа сервера поддерживают "
++#~ "одинаковые параметры настройки."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "Рекомендуется использовать сервер MDB. MDB использует новый формат "
++#~ "хранения и требует меньше настроек чем BDB или HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "В любом случае, убедитесь в соответствии получившихся настроек базы "
++#~ "данных вашим требованиям. Подробней о настройке смотрите в файле /usr/"
++#~ "share/doc/slapd/README.Debian.gz."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Включить протокол LDAPv2?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "По умолчанию в slapd старый протокол LDAPv2 выключен. Клиентские "
++#~ "программы нужно обновить до версий с поддержкой LDAPv3. Если у вас есть "
++#~ "старые программы, которые не могут использовать LDAPv3, то вы должны "
++#~ "ответить утвердительно, и в файл slapd.conf будет добавлена запись «allow "
++#~ "bind_v2»."
++
++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand"
++#~ msgstr "slurpd устарел; реплики должны быть перенастроены вручную"
++
++#~ msgid ""
++#~ "One or more slurpd \"replica\" options were found in your slapd config "
++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, "
++#~ "you will need to migrate your replicas to use the syncrepl protocol "
++#~ "instead."
++#~ msgstr ""
++#~ "При обновлении в вашем конфигурационном файле для slapd найден один или "
++#~ "несколько параметров \"replica\" для slurpd. Так как slurpd устарел "
++#~ "начиная с OpenLDAP версии 2.4, для реплик вам нужно перейти на протокол "
++#~ "syncrepl."
++
++#~ msgid ""
++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be "
++#~ "done automatically and you will need to configure your replica servers by "
++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for "
++#~ "details."
++#~ msgstr ""
++#~ "Автоматическое преобразование настроек slurpd в настройки основанного на "
++#~ "вытягивании протокола syncrepl невозможно, и поэтому вы должны настроить "
++#~ "свои серверы реплик вручную. Подробней об этом смотрите на странице "
++#~ "http://www.openldap.org/doc/admin24/syncrepl.html."
++
++#~ msgid "TLSCipherSuite values have changed"
++#~ msgstr "Изменились значения для TLSCipherSuite"
++
++#~ msgid ""
++#~ "A \"TLSCipherSuite\" option was found in your slapd config when "
++#~ "upgrading. The values allowed for this option are determined by the SSL "
++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a "
++#~ "result, your existing TLSCipherSuite setting will not work with this "
++#~ "package."
++#~ msgstr ""
++#~ "При обновлении в настройке slapd был найден параметр \"TLSCipherSuite\". "
++#~ "Допустимые значения этого параметра, определяемые авторами SSL, были "
++#~ "изменены при переходе с OpenSSL на GnuTLS. В результате, имеющаяся "
++#~ "настройка TLSCipherSuite не заработает с этим пакетом."
++
++#~ msgid ""
++#~ "This setting has been automatically commented out for you. If you have "
++#~ "specific encryption needs that require this option to be re-enabled, see "
++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of "
++#~ "ciphers supported by GnuTLS."
++#~ msgstr ""
++#~ "Данная настройка будет автоматически закомментирована. Если для какого-то "
++#~ "специфичного шифрования вам требуется её использовать, то список "
++#~ "поддерживаемых GnuTLS алгоритмов можно посмотреть, запустив команду "
++#~ "'gnutls-cli -l' из пакета gnutls-bin."
++
++#~ msgid "Back up current database and create a new one?"
++#~ msgstr "Сделать резервную копию имеющейся базы данных и создать новую?"
++
++#~ msgid ""
++#~ "The directory suffix (domain) you specified doesn't match the one "
++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires "
++#~ "moving aside the current LDAP database and creating a new one. Please "
++#~ "confirm whether you want to back up and abandon the current database."
++#~ msgstr ""
++#~ "Вы указали суффикс каталога (домен), который не совпадает с имеющимся в /"
++#~ "etc/ldap/slapd.conf. Изменение суффикса каталога требует перемещения "
++#~ "имеющейся базы данных LDAP и создание новой. Подтвердите, что хотите "
++#~ "сделать резервную копию базы данных и отказаться от имеющейся."
--- /dev/null
--- /dev/null
++# Slovak translations for openldap package
++# Slovenské preklady pre balík openldap.
++# Copyright (C) 2011 THE openldap'S COPYRIGHT HOLDER
++# This file is distributed under the same license as the PACKAGE package.
++#
++# Slavko <linux@slavino.sk>, 2011.
++# Ivan Masár <helix84@centrum.sk>, 2017.
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap 2.4.23-7\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-10 10:01+0200\n"
++"Last-Translator: Ivan Masár <helix84@centrum.sk>\n"
++"Language-Team: x\n"
++"Language: sk\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n"
++"X-Generator: Virtaal 0.7.1\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Vynechať nastavenia servera OpenLDAP?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Ak zvolíte túto možnosť, nebude vytvorené počiatočné nastavenie ani databáza."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "vždy"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "keď je treba"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "nikdy"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Pri aktualizácii uložiť databázy do súboru:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Pred aktualizáciou na novšiu verziu servera OpenLDAP môžu byť vaše dáta z "
++"adresárov LDAP uložené do textových súborov vo formáte LDAP Data Interchange "
++"Format, čo je štandardizovaný formát na popis týchto dát."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Výberom „vždy“ zaistíte, že budú databázy uložené do súborov pred každou "
++"aktualizáciou. Voľba „keď je treba“ znamená, že budú databázy uložené len v "
++"prípade, že je nová verzia nekompatibilná s formátom starej databázy, a teda "
++"bude potrebné opätovné nahratie dát. Ak zvolíte „nikdy“, dáta sa nebudú "
++"ukladať."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Adresár pre exportované databázy:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Prosím, zadajte adresár, kam majú byť uložené databázy LDAP. V tomto "
++"adresári bude vytvorených niekoľko súborov LDIF, jeden pre každý koreň "
++"adresárov LDAP daného servera. Presvedčte sa, že je na zvolenej oblasti "
++"dostatok miesta. Prvý výskyt reťazca „VERSION” bude nahradený verziou "
++"servera LDAP, z ktorej aktualizujete."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Presunúť starú databázu?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Vo /var/lib/ldap stále existujú súbory, ktoré pravdepodobne narušia proces "
++"nastavenia. Ak zvolíte túto možnosť, inštalačné skripty pred vytvorením "
++"novej databázy najprv presunú staré databázové súbory inam."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Opakovať nastavenie?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"Zadali ste neplatné nastavenie. Skontrolujte, či je zadané doménové meno "
++"(DNS) v platnom tvare, že je vyplnené pole organizácie a heslá "
++"administrátora súhlasia. Ak sa rozhodnete neopakovať nastavenie, ostane "
++"server LDAP nenastavený. Ak budete chcieť opakovať nastavenie neskôr, "
++"spustite „dpkg-reconfigure slapd”."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "Meno domény (DNS):"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"Meno domény (DNS) sa použije na vytvorenie základného DN adresára LDAP. "
++"Napríklad „foo.example.org“ vytvorí adresár so základným DN „dc=foo, "
++"dc=example, dc=org“."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Názov organizácie:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Prosím, zadajte názov organizácie, ktorý sa použije v základnom DN vášho "
++"adresára LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Heslo správcu:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr "Prosím zadajte heslo správcu vášho adresára LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Overenie hesla:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Prosím, zadajte znova heslo správcu vášho adresára LDAP na overenie, že ste "
++"ho napísali správne."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Heslá sa nezhodujú"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "Zadané heslá nie sú rovnaké. Prosím, skúste to znova."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Chcete aby pri odstránení balíka slapd bola odstránená aj databáza?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "Zlyhanie slapcat počas aktualizácie"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Pri aktualizácii adresára LDAP nastala chyba."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"Program „slapcat“ zlyhal pri práci s adresárom LDAP. Táto chyba môže byť "
++"spôsobená chybným konfiguračným súborom (napríklad chýbajúce riadky "
++"„moduleload“ s podporou backend databázy)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Táto chyba bude mať za následok, že „slapadd“ neskôr tiež zlyhá. Súbory "
++"starej databázy budú presunuté do /var/backups. Ak budete chcieť skúsiť túto "
++"aktualizáciu neskôr znova, mali by ste najprv presunúť súbory starej "
++"databázy naspäť, opraviť príčinu zlyhania slapcat a spustiť:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Potom presuňte súbory databázy späť medzi zálohy a až potom skúste spustiť "
++"slapadd z ${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Potenciálne nebezpečná konfigurácia riadenia prístupu slapd"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Jedna alebo viac z nastavených databáz obsahuje pravidlo riadenia prístupu, "
++"ktoré umožňuje používateľom meniť väčšinu svojich vlastných atribútov. To "
++"môže byť nebezpečné podľa toho ako sa databáza používa."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"V prípade pravidiel riadenia prístupu slapd, ktoré začínajú na „to *“ sa "
++"odporúča odstrániť všetky prípady „by self write“, aby používatelia mohli "
++"meniť iba konkrétne povolené atribúty."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr ""
++"Ďalšie informácie nájdete v súbore /usr/share/doc/slapd/README.Debian.gz."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "prerušiť inštaláciu"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "napriek tomu pokračovať"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Odporúča sa manuálna aktualizácia schémy ppolicy"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"Nová verzia prekrytia politiky hesla (ppolicy; Password Policy) vyžaduje, "
++"aby schéma definovala typ atribútu pwdMaxRecordedFailure, ktorý v momentálne "
++"používanej schéme nie je prítomný. Odporuča sa teraz prerušiť inštaláciu a "
++"aktualizovať schému ppolicy pred aktualizáciou slapd. Ak používate "
++"replikáciu, aktualizáciu schémy by ste mali použiť na každom serveri "
++"predtým, než budete pokračovať v aktualizácii."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr "Bol vytvorený súbor LDIF so zmenami potrebnými na aktualizáciu:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"takže ak slapd používa predvolené pravidlá riadenia prístupu, tieto zmeny je "
++"možné použiť (po spustení slapd) príkazom:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Ak sa namiesto toho rozhodnete pokračovať v inštalácii, nový typ atribúty sa "
++"pridá automaticky, ale zmena sa neprejaví v prekrytiach slapd a môže to "
++"ovplyvniť replikáciu s ostatnými servermi."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Použiť backend databázy:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB a BDB používajú podobné formáty úložiska, ale HDB pridáva podporu "
++#~ "premenovania podstromov. Oba podporujú rovnaké konfiguračné voľby."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "Odporúča sa použiť backend MDB. MDB používa nový formát úložiska a "
++#~ "vyžaduje menej konfigurácie ako BDB či HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "V každom prípade by ste mali skontrolovať, či výsledné nastavenie "
++#~ "databázy zodpovedá vašim potrebám. Ďalšie informácie nájdete v súbore /"
++#~ "usr/share/doc/slapd/README.Debian.gz."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Povoliť protokol LDAPv2?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "Zastaraný protokol LDAPv2 je v slapd predvolene zakázaný. Programy a "
++#~ "používatelia by mali prejsť na LDAPv3. Ak máte staré programy, ktoré "
++#~ "nedokážu používať LDAPv3, mali by ste povoliť túto možnosť a do "
++#~ "konfiguračného súboru slapd.conf bude pridaný riadok „allow bind_v2”."
--- /dev/null
--- /dev/null
++# Translation of openldap debconf template to Swedish
++# Copyright (C) 2010, 2017 Martin Bagge <brother@bsnet.se>
++# This file is distributed under the same license as the openldap package.
++#
++# Martin Ågren <martin.agren@gmail.com>, 2008.
++# Martin Bagge <brother@bsnet.se>, 2010, 2017
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap_2.4.10-2_sv\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-12 14:59+0100\n"
++"Last-Translator: Martin Bagge / brother <brother@bsnet.se>\n"
++"Language-Team: Swedish <debian-l10n-swedish@lists.debian.org>\n"
++"Language: sv\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: Poedit 1.8.11\n"
++"Plural-Forms: nplurals=2; plural=(n != 1);\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Utelämna konfiguration av OpenLDAP-servern?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Om du aktiverar det här alternativet kommer ingen initial konfiguration "
++"eller databas att skapas åt dig."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "alltid "
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "vid behov"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "aldrig"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Dumpa databaser till fil vid uppgradering:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Innan du uppgraderar till en ny version av OpenLDAP-servern, kan datat från "
++"dina LDAP-kataloger dumpas till klartextfiler i standardformatet LDAP Data "
++"Interchange Format."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Väljer du \"alltid\" kommer databaserna alltid att dumpas före en "
++"uppgradering. Väljer du \"vid behov\" kommer databasen bara dumpas om den "
++"nya versionen är inkompatibel med det gamla databasformatet och måste "
++"återimporteras. Om du väljer \"aldrig\", kommer ingen dump göras."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Katalog att dumpa databaser i:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Ange den katalog dit LDAP-databaser ska exporteras. I denna katalog kommer "
++"flera LDIF-filer att skapas som svarar mot sökbaserna på servern. Se till "
++"att du har tillräckligt med ledigt utrymme på den partition där katalogen "
++"finns. Den första förekomsten av strängen \"VERSION\" ersätts med den "
++"serverversion du uppgraderar från."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Flytta gammal databas?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Det finns fortfarande filer i /var/lib/ldap/ som troligen kommer göra att "
++"konfigurationsprocessen inte fungerar. Om du aktiverar detta val, kommer "
++"administrationsskripten att flytta den gamla databasfilen ur vägen innan en "
++"ny databas skapas."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Försöka konfigurera igen?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"Konfigurationen du angav är ogiltig. Säkerställ att DNS-domännamnet är "
++"syntaktiskt giltigt, att organisationsfältet inte lämnats tomt och att "
++"administratörslösenorden överensstämmer. Om du väljer att inte försöka "
++"konfigurera igen kommer LDAP-servern inte att ha korrekta inställningar. Kör "
++"\"dpkg-reconfigure slapd\" om du vill försöka igen senare."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "DNS-domännamn:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"DNS-domännamnet används för att konstruera bas-DN:et för LDAP-katalogen. "
++"Till exempel kommer \"foo.example.org\" att skapa en katalog med \"dc=foo, "
++"dc=example, dc=org\" som bas-DN."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Organisationsnamn:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Ange namnet på organisationen som ska användas i bas-DN:et för din LDAP-"
++"katalog."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Administratörslösenord:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr "Ange lösenordet för admin-posten i LDAP-katalogen."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Bekräfta lösenordet:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Ange administratörslösenordet för din LDAP-katalog igen för att verifiera "
++"att du har skrivit in det korrekt."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Lösenorden matchar inte"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "De två lösenord du har angett var inte lika. Försök igen."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Vill du att databasen ska tas bort när slapd rensas bort?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "slapcat-fel vid uppgradering"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Ett fel inträffade när LDAP-katalogen uppgraderades."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"Programmet \"slapcat\" misslyckades när det extraherade LDAP-katalogen. "
++"Detta kan bero på en felaktig konfigurationsfil (till exempel, saknade "
++"\"moduleload\"-rader för att stödja bakändsdatabasen)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Detta fel kommer göra att \"slapadd\" misslyckas även senare. Den gamla "
++"databasen kommer flyttas till /var/backups. Om du vill försöka utföra den "
++"här uppgraderingen igen, behöver du flytta tillbaka de gamla databasfilerna, "
++"korrigera det som har fått slapcat att misslyckas och köra:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Flytta sedan tillbaka databasfilerna till ett utrymme för säkerhetskopior "
++"och kör slapadd från ${location}."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Potentiellt osäker rättighetsinställning för slapd"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"En eller flera av de inställda databaserna har rättighetsinställningar som "
++"innebär att användare tillåts att ändra de flesta av sina attribut. Detta "
++"kan vara osäkert, beroende på hur databasen används."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"I fallen där rättighetsinställningarna börjar med \"to *\" är det "
++"rekommenderat att ta bort \"by self write\" i förekommande fall. Det får "
++"till följd att användare bara får justera specifikt tillåtna attribut."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Läs /usr/share/doc/slapd/README.Debian.gz för detaljerad information."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "avbryt installation"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "fortsätt oavsett"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Manuell uppdatering av ppolicy-schema rekommenderas"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"Den nya versionen av överbryggningen av lösenordspolicyn (ppolicy, password "
++"policy) kräver att schemat definierar attributtypen pwdMaxRecordedFailure "
++"vilket inte är med i nuvarande schema. Det är rekommenderat att avbryta "
++"uppgraderingen nu och uppdatera ppolicy-schemat före uppgraderingen av "
++"slapd. Om replikering används måste schemauppdateringen appliceras på alla "
++"servrar innan uppgraderingen genomförs."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr "En LDIF-fil har skapats med ändringarna som krävs för uppgraderingen:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"om slapd använder standardregler för åtkomsthantering kan dessa ändringar "
++"appliceras (efter att slapd startats) genom följande kommando:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Om du istället fortsätter med installationen kommer den nya attributtypen "
++"att läggas till automatiskt men ändringen kommer inte leda till att "
++"överbryggad slapd agerar på detta. Replikering till andra servrar kan "
++"påverkas."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Databasbakända att använda:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB och BDB använder liknande lagringsformat, men HDB lägger till stöd "
++#~ "för namnbyten på underträd. Båda stödjer samma konfigurationsalternativ."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "MDB-bakändan är rekommenderad. MDB använder ett nytt lagringsformat och "
++#~ "behöver mindre inställningar än BDB eller HDB."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "I vilket fall, behöver du se över den resulterande databaskonfigurationen "
++#~ "för dina behov. Se /usr/share/doc/slapd/README.Debian.gz för fler "
++#~ "detaljer."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Tillåt LDAPv2-protokollet?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "Det inte längre aktuella LDAPv2-protokollet är som standard avaktiverat i "
++#~ "slapd. Program och använder ska uppgradera till LDAPv3. Om du har gamla "
++#~ "program som inte kan använda LDAPv3, behöver du välja detta vilket gör "
++#~ "att \"allow bin_v2\" läggs till i din slapd.conf-fil."
++
++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand"
++#~ msgstr "slurpd är inte aktuell; repliker måste konfigureras för hand"
++
++#~ msgid ""
++#~ "One or more slurpd \"replica\" options were found in your slapd config "
++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, "
++#~ "you will need to migrate your replicas to use the syncrepl protocol "
++#~ "instead."
++#~ msgstr ""
++#~ "En eller flera av slurpds \"replica\"-val har hittats i din slapd-"
++#~ "konfiguration vid uppgraderingen. Eftersom slurpd inte är aktuell längre "
++#~ "från och med OpenLDAP 2.4, kommer du behöva migrera dina repliker till "
++#~ "att använda syncrepl-protokollet istället."
++
++#~ msgid ""
++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be "
++#~ "done automatically and you will need to configure your replica servers by "
++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for "
++#~ "details."
++#~ msgstr ""
++#~ "Konverteringen från slurpd till det frågebaserade syncrepl-protokollet "
++#~ "kan inte göras automatiskt och du kommer behöva konfigurera dina replica-"
++#~ "servrar för hand. Se http://www.openldap.org/doc/admin24/syncrepl.html "
++#~ "för detaljer."
++
++#~ msgid "TLSCipherSuite values have changed"
++#~ msgstr "Värden på TLSCipherSuite har ändrats"
++
++#~ msgid ""
++#~ "A \"TLSCipherSuite\" option was found in your slapd config when "
++#~ "upgrading. The values allowed for this option are determined by the SSL "
++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a "
++#~ "result, your existing TLSCipherSuite setting will not work with this "
++#~ "package."
++#~ msgstr ""
++#~ "Ett \"TLSCipherSuite\"-val hittades i din slapd-konfiguration vid "
++#~ "uppgraderingen. De värden som tillåts för detta val avgörs av den SSL-"
++#~ "implementation som används och detta har ändrats från OpenSSL till "
++#~ "GnuTLS. Som en följd av detta kommer inte din befintliga TLSCipherSuite-"
++#~ "inställning att fungera med det här paketet."
++
++#~ msgid ""
++#~ "This setting has been automatically commented out for you. If you have "
++#~ "specific encryption needs that require this option to be re-enabled, see "
++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of "
++#~ "ciphers supported by GnuTLS."
++#~ msgstr ""
++#~ "Den inställning har automatiskt kommenterats ut åt dig. Om du har "
++#~ "särskilda krypteringsbehov som kräver att detta val återaktiveras, se "
++#~ "utdatat från \"gnutls-cli -l\" i gnutls-bin-paketet för en lista över "
++#~ "krypton som stöds av GnuTLS."
++
++#~ msgid "Back up current database and create a new one?"
++#~ msgstr "Säkerhetskopiera aktuell databas och skapa en ny?"
++
++#~ msgid ""
++#~ "The directory suffix (domain) you specified doesn't match the one "
++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires "
++#~ "moving aside the current LDAP database and creating a new one. Please "
++#~ "confirm whether you want to back up and abandon the current database."
++#~ msgstr ""
++#~ "Katalogsuffixet (domänen) du angett matchar inte den som för tillfället "
++#~ "anges i /etc/ldap/slapd.conf. Om du ändrar katalogsuffixet krävs att du "
++#~ "flyttar den nuvarande LDAP-databasen å sidan och skapar en ny. Bekräfta "
++#~ "att du vill säkerhetskopiera och överge den nuvarande databasen."
++
++#~ msgid "Change backend type from LDBM to BDB?"
++#~ msgstr "Ändra bakändstyp från LDBM till BDB?"
++
++#~ msgid ""
++#~ "The LDBM backend type has serious stability problems and has been "
++#~ "deprecated by OpenLDAP as of 2.2. It is no longer supported by the "
++#~ "OpenLDAP packages."
++#~ msgstr ""
++#~ "LDBM-bakändstypen har allvarliga stabilitetsproblem och har blivit "
++#~ "utdaterad av OpenLDAP från och med 2.2. Den stöds inte längre av OpenLDAP-"
++#~ "paketen."
++
++#~ msgid ""
++#~ "When the BDB backend is used, it must be configured properly. For more "
++#~ "information, see /usr/share/doc/slapd/README.DB_CONFIG.gz."
++#~ msgstr ""
++#~ "När BDB-bakändan används, måste den konfigureras ordentligt. För mer "
++#~ "information, se /usr/share/doc/slapd/README.DB_CONFIG.gz."
++
++#~ msgid ""
++#~ "If you enable this option, an attempt will be made to update the "
++#~ "configuration to use BDB instead of LDBM and convert the databases. If "
++#~ "you do not enable this option, the upgrade will be aborted."
++#~ msgstr ""
++#~ "Om du aktiverar detta val, kommer ett försök göras att uppdatera "
++#~ "konfigurationen till att använda BDB istället för LDBM och konvertera "
++#~ "databaserna. Om du inte aktiverar detta val, kommer uppgraderingen att "
++#~ "avbrytas."
--- /dev/null
--- /dev/null
++# SOME DESCRIPTIVE TITLE.
++# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
++# This file is distributed under the same license as the openldap package.
++# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
++#
++#, fuzzy
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
++"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
++"Language-Team: LANGUAGE <LL@li.org>\n"
++"Language: \n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=CHARSET\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr ""
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr ""
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr ""
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr ""
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr ""
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr ""
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr ""
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr ""
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr ""
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr ""
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr ""
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr ""
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr ""
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr ""
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr ""
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr ""
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr ""
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr ""
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr ""
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr ""
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
--- /dev/null
--- /dev/null
++# Turkish debconf templates translation for openldap
++# This file is distributed under the same license as the openldap package.
++# Atila KOÇ <koc@artielektronik.com.tr>, 2012, 2014, 2017.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-01-13 18:42+0300\n"
++"Last-Translator: Atila KOÇ <koc@artielektronik.com.tr>\n"
++"Language-Team: Turkish <debian-l10n-turkish@lists.debian.org>\n"
++"Language: tr\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=utf-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: Poedit 1.8.7.1\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "OpenLDAP sunucu yapılandırması atlansın mı?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Bu seçeneği seçmeniz durumunda sizin için ne bir ön yapılandırma yapılacak "
++"ne de bir veritabanı yaratılacak. "
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "her zaman"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "gerektiğinde"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "hiçbir zaman"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Yükseltme sırasında veritabanlarının dökümü yapılsın mı?:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Makineniz yeni OpenLDAP sunucu sürümüne yükseltilmeden önce, LDAP "
++"dizinlerindeki verileriniz LDAP Veri Değişimi Biçimi'nde (LDIF) metin "
++"dosyalarına yedeklenebilir."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"\"her zaman\" seçimi veritabanlarının yükseltme öncesinde kayıtsız şartsız "
++"bir dökümünü sağlayacaktır. \"gerektiğinde\" seçimi yeni ile eski sürüm "
++"arasında veritabanı biçim farklılığı varsa ve bu nedenle yeni veritabanına "
++"eski verilerin sonradan alınması gerekirse döküm yapacaktır. \"hiçbir zaman"
++"\" seçeneğini seçerseniz döküm yapılmayacaktır."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Veritabanı dökümü için kullanılacak dizin:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"LDAP veritabanlarının dışa aktarımı için bir dizin belirtiniz. Bu dizine "
++"sunucuda varolan arama tabanlarına karşılık gelen bir çok LDIF dosyası "
++"kaydedilecektir. İlgili dizinin bulunduğu disk bölümünde yeterince boş alan "
++"olduğundan emin olunuz. \"VERSION\" dizgesi ilk görüldüğü yerde yükseltme "
++"işleminden önceki sunucu sürümünüzle değiştirilecektir."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Eski veritabanı taşınsın mı?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"/var/lib/ldap dizininde yapılandırma sürecini bozabilecek bazı dosyalar "
++"bulunmaktadır. Bu seçeneği seçerseniz, bakımcı betikleri yeni bir veritabanı "
++"yaratmadan önce bu eski veritabanı dosyalarını başka bir yere taşıyacaktır."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Yapılandırma yeniden denensin mi?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"Girdiğiniz yapılandırma ayarları geçersiz. DNS alan adının sözdizimsel "
++"olarak geçerli olduğundan, örgüt adı için ayrılmış alanın boş olmadığından "
++"ve yönetici parolalarının uyumlu olduğundan emin olunuz. Yapılandırmayı "
++"yeniden denemeyi seçmezseniz LDAP sunucu kurulmayacaktır. Kurulumu sonra "
++"denemek isterseniz, 'dpkg-reconfigure slapd' komutunu çalıştırın."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "DNS alan adı:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"DNS alan adı LDAP dizinin temel DN yapılandırması için kullanılmıştır. "
++"Örneğin, 'gecici.example.org' alan adı 'dc=gecici, dc=example, dc=org' temel "
++"DN'ye sahip dizini yaratacaktır."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Örgüt adı:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr "LDAP dizininizin temel DN'si olarak kullanılacak örgüt adını giriniz."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Yönetici parolası:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr "LDAP dizini yöneticisi için parola giriniz."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Parolayı doğrulayınız:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"LDAP dizini yönetici parolasını tekrar giriniz ve doğru yazdığınızdan emin "
++"olunuz."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Parola uyumsuzluğu"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "Girdiğiniz iki parola aynı değil, lütfen tekrar deneyiniz."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr ""
++"slapd paketi tamamen kaldırıldığında veritabanının da kaldırılmasını ister "
++"misiniz?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "Yükseltme sırasında 'slapcat' hatası"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "LDAP dizini yükseltilirken bir hata oluştu."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"'slapcat' programı LDAP dizinini dışa aktarırken başarısız oldu. Buna hatalı "
++"bir yapılandırma dosyası neden olmuş olabilir (örneğin, arka uç "
++"veritabanlarını desteklemek için gerekli 'moduleload' satırlarının eksik "
++"olması gibi)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Bu hata 'slapadd' programının da hata vermesine neden olacaktır. Eski "
++"veritabanı dosyaları /var/backups dizinine taşınacaktır. Eğer bu yükseltmeyi "
++"yeniden denemek isterseniz, eski veritabanı dosyalarını yerlerine geri "
++"almalı, 'slapcat' programının hatasına neden olan her ne ise düzeltmeli ve "
++"aşağıdaki komutu çalıştırmalısınız:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Daha sonra veritabanı dosyalarını bir yedekleme alanına geri taşıyın ve "
++"${location} konumundan 'slapadd' komutunu çalıştırınız."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Olası güvensiz slapd erişim denetimi yapılandırması"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Yapılandırılmış bir ya da daha fazla veritabanında, kullanıcıların "
++"kendilerine ait bir çok özelliği değiştirmesine izin veren bir erişim "
++"denetimi kuralı var. Bu durum, veritabanı kullanım şekline bağlı olarak, "
++"güvenli olmayabilir."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"\"to *\" ile başlayan slapd erişim kurallarında, kullanıcıların yalnızca "
++"değiştirilmesine izin verilmiş özellikleri değiştirebilmeleri için, tüm \"by "
++"self write\" alanlarının kaldırılması önerilir."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr ""
++"Daha fazla bilgi için /usr/share/doc/slapd/README.Debian.gz dosyasını "
++"okuyunuz."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "kurulumdan çık"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "yine de sürdür"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "ppolicy şemasının elle yükseltilmesi öneriliyor"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"Parola ilkesi katmanının (ppolicy) yeni sürümü, şu anda kullanılmakta olan "
++"şemanın içermediği pwdMaxRecordedFailure özniteliğinin şemada tanımlanmasını "
++"gerektiriyor. Şimdi kurulumdan çıkmanız ve slapd yükseltmesine başlamadan "
++"önce ppolicy şemasını güncellemeniz önerilir. Eğer dizinlerinizi kopyalayan "
++"başka sunucular varsa, yükseltmeye başlamadan önce bütün sunuculardaki "
++"şemaları güncellemeniz gerekiyor."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr ""
++"Yükseltme için gerekli değişiklikleri içeren bir LDIF dosyası oluşturuldu:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"Eğer slapd öntanımlı erişim denetimi kurallarını kullanıyorsa, bu "
++"değişiklikler slapd başlatıldıktan sonra aşağıdaki komutu çalıştırarak "
++"uygulanabilir:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Eğer kurulumu sürdürmeyi yeğlerseniz, yeni öznitelik kendiliğinden eklenecek "
++"fakat bu değişim slapd katmanlarında hayata geçmeyecek ve dizinleri "
++"kopyalayan sunucular varsa bu durumdan etkilenebileceklerdir."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Kullanılacak veritabanı arka ucu:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB ve BDB benzer depolama biçimleri kullanırlar, fakat HDB alt ağaç "
++#~ "yeniden adlandırmalarına olanak tanır. Her ikisi de aynı yapılandırma "
++#~ "seçeneklerini desteklerler."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "MDB arka ucu önerilir. MDB yeni bir depolama biçimi kullanır ve BDB ya da "
++#~ "HDB'ye göre daha az yapılandırma gerektirir."
++
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "Her durumda sonuçlanan veritabanı yapılandırmasının gereksinimlerinize "
++#~ "uyduğundan emin olmalısınız. Daha fazla bilgi için /usr/share/doc/slapd/"
++#~ "README.Debian.gz dosyasını okuyunuz."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "LDAPv2 iletişim kuralına izin verilsin mi?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "Eskimiş LDAPv2 iletişim kuralı slapd yapılandırmasında öntanımlı olarak "
++#~ "devre dışı bırakılmıştır. Programlar ve kullanıcılar LDAPv3 iletişim "
++#~ "kuralına geçmelidirler. LDAPv3 iletişim kuralına geçemeyecek eski "
++#~ "programlarınız varsa slapd.conf dosyasına 'allow bind_v2' satırını "
++#~ "ekleyecek olan bu seçeneği seçmelisiniz."
--- /dev/null
--- /dev/null
++# Vietnamese translation for OpenLDAP.
++# Copyright © 2010 Free Software Foundation, Inc.
++# Clytie Siddall <clytie@riverland.net.au>, 2005-2010.
++# Trần Ngọc Quân <vnwildman@gmail.com>, 2014, 2017.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: openldap 2.4.44+dfsg-4\n"
++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n"
++"POT-Creation-Date: 2019-10-03 23:01+0000\n"
++"PO-Revision-Date: 2017-02-09 13:57+0700\n"
++"Last-Translator: Trần Ngọc Quân <vnwildman@gmail.com>\n"
++"Language-Team: Vietnamese <debian-l10n-vietnamese@lists.debian.org>\n"
++"Language: vi\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"Plural-Forms: nplurals=1; plural=0;\n"
++"X-Generator: Gtranslator 2.91.7\n"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid "Omit OpenLDAP server configuration?"
++msgstr "Bỏ qua bước cấu hình trình phục vụ OpenLDAP?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:1001
++msgid ""
++"If you enable this option, no initial configuration or database will be "
++"created for you."
