From: Ryan Tandy Date: Fri, 27 Aug 2021 16:42:31 +0000 (+0100) Subject: openldap (2.4.59+dfsg-1) unstable; urgency=medium X-Git-Tag: archive/raspbian/2.5.13+dfsg-3+rpi1~1^2^2^2^2^2~25 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=127c582d02c327ef9d450181a1375e90585146d7;p=openldap.git openldap (2.4.59+dfsg-1) unstable; urgency=medium * New upstream release. * Fix FTBFS with autoconf 2.71 (Closes: #993032): - Backport upstream changes to support Autoconf 2.69 instead of simply disabling automake in debian/rules. Fixes FTBFS due to autoreconf thinking files required by Automake are missing, even though Automake is not actually used. - Stop running autoreconf in contrib/ldapc++ since we don't build it. - Drop custom config.{guess,sub} handling. dh_update_autotools_config does the right thing for us. * Update Standards-Version to 4.6.0; no changes required. * Add a superficial autopkgtest for smbk5pwd. * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug (#866122) is fixed in all relevant suites by now. [dgit import unpatched openldap 2.4.59+dfsg-1] --- 127c582d02c327ef9d450181a1375e90585146d7 diff --cc debian/DB_CONFIG index 00000000,00000000..302dcfa2 new file mode 100644 --- /dev/null +++ b/debian/DB_CONFIG @@@ -1,0 -1,0 +1,78 @@@ ++# WARNING: Before tuning the following parameters, _PLEASE READ_ ++# /usr/share/doc/slapd/README.DB_CONFIG.gz ++ ++# Set the database in memory cache size. ++# ++# set_cachesize ++# Sets the database in memory cache size. ++# Database entries and indexes will be stored in this cache to ++# avoid disk access during database read and write operations. ++# Tuning this value can greatly effect your database performance. ++# The parameters are: ++# : The number of gigabytes of memory to allocate to the cache. ++# : The number of bytes of memory to allocate to the cache. ++# : The number of cache segments to use. If this value is set to ++# 0 or 1 then Berkeley DB will try to allocate one contiguous section ++# of memory for the cache. If this value is greater than 1, the cache ++# will be split into that number of segments. ++#set_cachesize 0 52428800 0 ++ ++# For the Debian package we use 2MB as default but be sure to update this ++# value if you have plenty of RAM ++set_cachesize 0 2097152 0 ++ ++# Sets the database startup flags. ++# ++# set_flags ++# There are various flag options that may be set. The DB_TXN_NOSYNC flag ++# tells the database not to immediately flush transaction buffers to disk. ++# Setting this flag can help speed up database access during periods of ++# database write activity BUT at expense of data safety. Enable it only ++# to load data with slapadd, while slapd is not running. ++#set_flags DB_TXN_NOSYNC ++ ++ ++# Set the maximum in memory cache in for database file name caching. ++# ++# set_lg_regionmax ++# This value should be increased as the number of database files increases ++# (tables and indexes). ++#set_lg_regionmax 1048576 ++ ++# Set the maximum size of log files in . ++# ++# set_lg_max ++# Logs will be rotated when amount of data have been written to ++# one log file. This value should be at least four times the size of ++# set_lg_bsize. ++#set_lg_max 10485760 ++ ++# Set the in memory cache for log information. ++# ++# set_lg_bsize ++# When amount of logging information have been written to this ++# cache it will be flushed to disk. ++#set_lg_bsize 2097152 ++# For the Debian package we use 512kByte which should suffice for typical ++# directory usage (read often, write seldom) ++set_lg_bsize 524288 ++ ++# Set the log file directory to . ++# ++# set_lg_dir /usr/local/var/openldap-logs ++# Log files should preferably be on a different disk than the ++# database files. This both improves reliability (for disastrous ++# recovery) and speed of the database. ++#set_lg_dir ++ ++ ++# Sven Hartge reported that he had to set this value incredibly high ++# to get slapd running at all. See http://bugs.debian.org/303057 ++# for more information. ++ ++# Number of objects that can be locked at the same time. ++set_lk_max_objects 5000 ++# Number of locks (both requested and granted) ++set_lk_max_locks 5000 ++# Number of lockers ++set_lk_max_lockers 5000 diff --cc debian/README.DB_CONFIG index 00000000,00000000..f8ee5f1f new file mode 100644 --- /dev/null +++ b/debian/README.DB_CONFIG @@@ -1,0 -1,0 +1,187 @@@ ++For good performance using the BDB backend, a good DB_CONFIG file in the ++database directory (usually /var/lib/ldap) is crucial. The following two ++articles should help you to determine a good configuration for your ++requirements. A standard DB_CONFIG is installed but it may not be adequate ++for your system. ++ ++The current version of OpenLDAP supports putting DB_CONFIG parameters into ++slapd.conf instead by prefixing those options with dbconfig. See the ++slapd-bdb(5) man page for more information. If there is no DB_CONFIG file ++when slapd starts and there are dbconfig lines in slapd.conf, slapd will ++write out a DB_CONFIG file with those settings before initializing the ++database. ++ ++With the current version of OpenLDAP, any changes to DB_CONFIG will take ++effect automatically after restarting slapd. Running db_recover is no ++longer required. ++ ++ -- Torsten Landschoff Sun, 29 May 2005 18:08:10 +0200 ++ Russ Allbery Fri, 01 Jun 2007 23:57:33 -0700 ++ ++How do I configure the BDB backend? ++----------------------------------- ++(Taken from http://www.openldap.org/faq/data/cache/893.html, author unknown) ++ ++The BDB backend ("back-bdb") uses a lot of special features of Sleepycat's ++Berkeley DB library, and there are a lot of details that must be set correctly ++to get the best results from it. Even though the LDBM backend ("back-ldbm") can ++use the BerkeleyDB library, the BDB and LDBM backends have some very important ++differences, as already noted in (Xref) What are the different backends? What ++are their differences?. ++ ++Because back-bdb is transaction-based and uses write-ahead logging to ensure ++data consistency, it has much heavier I/O demands than back-ldbm. Also, the ++transaction log files accumulate as data is written to the directory, and these ++log files must be cleaned out periodically. Otherwise the log files will ++consume enormous amounts of disk space. The cleanup procedures are described in ++(Xref) How to maintain Berkeley DB (logs etc.) ?. ++ ++The information needed to fully understand things and to properly configure ++back-bdb is divided among the slapd-bdb(5) manual page and the SleepyCat ++BerkeleyDB documentation (http://www.sleepycat.com/docs/). ++ ++You should read the entire slapd-bdb(5) manpage before proceeding. The only ++mandatory keyword is "directory" for setting the location of the database ++files. The other keywords control tradeoffs between data reliability, ++performance, and memory use. To ensure that committed transactions actually get ++flushed to disk, you should use the "checkpoint" keyword, otherwise your data ++is vulnerable to loss due to system failures. See the SleepyCat documentation ++for more information about checkpoints. (In fact, you should read all of ++chapter 9 "Berkeley DB Transactional Data Store Applications" in the SleepyCat ++reference manual. At least, read sections 1-3 and 13-24.) ++ ++The "dbnosync" keyword is provided for compatibility with back-ldbm; the ++preferred method of setting this is to use the BDB DB_CONFIG file option ++set_flags DB_TXN_NOSYNC. The "lockdetect" keyword is also deprecated, you ++should instead use the BDB DB_CONFIG file set_lk_detect keyword. (It's safe to ++leave this at the default setting.) ++ ++A number of important items must be configured in the BDB DB_CONFIG file and ++not in slapd.conf. You should, at least, read about these items: ++ ++set_cachesize ++ The BDB library maintains its own cache separate from the back-bdb entry ++ cache. You must set this cache to a size appropriate for your database and ++ physical memory size. Note that this is a persistent setting - after you ++ set it the first time, further changes will be ignored until you recreate ++ the environment using db_recover. ++set_lg_dir ++ Set the directory for storing transaction logs. For best performance, ++ the transaction logs must be located on a different physical disk from ++ the database files. ++set_lg_bsize ++ Set the buffer size for the transaction log. Larger is better, but it ++ doesn't have much effect unless you're also using the DB_TXN_NOSYNC ++ option. With a default log file size of 10MB I usually set this to 2MB. ++ The default is only 32K, which is too small for back-bdb. ++ ++On a very busy system you might see error messages talking about running out of ++locks, lockers, or lock objects. Usually the default values are plenty, and in ++older versions of the BDB library the errors were more likely due to library ++bugs than actual system load. However, it is possible that you have actually ++run out of lock resources due to heavy system usage. If this happens, you ++should read about the set_lk_max_lockers, set_lk_max_locks, and ++set_lk_max_objects keywords. ++ ++How do I determine the proper BDB/HDB database cache size? ++---------------------------------------------------------- ++(Taken from http://www.openldap.org/faq/data/cache/1075.html, written by ++hyc@openldap.org, Kurt@OpenLDAP.org) ++ ++Not having a proper database cache size will cause performance issues. (Note: ++in older versions of Berkeley DB, an improper database case size could also ++cause the server to hang.) ++ ++These issues are not an indication of corruption occurring in the database. It ++is merely the fact that the cache is thrashing itself that causes ++performance/response time to slowdown. If you take the time to read and ++understand the Berkeley DB documentation, measure the library performance using ++db_stat, and tune your settings, you will avoid these problems. ++ ++It is not absolutely necessary to configure a BerkeleyDB cache equal in size to ++your entire database. All that you need is a cache that's large enough for your ++"working set." That means, large enough to hold all of the most frequently ++accessed data, plus a few less-frequently accessed items. ++ ++You should really read the BDB documentation referenced above, but let me spell ++out what that really means here, in detail. The discussion here is focused on ++back-bdb and back-hdb, but most of it also applies to back-ldbm when using ++BerkeleyDB as the underlying database engine. ++ ++Start with the most obvious - the back-bdb database lives in two main files, ++dn2id.bdb and id2entry.bdb. These are B-tree databases. We have never ++documented the back-bdb internal layout before, because it didn't seem like ++something anyone should have to worry about, nor was it necessarily cast in ++stone. But here's how it works today, in OpenLDAP 2.1 and 2.2. (All of the ++database files in back-ldbm are B-trees by default.) ++ ++A B-tree is a balanced tree; it stores data in its leaf nodes and bookkeeping ++data in its interior nodes. (If you don't know what tree data structures look ++like in general, Google for some references, because that's getting far too ++elementary for the purposes of this discussion.) ++ ++For decent performance, you need enough cache memory to contain all the nodes ++along the path from the root of the tree down to the particular data item ++you're accessing. That's enough cache for a single search. For the general ++case, you want enough cache to contain all the internal nodes in the database. ++"db_stat -d" will tell you how many internal pages are present in a database. ++You should check this number for both dn2id and id2entry. ++ ++Also note that id2entry always uses 16KB per "page", while dn2id uses whatever ++the underlying filesystem uses, typically 4 or 8KB. To avoid thrashing the ++cache and triggering these infinite hang bugs in BDB 4.1.25, your cache must be ++at least as large as the number of internal pages in both the dn2id and ++id2entry databases, plus some extra space to accomodate the actual leaf data ++pages. ++ ++For example, in my OpenLDAP 2.2 test database, I have an input LDIF file that's ++about 360MB. With the back-hdb backend this creates a dn2id.bdb that's 68MB, ++and an id2entry that's 800MB. db_stat tells me that dn2id uses 4KB pages, has ++433 internal pages, and 6378 leaf pages. The id2entry uses 16KB pages, has 52 ++internal pages, and 45912 leaf pages. In order to efficiently retrieve any ++single entry in this database, the cache should be at least ++ ++(433+1) * 4KB + (52+1) * 16KB in size: 1736KB + 848KB =~ 2.5MB. ++ ++This doesn't take into account other library overhead, so this is even lower ++than the barest minimum. The default cache size, when nothing is configured, is ++only 256KB. If you tried to do much of anything with this database and only ++default settings, BDB 4.1.25 would lock up in an infinite loop. ++ ++This 2.5MB number also doesn't take indexing into account. Each indexed ++attribute uses another database file of its own, using a Hash structure. ++(Again, in back-ldbm, the indexes also use B-trees by default, so this part of ++the discussion doesn't apply unless back-ldbm was explicitly compiled to use ++Hashes instead. Also, in OpenLDAP 2.2 onward, all of the indexes use B-trees, ++there are no more Hash database files. So just use the B-tree information above ++and ignore this Hash discussion.) ++ ++Unlike the B-trees, where you only need to touch one data page to find an entry ++of interest, doing an index lookup generally touches multiple keys, and the ++point of a hash structure is that the keys are evenly distributed across the ++data space. That means there's no convenient compact subset of the database ++that you can keep in the cache to insure quick operation, you can pretty much ++expect references to be scattered across the whole thing. My strategy here ++would be to provide enough cache for at least 50% of all of the hash data. ++(Number of hash buckets + number of overflow pages + number of duplicate pages) ++* page size / 2. ++ ++The objectClass index for my example database is 5.9MB and uses 3 hash buckets ++and 656 duplicate pages. So ( 3 + 656 ) * 4KB / 2 =~ 1.3MB. ++ ++With only this index enabled, I'd figure at least a 4MB cache for this backend. ++(Of course you're using a single cache shared among all of the database files, ++so the cache pages will most likely get used for something other than what you ++accounted for, but this gives you a fighting chance.) ++ ++With this 4MB cache I can slapcat this entire database on my 1.3GHz PIII in 1 ++minute, 40 seconds. With the cache doubled to 8MB, it still takes the same ++1:40s. Once you've got enough cache to fit the B-tree internal pages, ++increasing it further won't have any effect until the cache really is large ++enough to hold 100% of the data pages. I don't have enough free RAM to hold all ++the 800MB id2entry data, so 4MB is good enough. ++ ++With back-bdb and back-hdb you can use "db_stat -m" to check how well the ++database cache is performing. Unfortunately you can't do this with back-ldbm, ++as the statistics are not accessible when slapd is running, nor are they saved ++anywhere when slapd is stopped. (Yet another reason not to use back-ldbm.) diff --cc debian/TODO index 00000000,00000000..768674cd new file mode 100644 --- /dev/null +++ b/debian/TODO @@@ -1,0 -1,0 +1,32 @@@ ++openldap2.2 (2.2.23-4) unstable; urgency=low ++ ++ * debian/slapd.NEWS: Summarize the upstream changes and make clear that ++ the upgrade may be problemated. Sketch the upgrade procedure. ++ * debian/README.Debian: Explain what to check for if upgrading fails and ++ how to recover. ++ * CARLO: debian/slapd.scripts-common: Handle all UTF-8 supported characters ++ in organization field by converting the locale specific input into ++ utf-8 and base64 encoding the result (closes: #236097). ++ * Maintainer scripts: Handle the configuration to enable ldif dumping ++ correctly: Dump if requested and only slapadd the data if it is ++ supposed to be there. ++ * Check ITS#3267 (possible data loss) and apply the patch to the ++ package. ++ * CARLO: Escape special chars in the names of backup LDIF files using ++ the %xx syntax. ++ * Check lintian warning: Postinst uses db_input. I think the usage is ++ okay as it is an error message IIRC which is also output using cat ++ in case debconf is not available. ++ ++ -- Torsten Landschoff Sun, 3 Apr 2005 20:24:52 +0200 ++ ++openldap2.2 (2.2.23-5) unstable; urgency=low ++ ++ * Refactoring of the maintainer scripts. Goals: ++ + No more direct access to global variables but accessor functions ++ to check for invalid uses. Example: Don't use $OLD_VERSION but ++ `get_previous_version`. That way invalid uses can easily be flagged ++ if that information is not available anymore. ++ * Remove perl script to hash a password and use slappasswd instead. ++ ++ -- Torsten Landschoff Sun, 3 Apr 2005 20:24:52 +0200 diff --cc debian/USE-CASES index 00000000,00000000..e073fae8 new file mode 100644 --- /dev/null +++ b/debian/USE-CASES @@@ -1,0 -1,0 +1,7 @@@ ++Some ideas what to check and what the desired results would be: ++ ++- running dpkg-reconfigure with an already configured slapd ++ ++ Should either backup the database or ask before killing it. ++ Same for slapd.conf. Neither old configuration or old database ++ should be lost without the user confirming that this is what he wants. diff --cc debian/changelog index 00000000,00000000..539831c6 new file mode 100644 --- /dev/null +++ b/debian/changelog @@@ -1,0 -1,0 +1,3472 @@@ ++openldap (2.4.59+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ * Fix FTBFS with autoconf 2.71 (Closes: #993032): ++ - Backport upstream changes to support Autoconf 2.69 instead of simply ++ disabling automake in debian/rules. Fixes FTBFS due to autoreconf ++ thinking files required by Automake are missing, even though Automake is ++ not actually used. ++ - Stop running autoreconf in contrib/ldapc++ since we don't build it. ++ - Drop custom config.