++msgstr ""
++"Bật tùy chọn này thì không tạo cho bạn cấu hình hay cơ sở dữ liệu đầu tiên."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "always"
++msgstr "luôn luôn"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "when needed"
++msgstr "khi cần thiết"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:2001
++msgid "never"
++msgstr "không bao giờ"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid "Dump databases to file on upgrade:"
++msgstr "Đổ các cơ sở dữ liệu vào tập tin khi nâng cấp:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Before upgrading to a new version of the OpenLDAP server, the data from your "
++"LDAP directories can be dumped into plain text files in the standard LDAP "
++"Data Interchange Format."
++msgstr ""
++"Trước khi nâng cấp lên phiên bản mới của trình phục vụ OpenLDAP, dữ liệu nằm "
++"trong các thư mục LDAP có thể được đổ vào tập tin nhập thô theo định dạng "
++"trao đổi dữ liệu LDAP tiêu chuẩn."
++
++#. Type: select
++#. Description
++#: ../slapd.templates:2002
++msgid ""
++"Selecting \"always\" will cause the databases to be dumped unconditionally "
++"before an upgrade. Selecting \"when needed\" will only dump the database if "
++"the new version is incompatible with the old database format and it needs to "
++"be reimported. If you select \"never\", no dump will be done."
++msgstr ""
++"Chọn mục “luôn luôn” thì gây ra các cơ sở dữ liệu bị đổ một cách không điều "
++"kiện trước khi nâng cấp. Chọn “khi cần thiết” thì chỉ đổ cơ sở dữ liệu nếu "
++"phiên bản mới không tương thích với định dạng cơ sở dữ liệu cũ và cần phải "
++"nhập lại nó. Còn chọn “không bao giờ” thì không đổ gì."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid "Directory to use for dumped databases:"
++msgstr "Thư mục dùng để đổ cơ sở dữ liệu:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:3001
++msgid ""
++"Please specify the directory where the LDAP databases will be exported. In "
++"this directory, several LDIF files will be created which correspond to the "
++"search bases located on the server. Make sure you have enough free space on "
++"the partition where the directory is located. The first occurrence of the "
++"string \"VERSION\" is replaced with the server version you are upgrading "
++"from."
++msgstr ""
++"Ghi rõ tên thư mục vào đó cần xuất các cơ sở dữ liệu LDAP. Trong thư mục này "
++"thì tạo vài tập tin LDIF tương ứng với những cơ bản tìm kiếm nằm trên máy "
++"phục vụ. Hãy kiểm tra xem vẫn có đủ sức chứa trống trong phân vùng đó. Lần "
++"đầu tiên gặp chuỗi “VERSION” (phiên bản) thì được thay thế bằng phiên bản từ "
++"đó bạn đang nâng cấp."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid "Move old database?"
++msgstr "Di chuyển cơ sở dữ liệu cũ?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:4001
++msgid ""
++"There are still files in /var/lib/ldap which will probably break the "
++"configuration process. If you enable this option, the maintainer scripts "
++"will move the old database files out of the way before creating a new "
++"database."
++msgstr ""
++"Vẫn còn có một số tập tin nằm trong thư mục “/var/lib/ldap” mà rất có thể "
++"làm hỏng tiến trình cấu hình. Bật tùy chọn này thì văn lệnh bảo trì chuyển "
++"các tập tin cơ sở dữ liệu ra trước khi tạo một cơ sở dữ liệu mới."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid "Retry configuration?"
++msgstr "Thử cấu hình lại?"
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:5001
++msgid ""
++"The configuration you entered is invalid. Make sure that the DNS domain name "
++"is syntactically valid, the field for the organization is not left empty and "
++"the admin passwords match. If you decide not to retry the configuration the "
++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to "
++"retry later."
++msgstr ""
++"Bạn đã nhập một cấu hình không hợp lệ. Hãy kiểm tra lại tên miền DNS có cú "
++"pháp đúng, không bỏ trống trường tổ chức, và có hai mật khẩu quản lý trùng "
++"nhau. Nếu bạn quyết định không nên thử lại làm bước cấu hình thì không cài "
++"đặt trình phục vụ LDAP. Muốn thử lại về sau thì chạy lệnh cấu hình lại “dpkg-"
++"reconfigure slapd”."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid "DNS domain name:"
++msgstr "Tên miền DNS:"
++
++# The DNS domain name is used to construct the base DN of your LDAP
++# directory. Entering foo.bar.org will give you the base DN dc=foo, dc=bar,
++# dc=org.
++#. Type: string
++#. Description
++#: ../slapd.templates:6001
++msgid ""
++"The DNS domain name is used to construct the base DN of the LDAP directory. "
++"For example, 'foo.example.org' will create the directory with 'dc=foo, "
++"dc=example, dc=org' as base DN."
++msgstr ""
++"Tên miền DNS được dùng để cấu trúc tên miền cơ bản của thư mục LDAP. Chẳng "
++"hạn, “foo.thí_dụ.org” sẽ tạo thư mục có “dc=foo, dc=thí_dụ, dc=org” là tên "
++"miền cơ bản."
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid "Organization name:"
++msgstr "Tên tổ chức:"
++
++#. Type: string
++#. Description
++#: ../slapd.templates:7001
++msgid ""
++"Please enter the name of the organization to use in the base DN of your LDAP "
++"directory."
++msgstr ""
++"Hãy nhập tên của tổ chức cần dùng trong tên miền cơ bản của thư mục LDAP."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Administrator password:"
++msgstr "Mật khẩu quản trị:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:8001
++msgid "Please enter the password for the admin entry in your LDAP directory."
++msgstr "Hãy nhập mật khẩu cho mục nhập quản trị trong thư mục LDAP của bạn."
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid "Confirm password:"
++msgstr "Xác nhận mật khẩu:"
++
++#. Type: password
++#. Description
++#: ../slapd.templates:9001
++msgid ""
++"Please enter the admin password for your LDAP directory again to verify that "
++"you have typed it correctly."
++msgstr ""
++"Hãy nhập lại mật khẩu quản trị cho thư mục LDAP để xác nhận lại bạn đã gõ "
++"đúng."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "Password mismatch"
++msgstr "Mật khẩu không khớp"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:10001
++msgid "The two passwords you entered were not the same. Please try again."
++msgstr "Bạn đã gõ hai mật khẩu khác nhau. Hãy thử lại."
++
++#. Type: boolean
++#. Description
++#: ../slapd.templates:11001
++msgid "Do you want the database to be removed when slapd is purged?"
++msgstr "Khi tẩy gói phần mềm slapd, bạn có muốn xóa bỏ cơ sở dữ liệu đi không?"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "slapcat failure during upgrade"
++msgstr "slapcat gặp lỗi trong khi nâng cấp"
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid "An error occurred while upgrading the LDAP directory."
++msgstr "Gặp lỗi trong khi nâng cấp thư mục LDAP."
++
++#. Type: error
++#. Description
++#: ../slapd.templates:14001
++msgid ""
++"The 'slapcat' program failed while extracting the LDAP directory. This may "
++"be caused by an incorrect configuration file (for example, missing "
++"'moduleload' lines to support the backend database)."
++msgstr ""
++"Chương trình “slapcat” bị lỗi trong khi giải nén thư mục LDAP. Có thể do một "
++"tập tin cấu hình sai (v.d. thiếu dòng “moduleload” để hỗ trợ cơ sở dữ liệu "
++"ứng dụng chạy phía sau)."
++
++#. Type: error
++#. Description
++#. This paragraph is followed by a (non translatable) paragraph
++#. containing a command line
++#: ../slapd.templates:14001
++msgid ""
++"This failure will cause 'slapadd' to fail later as well. The old database "
++"files will be moved to /var/backups. If you want to try this upgrade again, "
++"you should move the old database files back into place, fix whatever caused "
++"slapcat to fail, and run:"
++msgstr ""
++"Lỗi này cũng sẽ là nguyên nhân làm cho tiến trình “slapadd” thất bại về sau. "
++"Các tập tin cơ sở dữ liệu cũ sẽ được di chuyển vào thư mục “/var/backups”. "
++"Muốn thử lại tiến trình nâng cấp thì bạn nên di chuyển các tập tin cơ sở dữ "
++"liệu cũ về nơi gốc, sửa chữa những gì làm cho slapcat bị lỗi, và chạy câu "
++"lệnh:"
++
++#. Type: error
++#. Description
++#. Translators: keep "${location}" unchanged. This is a variable that
++#. will be replaced by a directory name at execution
++#: ../slapd.templates:14001
++msgid ""
++"Then move the database files back to a backup area and then try running "
++"slapadd from ${location}."
++msgstr ""
++"Sau đó, hãy di chuyển các tập tin cơ sở dữ liệu sang một vùng sao lưu, và "
++"thử chạy trình slapadd từ vị trí “${location}”."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "Potentially unsafe slapd access control configuration"
++msgstr "Cấu hình điều khiển truy cập slapd tiềm ẩn sự thiếu an toàn"
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid ""
++"One or more of the configured databases has an access control rule that "
++"allows users to modify most of their own attributes. This may be unsafe, "
++"depending on how the database is used."
++msgstr ""
++"Có một hay hơn cơ sở dữ liệu cấu hình có chứa quy tắc điều khiển truy cập mà "
++"nó lại cho phép người dùng sửa đổi phần lớn các thuộc tính mà họ sở hữu. Như "
++"vậy là thiếu an toàn, còn tùy thuộc vào cơ sở dữ liệu dùng để làm gì."
++
++#. Type: note
++#. Description
++#. Translators: keep "by self write" and "to *" unchanged. These are part
++#. of the slapd configuration and are not translatable.
++#: ../slapd.templates:15001
++msgid ""
++"In the case of slapd access rules that begin with \"to *\", it is "
++"recommended to remove any instances of \"by self write\", so that users are "
++"only able to modify specifically allowed attributes."
++msgstr ""
++"Trong trường hợp quy tắc truy cập slapd mà bắt đầu bằng \"to *\", khuyên bạn "
++"nên xóa bỏ mọi thực thể \"by self write\", như thế người dùng chỉ có thể sửa "
++"các thuộc tính cho phép đã chỉ ra."
++
++#. Type: note
++#. Description
++#: ../slapd.templates:15001
++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details."
++msgstr "Đọc /usr/share/doc/slapd/README.Debian.gz để biết thêm chi tiết."
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "abort installation"
++msgstr "hủy bỏ cài đặt"
++
++#. Type: select
++#. Choices
++#: ../slapd.templates:16001
++msgid "continue regardless"
++msgstr "vẫn tiếp tục"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid "Manual ppolicy schema update recommended"
++msgstr "Khuyến khích cập nhật lược đồ ppolicy"
++
++#. Type: select
++#. Description
++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#: ../slapd.templates:16002
++msgid ""
++"The new version of the Password Policy (ppolicy) overlay requires the schema "
++"to define the pwdMaxRecordedFailure attribute type, which is not present in "
++"the schema currently in use. It is recommended to abort the upgrade now, and "
++"to update the ppolicy schema before upgrading slapd. If replication is in "
++"use, the schema update should be applied on every server before continuing "
++"with the upgrade."
++msgstr ""
++"Phiên bản mới của overlay Chính sách Mật khẩu (ppolicy) cần lược đồ để định "
++"nghĩa kiểu thuộc tính pwdMaxRecordedFailure, cái mà không hiện diện trong "
++"lược đồ hiện đang dùng. Khuyến khích bạn bây giờ bãi bỏ nâng cấp, và cập "
++"nhật lược đồ trước khi nâng cấp slapd. Nếu bản sao đang dùng, cập nhật lược "
++"đồ có thể được áp dụng cho mọi máy phục vụ trước khi tiếp tục với nâng cấp."
++
++#. Type: select
++#. Description
++#. This paragraph is followed by the path to the generated file (not
++#. translatable). The sentence continues in the following paragraph.
++#: ../slapd.templates:16002
++msgid ""
++"An LDIF file has been generated with the changes required for the upgrade:"
++msgstr "Một tập tin LDIF đã được tạo với các thay đổi theo yêu cầu cập nhật:"
++
++#. Type: select
++#. Description
++#. This paragraph continues the sentence started in the previous
++#. paragraph. It is followed by a command line.
++#: ../slapd.templates:16002
++msgid ""
++"so if slapd is using the default access control rules, these changes can be "
++"applied (after starting slapd) by using the command:"
++msgstr ""
++"như vậy nếu slapd đang sử dụng các quy tắc điều khiển truy cập mặc định, "
++"những thay đổi có thể được áp dụng (sau khi khởi động slapd) bằng cách dùng "
++"lệnh:"
++
++#. Type: select
++#. Description
++#: ../slapd.templates:16002
++msgid ""
++"If instead you choose to continue the installation, the new attribute type "
++"will be added automatically, but the change will not be acted on by slapd "
++"overlays, and replication with other servers may be affected."
++msgstr ""
++"Nếu thay vào đó bạn chọn tiếp tục cài đặt, kiểu thuộc tính mới sẽ được thêm "
++"một cách tự động, nhưng thay đổi sẽ không được thực hiện trên các overlay "
++"slapd, và bản sao với các máy phục vụ khác có thể chịu tác động."
++
++#~ msgid "Database backend to use:"
++#~ msgstr "Ứng dụng chạy cơ sở dữ liệu cần dùng:"
++
++#~ msgid ""
++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree "
++#~ "renames. Both support the same configuration options."
++#~ msgstr ""
++#~ "HDB và BDB dùng định dạng lưu trữ tương tự nhau, nhưng HDB thêm hỗ trợ để "
++#~ "thay đổi tên của cây con. Cả hai hỗ trợ cùng những tùy chọn cấu hình."
++
++#~ msgid ""
++#~ "The MDB backend is recommended. MDB uses a new storage format and "
++#~ "requires less configuration than BDB or HDB."
++#~ msgstr ""
++#~ "Khuyên bạn dùng ứng dụng chạy phía sau MDB. MDB dùng định dạng lưu trữ "
++#~ "mới và phần cấu hình cũng ít hơn là BDB hay HDB."
++
++# The BDB backend is the recommended choice of the OpenLDAP developers.
++# When using the BDB backend make sure that you configure the underlying
++# database for your requirements. Look into /usr/share/doc/slapd/README.
++# DB_CONFIG.gz
++#~ msgid ""
++#~ "In any case, you should review the resulting database configuration for "
++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details."
++#~ msgstr ""
++#~ "Trong mỗi trường hợp, bạn nên xem lại cấu hình cơ sở dữ liệu kết quả có "
++#~ "thích hợp với nhu cầu của bạn. Xem tài liệu Đọc Đi “/usr/share/doc/slapd/"
++#~ "README.DB_CONFIG.gz” để tìm chi tiết."
++
++#~ msgid "Allow LDAPv2 protocol?"
++#~ msgstr "Cho phép giao thức LDAPv2?"
++
++#~ msgid ""
++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs "
++#~ "and users should upgrade to LDAPv3. If you have old programs which can't "
++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be "
++#~ "added to your slapd.conf file."
++#~ msgstr ""
++#~ "Giao thức LDAPv2 (phiên bản 2) cũ bị tắt theo mặc định trong slapd. Các "
++#~ "chương trình và người dùng đều nên nâng cấp lên LDAPv3 (phiên bản 3). Có "
++#~ "chương trình cũ không thể dùng LDAPv3 thì bạn nên bật tùy chọn này và "
++#~ "thêm chuỗi “allow bind_v2” vào tập tin cấu hình “slapd.conf”."
--- /dev/null
--- /dev/null
++#!/usr/bin/make -f
++
++include /usr/share/dpkg/architecture.mk
++include /usr/share/dpkg/pkg-info.mk
++
++# Set this variable if you're building packages outside of Debian and don't
++# want the checks for DFSG-freeness.
++#DFSG_NONFREE = 1
++
++export DEB_CFLAGS_MAINT_APPEND := -Wall -Wno-format-extra-args -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE
++export DEB_BUILD_MAINT_OPTIONS := hardening=+pie,+bindnow
++
++# Configure calls AM_INIT_AUTOMAKE, but Automake fails as there is no Makefile.am.
++# Tell dh-autoreconf to skip automake.
++export AUTOMAKE = true
++
++# Expose maintainer address to build/mkversion (see debian/patches/set-maintainer-name)
++export DEB_MAINTAINER := $(shell sed -ne 's/Maintainer:\s\+//p' debian/control)
++
++# Expose DEB_VERSION to build/version.sh (see debian/patches/debian-version)
++export DEB_VERSION
++
++# Workaround for bad glibc behavior when resolving localhost
++export RESOLV_MULTI = off
++
++CONFIG = $(shell grep -v "^\#" debian/configure.options)
++ifeq ($(DEB_HOST_ARCH_OS),hurd)
++ CONFIG += --disable-bdb --disable-hdb --disable-mdb
++endif
++ifneq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),)
++ CONFIG += --disable-slapd
++endif
++
++CONTRIB_MODULES = autogroup lastbind passwd passwd/argon2 passwd/pbkdf2 passwd/sha2 smbk5pwd
++
++# Ensure CC is set correctly for cross builds, unless it has already
++# been set explicitly.
++ifeq ($(origin CC),default)
++ export CC := $(DEB_HOST_GNU_TYPE)-gcc
++endif
++
++installdir := $(CURDIR)/debian/tmp
++builddir := $(CURDIR)/debian/build
++slapddir := $(CURDIR)/debian/slapd/usr/sbin
++
++MAKEVARS := STRIP=
++
++# Standard variables used in contrib Makefiles.
++# We override these in make invocations rather than patch every one.
++CONTRIB_MAKEVARS := \
++ LDAP_BUILD='$(builddir)' \
++ prefix=/usr \
++ ldap_subdir=/ldap \
++ moduledir='$$(libdir)$$(ldap_subdir)'
++
++# These variables are used only by get-orig-source, which will normally only
++# be run by maintainers.
++VERSION = $(subst +dfsg,,$(DEB_VERSION_UPSTREAM))
++URL = https://www.openldap.org/software/download/OpenLDAP/openldap-release/
++
++# Download the upstream source and make changes as required for DFSG reasons.
++# Assumes wget is available, as this is generally only used by the package
++# maintainers.
++get-orig-source:
++ @if [ ! -d "debian/schema" ] ; then \
++ echo 'Run this from the top directory of the Debian source' >&2; \
++ exit 1; \
++ fi
++ wget $(URL)/openldap-$(VERSION).tgz
++ tar xzf openldap-$(VERSION).tgz
++ rm -r openldap-$(VERSION)/doc/drafts
++ rm -r openldap-$(VERSION)/doc/rfc
++ set -e; for schema in debian/schema/*.schema debian/schema/*.ldif ; do \
++ file=`basename "$$schema"`; \
++ rm openldap-$(VERSION)/servers/slapd/schema/$$file; \
++ done
++ mv openldap-$(VERSION) openldap-$(VERSION)+dfsg
++ tar cf openldap_$(VERSION)+dfsg.orig.tar openldap-$(VERSION)+dfsg
++ rm -r openldap-$(VERSION)+dfsg
++ gzip -9 openldap_$(VERSION)+dfsg.orig.tar
++
++DH = dh $@ --builddirectory=$(builddir)
++.PHONY: build
++build:
++ $(DH)
++%:
++ $(DH)
++
++# Only contrib/ldapc++ uses Automake, so special care is needed to update
++# config.guess and config.sub at the top level.
++autoreconf:
++ autoreconf -f -i . contrib/ldapc++
++ cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub build/
++
++override_dh_autoreconf:
++ dh_autoreconf debian/rules -- autoreconf
++
++override_dh_auto_configure:
++ # Check if we include the RFCs, Internet-Drafts, or upstream schemas
++ # with RFC text (which are non DFSG-free). You can set DFSG_NONFREE
++ # to build the packages from the unchanged upstream sources but Debian
++ # can not ship the RFCs in main so this test is here to make sure it
++ # does not get in by accident again. -- Torsten
++ if [ -z "$(DFSG_NONFREE)" ]; then \
++ if [ -e doc/drafts ] || [ -e doc/rfc ]; then exit 1; fi; \
++ if [ -e servers/slapd/schema/core.schema ] \
++ && grep -q 'RFC 4519 definition' servers/slapd/schema/core.schema; \
++ then \
++ exit 1; \
++ fi; \
++ fi
++
++ # Copy our stripped schema versions into where upstream expects them.
++ if [ -z "$(DFSG_NONFREE)" ]; then \
++ cp debian/schema/*.schema debian/schema/*.ldif \
++ servers/slapd/schema/; \
++ fi
++
++ dh_auto_configure -- $(CONFIG)
++
++override_dh_auto_build:
++ dh_auto_build -- $(MAKEVARS)
++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),)
++ for mod in $(CONTRIB_MODULES); do \
++ dh_auto_build -Dcontrib/slapd-modules/$$mod -Bcontrib/slapd-modules/$$mod -- $(CONTRIB_MAKEVARS) || exit $$?; \
++ done
++endif
++
++override_dh_auto_test:
++ifeq ($(DEB_HOST_ARCH),ppc64el)
++ # Disable test060-mt-host on ppc64el until #866122 is fixed.
++ rm -f tests/scripts/test060-mt-hot
++endif
++ dh_auto_test
++
++override_dh_auto_install:
++ dh_auto_install -- $(MAKEVARS)
++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),)
++ for mod in $(CONTRIB_MODULES); do \
++ dh_auto_install -Dcontrib/slapd-modules/$$mod -Bcontrib/slapd-modules/$$mod -- $(CONTRIB_MAKEVARS) || exit $$?; \
++ done
++
++ # Empty the dependency_libs file in the .la files.
++ for F in $(installdir)/usr/lib/ldap/*.la; do \
++ sed -i "s/^dependency_libs=.*/dependency_libs=''/" $$F; \
++ done
++endif
++
++ # Check all built libraries for unresolved symbols except for the
++ # libslapi library. It is a special case since the SLAPI interface
++ # depends on symbols defined in slapd itself. Those symbols will
++ # remain unresolved until the plugin is loaded into slapd.
++ for F in $(installdir)/usr/lib/$(DEB_HOST_MULTIARCH)/*.so.*.*.*; do \
++ if echo "$$F" | grep -q libslapi ; then \
++ continue; \
++ fi; \
++ if LD_LIBRARY_PATH=$(installdir)/usr/lib/$(DEB_HOST_MULTIARCH) ldd -d -r $$F 2>&1 | grep '^undefined symbol:'; then \
++ echo; \
++ echo "library $$F has undefined references. Please fix this before continuing."; \
++ exit 1; \
++ fi; \
++ done
++
++ # Upstream manpages are section 8C but installed as section 8
++ find $(installdir)/usr/share/man -name \*.8 \
++ | xargs perl -pi -e 's#(\.TH \w+ 8)C#$$1#'
++
++override_dh_installinit:
++ dh_installinit -- "defaults 19 80"
++
++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),)
++override_dh_installman:
++ dh_installman
++ rm -f $(CURDIR)/debian/slapd/usr/share/man/man5/slapo-smbk5pwd.*
++
++override_dh_fixperms-arch:
++ dh_fixperms
++ chmod +x $(CURDIR)/debian/slapd/usr/share/slapd/ldiftopasswd
++endif
++
++override_dh_strip:
++ dh_strip -plibldap-2.4-2 --dbgsym-migration='libldap-2.4-2-dbg (<< 2.4.45+dfsg-1~)'
++ dh_strip -pslapd --dbgsym-migration='slapd-dbg (<< 2.4.45+dfsg-1~)'
++ dh_strip --remaining-packages
++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),)
++ # hardlink these so not confined by apparmor; do this here and not
++ # in dh_link so that dh_strip doesn't get confused and put the wrong
++ # binary in the debug package.
++ for f in slapacl slapadd slapauth slapcat slapdn slapindex slappasswd slaptest slapschema ; do \
++ ln -f $(slapddir)/slapd $(slapddir)/$$f ; \
++ done
++endif
++
++override_dh_link:
++ for pkg in libldap2-dev libldap-2.4-2; do \
++ sed -e"s/\$${DEB_HOST_MULTIARCH}/$(DEB_HOST_MULTIARCH)/g" < debian/$$pkg.links.in > debian/$$pkg.links; \
++ done
++ dh_link
++
++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),)
++override_dh_makeshlibs:
++ echo "slapd:Provides=$$(objdump -p debian/slapd/usr/lib/$(DEB_HOST_MULTIARCH)/libslapi-*.so.* \
++ | sed -ne '/SONAME/ { s/[[:space:]]*SONAME[[:space:]]*//; \
++ s/\.so\./-/; p; q }' \
++ )" >> debian/slapd.substvars
++ dh_makeshlibs -pslapd -X/usr/lib/ldap/ -V "$$(sed -ne's/slapd:Provides=//p' debian/slapd.substvars)"
++ dh_makeshlibs --remaining-packages
++endif
++
++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),)
++override_dh_installdeb:
++ dh_installdeb
++ perl -w debian/dh_installscripts-common -p slapd
++endif
++
++override_dh_auto_clean:
++ dh_auto_clean
++ # Update translation templates for debconf
++ debconf-updatepo
++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),)
++ # Remove our stripped schema from the upstream source area.
++ if [ -z "$(DFSG_NONFREE)" ]; then \
++ set -e; for s in debian/schema/*.schema debian/schema/*.ldif; do \
++ rm -f servers/slapd/schema/`basename $$s`; \
++ done; \
++ fi
++
++ # Clean the contrib directory
++ for mod in $(CONTRIB_MODULES); do \
++ dh_auto_clean -Dcontrib/slapd-modules/$$mod -Bcontrib/slapd-modules/$$mod || exit $?; \
++ done
++endif
--- /dev/null
--- /dev/null
++This directory contains stripped versions of schema files that the
++OpenLDAP distribution includes in servers/slapd/schema. The original
++versions as distributed upstream contain text from the RFCs embedded as
++comments, and that text is covered by the Internet Society license which
++does not meet the Debian Free Software Guidelines. (It doesn't permit
++creation and distribution of modified versions.) Accordingly, Debian
++cannot include the original versions of these files in Debian packages.
++
++Instead, in this directory are equivalent versions of those files with all
++of the text taken from IETF RFCs or Internet-Drafts removed and only the
++functional schema definition retained.
++
++Where possible, the schema files as distributed by the OpenLDAP project
++are retained. This is only done where RFC or Internet-Draft text is
++embedded in the schema file and covered by the Internet Society license.
--- /dev/null
--- /dev/null
++# collective.schema -- Collective attribute schema
++# $OpenLDAP: pkg/ldap/servers/slapd/schema/collective.schema,v 1.12.2.2 2007/08/31 23:14:06 quanah Exp $
++## This work is part of OpenLDAP Software <http://www.openldap.org/>.
++##
++## Copyright 1998-2007 The OpenLDAP Foundation.
++## All rights reserved.
++##
++## Redistribution and use in source and binary forms, with or without
++## modification, are permitted only as authorized by the OpenLDAP
++## Public License.
++##
++## A copy of this license is available in the file LICENSE in the
++## top-level directory of the distribution or, alternatively, at
++## <http://www.OpenLDAP.org/license.html>.
++#
++
++# The version of this file as distributed by the OpenLDAP Foundation
++# contains text from an IETF RFC explaining the schema. Unfortunately,
++# that text is covered by a license that doesn't meet Debian's Free
++# Software Guidelines. This is a stripped version of the schema that
++# contains only the functional schema definition, not the text of the
++# RFC.
++#
++# For an explanation of this schema, see RFC 3671, at (among other
++# places): http://www.ietf.org/rfc/rfc3671.txt
++
++attributeType ( 2.5.4.7.1 NAME 'c-l'
++ SUP l COLLECTIVE )
++
++attributeType ( 2.5.4.8.1 NAME 'c-st'
++ SUP st COLLECTIVE )
++
++attributeType ( 2.5.4.9.1 NAME 'c-street'
++ SUP street COLLECTIVE )
++
++attributeType ( 2.5.4.10.1 NAME 'c-o'
++ SUP o COLLECTIVE )
++
++attributeType ( 2.5.4.11.1 NAME 'c-ou'
++ SUP ou COLLECTIVE )
++
++attributeType ( 2.5.4.16.1 NAME 'c-PostalAddress'
++ SUP postalAddress COLLECTIVE )
++
++attributeType ( 2.5.4.17.1 NAME 'c-PostalCode'
++ SUP postalCode COLLECTIVE )
++
++attributeType ( 2.5.4.18.1 NAME 'c-PostOfficeBox'
++ SUP postOfficeBox COLLECTIVE )
++
++attributeType ( 2.5.4.19.1 NAME 'c-PhysicalDeliveryOfficeName'
++ SUP physicalDeliveryOfficeName COLLECTIVE )
++
++attributeType ( 2.5.4.20.1 NAME 'c-TelephoneNumber'
++ SUP telephoneNumber COLLECTIVE )
++
++attributeType ( 2.5.4.21.1 NAME 'c-TelexNumber'
++ SUP telexNumber COLLECTIVE )
++
++attributeType ( 2.5.4.23.1 NAME 'c-FacsimileTelephoneNumber'
++ SUP facsimileTelephoneNumber COLLECTIVE )
++
++attributeType ( 2.5.4.25.1 NAME 'c-InternationalISDNNumber'
++ SUP internationalISDNNumber COLLECTIVE )
++
--- /dev/null
--- /dev/null
++#!/bin/sh
++#
++# Compare the stripped versions of the schema with the unmodified versions
++# from the source as distributed upstream and find any non-comment changes
++# so that our stripped versions can be updated.
++#
++# Takes the directory containing our stripped schema and the directory
++# containing the upstream schema. Uses the first directory as a working
++# area.
++
++set -e
++
++ours="$1"
++theirs="$2"
++if [ -z "$ours" ] || [ -z "$theirs" ] ; then
++ echo 'Usage: compare-schema <debian-schema-dir> <openldap-schema-dir>' >&2
++ exit 1
++fi
++
++cd $ours
++for schema in *.schema *.ldif ; do
++ grep -v '^#' "$schema" | grep -v '^ *$' > "${schema}.debian"
++ grep -v '^#' "$theirs/$schema" | grep -v '^ *$' > "${schema}.upstream"
++ diff -u "${schema}.debian" "${schema}.upstream"
++ rm "${schema}.debian" "${schema}.upstream"
++done
--- /dev/null
--- /dev/null
++# corba.schema -- Corba Object Schema
++# depends upon core.schema
++# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.4.2.3 2007/01/02 21:44:09 kurt Exp $
++# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.4.2.3 2007/01/02 21:44:09 kurt Exp $
++## This work is part of OpenLDAP Software <http://www.openldap.org/>.
++##
++## Copyright 1998-2007 The OpenLDAP Foundation.
++## All rights reserved.
++##
++## Redistribution and use in source and binary forms, with or without
++## modification, are permitted only as authorized by the OpenLDAP
++## Public License.
++##
++## A copy of this license is available in the file LICENSE in the
++## top-level directory of the distribution or, alternatively, at
++## <http://www.OpenLDAP.org/license.html>.
++#
++
++# The version of this file as distributed by the OpenLDAP Foundation
++# contains text from an IETF RFC explaining the schema. Unfortunately,
++# that text is covered by a license that doesn't meet Debian's Free
++# Software Guidelines. This is a stripped version of the schema that
++# contains only the functional schema definition, not the text of the
++# RFC.
++#
++# For an explanation of this schema, see RFC 2714, at (among other
++# places): http://www.ietf.org/rfc/rfc2714.txt
++
++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.14
++ NAME 'corbaIor'
++ DESC 'Stringified interoperable object reference of a CORBA object'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.15
++ NAME 'corbaRepositoryId'
++ DESC 'Repository ids of interfaces implemented by a CORBA object'
++ EQUALITY caseExactMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++
++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.10
++ NAME 'corbaContainer'
++ DESC 'Container for a CORBA object'
++ SUP top
++ STRUCTURAL
++ MUST cn )
++
++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.9
++ NAME 'corbaObject'
++ DESC 'CORBA object representation'
++ SUP top
++ ABSTRACT
++ MAY ( corbaRepositoryId $ description ) )
++
++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.11
++ NAME 'corbaObjectReference'
++ DESC 'CORBA interoperable object reference'
++ SUP corbaObject
++ AUXILIARY
++ MUST corbaIor )
--- /dev/null
--- /dev/null
++# OpenLDAP Core schema
++# $OpenLDAP$
++## This work is part of OpenLDAP Software <http://www.openldap.org/>.
++##
++## Copyright 1998-2014 The OpenLDAP Foundation.
++## All rights reserved.
++##
++## Redistribution and use in source and binary forms, with or without
++## modification, are permitted only as authorized by the OpenLDAP
++## Public License.
++##
++## A copy of this license is available in the file LICENSE in the
++## top-level directory of the distribution or, alternatively, at
++## <http://www.OpenLDAP.org/license.html>.
++#
++
++# The version of this file as distributed by the OpenLDAP Foundation
++# contains text claiming copyright by the Internet Society and including
++# the IETF RFC license, which does not meet Debian's Free Software
++# Guidelines. However, apart from short and obvious comments, the text of
++# this file is purely a functional interface specification, which is not
++# subject to that license and is not copyrightable under US law.
++#
++# The license statement is retained below so as not to remove credit, but
++# as best as we can determine, it is not applicable to the contents of
++# this file.
++
++## Portions Copyright (C) The Internet Society (1997-2003).
++## All Rights Reserved.
++##
++## This document and translations of it may be copied and furnished to
++## others, and derivative works that comment on or otherwise explain it
++## or assist in its implementation may be prepared, copied, published
++## and distributed, in whole or in part, without restriction of any
++## kind, provided that the above copyright notice and this paragraph are
++## included on all such copies and derivative works. However, this
++## document itself may not be modified in any way, such as by removing
++## the copyright notice or references to the Internet Society or other
++## Internet organizations, except as needed for the purpose of
++## developing Internet standards in which case the procedures for
++## copyrights defined in the Internet Standards process must be
++## followed, or as required to translate it into languages other than
++## English.
++##
++## The limited permissions granted above are perpetual and will not be
++## revoked by the Internet Society or its successors or assigns.
++##
++## This document and the information contained herein is provided on an
++## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
++## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
++## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
++## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
++## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
++#
++#
++#
++# Includes LDAPv3 schema items from:
++# RFC 2252/2256 (LDAPv3)
++#
++# Select standard track schema items:
++# RFC 1274 (uid/dc)
++# RFC 2079 (URI)
++# RFC 2247 (dc/dcObject)
++# RFC 2587 (PKI)
++# RFC 2589 (Dynamic Directory Services)
++#
++# Select informational schema items:
++# RFC 2377 (uidObject)
++#
++#
++# Standard attribute types from RFC 2256
++#
++dn: cn=core,cn=schema,cn=config
++objectClass: olcSchemaConfig
++cn: core
++#
++# system schema
++#olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass'
++# DESC 'RFC2256: object classes of the entity'
++# EQUALITY objectIdentifierMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
++#
++# system schema
++#olcAttributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' )
++# DESC 'RFC2256: name of aliased object'
++# EQUALITY distinguishedNameMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
++#
++olcAttributeTypes: ( 2.5.4.2 NAME 'knowledgeInformation'
++ DESC 'RFC2256: knowledge information'
++ EQUALITY caseIgnoreMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
++#
++# system schema
++#olcAttributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' )
++# DESC 'RFC2256: common name(s) for which the entity is known by'
++# SUP name )
++#
++olcAttributeTypes: ( 2.5.4.4 NAME ( 'sn' 'surname' )
++ DESC 'RFC2256: last (family) name(s) for which the entity is known by'
++ SUP name )
++#
++olcAttributeTypes: ( 2.5.4.5 NAME 'serialNumber'
++ DESC 'RFC2256: serial number of the entity'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
++#
++# RFC 4519 definition ('countryName' in X.500 and RFC2256)
++olcAttributeTypes: ( 2.5.4.6 NAME ( 'c' 'countryName' )
++ DESC 'RFC4519: two-letter ISO-3166 country code'
++ SUP name
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.11
++ SINGLE-VALUE )
++#
++olcAttributeTypes: ( 2.5.4.7 NAME ( 'l' 'localityName' )
++ DESC 'RFC2256: locality which this object resides in'
++ SUP name )
++#
++olcAttributeTypes: ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' )
++ DESC 'RFC2256: state or province which this object resides in'
++ SUP name )
++#
++olcAttributeTypes: ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
++ DESC 'RFC2256: street address of this object'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
++#
++olcAttributeTypes: ( 2.5.4.10 NAME ( 'o' 'organizationName' )
++ DESC 'RFC2256: organization this object belongs to'
++ SUP name )
++#
++olcAttributeTypes: ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
++ DESC 'RFC2256: organizational unit this object belongs to'
++ SUP name )
++#
++olcAttributeTypes: ( 2.5.4.12 NAME 'title'
++ DESC 'RFC2256: title associated with the entity'
++ SUP name )
++#
++# system schema
++#olcAttributeTypes: ( 2.5.4.13 NAME 'description'
++# DESC 'RFC2256: descriptive information'
++# EQUALITY caseIgnoreMatch
++# SUBSTR caseIgnoreSubstringsMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
++#
++# Deprecated by enhancedSearchGuide
++olcAttributeTypes: ( 2.5.4.14 NAME 'searchGuide'
++ DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
++#
++olcAttributeTypes: ( 2.5.4.15 NAME 'businessCategory'
++ DESC 'RFC2256: business category'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
++#
++olcAttributeTypes: ( 2.5.4.16 NAME 'postalAddress'
++ DESC 'RFC2256: postal address'
++ EQUALITY caseIgnoreListMatch
++ SUBSTR caseIgnoreListSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
++#
++olcAttributeTypes: ( 2.5.4.17 NAME 'postalCode'
++ DESC 'RFC2256: postal code'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
++#
++olcAttributeTypes: ( 2.5.4.18 NAME 'postOfficeBox'
++ DESC 'RFC2256: Post Office Box'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
++#
++olcAttributeTypes: ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
++ DESC 'RFC2256: Physical Delivery Office Name'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
++#
++olcAttributeTypes: ( 2.5.4.20 NAME 'telephoneNumber'
++ DESC 'RFC2256: Telephone Number'
++ EQUALITY telephoneNumberMatch
++ SUBSTR telephoneNumberSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
++#
++olcAttributeTypes: ( 2.5.4.21 NAME 'telexNumber'
++ DESC 'RFC2256: Telex Number'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
++#
++olcAttributeTypes: ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
++ DESC 'RFC2256: Teletex Terminal Identifier'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
++#
++olcAttributeTypes: ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
++ DESC 'RFC2256: Facsimile (Fax) Telephone Number'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
++#
++olcAttributeTypes: ( 2.5.4.24 NAME 'x121Address'
++ DESC 'RFC2256: X.121 Address'
++ EQUALITY numericStringMatch
++ SUBSTR numericStringSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
++#
++olcAttributeTypes: ( 2.5.4.25 NAME 'internationaliSDNNumber'
++ DESC 'RFC2256: international ISDN number'
++ EQUALITY numericStringMatch
++ SUBSTR numericStringSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
++#
++olcAttributeTypes: ( 2.5.4.26 NAME 'registeredAddress'
++ DESC 'RFC2256: registered postal address'
++ SUP postalAddress
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
++#
++olcAttributeTypes: ( 2.5.4.27 NAME 'destinationIndicator'
++ DESC 'RFC2256: destination indicator'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
++#
++olcAttributeTypes: ( 2.5.4.28 NAME 'preferredDeliveryMethod'
++ DESC 'RFC2256: preferred delivery method'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
++ SINGLE-VALUE )
++#
++olcAttributeTypes: ( 2.5.4.29 NAME 'presentationAddress'
++ DESC 'RFC2256: presentation address'
++ EQUALITY presentationAddressMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
++ SINGLE-VALUE )
++#
++olcAttributeTypes: ( 2.5.4.30 NAME 'supportedApplicationContext'
++ DESC 'RFC2256: supported application context'
++ EQUALITY objectIdentifierMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
++#
++olcAttributeTypes: ( 2.5.4.31 NAME 'member'
++ DESC 'RFC2256: member of a group'
++ SUP distinguishedName )
++#
++olcAttributeTypes: ( 2.5.4.32 NAME 'owner'
++ DESC 'RFC2256: owner (of the object)'
++ SUP distinguishedName )
++#
++olcAttributeTypes: ( 2.5.4.33 NAME 'roleOccupant'
++ DESC 'RFC2256: occupant of role'
++ SUP distinguishedName )
++#
++# system schema
++#olcAttributeTypes: ( 2.5.4.34 NAME 'seeAlso'
++# DESC 'RFC2256: DN of related object'
++# SUP distinguishedName )
++#
++# system schema
++#olcAttributeTypes: ( 2.5.4.35 NAME 'userPassword'
++# DESC 'RFC2256/2307: password of user'
++# EQUALITY octetStringMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
++#
++# Must be transferred using ;binary
++# with certificateExactMatch rule (per X.509)
++olcAttributeTypes: ( 2.5.4.36 NAME 'userCertificate'
++ DESC 'RFC2256: X.509 user certificate, use ;binary'
++ EQUALITY certificateExactMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
++#
++# Must be transferred using ;binary
++# with certificateExactMatch rule (per X.509)
++olcAttributeTypes: ( 2.5.4.37 NAME 'cACertificate'
++ DESC 'RFC2256: X.509 CA certificate, use ;binary'
++ EQUALITY certificateExactMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
++#
++# Must be transferred using ;binary
++olcAttributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList'
++ DESC 'RFC2256: X.509 authority revocation list, use ;binary'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
++#
++# Must be transferred using ;binary
++olcAttributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList'
++ DESC 'RFC2256: X.509 certificate revocation list, use ;binary'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
++#
++# Must be stored and requested in the binary form
++olcAttributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair'
++ DESC 'RFC2256: X.509 cross certificate pair, use ;binary'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
++#
++# 2.5.4.41 is defined above as it's used for subtyping
++#olcAttributeTypes: ( 2.5.4.41 NAME 'name'
++# EQUALITY caseIgnoreMatch
++# SUBSTR caseIgnoreSubstringsMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
++#
++olcAttributeTypes: ( 2.5.4.42 NAME ( 'givenName' 'gn' )
++ DESC 'RFC2256: first name(s) for which the entity is known by'
++ SUP name )
++#
++olcAttributeTypes: ( 2.5.4.43 NAME 'initials'
++ DESC 'RFC2256: initials of some or all of names, but not the surname(s).'
++ SUP name )
++#
++olcAttributeTypes: ( 2.5.4.44 NAME 'generationQualifier'
++ DESC 'RFC2256: name qualifier indicating a generation'
++ SUP name )
++#
++olcAttributeTypes: ( 2.5.4.45 NAME 'x500UniqueIdentifier'
++ DESC 'RFC2256: X.500 unique identifier'
++ EQUALITY bitStringMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
++#
++olcAttributeTypes: ( 2.5.4.46 NAME 'dnQualifier'
++ DESC 'RFC2256: DN qualifier'
++ EQUALITY caseIgnoreMatch
++ ORDERING caseIgnoreOrderingMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
++#
++olcAttributeTypes: ( 2.5.4.47 NAME 'enhancedSearchGuide'
++ DESC 'RFC2256: enhanced search guide'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
++#
++olcAttributeTypes: ( 2.5.4.48 NAME 'protocolInformation'
++ DESC 'RFC2256: protocol information'
++ EQUALITY protocolInformationMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
++#
++# 2.5.4.49 is defined above as it's used for subtyping
++#olcAttributeTypes: ( 2.5.4.49 NAME 'distinguishedName'
++# EQUALITY distinguishedNameMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
++#
++olcAttributeTypes: ( 2.5.4.50 NAME 'uniqueMember'
++ DESC 'RFC2256: unique member of a group'
++ EQUALITY uniqueMemberMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
++#
++olcAttributeTypes: ( 2.5.4.51 NAME 'houseIdentifier'
++ DESC 'RFC2256: house identifier'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
++#
++# Must be transferred using ;binary
++olcAttributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms'
++ DESC 'RFC2256: supported algorithms'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
++#
++# Must be transferred using ;binary
++olcAttributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList'
++ DESC 'RFC2256: delta revocation list; use ;binary'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
++#
++olcAttributeTypes: ( 2.5.4.54 NAME 'dmdName'
++ DESC 'RFC2256: name of DMD'
++ SUP name )
++#
++olcAttributeTypes: ( 2.5.4.65 NAME 'pseudonym'
++ DESC 'X.520(4th): pseudonym for the object'
++ SUP name )
++#
++# Standard object classes from RFC2256
++#
++# system schema
++#olcObjectClasses: ( 2.5.6.1 NAME 'alias'
++# DESC 'RFC2256: an alias'
++# SUP top STRUCTURAL
++# MUST aliasedObjectName )
++#
++olcObjectClasses: ( 2.5.6.2 NAME 'country'
++ DESC 'RFC2256: a country'
++ SUP top STRUCTURAL
++ MUST c
++ MAY ( searchGuide $ description ) )
++#
++olcObjectClasses: ( 2.5.6.3 NAME 'locality'
++ DESC 'RFC2256: a locality'
++ SUP top STRUCTURAL
++ MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
++#
++olcObjectClasses: ( 2.5.6.4 NAME 'organization'
++ DESC 'RFC2256: an organization'
++ SUP top STRUCTURAL
++ MUST o
++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
++ x121Address $ registeredAddress $ destinationIndicator $
++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
++ telephoneNumber $ internationaliSDNNumber $
++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
++ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
++#
++olcObjectClasses: ( 2.5.6.5 NAME 'organizationalUnit'
++ DESC 'RFC2256: an organizational unit'
++ SUP top STRUCTURAL
++ MUST ou
++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
++ x121Address $ registeredAddress $ destinationIndicator $
++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
++ telephoneNumber $ internationaliSDNNumber $
++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
++ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
++#
++olcObjectClasses: ( 2.5.6.6 NAME 'person'
++ DESC 'RFC2256: a person'
++ SUP top STRUCTURAL
++ MUST ( sn $ cn )
++ MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
++#
++olcObjectClasses: ( 2.5.6.7 NAME 'organizationalPerson'
++ DESC 'RFC2256: an organizational person'
++ SUP person STRUCTURAL
++ MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $
++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
++ telephoneNumber $ internationaliSDNNumber $
++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
++ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
++#
++olcObjectClasses: ( 2.5.6.8 NAME 'organizationalRole'
++ DESC 'RFC2256: an organizational role'
++ SUP top STRUCTURAL
++ MUST cn
++ MAY ( x121Address $ registeredAddress $ destinationIndicator $
++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
++ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
++ seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
++ postOfficeBox $ postalCode $ postalAddress $
++ physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
++#
++olcObjectClasses: ( 2.5.6.9 NAME 'groupOfNames'
++ DESC 'RFC2256: a group of names (DNs)'
++ SUP top STRUCTURAL
++ MUST ( member $ cn )
++ MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
++#
++olcObjectClasses: ( 2.5.6.10 NAME 'residentialPerson'
++ DESC 'RFC2256: an residential person'
++ SUP person STRUCTURAL
++ MUST l
++ MAY ( businessCategory $ x121Address $ registeredAddress $
++ destinationIndicator $ preferredDeliveryMethod $ telexNumber $
++ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
++ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
++ postOfficeBox $ postalCode $ postalAddress $
++ physicalDeliveryOfficeName $ st $ l ) )
++#
++olcObjectClasses: ( 2.5.6.11 NAME 'applicationProcess'
++ DESC 'RFC2256: an application process'
++ SUP top STRUCTURAL
++ MUST cn
++ MAY ( seeAlso $ ou $ l $ description ) )
++#
++olcObjectClasses: ( 2.5.6.12 NAME 'applicationEntity'
++ DESC 'RFC2256: an application entity'
++ SUP top STRUCTURAL
++ MUST ( presentationAddress $ cn )
++ MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
++ description ) )
++#
++olcObjectClasses: ( 2.5.6.13 NAME 'dSA'
++ DESC 'RFC2256: a directory system agent (a server)'
++ SUP applicationEntity STRUCTURAL
++ MAY knowledgeInformation )
++#
++olcObjectClasses: ( 2.5.6.14 NAME 'device'
++ DESC 'RFC2256: a device'
++ SUP top STRUCTURAL
++ MUST cn
++ MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
++#
++olcObjectClasses: ( 2.5.6.15 NAME 'strongAuthenticationUser'
++ DESC 'RFC2256: a strong authentication user'
++ SUP top AUXILIARY
++ MUST userCertificate )
++#
++olcObjectClasses: ( 2.5.6.16 NAME 'certificationAuthority'
++ DESC 'RFC2256: a certificate authority'
++ SUP top AUXILIARY
++ MUST ( authorityRevocationList $ certificateRevocationList $
++ cACertificate ) MAY crossCertificatePair )
++#
++olcObjectClasses: ( 2.5.6.17 NAME 'groupOfUniqueNames'
++ DESC 'RFC2256: a group of unique names (DN and Unique Identifier)'
++ SUP top STRUCTURAL
++ MUST ( uniqueMember $ cn )
++ MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
++#
++olcObjectClasses: ( 2.5.6.18 NAME 'userSecurityInformation'
++ DESC 'RFC2256: a user security information'
++ SUP top AUXILIARY
++ MAY ( supportedAlgorithms ) )
++#
++olcObjectClasses: ( 2.5.6.16.2 NAME 'certificationAuthority-V2'
++ SUP certificationAuthority
++ AUXILIARY MAY ( deltaRevocationList ) )
++#
++olcObjectClasses: ( 2.5.6.19 NAME 'cRLDistributionPoint'
++ SUP top STRUCTURAL
++ MUST ( cn )
++ MAY ( certificateRevocationList $ authorityRevocationList $
++ deltaRevocationList ) )
++#
++olcObjectClasses: ( 2.5.6.20 NAME 'dmd'
++ SUP top STRUCTURAL
++ MUST ( dmdName )
++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
++ x121Address $ registeredAddress $ destinationIndicator $
++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
++ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
++ street $ postOfficeBox $ postalCode $ postalAddress $
++ physicalDeliveryOfficeName $ st $ l $ description ) )
++#
++#
++# Object Classes from RFC 2587
++#
++olcObjectClasses: ( 2.5.6.21 NAME 'pkiUser'
++ DESC 'RFC2587: a PKI user'
++ SUP top AUXILIARY
++ MAY userCertificate )
++#
++olcObjectClasses: ( 2.5.6.22 NAME 'pkiCA'
++ DESC 'RFC2587: PKI certificate authority'
++ SUP top AUXILIARY
++ MAY ( authorityRevocationList $ certificateRevocationList $
++ cACertificate $ crossCertificatePair ) )
++#
++olcObjectClasses: ( 2.5.6.23 NAME 'deltaCRL'
++ DESC 'RFC2587: PKI user'
++ SUP top AUXILIARY
++ MAY deltaRevocationList )
++#
++#
++# Standard Track URI label schema from RFC 2079
++# system schema
++#olcAttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
++# DESC 'RFC2079: Uniform Resource Identifier with optional label'
++# EQUALITY caseExactMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++#
++olcObjectClasses: ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
++ DESC 'RFC2079: object that contains the URI attribute type'
++ MAY ( labeledURI )
++ SUP top AUXILIARY )
++#
++#
++# Derived from RFC 1274, but with new "short names"
++#
++#olcAttributeTypes: ( 0.9.2342.19200300.100.1.1
++# NAME ( 'uid' 'userid' )
++# DESC 'RFC1274: user identifier'
++# EQUALITY caseIgnoreMatch
++# SUBSTR caseIgnoreSubstringsMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++#
++olcAttributeTypes: ( 0.9.2342.19200300.100.1.3
++ NAME ( 'mail' 'rfc822Mailbox' )
++ DESC 'RFC1274: RFC822 Mailbox'
++ EQUALITY caseIgnoreIA5Match
++ SUBSTR caseIgnoreIA5SubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
++#
++olcObjectClasses: ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
++ DESC 'RFC1274: simple security object'
++ SUP top AUXILIARY
++ MUST userPassword )
++#
++# RFC 1274 + RFC 2247
++olcAttributeTypes: ( 0.9.2342.19200300.100.1.25
++ NAME ( 'dc' 'domainComponent' )
++ DESC 'RFC1274/2247: domain component'
++ EQUALITY caseIgnoreIA5Match
++ SUBSTR caseIgnoreIA5SubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
++#
++# RFC 2247
++olcObjectClasses: ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
++ DESC 'RFC2247: domain component object'
++ SUP top AUXILIARY MUST dc )
++#
++# RFC 2377
++olcObjectClasses: ( 1.3.6.1.1.3.1 NAME 'uidObject'
++ DESC 'RFC2377: uid object'
++ SUP top AUXILIARY MUST uid )
++#
++# From COSINE Pilot
++olcAttributeTypes: ( 0.9.2342.19200300.100.1.37
++ NAME 'associatedDomain'
++ DESC 'RFC1274: domain associated with object'
++ EQUALITY caseIgnoreIA5Match
++ SUBSTR caseIgnoreIA5SubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++#
++# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema)
++olcAttributeTypes: ( 1.2.840.113549.1.9.1
++ NAME ( 'email' 'emailAddress' 'pkcs9email' )
++ DESC 'RFC3280: legacy attribute for email addresses in DNs'
++ EQUALITY caseIgnoreIA5Match
++ SUBSTR caseIgnoreIA5SubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
++#
--- /dev/null
--- /dev/null
++# OpenLDAP Core schema
++# $OpenLDAP$
++## This work is part of OpenLDAP Software <http://www.openldap.org/>.
++##
++## Copyright 1998-2014 The OpenLDAP Foundation.
++## All rights reserved.
++##
++## Redistribution and use in source and binary forms, with or without
++## modification, are permitted only as authorized by the OpenLDAP
++## Public License.
++##
++## A copy of this license is available in the file LICENSE in the
++## top-level directory of the distribution or, alternatively, at
++## <http://www.OpenLDAP.org/license.html>.
++#
++
++# The version of this file as distributed by the OpenLDAP Foundation
++# contains text claiming copyright by the Internet Society and including
++# the IETF RFC license, which does not meet Debian's Free Software
++# Guidelines. However, apart from short and obvious comments, the text of
++# this file is purely a functional interface specification, which is not
++# subject to that license and is not copyrightable under US law.
++#
++# The license statement is retained below so as not to remove credit, but
++# as best as we can determine, it is not applicable to the contents of
++# this file.
++
++## Portions Copyright (C) The Internet Society (1997-2006).
++## All Rights Reserved.
++##
++## This document and translations of it may be copied and furnished to
++## others, and derivative works that comment on or otherwise explain it
++## or assist in its implementation may be prepared, copied, published
++## and distributed, in whole or in part, without restriction of any
++## kind, provided that the above copyright notice and this paragraph are
++## included on all such copies and derivative works. However, this
++## document itself may not be modified in any way, such as by removing
++## the copyright notice or references to the Internet Society or other
++## Internet organizations, except as needed for the purpose of
++## developing Internet standards in which case the procedures for
++## copyrights defined in the Internet Standards process must be
++## followed, or as required to translate it into languages other than
++## English.
++##
++## The limited permissions granted above are perpetual and will not be
++## revoked by the Internet Society or its successors or assigns.
++##
++## This document and the information contained herein is provided on an
++## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
++## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
++## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
++## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
++## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
++
++#
++#
++# Includes LDAPv3 schema items from:
++# RFC 2252/2256 (LDAPv3)
++#
++# Select standard track schema items:
++# RFC 1274 (uid/dc)
++# RFC 2079 (URI)
++# RFC 2247 (dc/dcObject)
++# RFC 2587 (PKI)
++# RFC 2589 (Dynamic Directory Services)
++# RFC 4524 (associatedDomain)
++#
++# Select informational schema items:
++# RFC 2377 (uidObject)
++
++#
++# Standard attribute types from RFC 2256
++#
++
++# system schema
++#attributetype ( 2.5.4.0 NAME 'objectClass'
++# DESC 'RFC2256: object classes of the entity'
++# EQUALITY objectIdentifierMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
++
++# system schema
++#attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' )
++# DESC 'RFC2256: name of aliased object'
++# EQUALITY distinguishedNameMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
++
++attributetype ( 2.5.4.2 NAME 'knowledgeInformation'
++ DESC 'RFC2256: knowledge information'
++ EQUALITY caseIgnoreMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
++
++# system schema
++#attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' )
++# DESC 'RFC2256: common name(s) for which the entity is known by'
++# SUP name )
++
++attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' )
++ DESC 'RFC2256: last (family) name(s) for which the entity is known by'
++ SUP name )
++
++attributetype ( 2.5.4.5 NAME 'serialNumber'
++ DESC 'RFC2256: serial number of the entity'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
++
++# RFC 4519 definition ('countryName' in X.500 and RFC2256)
++attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' )
++ DESC 'RFC4519: two-letter ISO-3166 country code'
++ SUP name
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.11
++ SINGLE-VALUE )
++
++#attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' )
++# DESC 'RFC2256: ISO-3166 country 2-letter code'
++# SUP name SINGLE-VALUE )
++
++attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' )
++ DESC 'RFC2256: locality which this object resides in'
++ SUP name )
++
++attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' )
++ DESC 'RFC2256: state or province which this object resides in'
++ SUP name )
++
++attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
++ DESC 'RFC2256: street address of this object'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
++
++attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' )
++ DESC 'RFC2256: organization this object belongs to'
++ SUP name )
++
++attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
++ DESC 'RFC2256: organizational unit this object belongs to'
++ SUP name )
++
++attributetype ( 2.5.4.12 NAME 'title'
++ DESC 'RFC2256: title associated with the entity'
++ SUP name )
++
++# system schema
++#attributetype ( 2.5.4.13 NAME 'description'
++# DESC 'RFC2256: descriptive information'
++# EQUALITY caseIgnoreMatch
++# SUBSTR caseIgnoreSubstringsMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
++
++# Deprecated by enhancedSearchGuide
++attributetype ( 2.5.4.14 NAME 'searchGuide'
++ DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
++
++attributetype ( 2.5.4.15 NAME 'businessCategory'
++ DESC 'RFC2256: business category'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
++
++attributetype ( 2.5.4.16 NAME 'postalAddress'
++ DESC 'RFC2256: postal address'
++ EQUALITY caseIgnoreListMatch
++ SUBSTR caseIgnoreListSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
++
++attributetype ( 2.5.4.17 NAME 'postalCode'
++ DESC 'RFC2256: postal code'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
++
++attributetype ( 2.5.4.18 NAME 'postOfficeBox'
++ DESC 'RFC2256: Post Office Box'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
++
++attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
++ DESC 'RFC2256: Physical Delivery Office Name'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
++
++attributetype ( 2.5.4.20 NAME 'telephoneNumber'
++ DESC 'RFC2256: Telephone Number'
++ EQUALITY telephoneNumberMatch
++ SUBSTR telephoneNumberSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
++
++attributetype ( 2.5.4.21 NAME 'telexNumber'
++ DESC 'RFC2256: Telex Number'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
++
++attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
++ DESC 'RFC2256: Teletex Terminal Identifier'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
++
++attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
++ DESC 'RFC2256: Facsimile (Fax) Telephone Number'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
++
++attributetype ( 2.5.4.24 NAME 'x121Address'
++ DESC 'RFC2256: X.121 Address'
++ EQUALITY numericStringMatch
++ SUBSTR numericStringSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
++
++attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber'
++ DESC 'RFC2256: international ISDN number'
++ EQUALITY numericStringMatch
++ SUBSTR numericStringSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
++
++attributetype ( 2.5.4.26 NAME 'registeredAddress'
++ DESC 'RFC2256: registered postal address'
++ SUP postalAddress
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
++
++attributetype ( 2.5.4.27 NAME 'destinationIndicator'
++ DESC 'RFC2256: destination indicator'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
++
++attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod'
++ DESC 'RFC2256: preferred delivery method'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
++ SINGLE-VALUE )
++
++attributetype ( 2.5.4.29 NAME 'presentationAddress'
++ DESC 'RFC2256: presentation address'
++ EQUALITY presentationAddressMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
++ SINGLE-VALUE )
++
++attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
++ DESC 'RFC2256: supported application context'
++ EQUALITY objectIdentifierMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
++
++attributetype ( 2.5.4.31 NAME 'member'
++ DESC 'RFC2256: member of a group'
++ SUP distinguishedName )
++
++attributetype ( 2.5.4.32 NAME 'owner'
++ DESC 'RFC2256: owner (of the object)'
++ SUP distinguishedName )
++
++attributetype ( 2.5.4.33 NAME 'roleOccupant'
++ DESC 'RFC2256: occupant of role'
++ SUP distinguishedName )
++
++# system schema
++#attributetype ( 2.5.4.34 NAME 'seeAlso'
++# DESC 'RFC2256: DN of related object'
++# SUP distinguishedName )
++
++# system schema
++#attributetype ( 2.5.4.35 NAME 'userPassword'
++# DESC 'RFC2256/2307: password of user'
++# EQUALITY octetStringMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
++
++# Must be transferred using ;binary
++# with certificateExactMatch rule (per X.509)
++attributetype ( 2.5.4.36 NAME 'userCertificate'
++ DESC 'RFC2256: X.509 user certificate, use ;binary'
++ EQUALITY certificateExactMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
++
++# Must be transferred using ;binary
++# with certificateExactMatch rule (per X.509)
++attributetype ( 2.5.4.37 NAME 'cACertificate'
++ DESC 'RFC2256: X.509 CA certificate, use ;binary'
++ EQUALITY certificateExactMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
++
++# Must be transferred using ;binary
++attributetype ( 2.5.4.38 NAME 'authorityRevocationList'
++ DESC 'RFC2256: X.509 authority revocation list, use ;binary'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
++
++# Must be transferred using ;binary
++attributetype ( 2.5.4.39 NAME 'certificateRevocationList'
++ DESC 'RFC2256: X.509 certificate revocation list, use ;binary'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
++
++# Must be stored and requested in the binary form
++attributetype ( 2.5.4.40 NAME 'crossCertificatePair'
++ DESC 'RFC2256: X.509 cross certificate pair, use ;binary'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
++
++# system schema
++#attributetype ( 2.5.4.41 NAME 'name'
++# EQUALITY caseIgnoreMatch
++# SUBSTR caseIgnoreSubstringsMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
++
++attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' )
++ DESC 'RFC2256: first name(s) for which the entity is known by'
++ SUP name )
++
++attributetype ( 2.5.4.43 NAME 'initials'
++ DESC 'RFC2256: initials of some or all of names, but not the surname(s).'