{guess,sub} handling. dh_update_autotools_config does ++ the right thing for us. ++ * Update Standards-Version to 4.6.0; no changes required. ++ * Add a superficial autopkgtest for smbk5pwd. ++ * Stop disabling test060-mt-hot on ppc64el. The underlying kernel bug ++ (#866122) is fixed in all relevant suites by now. ++ ++ -- Ryan Tandy Fri, 27 Aug 2021 09:42:31 -0700 ++ ++openldap (2.4.57+dfsg-3) unstable; urgency=medium ++ ++ * Link smbk5pwd with -lkrb5. (Closes: #988565) ++ ++ -- Ryan Tandy Sat, 15 May 2021 16:03:34 -0700 ++ ++openldap (2.4.57+dfsg-2) unstable; urgency=medium ++ ++ * Fix slapd assertion failure in Certificate List Exact Assertion validation ++ (ITS#9454) (CVE-2021-27212) ++ ++ -- Ryan Tandy Sun, 14 Feb 2021 09:26:41 -0800 ++ ++openldap (2.4.57+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ - Fixed slapd crashes in Certificate Exact Assertion processing ++ (ITS#9404, ITS#9424) (CVE-2020-36221) ++ - Fixed slapd assertion failures in saslAuthzTo validation ++ (ITS#9406, ITS#9407) (CVE-2020-36222) ++ - Fixed slapd crash in Values Return Filter control handling ++ (ITS#9408) (CVE-2020-36223) ++ - Fixed slapd crashes in saslAuthzTo processing ++ (ITS#9409, ITS#9412, ITS#9413) ++ (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226) ++ - Fixed slapd assertion failure in X.509 DN parsing ++ (ITS#9423) (CVE-2020-36230) ++ - Fixed slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229) ++ - Fixed slapd crash in Certificate List Exact Assertion processing ++ (ITS#9427) (CVE-2020-36228) ++ - Fixed slapd infinite loop with Cancel operation ++ (ITS#9428) (CVE-2020-36227) ++ ++ -- Ryan Tandy Sat, 23 Jan 2021 08:57:07 -0800 ++ ++openldap (2.4.56+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ - Fixed slapd abort due to assertion failure in Certificate List syntax ++ validation (ITS#9383) (CVE-2020-25709) ++ - Fixed slapd abort due to assertion failure in CSN normalization with ++ invalid input (ITS#9384) (CVE-2020-25710) ++ ++ -- Ryan Tandy Wed, 11 Nov 2020 09:13:56 -0800 ++ ++openldap (2.4.55+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ - Fixed slapd normalization handling with modrdn ++ (ITS#9370) (CVE-2020-25692) ++ ++ -- Ryan Tandy Tue, 27 Oct 2020 21:07:29 -0700 ++ ++openldap (2.4.54+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ * Change upstream Homepage and get-orig-source URLs to HTTPS. ++ * Create debian/gbp.conf. ++ ++ -- Ryan Tandy Sun, 18 Oct 2020 16:03:46 +0000 ++ ++openldap (2.4.53+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ ++ -- Ryan Tandy Mon, 07 Sep 2020 09:47:28 -0700 ++ ++openldap (2.4.51+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ - Add ldap_parse_password_expiring_control to libldap-2.4-2.symbols. ++ * Merge some changes from Ubuntu: ++ - slapd.default, slapd.README.Debian: update to refer to slapd.d instead ++ of slapd.conf. ++ - debian/slapd.scripts-common: dump_databases: make slapcat_opts a local ++ variable. ++ * Drop paragraph about patch gnutls-altname-nulterminated (#465197) from ++ slapd.README.Debian. The patch referred to was dropped in 2.4.7-6. ++ * debian/patches/set-maintainer-name: Extract maintainer address dynamically ++ from debian/control. (Closes: #960448) ++ * Fix Torsten's email address in a historic debian/changelog entry to ++ resolve a Lintian error (bogus-mail-host-in-debian-changelog). ++ * Rename debian/source.lintian-overrides to debian/source/lintian-overrides. ++ Fixes a Lintian pedantic tag (old-source-override-location). ++ * Override Lintian pedantic tag maintainer-manual-page for ++ slapo-pw-pbkdf2.5, which will be included upstream in a future release. ++ * Remove the trailing whitespaces from debian/changelog, debian/control, and ++ debian/rules. Fixes a Lintian pedantic tag (trailing-whitespace). ++ * Convert debian/po/de.po to UTF-8. Fixes a Lintian warning ++ (national-encoding). ++ * Relax libldap's dependency on libldap-common to Recommends. ++ This is intended to mitigate the impact of bug #915948 in the case where ++ the arch:all build is delayed for so long that the old libldap-common ++ disappears. Previously, a delayed arch:all build could become ++ BD-Uninstallable if new amd64 binaries were published before the arch:all ++ build starts, due to the transitive build-dependency on libldap. ++ Although libldap works fine without libldap-common, in normal ++ installations it is still recommended to install libldap-common. ++ * Append a timestamp to the backup directory created by dpkg-reconfigure. ++ (Closes: #599585, #960449) ++ * Remove the redundant cn=admin, entry from the default DIT for new ++ installs. For new installs going forward, the root credentials will be ++ stored in olcRootDN/olcRootPW only. (Closes: #821331) ++ * Change slapd's Suggests: ldap-utils to Recommends. While any LDAP client ++ suffices, ldap-utils contains the standard tools recommended by upstream ++ for basic administration and management. ++ * Relax Recommends: libsasl2-modules to Suggests on slapd and ldap-utils. ++ Many deployments do not use SASL at all, and therefore SASL mechanisms are ++ not needed "in all but unusual installations". ++ ++ -- Ryan Tandy Sun, 23 Aug 2020 11:09:57 -0700 ++ ++openldap (2.4.50+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ - Fixed slapd to limit depth of nested filters ++ (ITS#9202) (CVE-2020-12243) ++ - Drop patches included upstream: argon2.patch, ITS#9171, ITS#8650. ++ * Update Spanish debconf translation. ++ Thanks to Camaleón. (Closes: #958869) ++ ++ -- Ryan Tandy Tue, 28 Apr 2020 10:18:12 -0700 ++ ++openldap (2.4.49+dfsg-4) unstable; urgency=medium ++ ++ * Annotate libsodium-dev dependency with . ++ Thanks to Helmut Grohne. (Closes: #955993) ++ * Add the man page for the Argon2 password module. ++ Thanks to Peter Marschall. (Closes: #955977) ++ * Build the Argon2 password module with libargon2-dev instead of ++ libsodium-dev. Rationale: ++ - libargon2 contains the specific functionality needed; libsodium is a ++ larger library and contains many features not used here ++ - libsodium does not support configuring the p= (parallelism) parameter ++ * Import upstream patch to properly retry gnutls_handshake() after it ++ returns GNUTLS_E_AGAIN. (ITS#8650) (Closes: #861838) ++ * Update the Argon2 password module to upstream commit feb6f21d2e. ++ ++ -- Ryan Tandy Tue, 14 Apr 2020 21:33:16 -0700 ++ ++openldap (2.4.49+dfsg-3) unstable; urgency=medium ++ ++ * Drop patch no-AM_INIT_AUTOMAKE. Instead, configure dh_autoreconf to skip ++ automake by setting AUTOMAKE=/bin/true. (Closes: #864637) ++ * debian/patches/debian-version: Show Debian version, instead of upstream ++ version, in version strings. ++ * Add ${perl:Depends} to slapd Depends to silence a dpkg-gencontrol warning. ++ This is practically a no-op since slapd explicitly Depends on perl because ++ of the maintainer scripts. ++ * Import the Argon2 password module from upstream git and install it in ++ slapd-contrib. New Build-Depends: libsodium-dev. (Closes: #920283) ++ ++ -- Ryan Tandy Sat, 04 Apr 2020 10:43:56 -0700 ++ ++openldap (2.4.49+dfsg-2) unstable; urgency=medium ++ ++ * slapd.README.Debian: Document the initial setup performed by slapd's ++ maintainer scripts in more detail. Thanks to Karl O. Pinc. ++ (Closes: #952501) ++ * Import upstream patch to fix slapd crashing in certain configurations when ++ a client attempts a login to a locked account. ++ (ITS#9171) (Closes: #953150) ++ ++ -- Ryan Tandy Thu, 05 Mar 2020 12:59:46 -0800 ++ ++openldap (2.4.49+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ - Drop patch no-gnutls_global_set_mutex, applied upstream. ++ * When validating the DNS domain chosen for slapd's default suffix, set ++ LC_COLLATE explicitly for grep to ensure character ranges behave as ++ expected. Thanks to Fredrik Roubert. (Closes: #940908) ++ * Backport proposed upstream patch to emit detailed messages about errors in ++ the TLS configuration. (ITS#9086) (Closes: #837341) ++ * slapd.scripts-common: Delete unused copy_example_DB_CONFIG function. ++ * Remove debconf support for choosing a database backend. Always use the ++ LMDB backend for new installs, as recommended by upstream. ++ * Remove the empty olcBackend section from the default configuration. ++ * Remove the unused slapd.conf template from /usr/share/slapd. Continue ++ shipping it as an example in /usr/share/doc/slapd. ++ * Fix a typo in index-files-created-as-root patch. ++ Thanks to Quanah Gibson-Mount. ++ * Annotate slapd's Depends on perl with :any. Fixes installation of ++ foreign-arch slapd. Thanks to Andreas Hasenack. ++ * Rename 'stage1' build profile to 'pkg.openldap.noslapd'. ++ Thanks to Helmut Grohne. (Closes: #949722) ++ * Drop Build-Conflicts: libicu-dev as upstream's configure no longer tests ++ for or links with libicu. ++ * Note ITS#9126 recommendation in slapd.NEWS. ++ * Update Standards-Version to 4.5.0; no changes required. ++ ++ -- Ryan Tandy Thu, 06 Feb 2020 10:08:12 -0800 ++ ++openldap (2.4.48+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ - fixed slapd to restrict rootDN proxyauthz to its own databases ++ (CVE-2019-13057) (ITS#9038) (Closes: #932997) ++ - fixed slapd to enforce sasl_ssf ACL statement on every connection ++ (CVE-2019-13565) (ITS#9052) (Closes: #932998) ++ - added new openldap.h header with OpenLDAP specific libldap interfaces ++ (ITS#8671) ++ - updated lastbind overlay to support forwarding authTimestamp updates ++ (ITS#7721) (Closes: #880656) ++ * Update Standards-Version to 4.4.0. ++ * Add a systemd drop-in to set RemainAfterExit=no on the slapd service, so ++ that systemd marks the service as dead after it crashes or is killed. ++ Thanks to Heitor Alves de Siqueira. (Closes: #926657, LP: #1821343) ++ * Use more entropy for generating a random admin password, if none was set ++ during initial configuration. Thanks to Judicael Courant. ++ (Closes: #932270) ++ * Replace debian/rules calls to dpkg-architecture and dpkg-parsechangelog ++ with variables provided by dpkg-dev includes. ++ * Declare R³: no. ++ * Create a simple autopkgtest that tests installing slapd and connecting to ++ it with an ldap tool. ++ * Install the new openldap.h header in libldap2-dev. ++ ++ -- Ryan Tandy Thu, 25 Jul 2019 08:32:00 -0700 ++ ++openldap (2.4.47+dfsg-3) unstable; urgency=medium ++ ++ * Restore patches to contrib Makefiles to set CFLAGS, CPPFLAGS, and LDFLAGS ++ individually in the relevant command lines instead of overriding OPT. The ++ change to use OPT caused FTBFS on some ports arches where PIE enablement ++ uses spec files, by mixing compile-time and link-time flags. ++ (Closes: #919136) ++ * Fix architecture-specific path in smbk5pwd's binary-or-shlib-defines-rpath ++ Lintian override. ++ * Skip exporting cn=config to LDIF in preinst for upgrades where nothing ++ needs to be checked in it. ++ * Update Standards-Version to 4.3.0. ++ ++ -- Ryan Tandy Sat, 02 Feb 2019 10:30:10 -0800 ++ ++openldap (2.4.47+dfsg-2) unstable; urgency=medium ++ ++ * Reintroduce slapi-dev binary package. (Closes: #711469) ++ Thanks to Florian Schlichting. ++ * Do not call gnutls_global_set_mutex(). (Closes: #803197) ++ * Use dh_auto_* to build and install contrib modules. ++ - Stop patching the clean rule in smbk5pwd's Makefile. ++ * Explicitly list overlays and man pages installed by slapd package in ++ slapd.install and slapd.manpages files. ++ * Set common variables for contrib Makefiles by make(1) command line instead ++ of patching every Makefile. ++ * Build and install more contrib plugins in a new slapd-contrib package: ++ - pw-apr1 and pw-netscape (Closes: #592362) ++ - pw-pbkdf2 (Closes: #794999) ++ * Import the slapo-pw-pbkdf2 man page from upstream git master and install ++ it with the slapd-contrib package. ++ * Add smbk5pwd to slapd-contrib and turn slapd-smbk5pwd into a transitional ++ package. Drop smbk5pwd README since it now has a man page which is a ++ better resource for users. ++ - Use Breaks to ensure that slapd is not upgraded in between removing the ++ old smbk5pwd module and installing the new one. ++ * Include the apr1-atol.pl and apr1-lota.pl helper scripts in the ++ slapd-contrib package as examples. ++ * Merge remaining contrib Makefile patches into a single contrib-makefiles ++ patch. ++ ++ -- Ryan Tandy Sat, 12 Jan 2019 11:18:03 -0800 ++ ++openldap (2.4.47+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ - reverted GnuTLS handshake change in libldap as it regressed slapd ++ (Reopens: #861838) ++ * Update Standards-Version to 4.2.1. ++ ++ -- Ryan Tandy Sun, 23 Dec 2018 12:50:40 -0800 ++ ++openldap (2.4.46+dfsg-5) unstable; urgency=medium ++ ++ * Restore slapd-smbk5pwd now that libldap is installable in unstable. ++ This reverts the changes from -3 and -4. ++ ++ -- Ryan Tandy Fri, 04 May 2018 16:12:27 -0700 ++ ++openldap (2.4.46+dfsg-4) unstable; urgency=medium ++ ++ * Disable building the smbk5pwd plugin temporarily. ++ ++ -- Ryan Tandy Fri, 04 May 2018 08:06:58 -0700 ++ ++openldap (2.4.46+dfsg-3) unstable; urgency=medium ++ ++ * Build without heimdal temporarily to resolve BD-Uninstallable loop. ++ ++ -- Ryan Tandy Fri, 04 May 2018 07:36:58 -0700 ++ ++openldap (2.4.46+dfsg-2) unstable; urgency=medium ++ ++ * Remove version constraint from libldap-2.4-2 dependency on libldap-common. ++ ++ -- Ryan Tandy Thu, 03 May 2018 14:16:49 -0700 ++ ++openldap (2.4.46+dfsg-1) unstable; urgency=medium ++ ++ * Move the repository to Salsa. ++ Update debian/control Vcs-* fields. ++ * Remove Matthijs Möhlmann from Uploaders. (Closes: #891308) ++ Thank you Matthijs for your past contributions. ++ * New upstream release. ++ - fixed slapd out-of-sync issue with delta-MMR and memberof overlay ++ (ITS#8444) (Closes: #877166) ++ * Rebase patch no-AM_INIT_AUTOMAKE to apply cleanly. ++ * Drop patch ITS8650-retry-gnutls_handshake-after-GNUTLS_E_AGAIN, applied ++ upstream. ++ * Really fix upgrades when the config contains backslash-escaped special ++ characters. The previous fix was incomplete and didn't fully fix upgrades ++ involving a database reload. (Closes: #864719) ++ * Update Standards-Version to 4.1.4. ++ - Change the Priority of libldap-2.4-2 and libldap-common to optional. ++ * Change download URL in debian/watch to https. Fixes a Lintian info. ++ * Override the binary-or-shlib-defines-rpath Lintian tag for slapd-smbk5pwd. ++ The rpath is set by krb5-config.heimdal; see bug #868840. ++ ++ -- Ryan Tandy Thu, 03 May 2018 07:03:30 -0700 ++ ++openldap (2.4.45+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ - fixed a use-after-free in GnuTLS options handling ++ (ITS#8385) (Closes: #820244) (LP: #1557248) ++ - fixed unsafe concurrent SASL calls causing memory corruption ++ (ITS#8648) (Closes: #860947) (LP: #1688575) ++ - fixed syncrepl infinite looping with multi-master delta-syncrepl ++ (ITS#8432) (Closes: #868753) ++ * Rebase patches to apply cleanly: ++ - do-not-second-guess-sonames ++ - no-AM_INIT_AUTOMAKE ++ * Drop patches applied upstream: ++ - ITS-8554-kFreeBSD-is-like-BSD.patch ++ - ITS-8644-wait-for-slapd-to-start-in-test064.patch ++ - ITS-8655-paged-results-double-free.patch ++ * Upgrade to debhelper compat level 10. ++ - Depend on debhelper 10. ++ - Stop enabling parallel and autoreconf explicitly. They are now enabled ++ by default. ++ - Drop dh-autoreconf from build-depends since debhelper requires it. ++ * Add -Wno-format-extra-args to CFLAGS to reduce the noise in the build ++ logs, as this warning is emitted on each use of the Debug() macro. ++ * Drop libldap-2.4-4-dbg and slapd-dbg binary packages in favour of ++ automatic dbgsym packages. ++ * Update Standards-Version to 4.0.0; no changes required. ++ * Drop Priority and Section from binary package stanzas when they only ++ duplicate information from the source stanza. ++ * Update Priority of slapd-smbk5pwd and libldap2-dev to optional to match ++ the archive. ++ * Remove retired developer, Roland Bauerschmidt, from Uploaders. ++ (Closes: #856422) ++ * Remove Timo Aaltonen from Uploaders, with his agreement. ++ * debian/patches/ITS8650-retry-gnutls_handshake-after-GNUTLS_E_AGAIN.patch: ++ If gnutls_handshake() returns EAGAIN, call it again. Fixes TLS handshake ++ failures when the ServerHello message exceeds 16K. ++ (ITS#8650) (Closes: #861838) ++ * Drop time from Build-Depends. The upstream testsuite no longer calls it. ++ ++ -- Ryan Tandy Thu, 27 Jul 2017 18:04:41 -0700 ++ ++openldap (2.4.44+dfsg-8) unstable; urgency=medium ++ ++ * Disable test060-mt-hot on ppc64el temporarily to avoid failing tests until ++ the underlying kernel bug #866122 is fixed. ++ * Fix FTBFS with Heimdal 7.2.0: Drop patch heimdal-fix as the ++ hdb_generate_key_set_password change was reverted in heimdal. Depend on an ++ appropriate minimum version of heimdal. ++ ++ -- Ryan Tandy Sun, 16 Jul 2017 12:57:41 -0700 ++ ++openldap (2.4.44+dfsg-7) unstable; urgency=medium ++ ++ * Relax the dependency of libldap-2.4-2 on libldap-common to also permit ++ later versions. (Closes: #860774) ++ ++ -- Ryan Tandy Tue, 27 Jun 2017 18:53:12 -0700 ++ ++openldap (2.4.44+dfsg-6) unstable; urgency=medium ++ ++ * Update the list of non-translatable strings for the ++ slapd/ppolicy_schema_needs_update template. Thanks Ferenc Wágner. ++ * Fix upgrade failure when olcSuffix contains a backslash. (Closes: #864719) ++ ++ -- Ryan Tandy Mon, 26 Jun 2017 19:42:02 -0700 ++ ++openldap (2.4.44+dfsg-5) unstable; urgency=medium ++ ++ * debian/patches/ITS-8644-wait-for-slapd-to-start-in-test064.patch: Fix an ++ intermittently failing test by waiting for slapd to start before running ++ tests. (ITS#8644) (Closes: #770890) ++ * debian/patches/ITS-8655-paged-results-double-free.patch: Fix a double free ++ in the MDB backend on a search including the Paged Results control with a ++ page size of 0. (ITS#8655) (CVE-2017-9287) (Closes: #863563) ++ ++ -- Ryan Tandy Sun, 28 May 2017 09:59:46 -0700 ++ ++openldap (2.4.44+dfsg-4) unstable; urgency=medium ++ ++ * Improve the slapd/ppolicy_schema_needs_update debconf template. Thanks to ++ Justin B Rye for the review. ++ * Update Catalan debconf translation. (Closes: #851905) ++ Thanks to Innocent De Marchi. ++ * Update Czech debconf translation. (Closes: #852190) ++ Thanks to Miroslav Kure. ++ * Update Danish debconf translation. (Closes: #850859) ++ Thanks to Joe Dalton. ++ * Update German debconf translation. (Closes: #851480) ++ Thanks to Helge Kreutzmann. ++ * Update Basque debconf translation. (Closes: #850812) ++ Thanks to Iñaki Larrañaga Murgoitio. ++ * Update French debconf translation. (Closes: #852459) ++ Thanks to Jean-Pierre Giraud. ++ * Update Italian debconf translation. (Closes: #852074) ++ Thanks to Luca Monducci. ++ * Update Japanese debconf translation. (Closes: #851457) ++ Thanks to Kenshi Muto. ++ * Update Dutch debconf translation. (Closes: #852405) ++ Thanks to Frans Spiesschaert. ++ * Update Brazilian Portuguese debconf translation. (Closes: #852443) ++ Thanks to Adriano Rafael Gomes. ++ * Update Russian debconf translation. (Closes: #850833) ++ Thanks to Yuri Kozlov. ++ * Update Slovak debconf translation. (Closes: #850796) ++ Thanks to Ivan Masár. ++ * Update Swedish debconf translation. (Closes: #851168) ++ Thanks to Martin Bagge. ++ * Update Turkish debconf translation. (Closes: #851470) ++ Thanks to Atila KOÇ. ++ * Update Vietnamese debconf translation. ++ Thanks to Trần Ngọc Quân. ++ * Update Build-Depends on debhelper to ensure shlibs files are installed at ++ the expected time during build. (Closes: #854158) ++ * Update Portuguese debconf translation. (Closes: #859943) ++ Thanks to Rui Branco and DebianPT. ++ * Dump the configuration and databases to LDIF before removing slapd, so ++ that they are available if a newer version requiring migration is ++ installed later. (Closes: #665199) ++ * When creating a new configuration with dpkg-reconfigure, back up the old ++ configuration before overwriting it. ++ ++ -- Ryan Tandy Sun, 16 Apr 2017 20:10:43 -0700 ++ ++openldap (2.4.44+dfsg-3) unstable; urgency=medium ++ ++ * Apply upstream patch to fix FTBFS on kFreeBSD. (Closes: #845394) ++ * Restore heimdal support to the smbk5pwd overlay. ++ ++ -- Ryan Tandy Sun, 01 Jan 2017 