++ SUP name )
++
++attributetype ( 2.5.4.44 NAME 'generationQualifier'
++ DESC 'RFC2256: name qualifier indicating a generation'
++ SUP name )
++
++attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier'
++ DESC 'RFC2256: X.500 unique identifier'
++ EQUALITY bitStringMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
++
++attributetype ( 2.5.4.46 NAME 'dnQualifier'
++ DESC 'RFC2256: DN qualifier'
++ EQUALITY caseIgnoreMatch
++ ORDERING caseIgnoreOrderingMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
++
++attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide'
++ DESC 'RFC2256: enhanced search guide'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
++
++attributetype ( 2.5.4.48 NAME 'protocolInformation'
++ DESC 'RFC2256: protocol information'
++ EQUALITY protocolInformationMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
++
++# system schema
++#attributetype ( 2.5.4.49 NAME 'distinguishedName'
++# EQUALITY distinguishedNameMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
++
++attributetype ( 2.5.4.50 NAME 'uniqueMember'
++ DESC 'RFC2256: unique member of a group'
++ EQUALITY uniqueMemberMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
++
++attributetype ( 2.5.4.51 NAME 'houseIdentifier'
++ DESC 'RFC2256: house identifier'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
++
++# Must be transferred using ;binary
++attributetype ( 2.5.4.52 NAME 'supportedAlgorithms'
++ DESC 'RFC2256: supported algorithms'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
++
++# Must be transferred using ;binary
++attributetype ( 2.5.4.53 NAME 'deltaRevocationList'
++ DESC 'RFC2256: delta revocation list; use ;binary'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
++
++attributetype ( 2.5.4.54 NAME 'dmdName'
++ DESC 'RFC2256: name of DMD'
++ SUP name )
++
++attributetype ( 2.5.4.65 NAME 'pseudonym'
++ DESC 'X.520(4th): pseudonym for the object'
++ SUP name )
++
++# Standard object classes from RFC2256
++
++# system schema
++#objectclass ( 2.5.6.0 NAME 'top'
++# DESC 'RFC2256: top of the superclass chain'
++# ABSTRACT
++# MUST objectClass )
++
++# system schema
++#objectclass ( 2.5.6.1 NAME 'alias'
++# DESC 'RFC2256: an alias'
++# SUP top STRUCTURAL
++# MUST aliasedObjectName )
++
++objectclass ( 2.5.6.2 NAME 'country'
++ DESC 'RFC2256: a country'
++ SUP top STRUCTURAL
++ MUST c
++ MAY ( searchGuide $ description ) )
++
++objectclass ( 2.5.6.3 NAME 'locality'
++ DESC 'RFC2256: a locality'
++ SUP top STRUCTURAL
++ MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
++
++objectclass ( 2.5.6.4 NAME 'organization'
++ DESC 'RFC2256: an organization'
++ SUP top STRUCTURAL
++ MUST o
++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
++ x121Address $ registeredAddress $ destinationIndicator $
++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
++ telephoneNumber $ internationaliSDNNumber $
++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
++ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
++
++objectclass ( 2.5.6.5 NAME 'organizationalUnit'
++ DESC 'RFC2256: an organizational unit'
++ SUP top STRUCTURAL
++ MUST ou
++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
++ x121Address $ registeredAddress $ destinationIndicator $
++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
++ telephoneNumber $ internationaliSDNNumber $
++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
++ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
++
++objectclass ( 2.5.6.6 NAME 'person'
++ DESC 'RFC2256: a person'
++ SUP top STRUCTURAL
++ MUST ( sn $ cn )
++ MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
++
++objectclass ( 2.5.6.7 NAME 'organizationalPerson'
++ DESC 'RFC2256: an organizational person'
++ SUP person STRUCTURAL
++ MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $
++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
++ telephoneNumber $ internationaliSDNNumber $
++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
++ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
++
++objectclass ( 2.5.6.8 NAME 'organizationalRole'
++ DESC 'RFC2256: an organizational role'
++ SUP top STRUCTURAL
++ MUST cn
++ MAY ( x121Address $ registeredAddress $ destinationIndicator $
++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
++ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
++ seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
++ postOfficeBox $ postalCode $ postalAddress $
++ physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
++
++objectclass ( 2.5.6.9 NAME 'groupOfNames'
++ DESC 'RFC2256: a group of names (DNs)'
++ SUP top STRUCTURAL
++ MUST ( member $ cn )
++ MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
++
++objectclass ( 2.5.6.10 NAME 'residentialPerson'
++ DESC 'RFC2256: an residential person'
++ SUP person STRUCTURAL
++ MUST l
++ MAY ( businessCategory $ x121Address $ registeredAddress $
++ destinationIndicator $ preferredDeliveryMethod $ telexNumber $
++ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
++ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
++ postOfficeBox $ postalCode $ postalAddress $
++ physicalDeliveryOfficeName $ st $ l ) )
++
++objectclass ( 2.5.6.11 NAME 'applicationProcess'
++ DESC 'RFC2256: an application process'
++ SUP top STRUCTURAL
++ MUST cn
++ MAY ( seeAlso $ ou $ l $ description ) )
++
++objectclass ( 2.5.6.12 NAME 'applicationEntity'
++ DESC 'RFC2256: an application entity'
++ SUP top STRUCTURAL
++ MUST ( presentationAddress $ cn )
++ MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
++ description ) )
++
++objectclass ( 2.5.6.13 NAME 'dSA'
++ DESC 'RFC2256: a directory system agent (a server)'
++ SUP applicationEntity STRUCTURAL
++ MAY knowledgeInformation )
++
++objectclass ( 2.5.6.14 NAME 'device'
++ DESC 'RFC2256: a device'
++ SUP top STRUCTURAL
++ MUST cn
++ MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
++
++objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser'
++ DESC 'RFC2256: a strong authentication user'
++ SUP top AUXILIARY
++ MUST userCertificate )
++
++objectclass ( 2.5.6.16 NAME 'certificationAuthority'
++ DESC 'RFC2256: a certificate authority'
++ SUP top AUXILIARY
++ MUST ( authorityRevocationList $ certificateRevocationList $
++ cACertificate ) MAY crossCertificatePair )
++
++objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
++ DESC 'RFC2256: a group of unique names (DN and Unique Identifier)'
++ SUP top STRUCTURAL
++ MUST ( uniqueMember $ cn )
++ MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
++
++objectclass ( 2.5.6.18 NAME 'userSecurityInformation'
++ DESC 'RFC2256: a user security information'
++ SUP top AUXILIARY
++ MAY ( supportedAlgorithms ) )
++
++objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2'
++ SUP certificationAuthority
++ AUXILIARY MAY ( deltaRevocationList ) )
++
++objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint'
++ SUP top STRUCTURAL
++ MUST ( cn )
++ MAY ( certificateRevocationList $ authorityRevocationList $
++ deltaRevocationList ) )
++
++objectclass ( 2.5.6.20 NAME 'dmd'
++ SUP top STRUCTURAL
++ MUST ( dmdName )
++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
++ x121Address $ registeredAddress $ destinationIndicator $
++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
++ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
++ street $ postOfficeBox $ postalCode $ postalAddress $
++ physicalDeliveryOfficeName $ st $ l $ description ) )
++
++#
++# Object Classes from RFC 2587
++#
++objectclass ( 2.5.6.21 NAME 'pkiUser'
++ DESC 'RFC2587: a PKI user'
++ SUP top AUXILIARY
++ MAY userCertificate )
++
++objectclass ( 2.5.6.22 NAME 'pkiCA'
++ DESC 'RFC2587: PKI certificate authority'
++ SUP top AUXILIARY
++ MAY ( authorityRevocationList $ certificateRevocationList $
++ cACertificate $ crossCertificatePair ) )
++
++objectclass ( 2.5.6.23 NAME 'deltaCRL'
++ DESC 'RFC2587: PKI user'
++ SUP top AUXILIARY
++ MAY deltaRevocationList )
++
++#
++# Standard Track URI label schema from RFC 2079
++# system schema
++#attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
++# DESC 'RFC2079: Uniform Resource Identifier with optional label'
++# EQUALITY caseExactMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++
++objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
++ DESC 'RFC2079: object that contains the URI attribute type'
++ SUP top AUXILIARY
++ MAY ( labeledURI ) )
++
++#
++# Derived from RFC 1274, but with new "short names"
++#
++#attributetype ( 0.9.2342.19200300.100.1.1
++# NAME ( 'uid' 'userid' )
++# DESC 'RFC1274: user identifier'
++# EQUALITY caseIgnoreMatch
++# SUBSTR caseIgnoreSubstringsMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.3
++ NAME ( 'mail' 'rfc822Mailbox' )
++ DESC 'RFC1274: RFC822 Mailbox'
++ EQUALITY caseIgnoreIA5Match
++ SUBSTR caseIgnoreIA5SubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
++
++objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
++ DESC 'RFC1274: simple security object'
++ SUP top AUXILIARY
++ MUST userPassword )
++
++# RFC 1274 + RFC 2247
++attributetype ( 0.9.2342.19200300.100.1.25
++ NAME ( 'dc' 'domainComponent' )
++ DESC 'RFC1274/2247: domain component'
++ EQUALITY caseIgnoreIA5Match
++ SUBSTR caseIgnoreIA5SubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
++
++# RFC 2247
++objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
++ DESC 'RFC2247: domain component object'
++ SUP top AUXILIARY MUST dc )
++
++# RFC 2377
++objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject'
++ DESC 'RFC2377: uid object'
++ SUP top AUXILIARY MUST uid )
++
++# RFC 4524
++# The 'associatedDomain' attribute specifies DNS [RFC1034][RFC2181]
++# host names [RFC1123] that are associated with an object. That is,
++# values of this attribute should conform to the following ABNF:
++#
++# domain = root / label *( DOT label )
++# root = SPACE
++# label = LETDIG [ *61( LETDIG / HYPHEN ) LETDIG ]
++# LETDIG = %x30-39 / %x41-5A / %x61-7A ; "0" - "9" / "A"-"Z" / "a"-"z"
++# SPACE = %x20 ; space (" ")
++# HYPHEN = %x2D ; hyphen ("-")
++# DOT = %x2E ; period (".")
++attributetype ( 0.9.2342.19200300.100.1.37
++ NAME 'associatedDomain'
++ DESC 'RFC1274: domain associated with object'
++ EQUALITY caseIgnoreIA5Match
++ SUBSTR caseIgnoreIA5SubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema)
++attributetype ( 1.2.840.113549.1.9.1
++ NAME ( 'email' 'emailAddress' 'pkcs9email' )
++ DESC 'RFC3280: legacy attribute for email addresses in DNs'
++ EQUALITY caseIgnoreIA5Match
++ SUBSTR caseIgnoreIA5SubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
++
--- /dev/null
--- /dev/null
++# RFC1274: Cosine and Internet X.500 schema
++# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.19.2.5 2007/01/02 21:44:09 kurt Exp $
++## This work is part of OpenLDAP Software <http://www.openldap.org/>.
++##
++## Copyright 1998-2007 The OpenLDAP Foundation.
++## All rights reserved.
++##
++## Redistribution and use in source and binary forms, with or without
++## modification, are permitted only as authorized by the OpenLDAP
++## Public License.
++##
++## A copy of this license is available in the file LICENSE in the
++## top-level directory of the distribution or, alternatively, at
++## <http://www.OpenLDAP.org/license.html>.
++
++# RFC1274: Cosine and Internet X.500 schema
++#
++# This file contains LDAPv3 schema derived from X.500 COSINE "pilot"
++# schema. As this schema was defined for X.500(89), some
++# oddities were introduced in the mapping to LDAPv3. The
++# mappings were based upon: draft-ietf-asid-ldapv3-attributes-03.txt
++# (a work in progress)
++#
++# Note: It seems that the pilot schema evolved beyond what was
++# described in RFC1274. However, this document attempts to describes
++# RFC1274 as published.
++#
++# Depends on core.schema
++
++# The version of this file as distributed by the OpenLDAP Foundation
++# contains text from an IETF RFC explaining the schema. Unfortunately,
++# that text is covered by a license that doesn't meet Debian's Free
++# Software Guidelines. This is a stripped version of the schema that
++# contains only the functional schema definition, not the text of the
++# RFC.
++#
++# For an explanation of this schema, see RFC 1274, at (among other
++# places): http://www.ietf.org/rfc/rfc1274.txt
++
++#(in core.schema)
++##attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' )
++## EQUALITY caseIgnoreMatch
++## SUBSTR caseIgnoreSubstringsMatch
++## SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++#(in core.schema)
++##attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' )
++## EQUALITY caseIgnoreIA5Match
++## SUBSTR caseIgnoreIA5SubstringsMatch
++## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info'
++ DESC 'RFC1274: general information'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )
++
++attributetype ( 0.9.2342.19200300.100.1.5
++ NAME ( 'drink' 'favouriteDrink' )
++ DESC 'RFC1274: favorite drink'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber'
++ DESC 'RFC1274: room number'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo'
++ DESC 'RFC1274: photo (G3 fax)'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )
++
++attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass'
++ DESC 'RFC1274: category of user'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host'
++ DESC 'RFC1274: host computer'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager'
++ DESC 'RFC1274: DN of manager'
++ EQUALITY distinguishedNameMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
++
++attributetype ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier'
++ DESC 'RFC1274: unique identifier of document'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
++ DESC 'RFC1274: title of document'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion'
++ DESC 'RFC1274: version of document'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor'
++ DESC 'RFC1274: DN of author of document'
++ EQUALITY distinguishedNameMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
++
++attributetype ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation'
++ DESC 'RFC1274: location of document original'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.20
++ NAME ( 'homePhone' 'homeTelephoneNumber' )
++ DESC 'RFC1274: home telephone number'
++ EQUALITY telephoneNumberMatch
++ SUBSTR telephoneNumberSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
++
++attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary'
++ DESC 'RFC1274: DN of secretary'
++ EQUALITY distinguishedNameMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
++
++attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )
++
++## Deprecated in favor of modifyTimeStamp
++#attributetype ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime'
++# DESC 'RFC1274: time of last modify, replaced by modifyTimestamp'
++# OBSOLETE
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.53
++# USAGE directoryOperation )
++
++## Deprecated in favor of modifiersName
++#attributetype ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy'
++# DESC 'RFC1274: last modifier, replaced by modifiersName'
++# OBSOLETE
++# EQUALITY distinguishedNameMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
++# USAGE directoryOperation )
++
++##(in core.schema)
++##attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' )
++## EQUALITY caseIgnoreIA5Match
++## SUBSTR caseIgnoreIA5SubstringsMatch
++## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
++
++## incorrect syntax?
++attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++## missing from RFC1274
++## incorrect syntax?
++attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++## incorrect syntax!!
++attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++## incorrect syntax!!
++attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++## incorrect syntax!!
++attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++## incorrect syntax!!
++attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++#attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain'
++# EQUALITY caseIgnoreIA5Match
++# SUBSTR caseIgnoreIA5SubstringsMatch
++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName'
++ DESC 'RFC1274: DN of entry associated with domain'
++ EQUALITY distinguishedNameMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
++
++attributetype ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress'
++ DESC 'RFC1274: home postal address'
++ EQUALITY caseIgnoreListMatch
++ SUBSTR caseIgnoreListSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
++
++attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
++ DESC 'RFC1274: personal title'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.41
++ NAME ( 'mobile' 'mobileTelephoneNumber' )
++ DESC 'RFC1274: mobile telephone number'
++ EQUALITY telephoneNumberMatch
++ SUBSTR telephoneNumberSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
++
++attributetype ( 0.9.2342.19200300.100.1.42
++ NAME ( 'pager' 'pagerTelephoneNumber' )
++ DESC 'RFC1274: pager telephone number'
++ EQUALITY telephoneNumberMatch
++ SUBSTR telephoneNumberSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
++
++attributetype ( 0.9.2342.19200300.100.1.43
++ NAME ( 'co' 'friendlyCountryName' )
++ DESC 'RFC1274: friendly country name'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++
++attributetype ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier'
++ DESC 'RFC1274: unique identifer'
++ EQUALITY caseIgnoreMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus'
++ DESC 'RFC1274: organizational status'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
++ DESC 'RFC1274: Janet mailbox'
++ EQUALITY caseIgnoreIA5Match
++ SUBSTR caseIgnoreIA5SubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.47
++ NAME 'mailPreferenceOption'
++ DESC 'RFC1274: mail preference option'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
++
++attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
++ DESC 'RFC1274: name of building'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
++
++attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality'
++ DESC 'RFC1274: DSA Quality'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE )
++
++attributetype ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality'
++ DESC 'RFC1274: Single Level Quality'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
++
++attributetype ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality'
++ DESC 'RFC1274: Subtree Mininum Quality'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
++
++attributetype ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality'
++ DESC 'RFC1274: Subtree Maximun Quality'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
++
++attributetype ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature'
++ DESC 'RFC1274: Personal Signature (G3 fax)'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 )
++
++attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
++ DESC 'RFC1274: DIT Redirect'
++ EQUALITY distinguishedNameMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
++
++attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio'
++ DESC 'RFC1274: audio (u-law)'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )
++
++attributetype ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher'
++ DESC 'RFC1274: publisher of document'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++
++#objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject'
++# DESC 'RFC1274: pilot object'
++# SUP top AUXILIARY
++# MAY ( info $ photo $ manager $ uniqueIdentifier $
++# lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio )
++# )
++
++objectclass ( 0.9.2342.19200300.100.4.4
++ NAME ( 'pilotPerson' 'newPilotPerson' )
++ SUP person STRUCTURAL
++ MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $
++ favouriteDrink $ roomNumber $ userClass $
++ homeTelephoneNumber $ homePostalAddress $ secretary $
++ personalTitle $ preferredDeliveryMethod $ businessCategory $
++ janetMailbox $ otherMailbox $ mobileTelephoneNumber $
++ pagerTelephoneNumber $ organizationalStatus $
++ mailPreferenceOption $ personalSignature )
++ )
++
++objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account'
++ SUP top STRUCTURAL
++ MUST userid
++ MAY ( description $ seeAlso $ localityName $
++ organizationName $ organizationalUnitName $ host )
++ )
++
++objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document'
++ SUP top STRUCTURAL
++ MUST documentIdentifier
++ MAY ( commonName $ description $ seeAlso $ localityName $
++ organizationName $ organizationalUnitName $
++ documentTitle $ documentVersion $ documentAuthor $
++ documentLocation $ documentPublisher )
++ )
++
++objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room'
++ SUP top STRUCTURAL
++ MUST commonName
++ MAY ( roomNumber $ description $ seeAlso $ telephoneNumber )
++ )
++
++objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries'
++ SUP top STRUCTURAL
++ MUST commonName
++ MAY ( description $ seeAlso $ telephonenumber $
++ localityName $ organizationName $ organizationalUnitName )
++ )
++
++objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain'
++ SUP top STRUCTURAL
++ MUST domainComponent
++ MAY ( associatedName $ organizationName $ description $
++ businessCategory $ seeAlso $ searchGuide $ userPassword $
++ localityName $ stateOrProvinceName $ streetAddress $
++ physicalDeliveryOfficeName $ postalAddress $ postalCode $
++ postOfficeBox $ streetAddress $
++ facsimileTelephoneNumber $ internationalISDNNumber $
++ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $
++ preferredDeliveryMethod $ destinationIndicator $
++ registeredAddress $ x121Address )
++ )
++
++objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart'
++ SUP domain STRUCTURAL
++ MAY ( commonName $ surname $ description $ seeAlso $ telephoneNumber $
++ physicalDeliveryOfficeName $ postalAddress $ postalCode $
++ postOfficeBox $ streetAddress $
++ facsimileTelephoneNumber $ internationalISDNNumber $
++ telephoneNumber $ teletexTerminalIdentifier $
++ telexNumber $ preferredDeliveryMethod $ destinationIndicator $
++ registeredAddress $ x121Address )
++ )
++
++objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain'
++ SUP domain STRUCTURAL
++ MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $
++ SOARecord $ CNAMERecord )
++ )
++
++objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject'
++ DESC 'RFC1274: an object related to an domain'
++ SUP top AUXILIARY
++ MUST associatedDomain )
++
++objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry'
++ SUP country STRUCTURAL
++ MUST friendlyCountryName )
++
++## (in core.schema)
++## objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
++## SUP top AUXILIARY
++## MUST userPassword )
++
++objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization'
++ SUP ( organization $ organizationalUnit ) STRUCTURAL
++ MAY buildingName )
++
++objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA'
++ SUP dsa STRUCTURAL
++ MAY dSAQuality )
++
++objectclass ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData'
++ SUP top AUXILIARY
++ MUST dsaQuality
++ MAY ( subtreeMinimumQuality $ subtreeMaximumQuality )
++ )
--- /dev/null
--- /dev/null
++# $OpenLDAP$
++## This work is part of OpenLDAP Software <http://www.openldap.org/>.
++##
++## Copyright 1998-2014 The OpenLDAP Foundation.
++## All rights reserved.
++##
++## Redistribution and use in source and binary forms, with or without
++## modification, are permitted only as authorized by the OpenLDAP
++## Public License.
++##
++## A copy of this license is available in the file LICENSE in the
++## top-level directory of the distribution or, alternatively, at
++## <http://www.OpenLDAP.org/license.html>.
++
++# DUA schema from draft-joslin-config-schema (a work in progress)
++
++# Contents of this file are subject to change (including deletion)
++# without notice.
++#
++# Not recommended for production use!
++# Use with extreme caution!
++
++## Notes:
++## - The matching rule for attributes followReferrals and dereferenceAliases
++## has been changed to booleanMatch since their syntax is boolean
++## - There was a typo in the name of the dereferenceAliases attributeType
++## in the DUAConfigProfile objectClass definition
++## - Credit goes to the original Authors
++
++# The version of this file as distributed by the OpenLDAP Foundation
++# contains text from an IETF Internet-Draft explaining the schema.
++# Unfortunately, that text is covered by a license that doesn't meet
++# Debian's Free Software Guidelines. This is a stripped version of the
++# schema that contains only the functional schema definition, not the text
++# of the Internet-Draft.
++#
++# For an explanation of this schema, see
++# draft-joslin-config-schema-07.txt.
++
++objectidentifier DUAConfSchemaOID 1.3.6.1.4.1.11.1.3.1
++
++attributeType ( DUAConfSchemaOID:1.0 NAME 'defaultServerList'
++ DESC 'Default LDAP server host address used by a DUA'
++ EQUALITY caseIgnoreMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
++ SINGLE-VALUE )
++
++attributeType ( DUAConfSchemaOID:1.1 NAME 'defaultSearchBase'
++ DESC 'Default LDAP base DN used by a DUA'
++ EQUALITY distinguishedNameMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
++ SINGLE-VALUE )
++
++attributeType ( DUAConfSchemaOID:1.2 NAME 'preferredServerList'
++ DESC 'Preferred LDAP server host addresses to be used by a
++ DUA'
++ EQUALITY caseIgnoreMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
++ SINGLE-VALUE )
++
++attributeType ( DUAConfSchemaOID:1.3 NAME 'searchTimeLimit'
++ DESC 'Maximum time in seconds a DUA should allow for a
++ search to complete'
++ EQUALITY integerMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributeType ( DUAConfSchemaOID:1.4 NAME 'bindTimeLimit'
++ DESC 'Maximum time in seconds a DUA should allow for the
++ bind operation to complete'
++ EQUALITY integerMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributeType ( DUAConfSchemaOID:1.5 NAME 'followReferrals'
++ DESC 'Tells DUA if it should follow referrals
++ returned by a DSA search result'
++ EQUALITY booleanMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
++ SINGLE-VALUE )
++
++attributeType ( DUAConfSchemaOID:1.16 NAME 'dereferenceAliases'
++ DESC 'Tells DUA if it should dereference aliases'
++ EQUALITY booleanMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
++ SINGLE-VALUE )
++
++attributeType ( DUAConfSchemaOID:1.6 NAME 'authenticationMethod'
++ DESC 'A keystring which identifies the type of
++ authentication method used to contact the DSA'
++ EQUALITY caseIgnoreMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
++ SINGLE-VALUE )
++
++attributeType ( DUAConfSchemaOID:1.7 NAME 'profileTTL'
++ DESC 'Time to live, in seconds, before a client DUA
++ should re-read this configuration profile'
++ EQUALITY integerMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributeType ( DUAConfSchemaOID:1.14 NAME 'serviceSearchDescriptor'
++ DESC 'LDAP search descriptor list used by a DUA'
++ EQUALITY caseExactMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++
++attributeType ( DUAConfSchemaOID:1.9 NAME 'attributeMap'
++ DESC 'Attribute mappings used by a DUA'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++attributeType ( DUAConfSchemaOID:1.10 NAME 'credentialLevel'
++ DESC 'Identifies type of credentials a DUA should
++ use when binding to the LDAP server'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
++ SINGLE-VALUE )
++
++attributeType ( DUAConfSchemaOID:1.11 NAME 'objectclassMap'
++ DESC 'Objectclass mappings used by a DUA'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++attributeType ( DUAConfSchemaOID:1.12 NAME 'defaultSearchScope'
++ DESC 'Default search scope used by a DUA'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
++ SINGLE-VALUE )
++
++attributeType ( DUAConfSchemaOID:1.13 NAME 'serviceCredentialLevel'
++ DESC 'Identifies type of credentials a DUA
++ should use when binding to the LDAP server for a
++ specific service'
++ EQUALITY caseIgnoreIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++attributeType ( DUAConfSchemaOID:1.15 NAME 'serviceAuthenticationMethod'
++ DESC 'Authentication method used by a service of the DUA'
++ EQUALITY caseIgnoreMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++
++objectClass ( DUAConfSchemaOID:2.5 NAME 'DUAConfigProfile'
++ SUP top STRUCTURAL
++ DESC 'Abstraction of a base configuration for a DUA'
++ MUST ( cn )
++ MAY ( defaultServerList $ preferredServerList $
++ defaultSearchBase $ defaultSearchScope $
++ searchTimeLimit $ bindTimeLimit $
++ credentialLevel $ authenticationMethod $
++ followReferrals $ dereferenceAliases $
++ serviceSearchDescriptor $ serviceCredentialLevel $
++ serviceAuthenticationMethod $ objectclassMap $
++ attributeMap $ profileTTL ) )
--- /dev/null
--- /dev/null
++# inetorgperson.schema -- InetOrgPerson (RFC2798)
++# $OpenLDAP$
++## This work is part of OpenLDAP Software <http://www.openldap.org/>.
++##
++## Copyright 1998-2014 The OpenLDAP Foundation.
++## All rights reserved.
++##
++## Redistribution and use in source and binary forms, with or without
++## modification, are permitted only as authorized by the OpenLDAP
++## Public License.
++##
++## A copy of this license is available in the file LICENSE in the
++## top-level directory of the distribution or, alternatively, at
++## <http://www.OpenLDAP.org/license.html>.
++#
++# InetOrgPerson (RFC2798)
++#
++# Depends upon
++# Definition of an X.500 Attribute Type and an Object Class to Hold
++# Uniform Resource Identifiers (URIs) [RFC2079]
++# (core.schema)
++#
++# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256]
++# (core.schema)
++#
++# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema)
++
++# The version of this file as distributed by the OpenLDAP Foundation
++# contains text from an IETF RFC explaining the schema. Unfortunately,
++# that text is covered by a license that doesn't meet Debian's Free
++# Software Guidelines. This is a stripped version of the schema that
++# contains only the functional schema definition, not the text of the
++# RFC.
++#
++# For an explanation of this schema, see RFC 2798, at (among other
++# places): http://www.ietf.org/rfc/rfc2798.txt
++
++attributetype ( 2.16.840.1.113730.3.1.1
++ NAME 'carLicense'
++ DESC 'RFC2798: vehicle license or registration plate'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++
++attributetype ( 2.16.840.1.113730.3.1.2
++ NAME 'departmentNumber'
++ DESC 'RFC2798: identifies a department within an organization'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++
++attributetype ( 2.16.840.1.113730.3.1.241
++ NAME 'displayName'
++ DESC 'RFC2798: preferred name to be used when displaying entries'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
++ SINGLE-VALUE )
++
++attributetype ( 2.16.840.1.113730.3.1.3
++ NAME 'employeeNumber'
++ DESC 'RFC2798: numerically identifies an employee within an organization'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
++ SINGLE-VALUE )
++
++attributetype ( 2.16.840.1.113730.3.1.4
++ NAME 'employeeType'
++ DESC 'RFC2798: type of employment for a person'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++
++attributetype ( 0.9.2342.19200300.100.1.60
++ NAME 'jpegPhoto'
++ DESC 'RFC2798: a JPEG image'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )
++
++attributetype ( 2.16.840.1.113730.3.1.39
++ NAME 'preferredLanguage'
++ DESC 'RFC2798: preferred written or spoken language for a person'
++ EQUALITY caseIgnoreMatch
++ SUBSTR caseIgnoreSubstringsMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
++ SINGLE-VALUE )
++
++## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary
++attributetype ( 2.16.840.1.113730.3.1.40
++ NAME 'userSMIMECertificate'
++ DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
++
++## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary
++attributetype ( 2.16.840.1.113730.3.1.216
++ NAME 'userPKCS12'
++ DESC 'RFC2798: personal identity information, a PKCS #12 PFX'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
++
++objectclass ( 2.16.840.1.113730.3.2.2
++ NAME 'inetOrgPerson'
++ DESC 'RFC2798: Internet Organizational Person'
++ SUP organizationalPerson
++ STRUCTURAL
++ MAY (
++ audio $ businessCategory $ carLicense $ departmentNumber $
++ displayName $ employeeNumber $ employeeType $ givenName $
++ homePhone $ homePostalAddress $ initials $ jpegPhoto $
++ labeledURI $ mail $ manager $ mobile $ o $ pager $
++ photo $ roomNumber $ secretary $ uid $ userCertificate $
++ x500uniqueIdentifier $ preferredLanguage $
++ userSMIMECertificate $ userPKCS12 )
++ )
--- /dev/null
--- /dev/null
++# java.schema -- Java Object Schema
++# $OpenLDAP: pkg/ldap/servers/slapd/schema/java.schema,v 1.5.2.3 2007/01/02 21:44:09 kurt Exp $
++## This work is part of OpenLDAP Software <http://www.openldap.org/>.
++##
++## Copyright 1998-2007 The OpenLDAP Foundation.
++## All rights reserved.
++##
++## Redistribution and use in source and binary forms, with or without
++## modification, are permitted only as authorized by the OpenLDAP
++## Public License.
++##
++## A copy of this license is available in the file LICENSE in the
++## top-level directory of the distribution or, alternatively, at
++## <http://www.OpenLDAP.org/license.html>.
++#
++# Java Object Schema (defined in RFC 2713)
++# depends upon core.schema
++#
++
++# The version of this file as distributed by the OpenLDAP Foundation
++# contains text from an IETF RFC explaining the schema. Unfortunately,
++# that text is covered by a license that doesn't meet Debian's Free
++# Software Guidelines. This is a stripped version of the schema that
++# contains only the functional schema definition, not the text of the
++# RFC.
++#
++# For an explanation of this schema, see RFC 2713, at (among other
++# places): http://www.ietf.org/rfc/rfc2713.txt
++
++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.6
++ NAME 'javaClassName'
++ DESC 'Fully qualified name of distinguished Java class or interface'
++ EQUALITY caseExactMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.7
++ NAME 'javaCodebase'
++ DESC 'URL(s) specifying the location of class definition'
++ EQUALITY caseExactIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.13
++ NAME 'javaClassNames'
++ DESC 'Fully qualified Java class or interface name'
++ EQUALITY caseExactMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.8
++ NAME 'javaSerializedData'
++ DESC 'Serialized form of a Java object'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.10
++ NAME 'javaFactory'
++ DESC 'Fully qualified Java class name of a JNDI object factory'
++ EQUALITY caseExactMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.11
++ NAME 'javaReferenceAddress'
++ DESC 'Addresses associated with a JNDI Reference'
++ EQUALITY caseExactMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.12
++ NAME 'javaDoc'
++ DESC 'The Java documentation for the class'
++ EQUALITY caseExactIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
++
++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.1
++ NAME 'javaContainer'
++ DESC 'Container for a Java object'
++ SUP top
++ STRUCTURAL
++ MUST cn )
++
++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.4
++ NAME 'javaObject'
++ DESC 'Java object representation'
++ SUP top
++ ABSTRACT
++ MUST javaClassName
++ MAY ( javaClassNames $ javaCodebase $
++ javaDoc $ description ) )
++
++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.5
++ NAME 'javaSerializedObject'
++ DESC 'Java serialized object'
++ SUP javaObject
++ AUXILIARY
++ MUST javaSerializedData )
++
++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.8
++ NAME 'javaMarshalledObject'
++ DESC 'Java marshalled object'
++ SUP javaObject
++ AUXILIARY
++ MUST javaSerializedData )
++
++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.7
++ NAME 'javaNamingReference'
++ DESC 'JNDI reference'
++ SUP javaObject
++ AUXILIARY
++ MAY ( javaReferenceAddress $ javaFactory ) )
--- /dev/null
--- /dev/null
++# OpenLDAP X.509 PMI schema
++# $OpenLDAP$
++## This work is part of OpenLDAP Software <http://www.openldap.org/>.
++##
++## Copyright 1998-2014 The OpenLDAP Foundation.
++## All rights reserved.
++##
++## Redistribution and use in source and binary forms, with or without
++## modification, are permitted only as authorized by the OpenLDAP
++## Public License.
++##
++## A copy of this license is available in the file LICENSE in the
++## top-level directory of the distribution or, alternatively, at
++## <http://www.OpenLDAP.org/license.html>.
++#
++
++# The version of this file as distributed by the OpenLDAP Foundation
++# contains text claiming copyright by the Internet Society and including
++# the IETF RFC license, which does not meet Debian's Free Software
++# Guidelines. However, apart from short and obvious comments, the text of
++# this file is purely a functional interface specification, which is not
++# subject to that license and is not copyrightable under US law.
++#
++# The license statement is retained below so as not to remove credit, but
++# as best as we can determine, it is not applicable to the contents of
++# this file.
++
++## Portions Copyright (C) The Internet Society (1997-2006).
++## All Rights Reserved.
++##
++## This document and translations of it may be copied and furnished to
++## others, and derivative works that comment on or otherwise explain it
++## or assist in its implementation may be prepared, copied, published
++## and distributed, in whole or in part, without restriction of any
++## kind, provided that the above copyright notice and this paragraph are
++## included on all such copies and derivative works. However, this
++## document itself may not be modified in any way, such as by removing
++## the copyright notice or references to the Internet Society or other
++## Internet organizations, except as needed for the purpose of
++## developing Internet standards in which case the procedures for
++## copyrights defined in the Internet Standards process must be
++## followed, or as required to translate it into languages other than
++## English.
++##
++## The limited permissions granted above are perpetual and will not be
++## revoked by the Internet Society or its successors or assigns.
++##
++## This document and the information contained herein is provided on an
++## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
++## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
++## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
++## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
++## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
++
++#
++#
++# Includes LDAPv3 schema items from:
++# ITU X.509 (08/2005)
++#
++## X.509 (08/2005) pp. 120-121
++##
++## -- object identifier assignments --
++## -- object classes --
++## id-oc-pmiUser OBJECT IDENTIFIER ::= {id-oc 24}
++## id-oc-pmiAA OBJECT IDENTIFIER ::= {id-oc 25}
++## id-oc-pmiSOA OBJECT IDENTIFIER ::= {id-oc 26}
++## id-oc-attCertCRLDistributionPts OBJECT IDENTIFIER ::= {id-oc 27}
++## id-oc-privilegePolicy OBJECT IDENTIFIER ::= {id-oc 32}
++## id-oc-pmiDelegationPath OBJECT IDENTIFIER ::= {id-oc 33}
++## id-oc-protectedPrivilegePolicy OBJECT IDENTIFIER ::= {id-oc 34}
++## -- directory attributes --
++## id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58}
++## id-at-attributeCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 59}
++## id-at-aACertificate OBJECT IDENTIFIER ::= {id-at 61}
++## id-at-attributeDescriptorCertificate OBJECT IDENTIFIER ::= {id-at 62}
++## id-at-attributeAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 63}
++## id-at-privPolicy OBJECT IDENTIFIER ::= {id-at 71}
++## id-at-role OBJECT IDENTIFIER ::= {id-at 72}
++## id-at-delegationPath OBJECT IDENTIFIER ::= {id-at 73}
++## id-at-protPrivPolicy OBJECT IDENTIFIER ::= {id-at 74}
++## id-at-xMLPrivilegeInfo OBJECT IDENTIFIER ::= {id-at 75}
++## id-at-xMLPprotPrivPolicy OBJECT IDENTIFIER ::= {id-at 76}
++## -- attribute certificate extensions --
++## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38}
++## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39}
++## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41}
++## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42}
++## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43}
++## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48}
++## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49}
++## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50}
++## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52}
++## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55}
++## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56}
++## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57}
++## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61}
++## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62}
++## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64}
++## -- PMI matching rules --
++## id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42}
++## id-mr-attributeCertificateExactMatch OBJECT IDENTIFIER ::= {id-mr 45}
++## id-mr-holderIssuerMatch OBJECT IDENTIFIER ::= {id-mr 46}
++## id-mr-authAttIdMatch OBJECT IDENTIFIER ::= {id-mr 53}
++## id-mr-roleSpecCertIdMatch OBJECT IDENTIFIER ::= {id-mr 54}
++## id-mr-basicAttConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 55}
++## id-mr-delegatedNameConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 56}
++## id-mr-timeSpecMatch OBJECT IDENTIFIER ::= {id-mr 57}
++## id-mr-attDescriptorMatch OBJECT IDENTIFIER ::= {id-mr 58}
++## id-mr-acceptableCertPoliciesMatch OBJECT IDENTIFIER ::= {id-mr 59}
++## id-mr-delegationPathMatch OBJECT IDENTIFIER ::= {id-mr 61}
++## id-mr-sOAIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 66}
++## id-mr-indirectIssuerMatch OBJECT IDENTIFIER ::= {id-mr 67}
++##
++##
++## X.509 (08/2005) pp. 71, 86-89
++##
++## 14.4.1 Role attribute
++## role ATTRIBUTE ::= {
++## WITH SYNTAX RoleSyntax
++## ID id-at-role }
++## RoleSyntax ::= SEQUENCE {
++## roleAuthority [0] GeneralNames OPTIONAL,
++## roleName [1] GeneralName }
++##
++## 14.5 XML privilege information attribute
++## xmlPrivilegeInfo ATTRIBUTE ::= {
++## WITH SYNTAX UTF8String -- contains XML-encoded privilege information
++## ID id-at-xMLPrivilegeInfo }
++##
++## 17.1 PMI directory object classes
++##
++## 17.1.1 PMI user object class
++## pmiUser OBJECT-CLASS ::= {
++## -- a PMI user (i.e., a "holder")
++## SUBCLASS OF {top}
++## KIND auxiliary
++## MAY CONTAIN {attributeCertificateAttribute}
++## ID id-oc-pmiUser }
++##
++## 17.1.2 PMI AA object class
++## pmiAA OBJECT-CLASS ::= {
++## -- a PMI AA
++## SUBCLASS OF {top}
++## KIND auxiliary
++## MAY CONTAIN {aACertificate |
++## attributeCertificateRevocationList |
++## attributeAuthorityRevocationList}
++## ID id-oc-pmiAA }
++##
++## 17.1.3 PMI SOA object class
++## pmiSOA OBJECT-CLASS ::= { -- a PMI Source of Authority
++## SUBCLASS OF {top}
++## KIND auxiliary
++## MAY CONTAIN {attributeCertificateRevocationList |
++## attributeAuthorityRevocationList |
++## attributeDescriptorCertificate}
++## ID id-oc-pmiSOA }
++##
++## 17.1.4 Attribute certificate CRL distribution point object class
++## attCertCRLDistributionPt OBJECT-CLASS ::= {
++## SUBCLASS OF {top}
++## KIND auxiliary
++## MAY CONTAIN { attributeCertificateRevocationList |
++## attributeAuthorityRevocationList }
++## ID id-oc-attCertCRLDistributionPts }
++##
++## 17.1.5 PMI delegation path
++## pmiDelegationPath OBJECT-CLASS ::= {
++## SUBCLASS OF {top}
++## KIND auxiliary
++## MAY CONTAIN { delegationPath }
++## ID id-oc-pmiDelegationPath }
++##
++## 17.1.6 Privilege policy object class
++## privilegePolicy OBJECT-CLASS ::= {
++## SUBCLASS OF {top}
++## KIND auxiliary
++## MAY CONTAIN {privPolicy }
++## ID id-oc-privilegePolicy }
++##
++## 17.1.7 Protected privilege policy object class
++## protectedPrivilegePolicy OBJECT-CLASS ::= {
++## SUBCLASS OF {top}
++## KIND auxiliary
++## MAY CONTAIN {protPrivPolicy }
++## ID id-oc-protectedPrivilegePolicy }
++##
++## 17.2 PMI Directory attributes
++##
++## 17.2.1 Attribute certificate attribute
++## attributeCertificateAttribute ATTRIBUTE ::= {
++## WITH SYNTAX AttributeCertificate
++## EQUALITY MATCHING RULE attributeCertificateExactMatch
++## ID id-at-attributeCertificate }
++##
++## 17.2.2 AA certificate attribute
++## aACertificate ATTRIBUTE ::= {
++## WITH SYNTAX AttributeCertificate
++## EQUALITY MATCHING RULE attributeCertificateExactMatch
++## ID id-at-aACertificate }
++##
++## 17.2.3 Attribute descriptor certificate attribute
++## attributeDescriptorCertificate ATTRIBUTE ::= {
++## WITH SYNTAX AttributeCertificate
++## EQUALITY MATCHING RULE attributeCertificateExactMatch
++## ID id-at-attributeDescriptorCertificate }
++##
++## 17.2.4 Attribute certificate revocation list attribute
++## attributeCertificateRevocationList ATTRIBUTE ::= {
++## WITH SYNTAX CertificateList
++## EQUALITY MATCHING RULE certificateListExactMatch
++## ID id-at-attributeCertificateRevocationList}
++##
++## 17.2.5 AA certificate revocation list attribute
++## attributeAuthorityRevocationList ATTRIBUTE ::= {
++## WITH SYNTAX CertificateList
++## EQUALITY MATCHING RULE certificateListExactMatch
++## ID id-at-attributeAuthorityRevocationList }
++##
++## 17.2.6 Delegation path attribute
++## delegationPath ATTRIBUTE ::= {
++## WITH SYNTAX AttCertPath
++## ID id-at-delegationPath }
++## AttCertPath ::= SEQUENCE OF AttributeCertificate
++##
++## 17.2.7 Privilege policy attribute
++## privPolicy ATTRIBUTE ::= {
++## WITH SYNTAX PolicySyntax
++## ID id-at-privPolicy }
++##
++## 17.2.8 Protected privilege policy attribute
++## protPrivPolicy ATTRIBUTE ::= {
++## WITH SYNTAX AttributeCertificate
++## EQUALITY MATCHING RULE attributeCertificateExactMatch
++## ID id-at-protPrivPolicy }
++##
++## 17.2.9 XML Protected privilege policy attribute
++## xmlPrivPolicy ATTRIBUTE ::= {
++## WITH SYNTAX UTF8String -- contains XML-encoded privilege policy information
++## ID id-at-xMLPprotPrivPolicy }
++##
++
++## -- object identifier assignments --
++## -- object classes --
++objectidentifier id-oc-pmiUser 2.5.6.24
++objectidentifier id-oc-pmiAA 2.5.6.25
++objectidentifier id-oc-pmiSOA 2.5.6.26
++objectidentifier id-oc-attCertCRLDistributionPts 2.5.6.27
++objectidentifier id-oc-privilegePolicy 2.5.6.32
++objectidentifier id-oc-pmiDelegationPath 2.5.6.33
++objectidentifier id-oc-protectedPrivilegePolicy 2.5.6.34
++## -- directory attributes --
++objectidentifier id-at-attributeCertificate 2.5.4.58
++objectidentifier id-at-attributeCertificateRevocationList 2.5.4.59
++objectidentifier id-at-aACertificate 2.5.4.61
++objectidentifier id-at-attributeDescriptorCertificate 2.5.4.62
++objectidentifier id-at-attributeAuthorityRevocationList 2.5.4.63
++objectidentifier id-at-privPolicy 2.5.4.71
++objectidentifier id-at-role 2.5.4.72
++objectidentifier id-at-delegationPath 2.5.4.73
++objectidentifier id-at-protPrivPolicy 2.5.4.74
++objectidentifier id-at-xMLPrivilegeInfo 2.5.4.75
++objectidentifier id-at-xMLPprotPrivPolicy 2.5.4.76
++## -- attribute certificate extensions --
++## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38}
++## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39}
++## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41}
++## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42}
++## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43}
++## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48}
++## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49}
++## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50}
++## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52}
++## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55}
++## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56}
++## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57}
++## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61}
++## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62}
++## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64}
++## -- PMI matching rules --
++objectidentifier id-mr 2.5.13
++objectidentifier id-mr-attributeCertificateMatch id-mr:42
++objectidentifier id-mr-attributeCertificateExactMatch id-mr:45
++objectidentifier id-mr-holderIssuerMatch id-mr:46
++objectidentifier id-mr-authAttIdMatch id-mr:53
++objectidentifier id-mr-roleSpecCertIdMatch id-mr:54
++objectidentifier id-mr-basicAttConstraintsMatch id-mr:55
++objectidentifier id-mr-delegatedNameConstraintsMatch id-mr:56
++objectidentifier id-mr-timeSpecMatch id-mr:57
++objectidentifier id-mr-attDescriptorMatch id-mr:58
++objectidentifier id-mr-acceptableCertPoliciesMatch id-mr:59
++objectidentifier id-mr-delegationPathMatch id-mr:61
++objectidentifier id-mr-sOAIdentifierMatch id-mr:66
++objectidentifier id-mr-indirectIssuerMatch id-mr:67
++## -- syntaxes --
++## NOTE: 1.3.6.1.4.1.4203.666.11.10 is the oid arc assigned by OpenLDAP
++## to this work in progress
++objectidentifier AttributeCertificate 1.3.6.1.4.1.4203.666.11.10.2.1
++objectidentifier CertificateList 1.3.6.1.4.1.1466.115.121.1.9
++objectidentifier AttCertPath 1.3.6.1.4.1.4203.666.11.10.2.4
++objectidentifier PolicySyntax 1.3.6.1.4.1.4203.666.11.10.2.5
++objectidentifier RoleSyntax 1.3.6.1.4.1.4203.666.11.10.2.6
++# NOTE: OIDs from <draft-ietf-pkix-ldap-schema-02.txt> (expired)
++#objectidentifier AttributeCertificate 1.2.826.0.1.3344810.7.5
++#objectidentifier AttCertPath 1.2.826.0.1.3344810.7.10
++#objectidentifier PolicySyntax 1.2.826.0.1.3344810.7.17
++#objectidentifier RoleSyntax 1.2.826.0.1.3344810.7.13
++##
++## Substitute syntaxes
++##
++## AttCertPath
++ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.4
++ NAME 'AttCertPath'
++ DESC 'X.509 PMI attribute cartificate path: SEQUENCE OF AttributeCertificate'
++ X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' )
++##
++## PolicySyntax
++ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.5
++ NAME 'PolicySyntax'
++ DESC 'X.509 PMI policy syntax'
++ X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' )
++##
++## RoleSyntax
++ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.6
++ NAME 'RoleSyntax'
++ DESC 'X.509 PMI role syntax'
++ X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' )
++##
++## X.509 (08/2005) pp. 71, 86-89
++##
++## 14.4.1 Role attribute
++attributeType ( id-at-role
++ NAME 'role'
++ DESC 'X.509 Role attribute, use ;binary'
++ SYNTAX RoleSyntax )
++##
++## 14.5 XML privilege information attribute
++## -- contains XML-encoded privilege information
++attributeType ( id-at-xMLPrivilegeInfo
++ NAME 'xmlPrivilegeInfo'
++ DESC 'X.509 XML privilege information attribute'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++##
++## 17.2 PMI Directory attributes
++##
++## 17.2.1 Attribute certificate attribute
++attributeType ( id-at-attributeCertificate
++ NAME 'attributeCertificateAttribute'
++ DESC 'X.509 Attribute certificate attribute, use ;binary'
++ SYNTAX AttributeCertificate
++ EQUALITY attributeCertificateExactMatch )
++##
++## 17.2.2 AA certificate attribute
++attributeType ( id-at-aACertificate
++ NAME 'aACertificate'
++ DESC 'X.509 AA certificate attribute, use ;binary'
++ SYNTAX AttributeCertificate
++ EQUALITY attributeCertificateExactMatch )
++##
++## 17.2.3 Attribute descriptor certificate attribute
++attributeType ( id-at-attributeDescriptorCertificate
++ NAME 'attributeDescriptorCertificate'
++ DESC 'X.509 Attribute descriptor certificate attribute, use ;binary'
++ SYNTAX AttributeCertificate
++ EQUALITY attributeCertificateExactMatch )
++##
++## 17.2.4 Attribute certificate revocation list attribute
++attributeType ( id-at-attributeCertificateRevocationList
++ NAME 'attributeCertificateRevocationList'
++ DESC 'X.509 Attribute certificate revocation list attribute, use ;binary'
++ SYNTAX CertificateList
++ X-EQUALITY 'certificateListExactMatch, not implemented yet' )
++##
++## 17.2.5 AA certificate revocation list attribute
++attributeType ( id-at-attributeAuthorityRevocationList
++ NAME 'attributeAuthorityRevocationList'
++ DESC 'X.509 AA certificate revocation list attribute, use ;binary'
++ SYNTAX CertificateList
++ X-EQUALITY 'certificateListExactMatch, not implemented yet' )
++##
++## 17.2.6 Delegation path attribute
++attributeType ( id-at-delegationPath
++ NAME 'delegationPath'
++ DESC 'X.509 Delegation path attribute, use ;binary'
++ SYNTAX AttCertPath )
++## AttCertPath ::= SEQUENCE OF AttributeCertificate
++##
++## 17.2.7 Privilege policy attribute
++attributeType ( id-at-privPolicy
++ NAME 'privPolicy'
++ DESC 'X.509 Privilege policy attribute, use ;binary'
++ SYNTAX PolicySyntax )
++##
++## 17.2.8 Protected privilege policy attribute
++attributeType ( id-at-protPrivPolicy
++ NAME 'protPrivPolicy'
++ DESC 'X.509 Protected privilege policy attribute, use ;binary'
++ SYNTAX AttributeCertificate
++ EQUALITY attributeCertificateExactMatch )
++##
++## 17.2.9 XML Protected privilege policy attribute
++## -- contains XML-encoded privilege policy information
++attributeType ( id-at-xMLPprotPrivPolicy
++ NAME 'xmlPrivPolicy'
++ DESC 'X.509 XML Protected privilege policy attribute'
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
++##
++## 17.1 PMI directory object classes
++##
++## 17.1.1 PMI user object class
++## -- a PMI user (i.e., a "holder")
++objectClass ( id-oc-pmiUser
++ NAME 'pmiUser'
++ DESC 'X.509 PMI user object class'
++ SUP top
++ AUXILIARY
++ MAY ( attributeCertificateAttribute ) )
++##
++## 17.1.2 PMI AA object class
++## -- a PMI AA
++objectClass ( id-oc-pmiAA
++ NAME 'pmiAA'
++ DESC 'X.509 PMI AA object class'
++ SUP top
++ AUXILIARY
++ MAY ( aACertificate $
++ attributeCertificateRevocationList $
++ attributeAuthorityRevocationList
++ ) )
++##
++## 17.1.3 PMI SOA object class
++## -- a PMI Source of Authority
++objectClass ( id-oc-pmiSOA
++ NAME 'pmiSOA'
++ DESC 'X.509 PMI SOA object class'
++ SUP top
++ AUXILIARY
++ MAY ( attributeCertificateRevocationList $
++ attributeAuthorityRevocationList $
++ attributeDescriptorCertificate
++ ) )
++##
++## 17.1.4 Attribute certificate CRL distribution point object class
++objectClass ( id-oc-attCertCRLDistributionPts
++ NAME 'attCertCRLDistributionPt'
++ DESC 'X.509 Attribute certificate CRL distribution point object class'
++ SUP top
++ AUXILIARY
++ MAY ( attributeCertificateRevocationList $
++ attributeAuthorityRevocationList
++ ) )
++##
++## 17.1.5 PMI delegation path
++objectClass ( id-oc-pmiDelegationPath
++ NAME 'pmiDelegationPath'
++ DESC 'X.509 PMI delegation path'
++ SUP top
++ AUXILIARY
++ MAY ( delegationPath ) )
++##
++## 17.1.6 Privilege policy object class
++objectClass ( id-oc-privilegePolicy
++ NAME 'privilegePolicy'
++ DESC 'X.509 Privilege policy object class'
++ SUP top
++ AUXILIARY
++ MAY ( privPolicy ) )
++##
++## 17.1.7 Protected privilege policy object class
++objectClass ( id-oc-protectedPrivilegePolicy
++ NAME 'protectedPrivilegePolicy'
++ DESC 'X.509 Protected privilege policy object class'
++ SUP top
++ AUXILIARY
++ MAY ( protPrivPolicy ) )
++
--- /dev/null
--- /dev/null
++# $OpenLDAP: pkg/ldap/servers/slapd/schema/ppolicy.schema,v 1.2.2.4 2007/01/02 21:44:09 kurt Exp $
++## This work is part of OpenLDAP Software <http://www.openldap.org/>.
++##
++## Copyright 2004-2007 The OpenLDAP Foundation.
++## All rights reserved.
++##
++## Redistribution and use in source and binary forms, with or without
++## modification, are permitted only as authorized by the OpenLDAP
++## Public License.
++##
++## A copy of this license is available in the file LICENSE in the
++## top-level directory of the distribution or, alternatively, at
++## <http://www.OpenLDAP.org/license.html>.
++#
++## Portions Copyright (C) The Internet Society (2004).
++## Please see full copyright statement below.
++
++# Definitions from Draft behera-ldap-password-policy-07 (a work in progress)
++# Password Policy for LDAP Directories
++# With extensions from Hewlett-Packard:
++# pwdCheckModule etc.
++
++# Contents of this file are subject to change (including deletion)
++# without notice.
++#
++# Not recommended for production use!
++# Use with extreme caution!
++
++# The version of this file as distributed by the OpenLDAP Foundation
++# contains text from an IETF Internet-Draft explaining the schema.
++# Unfortunately, that text is covered by a license that doesn't meet
++# Debian's Free Software Guidelines. This is a stripped version of the
++# schema that contains only the functional schema definition, not the text
++# of the Internet-Draft.
++#
++# For an explanation of this schema, see
++# draft-behera-ldap-password-policy-08.txt.
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.1
++ NAME 'pwdAttribute'
++ EQUALITY objectIdentifierMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.2
++ NAME 'pwdMinAge'
++ EQUALITY integerMatch
++ ORDERING integerOrderingMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.3
++ NAME 'pwdMaxAge'
++ EQUALITY integerMatch
++ ORDERING integerOrderingMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.4
++ NAME 'pwdInHistory'
++ EQUALITY integerMatch
++ ORDERING integerOrderingMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.5
++ NAME 'pwdCheckQuality'
++ EQUALITY integerMatch
++ ORDERING integerOrderingMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.6
++ NAME 'pwdMinLength'
++ EQUALITY integerMatch
++ ORDERING integerOrderingMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.7
++ NAME 'pwdExpireWarning'
++ EQUALITY integerMatch
++ ORDERING integerOrderingMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.8
++ NAME 'pwdGraceAuthNLimit'
++ EQUALITY integerMatch
++ ORDERING integerOrderingMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.9
++ NAME 'pwdLockout'
++ EQUALITY booleanMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.10
++ NAME 'pwdLockoutDuration'
++ EQUALITY integerMatch
++ ORDERING integerOrderingMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.11
++ NAME 'pwdMaxFailure'
++ EQUALITY integerMatch
++ ORDERING integerOrderingMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.12
++ NAME 'pwdFailureCountInterval'
++ EQUALITY integerMatch
++ ORDERING integerOrderingMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.13
++ NAME 'pwdMustChange'
++ EQUALITY booleanMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.14
++ NAME 'pwdAllowUserChange'
++ EQUALITY booleanMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.15
++ NAME 'pwdSafeModify'
++ EQUALITY booleanMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.30
++ NAME 'pwdMaxRecordedFailure'
++ EQUALITY integerMatch
++ ORDERING integerOrderingMatch
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
++ SINGLE-VALUE )
++
++attributetype ( 1.3.6.1.4.1.4754.1.99.1
++ NAME 'pwdCheckModule'
++ EQUALITY caseExactIA5Match
++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
++ DESC 'Loadable module that instantiates check_password() function'
++ SINGLE-VALUE )
++
++objectclass ( 1.3.6.1.4.1.4754.2.99.1
++ NAME 'pwdPolicyChecker'
++ SUP top
++ AUXILIARY
++ MAY ( pwdCheckModule ) )
++
++objectclass ( 1.3.6.1.4.1.42.2.27.8.2.1
++ NAME 'pwdPolicy'
++ SUP top
++ AUXILIARY
++ MUST ( pwdAttribute )
++ MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $
++ pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout
++ $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $
++ pwdMustChange $ pwdAllowUserChange $ pwdSafeModify $
++ pwdMaxRecordedFailure ) )
--- /dev/null
--- /dev/null
++contrib/slapd-modules/passwd/apr1-atol.pl
++contrib/slapd-modules/passwd/apr1-ltoa.pl
--- /dev/null
--- /dev/null
++usr/lib/ldap/pw-apr1.so*
++usr/lib/ldap/pw-apr1.la
++usr/lib/ldap/pw-argon2.so*
++usr/lib/ldap/pw-argon2.la
++usr/lib/ldap/pw-netscape.so*
++usr/lib/ldap/pw-netscape.la
++usr/lib/ldap/pw-pbkdf2.so*
++usr/lib/ldap/pw-pbkdf2.la
++usr/lib/ldap/smbk5pwd.so*
++usr/lib/ldap/smbk5pwd.la
--- /dev/null
--- /dev/null
++# #204975
++slapd-contrib: package-has-unnecessary-activation-of-ldconfig-trigger
++# rpath set by krb5-config.heimdal; #868840
++binary-or-shlib-defines-rpath usr/lib/ldap/smbk5pwd.so.0.0.0 /usr/lib/*/heimdal
--- /dev/null
--- /dev/null
++debian/slapo-pw-pbkdf2.5
++debian/tmp/usr/share/man/man5/slapd-pw-argon2.5
++debian/tmp/usr/share/man/man5/slapo-smbk5pwd.5
--- /dev/null
--- /dev/null
++[Service]
++RemainAfterExit=no
--- /dev/null
--- /dev/null
++openldap (2.4.49+dfsg-1) unstable; urgency=medium
++
++ This release fixes an issue with how the slapo-ppolicy(5) overlay
++ stores the pwdChangedTime attribute in the database. Existing
++ incorrect records could cause slapd to crash if a database
++ administrator uses the Relax control to modify pwdChangedTime.
++
++ Users of the ppolicy overlay are recommended to reload (slapcat and
++ slapadd) their database in order to fix existing data.
++
++ Please see <https://www.openldap.org/its/?findid=9126> for more
++ information.
++
++ -- Ryan Tandy <ryan@nardis.ca> Mon, 03 Feb 2020 09:58:29 -0800
++
++openldap (2.4.44+dfsg-1) unstable; urgency=medium
++
++ The slapd package no longer includes OpenSLP support. The
++ openslp-dfsg package is being retired due to lack of maintenance and
++ security concerns. Please see <https://bugs.debian.org/795428> for
++ more information.
++
++ -- Ryan Tandy <ryan@nardis.ca> Tue, 15 Mar 2016 03:59:27 +0000
++
++openldap (2.4.23-3) unstable; urgency=low
++
++ The OpenLDAP packages in Debian now use the slapd.d LDIF-based
++ configuration model by default. Please see README.Debian for more
++ information.
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Mon, 19 Jul 2010 10:48:19 +0200
++
++openldap2.3 (2.3.23-1) unstable; urgency=low
++
++ The Debian slapd package no longer includes support for the LDBM backend.
++ It has been disabled as a result of concerns over data loss and lack of
++ upstream support. For more information, see:
++ http://www.openldap.org/faq/index.cgi?_highlightWords=ldbm&file=756
++ The BDB backend is now the main backend to use. This backend is supported
++ upstream and has several fixes included for known problems.
++
++ -- Matthijs Mohlmann <matthijs@cacholong.nl> Sun, 26 Feb 2006 20:05:44 +0100
--- /dev/null
--- /dev/null
++Notes about Debian's slapd package
++----------------------------------
++
++ Please see the bottom of this file for the ways in which the Debian
++ OpenLDAP packages differ from the upstream OpenLDAP releases. Please
++ report any bugs that may be related to those changes to Debian via
++ reportbug and not to upstream; upstream is not responsible for changes
++ made in the Debian package.
++
++ In addition to the man pages shipped with this package, please consult
++ the OpenLDAP Admin Guide for more information, including configuration
++ examples for common use cases. <http://www.openldap.org/doc/admin24/>
++
++Initial slapd configuration
++
++ Upon installation the slapd package performs a number of tasks. It
++ initializes the configuration database, stored in LDAP and rooted at
++ the DN "cn=config". It creates an initial directory database with a
++ DN rooted at a suffix derived from the DNS domain configured in
++ debconf (e.g. "dc=example,dc=com"). The default backend for the
++ directory database is the MDB backend. The root (administrative) DN
++ is set to "cn=admin,<suffix>". The root password is set to the
++ password configured in debconf, or a randomly generated password if
++ none was set.
++
++ If desired, a new configuration and directory database can be
++ created by running, as root:
++
++ dpkg-reconfigure slapd
++
++ Caution: this command completely resets the configuration and all
++ LDAP directory data (saving a backup in /var/backups), resetting
++ slapd to a new initial state.
++
++ The configuration database ("cn=config") and directory database
++ ("dc=<domain>,dc=<tld>") have different permissions. Upon
++ installation, the Unix root user has permission to manage the slapd
++ configuration ("cn=config") database. The LDAP directory manager
++ ("cn=admin,<suffix>") has permission to manage the directory database
++ ("dc=<domain>,dc=<tld>"). This policy is specific to Debian.
++
++Maintaining the slapd configuration
++
++ Since version 2.4.23-3 the default configuration of OpenLDAP has
++ been changed to "/etc/ldap/slapd.d"; configuration is stored in an
++ LDAP directory. The OpenLDAP packages in Debian provide an
++ automatic migration to the new configuration style. With the new
++ configuration style it is possible to change values on the fly
++ without restarting slapd. Changes are made through the use of ldif
++ files and ldap{add,modify}.
++
++ Debian defaults to granting the Unix root user, and only the Unix
++ root user, administrative privileges to the configuration database.
++ The configuration database is stored in LDAP. Administrative
++ privileges to the configuration database are granted to root when
++ the special SASL mechanism "EXTERNAL" is used for authentication.
++ The OpenLDAP client command option for this is "-Y EXTERNAL".
++
++ You can use the following shell command, as root, to search the
++ configuration:
++
++ ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=config"
++
++ To modify configuration use the command:
++
++ ldapmodify -Y EXTERNAL -H ldapi:/// -f <file.ldif>
++
++ For configuration options see the several manpages that exist or the
++ documentation provided upstream.
++
++ To change the directory administrator's password, the olcRootPW
++ attribute of the database configuration must be updated. The new
++ password should be hashed using the slappasswd(8) command. Then, the
++ root user should update the attribute using ldapmodify(1):
++
++ ldapmodify -H ldapi:// -Y EXTERNAL << EOF
++ dn: olcDatabase={1}mdb,cn=config
++ changetype: modify
++ replace: olcRootPW
++ olcRootPW: <new hashed password>
++
++ EOF
++
++ Versions of slapd before 2.4.51+dfsg-1 additionally created a database
++ entry named the same as the rootDN (cn=admin,<suffix>) and having the
++ same password. If this entry exists in your directory, its password
++ must also be updated using ldappasswd(1), otherwise the old password
++ can still be used.
++
++Using the MDB Backend
++
++ MDB is a new database backend using the LMDB library created by the
++ OpenLDAP developers. The MDB backend has fewer configuration
++ parameters than HDB/BDB and generally does not require hand tuning.
++
++ The database is stored in a sparse file with a specified maximum size.
++ The size should be set larger than the database is ever anticipated to
++ grow, but can be increased later if needed. When the MDB backend is
++ chosen during initial configuration, the Debian package configures the
++ automatically created database with a maximum size of 1 GiB.
++
++ The space currently used by the database can be found using du(1); for
++ example: du -h /var/lib/ldap/data.mdb
++
++Using BDB/HDB Backends
++
++ HDB was the recommended backend before MDB was developed. It's the
++ same as BDB but allows some additional operations.
++
++ slapd BDB and HDB backends rely on libdb to store data on your disks.
++ libdb uses a configuration file to tune database specific
++ parameters. This file is called DB_CONFIG, and should be created in each
++ directory containing one of your ldap databases, usually /var/lib/ldap.
++
++ It is VERY IMPORTANT to correctly setup a DB_CONFIG file. It is not
++ just a matter of performance: depending on the version of slapd and
++ libdb being used, your slapd may just hang and stop answering queries.
++
++ To correctly set up your DB_CONFIG file, please refer to
++ README.DB_CONFIG.gz in this directory.
++
++BerkeleyDB Version
++
++ slapd has been built against version 5.3.28 of BerkeleyDB.
++
++ slapd will automatically handle database recovery, so you generally do
++ not need the BerkeleyDB utilities. However, if you want to perform
++ other operations directly on the raw database without using the slapd
++ tools, install db5.3-util and use those BerkeleyDB utilities. Utilities
++ from other db*-util packages will not work correctly and may render the
++ database unusable by slapd.
++
++BerkeleyDB database format upgrades
++
++ When upgrading slapd to a new version where the Berkeley DB library's
++ storage format has changed, the database has to be backed up using
++ slapcat(8) before upgrading and restored using slapadd(8) afterwards.
++ Normally the maintainer scripts will handle this automatically,
++ performing the dump and restore as needed.
++
++ If, after upgrading, slapd fails to start and you see the message
++ "Program version doesn't match environment version" in syslog, then
++ the DB version may have changed without a dump and reload. This should
++ be reported as a bug in the slapd package. In this case you will have
++ to downgrade slapd to the previous version as the new tools are unable
++ to dump the old database, and the same error would prevent you from
++ upgrading to the fixed version. Old package versions can be
++ found at <http://snapshot.debian.org> if needed.
++
++Logging
++
++ slapd logs to the facility local4. If you want to direct slapd's logs to
++ a separate log file, add a line like:
++
++ local4.debug /var/log/slapd.log
++
++ to /etc/syslog.conf. You may also want to add ";local4.none" to the
++ catch-all entry that logs to /var/log/messages so that it doesn't
++ continue to receive slapd logs.
++
++SASL Configuration
++
++ To enable GSSAPI (Kerberos) authentication to slapd, install either the
++ libsasl2-modules-gssapi-mit or libsasl2-modules-gssapi-heimdal packages
++ depending on which Kerberos implementation you want to use.
++
++ SASL configuration files may be placed either in /usr/lib/sasl2 (the
++ standard path, but not a great place for configuration files) or in
++ /etc/ldap/sasl2. A SASL configuration file should be named after the
++ program that will use it. So, for instance, to configure SASL for
++ slapd, create a file named slapd.conf in /etc/ldap/sasl2 or in
++ /usr/lib/sasl2.
++
++TCP Wrappers
++
++ The Debian slapd package is compiled with TCP wrappers. This means that
++ you are able to restrict access to the LDAP server using /etc/hosts.deny
++ or /etc/hosts.allow.
++
++Running slapd under a Different UID/GID
++
++ By default, slapd runs as openldap in the openldap group. Keeping the
++ default is easiest. If for some reason you need to run slapd as a
++ different user:
++
++ - Create the user/group for slapd -- usually:
++
++ adduser --system --group <group> --disabled-login <user>
++
++ - Stop slapd:
++
++ /etc/init.d/slapd stop
++
++ - Tell slapd to run under a different UID by editing /etc/default/slapd
++ and setting SLAPD_USER and SLAPD_GROUP. (For example,
++ SLAPD_USER="ldap", SLAPD_GROUP="ldap")
++
++ - Tell linux slapd can access all database files -- usually:
++
++ chown -R <user>:<group> /var/lib/ldap
++
++ - Tell linux slapd can access configuration files -- usually:
++
++ chown -R <user>:<group> /etc/ldap/slapd.d
++
++ - Tell linux slapd can access /var/run/slapd and write a PID file:
++
++ chgrp <group> /var/run/slapd
++ chmod 0770 /var/run/slapd
++
++ - Start slapd -- /etc/init.d/slapd start
++
++ Once you have done so, remember to always run any utilities that access
++ or update the database (such as slapadd) as the same user that slapd is
++ running as. If you forget, you will need to redo the chown noted above.