19:47:36 -0800 ++ ++openldap (2.4.44+dfsg-2) unstable; urgency=medium ++ ++ [ Ryan Tandy ] ++ * Update Standards-Version to 3.9.8; no changes required. ++ * Enable dh_makeshlibs for libldap-2.4-2. Remove libldap-2.4-2.postinst, now ++ replaced by the automatic ldconfig trigger. ++ * Don't execute slapd's override_dh_install when building only ++ arch-independent packages. (Closes: #845506) ++ * Override lintian false positives on slapd.README.Debian, ++ slapd-smbk5pwd.postinst, and slapd-smbk5pwd triggering ldconfig. ++ * Perform permissions changes in override_dh_fixperms instead of in ++ override_dh_install. ++ * Remove manual chmod of schema files since dh_fixperms sets correct ++ permissions automatically. ++ * Fix slapd-smbk5pwd failing to upgrade when there are no instances of the ++ overlay configured. ++ ++ [ Helmut Grohne ] ++ * Fix FTCBFS: Pass CC to make explicitly. (Closes: #839251) ++ ++ -- Ryan Tandy Thu, 01 Dec 2016 19:40:20 -0800 ++ ++openldap (2.4.44+dfsg-1) unstable; urgency=medium ++ ++ [ Ryan Tandy ] ++ * New upstream release. ++ - Fixed ppolicy not unlocking policy entry after initialization failure ++ (ITS#7537) (Closes: #702414) ++ * Drop ITS8240-remove-obsolete-assert.patch, included upstream. ++ * Update debian/schema/ppolicy.schema to add the pwdMaxRecordedFailure ++ attribute. ++ * Update libldap-2.4-2.symbols with new ldap_build_*_req symbols. ++ * Mark the build target in debian/rules as phony, since the upstream source ++ includes a build/ directory. ++ * Correct the list of files to be cleaned for the pw-sha2 contrib module. ++ * Fix a typo (slpad -> slapd) in the Catalan debconf translation. ++ * Disable OpenSLP support and remove libslp-dev from Build-Depends. ++ (Closes: #815364) ++ * Ensure /var/run/slapd exists when starting slapd, even if the pid file is ++ somewhere else. Thanks to Dave Beach for the report. (Closes: #815571) ++ * Create the pidfile directory when starting slapd, but not when running the ++ init script in other modes. ++ * Remove support for enabling the obsolete LDAPv2 protocol via debconf. ++ * debian/copyright: Update the OpenLDAP copyright and license. ++ * debian/control: Update VCS URIs to the modern canonical form. ++ * Override Lintian errors about schema files derived from RFC documents. ++ Copyrightable content has been removed from these files; however, the ++ copyright notices have been retained to preserve attribution. ++ * On upgrade, if the cn=config database contains the ppolicy schema, add the ++ new pwdMaxRecordedFailure attribute to it. ++ * Add debian/patches/set-maintainer-name to omit the builder's username and ++ working directory from version strings and thereby make the build ++ reproducible. Thanks to Daniel Shahaf for the patch. (Closes: #833179) ++ * Build smbk5pwd without Kerberos support and drop the build-dependency on ++ heimdal. (Closes: #836885) ++ * On upgrade, comment the krb5 setting on any instances of the smbk5pwd ++ overlay in slapd.conf. Require cn=config users to disable krb5 manually ++ before upgrading. ++ ++ [ Helmut Grohne ] ++ * Fix policy 8.2 violation (Closes: #330695) ++ + Move /etc/ldap/ldap.conf and manpage to new package libldap-common. ++ ++ -- Ryan Tandy Mon, 14 Nov 2016 18:59:30 -0800 ++ ++openldap (2.4.42+dfsg-2) unstable; urgency=medium ++ ++ [ Ryan Tandy ] ++ * Change explicit Pre-Depends: multiarch-support to ${misc:Pre-Depends}, as ++ recommended by lintian. ++ * Omit slapd, slapd-dbg, and slapd-smbk5pwd from the stage1 build profile. ++ This allows the dependency loop with heimdal to be broken for ++ bootstrapping, and the dependency on libperl-dev to be avoided for ++ cross-building. Thanks Daniel Schepler and Helmut Grohne. ++ (Closes: #724518) ++ * Apply wrap-and-sort to the Build-Depends field. ++ * Drop libncurses5-dev from Build-Depends, no longer needed since the ud ++ tool was removed in OpenLDAP 2.1.4. ++ * Drop libltdl3-dev as an alternate Build-Depends, since that package was ++ removed after lenny. ++ * Annotate Build-Depends on perl with :any to allow running the system perl ++ interpreter during cross builds. ++ * Ensure CC is set correctly for cross builds. Thanks Helmut Grohne. ++ * Build-Depend on dpkg-dev (>= 1.17.14) and debhelper (>= 9.20141010) for ++ restriction formula support. ++ * Override the 'dev-pkg-without-shlib-symlink' lintian tag. The symlink is ++ actually in the form libldap_r.so -> libldap_r-2.4.so.xyz and the tag is a ++ false positive; see #687022. ++ * Include the smbk5pwd man page in the slapd-smbk5pwd package. ++ * Allow anonymous read access to the shadowLastChange attribute by default, ++ allowing nss-ldap/nss-ldapd to handle password expiry correctly even when ++ bound anonymously. This was the only restricted shadow attribute, the ++ others were already world-readable. (Closes: #669235) ++ * Drop the redundant default ACL for dn.base="" from the database entry. ++ It's already covered by the fallback case below. ++ * Copy more comments from the slapd.conf template to slapd.init.ldif. Also ++ comment the shadowLastChange access rule. ++ * Import upstream patch to remove an unnecessary assert(0) that could be ++ triggered remotely by an unauthenticated user by sending a malformed BER ++ element. (ITS#8240) (CVE-2015-6908) (Closes: #798622) ++ ++ [ Peter Marschall ] ++ * Add a manual page slapo-smbk5pwd.5 and update smbk5pwd's Makefile to ++ install the new manual page. (Closes: #794998) ++ ++ -- Ryan Tandy Thu, 10 Sep 2015 20:13:17 -0700 ++ ++openldap (2.4.42+dfsg-1) unstable; urgency=medium ++ ++ [ Peter Marschall ] ++ * slapd.scripts-common: ++ - Use update_permissions instead of direct calls to chown and chgrp. ++ - Make variables only used within a function local to that function. ++ - Restore databases ordered by increasing suffix path length. ++ This should help configurations with databases glued together using the ++ 'subordinate' keyword / 'olcSubordinate' attribute in slapd's ++ configuration. ++ (Closes: #794996) ++ * Install slapo-lastbind.5 man page. (Closes: #794997) ++ ++ [ Ryan Tandy ] ++ * slapd.scripts-common: Delete an outdated comment. ++ * New upstream release. ++ * Enable the MDB backend again on GNU/kFreeBSD. The new pthread library ++ provides all the required interfaces, and the test suite now passes. ++ Leave it disabled on the Hurd. LMDB requires POSIX semaphores, which have ++ not yet been implemented. ++ * Disable the BDB/HDB backends on the Hurd. BDB requires record locks ++ (F_SETLK), which have not yet been implemented; see #693971. ++ ++ -- Ryan Tandy Fri, 21 Aug 2015 13:07:51 -0700 ++ ++openldap (2.4.41+dfsg-1) unstable; urgency=medium ++ ++ * New upstream release. ++ * Update patches for upstream changes, drop patches included upstream. ++ * debian/rules: Adjust get-orig-source target to add +dfsg to version. ++ * Convert to source format 3.0 (quilt). ++ * debian/slapd.scripts-common: Fix nesting of fold markers. ++ ++ -- Ryan Tandy Wed, 08 Jul 2015 21:07:24 -0700 ++ ++openldap (2.4.40+dfsg-2) unstable; urgency=medium ++ ++ * Actually install libldap-2.4-2.symbols. ++ * Update Standards-Version to 3.9.6. ++ * Build-Depend on debhelper (>= 9) to fix a Lintian warning. ++ * Import upstream patch to fix FTBFS with gcc-5. (Addresses #778045) ++ ++ -- Ryan Tandy Sun, 28 Jun 2015 20:40:37 -0700 ++ ++openldap (2.4.40+dfsg-1) unstable; urgency=medium ++ ++ * Remove inetorgperson.schema from the upstream source. Replace it with a ++ copy stripped of RFC text. (Closes: #780283) ++ * Adjust debian/watch for +dfsg versioning. ++ * debian/patches/ITS7975-fix-mdb-onelevel-search.patch: Import upstream ++ patch to fix scope=onelevel searches wrongly including the search base in ++ results under the MDB backend. (ITS#7975) (Closes: #782212) ++ ++ -- Ryan Tandy Thu, 09 Apr 2015 08:38:38 -0700 ++ ++openldap (2.4.40-4) unstable; urgency=medium ++ ++ * debian/patches/ITS8027-deref-reject-empty-attr-list.patch: Import upstream ++ patch to fix a crash when a search includes the Deref control with an ++ empty attribute list. (ITS#8027) (CVE-2015-1545, Closes: #776988) ++ * debian/patches/ITS8046-fix-vrFilter_free-crash.patch: Import upstream ++ patch to fix a double free triggered by certain search queries using the ++ Matched Values control. (ITS#8046) (CVE-2015-1546, Closes: #776991) ++ ++ -- Ryan Tandy Sun, 08 Feb 2015 20:19:11 +0000 ++ ++openldap (2.4.40-3) unstable; urgency=medium ++ ++ * Remove trailing spaces from slapd.templates. ++ * Update Vietnamese debconf translation. ++ Thanks to Trần Ngọc Quân. ++ * Update Danish debconf translation. ++ Thanks to Joe Hansen. (Closes: #766848) ++ * Update Japanese debconf translation. ++ Thanks to Kenshi Muto. (Closes: #766824) ++ * Update Russian debconf translation. ++ Thanks to Yuri Kozlov. (Closes: #766825) ++ * Update Basque translation. ++ Thanks to Iñaki Larrañaga Murgoitio. (Closes: #767070) ++ * Update French debconf translation. ++ Thanks to Christian Perrier. (Closes: #767634) ++ * Update German debconf translation. ++ Thanks to Helge Kreutzmann. (Closes: #767686) ++ * Update Portuguese debconf translation. ++ Thanks to Ricardo Silva. (Closes: #768085) ++ * Update Italian debconf translation. ++ Thanks to Luca Monducci. (Closes: #768195) ++ * Update Turkish debconf translation. ++ Thanks to Atila KOÇ. (Closes: #768409) ++ * Update Czech debconf translation. ++ Thanks to Miroslav Kure. (Closes: #768591) ++ * Update Catalan debconf translation. ++ Thanks to Innocent De Marchi. (Closes: #768605) ++ * Update Dutch debconf translation. ++ Thanks to Frans Spiesschaert. (Closes: #769024) ++ * Update Brazilian Portuguese debconf translation. ++ Thanks to Adriano Rafael Gomes. (Closes: #769717) ++ * Update Galician debconf translation. ++ Thanks to Jorge Barreiro. ++ * Update Swedish debconf translation. ++ Thanks to Martin Bagge / brother. (Closes: #769867) ++ * Update Spanish debconf translation. ++ Thanks to Camaleón. (Closes: #770715) ++ * Fix doubled spaces in po files, caused by trailing spaces in the templates ++ file. ++ * Run debconf-updatepo to refresh PO files. ++ ++ -- Ryan Tandy Sun, 23 Nov 2014 10:33:10 -0800 ++ ++openldap (2.4.40-2) unstable; urgency=medium ++ ++ * Fix typo (chmod/chgrp) in previous changelog, spotted by Ferenc Wagner. ++ * debian/patches/contrib-modules-use-dpkg-buildflags: Also use CPPFLAGS from ++ dpkg-buildflags. Spotted by Lintian. ++ * debian/slapd.init.ldif: Don't bother explicitly granting rights to the ++ rootdn, since it already has unlimited privileges. Thanks Ferenc Wagner. ++ * Recommend MDB for new installations, per upstream's recommendation. ++ * Don't re-create the default DB_CONFIG if there wasn't one in the backup, ++ for example if the active backend doesn't use it. Thanks Ferenc Wagner. ++ * On upgrade, if an access rule begins with "to * by self write", show a ++ debconf note warning that it should be changed. (Closes: #761406) ++ * Build and install the lastbind contrib module. (Closes: #701111) ++ * Build and install the passwd/sha2 contrib module. (Closes: #746727) ++ ++ -- Ryan Tandy Mon, 20 Oct 2014 22:19:24 -0700 ++ ++openldap (2.4.40-1) unstable; urgency=low ++ ++ [ Ryan Tandy ] ++ * New upstream release. ++ - fixed ldap_get_dn(3) ldap_ava definition (ITS#7860) (Closes: #465024) ++ - fixed slapcat with external schema (ITS#7895) (Closes: #599235) ++ - fixed double free with invalid ciphersuite (ITS#7500) (Closes: #640384) ++ - fixed modrdn crash on naming attr with no matching rule (ITS#7850) ++ (Closes: #666515) ++ - fixed slapacl causing unclean database (ITS#7827) (Closes: #741248) ++ * slapd.scripts-common: ++ - Anchor grep patterns to avoid matching commented lines in ldif files ++ under cn=config. (Closes: #723957) ++ - Don't silently ignore nonexistent directories that should be dumped. ++ - Invoke find, chown, and chgrp with -H in case /var/lib/ldap is a ++ symlink. (Closes: #742862) ++ - When upgrading a database, ignore extra nested directories as they might ++ contain other databases. Patch from Kenny Millington. (LP: #1003854) ++ - Fix dumping and reloading when multiple databases hold the same suffix, ++ thanks Peder Stray. (Closes: #759596, LP: #1362481) ++ - Remove trailing dot from slapd/domain. (Closes: #637996) ++ * debian/rules: ++ - Enable parallel building. ++ - Copy libldap-2.4-2.shlibs into place manually, as a workaround for ++ #676168. (Closes: #742841) ++ * debian/slapd.README.Debian: Add a note about database format upgrades and ++ the consequences of missing one. (Closes: #594711) ++ * Build with GnuTLS 3 (Closes: #745231, #760559). ++ * Drop debian/patches/fix-ftbfs-binutils-gold, no longer needed. ++ * Drop debconf-utils from Build-Depends, no longer used (replaced by ++ po-debconf). Thanks Johannes Schauer. ++ * Acknowledge NMU fixing #729367, thanks to Michael Gilbert. ++ * Offer the MDB backend as a choice during initial configuration. (Closes: ++ #750022) ++ * debian/slapd.init.ldif: ++ - Disallow modifying one's own entry by default, except specific ++ attributes. (Closes: #761406) ++ - Index some more common search attributes by default. (Closes: #762111) ++ * Introduce a symbols file for libldap-2.4-2. ++ * debian/schema/pmi.schema: Add a copyright clarification. There does not ++ appear to be any copyrighted text in this file, only ASN.1 assignments and ++ LDAP schema definitions. Fixes a Lintian error on the original. ++ * debian/schema/duaconf.schema: Strip Internet-Draft text from ++ duaconf.schema. ++ * Drop debian/patches/CVE-2013-4449.patch, applied upstream. ++ * Update debian/patches/no-AM_INIT_AUTOMAKE with upstream changes. ++ * debian/schema/ppolicy.schema: Update with ordering rules added in ++ draft-behera-ldap-password-policy-11. ++ * Suggest GSSAPI SASL modules. (Closes: #762424) ++ * debian/patches/ITS6035-olcauthzregex-needs-restart.patch: Document in ++ slapd-config.5 the fact that changes to olcAuthzRegexp only take effect ++ after the server is restarted. (Closes: #761407) ++ * Add myself to Uploaders. ++ ++ [ Jelmer Vernooij ] ++ * Depend on heimdal-multidev rather than heimdal-dev. (Closes: #745356, ++ #706123) ++ ++ [ Updated debconf translations ] ++ * Turkish, thanks to Atila KOÇ . ++ (Closes: #661641) ++ ++ -- Ryan Tandy Fri, 17 Oct 2014 08:19:28 -0700 ++ ++openldap (2.4.39-1.1) unstable; urgency=high ++ ++ * Non-maintainer upload by the Security Team. ++ * Fix CVE-2013-4449: reference counting logic issue (closes: #729367). ++ ++ -- Michael Gilbert Sat, 09 Aug 2014 09:26:51 +0000 ++ ++openldap (2.4.39-1) unstable; urgency=low ++ ++ [ Peter Marschall ] ++ * debian/patches/wrong-database-location: fix database location in ++ doc/man/man5/slapd-mdb.5 ++ * debian/configure.options: add info on --enable-mdb ++ ++ [ Russ Allbery ] ++ * Remove myself from Uploaders. ++ ++ [ Steve Langasek ] ++ * Remove Stephen Frost from Uploaders, per discussion with him. Thanks for ++ your contributions, Stephen! ++ * Adjust dh_autoreconf usage to update all config.sub/config.guess ++ instances in the source, so that we can be forwards-compatible with new ++ ports. Thanks to Colin Watson for the patch. ++ Closes: #725824. ++ * Add Timo to Uploaders. ++ * Update Vcs-* fields to point at the new git repo; thanks to Timo for ++ driving this migration! ++ * Rebuild against db5.3, with a corresponding dump/restore of the database ++ on upgrade. Closes: #738641. ++ ++ [ Timo Aaltonen ] ++ * contrib-modules-use-dpkg-buildflags, autogroup-makefile, ++ smbk5pwd-makefile: ++ - Updated for current upstream. ++ * Refresh patches to apply cleanly. ++ * rules: Use dpkg-parsechangelog to determine the upstream version for ++ get-orig-source. ++ * source: Add lintian overrides for non-transatable internal ++ templates. ++ ++ -- Steve Langasek Mon, 17 Mar 2014 15:27:31 -0700 ++ ++openldap (2.4.31-1) unstable; urgency=low ++ ++ * New upstream release. ++ - Fixes a denial of service attack, CVE-2012-1164, when using the rwm ++ overlay. Closes: #663644. ++ - Fixes a bug with ldap_result always returning -1 when called from ++ sssd. Closes: #666230. ++ - Fix a build failure on armel due to unaligned memory access. ++ Closes: #677158. ++ * Incorporate NMU (thanks, Julien Cristau, Mattias Ellert): ++ - Disable the mdb backend on non-Linux, it looks like it doesn't work ++ with linuxthreads (closes: #654824). ++ - Backport fix for shell backend configuration. Closes: #662940. ++ ++ [ Peter Marschall ] ++ * debian/slapd.scripts-common: avoid grep warnings ++ * debian/patches/heimdal-fix: fix arguments of ++ hdb_generate_key_set_password(). Closes: #664930 ++ ++ [ Steve Langasek ] ++ * debian/patches/contrib-modules-use-dpkg-buildflags: pass CFLAGS to ++ contrib builds. Thanks to Simon Ruderich . ++ Closes: #663724. ++ ++ -- Steve Langasek Wed, 27 Jun 2012 03:27:34 +0000 ++ ++openldap (2.4.28-1) unstable; urgency=low ++ ++ * New upstream release. ++ - Fixes CVE-2011-4079. Closes: #647610. ++ - Fixes support for proxy authorization with SASL-GSSAPI. ++ Closes: #608815. ++ - Drop patch service-operational-before-detach, which came from upstream. ++ - Drop patch fix-its6898-locking-issue, included upstream. ++ - Refresh other patches as needed. ++ * debian/slapd.scripts-common: quote the argument to slappasswd, to cope ++ with shell characters in the string. Thanks to Nicolai Ehemann ++ for the patch. Closes: #635931. ++ * Install ldif.h in libldap2-dev, now that it's been blessed upstream. ++ Closes: #644985. ++ * debian/patches/no-bdb-ABI-second-guessing: don't force an exact match on ++ the upstream version of libdb; this is redundant with our packaging ++ system, and causes spurious errors when there's a non-ABI-breaking ++ BDB upstream release. Closes: #651333. ++ * Build-conflict with the ancient autoconf2.13, which is incompatible with ++ dh-autoreconf. (Maybe dh-autoreconf itself should conflict with it?) ++ Closes: #651598. ++ ++ [ Updated debconf translations ] ++ * Dutch, thanks to Jeroen Schot . Closes: #651400. ++ ++ -- Steve Langasek Thu, 05 Jan 2012 06:07:11 +0000 ++ ++openldap (2.4.25-4) unstable; urgency=low ++ ++ * Drop explicit depends on libdb4.8, since we're now linking against ++ libdb5.1. Thanks to Peter Marschall for catching. Closes: #621403 ++ again. ++ * Rebuild against cyrus-sasl2 2.1.25. Closes: #628237. ++ * Use dh_autoreconf instead of a locally-patched autogen.sh. ++ * debian/patches/no-AM_INIT_AUTOMAKE: don't use AM_INIT_AUTOMAKE macro ++ when we aren't using automake. ++ * Convert debian/rules to dh(1). ++ * use DEB_CFLAGS_MAINT_APPEND with appropriate versioned dependency on ++ debhelper and dpkg-dev, so we can pick up dpkg-buildflags for our ++ policy-mandated flags - as well as our security-enhancing ones! ++ Closes: #644427. ++ * Also set hardening=+pie,+bindnow buildflags options for maximum ++ security, since this is a security-sensitive daemon dealing with ++ untrusted input. Ubuntu has been building with these flags for a ++ while via hardening-wrappers, so the change is presumed safe. ++ * Drop debian/check_config. The upstream configure script now enforces ++ --with-cyrus-sasl, so there's no need for a second check. ++ * debian/po/es.po: tweak an ambiguous string in the Spanish debconf ++ translation, noticed in response to a submitted Catalan translation ++ * debian/patches/switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.diff: ++ Switch to lt_dlopenadvise() so back_perl can be opened with RTLD_GLOBAL. ++ Thanks to Jan-Marek Glogowski for the ++ patch. Closes: #327585. ++ ++ [ Updated debconf translations ] ++ * Catalan, thanks to Innocent De Marchi . ++ Closes: #644274. ++ ++ -- Steve Langasek Tue, 18 Oct 2011 01:08:34 +0000 ++ ++openldap (2.4.25-3) unstable; urgency=low ++ ++ * Brown paper bag: really fix the .links.in handling, so we don't generate ++ broken /usr/lib/${DEB_HOST_MULTIARCH} dirs. ++ ++ -- Steve Langasek Mon, 15 Aug 2011 09:50:37 +0000 ++ ++openldap (2.4.25-2) unstable; urgency=low ++ ++ [ Matthijs Möhlmann ] ++ * Change to bdb 5.1 (Closes: #621403) ++ * Add note to ldap-utils package how to unfold lines. (Closes: #530519) ++ (Thanks to Peter Marschall and Javier Barroso) ++ ++ [ Steve Langasek ] ++ * Acknowledge NMU for bug #596343; thanks to Thijs Kinkhorst for the fix! ++ * Bump to compat level 7, so we don't have to spell out debian/tmp in ++ every single .install file ++ * Build for multiarch. ++ ++ -- Steve Langasek Sun, 14 Aug 2011 23:17:09 -0700 ++ ++openldap (2.4.25-1.1) unstable; urgency=low ++ ++ * Non-maintainer upload to fix RC bug. ++ * Fix "dpkg-reconfigure slapd". Closes: #596343 ++ ++ -- Thijs Kinkhorst Tue, 31 May 2011 11:57:29 +0200 ++ ++openldap (2.4.25-1) unstable; urgency=low ++ ++ * New upstream version (Closes: #617606, #618904, #606815, #608813) ++ - Fixes CVE-2011-1024, CVE-2011-1025, CVE-2011-1081 ++ - slapd server process frequently hangs during everyday usage is fixed in ++ newer versions of openldap according to the bug submitter ++ * Refresh all patches ++ * Remove manpage-tlscyphersuite-additions, applied upstream ++ * Remove issue-6534-patch, applied upstream ++ * Add Slovak translation, thanks Slavko (Closes: #608699) ++ * Add debian specific patch for ldap.conf. Add TLS_CACERT option and set it ++ by default to /etc/ssl/certs/ca-certificates.crt (Closes: #555409, #616703) ++ * Add patch to fix a FTBFS with binutils-gold (Closes: #555867) ++ * Add slapschema, just hardlink it (Closes: #601569) ++ * Update patch service-operational-before-detach (Closes: #616164, #598361) ++ * Add ldif_* symbols to libldap-2.4-2 ++ * Add upstream patch for a locking issue in libldap_r ++ * Fix build failure, use @SHELL@ instead of hardcoded /bin/sh (build/top.mk) ++ (Closes: #621925) ++ ++ -- Matthijs Möhlmann Mon, 11 Apr 2011 22:10:14 +0200 ++ ++openldap (2.4.23-7) unstable; urgency=low ++ ++ * Updated vietnamese translation, thanks Clytie Siddall ++ (Closes: #601537, #598575) ++ * Updated portuguese translation, thanks Traduz (Closes: #599760) ++ * Updated danish translation, thanks Joe Dalton (Closes: #599835) ++ ++ -- Matthijs Mohlmann Sat, 06 Nov 2010 12:13:01 +0100 ++ ++openldap (2.4.23-6) unstable; urgency=high ++ ++ * Check for an empty directory to prevent an rm -f /*. (Closes: #597704) ++ ++ -- Matthijs Mohlmann Thu, 23 Sep 2010 10:17:50 +0200 ++ ++openldap (2.4.23-5) unstable; urgency=high ++ ++ [ Steve Langasek ] ++ * High-urgency upload for RC bugfix. ++ * debian/slapd.scripts-common: fix gratuitous (and wrong) use of grep in ++ get_suffix(), which causes us to incorrectly parse any slapd.conf that ++ uses tabs instead of spaces. Closes: #595672. ++ * debian/slapd.init, debian/slapd.scripts-common: when $SLAPD_CONF is not ++ set in /etc/default/slapd, we should always set a default value, giving ++ precedence to slapd.d and falling back to slapd.conf. Users who don't ++ want to use an existing slapd.d should point at slapd.conf explicitly. ++ Closes: #594714, #596343. ++ * debian/slapd.init: 'invoke-rc.d slapd stop' should not fail due to the ++ absence of a slapd configuration; we should still exit 0 so that the ++ package can be removed gracefully. Closes: #596100. ++ * drop build-conflicts with libssl-dev; we explicitly pass ++ --with-tls=gnutls to configure, so there's no risk of a misbuild here. ++ * debian/slapd.default: now that we have a sensible default behavior in ++ both slapd.init and the maintainer scripts, leave SLAPD_CONF empty to ++ save pain later. ++ * debian/slapd.scripts-common: ... and do the same in ++ migrate_to_slapd_d_style, we just need to comment out the user's ++ previous entry instead of blowing it away. ++ * debian/slapd.scripts-common: call get_suffix in a way that lets us ++ separate responses by newlines, to properly handle the case when a ++ DN has embedded spaces. Introduces a few more stupid fd tricks to work ++ around possible problems with debconf. Closes: #595466. ++ * debian/slapd.scripts-common: when parsing the names of includes, handle ++ double-quotes and escape characters as described in slapd.conf(5). ++ Closes: #595784. ++ * debian/slapd.scripts-common, debian/slapd.postinst: on upgrade from ++ versions <= 2.4.23-4, explicitly grant access to cn=Subschema, which ++ otherwise is blocked by our added olcAccess settings. Closes: #596326. ++ * debian/slapd.init.ldif: set the acl in the default LDIF for new installs, ++ too. ++ * Likewise, grant access to dn.exact="" so that base dn autodiscovery ++ works as intended. Closes: #596049. ++ * debian/slapd.init.ldif: synchronize our behavior on new installs with ++ that on upgrades, avoiding the non-standard cn=localroot,cn=config. ++ * debian/slapd.scripts-common: don't run the migration code if slapd.d ++ already exists. Closes: #593965. ++ ++ [ Matthijs Mohlmann ] ++ * Remove upgrade_supported_from_backend, implemented patch from ++ Peter Marschall to automatically detect if an upgrade is ++ supported. (Closes: #594712) ++ ++ [ Peter Marschall ] ++ * debian/slapd.init: correctly set the slapd.conf argument even when ++ SLAPD_PIDFILE is non-empty in /etc/default/slapd. Closes: #593880. ++ * debian/slapd.scripts-common: pass -g to slapadd/slapcat, so that ++ subordinate databases aren't incorrectly included in the dump/restore of ++ the parent database. Closes: #594821. ++ ++ -- Steve Langasek Mon, 13 Sep 2010 06:59:11 +0000 ++ ++openldap (2.4.23-4) unstable; urgency=low ++ ++ [ Steve Langasek ] ++ * Bump the database upgrade version check to 2.4.23-4; should have been ++ set to 2.4.23-1 when we switched to db4.8, but was missed so we need to ++ clean up. Closes: #593550. ++ ++ [ Matthijs Mohlmann ] ++ * Fix root access to cn=config on upgrades from configuration style slapd.conf ++ Thanks to Mathias Gug (Closes: #593566, #593878) ++ ++ -- Matthijs Mohlmann Thu, 26 Aug 2010 20:30:51 +0200 ++ ++openldap (2.4.23-3) unstable; urgency=low ++ ++ * Configure the newly installed openldap package using slapd.d instead of ++ slapd.conf, merged from ubuntu. (Closes: #562723, #494155, #333428) ++ * Update the debconf templates by running debconf-updatepo. ++ * We do not support upgrades from older releases then lenny, so removed some ++ upgrade functions from slapd.scripts-common. ++ * Updated japanese translation, thanks Kenshi Muto (Closes: #589508) ++ * Updated czech translation, thanks Miroslav Kure (Closes: #589569) ++ * Update slapd.README.Debian and slapd.NEWS and note the new configuration ++ style. ++ * Fixes CVE-2010-0211 and CVE-2010-0212 (Closes: #589852) ++ * Update italian translation, thanks Luca Monducci (Closes: #590154) ++ * Update spanish translation, thanks Francisco Javier Cuadrado ++ (Closes: #590829) ++ * Update basque translation, thanks Iñaki Larrañaga Murgoitio ++ * Bump Standards-Version to 3.9.1 ++ * Added debian specific patch to wait until slapd is operational before ++ detaching to the terminal (Closes: #589915) ++ * Add a lintian overrides for libldap. ++ * Empty dependency_libs line in .la files. (Closes: #591550) ++ * Update galician translation, thanks Jorge Barreiro (Closes: #592815) ++ ++ -- Matthijs Mohlmann Tue, 17 Aug 2010 22:00:16 +0200 ++ ++openldap (2.4.23-2) unstable; urgency=medium ++ ++ * Depend on libdb4.8 >= 4.8.30 (Closes: #588969) ++ * Urgency previous as previous version fixes a RC bug. ++ ++ -- Matthijs Mohlmann Wed, 14 Jul 2010 10:17:27 +0200 ++ ++openldap (2.4.23-1) unstable; urgency=low ++ ++ * New upstream version ++ * Change to build dependency libdb4.8-dev instead of libdb4.7-dev ++ * Updated french translation thanks Christian Perrier (Closes: #579192) ++ * Updated swedish translation thanks Martin Bagge (Closes: #580145) ++ * Updated german translation thanks Helge Kreutzmann (Closes: #579582) ++ * Updated russian translation thanks Yuri Kozlov (Closes: #585688) ++ * Fix bashisms in debian/rules (Closes: #581454) ++ * Add documentation patch (Closes: #513270) ++ * Refreshed all quilt patches. ++ * Bump Standards-Version to 3.9.0 ++ ++ -- Matthijs Mohlmann Mon, 12 Jul 2010 13:25:00 +0200 ++ ++openldap (2.4.21-1) unstable; urgency=low ++ ++ [ Steve Langasek ] ++ * New upstream version ++ (Closes: #561144, #465024, #502769, #528695, #564686, #504728) ++ * Add upstream manpage for ldapexop; thanks to Peter Marschall ++ . Closes: #549291. ++ ++ [ Matthijs Mohlmann ] ++ * Ack NMU (Closes: #553432) ++ * Update Standards-Version to 3.8.4 ++ * Fix NEWS entry to have the correct version number ++ * Improve the wording for the slapd/invalid_config question (Closes: #452834) ++ * Make lintian a bit more happy (Closes: #518660) ++ * Fix bashism (Closes: #518657) ++ * Refresh all patches ++ * Add patch from upstream (Closes: #549642) ++ * Reworked the configure.options a bit to include some more options ++ * Enable dynamic acls ++ * Use slappasswd to create a secure password (Closes: #490930) ++ * Set a rootdn and rootpw if no password is given by debconf (Closes: #231950) ++ * Better document the TLSCipherSuite in slapd.conf manpage (Closes: #563113) ++ * Better document the TLS_CIPHER_SUITE in ldap.conf manpage (Closes: #510346) ++ * Add smbk5pwd slapd module, used patch from Mark Hymers (Closes: #443073) ++ * Add autogroup slapd module, used patch from Mathieu Parent (Closes: #575900) ++ * Add lsb logging, used patch from David Härdeman (Closes: #385898) ++ * Use dh_lintian to install the lintian-overrides ++ * Added critical error report when slapcat fails (Closes: #226090) ++ ++ -- Matthijs Mohlmann Thu, 22 Apr 2010 23:40:30 +0200 ++ ++openldap (2.4.17-2.1) unstable; urgency=high ++ ++ * Non-maintainer upload by the Security Team. ++ * Fixed CVE-2009-3767: libraries/libldap/tls_o.c doesn't properly handle NULL ++ character in subject Common Name (Closes: #553432) ++ ++ -- Giuseppe Iuculano Tue, 10 Nov 2009 19:09:45 +0100 ++ ++openldap (2.4.17-2) unstable; urgency=low ++ ++ * Fix up the lintian warnings: ++ - add missing misc-depends on all packages ++ - slapd, libldap-2.4-2-dbg sections changed to 'debug' to match archive ++ overrides ++ - bump Standards-Version to 3.8.2, no changes required. ++ * slapd.scripts-common: fix upgrade to correctly handle multiple database ++ declarations; thanks, Peter Marschall ! Closes: #517556 ++ * Add 'status' argument to init script; thanks to Peter Eisentraut ++ . Closes: #545898. ++ * New patch, do-not-second-guess-sonames, to remove an incorrect check for ++ the Cyrus SASL version number at runtime. If there's any reason this is ++ needed, it needs to be addressed in the cyrus-sasl soname and Debian ++ shlibs, not here. Closes: #546885. ++ ++ -- Steve Langasek Tue, 22 Sep 2009 20:06:34 -0700 ++ ++openldap (2.4.17-1) unstable; urgency=low ++ ++ * New upstream version. ++ - Fixes FTBFS on ia64 with -fPIE. Closes: #524770. ++ - Fixes some TLS issues with GnuTLS. Closes: #505191. ++ * Update priority of libldap-2.4-2 to match the archive override. ++ * Add the missing ldapexop and ldapurl tools to ldap-utils, as well as the ++ ldapurl(1) manpage. Thanks to Peter Marschall for the patch. ++ Closes: #496749. ++ * Bump build-dependency on debhelper to 6 instead of 5, since that's ++ what we're using. Closes: #498116. ++ * Set the default SLAPD_SERVICES to ldap:/// ldapi:///, instead of using ++ the built-in default of ldap:/// only. ++ * Build-depend on libltdl-dev | libltdl3-dev (>= 1.4.3), for the package ++ name change. Closes: #522965. ++ ++ [ Updated debconf translations ] ++ * Spanish, thanks to Francisco Javier Cuadrado . ++ Closes: #521804. ++ ++ -- Steve Langasek Tue, 28 Jul 2009 10:17:15 -0700 ++ ++openldap (2.4.15-1) unstable; urgency=low ++ ++ * New upstream version ++ - Fixes a bug with the pcache overlay not returning cached entries ++ (closes: #497697) ++ - Update evolution-ntlm patch to apply to current Makefiles. ++ - (tentatively) drop gnutls-ciphers, since this bug was reported to be ++ fixed upstream in 2.4.8. The fix applied in 2.4.8 didn't match the ++ patch from the bug report, so this should be watched for regressions. ++ * Build against db4.7 instead of db4.2 at last! Closes: #421946. ++ * Build with --disable-ndb, to avoid a misbuild when libmysqlclient is ++ installed in the build environment. ++ * Add -D_GNU_SOURCE to CFLAGS, apparently required for building with ++ current headers in unstable ++ ++ -- Steve Langasek Tue, 24 Feb 2009 14:27:35 -0800 ++ ++openldap (2.4.11-1) unstable; urgency=low ++ ++ * New upstream version (closes: #499560). ++ - Fixes a crash with syncrepl and delcsn (closes: #491066). ++ - Fix CRL handling with GnuTLS (closes: #498410). ++ - Drop patches no_backend_inter-linking, ++ CVE-2008-2952_BER-decoding-assertion, and gnutls-ssf, applied ++ upstream. ++ ++ [ Russ Allbery ] ++ * New patch, back-perl-init, which updates the calling conventions ++ around initialization and shutdown of the Perl interpreter to match ++ the current perlembed recommendations. Fixes probable hangs on HPPA ++ in back-perl. Thanks, Niko Tyni. (Closes: #495069) ++ ++ [ Steve Langasek ] ++ * Drop the conflict with libldap2, which is not the standard means of ++ handling symbol conflicts in Debian and which causes serious upgrade ++ problems from etch. Closes: #487211. ++ ++ -- Steve Langasek Sat, 11 Oct 2008 01:53:55 -0700 ++ ++openldap (2.4.10-3) unstable; urgency=low ++ ++ [ Steve Langasek ] ++ * New patch, CVE-2008-2952_BER-decoding-assertion, to fix a remote DoS ++ vulnerability in the BER decoder. Addresses CVE-2008-2952, ++ closes: #488710. ++ * debian/slapd.scripts-common, debian/slapd.postinst: drop ++ update_path_argsfile_pidfile function, not needed for updates from etch ++ or newer. ++ * Drop the code to check for and upgrade ldbm databases. The etch ++ release of slapd had already dropped support for them and direct ++ upgrades from sarge are not supported. ++ ++ [ Russ Allbery ] ++ * Apply upstream patch to convert GnuTLS cipher strength from bytes to ++ bits, as expected by OpenLDAP. (Closes: #473796) ++ * Add Build-Depends on time, used by the test suite and only a shell ++ built-in with bash. Thanks, Daniel Schepler. (Closes: #490754) ++ * Refresh all patches, convert all patches to -p1, and remove extraneous ++ Index: lines. (Closes: #485263) ++ * Unless DFSG_NONFREE is set, also check whether the upstream schemas ++ with RFC comments are included. ++ * Update standards version to 3.8.0. ++ - Include debian/README.source pointing to the quilt README.source. ++ - Wrap Uploaders for readability. ++ * Wrap slapd's Depends for readability. ++ ++ [ Updated debconf translations ] ++ * Swedish, thanks to Martin Ågren . ++ Closes: #492748. ++ ++ -- Steve Langasek Mon, 28 Jul 2008 15:26:06 -0700 ++ ++openldap (2.4.10-2) unstable; urgency=low ++ ++ * Support DEB_BUILD_OPTIONS=nocheck to disable running the test suite at ++ build time ++ * Hack around glibc behavior when resolving localhost, by exporting ++ RESOLV_MULTI=off when invoking the test suite ++ * Reclaim the 'openldap' source package name; openldap2.3 has been a ++ misnomer for some time, causing undue confusion, so switch to a ++ permanent source package name that we won't need to change again later. ++ - Along the way, kill off non-DFSG-compliant schema files that snuck ++ back into the archive due to my bad merge of 2.4.10. ++ ++ -- Steve Langasek Sun, 06 Jul 2008 22:03:32 -0700 ++ ++openldap2.3 (2.4.10-1) unstable; urgency=low ++ ++ [ Steve Langasek ] ++ * New upstream release. ++ - Clean up ld_defconn if it was freed, fixing an assertion failure in ++ various clients. Closes: #469232. ++ - Fixes slapd syncrepl hang on back-config. Closes: #471253. ++ - Drop patch hurd-path-max, integrated upstream. ++ * Drop spurious build-dependency on heimdal-dev, introduced accidentally ++ as part of an aborted attempt to build the smbk5pwd overlay. ++ * Use hardlinks instead of symlinks for the various slap* commands; this ++ is functionally equivalent for us, and reduces divergence from ++ derivatives such as Ubuntu that use apparmor. Closes: #488409. ++ * New patch, no_backend_inter-linking, to fix the meta backend to not ++ try to look up symbols in external objects (back_ldap) that it ++ doesn't link against. ++ * Turn on 'make test' during builds, now that back_meta is fixed. ++ ++ [ Matthijs Mohlmann ] ++ * All manpages in category 5 were missing, wrong directory. ++ (Closes: #474976, #483631, #483633) ++ ++ -- Steve Langasek Mon, 30 Jun 2008 04:28:34 -0700 ++ ++openldap2.3 (2.4.9-1) unstable; urgency=low ++ ++ [ Updated debconf translations ] ++ * French, thanks to Christian Perrier . ++ Closes: #471792. ++ * Finnish, thanks to Esko Arajärvi . Closes: #475238. ++ * Czech, thanks to Miroslav Kure . ++ Closes: #480138. ++ * Basque, thanks to Piarres Beobide . ++ Closes: #480177. ++ * Vietnamese, thanks to Clytie Siddall . ++ Closes: #480181. ++ * Galician, thanks to Jacobo Tarrio . Closes: #480218. ++ * Japanese, thanks to Kenshi Muto . Closes: #480247. ++ * Italian, thanks to Luca Monducci . (Closes: #477718) ++ * Brazilian Portuguese, thanks to Eder L. Marques ++ (Closes: #480172) ++ * Portuguese, thanks to Tiago Fernandes ++ (Closes: #481126) ++ * Russian, thanks to Yuri Kozlov (Closes: #481214) ++ * Dutch, thanks to "cobaco (aka Bart Cornelis)" . ++ Closes: #483014. ++ ++ [ Matthijs Mohlmann ] ++ * New upstream release. ++ - Bad entryUUID no longer crashes slapd. (Closes: #471867) ++ - Fix assertion failure in some modify operations. (Closes: #474161) ++ - Mention index in slapd.conf's man page. (Closes: #414650) ++ - Fixes to slapd include handling. (Closes: #457261) ++ - Fix syncrepl cookie truncation. (Closes: #464024) ++ - Fix memory allocation in ldap_parse_page_control. (Closes: #464877) ++ - Fix slapd crash when accessed by multiple threads. (Closes: #479237) ++ * Acknowledge NMU. ++ (Closes: #474976, #471225, #475856, #474652, #465875) ++ * Bump Standards-Version to 3.7.3 ++ * Add versioned build dependency on libgnutls-dev (Closes: #466558) ++ * Bump debhelper compat level to 6. ++ ++ [ Russ Allbery ] ++ * Use MAXPATHLEN rather than PATH_MAX, since OpenLDAP defines the ++ former and the latter isn't defined on GNU Hurd. Thanks, Samuel ++ Thibault. (Closes: #475744) ++ ++ -- Matthijs Mohlmann Mon, 26 May 2008 22:34:16 +0200 ++ ++openldap2.3 (2.4.7-6.3) unstable; urgency=low ++ ++ * Non-maintainer upload. ++ * Install all slapd relevant manpages into