++
++If slapd Depends on Other Service
++
++ In the event that you are running slapd with a different back-end module
++ that depends on other programs (such as an SQL database) you may need to
++ adjust the runlevels of slapd to start after the SQL database.
++
++Creating NSS Flat Files from LDAP
++
++ If you have need to create passwd/shadow/etc files from an LDAP
++ directory there is now a script included with these Debian packages
++ which may help you. The script is in /usr/share/slapd/ and is named
++ ldiftopasswd. In general you should be able to do:
++
++ ldapsearch | ldiftopasswd
++
++ and it will generate the files for you. You will need appropriate
++ privileges, of course, and appropriate arguments to ldapsearch.
++
++Modifications Compared to Upstream
++
++ Compared to stock OpenLDAP as shipped by the OpenLDAP project, the
++ Debian packages make the following modifications. If you see any
++ problems caused by or related to these modifications, please report them
++ via the Debian bug tracking system using reportbug, not to the OpenLDAP
++ project.
++
++ * The only LDAP library installed is libldap_r, which in the upstream
++ release is only used for slapd, and libldap is a symlink to it. This
++ library has thread safety for use with slapd, but that thread safety
++ is not checked for any application other than slapd by upstream.
++ Upstream does not support using libldap_r for programs other than
++ slapd. The current library installation strategy in the Debian
++ packages is an attempt to deal with problems caused by symbol
++ conflicts between libldap and libldap_r when both are pulled in by the
++ same process (most commonly by libnss-ldap) and the number of packages
++ that use libldap in threaded code expecting thread safety.
++
++ * libldap and libber have symbol versioning added to prevent problems
++ during partial upgrades from older versions of the libraries.
++
++ * slapindex has been patched to warn when run as root and the man page
++ has been patched to notify users that slapindex should be run as the
++ user slapd runs as. There is some upstream discussion of a better
++ fix.
++
++ * slapd is configured to look in /etc/ldap/sasl2 in addition to
++ /usr/lib/sasl2 for SASL configuration files.
++
++ * The libldap library is patched to add two functions used by
++ evolution-exchange for NTLM authentication to Active Directory. See
++ <http://bugs.debian.org/457374>.
++
++ * Several paths have been adjusted to fit Debian file permissions and
++ for Filesystem Hierarchy Standard compliance, namely:
++ - The ldapi socket is in /var/run/slapd
++ - The slapi error log has been moved to /var/log/slapi-errors
++ - The slapd database location is /var/lib/ldap
++
++ In addition, upstream patches from CVS may be applied to fix bugs in the
++ current release and will not be noted here unless they're not expected
++ to be in the next release.
++
++ Finally, note that the Debian OpenLDAP packages have been compiled
++ against GnuTLS instead of OpenSSL to avoid licensing problems for
++ GPL-covered packages that use the LDAP libraries. This is a supported
++ configuration, but it's not widely used outside of Debian.
++
++ For the exact patches applied to the upstream source and references to
++ the relevant upstream ITS numbers, Debian bugs, and upstream
++ synchronization status, see the debian/patches directory in the
++ openldap source package.
++
++ -- Russ Allbery <rra@debian.org>, Thu, 14 Feb 2008 18:47:07 -0800
++
++Unsafe access control rule installed by default in previous versions
++
++ Versions of slapd before 2.4.40-1 configured the default database with
++ an access control rule of the form:
++
++ to *
++ by self write
++ by dn="cn=admin,dc=example,dc=com" write
++ by * read
++
++ Depending on how the database and client applications are configured,
++ users might be able to impersonate others by editing attributes such
++ as their Unix user and group numbers, or other application-specific
++ attributes.
++
++ New installations no longer include "by self write", but existing
++ configurations will not be automatically modified.
++
++ To list your current access control rules, use the command:
++
++ ldapsearch -Y EXTERNAL -H ldapi:/// -b 'cn=config' '(olcAccess=*)' olcAccess
++
++ To fix the problem, create an LDIF file to replace the rules as
++ needed. For example:
++
++ dn: olcDatabase={1}hdb,cn=config
++ delete: olcAccess
++ olcAccess: {2}
++ -
++ add: olcAccess
++ olcAccess: {2}to * by dn="cn=admin,dc=example,dc=com" write by * read
++
++ Adjust the database DN, the administrative DN, and the rule numbers
++ according to your configuration, following the output from ldapsearch.
++
++ Next, apply the configuration changes from the file:
++
++ ldapmodify -Y EXTERNAL -H ldapi:/// -f mods.ldif
++
++ For more information about access control rules, refer to the
++ slapd.access(5) man page.
++
++ -- Ryan Tandy <ryan@nardis.ca>, Mon, 20 Oct 2014 11:45:20 -0700
--- /dev/null
--- /dev/null
++#!/bin/bash
++#
++# Backup LDAP directories
++#
++# This script can be put in cron to create backups.
++#
++# Author: Matthijs Mohlmann <matthijs@cacholong.nl>
++# Date: Sat, 15 Jul 2006 21:13:14 +0200
++# License: GPLv2
++
++# Make sure the backups are secured.
++umask 077
++
++BACKUPDIR="/var/backups/slapd"
++DEFAULTS="/etc/default/slapd"
++
++# Check if there is a directory slapd, otherwise create it.
++if [ ! -d "$BACKUPDIR" ]; then
++ mkdir -p -m 0700 "$BACKUPDIR"
++fi
++
++# Load default settings.
++if [ -e "$DEFAULTS" ]; then
++ . "$DEFAULTS"
++fi
++
++# Specify a slapd.conf if not specified.
++if [ -z "$SLAPD_CONF" ]; then
++ SLAPD_CONF="/etc/ldap/slapd.conf"
++fi
++
++# Set IFS to end of line.
++ORIGIFS=$IFS
++IFS=`echo -en "\n\b"`
++
++# Backup recursive through all configfiles all suffix's in the form:
++# suffix.ldif in /var/backups/slapd
++function backupDirectories() {
++ local conf=$1
++ local directory=""
++ local include=""
++
++ suffix=`grep "^suffix" $conf | sed -e "s/\(^suffix\s\+\|\"\|\'\)//g"`
++ for directory in "$suffix"; do
++ if [ ! -z "$suffix" ]; then
++ slapcat -l "$BACKUPDIR/$suffix.ldif" -b "$suffix"
++ fi
++ done
++
++ includes=`grep "^include" $conf | awk '{print $2}'`
++ for include in $includes; do
++ backupDirectories "$include"
++ done
++}
++
++backupDirectories "$SLAPD_CONF"
++
++# Put IFS back.
++IFS=$ORIGIFS
++
++exit 0
++
--- /dev/null
--- /dev/null
++# This is the main slapd configuration file. See slapd.conf(5) for more
++# info on the configuration options.
++
++#######################################################################
++# Global Directives:
++
++# Schema and objectClass definitions
++include /etc/ldap/schema/core.schema
++include /etc/ldap/schema/cosine.schema
++include /etc/ldap/schema/nis.schema
++include /etc/ldap/schema/inetorgperson.schema
++
++# Where the pid file is put. The init.d script
++# will not stop the server if you change this.
++pidfile /var/run/slapd/slapd.pid
++
++# List of arguments that were passed to the server
++argsfile /var/run/slapd/slapd.args
++
++# Read slapd.conf(5) for possible values
++loglevel none
++
++# Where the dynamically loaded modules are stored
++modulepath /usr/lib/ldap
++moduleload back_mdb
++
++# The maximum number of entries that is returned for a search operation
++sizelimit 500
++
++# The tool-threads parameter sets the actual amount of cpu's that is used
++# for indexing.
++tool-threads 1
++
++#######################################################################
++# Specific Backend Directives for mdb:
++# Backend specific directives apply to this backend until another
++# 'backend' directive occurs
++backend mdb
++
++#######################################################################
++# Specific Backend Directives for 'other':
++# Backend specific directives apply to this backend until another
++# 'backend' directive occurs
++#backend <other>
++
++#######################################################################
++# Specific Directives for database #1, of type mdb:
++# Database specific directives apply to this databasse until another
++# 'database' directive occurs
++database mdb
++
++# The base of your directory in database #1
++suffix "dc=example,dc=com"
++
++# rootdn directive for specifying a superuser on the database. This is needed
++# for syncrepl.
++# rootdn "cn=admin,dc=example,dc=com"
++
++# Where the database file are physically stored for database #1
++directory "/var/lib/ldap"
++
++# The dbconfig settings are used to generate a DB_CONFIG file the first
++# time slapd starts. They do NOT override existing an existing DB_CONFIG
++# file. You should therefore change these settings in DB_CONFIG directly
++# or remove DB_CONFIG and restart slapd for changes to take effect.
++
++# For the Debian package we use 2MB as default but be sure to update this
++# value if you have plenty of RAM
++dbconfig set_cachesize 0 2097152 0
++
++# Sven Hartge reported that he had to set this value incredibly high
++# to get slapd running at all. See http://bugs.debian.org/303057 for more
++# information.
++
++# Number of objects that can be locked at the same time.
++dbconfig set_lk_max_objects 1500
++# Number of locks (both requested and granted)
++dbconfig set_lk_max_locks 1500
++# Number of lockers
++dbconfig set_lk_max_lockers 1500
++
++# Indexing options for database #1
++index objectClass eq
++
++# Save the time that the entry gets modified, for database #1
++lastmod on
++
++# Checkpoint the BerkeleyDB database periodically in case of system
++# failure and to speed slapd shutdown.
++checkpoint 512 30
++
++# The userPassword by default can be changed
++# by the entry owning it if they are authenticated.
++# Others should not be able to see it, except the
++# admin entry below
++# These access lines apply to database #1 only
++access to attrs=userPassword,shadowLastChange
++ by dn="cn=admin,dc=example,dc=com" write
++ by anonymous auth
++ by self write
++ by * none
++
++# Ensure read access to the base for things like
++# supportedSASLMechanisms. Without this you may
++# have problems with SASL not knowing what
++# mechanisms are available and the like.
++# Note that this is covered by the 'access to *'
++# ACL below too but if you change that as people
++# are wont to do you'll still need this if you
++# want SASL (and possible other things) to work
++# happily.
++access to dn.base="" by * read
++
++# The admin dn has full write access, everyone else
++# can read everything.
++access to *
++ by dn="cn=admin,dc=example,dc=com" write
++ by * read
++
++# For Netscape Roaming support, each user gets a roaming
++# profile for which they have write access to
++#access to dn=".*,ou=Roaming,o=morsnet"
++# by dn="cn=admin,dc=example,dc=com" write
++# by dnattr=owner write
++
++#######################################################################
++# Specific Directives for database #2, of type 'other' (can be mdb too):
++# Database specific directives apply to this databasse until another
++# 'database' directive occurs
++#database <other>
++
++# The base of your directory for database #2
++#suffix "dc=debian,dc=org"
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++# Load debconf
++. /usr/share/debconf/confmodule
++
++# This will be replaced with debian/slapd.scripts-common which includes
++# various helper functions and $OLD_VERSION and $SLAPD_CONF
++#SCRIPTSCOMMON#
++
++# Check if the user wants to configure slapd manually
++want_manual_configuration() {
++ db_input medium slapd/no_configuration || true
++ db_go || true
++ db_get slapd/no_configuration
++ no_configuration="$RET"
++
++ if [ "$no_configuration" = "true" ]; then
++ return 0
++ fi
++ return 1
++}
++
++# Make sure the values entered make sense
++validate_initial_config() {
++ local invalid
++ invalid=""
++
++ # Make sure the domain name is valid
++ # The regexp doesn't work for UTF-8 domain names, but for that to
++ # work, we would also need to Base64 encode it in the LDIF; since
++ # we're not doing it at the moment, this should be fine for now
++ db_get slapd/domain
++ if [ -z "$RET" ] || ! echo "$RET" | LC_COLLATE='C.UTF-8' grep -q '^[a-zA-Z0-9.-]*$'; then
++ db_fset slapd/domain seen false
++ invalid=true
++ fi
++
++ # Suffix and Organization may not be empty
++ db_get shared/organization
++ if [ -z "$RET" ]; then
++ db_fset shared/organization seen false
++ invalid=true
++ fi
++
++ # Make sure the passwords match
++ local pass1 pass2
++ db_get slapd/password1
++ pass1="$RET"
++ db_get slapd/password2
++ pass2="$RET"
++
++ if [ "$pass1" != "$pass2" ]; then
++ db_fset slapd/password1 seen false
++ db_fset slapd/password2 seen false
++ invalid=true
++ fi
++
++ # Tell the user
++ if [ "$invalid" ]; then
++ db_fset slapd/invalid_config seen false
++ db_input critical slapd/invalid_config || true
++ db_go || true
++ db_get slapd/invalid_config
++ if [ "$RET" != "true" ]; then
++ db_set slapd/no_configuration true
++ invalid=
++ fi
++ fi
++
++ if [ "$invalid" ]; then
++ return 1
++ else
++ return 0
++ fi
++}
++
++# Query the information we need to create an initial directory
++query_initial_config() {
++ while true; do
++ db_input medium slapd/domain || true
++ db_input medium shared/organization || true
++ db_input high slapd/password1 || true
++ db_input high slapd/password2 || true
++ db_input low slapd/purge_database || true
++ # XXX - should be done more general, but for now this should do
++ # the trick
++ if [ -e "/var/lib/ldap" ] && ! is_empty_dir /var/lib/ldap; then
++ db_input low slapd/move_old_database || true
++ fi
++ db_go || true
++
++ if validate_initial_config; then
++ break
++ fi
++ done
++}
++
++# ----- Configuration of LDIF dumping and reloading--------------------- {{{
++#
++# Dumping the database can have negative effects on the system we are
++# running on. If there is a lot of data dumping it might fill a partition
++# for example. Therefore we must give the user exact control over what we
++# are doing.
++
++configure_dumping() { # {{{
++# Ask the user for the configuration of the dumping component
++# Usage: configure_dumping
++
++ # Look if the user wants to migrate to the BDB backend
++ if ! database_dumping_enabled; then
++ return 0
++ fi
++
++ # Configure if and where to dump the LDAP databases
++ db_input medium slapd/dump_database || true
++ db_go || true
++ db_get slapd/dump_database
++
++ # Abort if the user does not want dumping
++ if [ "$RET" = never ]; then
++ return 0
++ fi
++
++ db_input medium slapd/dump_database_destdir || true
++ db_go || true
++
++ # If the user entered the empty value, go back to the default
++ db_get slapd/dump_database_destdir
++ if [ "$RET" = "" ]; then
++ db_reset slapd/dump_database_destdir
++ fi
++}
++
++# }}}
++# }}}
++
++warn_about_selfwrite_acl() { # {{{
++# Warn about databases having an acl beginning with "to * by self
++# write", installed by default in previous versions of slapd.init.ldif
++# but having possible security implications.
++ if [ -d "$SLAPD_CONF" ]; then
++ if grep -q '^olcAccess: {[0-9]*}to \* by self write' \
++ "$SLAPD_CONF"/cn\=config/olcDatabase*.ldif 2>/dev/null; then
++ db_input high slapd/unsafe_selfwrite_acl || true
++ fi
++ fi
++}
++# }}}
++
++# Create an initial directory on fresh install
++if is_initial_configuration "$@"; then
++ if ! want_manual_configuration; then
++ set_defaults_for_unseen_entries
++ query_initial_config
++ fi
++fi
++
++# Configure the dumping component if we are upgrading some older version.
++if [ "$1" = configure ] && [ -n "$2" ]; then
++ configure_dumping
++ warn_about_selfwrite_acl
++fi
++
++db_go || true
++
++exit 0
--- /dev/null
--- /dev/null
++# Default location of the slapd.conf file or slapd.d cn=config directory. If
++# empty, use the compiled-in default (/etc/ldap/slapd.d with a fallback to
++# /etc/ldap/slapd.conf).
++SLAPD_CONF=
++
++# System account to run the slapd server under. If empty the server
++# will run as root.
++SLAPD_USER="openldap"
++
++# System group to run the slapd server under. If empty the server will
++# run in the primary group of its user.
++SLAPD_GROUP="openldap"
++
++# Path to the pid file of the slapd server. If not set the init.d script
++# will try to figure it out from $SLAPD_CONF (/etc/ldap/slapd.d by
++# default)
++SLAPD_PIDFILE=
++
++# slapd normally serves ldap only on all TCP-ports 389. slapd can also
++# service requests on TCP-port 636 (ldaps) and requests via unix
++# sockets.
++# Example usage:
++# SLAPD_SERVICES="ldap://127.0.0.1:389/ ldaps:/// ldapi:///"
++SLAPD_SERVICES="ldap:/// ldapi:///"
++
++# If SLAPD_NO_START is set, the init script will not start or restart
++# slapd (but stop will still work). Uncomment this if you are
++# starting slapd via some other means or if you don't want slapd normally
++# started at boot.
++#SLAPD_NO_START=1
++
++# If SLAPD_SENTINEL_FILE is set to path to a file and that file exists,
++# the init script will not start or restart slapd (but stop will still
++# work). Use this for temporarily disabling startup of slapd (when doing
++# maintenance, for example, or through a configuration management system)
++# when you don't want to edit a configuration file.
++SLAPD_SENTINEL_FILE=/etc/ldap/noslapd
++
++# For Kerberos authentication (via SASL), slapd by default uses the system
++# keytab file (/etc/krb5.keytab). To use a different keytab file,
++# uncomment this line and change the path.
++#export KRB5_KTNAME=/etc/krb5.keytab
++
++# Additional options to pass to slapd
++SLAPD_OPTIONS=""
--- /dev/null
--- /dev/null
++var/lib/slapd
++usr/share/slapd
++usr/share/lintian/overrides
++etc/ldap/sasl2
--- /dev/null
--- /dev/null
++debian/README.DB_CONFIG
--- /dev/null
--- /dev/null
++debian/DB_CONFIG
++debian/slapd.backup
++debian/slapd.conf
--- /dev/null
--- /dev/null
++#!/bin/sh
++### BEGIN INIT INFO
++# Provides: slapd
++# Required-Start: $remote_fs $network $syslog
++# Required-Stop: $remote_fs $network $syslog
++# Default-Start: 2 3 4 5
++# Default-Stop: 0 1 6
++# Short-Description: OpenLDAP standalone server (Lightweight Directory Access Protocol)
++### END INIT INFO
++
++# Specify path variable
++PATH=/sbin:/usr/sbin:/bin:/usr/bin
++
++. /lib/lsb/init-functions
++
++# Kill me on all errors
++set -e
++
++# Set the paths to slapd as a variable so that someone who really
++# wants to can override the path in /etc/default/slapd.
++SLAPD=/usr/sbin/slapd
++
++# Stop processing if slapd is not there
++[ -x $SLAPD ] || exit 0
++
++# debconf may have this file descriptor open and it makes things work a bit
++# more reliably if we redirect it as a matter of course. db_stop will take
++# care of this, but this won't hurt.
++exec 3>/dev/null
++
++# Source the init script configuration
++if [ -f "/etc/default/slapd" ]; then
++ . /etc/default/slapd
++fi
++
++# Load the default location of the slapd config file
++if [ -z "$SLAPD_CONF" ]; then
++ if [ -e /etc/ldap/slapd.d ]; then
++ SLAPD_CONF=/etc/ldap/slapd.d
++ else
++ SLAPD_CONF=/etc/ldap/slapd.conf
++ fi
++fi
++
++# Stop processing if the config file is not there
++if [ ! -r "$SLAPD_CONF" ]; then
++ log_warning_msg "No configuration file was found for slapd at $SLAPD_CONF."
++ # if there is no config at all, we should assume slapd is not running
++ # and exit 0 on stop so that unconfigured packages can be removed.
++ [ "x$1" = xstop ] && exit 0 || exit 1
++fi
++
++# extend options depending on config type
++if [ -f "$SLAPD_CONF" ]; then
++ SLAPD_OPTIONS="-f $SLAPD_CONF $SLAPD_OPTIONS"
++elif [ -d "$SLAPD_CONF" ] ; then
++ SLAPD_OPTIONS="-F $SLAPD_CONF $SLAPD_OPTIONS"
++fi
++
++# Find out the name of slapd's pid file
++if [ -z "$SLAPD_PIDFILE" ]; then
++ # If using old one-file configuration scheme
++ if [ -f "$SLAPD_CONF" ] ; then
++ SLAPD_PIDFILE=`sed -ne 's/^pidfile[[:space:]]\+\(.\+\)/\1/p' \
++ "$SLAPD_CONF"`
++ # Else, if using new directory configuration scheme
++ elif [ -d "$SLAPD_CONF" ] ; then
++ SLAPD_PIDFILE=`sed -ne \
++ 's/^olcPidFile:[[:space:]]\+\(.\+\)[[:space:]]*/\1/p' \
++ "$SLAPD_CONF"/'cn=config.ldif'`
++ fi
++fi
++
++# XXX: Breaks upgrading if there is no pidfile (invoke-rc.d stop will fail)
++# -- Torsten
++if [ -z "$SLAPD_PIDFILE" ]; then
++ log_failure_msg "The pidfile for slapd has not been specified"
++ exit 1
++fi
++
++# Pass the user and group to run under to slapd
++if [ "$SLAPD_USER" ]; then
++ SLAPD_OPTIONS="-u $SLAPD_USER $SLAPD_OPTIONS"
++fi
++
++if [ "$SLAPD_GROUP" ]; then
++ SLAPD_OPTIONS="-g $SLAPD_GROUP $SLAPD_OPTIONS"
++fi
++
++# Check whether we were configured to not start the services.
++check_for_no_start() {
++ if [ -n "$SLAPD_NO_START" ]; then
++ echo 'Not starting slapd: SLAPD_NO_START set in /etc/default/slapd' >&2
++ exit 0
++ fi
++ if [ -n "$SLAPD_SENTINEL_FILE" ] && [ -e "$SLAPD_SENTINEL_FILE" ]; then
++ echo "Not starting slapd: $SLAPD_SENTINEL_FILE exists" >&2
++ exit 0
++ fi
++}
++
++# Tell the user that something went wrong and give some hints for
++# resolving the problem.
++report_failure() {
++ log_end_msg 1
++ if [ -n "$reason" ]; then
++ log_failure_msg "$reason"
++ else
++ log_failure_msg "The operation failed but no output was produced."
++
++ if [ -n "$SLAPD_OPTIONS" -o \
++ -n "$SLAPD_SERVICES" ]; then
++ if [ -z "$SLAPD_SERVICES" ]; then
++ if [ -n "$SLAPD_OPTIONS" ]; then
++ log_failure_msg "Command line used: slapd $SLAPD_OPTIONS"
++ fi
++ else
++ log_failure_msg "Command line used: slapd -h '$SLAPD_SERVICES' $SLAPD_OPTIONS"
++ fi
++ fi
++ fi
++}
++
++# Start the slapd daemon and capture the error message if any to
++# $reason.
++start_slapd() {
++ # Make sure /var/run/slapd exists with correct permissions
++ if [ ! -d /var/run/slapd ]; then
++ mkdir -p /var/run/slapd
++ [ -z "$SLAPD_USER" ] || chown -R "$SLAPD_USER" /var/run/slapd
++ [ -z "$SLAPD_GROUP" ] || chgrp -R "$SLAPD_GROUP" /var/run/slapd
++ fi
++
++ # Make sure the pidfile directory exists with correct permissions
++ piddir=`dirname "$SLAPD_PIDFILE"`
++ if [ ! -d "$piddir" ]; then
++ mkdir -p "$piddir"
++ [ -z "$SLAPD_USER" ] || chown -R "$SLAPD_USER" "$piddir"
++ [ -z "$SLAPD_GROUP" ] || chgrp -R "$SLAPD_GROUP" "$piddir"
++ fi
++
++ if [ -z "$SLAPD_SERVICES" ]; then
++ reason="`start-stop-daemon --start --quiet --oknodo \
++ --pidfile "$SLAPD_PIDFILE" \
++ --exec $SLAPD -- $SLAPD_OPTIONS 2>&1`"
++ else
++ reason="`start-stop-daemon --start --quiet --oknodo \
++ --pidfile "$SLAPD_PIDFILE" \
++ --exec $SLAPD -- -h "$SLAPD_SERVICES" $SLAPD_OPTIONS 2>&1`"
++ fi
++
++ # Backward compatibility with OpenLDAP 2.1 client libraries.
++ if [ ! -h /var/run/ldapi ] && [ ! -e /var/run/ldapi ] ; then
++ ln -s slapd/ldapi /var/run/ldapi
++ fi
++}
++
++# Stop the slapd daemon and capture the error message (if any) to
++# $reason.
++stop_slapd() {
++ reason="`start-stop-daemon --stop --quiet --oknodo --retry TERM/10 \
++ --pidfile "$SLAPD_PIDFILE" \
++ --exec $SLAPD 2>&1`"
++}
++
++# Start the OpenLDAP daemons
++start_ldap() {
++ trap 'report_failure' 0
++ log_daemon_msg "Starting OpenLDAP" "slapd"
++ start_slapd
++ trap "-" 0
++ log_end_msg 0
++}
++
++# Stop the OpenLDAP daemons
++stop_ldap() {
++ trap 'report_failure' 0
++ log_daemon_msg "Stopping OpenLDAP" "slapd"
++ stop_slapd
++ trap "-" 0
++ log_end_msg 0
++}
++
++case "$1" in
++ start)
++ check_for_no_start
++ start_ldap ;;
++ stop)
++ stop_ldap ;;
++ restart|force-reload)
++ check_for_no_start
++ stop_ldap
++ start_ldap
++ ;;
++ status)
++ status_of_proc -p $SLAPD_PIDFILE $SLAPD slapd
++ ;;
++ *)
++ echo "Usage: $0 {start|stop|restart|force-reload|status}"
++ exit 1
++ ;;
++esac
--- /dev/null
--- /dev/null
++# Global config:
++dn: cn=config
++objectClass: olcGlobal
++cn: config
++# Where the pid file is put. The init.d script
++# will not stop the server if you change this.
++olcPidFile: /var/run/slapd/slapd.pid
++# List of arguments that were passed to the server
++olcArgsFile: /var/run/slapd/slapd.args
++# Read slapd-config(5) for possible values
++olcLogLevel: none
++# The tool-threads parameter sets the actual amount of cpu's that is used
++# for indexing.
++olcToolThreads: 1
++
++# Frontend settings
++dn: olcDatabase={-1}frontend,cn=config
++objectClass: olcDatabaseConfig
++objectClass: olcFrontendConfig
++olcDatabase: {-1}frontend
++# The maximum number of entries that is returned for a search operation
++olcSizeLimit: 500
++# Allow unlimited access to local connection from the local root user
++olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
++# Allow unauthenticated read access for schema and base DN autodiscovery
++olcAccess: {1}to dn.exact="" by * read
++olcAccess: {2}to dn.base="cn=Subschema" by * read
++
++# Config db settings
++dn: olcDatabase=config,cn=config
++objectClass: olcDatabaseConfig
++olcDatabase: config
++# Allow unlimited access to local connection from the local root user
++olcAccess: to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
++olcRootDN: cn=admin,cn=config
++
++# Load schemas
++dn: cn=schema,cn=config
++objectClass: olcSchemaConfig
++cn: schema
++
++include: file:///etc/ldap/schema/core.ldif
++include: file:///etc/ldap/schema/cosine.ldif
++include: file:///etc/ldap/schema/nis.ldif
++include: file:///etc/ldap/schema/inetorgperson.ldif
++
++# Load module
++dn: cn=module{0},cn=config
++objectClass: olcModuleList
++cn: module{0}
++# Where the dynamically loaded modules are stored
++olcModulePath: /usr/lib/ldap
++olcModuleLoad: back_mdb
++
++# The database definition.
++dn: olcDatabase=mdb,cn=config
++objectClass: olcDatabaseConfig
++objectClass: olcMdbConfig
++olcDatabase: mdb
++# Default to a 1 GiB database for compatibility with 32-bit systems.
++olcDbMaxSize: 1073741824
++# Checkpoint the database periodically in case of system
++# failure and to speed slapd shutdown.
++olcDbCheckpoint: 512 30
++# Save the time that the entry gets modified, for database #1
++olcLastMod: TRUE
++# The base of your directory in database #1
++olcSuffix: @SUFFIX@
++# Where the database file are physically stored for database #1
++olcDbDirectory: /var/lib/ldap
++# Database superuser credentials
++olcRootDN: cn=admin,@SUFFIX@
++olcRootPW: @PASSWORD@
++# Indexing options for database #1
++olcDbIndex: objectClass eq
++olcDbIndex: cn,uid eq
++olcDbIndex: uidNumber,gidNumber eq
++olcDbIndex: member,memberUid eq
++# The userPassword by default can be changed by the entry owning it if
++# they are authenticated. Others should not be able to see it, except
++# the admin entry above.
++olcAccess: to attrs=userPassword
++ by self write
++ by anonymous auth
++ by * none
++# Allow update of authenticated user's shadowLastChange attribute.
++# Updating it on password change is implemented at least by libpam-ldap,
++# libpam-ldapd, and the slapo-smbk5pwd overlay.
++olcAccess: to attrs=shadowLastChange
++ by self write
++ by * read
++# The admin dn (olcRootDN) bypasses ACLs and so has total access,
++# everyone else can read everything.
++olcAccess: to *
++ by * read
++
--- /dev/null
--- /dev/null
++etc/ldap/schema
++usr/lib/slapd usr/sbin
++usr/lib/*/libslapi-*.so.*
++debian/ldiftopasswd usr/share/slapd
++debian/slapd.init.ldif usr/share/slapd
++debian/slapd-remain-after-exit.conf lib/systemd/system/slapd.service.d
++
++usr/lib/ldap/back_*.so*
++usr/lib/ldap/back_*.la
++
++usr/lib/ldap/accesslog*.so*
++usr/lib/ldap/accesslog.la
++usr/lib/ldap/auditlog*.so*
++usr/lib/ldap/auditlog.la
++usr/lib/ldap/constraint*.so*
++usr/lib/ldap/constraint.la
++usr/lib/ldap/dds*.so*
++usr/lib/ldap/dds.la
++usr/lib/ldap/deref*.so*
++usr/lib/ldap/deref.la
++usr/lib/ldap/dyngroup*.so*
++usr/lib/ldap/dyngroup.la
++usr/lib/ldap/dynlist*.so*
++usr/lib/ldap/dynlist.la
++usr/lib/ldap/memberof*.so*
++usr/lib/ldap/memberof.la
++usr/lib/ldap/pcache*.so*
++usr/lib/ldap/pcache.la
++usr/lib/ldap/collect*.so*
++usr/lib/ldap/collect.la
++usr/lib/ldap/ppolicy*.so*
++usr/lib/ldap/ppolicy.la
++usr/lib/ldap/refint*.so*
++usr/lib/ldap/refint.la
++usr/lib/ldap/retcode*.so*
++usr/lib/ldap/retcode.la
++usr/lib/ldap/rwm*.so*
++usr/lib/ldap/rwm.la
++usr/lib/ldap/seqmod*.so*
++usr/lib/ldap/seqmod.la
++usr/lib/ldap/sssvlv*.so*
++usr/lib/ldap/sssvlv.la
++usr/lib/ldap/syncprov*.so*
++usr/lib/ldap/syncprov.la
++usr/lib/ldap/translucent*.so*
++usr/lib/ldap/translucent.la
++usr/lib/ldap/unique*.so*
++usr/lib/ldap/unique.la
++usr/lib/ldap/valsort*.so*
++usr/lib/ldap/valsort.la
++
++# contrib modules installed in main package
++usr/lib/ldap/autogroup.so*
++usr/lib/ldap/autogroup.la
++usr/lib/ldap/lastbind.so*
++usr/lib/ldap/lastbind.la
++usr/lib/ldap/pw-sha2.so*
++usr/lib/ldap/pw-sha2.la
--- /dev/null
--- /dev/null
++# libslapi is a special case, used only for writing extension modules for
++# slapd, and is therefore shipped with slapd.
++slapd: package-name-doesnt-match-sonames libslapi-2.4-2
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man5/slapd.*.5
++debian/tmp/usr/share/man/man8/slap*.8
++
++debian/tmp/usr/share/man/man5/slapd-bdb.5
++debian/tmp/usr/share/man/man5/slapd-config.5
++debian/tmp/usr/share/man/man5/slapd-dnssrv.5
++debian/tmp/usr/share/man/man5/slapd-hdb.5
++debian/tmp/usr/share/man/man5/slapd-ldap.5
++debian/tmp/usr/share/man/man5/slapd-ldif.5
++debian/tmp/usr/share/man/man5/slapd-mdb.5
++debian/tmp/usr/share/man/man5/slapd-meta.5
++debian/tmp/usr/share/man/man5/slapd-monitor.5
++debian/tmp/usr/share/man/man5/slapd-ndb.5
++debian/tmp/usr/share/man/man5/slapd-null.5
++debian/tmp/usr/share/man/man5/slapd-passwd.5
++debian/tmp/usr/share/man/man5/slapd-perl.5
++debian/tmp/usr/share/man/man5/slapd-relay.5
++debian/tmp/usr/share/man/man5/slapd-shell.5
++debian/tmp/usr/share/man/man5/slapd-sock.5
++debian/tmp/usr/share/man/man5/slapd-sql.5
++
++debian/tmp/usr/share/man/man5/slapo-accesslog.5
++debian/tmp/usr/share/man/man5/slapo-auditlog.5
++debian/tmp/usr/share/man/man5/slapo-chain.5
++debian/tmp/usr/share/man/man5/slapo-collect.5
++debian/tmp/usr/share/man/man5/slapo-constraint.5
++debian/tmp/usr/share/man/man5/slapo-dds.5
++debian/tmp/usr/share/man/man5/slapo-dyngroup.5
++debian/tmp/usr/share/man/man5/slapo-dynlist.5
++debian/tmp/usr/share/man/man5/slapo-memberof.5
++debian/tmp/usr/share/man/man5/slapo-pbind.5
++debian/tmp/usr/share/man/man5/slapo-pcache.5
++debian/tmp/usr/share/man/man5/slapo-ppolicy.5
++debian/tmp/usr/share/man/man5/slapo-refint.5
++debian/tmp/usr/share/man/man5/slapo-retcode.5
++debian/tmp/usr/share/man/man5/slapo-rwm.5
++debian/tmp/usr/share/man/man5/slapo-sock.5
++debian/tmp/usr/share/man/man5/slapo-sssvlv.5
++debian/tmp/usr/share/man/man5/slapo-syncprov.5
++debian/tmp/usr/share/man/man5/slapo-translucent.5
++debian/tmp/usr/share/man/man5/slapo-unique.5
++debian/tmp/usr/share/man/man5/slapo-valsort.5
++
++# contrib modules installed in main package
++debian/tmp/usr/share/man/man5/slapo-lastbind.5
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++. /usr/share/debconf/confmodule
++
++# This will be replaced with debian/slapd.scripts-common which includes
++# various helper functions and $OLD_VERSION and $SLAPD_CONF
++#SCRIPTSCOMMON#
++
++postinst_upgrade_cn_config() { # {{{
++ if previous_version_older '2.4.44+dfsg-1~'; then
++ upgrade_cnconfig_ppolicy_schema
++ fi
++}
++# }}}
++postinst_initial_configuration() { # {{{
++# Configure slapd for the first time (when first installed)
++# Usage: postinst_initial_configuration
++
++ if manual_configuration_wanted; then
++ echo " Omitting slapd configuration as requested." >&2
++ else
++ crypt_admin_pass
++ create_new_configuration
++ fi
++}
++
++# }}}
++postinst_upgrade_configuration() { # {{{
++# Handle upgrading slapd from some older version
++# Usage: postinst_upgrade_configuration
++
++ # Better back up the config file in any case
++ backup_config_once
++
++ # Complete any config updates before trying to use slapadd
++ if [ -d "$SLAPD_CONF" ]; then
++ postinst_upgrade_cn_config
++ fi
++
++ # Check if the database format has changed.
++ if database_format_changed; then
++
++ # During upgrading we have to load the old data
++ move_incompatible_databases_away
++ load_databases
++ fi
++
++ # Move to slapd.d configuration style.
++ migrate_to_slapd_d_style
++
++ # One-time upgrade fix for olcAccess on cn=Subschema
++ if previous_version_older 2.4.23-5 && previous_version_newer 2.4.23-3 \
++ && [ -e "$SLAPD_CONF/cn=config/olcDatabase={-1}frontend.ldif" ] \
++ && ! grep -i 'olcAccess:.*subschema' "$SLAPD_CONF/cn=config/olcDatabase={-1}frontend.ldif"
++ then
++ sed -i '/olcAccess: {0}/a\
++olcAccess: {1}to dn.exact="" by * read\
++olcAccess: {2}to dn.base="cn=Subschema" by * read' "${SLAPD_CONF}/cn=config/olcDatabase={-1}frontend.ldif"
++ fi
++
++ # Update permissions of all database directories and /var/run/slapd
++ update_databases_permissions
++ update_permissions /var/run/slapd
++
++ # Versions prior to 2.4.7-1 could create a slapd.conf that wasn't
++ # readable by the openldap user.
++ update_permissions "${SLAPD_CONF}"
++}
++
++# }}}
++
++upgrade_cnconfig_ppolicy_schema() { # {{{
++# Add a new required attribute to the ppolicy schema embedded in the
++# cn=config database when upgrading to 2.4.43 or later.
++# slapd.conf users get schema updates through the regular conffile
++# handling.
++ local dumped_ldif working_ldif ppolicy_dn tmp_slapd_d failed
++
++ if ! [ -d "$SLAPD_CONF" ]; then
++ return 0
++ fi
++
++ if ! previous_version_older '2.4.44+dfsg-1~'; then
++ return 0
++ fi
++
++ # The config should have been dumped in preinst.
++ # If not, hope for the best.
++ dumped_ldif="$(database_dumping_destdir)/cn=config.ldif"
++ if ! [ -f "$dumped_ldif" ]; then
++ echo "Saved configuration not found at $dumped_ldif. Skipping configuration updates." >&2
++ return 0
++ fi
++
++ # Create a working copy with lines unwrapped.
++ working_ldif="$(mktemp --tmpdir slapd-XXXXXXXX.ldif)"
++ trap "trap - INT EXIT; rm -f '$working_ldif'" INT EXIT
++ normalize_ldif "$dumped_ldif" > "$working_ldif"
++
++ # Check whether the schema is loaded and needs an update.
++ ppolicy_dn="$(find_old_ppolicy_schema "$working_ldif")"
++ if [ -z "$ppolicy_dn" ]; then
++ return
++ fi
++
++ echo -n "Adding pwdMaxRecordedFailure attribute to ${ppolicy_dn}... " >&2
++
++ # Add the pwdMaxRecordedFailure attribute to the ppolicy schema.
++ # Let slapadd update modifiersName and modifyTimestamp so these
++ # reflect reality, and entryCSN so replication is aware of the change.
++ perl -i -ne '
++ BEGIN { my $nextidx; }
++ if (/^dn: cn=\{\d+\}ppolicy,cn=schema,cn=config/ .. /^$/) {
++ if (/^entryCSN:/ or /^modifiersName:/ or /^modifyTimestamp:/) {
++ next;
++ } elsif (/^olcAttributeTypes: \{(\d+)\}/) {
++ $nextidx = $1 + 1;
++ } elsif (/^olcObjectClasses: .*NAME '\''pwdPolicy'\''/) {
++ s/MAY \( ([^)]+) \)/MAY ( $1 \$ pwdMaxRecordedFailure )/;
++ } elsif (/^$/) {
++ print "olcAttributeTypes: {$nextidx}( 1.3.6.1.4.1.42.2.27.8.1.30 NAME '\''pwdMaxRecordedFailure'\'' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )\n";
++ }
++ }
++ print;
++ ' "$working_ldif"
++
++ # Import the modified config into a temporary location.
++ tmp_slapd_d="$(mktemp -d --tmpdir slapd-XXXXXXXX)"
++ trap "trap - INT EXIT; rm -rf '$tmp_slapd_d' '$working_ldif'" INT EXIT
++ capture_diagnostics slapadd -F "$tmp_slapd_d" -n0 -l "$working_ldif" || failed=1
++ if [ "$failed" ]; then
++ cat >&2 <<-eof
++failed.
++
++Updating the slapd configuration failed with the following error
++while running slapadd:
++eof
++ release_diagnostics
++ exit 1
++ fi
++
++ # Replace the old config with the updated one.
++ # The current config has already been backed up earlier.
++ rm -r "$SLAPD_CONF/cn=config.ldif" "$SLAPD_CONF/cn=config"
++ mv "$tmp_slapd_d/cn=config.ldif" "$tmp_slapd_d/cn=config" "$SLAPD_CONF/"
++
++ echo 'done.' >&2
++}
++# }}}
++
++# Create a new user. Don't create the user, however, if the local
++# administrator has already customized slapd to run as a different user.
++if [ "$MODE" = "configure" ] || [ "$MODE" = "reconfigure" ] ; then
++ if [ "openldap" = "$SLAPD_USER" ] ; then
++ create_new_user
++ fi
++fi
++
++# Configuration.
++if is_initial_configuration "$@"; then
++ postinst_initial_configuration
++else
++ postinst_upgrade_configuration
++fi
++
++db_stop || true
++
++#DEBHELPER#
++
++exit 0
++
++# vim: set sw=8 foldmethod=marker:
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++set -e
++
++# Load debconf if available (might have been removed before purging
++# slapd)
++
++if [ -e "/usr/share/debconf/confmodule" ]; then
++ . /usr/share/debconf/confmodule
++fi
++
++# Check if the user wants the database removed on purging slapd
++remove_database_on_purge() {
++ db_get slapd/purge_database || RET=false
++ if [ "$RET" = "true" ]; then
++ return 0
++ else
++ return 1
++ fi
++}
++
++if [ "$1" = "purge" ]; then
++ echo -n "Removing slapd configuration... "
++ rm -f /etc/ldap/slapd.conf 2>/dev/null || true
++ rm -rf /etc/ldap/slapd.d 2>/dev/null || true
++ echo "done."
++
++ if remove_database_on_purge; then
++ echo -n "Purging OpenLDAP database... "
++ rm -rf /var/lib/ldap || true
++ echo done
++ fi
++fi
++
++#DEBHELPER#
++
++exit 0
++
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++. /usr/share/debconf/confmodule
++
++# This will be replaced with debian/slapd.scripts-common which includes
++# various helper functions and $OLD_VERSION and $SLAPD_CONF
++#SCRIPTSCOMMON#
++
++ppolicy_schema_needs_update() { # {{{
++# Provide an LDIF to add the pwdMaxRecordedFailure attribute to the
++# ppolicy schema, and recommend the user apply it before continuing with
++# the slapd upgrade.
++ local update_ldif
++
++ update_ldif="$(mktemp --tmpdir ppolicy-schema-update-XXXXXXXX.ldif)"
++ cat > "$update_ldif" << eof
++dn: $1
++changetype: modify
++add: olcAttributeTypes
++olcAttributeTypes: {16}( 1.3.6.1.4.1.42.2.27.8.1.30 NAME 'pwdMaxRecordedFailure' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
++-
++delete: olcObjectClasses
++olcObjectClasses: {1}( 1.3.6.1.4.1.42.2.27.8.2.1 NAME 'pwdPolicy' SUP top AUXILIARY MUST pwdAttribute MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $ pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $ pwdMustChange $ pwdAllowUserChange $ pwdSafeModify ) )
++-
++add: olcObjectClasses
++olcObjectClasses: {1}( 1.3.6.1.4.1.42.2.27.8.2.1 NAME 'pwdPolicy' SUP top AUXILIARY MUST pwdAttribute MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $ pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $ pwdMustChange $ pwdAllowUserChange $ pwdSafeModify $ pwdMaxRecordedFailure ) )
++
++eof
++
++ db_subst slapd/ppolicy_schema_needs_update ldif "$update_ldif"
++ db_fset slapd/ppolicy_schema_needs_update seen false
++ db_input critical slapd/ppolicy_schema_needs_update || true
++ db_go || true
++ db_get slapd/ppolicy_schema_needs_update
++ if [ "$RET" = 'abort installation' ]; then
++ db_stop
++ exit 1
++ fi
++}
++# }}}
++check_ppolicy_schema() { # {{{
++# When upgrading to 2.4.43 or later, if the cn=config database contains
++# an old version of the ppolicy schema, check that it is safe to upgrade
++# it automatically in postinst, or instruct the user to do so before
++# upgrading.
++ local config_ldif="$1"
++
++ # Check whether the schema is loaded and needs an update.
++ local ppolicy_dn="$(find_old_ppolicy_schema "$config_ldif")"
++ if [ -z "$ppolicy_dn" ]; then
++ return
++ fi
++
++ # If either the config or frontend databases have any overlays
++ # or syncrepl clients on them, don't assume it's safe to change
++ # the config offline.
++ # As well, if a content database is a sync provider, we want to
++ # recommend that the schema be updated on every server before
++ # going through with the upgrade.
++ if grep -q -e '^dn: olcOverlay=.\+,olcDatabase={-1}frontend,cn=config$' -e '^dn: olcOverlay=.\+,olcDatabase={0}config,cn=config$' "$config_ldif" \
++ || sed -n '/^dn: olcDatabase={-1}frontend,cn=config$/,// p' "$config_ldif" | grep -q '^olcSyncrepl:' \
++ || sed -n '/^dn: olcDatabase={0}config,cn=config$/,//p' "$config_ldif" | grep -q '^olcSyncrepl:' \
++ || grep -q '^dn: olcOverlay={[0-9]\+}syncprov,olcDatabase=.\+,cn=config' "$config_ldif"; then
++ ppolicy_schema_needs_update "$ppolicy_dn"
++ fi
++
++ # If we made it this far, it should be safe to upgrade the
++ # schema automatically in postinst.
++}
++# }}}
++preinst_check_config() { # {{{
++# Check whether manual config changes are required before upgrading
++ if ! previous_version_older '2.4.44+dfsg-1~'; then
++ # no pre-checks required
++ return 0
++ fi
++
++ if ! [ -d "$SLAPD_CONF" ]; then
++ # no checks needed for slapd.conf at this time
++ return 0
++ fi
++
++ # If slapd was previously removed and a newer version is being
++ # installed, the config must have already been dumped during
++ # remove, or we cannot proceed.
++ if [ "$MODE" = upgrade ]; then
++ dump_config
++ fi
++
++ # Locate the file exported by dump_config.
++ local dumped_ldif="$(database_dumping_destdir)/cn=config.ldif"
++ if [ ! -f "$dumped_ldif" ]; then
++ echo "Expected to find a configuration backup in $dumped_ldif but it is missing. Please retry the upgrade." >&2
++ exit 1
++ fi
++
++ # Create a working copy with lines unwrapped.
++ local config_ldif="$(mktemp --tmpdir slapd.XXXXXXXX.ldif)"
++ trap "trap - INT EXIT; rm -f '$config_ldif'" INT EXIT
++ normalize_ldif "$dumped_ldif" > "$config_ldif"
++
++ check_ppolicy_schema "$config_ldif"
++}
++# }}}
++
++# If we are upgrading from an old version then stop slapd and attempt to
++# slapcat out the data so we can use it in postinst to do the upgrade.
++# If slapd was removed and is being reinstalled, slapcat is not
++# available at this time, so the data should have been dumped before the
++# old slapd was removed.
++
++if [ "$MODE" = upgrade ] || [ "$MODE" = install -a -n "$OLD_VERSION" ]; then
++ preinst_check_config
++fi
++
++if [ "$MODE" = upgrade ]; then
++ dump_databases
++fi
++
++#DEBHELPER#
++
++exit 0
++
++# vim: set sw=8 foldmethod=marker:
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++set -e
++
++. /usr/share/debconf/confmodule
++
++# This will be replaced with debian/slapd.scripts-common which includes
++# various helper functions and $OLD_VERSION and $SLAPD_CONF
++#SCRIPTSCOMMON#
++
++#DEBHELPER#
++
++# Dump config and data to LDIF before removing slapd.
++# If a later version is reinstalled without being purged first, the LDIF
++# files may be required for the upgrade, and the old slapcat won't be
++# available any more.
++# During an upgrade, the new preinst will be in a better position to
++# control whether dumping is needed.
++
++# If the config is badly broken, slapcat may fail, but this should not
++# prevent the package from being removed or purged.
++set +e
++
++if [ "$MODE" = remove ]; then
++ # scripts-common sets OLD_VERSION incorrectly for remove
++ OLD_VERSION="$(dpkg-query -W -f '${Version}' slapd)"
++
++ dump_config
++ dump_databases
++fi
++
++exit 0
++
++# vim: set foldmethod=marker:
--- /dev/null
--- /dev/null
++# -*- sh -*-
++# This file can be included with #SCRIPTSCOMMON#
++
++
++# ===== Dumping and reloading using LDIF files ========================= {{{
++#
++# If incompatible changes are done to the database underlying a LDAP
++# directory we need to dump the contents and reload the data into a newly
++# created database after the new server was installed. The following
++# functions deal with this functionality.
++
++
++# ----- Configuration of this component -------------------------------- {{{
++#
++# Dumping the database can have negative effects on the system we are
++# running on. If there is a lot of data dumping it might fill a partition
++# for example. Therefore we must give the user exact control over what we
++# are doing.
++
++database_dumping_enabled() { # {{{
++# Check if the user has enabled database dumping for the current situation.
++# Return success if yes.
++# Usage: if database_dumping_enabled; then ... fi
++
++ # If the package is being removed, dump unconditionally as we
++ # don't know whether the next version will require reload.
++ [ "$MODE" = remove ] && return 0
++
++ db_get slapd/dump_database
++ case "$RET" in
++ always)
++ ;;
++ "when needed")
++ database_format_changed || return 1
++ ;;
++ never)
++ return 1
++ ;;
++ *)
++ echo >&2 "Unknown value for slapd/dump_database: $RET"
++ echo >&2 "Please report!"
++ exit 1
++ ;;
++ esac
++}
++
++# }}}
++database_format_changed() { # {{{
++# Check if the database format has changed since the old installed version
++# Return success if yes.
++# Usage: if database_format_changed; then
++
++ if dpkg --compare-versions "$OLD_VERSION" lt-nl 2.4.39-1; then
++ return 0
++ else
++ return 1
++ fi
++}
++
++# }}}
++database_dumping_destdir() { # {{{
++# Figure out the directory we are dumping the database to and create it
++# if it does not exist.
++# Usage: destdir=`database_dumping_destdir`
++
++ local dir
++ db_get slapd/dump_database_destdir
++ dir=`echo "$RET"|sed -e "s/VERSION/$OLD_VERSION/"`
++ mkdir -p -m 700 "$dir"
++ echo $dir
++}
++
++# }}}
++create_new_user() { # {{{
++ if [ -z "`getent group openldap`" ]; then
++ addgroup --quiet --system openldap
++ fi
++ if [ -z "`getent passwd openldap`" ]; then
++ echo -n " Creating new user openldap... " >&2
++ adduser --quiet --system --home /var/lib/ldap --shell /bin/false \
++ --ingroup openldap --disabled-password --disabled-login \
++ --gecos "OpenLDAP Server Account" openldap
++ echo "done." >&2
++ fi
++}
++# }}}
++create_ldap_directories() { # {{{
++ if [ ! -d /var/lib/ldap ]; then
++ mkdir -m 0700 /var/lib/ldap
++ fi
++ if [ ! -d /var/run/slapd ]; then
++ mkdir -m 0755 /var/run/slapd
++ fi
++ update_permissions /var/lib/ldap
++ update_permissions /var/run/slapd
++}
++# }}}
++update_permissions() { # {{{
++ local dir
++ dir="$1"
++ if [ -d "$dir" ]; then
++ [ -z "$SLAPD_USER" ] || chown -R -H "$SLAPD_USER" "$dir"
++ [ -z "$SLAPD_GROUP" ] || chgrp -R -H "$SLAPD_GROUP" "$dir"
++ fi
++}
++# }}}
++update_databases_permissions() { # {{{
++ get_suffix | while read -r suffix; do
++ dbdir=`get_directory "$suffix"`
++ update_permissions "$dbdir"
++ done
++}
++# }}}
++# }}}
++# ----- Dumping and loading the data ------------------------------------ {{{
++
++migrate_to_slapd_d_style() { # {{{
++
++ # Check if we need to migrate to the new style.
++ if previous_version_older 2.4.23-3 && [ -f "${SLAPD_CONF}" ] \
++ && ! [ -d /etc/ldap/slapd.d ]
++ then
++
++ # Create the new configuration directory
++ mkdir /etc/ldap/slapd.d
++
++ echo -n " Migrating slapd.conf to slapd.d configuration style... " >&2
++ capture_diagnostics slaptest -f ${SLAPD_CONF} -F /etc/ldap/slapd.d || failed=1
++ if [ "$failed" ]; then
++
++ echo "failed." >&2
++ echo >&2
++ cat <<-EOF
++Migrating slapd.conf file (${SLAPD_CONF}) to slapd.d failed with the following
++error while running slaptest:
++EOF
++ release_diagnostics " "
++ rm -rf /etc/ldap/slapd.d
++ exit 1
++ fi
++
++ # Backup the old slapd.conf
++ mv ${SLAPD_CONF} ${SLAPD_CONF}.old
++ SLAPD_CONF=/etc/ldap/slapd.d
++
++ # Add olcAccess control to grant local root connections access
++ sed -i '/^olcDatabase: {-1}frontend/a\
++olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break\
++olcAccess: {1}to dn.exact="" by * read\
++olcAccess: {2}to dn.base="cn=Subschema" by * read' "${SLAPD_CONF}/cn=config/olcDatabase={-1}frontend.ldif"
++ sed -i '/^olcDatabase: {0}config/a\
++olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break' "${SLAPD_CONF}/cn=config/olcDatabase={0}config.ldif"
++
++ # TODO: Now we are doing something that is not allowed by policy but it
++ # has to be done.
++ sed -i -e "/^[[:space:]]*SLAPD_CONF=.*/ s/^/#/" /etc/default/slapd
++ echo "done." >&2
++ fi
++}
++
++# }}}
++dump_config() { # {{{
++# Dump the cn=config database to the backup directory.
++# This is not the same as backup_config_once, which copies the slapd.d
++# directory verbatim.
++ local dir
++
++ [ -d "$SLAPD_CONF" ] || return 0
++
++ dir="$(database_dumping_destdir)"
++ echo "Saving current slapd configuration to $dir..." >&2
++ slapcat -F "$SLAPD_CONF" -n0 -l "$dir/cn=config.ldif"
++}
++# }}}
++dump_databases() { # {{{
++# If the user wants us to dump the databases they are dumped to the
++# configured directory.
++
++ local db suffix file dir failed slapcat_opts
++
++ database_dumping_enabled || return 0
++
++ dir=`database_dumping_destdir`
++ echo >&2 " Dumping to $dir: "
++ (get_suffix | while read -r suffix; do
++ dbdir=`get_directory "$suffix"`
++ if [ -n "$dbdir" ]; then
++ file="$dir/$suffix.ldif"
++ printf ' - directory %s... ' "$suffix" >&2
++ # Need to support slapd.d migration from preinst
++ if [ -f "${SLAPD_CONF}" ]; then
++ slapcat_opts="-g -f ${SLAPD_CONF}"
++ else
++ slapcat_opts="-g -F ${SLAPD_CONF}"
++ fi
++ slapcat ${slapcat_opts} -b "$suffix" > "$file" || failed=1
++ if [ "$failed" ]; then
++ rm -f "$file"
++ echo "failed." >&2
++ db_subst slapd/upgrade_slapcat_failure location "$dir" <&5
++ db_input critical slapd/upgrade_slapcat_failure <&5 || true
++ db_go <&5 || true
++ exit 1
++ fi
++ echo "done." >&2
++ fi
++ done) 5<&0 </dev/null
++}
++
++# }}}
++load_databases() { # {{{
++ local dir file db dbdir backupdir slapadd_opts
++
++ dir=`database_dumping_destdir`
++ echo >&2 " Loading from $dir: "
++ # restore by increasing suffix length due to possibly glued databases
++ get_suffix | awk '{ print length, $0 }' | sort -n | cut -d ' ' -f 2- \
++ | while read -r suffix; do
++ dbdir=`get_directory "$suffix"`
++ if [ -z "$dbdir" ]; then
++ continue
++ fi
++ if ! is_empty_dir "$dbdir"; then
++ echo >&2 \
++ " Directory $dbdir for $suffix not empty, aborting."
++ exit 1
++ fi
++
++ file="$dir/$suffix.ldif"
++ printf ' - directory %s... ' "$suffix" >&2
++
++ # If there is an old DB_CONFIG file, restore it before
++ # running slapadd
++ backupdir="$(compute_backup_path -n "$suffix")"
++ if [ -e "$backupdir"/DB_CONFIG ]; then
++ cp -a "$backupdir"/DB_CONFIG "$dbdir"/
++ fi
++
++ if [ -f "${SLAPD_CONF}" ]; then
++ slapadd_opts="-g -f ${SLAPD_CONF}"
++ else
++ slapadd_opts="-g -F ${SLAPD_CONF}"
++ fi
++ capture_diagnostics slapadd ${slapadd_opts} \
++ -q -b "$suffix" -l "$file" || failed=1
++ if [ "$failed" ]; then
++ rm -f "$dbdir"/*
++ echo "failed." >&2
++ echo >&2
++ cat <<-EOF
++ Loading the database from the LDIF dump failed with the following
++ error while running slapadd:
++EOF
++ release_diagnostics " "
++ exit 1
++ fi
++ echo "done." >&2
++
++ if [ -n "$SLAPD_USER" ] || [ -n "$SLAPD_GROUP" ]; then
++ echo -n " - chowning database directory ($SLAPD_USER:$SLAPD_GROUP)... "
++ update_permissions "$dbdir"
++ echo "done";
++ fi
++ done
++}
++
++# }}}
++move_incompatible_databases_away() { # {{{
++ echo >&2 " Moving old database directories to /var/backups:"
++ (get_suffix | while read -r suffix; do
++ dbdir=`get_directory "$suffix"`
++ move_old_database_away "$dbdir" "$suffix" <&5
++ done) 5<&0 </dev/null
++}
++# }}}
++# }}}
++# }}}
++
++# ===== Parsing the slapd configuration file ============================ {{{
++#
++# For some operations we have to know the slapd configuration. These
++# functions are for parsing the slapd configuration file.
++
++# The following two functions need to support slapd.conf installations
++# as long as upgrading from slapd.conf environment is supported.
++# They're used to dump database in preinst which may have a slapd.conf file.
++get_suffix() { # {{{
++ if [ -f "${SLAPD_CONF}" ]; then
++ for f in `get_all_slapd_conf_files`; do
++ sed -n -e '/^suffix[[:space:]]/ { s/^suffix[[:space:]]\+"*\([^"]\+\)"*/\1/; s/\\\\/\\/g; p }' $f
++ done
++ else
++ grep -h ^olcSuffix ${SLAPD_CONF}/cn\=config/olcDatabase*.ldif | cut -d: -f 2
++ fi | sort -u
++}
++# }}}
++get_directory() { # {{{
++# Returns the db directory for a given suffix
++ if [ -d "${SLAPD_CONF}" ] && get_suffix | grep -Fq "$1" ; then
++ sed -n 's/^olcDbDirectory: *//p' `grep -Flx "olcSuffix: $1" ${SLAPD_CONF}/cn\=config/olcDatabase*.ldif`
++ elif [ -f "${SLAPD_CONF}" ]; then
++ # Extract the directory for the given suffix ($1)
++ # Quote backslashes once for slapd.conf parser, again for awk
++ quoted="$(printf '%s' "$1" | sed 's/\\/\\\\\\\\/g')"
++ for f in `get_all_slapd_conf_files`; do
++ awk ' BEGIN { DB=0; SUF=""; DIR="" } ;
++ /^database/ { DB=1; SUF=""; DIR="" } ;
++ DB==1 && /^suffix[ \t]+"?'"$quoted"'"?$/ { SUF=$2 ; } ;
++ DB==1 && /^directory/ { DIR=$2 ;} ;
++ DB==1 && SUF!="" && DIR!="" { sub(/^"/,"",DIR) ; sub(/"$/,"",DIR) ; print DIR; SUF=""; DIR="" }' "${f}" | \
++ sed -e's/\([^\\]\|^\)"/\1/g; s/\\"/"/g; s/\\\\/\\/g'
++
++ done
++ else
++ return 1
++ fi
++}
++# }}}
++get_all_slapd_conf_files() { # {{{
++# Returns the list of all the config files: slapd.conf and included files.
++ echo ${SLAPD_CONF}
++ awk '
++BEGIN { I=0 }
++/^include/ {
++ sub(/include/," ");
++ I=1;
++}
++I==1 && /^[ \t]+/ {
++ split($0,F) ;
++ for (f in F)
++ if (!match(F[f],/schema/)) {
++ print F[f]
++ } ;
++ next;
++}
++I==1 { I=0 }
++' ${SLAPD_CONF}
++}
++# }}}
++# }}}
++
++compute_backup_path() { # {{{
++# Compute the path to backup a database directory
++# This is used when backing up actual database files, either just before
++# reloading a dump, or before generating a new configuration.
++# The directory used for dumping and reloading LDIF across upgrades, as
++# well as for backing up the configuration before upgrading, is computed
++# by database_dumping_destdir().
++# Usage: compute_backup_path [-n] <basedn>
++
++# XXX: should ask the user via debconf
++# or maybe just use database_dumping_destdir
++
++ local basedn ok_exists
++ if [ "$1" = "-n" ]; then
++ ok_exists=yes
++ shift
++ fi
++ basedn="$1"
++
++ local id target
++ if [ "$MODE" = reconfigure ] || [ "$DEBCONF_RECONFIGURE" ]; then
++ # reconfigure: use OLD_VERSION plus a timestamp.
++ id="${OLD_VERSION:+$OLD_VERSION-}$(date +%Y%m%d-%H%M%S)"
++ else
++ # install/upgrade: use OLD_VERSION or a timestamp, not both.
++ id="${OLD_VERSION:-$(date +%Y%m%d-%H%M%S)}"
++ fi
++ target="/var/backups/$basedn-$id.ldapdb"
++ if [ -e "$target" ] && [ -z "$ok_exists" ]; then
++ echo >&2
++ echo >&2 " Backup path $target exists. Giving up..."
++ exit 1
++ fi
++
++ printf '%s' "$target"
++}
++
++# }}}
++move_old_database_away() { # {{{
++# Move the old database away if it is still there
++#
++# In fact this function makes sure that the database directory is empty
++# with the exception of any DB_CONFIG file
++# and can be populated with a new database. If something is in the way
++# it is moved to a backup directory if the user accepted the debconf
++# option slapd/move_old_database. Otherwise we output a warning and let
++# the user fix it himself.
++# Usage: move_old_database_away <dbdir> [<basedn>]
++
++ local databasedir backupdir
++ databasedir="$1"
++ suffix="${2:-unknown}"
++
++ if [ ! -e "$databasedir" ] || is_empty_dir "$databasedir"; then
++ return 0
++ fi
++
++ # Note that we can't just move the database dir as it might be
++ # a mount point. Instead me move the content which might
++ # include mount points as well anyway, but it's much less likely.
++ db_get slapd/move_old_database
++ if [ "$RET" = true ]; then
++ backupdir="$(compute_backup_path "$suffix")"
++ printf ' - directory %s... ' "$suffix" >&2
++ mkdir -p "$backupdir"
++ find -H "$databasedir" -mindepth 1 -maxdepth 1 -type f \
++ -exec mv {} "$backupdir" \;
++ echo done. >&2
++ else
++ cat >&2 <<EOF
++ There are leftover files in $databasedir. This will probably break
++ creating the initial directory. If that's the case please move away
++ stuff in there and retry the configuration.
++EOF
++ fi
++}
++# }}}
++manual_configuration_wanted() { # {{{
++# Check if the user wants to configure everything himself (queries debconf)
++# Returns success if yes.
++
++ db_get slapd/no_configuration
++ if [ "$RET" = "true" ]; then
++ return 0
++ else
++ return 1
++ fi
++}
++# }}}
++create_new_configuration() { # {{{
++# Create a new configuration and directory
++
++ local basedn dc
++
++ # For the domain really.argh.org we create the basedn
++ # dc=really,dc=argh,dc=org with the dc entry dc: really
++ db_get slapd/domain
++ basedn="dc=`echo $RET | sed 's/^\.//; s/\.$//; s/\./,dc=/g'`"
++ dc="`echo $RET | sed 's/^\.//; s/\..*$//'`"
++
++ backup_config_once
++ if [ -e "/var/lib/ldap" ] && ! is_empty_dir /var/lib/ldap; then
++ echo >&2 " Moving old database directory to /var/backups:"
++ move_old_database_away /var/lib/ldap
++ fi
++ create_ldap_directories
++ create_new_slapd_conf "$basedn"
++ create_new_directory "$basedn" "$dc"
++
++ # Put the right permissions on this directory.
++ update_permissions /var/lib/ldap
++
++ # Now that we created the new directory we don't need the passwords in the
++ # debconf database anymore. So wipe them.