slapd package. ++ (closes: #474976) ++ * Make libldap-2.4-2 conflict against libldap2. (closes: #475856) ++ ++ -- Bastian Blank Tue, 29 Apr 2008 18:00:23 +0200 ++ ++openldap2.3 (2.4.7-6.2) unstable; urgency=low ++ ++ * Non-maintainer upload to solve release goal issues. ++ * Add LSB dependency header to init.d scripts (Closes: #474652) ++ ++ -- Petter Reinholdtsen Wed, 16 Apr 2008 08:04:49 +0200 ++ ++openldap2.3 (2.4.7-6.1) unstable; urgency=high ++ ++ * Non-maintainer upload by security team. ++ * Fix possible remote denial of service vulnerability in the BDB backend ++ via a modrdn operation with a NOOP control ++ (CVE-2008-0658; Closes: #465875). ++ ++ -- Nico Golde Tue, 04 Mar 2008 14:34:44 +0100 ++ ++openldap2.3 (2.4.7-6) unstable; urgency=low ++ ++ [ Updated debconf translations ] ++ * Dutch, thanks to Bart Cornelis . Closes: #452950. ++ * Brazilian Portuguese, thanks to Eder L. Marques . ++ Closes: #463460. ++ * German, thanks to Helge Kreutzmann . ++ Closes: #465784. ++ ++ [ Steve Langasek ] ++ * Relax build-dependency on libsasl2-dev now that the versioned dependency ++ is satisfied by all extant versions (including in oldstable), fixing a ++ lintian warning about versioned build-deps on Debian revisions. ++ * Avoid using a mutex around getaddrinfo() and getnameinfo() calls, which ++ are guaranteed by glibc to be threadsafe; this fixes a deadlock when ++ using nss_ldap for host lookups. Closes: #340601. ++ * debian/libldap2-dev.manpages: install all of man3/* instead of ++ enumerating specific manpages to install. Closes: #320073. ++ * Add new patch, sasl-cleartext-strncasecmp, to correct a regression that ++ prevented the use of the {CLEARTEXT} password scheme with SASL. ++ Closes LP: #191563. ++ * drop LGPL from debian/copyright; there is no longer any code under this ++ license in the package. ++ * Drop patch gnutls-altname-nulterminated; it's been determined that the ++ "length" discrepancy was a bug in gnutls, and fixed in that package. ++ * debian/configure.options: explicitly pass --with-odbc=unixodbc, so ++ that we depend on the right ODBC implementation when both happen to ++ be installed at build time. ++ ++ [ Russ Allbery ] ++ * Add a stamp file for the configure rule to avoid rerunning configure ++ needlessly. Closes: #465588. ++ * Don't create the openldap user if slapd has been configured to run as ++ a different user. If slapd has been configured to run as openldap, do ++ create the user on reconfigure. Closes: #452438. ++ * Reformat, reorganize, and update slapd's README.Debian. ++ - Include SASL configuration information. ++ - Remove LDBM information, since upstream no longer even ships LDBM ++ and the debconf prompting and maintainer scripts already take care ++ of any lingering databases. ++ - Document the differences between the Debian OpenLDAP packages and ++ upstream. ++ ++ -- Steve Langasek Thu, 28 Feb 2008 22:15:17 -0800 ++ ++openldap2.3 (2.4.7-5) unstable; urgency=low ++ ++ [ Updated debconf translations ] ++ * Finnish, thanks to Esko Arajärvi . Closes: #462688. ++ * Galician, thanks to Jacobo Tarrio . Closes: #462987. ++ * French, thanks to Christian Perrier . ++ Closes: #463149. ++ * Russian, thanks to Yuri Kozlov . Closes: #463442. ++ * Czech, thanks to Miroslav Kure . Closes: #463472. ++ * German, thanks to Helge Kreutzmann . ++ Closes: #464718. ++ ++ [ Steve Langasek ] ++ * Fix various regressions related to the introduction of GnuTLS: ++ - Add new patch, gnutls-ciphers, to fix support for specifying multiple ++ ciphers with TLSCipherSuite option in slapd.conf. Thanks to Kyle ++ Moffett for the patch. Closes LP: #188200. ++ - Add new patch, slapd-tlsverifyclient-default, to set the intended ++ default value of "TLSVerifyClient never" in the right place. ++ - Add new patch, gnutls-altname-nulterminated, to account for differences ++ in how the "length" is returned for commonName vs. subjectAltName. ++ - Comment out TLSCipherSuite settings on upgrade from all versions prior ++ to 2.4.7-5, and throw a debconf error to the user notifying them of ++ this, since all OpenSSL cipher suite values are incompatible with ++ GnuTLS. ++ Closes: #462588. ++ * Add new patch from upstream, entryCSN-backwards-compatibility, to support ++ auto-converting entryCSN attributes in a previously supported old format, ++ fixing an upgrade failure. Closes: #462099. ++ * Use --retry TERM/10 instead of --retry 10 when stopping slapd, since the ++ latter resorts to a SIGKILL and may corrupt backend data; whereas the ++ former will exit non-zero if slapd is still running but won't directly ++ cause data-loss. Thanks to Mark McDonald for the patch. LP: #92139. ++ * Fix manpage symlinks in libldap2-dev; thanks to Reuben Thomas for ++ reporting. Closes: #463971. ++ * Fix a superfluous space in the debconf templates, due to a trailing space ++ in the templates. Closes: #464719. ++ ++ -- Steve Langasek Sat, 09 Feb 2008 14:25:55 -0800 ++ ++openldap2.3 (2.4.7-4) unstable; urgency=high ++ ++ [ Steve Langasek ] ++ * Build-conflict with libicu-dev, for consistent dependencies in all ++ build environments. ++ * Fix an oversight in the checkpoint migration, which caused the checkpoint ++ option to not be moved far enough down. Closes: #462304, LP: #185257. ++ * Build-depend on unixodbc instead of iODBC. ++ ++ [ Updated debconf translations ] ++ * Japanese, thanks to Kenshi Muto . Closes: #462191. ++ ++ -- Steve Langasek Fri, 25 Jan 2008 02:17:23 -0800 ++ ++openldap2.3 (2.4.7-3) unstable; urgency=low ++ ++ * Add missing build-dependency on groff-base, to allow use of soelim during ++ build. ++ ++ -- Steve Langasek Mon, 21 Jan 2008 15:18:27 -0800 ++ ++openldap2.3 (2.4.7-2) unstable; urgency=low ++ ++ * Temporarily drop slapi-dev from the package to get through NEW; this ++ functionality should be readded later, either by restoring the slapi-dev ++ package or by moving it to libldap2-dev, depending on the outcome of ++ discussion with the ftp-masters. ++ ++ -- Steve Langasek Mon, 21 Jan 2008 06:13:21 -0800 ++ ++openldap2.3 (2.4.7-1) unstable; urgency=low ++ ++ [ Steve Langasek ] ++ * New upstream version; closes: #449354. ++ - remove another schema from upstream source, collective.schema, ++ that contains text from the IETF RFCs and include a stripped copy ++ in debian/schema. ++ - drop patches slurpd-in-spool and man-slurpd, since slurpd is no ++ longer provided upstream. ++ - libldap2.3-0 is now libldap2.4-2 ++ - build libldap2-dev from this source package now, superseding ++ openldap2; closes: #428385, #260118, #262539, #391899, #393215. ++ - lastmod and denyop have been moved to contrib upstream and are no ++ longer shipped as supported overlays ++ - drop dependency on libldap2 and take ownership of the ++ /etc/ldap/ldap.conf conffile, since libldap2 is now obsolete ++ - need to dump and reload databases again for the upgrade from 2.3.39. ++ - ldap_init(3) no longer attempts to document the internals of the ++ LDAP opaque type. Closes: #320072. ++ - ldap-utils utilities find LDAP servers via SRV records when given a ++ URL with -H and no host in the URL. Closes: #221173. ++ - if the old slapd.conf included any replica commands, automatically ++ enable syncprov for the corresponding database and print an error ++ with debconf. ++ * slapd.conf and DB_CONFIG are used in the postinst, they shouldn't be ++ shipped under doc/examples because /usr/share/doc can't be depended ++ on per policy; ship the files under /usr/share/slapd and symlink the ++ /other/ way, which also spares us from dh_compress trying to gzip ++ slapd.conf. Closes: #452749. ++ * Drop libldap.so as was done for libldap2, making it a link to ++ libldap_r.so to avoid unfortunate symbol collisions. ++ * Add new patch, libldap-symbol-versions, to build libldap and liblber ++ with symbol versions; needed to avoid segfaults when applications ++ manage to pull both libldap2 and the new libldap-2.4-2 into the same ++ process (as during a partial upgrade or the initial soname ++ transition), and also when the library soname changes again in the ++ future (as it's likely to do). ++ * Reintroduce add-autogen-sh patch, with build deps on libtool, automake, ++ and autoconf, required due to the previous patch; this time around, take ++ care to clean up the autogenerated files in the clean target as well ++ * Build-depend on libgnutls-dev instead of on libssl-dev, so that at long ++ last we can build the server and lib from the same source package again ++ without licensing problems. Closes: #457182, #407334, #428468, #381788. ++ Closes: #412706. ++ * slapd.prerm, slapd.postinst: drop no-longer-needed upgrade code for ++ openldap < 2.1.22 ++ * Ask about ldbm to bdb migration in the preinst, since there is no ++ guarantee that the debconf config script will be run before the unpack ++ phase. ++ * Don't stop slapd in the preinst by hand, the prerm already stops the ++ old slapd using the standard interfaces. ++ * Don't build with LAN Manager password support; these passwords are more ++ insecure than traditional Unix crypt, and only relevant when talking to ++ Windows 98. ++ * Move libslapi into the slapd package and provide a virtual package for ++ library dependencies, since this is expected to stay lockstep with the ++ server. ++ * Split slapi dev support into a new libslapi-dev package, as this is ++ unrelated to libldap; and drop libslapi.a since it would be insane to try ++ to statically link a dynamically-loaded slapi plugin. ++ * "checkpoint" directives are no longer supported as part of the backend ++ config, only as part of the database config; move the lines around in ++ slapd.conf on upgrade. ++ * "schemacheck" directives are no longer supported; comment them out ++ on upgrade since this option was set by default in sarge. ++ * Package description updates; thanks to Christian Perrier ++ and the Smith review project for these ++ improvements. ++ * Incorporate debconf template changes suggested by the debian-l10n-english ++ team as part of the Smith review project. Closes: #447224. ++ ++ [ Russ Allbery ] ++ * Removed fix_ldif and all remaining code to try running it on LDIF ++ dumps. Schema checking has been imposed since 2.1 and it's highly ++ unlikely that anyone still needs this. ++ * Move the checkpoint directive in the default slapd.conf below the ++ database and suffix directives for the primary database. This is now ++ required for OpenLDAP 2.4. ++ * Create /etc/ldap/slapd.conf owned by the openldap group and mode 640 ++ by default so that slapindex and friends can read it when run as the ++ openldap user. Fix permissions on upgrade if slapd.conf is owned by ++ root and mode 600. Closes: #432662. ++ * Drop slapd patch to read slapd.conf before dropping privileges, since ++ slapd.conf should now be readable by SLAPD_GROUP. ++ * If SLAPD_CONF is set to a directory in /etc/default/slapd, assume ++ the cn=config backend is used and start slapd with the appropriate ++ options. Based on a patch from Mike Burr. Closes: #411413. ++ * Rework slapd's README.Debian: ++ - Document the BerkeleyDB version. Closes: #438127. ++ - Document how to direct slapd's logs to another file. Closes: #258931. ++ - Remove obsolete information about TLS/SSL and OpenLDAP 2.0 upgrades. ++ - Recommend HDB instead of BDB. ++ - Generally reformat and reorganize. ++ * Patch cleanup: ++ - Combine the NTLM patches for Evolution into a single patch. ++ - Add explanatory comments to every patch. ++ - Refresh all patches to remove diff garbage and trailing whitespace. ++ * debian/rules cleanup: ++ - Fix patch dependencies for parallel build (hopefully). ++ - Tell configure the system type. ++ - Rewrite upstream_strip_nondfsg.sh as a get-orig-source target. ++ - Remove stamp files as the first step of the clean target. ++ - Add trivial build-arch and build-indep targets. ++ - Remove dead code and unnecessary comments. ++ * Remove postrm code to delete /var/lib/slapd/upgrade* flag files. We ++ haven't used those since the 2.1 upgrade. ++ * Update Vcs-* headers for new repository layout. ++ * Remove versioned dependency on an ancient dpkg-dev. ++ * Wrap and reorder Build-Depends for readability. ++ ++ [ Updated debconf translations ] ++ * Czech, thanks to Miroslav Kure . Closes: #458215. ++ * German, thanks to Helge Kreutzmann . ++ Closes: #452833. ++ * Spanish ++ * Finnish, thanks to Esko Arajärvi . Closes: #448061. ++ * French, thanks to Christian Perrier . ++ Closes: #452632. ++ * Galician, thanks to Jacobo Tarrio . ++ Closes: #451158. ++ * Italian, thanks to Luca Monducci . Closes: #449442. ++ * Japanese, thanks to Kenshi Muto . Closes: #451325. ++ * Dutch, thanks to Bart Cornelis . Closes: #448935. ++ * Brazilian Portuguese ++ * Portuguese, thanks to Tiago Fernandes . ++ Closes: #453341. ++ * Russian, thanks to Yuri Kozlov . Closes: #453318. ++ * Vietnamese, thanks to Clytie Siddall . ++ Closes: #453411. ++ ++ -- Steve Langasek Mon, 21 Jan 2008 04:58:24 -0800 ++ ++openldap2.3 (2.3.39-1) unstable; urgency=medium ++ ++ * Medium severity due to denial of service fix. ++ * New upstream release. ++ - CVE-2007-5708: Fix remote denial of service attack in slapo-pcache ++ (the overlay for proxy caching). (Closes: #448644) ++ - Multiple additional more minor bug fixes. ++ * Document in the default slapd.conf that dbconfig options only generate ++ the DB_CONFIG file on first slapd start and have no effect afterwards ++ unless DB_CONFIG is removed. (Closes: #442191) ++ * Inline the checkpoint and BerkeleyDB backend settings in the default ++ slapd.conf rather than generating them dynamically in postinst. All ++ the allowable default database choices are now BerekelyDB variants and ++ will probably continue to be so for the forseeable future, and this is ++ easier to maintain. ++ * Drop debconf questions, warnings, and maintainer script functions ++ dealing with upgrades from OpenLDAP 2.1, which is now too hold for ++ supported direct upgrades. (Closes: #444806) ++ * Add a watch file. Thanks, Fernando Ribeiro. (Closes: #435290) ++ * Add Homepage, Vcs-Svn, and Vcs-Browser control fields. ++ ++ -- Russ Allbery Mon, 12 Nov 2007 16:00:47 -0800 ++ ++openldap2.3 (2.3.38-1) unstable; urgency=low ++ ++ [ Steve Langasek ] ++ * Drop debian/patches/use-lpthread, which is no longer needed on mips* ++ because gcc has been fixed. ++ * Drop debian/patches/add-autogen-sh, also no longer needed now that ++ the above patch is gone. ++ ++ [ Matthijs Mohlmann ] ++ * Fix bashism in initscript. (Closes: #428883) ++ * Drop upstream patches ITS4924, ITS4925 and ITS4966. ++ * Add patch for objectClasses which causes slapd to crash. (Closes: #440632) ++ - CVE-2007-5707. ++ - Upstream bug ITS5119. ++ * Change default loglevel to none, to log high priority messages. ++ (Closes: #442000) ++ * Tighten up the build dependencies, now that autogen patch is removed. ++ ++ -- Matthijs Mohlmann Mon, 17 Sep 2007 22:58:54 +0200 ++ ++openldap2.3 (2.3.35-2) unstable; urgency=low ++ ++ * Enable LAN Manager password support in slapd. (Closes: #245341) ++ * If automatic configuration is selected and slapd.conf doesn't exist ++ during an upgrade, treat this as a fresh installation rather than ++ aborting with an error. Also try to provide a better error message if ++ the user has deleted /etc/ldap/schema but we just generated a new ++ configuration that references it. These cases can occur if someone ++ removes (rather than purges) the package, manually deletes /etc/ldap, ++ and then reinstalls. (Closes: #205010) ++ * Don't fail in slapd's postrm if /etc/ldap/schema has already been ++ deleted. ++ * Remove slapd conflicts with libbind-dev and bind-dev. There no longer ++ appears to be anything in those packages that would break slapd's ++ resolver. (Closes: #225896) ++ * Add libldap-2.3-0-dbg and slapd-dbg packages with detached debugging ++ information. ++ * db_recover is no longer required after changing DB_CONFIG; slapd now ++ detects changes itself and does the right thing. Also note in ++ README.DB_CONFIG the existence of the dbconfig slapd.conf parameter ++ and slapd's DB_CONFIG writing support. (Closes: #412575) ++ * Add options to /etc/default/slapd to let the system administrator tell ++ the init script to not start slapd on boot. (Closes: #254999) ++ * Redirect fd 3 to /dev/null in the slapd init script for additional ++ robustness when debconf is running. (Closes: #227482) ++ * Add to /etc/default/slapd a commented-out example of how to change the ++ keytab file used for GSSAPI authentication. (Closes: #412017) ++ * Use variables in /etc/init.d/slapd for the paths to slapd and slurpd ++ so that someone who really wants to can override them in ++ /etc/default/slapd. (Closes: #403948) ++ * Allow people building packages for outside Debian to skip the checks ++ for non-DFSG-free material by setting a variable. Thanks, Peter ++ Marschall. (Closes: #427245) ++ * Remove duplicate libldap-2.3-0 dependencies. (Closes: #408987) ++ * Use binary:Version instead of Source-Version for the tight ++ dependencies between slapd and ldap-utils and libldap-2.3-0. ++ ++ -- Russ Allbery Mon, 11 Jun 2007 20:26:26 -0700 ++ ++openldap2.3 (2.3.35-1) unstable; urgency=low ++ ++ * New upstream release with many bug fixes. ++ - Allow syncprov to follow aliases. (Closes: #422087) ++ * Apply upstream patches: ++ - ITS#4924: client crash on incorrectly tagged result from server. ++ - ITS#4925: NOOP modify with BDB backend crashed slapd. ++ - ITS#4966: Delete of valsort-controlled entries crashed slapd. ++ * Enable SLAPI support. (Closes: #390954) ++ * Re-enable use of the epoll system call since Debian no longer supports ++ 2.4 kernels. This means that the OpenLDAP packages will not work on ++ pre-2.6 kernels. ++ * Remove schema files that contain text from IETF RFCs from the upstream ++ source since that text is not DFSG-free. Instead, install stripped ++ versions of those schema files containing only the functional ++ interface specifications, a comment explaining why this is needed, and ++ a pointer to the relevant RFC. (Closes: #361846) ++ * Document the repackaging of the upstream source in debian/copyright. ++ * Update config.guess and config.sub during the build instead of in the ++ clean target and remove them in the clean target for a clean diff. ++ Build-depend on autotools-dev so that we can unconditionally copy over ++ the latest versions. ++ * Added commentary and upstream ITS numbers for several patches ++ applicable upstream. ++ * Use debian/compat rather than the deprecated DH_COMPAT rules setting. ++ * Update to debhelper compatibility level V5 (no changes required). ++ ++ -- Russ Allbery Wed, 30 May 2007 22:42:28 -0700 ++ ++openldap2.3 (2.3.30-5) unstable; urgency=low ++ ++ [ Steve Langasek ] ++ * Add Portuguese debconf translation; thanks to Tiago Fernandes. ++ Closes: #409632. ++ * Re-add .la files to the slapd package, for greater compatibility ++ with upstream documentation. ++ ++ [ Russ Allbery ] ++ * When starting slapd, create a symlink from /var/run/ldapi to ++ /var/run/slapd/ldapi for compatibility with 2.1 client libraries. ++ Closes: #385809. ++ * Apply upstream patch to prevent a race condition in slapd when ++ shutting down connections. ++ * Update the Brazilian Portuguese debconf translation; thanks to Felipe ++ Augusto van de Wiel. ++ ++ -- Russ Allbery Thu, 8 Mar 2007 18:21:02 -0800 ++ ++openldap2.3 (2.3.30-4) unstable; urgency=low ++ ++ * Ok, argh, it helps to check that the function being re-added to the ++ preinst hasn't been removed again from the common include. Re-add ++ break_on_ldbm_to_bdb_migration_disagree, because by all appearances ++ we /should/ be using this in the preinst. Closes: #411474. ++ ++ -- Steve Langasek Mon, 19 Feb 2007 03:55:22 -0800 ++ ++openldap2.3 (2.3.30-3) unstable; urgency=medium ++ ++ [ Matthijs Mohlmann ] ++ * Added spanish translation. (Closes: #404250) ++ * Documentation updates backported from upstream. ++ * Fix a security bug in kerberos kbind code. (Only used when enabling with ++ --enable-kbind option) But better safe then sorry. ++ * Backported a mem leak fix on failed binds. ++ * Added patch from upstream that fixes a memory leak in ACLs that use sets. ++ ++ [ Steve Langasek ] ++ * *Really* abort in preinst if the user doesn't accept the upgrade ++ from ldbm to bdb. Closes: #392747. ++ * Set the name of debian/slapd.NEWS right so that it gets ++ installed in the binary package. Closes: #409923. ++ * Add Russian debconf translation; thanks to Yuri Kozlov. ++ Closes: #405706. ++ * Add Galician debconf translation; thanks to Jacobo Tarrio. ++ Closes: #407267. ++ ++ -- Steve Langasek Sun, 18 Feb 2007 16:47:16 -0800 ++ ++openldap2.3 (2.3.30-2) unstable; urgency=low ++ ++ * Make sure that the pidfile directory doesn't exist in the init script. ++ (Closes: #402705) ++ ++ -- Matthijs Mohlmann Tue, 12 Dec 2006 21:34:44 +0100 ++ ++openldap2.3 (2.3.30-1) unstable; urgency=low ++ ++ * New upstream release. ++ - Fixed authzTo/authzFrom URL matching. ++ - Fixed syncrepl consumer memory leaks. ++ - Fixed slapd-hdb livelock. ++ - Fixed slapo-ppolicy external quality check. ++ - Fixed ldapsearch(1) man page acknowledgement. ++ * Added patch to make sure that the pidfile directory exists. ++ (Closes: #390337) ++ * Do not ask the question allow ldap v2 logins when user wants manual ++ configuration. (Closes: #401003) ++ * Add patch to look also in /etc/ldap/sasl2 for sasl configuration. ++ (Closes: #398657) ++ * Removed db4.2-util recommend, the slapd binary includes checking code to ++ fix DB errors. ++ * Updated README in schema directory. It doesn't list collective.schema ++ anymore. (Closes: #287358) ++ * Updated manpages to point to right paths. (Closes: #398790) ++ ++ -- Matthijs Mohlmann Sat, 9 Dec 2006 20:50:58 +0100 ++ ++openldap2.3 (2.3.29-1) unstable; urgency=medium ++ ++ [ Matthijs Mohlmann ] ++ * New upstream release. ++ - Fixes Denial of Service through a certain combination of LDAP BIND ++ requests (CVE-2006-5779) (Closes: #397673) ++ * LSB section added to the init script. ++ * Updated README.Debian about running as non-root user (Closes: #389369) ++ * Updated de translation (Closes: #396096) ++ * Added some documentation / warning when running slapindex as root. ++ * Remove drafts and rfc from the tarball. (Closes: #393404) ++ ++ -- Matthijs Mohlmann Sat, 11 Nov 2006 11:24:42 +0100 ++ ++openldap2.3 (2.3.27-1) unstable; urgency=low ++ ++ [ Matthijs Mohlmann ] ++ * New upstream release. ++ * pidfile location is changed 3 years ago, when people are upgrading from ++ back then they have a broken slapd because the openldap user is not able ++ to write to /var/run. (Closes: #380687) ++ * Patches by Quanah Gibson-Mount ++ - Fix one time memleak on startup in the accesslog db. ++ * Changed priority of libldap-2.3-0 to optional as it is only used by slapd. ++ ++ [ Torsten Landschoff ] ++ * Remove RFC documents as they do not meet the DFSG. ++ + debian/rules: Check that the RFCs are gone to make sure it does not ++ get included again by accident. ++ ++ -- Matthijs Mohlmann Sat, 2 Sep 2006 00:33:44 +0200 ++ ++openldap2.3 (2.3.25-1) unstable; urgency=low ++ ++ [ Matthijs Mohlmann ] ++ * New upstream release: ++ - Accepts 'require none' in slapd.conf (closes: #370023). ++ - Added patch to fix a bold issue in the manpage ldapsearch. Thanks to ++ Matt Kraai. (Closes: #355670) ++ * Added commented out rootdn parameter in slapd.conf. (Closes: #303245) ++ * Make the scripts output a bit more consistent. ++ * Fix a regression in the slapd packages. Data directory is /var/lib/ldap ++ and not /var/openldap-data, also adjust the manpages to reflect these ++ change. Thanks to Peter Marschall. (Closes: #368891) ++ * Removed script move_files, dh_install is used instead. (Closes: #368896) ++ * Dutch translation already updated. Closes: #375101) ++ * Documented that slapd is compiled with TCP wrappers (Closes: #351428) ++ * dpkg-reconfigure slapd now just reinstalls slapd and moves old databases ++ to /var/backups. Already done in previous version (Closes: #230366, #208056) ++ ++ [ Torsten Landschoff ] ++ * debian/libldap-2.3-0.install: Ignore version information when installing ++ libraries. This way it does not need updating for each new upstream ++ release. ++ ++ -- Matthijs Mohlmann Wed, 26 Jul 2006 18:05:40 +0200 ++ ++openldap2.3 (2.3.24-2) unstable; urgency=low ++ ++ * Switch slapd from running as root to running as user. ++ (Closes: #292845, #261696) ++ * Changing configuration in slapd.conf by the postinst will now also follow ++ includes. (Closes: #304488) ++ * Patches by Quanah Gibson-Mount ++ - fix a lock bug with a virtual root entry in the BDB backend. ++ - fix boolean logic in the overlays. ++ - fix that slurpd can use ldaps. ++ - fix initialization of auditdb. ++ - fix TLS concurrency issues. ++ - fix exop password change that didn't reset pwdMustChange. ++ - fix syncrepl that fails when no rootdn is defined. ++ * Add dependency on adduser. ++ * Specify the PATH variable in the init script. (Closes: #367981) ++ * Added patch to read config before dropping privileges. ++ * epoll(4) system call is missing on kernels <2.6, this causes slapd to ++ not work on 2.4 kernels. Added patch that remove the #define in ++ portable.in (Closes: #369352, #372194, #373233) ++ * In 2.3.24 slapd won't segfault if the moduleload directive appears ++ somewhere else. (Closes: #349011) ++ * Removed fileutils dependency, it's superseeded in Sarge already. ++ (Closes: #370013) ++ * Use find in combination with mv to move an old directory away. ++ (Closes: #306435) ++ * Updated Dutch debconf translation (Closes: #365172) ++ * Added an example backup script that can be put into cron (Closes: #319477) ++ * Make the db directories 0700. On new installations this is the default. ++ (Closes: #354450) ++ * Get rid of a '.' in front of a domain. (Closes: #318143) ++ * Added shadowLastChange to the ACL in the default slapd.conf ++ (Closes: #370550) ++ * Updated Japanese translation (Closes: #378565) ++ ++ -- Matthijs Mohlmann Mon, 17 Jul 2006 18:22:45 +0200 ++ ++openldap2.3 (2.3.24-1) unstable; urgency=low ++ ++ [ Matthijs Mohlmann ] ++ * New upstream version. (Closes: #369544) ++ * Update patch slurpd-in-spool. (Closes: #368586, #368709, #368889) ++ * Added slapi-errorlog-file to be into /var/log (Closes: #368895) ++ * Removed patch configure.in-fix, incorporated upstream. ++ * Move debian/configure.options.new to debian/configure.options. ++ * Added patch to put ldapi socket in /var/run/slapd. ++ * Removed bdb recovery from the init.d script. This was introduced to fix ++ bug #255276. Now that slapd has the ability to check and recover from bdb ++ failures, this function is not needed anymore. (Closes: #369484, #369093) ++ * Updated the lintian overrides. ++ ++ [ Torsten Landschoff ] ++ * Include man pages for accesslog and auditlog overlays, patch by ++ Peter Marschall (closes: #368888). ++ ++ -- Matthijs Mohlmann Thu, 1 Jun 2006 08:16:02 +0200 ++ ++openldap2.3 (2.3.23-1) unstable; urgency=low ++ ++ [ Matthijs Mohlmann ] ++ * New upstream release. (Closes: #308906, #310282, #353877, #335618, #315158) ++ (Closes: #310282, #319155) ++ * OpenLDAP checks database before starting up. ++ (Closes: #190165, #195079, #294701, #308416) ++ * move_old_database_away isn't called in a while loop anymore (which would ++ kill debconf interaction) (Closes: #299100) ++ * BDB_CONFIG file will be installed on new installations (Closes: #301292) ++ * Move to dh_install. ++ * Move to quilt patch system. ++ * Fix manpage. ++ * Make ldiftopasswd and fix_ldif executable. (fixes lintian warnings) ++ * Wipe passwords after we created the initial configuration. ++ * The config scripts is runned twice, this causes the password in ++ slapd/internal/adminpw to be empty. This fixes the issue with having an ++ empty password in the ldap database. (Closes: #343113, #347725) ++ * Added #DEBHELPER# token to fix a lintian warning. ++ * bdb has changed between major versions, so dump the database and import it ++ again for versions before 2.3.19. ++ * Remove comments from debian/control (The out commented control information ++ is actually in debian/control.dev) ++ * Enable all backends and overlays with: --enable-backends=mod and ++ --enable-overlays=mod ++ * Add | debconf-2.0 to unblock cdebconf transition (Closes: #332053) ++ * Added Danish debconf translation (Closes: #353897) ++ * Updated French debconf translation (Closes: #320739) ++ * Updated Vietnamese debconf translation (Closes: #319706) ++ * Updated Czech debconf translation (Closes: #356554) ++ * Encode the organization to utf8 (Closes: #236097) ++ * Disabled the LDBM backend. Break in preinstallation if user doesn't want ++ to migrate to BDB backend. ++ * Removed choice for LDBM backend from slapd templates. And some explanation ++ in that question about the LDBM backend. ++ * Add sizelimit and tool-threads and some documentation to slapd.conf ++ (Closes: #327808) ++ * slapd.scripts-common had two functions with the same name. ++ * Don't return a error message if hostname fails. ++ * Backup the config only once on upgrade. ++ * For new installations do not install a DB_CONFIG file but use the ++ slapd.conf as file for BDB/HDB configuration parameters. See: slapd-bdb(5) ++ * Added various "exit 0" to the installation scripts. ++ * Add configure.in patch to fix C comparison what should be bash (ITS#4416) ++ * Raise debconf configuration level from low to medium for ++ slapd/no_configuration. ++ * Updated Standards-Version to 3.7.2.0 ++ * Added build-dependency on perl which is used in the debian/rules file. ++ Considered by lintian. ++ * Added lintian override for too-long-extended-description-in-templates, it ++ is an explanation about the backends. ++ ++ [ Steve Langasek ] ++ * debian/slapd.templates: Fix typo durin -> during; re-run ++ debconf-updatepo, fixing up the fuzzies (closes: #319596). ++ ++ [ Torsten Landschoff ] ++ * debian/slapd.scripts-common: Rename backend_supported to ++ upgrade_supported_from_backend for more clarity. ++ ++ -- Matthijs Mohlmann Sat, 13 May 2006 00:28:11 +0200 ++ ++openldap2.2 (2.2.26-4) unstable; urgency=low ++ ++ * [l10n] Vietnamese translations by Clytie Siddall (closes: #316623). ++ * debian/slapd.templates: Fix typos occured -> occurred (closes: #316624). ++ * libraries/libldap/url.c: Apply patch from upstream CVS to fix URI ++ parsing (closes: #317100). ++ ++ -- Torsten Landschoff Tue, 19 Jul 2005 20:52:17 +0200 ++ ++openldap2.2 (2.2.26-3) unstable; urgency=low ++ ++ * [SECURITY] Applied the patch available at ++ http://bugzilla.padl.com/show_bug.cgi?id=210 ++ to force libldap to really use TLS when requested in /etc/ldap/ldap.conf ++ (cf. CAN-2005-2069). Clients still will use libldap2 from openldap2 ++ source package so this is only to prepare unleashing the libraries of ++ OpenLDAP 2.2 for unstable... ++ ++ -- Torsten Landschoff Sun, 3 Jul 2005 10:41:37 +0200 ++ ++openldap2.2 (2.2.26-2) unstable; urgency=low ++ ++ * Assembled changes from patches supplied by Peter Marschall (thanks, ++ Peter): ++ | debian/move_files: Move slapd and slurpd to /usr/sbin and adjust symlinks ++ (closes: #316354). ++ + debian/slapd.links: Remove symlinks from /usr/sbin to /usr/lib. ++ | debian/rules: Don't install cron jobs needed for GnuTLS as long as we are ++ using OpenSSL. ++ | debian/control: Remove build-dependencies needed for GnuTLS ++ (closes: #316355). ++ + Require libsasl >= 2.1.18 as recommended by OpenLDAP project. ++ | Update quicktool patch from Quanah Gibson-Mount (closes: #316361). ++ | debian/slapd.init: Use /bin/sh as shell when running db_recover ++ (closes: #316350). ++ | debian/configure.options: Enabled dynlist and proxycache overlays ++ (closes: #316351). ++ ++ * debian/po/de.po: Apply typo correction patch (closes: #313809). ++ * debian/po/fr.po: Apply updates by Christian Perrier (closes: #315122). ++ ++ -- Torsten Landschoff Fri, 1 Jul 2005 12:53:18 +0200 ++ ++openldap2.2 (2.2.26-1) unstable; urgency=low ++ ++ * New upstream release. ++ * debian/slapd.init: Run db_recover as the user configured for slapd ++ (closes: #311331). ++ * debian/po/cs.po: Add Czech translation by Miroslav Kure (closes: #312064). ++ * Run debconf-updatepo, oh my :( ++ * Update configure via libtoolize -cf; aclocal-1.4; autoconf2.50. ++ * configure.in: Try to fix memcmp check (probably does not work anymore, but ++ we should have a working memcmp on all Debian systems anyway). ++ * debian/rules: Remove config.{sub,guess} before installing new versions ++ (just in case there were symlinks for them...). ++ ++ -- Torsten Landschoff Tue, 21 Jun 2005 12:06:40 +0200 ++ ++openldap2.2 (2.2.23-8) unstable; urgency=low ++ ++ * debian/DB_CONFIG: Fixed the log cache configuration (used the wrong ++ command so there was about no effect). ++ ++ -- Torsten Landschoff Mon, 30 May 2005 08:48:10 +0200 ++ ++openldap2.2 (2.2.23-7) unstable; urgency=low ++ ++ * debian/slapd.scripts-common: Install the default DB_CONFIG for each ++ database loaded from LDIF which didn't have a DB_CONFIG before. ++ * (automatic) Updated config.sub and config.guess from autotools-dev. ++ ++ -- Torsten Landschoff Mon, 30 May 2005 08:08:37 +0200 ++ ++openldap2.2 (2.2.23-6) unstable; urgency=low ++ ++ Torsten Landschoff : ++ * debian/po/ja.po: Merge updates from Kenshi Muto (closes: #303505). ++ * debian/po/fr.po: Merge updates from Christian Perrier (closes: #306229). ++ * debian/slapd.scripts-common: If the user enters the empty value for ++ the database dumping directory use the default value. Seems like the ++ readline interface does not care about the default value ++ (closes: #308234). ++ * debian/slapd.postinst: Make sure the debhelper commands are executed ++ in all cases (closes: #310422). ++ * Merged suggested changes by Eugene Konev to automatically run ++ db_recover before starting slapd (closes: #255276). ++ + debian/slapd.init: Run db_recover if enabled and available and no ++ slapd process running. ++ + debian/slapd.default: Add configuration option to disable it. ++ * Applied and improved patch by Matthijs Mohlmann to support migration ++ from ldbm to bdb backend. ++ + debian/slapd.config: Ask if migration is wanted. ++ + debian/slapd.postinst: Update configuration from ldbm to bdb if yes. ++ + debian/slapd.scripts-common: Implemented some parts in their own ++ functions. ++ * Add a README.DB_CONFIG.gz and reference it where referring to BDB ++ configuration. ++ * Update default DB_CONFIG with some senseful values. ++ ++ Steve Langasek : ++ * libraries/libldap_r/Makefile.in: make sure the ximian-connector ntlm ++ patch is applied to libldap_r, not just to libldap ++ * debian/move_files: make libldap a symlink to libldap_r, as carrying ++ two versions of this library around is more trouble than it's worth, ++ and can cause glorious segfaults down the line ++ ++ -- Torsten Landschoff Mon, 30 May 2005 08:07:49 +0200 ++ ++openldap2.2 (2.2.23-5) unstable; urgency=low ++ ++ Torsten Landschoff : ++ * debian/lintian-overrides: Add. Contains lintian warnings/errors to ++ override for each package (plus comments). ++ + debian/move_files: Automatically install applying overrides into ++ each package. ++ ++ Steve Langasek : ++ * configure.in: reinstate the remainder of the fix for 195990 from ++ 2.1.22-2: give preference to -lpthread over -pthread in configure.in, ++ because some archs (mipsel, at least) don't like -pthread. ++ ++ -- Steve Langasek Sun, 24 Apr 2005 05:01:02 -0700 ++ ++openldap2.2 (2.2.23-4) unstable; urgency=low ++ ++ Torsten Landschoff : ++ * debian/control: Make the requirement for debconf a pre-dependency as ++ we are using it from the maintainer scripts. ++ * debian/slapd.preinst: Always use debconf (don't check for availability). ++ * debian/slapd.scripts-common: Remove the alert_user function which ++ was there to output an error message in case debconf is not available. ++ ++ Steve Langasek : ++ * debian/fix_ldif: Add code to fix up oddly formatted integer attribs; ++ limited use because it only fixes those attributes that we have ++ prior knowledge of (i.e., those in the default schemas we ship), but ++ it's something at least. Closes: #302629. ++ * debian/fix_ldif: Also change fix_ldif to not chew up everything that ++ has a # in the line: treat lines beginning with # as comments, but # ++ is a valid character in an attribute value. ++ * debian/rules: Fix the check for missing lib symbols to use ++ LD_LIBRARY_PATH, so the package builds on systems that don't already ++ have libldap-2.2-7 installed. Closes: #305785. ++ * debian/po/ja.po: Use the partial translation provided by Kenshi Muto. ++ ++ Stephen Frost : ++ * debian/slapd.scripts-common: Make sure - ends up at the end of the ++ bracket expression given to grep so it's not treated as a range ++ (closes: #302743). ++ ++ -- Steve Langasek Sat, 23 Apr 2005 22:01:20 -0700 ++ ++openldap2.2 (2.2.23-3) unstable; urgency=low ++ ++ Steve Langasek ++ * libraries/libldap_r/Makefile.in: Code that uses pthreads *must* be ++ linked with -pthread, even if it's a library; without this, the ++ libldap_r library ends up with dangling unversioned reference to ++ pthread_create() which gets resolved to a wrong version that causes ++ segfaults on 64-bit platforms. Closes: #304549. ++ * debian/rules: error out on build if an installed library has ++ undefined symbols; future-proofing against a repeat of #304549. ++ * debian/slapd.postinst: don't dump and reload directories unless we ++ know we're upgrading from an incompatible version! Closes: #304840. ++ * debian/slapd.scripts-common: don't use merge_logical_lines for ++ functions that will be writing back to the config; the code is not ++ as pretty now, but the output is much less ugly. Closes: #303243. ++ * debian/slapd.examples, debian/slapd.scripts-common, ++ debian/slapd.links, debian/move_files: install DB_CONFIG in ++ /usr/share/slapd/ instead of /usr/share/doc/slapd/examples/; this ++ simplifies the code, and ensures users who don't install ++ /usr/share/doc aren't penalized. Create links for the DB_CONFIG and ++ slapd.confg templates to /usr/share/doc/slapd/examples, since these ++ are worthwhile examples as well. ++ * Updated maintainer scripts to keep DB_CONFIG for LDAP databases over ++ upgrades (closes: #265860). ++ * Move slappasswd to the slapd package, since it's now a symlink and ++ isn't actually useful without the slapd binary (closes: #304339). ++ ++ -- Torsten Landschoff Thu, 21 Apr 2005 01:29:57 +0200 ++ ++openldap2.2 (2.2.23-2) unstable; urgency=low ++ ++ * debian/configure.options: Change localstatedir to /var from /var/run ++ as the current upstream version adds /run to that during runtime for ++ slapi sockets etc. Problem: The database location is specified relative ++ to localstatedir/openldap-data. Another thing to fix... ++ (closes: #298271, #304491). ++ * debian/slapd.scripts-common (load_databases): Reimplement automatic ++ fixing of LDIF data via the fix_ldif script. Only tried if an ++ initial slapadd using the original LDIF data fails. With this change ++ upgrading from woody for some simple cases does work again. ++ * Disabled the version check for Berkeley DB in upstream code. Any ++ libdb4.2 package should work but of course using the latest will give ++ you the best results (closes: #300851). ++ * debian/slapd.scripts-common (import_database): Removed, no longer used. ++ * debian/slapd.scripts-common: Store the diagnostic output from ++ slapadd and output it before aborting if the command failed. ++ * debian/po/fr.po: Use the translations provided by Christian Perrier ++ (closes: #304141). ++ * debian/slapd.scripts-common: Use the -q option during slapadd to ++ improve performance. ++ * debian/slapd.templates (slapd/dump_database_destdir): Apply rewording ++ changes from Thomas Prokosch. Gives the user more information about ++ the usage of that directory. ++ + Run debconf-updatepo to update the translation templates. ++ * debian/slapd.templates: Clean up the debconf templates of the slapd ++ packages by merging the changes suggested by Christian Perrier ++ (closes: #302829). Thanks, Christian! ++ + Changed the wording of some of the templates. ++ + Adapt to the DTSG (Debconf Templates Style Guide). ++ + Removed item slapd/admin which is not used anymore. ++ + Run debconf-updatepo and send new fr.po to Christian Perrier. ++ * debian/slapd.postinst: Make a backup copy of slapd.conf before changing ++ anything (closes: #304485). ++ * Trivial improvements: ++ + Don't ask to move contents of /var/lib/ldap if it does not even ++ exist (but also is not an empty directory...) in initial config. ++ + Move check for current installation status out of configure_dumping. ++ ++ -- Torsten Landschoff Thu, 14 Apr 2005 19:57:11 +0200 ++ ++openldap2.2 (2.2.23-1) unstable; urgency=low ++ ++ * debian/slapd.scripts-common: Move all shell functions of the maintainer ++ scripts here to have it all in one place. ++ * Another pass over the maintainer scripts to remove cruft and tidy up ++ the code a bit. Fixed some bugs on the way. ++ * Test upgrade and installation revealed some bugs, mostly typos: ++ + return in shell actually is "return $?", not "return 0" as I though ++ + Referenced $src where $srcdir was meant. ++ + Only load old directories on upgrade and not during initial ++ installation. ++ ++ -- Torsten Landschoff Fri, 1 Apr 2005 18:50:21 +0200 ++ ++openldap2.2 (2.2.23-0.pre6) experimental; urgency=low ++ ++ Torsten Landschoff : ++ * debian/slapd.postinst: Add a testing interface to test the helper ++ functions. ++ * debian/slapd.postinst: Make sure that debconf actually displays the ++ error message even if the user has already seen it before. ++ * debian/slapd.postinst (compute_backup_path): Make function more robust ++ in case we don't know the old version or the suffix of the database. ++ Converted the backup dir to a more simple scheme which should be save ++ against accidental overwriting. ++ * Rewrote part of the maintainer scripts for correct handling of ++ directory dumps in preinst. New debconf questions etc. ++ * Move the manpage of slappasswd to ldap-utils where slappasswd itself ++ is included (closes: #300212). ++ + debian/control: Add Replaces: slapd << 2.2.23-0.pre6 to ldap-utils. ++ + debian/move_files: Move slappasswd manpage into ldap-utils. ++ * debian/slapd.config: Don't fail if hostname is unset (pulled from ++ Ubuntu, thanks to Jeff Bailey). ++ * Applied patch by Quanah Gibson-Mount (directory administrator of Stanford) ++ to add -q option to some tools for quick operation without updating ++ logs. This is mostly for importing directories from LDIF backups. ++ * Go back to libdb4.2 as OpenLDAP is known to have problems with BDB 4.3. ++ + debian/control: Update dependencies for BDB 4.2. ++ + debian/slapd.scripts-common: Mark all databases before this version ++ as incompatible. ++ * Fix some bashisms in maintainer scripts. ++ * debian/slapd.postinst: Include the version of the backup in the ++ backup of a database directory. ++ ++ Carlo Contavalli : ++ * debian/slapd.init: Print command line if starting a daemon failed. ++ * debian/slapd.postinst: Handle hdb backend just as if it was bdb. ++ * debian/README.Debian: Add some notes about DB_CONFIG and how to run ++ slapd under a different uid/gid. ++ * Install an example DB_CONFIG file during initial configuration ++ + slapd.postinst: Add a function to implement this and hook it into ++ create_new_configuration. ++ + debian/DB_CONFIG: Example DB_CONFIG that is installed. ++ + debian/slapd.examples: Mark DB_CONFIG as an example. ++ * servers/slapd/daemon.c: Actually change the permissions of the ++ unix socket if requested using an ldapi url with x-mod. ++ * debian/slapd.scripts-common: change privileges of upgraded databases ++ as indicated by SLAPD_USER and SLAPD_GROUP variables. ++ * debian/slapd.scripts-common,slapd.postinst: corrected some minor ++ typos. ++ ++ -- Torsten Landschoff Fri, 1 Apr 2005 12:26:35 +0200 ++ ++openldap2.2 (2.2.23-0.pre5) experimental; urgency=low ++ ++ * Apply NTLM patch from ximian-connector source package. ++ * debian/slapd.postinst: Fix small typo leading to upgrade failures. ++ Added some notes while wading through maintainer scripts. ++ * debian/slapd.postinst: Make slapadd more noisy, writing the new ++ directory to stderr if something goes wrong (should help for ++ bug #236097). ++ * Make slapd.init idempotent by adding --oknodo to start-stop-daemon ++ invocations (closes: #298741). Kudos to Bill Allombert for this ++ patch. ++ * slapd.postinst: Try to fix slapd.conf for syntactic and semantic changes ++ introduced upstream into 2.2.x. ++ * slapd.scripts-common: Make sure directories before 2.2.23 are dumped ++ and reloaded on upgrade. ++ ++ -- Torsten Landschoff Fri, 11 Mar 2005 18:54:57 +0100 ++ ++openldap2.2 (2.2.23-0.pre4) experimental; urgency=low ++ ++ * Rename libldap2.2 to libldap-2.2-7 to match soname. Updated ++ debian/{control,rules,...}. ++ * Checked the usage of the ucdata files shipped with libldap2 before. ++ Actually they stem from liblunicode which is only linked to slapd. ++ Therefore those files are shipped with slapd now. This change is ++ relevant so that multiple libldap-2.2-x packages can coexist later. ++ * debian/control: Updated for slapd replacing files from libldap2. ++ * debian/control: Recommend db4.3-util instead of db4.2-util as we are ++ using the former version now for slapd. ++ * debian/control: Add Build-Depends for libperl-dev, this time for ++ real. I wonder what went wrong last time as it built correctly with ++ pdebuild (closes: #297123). ++ ++ -- Torsten Landschoff Mon, 28 Feb 2005 15:17:52 +0100 ++ ++openldap2.2 (2.2.23-0.pre3) experimental; urgency=low ++ ++ * debian/slapd.prerm: Reformat and fix double stopping of slapd. Find ++ out which bug we are working around and document it. ++ * debian/configure.options: Enable ACI support (closes: #101602). ++ Looked through the source code and it seems to be properly ++ insulated to not make a difference when not used. ++ * .../Makefile.in: Remove -s option from install invocations and let ++ dh_strip handle stripping binaries (closes: #264448). ++ * debian/slapd.postinst: Code cleanup and reading, unused and duplicate ++ code removed. Main body still needs fixing. ++ * debian/slapd.postinst: Fixed chmod --reference calls to keep the ++ permissions of slapd.conf. Putting data into the file using shell ++ redirection recreates the file with default umask and owner, killing ++ the permissions we applied using chod --reference after creating the ++ file. Instead we change the permissions directly before renaming the ++ file now. Wrapped it into a function and update the owner as well. ++ How do we do this correctly for ACLs etc.!? Thanks to Carlo Contavalli ++ for pointing this out. ++ * servers/slapd/main.c: Log a warning if writing the pidfile or writing ++ the arguments file fails (closes: #261696). ++ * debian/control: Add missing build dependency for perl development ++ library (closes: #297123). ++ ++ -- Torsten Landschoff Sun, 27 Feb 2005 17:44:03 +0100 ++ ++openldap2.2 (2.2.23-0.pre2) experimental; urgency=low ++ ++ * servers/slurpd/slurp.h: Relocate the default spool directory to ++ /var/spool/slurpd again. ++ * Merged some changes done by Fabio M. Di Nitto for the ubuntu ++ distribution (thanks, Fabio!): ++ + debian/slapd.{postinst,conf}: Checkpoint BDB databases every 512kb ++ or 30 minutes by default. ++ + debian/slapd.scripts-common: Make is_empty_dir less noisy on first ++ install (cosmetic). ++ * Applied some changes suggested by Ondrej Sury: ++ + debian/rules: Add MAKEVARS variable and set datadir = ++ /usr/share/libldap2.2/ucdata instead of changing build/top.mk as ++ suggested. ++ + debian/move_files: Install /usr/share/libldap2.2 into libldap2.2 ++ and remove duplicate ldap.conf manpage. ++ + debian/control: Let libldap2.2 dependon libldap2 for config files. ++ * Also in Ondrej's patch: ++ + doc/man/man8/slapd.8: Refer to slapd.conf instead of ldap.h for ++ loglevel documentation. Changed by ubuntu? I don't know... ++ * debian/slapd.README.Debian: Update TLS/SSL information. ++ ++ -- Torsten Landschoff Fri, 25 Feb 2005 14:44:59 +0100 ++ ++openldap2.2 (2.2.23-0.pre1) experimental; urgency=low ++ ++ * Merge new upstream release 2.2.23. ++ * Change name of source package to openldap2.2. ++ * configure.in: Fix AC_LIBOBJ for configure2.50. ++ * Run libtoolize, aclocal-1.4 and autoconf2.50 to get a working ++ configure script. ++ * debian/slapd.init: Output failure reasons using "$failure" so that ++ no glob substitution is done. Had a hard time grokking why slapd ++ would mention the contents of the current directory in its error ++ message... ++ * debian/rules: Disable building -dev packages as we don't want ++ other packages to link against the new libraries before sarge. ++ Remove the binary-indep target from the binary dependends list. ++ * debian/control: Move packages that are no longer build into control-dev. ++ * debian/configure.options: Build against OpenSSL with --with-tls ++ (this can only be done for slapd itself, we need GnuTLS support ++ before enabling this for libldap2.2-dev). ++ * debian/control: Update build dependencies for libdb4.3 and OpenSSL. ++ ++ -- Torsten Landschoff Wed, 23 Feb 2005 19:29:38 +0100 ++ ++openldap2 (2.2.18-0.pre2) experimental; urgency=low ++ ++ * debian/check_config: Make sasl2 check more robust against file ++ format changes in config.status. ++ * debian/libldap2.shlibs: Remove. ++ * Update configure script using libtoolize, aclocal-1.4 and autoconf2.50 ++ to fix wrong shared library dependency in libldap2.2 (depended on ++ libldap2 by linking against the system's liblber). ++ * debian/libldap2.README.Debian: Move to libldap2.2.README.Debian. ++ * Lintian cleanup: ++ + Run debconf-updatepo for debian/rules clean and manually as ++ requested. ++ + Update config.guess and config.sub in debian/rules clean as well. ++ First update done. ++ + debian/rules (install): Fix the manpage section of the admin commands ++ from 8C to 8. ++ + debian/rules (binary-arch): Run dh_fixperms to fix the permissions ++ on shared libraries. ++ ++ -- Torsten Landschoff Thu, 13 Jan 2005 11:53:28 +0100 ++ ++openldap2 (2.2.18-0.pre1) experimental; urgency=low ++ ++ * New upstream release. ++ * Disable TLS for now. ++ * debian/rules: Don't run autoheader and autoconf. ++ * debian/configure.options: Recreated and updated for new setup. ++ * debian/rules: Move slapd, slurpd from /usr/lib to /usr/sbin. ++ * Rename library packages to include the OpenLDAP version. ++ * Remove /etc/ldap/ldap*.conf from libldap2.2 to avoid clash with ++ libldap2. Also add Replaces entry for libldap2 to allow overwriting ++ for now. Needs fixing... ++ * Instead of moving slapd from /usr/lib to /usr/sbin create a symlink. ++ Seems like slapadd etc. are now all included in the slapd binary ++ and all link to its binary. ++ * debian/rules: Run dh_link for arch dependend packages. ++ * configure: Fix broken libdb checking which forced static building of ++ back-bdb. ++ * debian/slapd.conf: Fix access directive to use "attrs=" instead of ++ "attribute=" which wasn't officially supported anyway. ++ ++ -- Torsten Landschoff Wed, 3 Nov 2004 09:57:14 +0100 ++ ++openldap2 (2.1.30-3) unstable; urgency=high ++ ++ * Urgeny high since previous releases were hardly usable (at least ++ with TLS). ++ * Roland Bauerschmidt ++ + libraries/libldap/gnutls.c, libraries/libldap/tls.c, ++ include/ldap_pvt_gnutls.h: Use callback with ++ gnutls_certificate_set_params_function to generate dh_params and ++ rsa_params (this is also the way, it's done with OpenSSL). We need ++ GNUTLS 1.0.9 for this. With the new version of libgcrypt, we also ++ need to initialize threading explicitly. The previous ++ segmentation faults resulted from the *global* param structure ++ being recreated and freed for every session. Many thanks to ++ Matthias Urlichs who helped debugging a lot and also packaged ++ GNUTLS 1.0.16 very quickly... Closes: #244827. ++ + debian/control: Add build dependency to libgcrypt11-dev (we're ++ initializing it directly now) and change libgnutls10-dev to ++ libgnutls11-dev. ++ + libraries/libldap/gnutls.c: in tls_gnutls_need_{dh,rsa}_params ++ (formerly ldap_gnutls_need_...), create temp files more securely, ++ doing unlink before opening and opening them with O_EXCL. This is ++ necessary because under Linux 2.6 all threads have the same PID. ++ Thanks to Andrew Suffield for pointing this out. ++ + debian/slapd.cron.daily: cron job to remove GNUTLS rsa_export and ++ dh param cache files every day. ++ + debian/slapd.README.Debian: add note that we use GNUTLS rather ++ than OpenSSL. ++ ++ -- Roland Bauerschmidt Mon, 26 Jul 2004 18:41:23 +0200 ++ ++openldap2 (2.1.30-2) unstable; urgency=low ++ ++ * Roland Bauerschmidt ++ + debian/slapd.scripts-common: add missing space before ! ++ Closes: #251036, #253633, #257513. ++ * Torsten Landschoff ++ + Applied patch by Ralf Hack to support non-standard config file ++ location in /etc/default/slapd (closes: #229195). ++ + Applied patch to fix handling of abandoned commands ++ (closes: #254183). Thanks to Peter Marschall for submitting it. ++ + Applied patch to fix memory leak after search (closes: #254184). ++ Thanks again, Peter! ++ + Applied trivial patch to support logging to DAEMON facility ++ as well as LOCAL* (closes: #254186). Here you are, Peter ;) ++ ++ -- Roland Bauerschmidt Fri, 09 Jul 2004 15:56:06 +0200 ++ ++openldap2 (2.1.30-1) unstable; urgency=low ++ ++ * Torsten Landschoff : ++ + debian/control: Have slapd conflict with libltdl3 version 1.5.4-1 ++ as with that version loading of .so files is broken which breaks ++ slapd (closes: #249152). ++ + Applied patch to fix Perl backend (closes: #245347). Kudos ++ to Peter Marschall. ++ + debian/configure.options: Enable building of Perl backend. ++ ++ * Roland Bauerschmidt ++ + debian/slapd.templates: replace 'domain' with 'DNS domain name' ++ which is little more specific ++ + debian/slapd.config: check if the domain has a valid syntax to ++ prevent slapadd from failing. Closes: #235749. ++ + New upstream version with fix for NS-MTA-MD5 hash length ++ checking. Closes: #226583. ++ ++ -- Torsten Landschoff Mon, 24 May 2004 23:33:21 +0200 ++ ++openldap2 (2.1.29-2) unstable; urgency=low ++ ++ * Roland Bauerschmidt ++ + debian/rules: Revert change to install ldapadd as symlink. ++ Somehow, with that change, ldapadd didn't get installed at all. ++ Closes: #243537. ++ ++ -- Roland Bauerschmidt Tue, 13 Apr 2004 19:49:55 +0200 ++ ++openldap2 (2.1.29-1) unstable; urgency=low ++ ++ * Stephen Frost ++ + libraries/gnutls.c: Generate and store RSA/DH parameters, ++ based off a patch by Petr Vandrovec (though changed alot). ++ Closes: #234639, #234593 ++ ++ * Roland Bauerschmidt ++ + Merged new upstream release. ++ + debian/slapd.prerm: add #DEBHELPER# token. ++ + debian/control: have slapd depend on debconf (>= 0.5) to ensure ++ it supports the seen flag. ++ + debian/rules: ldapadd is installed as a hardlink to ldapmodify; ++ use a symlink instead. ++ + debian/slapd.{scripts-common,postinst,preinst,config}: Add new ++ function read_slapd_conf that evaluates include statements. ++ ++ -- Torsten Landschoff Mon, 12 Apr 2004 15:27:55 +0200 ++ ++openldap2 (2.1.26-1) unstable; urgency=low ++ ++ * Torsten Landschoff : ++ + Merged new upstream release. ++ + debian/slapd.templates (slapd/purge_database): Set default value to ++ false. ++ + debian/slapd.config (manual_configuration_wanted): Don't exit ++ from the script directly if the user wants to configure ++ slapd manually (exit 0 -> return 0). ++ + Build-depend on libgnutls10-dev instead of libgnutls7-dev and ++ rebuild (closes: #233833). ++ + Move previous content of /var/lib/ldap away during creation of ++ an initial directory (closes: #228886, #233512). ++ + debian/slapd.postrm: Remove flag files in /var/lib/slapd on purge. ++ + Removed functionality (verbose error messages) from gnutls.c until ++ it compiled with libgnutls10-dev :-(( ++ + debian/slapd.postinst: Overwrite existing /etc/ldap/slapd.conf (only ++ reached during initial installation/dpkg-reconfigure). ++ ++ -- Torsten Landschoff Mon, 23 Feb 2004 09:36:32 +0100 ++ ++openldap2 (2.1.25-1) unstable; urgency=low ++ ++ * Roland Bauerschmidt : ++ + New upstream version. ++ - Build against libdb4.2. Hopefully, this resolves the BDB ++ lock ups when configured improperly. ++ + debian/control: Have ldap-utils depend on the same version of ++ libldap2, and libldap2 conflict with ldap-utils (<= 2.1.23-1). ++ Closes: #216661. ++ + debian/slapd.{templates,config}: Check if there are slave ++ databases in slapd.conf lacking an updateref option, and warn ++ about it. Closes: #216797. ++ + debian/slapd.{templates,config,postinst,conf}: Ask which ++ database backend to use (BDB or LDBM). ++ + debian/slapd.README.Debian: cleanup ++ + servers/slapd/back-bdb/dbcache.c: Turn off subdatabases. This ++ is an incompatible database format change, but according to ++ Howard Chu "using them (subdatabases) is known to cause deadlocks ++ on multiprocessor machines, among other issues." ++ + debian/control: add Recommends: db4.2-util to slapd ++ + debian/control: add Recommends: libsasl2-modules to slapd and ++ ldap-utils. Closes: #224058. ++ + debian/slapd.