++ wipe_admin_pass
++}
++# }}}
++create_new_slapd_conf() { # {{{
++# Create the new slapd.d directory (configuration)
++# Usage: create_new_slapd_conf <basedn>
++
++ local initldif failed basedn adminpass
++
++ # Fetch configuration
++ basedn="$1"
++ db_get slapd/internal/adminpw
++ adminpass="$RET"
++
++ echo -n " Creating initial configuration... " >&2
++
++ # Create the slapd.d directory.
++ rm -rf ${SLAPD_CONF}/cn=config ${SLAPD_CONF}/cn=config.ldif
++ mkdir -p ${SLAPD_CONF}
++ initldif=`mktemp -t slapadd.XXXXXX`
++ cat /usr/share/slapd/slapd.init.ldif > ${initldif}
++
++ # Change some defaults
++ sed -i -e "s|@SUFFIX@|$basedn|g" ${initldif}
++ sed -i -e "s|@PASSWORD@|$adminpass|g" ${initldif}
++
++ capture_diagnostics slapadd -F "${SLAPD_CONF}" -b "cn=config" \
++ -l "${initldif}" || failed=1
++ if [ "$failed" ]; then
++ cat <<-EOF
++Loading the initial configuration from the ldif file (${init_ldif}) failed with
++the following error while running slapadd:
++EOF
++ release_diagnostics " "
++ exit 1
++ fi
++
++ update_permissions "${SLAPD_CONF}"
++ rm -f "${initldif}"
++ echo "done." >&2
++}
++# }}}
++encode_utf8() { #{{{
++# Make the value utf8 encoded. Takes one argument and utf8 encode it.
++# Usage: val=`encode_utf8 <value>`
++ perl -e 'use Encode; print encode_utf8($ARGV[0]);' "$1"
++} #}}}
++create_new_directory() { # {{{
++# Create a new directory. Takes the basedn and the dc value of that entry.
++# Other information is extracted from debconf.
++# Usage: create_new_directory <basedn> <dc>
++
++ local basedn dc organization adminpass
++ basedn="$1"
++ dc="$2"
++
++ # Encode to utf8 and base64 encode the organization.
++ db_get shared/organization
++ organization=`encode_utf8 "$RET"`
++ db_get slapd/internal/adminpw
++ adminpass="$RET"
++
++ echo -n " Creating LDAP directory... " >&2
++
++ initldif=`mktemp -t slapadd.XXXXXX`
++ cat <<-EOF > "${initldif}"
++ dn: $basedn
++ objectClass: top
++ objectClass: dcObject
++ objectClass: organization
++ o: $organization
++ dc: $dc
++
++ EOF
++
++ capture_diagnostics slapadd -F "${SLAPD_CONF}" -b "${basedn}" \
++ -l "${initldif}" || failed=1
++ if [ "$failed" ]; then
++ rm -f ${initldif}
++ echo "failed." >&2
++ cat <<-EOF
++Loading the initial configuration from the ldif file (${init_ldif}) failed with
++the following error while running slapadd:
++EOF
++ release_diagnostics " "
++ exit 1
++ fi
++
++ rm -f ${initldif}
++ echo "done." >&2
++}
++# }}}
++backup_config_once() { # {{{
++# Create a backup of the current configuration files.
++# Usage: backup_config_once
++
++ local backupdir
++
++ if [ -z "$FLAG_CONFIG_BACKED_UP" ]; then
++ if [ -e "$SLAPD_CONF" ]; then
++ backupdir=`database_dumping_destdir`
++ echo -n " Backing up $SLAPD_CONF in ${backupdir}... " >&2
++ cp -a "$SLAPD_CONF" "$backupdir"
++ echo done. >&2
++ fi
++ FLAG_CONFIG_BACKED_UP=yes
++ fi
++}
++
++# }}}
++normalize_ldif() { # {{{
++# Unwrap LDIF lines and strip comments.
++ perl -00 -pe 's/\n[ \t]//g; s/^#.*\n//mg' "$@"
++}
++# }}}
++
++
++set_defaults_for_unseen_entries() { # {{{
++# Set up the defaults for our templates
++ DOMAIN=`hostname -d 2>/dev/null` || true
++ if [ -z "$DOMAIN" ]; then DOMAIN='nodomain'; fi
++
++ db_fget slapd/domain seen
++ if [ "$RET" = false ]; then
++ db_set slapd/domain "$DOMAIN"
++ fi
++
++ db_fget shared/organization seen
++ if [ "$RET" = false ]; then
++ db_set shared/organization "$DOMAIN"
++ fi
++}
++# }}}
++crypt_admin_pass() { # {{{
++# Store the encrypted admin password into the debconf db
++# Usage: crypt_admin_pass
++
++ local adminpw;
++
++ db_get slapd/password1
++ if [ ! -z "$RET" ]; then
++ db_set slapd/internal/adminpw "$(create_password_hash "$RET")"
++ else
++
++ # Set the password.
++ adminpw="$(generate_admin_pass)"
++ db_set slapd/internal/generated_adminpw "$adminpw"
++ db_set slapd/internal/adminpw "$(create_password_hash "$adminpw")"
++ fi
++}
++
++generate_admin_pass() {
++# Generate a password, if no password given then generate one.
++# Usage: generate_admin_pass
++
++ # 15 bytes of /dev/urandom provide 120 random bits, assuming the entropy pool is full enough.
++ # Coding these 15 bytes in base64 returns a 20 characters long password.
++ head -c 15 /dev/urandom | base64 | tr -d '[:space:]'
++}
++
++wipe_admin_pass() {
++# Remove passwords after creating the initial ldap database.
++# Usage: wipe_admin_pass
++ db_set slapd/password1 ""
++ db_set slapd/password2 ""
++ db_set slapd/internal/adminpw ""
++ db_set slapd/internal/generated_adminpw ""
++}
++
++# }}}
++create_password_hash() { # {{{
++# Create the password hash for the given password
++# Usage: hash=`create_password_hash "$password"`
++
++ slappasswd -s "$1"
++}
++
++# }}}
++previous_version_older() { # {{{
++# Check if the previous version is newer than the reference version passed.
++# If we are not upgrading the previous version is assumed to be newer than
++# any reference version.
++# Usage: previous_version_older <package version>
++
++ if dpkg --compare-versions "$OLD_VERSION" lt-nl "$1"; then
++ return 0
++ else
++ return 1
++ fi
++}
++
++# }}}
++previous_version_newer() { # {{{
++# Check if the previous version is newer than the reference version passed.
++# If we are not upgrading the previous version is assumed to be newer than
++# any reference version.
++# Usage: previous_version_newer <package version>
++
++ if dpkg --compare-versions "$OLD_VERSION" gt-nl "$1"; then
++ return 0
++ else
++ return 1
++ fi
++} # }}}
++
++is_initial_configuration() { # {{{
++# Check if this is the initial configuration and not an upgrade of an
++# existing configuration
++# Usage: if is_initial_configuration "$@"; then ... fi from top level
++
++ # Plain installation
++ if [ "$1" = configure ] && [ -z "$2" ]; then
++ return 0
++ fi
++ # Configuration via dpkg-reconfigure
++ if [ "$1" = reconfigure ] || [ "$DEBCONF_RECONFIGURE" ]; then
++ return 0
++ fi
++ # Upgrade but slapd.conf doesn't exist. If the user is doing this
++ # intentionally because they want to put it somewhere else, they
++ # should select manual configuration in debconf.
++ if [ "$1" = configure ] && [ ! -e "${SLAPD_CONF}" ]; then
++ return 0
++ fi
++ return 1
++}
++
++# }}}
++is_empty_dir() { # {{{
++# Check if a path refers to a directory that is "empty" from the POV of slapd
++# (i.e., contains no files except for an optional DB_CONFIG).
++# Usage: if is_empty_dir "$dir"; then ... fi
++
++ output=`find -H "$1" -mindepth 1 -maxdepth 1 -type f \! -name DB_CONFIG 2>/dev/null`
++ if [ -n "$output" ]; then
++ return 1
++ else
++ return 0
++ fi
++}
++
++# }}}
++
++find_old_ppolicy_schema() { # {{{
++# Helper for the ppolicy schema update in 2.4.43. Checks whether the
++# exported config includes an old version of the ppolicy schema that
++# needs the new attribute added. If such a schema is found, echos its DN
++# to stdout. If the schema is not loaded or is already up-to-date,
++# returns nothing. The provided LDIF should have its lines unwrapped
++# already.
++# Usage: ppolicy_dn="$(find_old_ppolicy_schema "$exported_ldif")"
++ local ppolicy_dn
++
++ # Is the ppolicy schema loaded?
++ if ! ppolicy_dn="$(grep '^dn: cn={[0-9]\+}ppolicy,cn=schema,cn=config$' "$1")"; then
++ return
++ fi
++
++ # Has the pwdMaxRecordedFailure attribute already been added?
++ # It might have been replicated from a newer server.
++ if grep -q '^olcAttributeTypes: .*NAME '\''pwdMaxRecordedFailure'\' "$1"; then
++ return
++ fi
++
++ # The schema is loaded and needs to be updated.
++ ppolicy_dn="${ppolicy_dn#dn: }"
++ echo "$ppolicy_dn"
++}
++# }}}
++
++# ===== Global variables ================================================ {{{
++#
++# At some points we need to know which version we are upgrading from if
++# any. More precisely we only care about the configuration and data we
++# might have laying around. Some parts also want to know which mode the
++# script is running in.
++
++MODE="$1" # install, upgrade, etc. - see debian-policy
++OLD_VERSION="$2"
++
++# Source the init script configuration
++# See example file debian/slapd.default for variables defined here
++if [ -f "/etc/default/slapd" ]; then
++ . /etc/default/slapd
++fi
++
++# Load the default location of the slapd config file
++if [ -z "$SLAPD_CONF" ]; then
++ if [ -f "/etc/ldap/slapd.conf" ] && \
++ [ ! -e "/etc/ldap/slapd.d" ]
++ then
++ SLAPD_CONF="/etc/ldap/slapd.conf"
++ else
++ SLAPD_CONF="/etc/ldap/slapd.d"
++ fi
++fi
++
++# }}}
++
++# ----- Handling diagnostic output ------------------------------------ {{{
++#
++# Often you want to run a program while you are showing progress
++# information to the user. If the program you are running outputs some
++# diagnostics it will mess up your screen.
++#
++# This is what the following functions are designed for. When running the
++# program, use capture_diagnostics to store what the program outputs to
++# stderr and use release_diagnostics to write out the captured output.
++
++
++capture_diagnostics() { # {{{
++# Run the command passed and capture the diagnostic output in a temporary
++# file. You can dump that file using release_diagnostics.
++
++ # Create the temporary file
++ local tmpfile
++ tmpfile=`mktemp`
++ exec 7<>"$tmpfile"
++ rm "$tmpfile"
++
++ # Run the program and capture stderr. If the program fails the
++ # function fails with the same status.
++ "$@" 2>&7 || return $?
++}
++
++# }}}
++release_diagnostics() { # {{{
++# Dump the diagnostic output captured via capture_diagnostics, optionally
++# prefixing each line.
++# Usage: release_diagnostics "prefix"
++
++ local script
++ script='
++ seek STDIN, 0, 0;
++ print "$ARGV[0]$_" while (<STDIN>);';
++ perl -e "$script" "$1" <&7
++}
++
++# }}}
++
++
++# }}}
++
++# vim: set sw=8 foldmethod=marker:
++
--- /dev/null
--- /dev/null
++Template: slapd/no_configuration
++Type: boolean
++Default: false
++_Description: Omit OpenLDAP server configuration?
++ If you enable this option, no initial configuration or database will be
++ created for you.
++
++Template: slapd/dump_database
++Type: select
++__Choices: always, when needed, never
++Default: when needed
++_Description: Dump databases to file on upgrade:
++ Before upgrading to a new version of the OpenLDAP server, the data from
++ your LDAP directories can be dumped into plain text files in the
++ standard LDAP Data Interchange Format.
++ .
++ Selecting "always" will cause the databases to be dumped
++ unconditionally before an upgrade. Selecting "when needed" will only
++ dump the database if the new version is incompatible with the old
++ database format and it needs to be reimported. If you select "never",
++ no dump will be done.
++
++Template: slapd/dump_database_destdir
++Type: string
++Default: /var/backups/slapd-VERSION
++_Description: Directory to use for dumped databases:
++ Please specify the directory where the LDAP databases will be exported.
++ In this directory, several LDIF files will be created which correspond
++ to the search bases located on the server. Make sure you have enough
++ free space on the partition where the directory is located. The first
++ occurrence of the string "VERSION" is replaced with the server version
++ you are upgrading from.
++
++Template: slapd/move_old_database
++Type: boolean
++Default: true
++_Description: Move old database?
++ There are still files in /var/lib/ldap which will probably break
++ the configuration process. If you enable this option, the maintainer
++ scripts will move the old database files out of the way before
++ creating a new database.
++
++Template: slapd/invalid_config
++Type: boolean
++Default: true
++_Description: Retry configuration?
++ The configuration you entered is invalid. Make sure that the DNS domain name
++ is syntactically valid, the field for the organization is not left empty and
++ the admin passwords match. If you decide not to retry the configuration the
++ LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to
++ retry later.
++
++Template: slapd/domain
++Type: string
++_Description: DNS domain name:
++ The DNS domain name is used to construct the base DN of the LDAP directory.
++ For example, 'foo.example.org' will create the directory with
++ 'dc=foo, dc=example, dc=org' as base DN.
++
++Template: shared/organization
++Type: string
++_Description: Organization name:
++ Please enter the name of the organization to use in the base DN of your
++ LDAP directory.
++
++Template: slapd/password1
++Type: password
++_Description: Administrator password:
++ Please enter the password for the admin entry in your LDAP directory.
++
++Template: slapd/password2
++Type: password
++_Description: Confirm password:
++ Please enter the admin password for your LDAP directory again to verify
++ that you have typed it correctly.
++
++Template: slapd/password_mismatch
++Type: note
++_Description: Password mismatch
++ The two passwords you entered were not the same. Please try again.
++
++Template: slapd/purge_database
++Type: boolean
++Default: false
++_Description: Do you want the database to be removed when slapd is purged?
++
++Template: slapd/internal/adminpw
++Type: password
++Description: Encrypted admin password:
++ Internal template, should never be displayed to users.
++
++Template: slapd/internal/generated_adminpw
++Type: password
++Description: Generated admin password:
++ Internal template, should never be displayed to users.
++
++Template: slapd/upgrade_slapcat_failure
++Type: error
++#flag:translate!:5
++#flag:comment:4
++# This paragraph is followed by a (non translatable) paragraph
++# containing a command line
++#flag:comment:6
++# Translators: keep "${location}" unchanged. This is a variable that
++# will be replaced by a directory name at execution
++_Description: slapcat failure during upgrade
++ An error occurred while upgrading the LDAP directory.
++ .
++ The 'slapcat' program failed while extracting the LDAP directory. This
++ may be caused by an incorrect configuration file (for example, missing
++ 'moduleload' lines to support the backend database).
++ .
++ This failure will cause 'slapadd' to fail later as well. The old database
++ files will be moved to /var/backups. If you want to try this upgrade
++ again, you should move the old database files back into place, fix
++ whatever caused slapcat to fail, and run:
++ .
++ slapcat > ${location}
++ .
++ Then move the database files back to a backup area and then try running
++ slapadd from ${location}.
++
++Template: slapd/unsafe_selfwrite_acl
++Type: note
++#flag:comment:3
++# Translators: keep "by self write" and "to *" unchanged. These are part
++# of the slapd configuration and are not translatable.
++_Description: Potentially unsafe slapd access control configuration
++ One or more of the configured databases has an access control rule that
++ allows users to modify most of their own attributes. This may be
++ unsafe, depending on how the database is used.
++ .
++ In the case of slapd access rules that begin with "to *", it is
++ recommended to remove any instances of "by self write", so that users
++ are only able to modify specifically allowed attributes.
++ .
++ See /usr/share/doc/slapd/README.Debian.gz for more details.
++
++Template: slapd/ppolicy_schema_needs_update
++Type: select
++__Choices: abort installation, continue regardless
++DefaultChoice: abort installation
++#flag:comment:2
++# "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
++#flag:comment:3
++# This paragraph is followed by the path to the generated file (not
++# translatable). The sentence continues in the following paragraph.
++#flag:comment:5
++# This paragraph continues the sentence started in the previous
++# paragraph. It is followed by a command line.
++#flag:translate!:4,6
++_Description: Manual ppolicy schema update recommended
++ The new version of the Password Policy (ppolicy) overlay requires the
++ schema to define the pwdMaxRecordedFailure attribute type, which is not
++ present in the schema currently in use. It is recommended to abort the
++ upgrade now, and to update the ppolicy schema before upgrading slapd.
++ If replication is in use, the schema update should be applied on every
++ server before continuing with the upgrade.
++ .
++ An LDIF file has been generated with the changes required for the upgrade:
++ .
++ ${ldif}
++ .
++ so if slapd is using the default access control rules, these changes can be
++ applied (after starting slapd) by using the command:
++ .
++ ldapmodify -H ldapi:/// -Y EXTERNAL -f ${ldif}
++ .
++ If instead you choose to continue the installation, the new attribute
++ type will be added automatically, but the change will not be acted on
++ by slapd overlays, and replication with other servers may be affected.
--- /dev/null
--- /dev/null
++usr/include/slapi-plugin.h
++usr/lib/*/libslapi.so
--- /dev/null
--- /dev/null
++.TH SLAPO-PW-PBKDF2 5 "RELEASEDATE" "OpenLDAP LDVERSION"
++.\" Copyright 2015-2018 The OpenLDAP Foundation All Rights Reserved.
++.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
++.\" $OpenLDAP$
++.SH NAME
++slapo-pw-pbkdf2 \- PBKDF2 password module to slapd
++.SH SYNOPSIS
++ETCDIR/slapd.conf
++.RS
++.LP
++.B moduleload
++.B pw-pbkdf2
++.RE
++.SH DESCRIPTION
++.LP
++The
++.B pw-pbkdf2
++module to
++.BR slapd (8)
++provides support for the use of the key stretching function
++PBKDF2 (Password-Based Key Derivation Function 2) following RFC 2898
++in hashed passwords in OpenLDAP.
++.LP
++It does so by providing the following additional password schemes for use in slapd:
++.RS
++.TP
++.B {PBKDF2}
++alias to {PBKDF2-SHA1}
++.TP
++.B {PBKDF2-SHA1}
++PBKDF2 using HMAC-SHA-1 as the underlying pseudorandom function
++.TP
++.B {PBKDF2-SHA256}
++PBKDF2 using HMAC-SHA-256 as the underlying pseudorandom function
++.TP
++.B {PBKDF2-SHA512}
++PBKDF2 using HMAC-SHA-512 as the underlying pseudorandom function
++.RE
++
++.SH CONFIGURATION
++The
++.B pw-pbkdf2
++module does not need any configuration.
++.LP
++After loading the module, the password schemes
++{PBKDF2}, {PBKDF2-SHA1}, {PBKDF2-SHA256}, and {PBKDF2-SHA512}
++will be recognised in values of the
++.I userPassword
++attribute.
++.LP
++You can then instruct OpenLDAP to use these schemes when processing
++the LDAPv3 Password Modify (RFC 3062) extended operations by using the
++.BR password-hash
++option in
++.BR slapd.conf (5).
++
++.SH NOTES
++If you want to use the schemes described here with
++.BR slappasswd (8),
++remember to load the module using its command line options.
++The relevant option/value is:
++.RS
++.LP
++.B \-o
++.BR module\-load = pw-pbkdf2
++.LP
++.RE
++Depending on
++.BR pw-pbkdf2 's
++location, you may also need:
++.RS
++.LP
++.B \-o
++.BR module\-path = \fIpathspec\fP
++.RE
++
++.SH EXAMPLES
++All of the userPassword LDAP attributes below encode the password
++.RI ' secret '.
++.EX
++.LP
++userPassword: {PBKDF2-SHA512}10000$/oQ4xZi382mk7kvCd3ZdkA$2wqjpuyV2l0U/a1QwoQPOtlQL.UcJGNACj1O24balruqQb/NgPW6OCvvrrJP8.SzA3/5iYvLnwWPzeX8IK/bEQ
++.LP
++userPassword: {PBKDF2-SHA256}10000$jq40ImWtmpTE.aYDYV1GfQ$mpiL4ui02ACmYOAnCjp/MI1gQk50xLbZ54RZneU0fCg
++.LP
++userPassword: {PBKDF2-SHA1}10000$QJTEclnXgh9Cz3ChCWpdAg$9.s98jwFJM.NXJK9ca/oJ5AyoAQ
++.EE
++.LP
++To make {PBKDF2-SHA512} the password hash used in Password Modify extended operations,
++simply set this line in slapd.conf(5):
++.EX
++.LP
++password-hash {PBKDF2-SHA512}
++.EX
++
++.SH SEE ALSO
++.BR slapd.conf (5),
++.BR ldappasswd (1),
++.BR slappasswd (8),
++.BR ldap (3),
++.LP
++"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
++.LP
++
++.SH ACKNOWLEDGEMENTS
++This manual page has been written by Peter Marschall based on the
++module's README file written by HAMANO Tsukasa <hamano@osstech.co.jp>
++.LP
++.B OpenLDAP
++is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
++.B OpenLDAP
++is derived from University of Michigan LDAP 3.3 Release.
--- /dev/null
--- /dev/null
++3.0 (quilt)
--- /dev/null
--- /dev/null
++# this file lists copyright notices applying to the schemas
++openldap source: license-problem-non-free-RFC servers/slapd/schema/README
++# RFC text removed, files contain functional interface definitions only
++# Copyright notices have been retained to preserve attribution
++openldap source: license-problem-non-free-RFC debian/schema/core.ldif
++openldap source: license-problem-non-free-RFC debian/schema/core.schema
++openldap source: license-problem-non-free-RFC debian/schema/pmi.schema
++# internal templates, not shown to users
++openldap source: untranslatable-debconf-templates slapd.templates: 89
++openldap source: untranslatable-debconf-templates slapd.templates: 94
++# included upstream in a future release
++openldap source: maintainer-manual-page debian/slapo-pw-pbkdf2.5
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++set -e
++
++# WARNING: This script is obsolete and will require a fair bit of work to get
++# working again. It assumes woody, uses debconf questions that don't exist
++# any more, and probably doesn't check everything that you would want to
++# check. Preserved just because I haven't done the work to see if puiparts
++# can now do the same thing in a cleaner way.
++
++# Setup
++: ${chroot_dir:=../chroot}
++: ${debmirror:=http://ftp.de.debian.org/debian}
++: ${proxy:=http://proxy.galaxy:3128/}
++unset LC_ALL
++unset LC_CTYPE
++unset LC_MESSAGES
++# XXX: comment out when testing new versions. Needed so libc6 does not
++# ask for restarting services.
++export DEBIAN_FRONTEND=noninteractive
++
++woodytar=$chroot_dir/woody_base.tar.gz
++
++# List our packages
++list_packages() {
++ local p ver
++ ver=`dpkg-parsechangelog|sed -ne 's/^Version: //p'`
++ for p in `dh_listpackages`; do
++ (cd .. && echo ${p}_$ver*deb)
++ done
++}
++
++# Run a command inside the chroot
++
++in_target() {
++ chroot $chroot_dir/woody "$@"
++}
++
++# Set a debconf variable inside the chroot
++
++debconf_set() {
++ local name=$1
++ shift
++ cat >>$chroot_dir/woody/var/cache/debconf/config.dat <<EOF
++Name: $name
++Template: $name
++Flags: seen
++Value: $@
++
++EOF
++}
++
++# Setup a woody chroot
++
++setup_chroot() {
++ # Kill an existing chroot
++ rm -Rf $chroot_dir/woody
++
++ # If there is a tar archive with a base system we use it
++ if [ -e $woodytar ]; then
++ mkdir $chroot_dir/woody
++ echo -n "Unpacking system from $woodytar"
++ tar -C $chroot_dir/woody -xzf $woodytar
++ echo "done."
++ # Otherwise we need to create a new base system and save it
++ # to a tar for the next time
++ else
++ debootstrap woody $chroot_dir/woody $debmirror | \
++ shtool prop -p "Creating base system from $debmirror"
++ tar -C $chroot_dir/woody -czvf $woodytar . | \
++ shtool prop -p "Saving system to $woodytar"
++ fi
++
++ # Install a suitable apt configuration
++ echo "deb $debmirror woody main" \
++ > $chroot_dir/woody/etc/apt/sources.list
++ echo "Acquire::HTTP::Proxy \"$proxy\";" \
++ > $chroot_dir/woody/etc/apt/apt.conf
++ in_target apt-get update
++ in_target mount -t proc none /proc
++
++ # We don't want any debconf interaction
++ #debconf_set debconf/frontend Noninteractive
++}
++
++# These are our example configurations for testing the upgrade
++
++conf_domain_or_host() {
++ debconf_set slapd/fill_method auto
++ debconf_set slapd/suffix_type "domain or host"
++ debconf_set slapd/domain "some.example.net"
++ debconf_set slapd/replicate false
++ debconf_set shared/organization Some Organization
++}
++
++
++check_domain_or_host() {
++ sleep 2 # wait for slapd to startup
++ in_target ldapsearch -h localhost -b dc=some,dc=example,dc=net -x \
++ objectclass=\*
++}
++
++conf_location() {
++ debconf_set slapd/fill_method auto
++ debconf_set slapd/suffix_type "location"
++ debconf_set shared/locale/countrycode de
++ debconf_set shared/organization "Sample Organization"
++ debconf_set slapd/replicate false
++ debconf_set shared/organization Some Organization
++}
++
++check_location() {
++ sleep 2 # wait for slapd to startup
++ in_target ldapsearch -h localhost -b "o=Some Organization, c=de" \
++ -x objectclass=\*
++}
++# Install slapd inside the chroot
++
++install_slapd() {
++ in_target apt-get -y install slapd ldap-utils
++}
++
++# Do an upgrade of our packages inside the chroot
++
++upgrade() {
++ # Link our packages into the chroot
++ for p in `list_packages`; do
++ ln ../$p $chroot_dir/woody/root/
++ done
++
++ # Create a packages file
++ (cd $chroot_dir/woody/root && dpkg-scanpackages . /dev/null >Packages)
++
++ # Switch to unstable
++ echo "deb $debmirror unstable main" \
++ > $chroot_dir/woody/etc/apt/sources.list
++ echo "deb file:/root ./" >> $chroot_dir/woody/etc/apt/sources.list
++
++ # Update package lists
++ in_target apt-get update
++
++ # Tell our scripts to fix the config
++ debconf_set slapd/fix_directory true
++ debconf_set slapd/password1 foobar
++ debconf_set slapd/allow_ldap_v2
++
++ # Do an upgrade of our packages
++ in_target apt-get install -y `dh_listpackages`
++}
++
++# Checks if upgrading a woody system with slapd configured with the
++# command given works.
++
++check_upgrade() {
++ setup_chroot
++ conf_$1
++ debconf_set slapd/password1 foobar
++ debconf_set slapd/password2 foobar
++ install_slapd
++ check_$1
++ upgrade
++ check_$1
++ in_target /etc/init.d/slapd stop
++ in_target umount /proc
++}
++
++# Try upgrading our example setups
++
++for i in location domain_or_host; do
++ check_upgrade $i
++done
++
++echo "SUCCESS testing upgrading from woody"
--- /dev/null
--- /dev/null
++Tests: slapd
++Depends: ldap-utils
++Restrictions: allow-stderr, isolation-container, needs-root, superficial
--- /dev/null
--- /dev/null
++#! /usr/bin/perl -w
++
++# Shows how to create an entry on the LDAP server
++
++$host = "localhost"; # LDAP server
++$basedn = "dc=galaxy"; # Base DN
++$admindn = "cn=admin, $basedn"; # Admin entry
++$adminpass = "foo"; # Password
++
++use Net::LDAP;
++
++$ldap = Net::LDAP->new("$host", onerror => "die");
++$ldap->bind($admindn, password => $adminpass);
++
++# Create "ou=People" entry if not there
++
++$results = $ldap->search(base => "$basedn",
++ filter => "ou=People", scope => "one");
++unless ($results->count > 0) {
++ $ldap->add("ou=People, $basedn", attr => [
++ ou => "People",
++ objectClass => [ "top", "organizationalUnit" ]
++ ]);
++}
--- /dev/null
--- /dev/null
++#! /usr/bin/perl -w
++
++use autouse Data::Dumper, qw{Dumper};
++
++# Script to find the unused shell functions in slapd.scripts-common
++
++our @code;
++
++# Get all shell code from maintainer scripts
++
++foreach my $file ((<slapd.*rm>, <slapd.*inst>, <slapd.config>,
++ <slapd.scripts-common>)) {
++ open SCRIPT, "<$file" or
++ die "Can't open $file: $!";
++ push @code, <SCRIPT>;
++ close SCRIPT;
++}
++
++# Find all function declarations
++
++our @functions = map { /^(\w+)\s*\(\).*$/; } @code;
++
++# Find unused functions
++
++foreach $function (@functions) {
++ @occurences = grep /$function/, @code;
++ @invocations = grep { !/^$function\s*\(\)/ and !/#.*$function/ }
++ @occurences;
++ print "$function\n" if @invocations == 0;
++}
--- /dev/null
--- /dev/null
++#! /usr/bin/perl -w
++
++use Net::LDAP;
++use Data::Dumper;
++
++$host = "localhost"; # LDAP server
++$basedn = "dc=galaxy"; # Base DN
++$admindn = "cn=admin, $basedn"; # Admin entry
++$adminpass = "foo"; # Password
++$group = $ARGV[0] || "People";
++
++$ldap = Net::LDAP->new("$host", onerror => "die");
++$ldap->bind($admindn, password => $adminpass);
++
++sub create_group {
++ $results = $ldap->search(base => "$basedn",
++ filter => "ou=$group", scope => "one");
++ unless ($results->count > 0) {
++ $ldap->add("ou=$group, $basedn", attr => [
++ ou => "$group",
++ objectClass => [ "top", "organizationalUnit" ]
++ ]);
++ }
++}
++
++sub invent_name {
++ our @words;
++ unless (@words) {
++ open WORDS, "/usr/share/dict/british-english-large";
++ @words = grep /^[A-Z]\w{0,11}$/, <WORDS>;
++ map { chomp } @words;
++ close WORDS;
++ }
++
++ my $index = int(rand(@words));
++ $index = int(rand(@words)) while not defined $words[$index];
++ my $word = $words[$index];
++ delete $words[$index];
++ return $word;
++}
++
++sub invent_names {
++ our @names;
++
++ foreach (1..1000) {
++ push @names, { cn => invent_name, sn => invent_name };
++ }
++}
++
++sub create_entries {
++ foreach my $name (@names) {
++ create_account(%$name);
++ }
++}
++
++sub create_account {
++ our $uid;
++ $uid = 1000 if not defined $uid;
++
++ my %id = @_;
++ my $login = $id{cn};
++ $login =~ tr/A-Z/a-z/;
++ $ldap->add("uid=$login, ou=$group, $basedn", attr => [
++ %id,
++ objectClass => [ "top", "person", "posixAccount" ],
++ uid => $login,
++ uidNumber => $uid++,
++ gidNumber => 1000,
++ homeDirectory => "/home/$login" ]);
++}
++
++sub delete_entries {
++ foreach my $name (@names) {
++ delete_account(%$name);
++ }
++}
++
++sub delete_account {
++ my %id = @_;
++ my $login = $id{cn};
++ $login =~ tr/A-Z/a-z/;
++ $ldap->delete("uid=$login, ou=$group, $basedn");
++}
++
++sub search_entries {
++ foreach (1..10000) {
++ my $num = int(rand(@names));
++ $login = $names[$num]->{cn};
++ $login =~ tr/A-Z/a-z/;
++ $ldap->search(base => "$basedn", filter => "uid=$login");
++ }
++}
++
++create_group;
++invent_names;
++create_entries;
++search_entries;
++delete_entries;
--- /dev/null
--- /dev/null
++#!/bin/sh
++set -eux
++
++export DEBIAN_FRONTEND=noninteractive
++
++debconf-set-selections << eof
++slapd slapd/password1 password secret
++slapd slapd/password2 password secret
++slapd slapd/domain string example.com
++slapd slapd/organization string example.com
++eof
++
++apt-get -y install slapd
++
++test "$(ldapwhoami -x -D 'cn=admin,dc=example,dc=com' -w secret)" = 'dn:cn=admin,dc=example,dc=com'
--- /dev/null
--- /dev/null
++# debian/watch -- Rules for uscan to find new upstream versions.
++
++version=3
++opts=dversionmangle=s/\+dfsg// \
++https://www.openldap.org/software/download/ \
++ (?:.*/)?openldap-?_?([\d+\.]+)\.tgz
projects / openldap.git / commitdiff