{scripts-common,preinst,postinst}: Extended dump ++ and restore code to deal with different versions for different ++ backends. ++ + debian/control: Geez, centipede seems to have vanished a long ++ time ago. So don't claim it's included in the slapd package. ++ + debian/slapd.docs: created with servers/slapd/back-sql/ ++ rdbms_depends. Closes: #225807. ++ ++ * Torsten Landschoff : ++ + debian/move_files: Install slappasswd into ldap-utils instead ++ of slapd as it's useful without slapd as well (closes: #228705). ++ + debian/control: Make ldap-utils Replaces: slapd < 2.1.25 because ++ of that change. ++ + debian/control: Use libdb4.2-dev instead of libdb4.1-dev as a ++ number of problems seem to be related to DB 4.1. ++ ++ -- Torsten Landschoff Fri, 6 Feb 2004 20:48:22 +0100 ++ ++openldap2 (2.1.23-1) unstable; urgency=low ++ ++ * Roland Bauerschmidt : ++ + New upstream version. ++ + Applied fix for admin password breakage from Michael Beattie ++ . Closes: #214270. ++ + Added Dutch Debconf template translation by cobaco@linux.be. ++ Closes: #215373. ++ + Bumped Standards-Version (no changes needed). ++ ++ * Torsten Landschoff : ++ + debian/move_files: Install slappasswd into ldap-utils instead ++ of slapd (closes: #228705). ++ ++ -- Roland Bauerschmidt Sat, 18 Oct 2003 19:56:54 +0200 ++ ++openldap2 (2.1.22-3) unstable; urgency=low ++ ++ * Call perl -w to run debian/dh_installscripts-common. Closes: #214054. ++ ++ -- Roland Bauerschmidt Sat, 4 Oct 2003 14:22:11 +0200 ++ ++openldap2 (2.1.22-2) unstable; urgency=high ++ ++ * Stephen Frost ++ + servers/slapd/daemon.c: Apply patch from head for select handling. ++ + debian/rules: Fix build options to optimize correctly and to use ++ DEB_BUILD_OPTIONS (Policy, 10.1). Closes: #202306 ++ + debian/slapd.conf: Add in ACL for root DSE explicitly. ++ + debian/slapd.init: Add --oknodo in stop_slurpd. Closes: #202592 ++ + debian/rules: Need quotes around $(CFLAGS) on configure line. ++ + debian/slapd.init: Remove \'s before quotes around pidfile. ++ + debian/slapd.init: Add support for -h slapd flag. Closes: #201991 ++ + debian/slapd.default: Add variable $SLAPD_SERVICES for slapd -h. ++ + libraries/libldap/tls.c: Apply patch from asuffield in #202741 to ++ fix subjectAltName usage. Closes: #202741 ++ ++ * Torsten Landschoff : ++ + Fix invocation of "head" in maintainer scripts and replace usage of ++ [ foo -a bar ] by [ foo ] && [ bar ] (closes: #203292). ++ + debian/slapd.postrm: Small cleanup, only remove the directory, not ++ the backups, on purge. ++ + debian/rules: Don't run the upstream install target if we did not ++ rebuild the whole tree. Makes debugging maintainer script much more ++ tolerable. ++ + debian/slapd.config: Cleaned up and restructured for readability. ++ + debian/slapd.templates: Replaced the invalid_suffix template with ++ invalid_config which is more general and can be used for any ++ inconsistency in the initial configuration. ++ + debian/slapd.postinst: Rewritten to eliminate all that spaghetti. ++ Did not yet implement all old features again... ++ - Now the #DEBHELPER# part is always reached so that the daemon ++ will be restarted even if no automatic configuration is wanted ++ (closes: #204008). ++ + Fixed the undefined symbols in libldap_r.so.2 (closes: #195990). ++ | configure.in: Try -lpthread before -pthread to link the thread ++ library. libtool does not pass -pthread through, -lpthread seems ++ to work though. ++ | libraries/libldap_r/Makefile.in: Add $(LTHREAD_LIBS) to ++ UNIX_LINK_LIBS so that pthread is linked when creating a shared library ++ as well. ++ ++ * Roland Bauerschmidt : ++ + debian/configure.options: change --localstatedir=/var/lib to ++ --localstatedir=/var/run. Since localstatedir isn't used anywhere ++ in the code, except for the ldapi socket (and examples in the ++ manpages which are correct at the moment anyway), all this change ++ does should be changing the default location of the ldapi socket ++ from /var/lib/ldapi to /var/run/ldapi. Closes: #160965. ++ + libraries/libldap/tls.c: In get_ca_list, walk through CACERTDIR ++ manually if building against GNUTLS (since there is no equivalent ++ to SSL_add_dir_cert_subjects_to_stack). Closes: #205609. ++ + debian/slapd.preinst: create /var/backups/ldap/$oldver with ++ permissions 0700. Also change permissions for /var/backups/ldap ++ to 0700 if it already exists. Closes: #209019. ++ + Added Japanese translation of Debconf templates by Kenshi Muto ++ . Closes: #210731. ++ + debian/slapd.{postinst,preinst,config}: Replaced duplicate ++ implementations of the same functions with one version and moved ++ those into debian/slapd.scripts-common which will be included by ++ debian/dh_installscripts-common. ++ + debian/slapd.preinst: before dumping the database, check if the ++ backend is supported ++ + debian/slapd.postinst: ++ - add -q to grep call for allow bind_v2 ++ - readded pre-2.1 (woody) upgrade path (that is, dumping, fixing ++ and reimporting the database) ++ ++ -- Roland Bauerschmidt Fri, 3 Oct 2003 15:35:29 +0200 ++ ++openldap2 (2.1.22-1) unstable; urgency=low ++ ++ * Stephen Frost : ++ + New upstream version (minor changes). ++ + debian/control: Change build-deps to autoconf2.13, Closes: #201482 ++ + debian/rules: Add dh_compress -i for binary-indep. ++ + debian/slapd.postinst: Give variable for read (avoids bashism). ++ + configure/.in: Use upstream's version of back-meta/back-ldap fix. ++ ++ -- Stephen Frost Wed, 16 Jul 2003 08:42:23 -0400 ++ ++openldap2 (2.1.21-2) unstable; urgency=low ++ ++ * Stephen Frost : ++ + debian/slapd.preinst: slapcat here if possible, if slapcat not ++ available then slapcat in postinst. Also remove old unused ++ function. ++ + debian/slapd.postinst: Check if slapcat in preinst worked and use ++ those results in preference. Also moved to using /var/backups/ldap. ++ + servers/slapd/daemon.c: Provide more information on socket/bind ++ failures. Patch submitted upstream. Closes: #94967. ++ + ./configure, ./configure.in: Fix check for back_ldap in back_meta. ++ back_ldap now included as module. back_ldap and back_meta appear ++ to load fine, though order may matter. Closes: #196995. ++ + debian/control: Add versioned Depends on perl, need recent version ++ for migration script. ++ + debian/slapd.{pre,post}inst: Allow for whitespace in postinst ++ before database definitions ++ + debian/control: Drop the libldap2-dev Depends that aren't actually ++ necessary. ++ + debian/slapd.preinst: Add create_sed_script to create the script to ++ deal with multi-line commands in slapd.conf. Modify things to use ++ sed script to preprocess slapd.conf before using it. Remove ++ support for whitespace preceeding commands. ++ + debian/slapd.postinst: Add create_sed_script here too and modify ++ everything to use it as necessary. Also change everything to ++ reference $SLAPD_CONF instead of /etc/ldap/slapd.conf everywhere. ++ Remove support for whitespace preceeding commands. ++ + debian/slapd.postinst: Removed all tabs. Changed all sed scripts ++ to used [:space:] instead of [space tab]. ++ + debian/slapd.postinst: Removed debugging statements from ldap_v2 ++ support handling code. ++ + debian/slapd.preinst: Changed to use mktemp for sed script. ++ + debian/slapd.postinst: Changed to use mktemp for sed script. ++ + debian/slapd.config: If no hostname set just use debian.org. ++ + contrib/ldapc++/config.{sub,guess}: Resync back to upstream, no ++ reason not to, we don't even build this stuff... ++ + debian/control: Change build-depends to libgnutls7-dev instead of ++ libssl-dev. ++ + debian/rules: Now run autoconf && autoheader to pick up on the ++ configure.in changes needed for GNU TLS. ++ + debian/copyright: Added Steve Langasek (SL) copyright statement. ++ + Patch from Steve Langasek for GNU TLS support, Closes: #198553 ++ | include/ldap_pvt_gnutls.h: Added for GNU TLS ++ | configure.in: Now uses GNU TLS where available. ++ | servers/slapd/schema_init.c: Modified for GNU TLS- some functions ++ removed because GNU TLS layer does not support them yet. ++ | build/install-sh: Added for new autoconf. ++ | libraries/libldap/Makefile.in: Changed to compile GNU TLS portions. ++ | libraries/libldap/getdn.c: Stub function added, GNU TLS layer does ++ not support TLS certificates for authentication yet. ++ | libraries/libldap/tls.c: Now calls GNU TLS functions instead of ++ OpenSSL. ++ | libraries/libldap/gnutls.c: Added to support GNU TLS in place of ++ OpenSSL for TLS connections. ++ | libraries/libldap_r/Makefile.in: Changed to compile GNU TLS portions. ++ + debian/slapd.postinst: remove temp file if upgrading or doing a ++ reconfigure but the OLDSUFFIX and basedn match so that we do not ++ move an empty file overtop of slapd.conf. Closes: #190797. ++ + debian/slapd.init: Inform user when not starting slapd due to ++ no configuration file found. Deals with users who select to not ++ configure slapd during installation. ++ + debian/slapd.init: Removed cat <<-EOF and got rid of associated ++ tabs; best to not depend on tab vs. space distinction. ++ + debian/slapd.config: Change debconf question names to be fully ++ qualified in the $var from the for loop- organization is under ++ shared/ and domain is under slapd/, not both under slapd/. ++ + debian/slapd.postrm: Can not depend on debconf being around in ++ postrm so check before attempting to source it. Also protect ++ against failure from db_get. ++ + debian/slapd.postinst: Check for old directory and move it out ++ of the way if it exists on new configure or reconfigure. ++ + debian/slapd.postinst: Fix db_input's for error messages, ++ should be high priority and need to || true them. ++ + debian/slapd.postinst: Do not error exit once we've told the ++ user about the problem, if there was one, with slapcat/slapadd. ++ + debian/slapd.postinst: Make sure we get the organization before ++ we attempt to fix_ldif on old slapcat output. Default to unknown ++ if the organization is not set. ++ + debian/slapd.postinst: Be sure that slapd has been stopped before ++ attempting to fix and slapadd old slapcat. ++ + debian/slapd.postinst: Do not use --exec with s-s-d in postinst. ++ + debian/slapd.postinst: grep calls need to be || true'd when no ++ matching lines found is possible (this case is handled). ++ + debian/slapd.postinst: Be very sure slapd has stopped before ++ attempting to upgrade database. ++ + debian/slapd.preinst: Use either the pidfile or exec if pidfile ++ is not available when stopping. Do not put \"\" around pidfile. ++ Use $oldver instead of $2. ++ + debian/slapd.config: Reask questions on a reconfigure. Use the ++ same logic as slapd.postinst for when to ask questions regarding ++ the db. Be sure to db_go after db_input's. ++ + debian/slapd.templates: Fix allow_bind_v2 short description to ++ make more sense since the default is off. ++ + debian/slapd.preinst: Use perl instead of sed for handling conf. ++ + debian/slapd.postinst: Use perl instead of sed for handling conf, ++ use old sed method to insert \n's, user invoke-rc.d when slapd ++ needs to be stopped. Assume preinst shuts slapd down for upgrade. ++ + debian/slapd.postinst: Only stop slapd on reconfigure. ++ ++ * Torsten Landschoff : ++ + doc/man/man8/slapd.8: Refer to slapd.conf(5) for a description of ++ the debugging level (closes: #176980). ++ + debian/move_files: Kill of the static archives of our backend ++ modules as they are of absolutely no use. ++ ++ * Steve Langasek : ++ + debian/slapd.postinst: Add a new function, get_database_list, that ++ prints out the list of configured databases from slapd.conf ++ one row at a time. Move all of the upgrade handling into a ++ loop, and iterate through the configured databases. Since the ++ while loop is in fact a subshell, be sure to handle errors ++ correctly. We also have to look at the configured directory ++ for each database, instead of assuming /var/lib/ldap. ++ Closes: #190155, #190156. ++ + debian/slapd.preinst: Simplify the handling of error status: if ++ the slapcat fails, just remove the ldif file. Also, add the ++ suffix to the name of the output file, and add the ++ get_database_list function here as well. ++ ++ * Roland Bauerschmidt : ++ + debian/rules: call dh_makeshlibs with -plibldap2 rather than just ++ with libldap2 ++ + debian/slapd.postinst: Add question about no configuration. ++ + debian/slapd.templates: Add template for no config question. ++ + debian/slapd.templates: Add template for invalid suffix. ++ + debian/slapd.config: Add no configuration option. Closes: #87986 ++ + debian/slapd.config: Complain to the user on invalid domain/org. ++ ++ -- Stephen Frost Tue, 15 Jul 2003 12:37:05 -0400 ++ ++openldap2 (2.1.21-1) unstable; urgency=low ++ ++ * Torsten Landschoff : ++ + Merged new upstream release. ++ ++ * Stephen Frost : ++ + debian/control: Add libbind-dev and bind-dev to the conflicts for ++ slapd, the libs in them can end up being used even when not ++ compiled against causing getaddrinfo() to fail. Closes: #166777 ++ + debian/copyright: Flush out the copyright file to include all found ++ copyrights and updates to those. ++ + debian/copyright: Add clarification of MA license ++ + debian/copyright: Add clarification of JC license ++ + debian/slapd.templates: More clearly inform users of important ++ config change. Closes: #194192. ++ + debian/control: Remove patch from build-depends (dpkg-dev depends on it) ++ + debian/fix_ldif: Correctly handle base64-encoded DNs. Closes: #197014. ++ + debian/slapd.templates: Added templates for asking about LDAPv2 support ++ and telling the user of slapcat/slapadd failures during upgrade. ++ + debian/slapd.postinst: Added support for adding LDAPv2 support ++ + debian/slapd.postinst: Modified to handle slapcat/slapadd failure. ++ In the event of an upgrade failure the database will be left untouched ++ and the user notified. Closes: #192431 ++ + debian/slapd.postinst: Use ldif_dump_location in more places... ++ + debian/slapd.prerm: Check if upgrade failed and assume bad old init.d ++ script was used and attempt to shut down slapd with --oknodo in case ++ slapd isn't running. Closes: #193854. (Again) ++ + debian/slapd.conf: Add commented out allow line ++ + debian/rules: Tell dh_installinit to not touch slapd.prerm now. ++ + debian/slapd.postinst: Do a dry-run with slapadd first and check if ++ that worked or not. If it did not work then tell the user, otherwise ++ do a real slapadd which should work. ++ + debian/slapd.postinst: Make sure slapd is stopped before doing ++ slapadd/slapcat's and the like. (Note: The woody version does not ++ stop slapd). Closes: #189777. ++ + debian/slapd.postinst: Check if directories exist before attempting ++ to mkdir them. Closes: #189947 ++ + debian/slapd.README.debian: Add note about runlevel issue. ++ Closes: #175736 ++ + debian/move_files: Copy ldiftopasswd into /usr/share/slapd for users ++ to use, if they find it useful. Closes: #94963. ++ + debian/slapd.README.Debian: Added note about ldiftopasswd. ++ ++ * Roland Bauerschmidt : ++ + debian/slapd.postinst: fixed typos and check for the existence of ++ slapd.conf before reading it. ++ ++ -- Torsten Landschoff Thu, 19 Jun 2003 17:35:32 +0200 ++ ++openldap2 (2.1.17-3) unstable; urgency=low ++ ++ * Stephen Frost : ++ + debian/slapd.init: Add --oknodo for stopping slapd. Closes: #192423, #193854. ++ + debian/slapd.init: Change START_SLURPD to SLURPD_START. Closes: #190724. ++ + debian/libldap2.shlibs: Bump to 2.1.17- 2.1.12 never hit the archive. ++ These should only be bumped when new symbols are added so we should ++ figure out a way to handle checking that. ++ + debian/slapd.dirs: Added /var/run/slapd for pidfile ++ + debian/slapd.conf: Moved pidfile to /var/run/slapd; Needed if running ++ non-root. ++ + debian/slapd.conf: Clean up config file, be more explicit about what ++ directives are 'general', 'backend', and 'database'. Moved and ++ commented out 'replogfile' since it is database specific, wasn't doing ++ anything where it was and use of it depends on slurpd usage. ++ I consider this solving #151511 since we don't ask if you want to use ++ replication anymore anyway. Closes: #151511 ++ + debian/copy_slapd_dev_files: Added to copy the include files for ++ building slapd back-ends. ++ + debian/control: Add warning about libslapd2-dev ++ + debian/control: Add build-depend on po-debconf for dh_installdebconf ++ + debian/slapd.default: Add option for settings SLAPD_CONF file ++ + debian/slapd.init: Changed to use SLAPD_CONF, setting it to ++ /etc/ldap/slapd.conf if it is not specified. Closes: #91318 ++ + debian/control: Added libslapd2-dev to control file. Closes: #192163. ++ + debian/rules: Added binary-indep to the binary: build line and flushed ++ it out to build the libslapd2-dev deb. Added -k to dh_clean since we're ++ building arch and indep debs now. ++ + Maintainer upload, acknowledge NMU. Closes: #98039. ++ + Add debian/po/fr.po from 194740. Closes: #194740 ++ + Add space before ']' on line 113 of postinst. Closes: #194192, #194943 ++ ++ * Torsten Landschoff : ++ + debian/control: Enforce libldap2 to be the same version as slapd ++ as slapd (legitimately) uses internal functions of that library ++ (closes: #190164). ++ + debian/slapd.postinst: Fix the regexp for finding the database ++ definitions. ++ ++ * Steve Langasek : ++ + debian/slapd.preinst: don't use debconf or ldapsearch in the ++ preinst, as this is a policy violation (even if a previous ++ version was installed, it could've been removed-but-not-purged). ++ Closes: #189811, #195029. ++ + debian/slapd.{pre,post}inst: dump & fix up the directory in the ++ postinst, not in the preinst -- using slapcat/slapadd, not ++ ldapmodify. This ensures that the dump will succeed whenever the ++ database is present, rather than depending on access to an admin ++ dn. Closes: #190085. ++ + debian/fix_ldif, debian/move_files, debian/copyright: add Dave ++ Horsfall's dn-fixing script, to handle objectClass upgrading ++ + debian/slapd.postinst: Skip the duplicate prompting for the ++ organization name; we're guaranteed to always have one. ++ ++ -- Torsten Landschoff Fri, 6 Jun 2003 16:56:16 +0200 ++ ++openldap2 (2.1.17-2) unstable; urgency=low ++ ++ * The who-says-slavery-is-dead upload. ++ * Steve Langasek : ++ + debian/slapd.postinst: Fix the database regexp. ++ + debian/slapd.postinst: Only add moduleload lines *once* on upgrade ++ from 2.0. Wrap the backup code with a check for ++ /var/lib/slapd/upgrade_2.0, to guarantee idempotency. ++ Closes: #190401. ++ + debian/slapd.{config,templates,postinst}: On dpkg-reconfigure, ++ don't wipe out an existing config; only merge in any requested ++ changes. Also, prompt before wiping out the existing db. ++ Closes: #190799. ++ + debian/slapd.{postinst,examples},debian/rules: Move slapd.conf ++ from doc/slapd/examples to /usr/share/slapd, per policy. ++ + debian/slapd.postinst: make sure slapd.conf is always created ++ atomically. ++ + debian/slapd.postrm: If removing databases on package purge, ++ remove any database backups as well. ++ ++ * Torsten Landschoff : ++ + debian/configure.options: Disable ACIs because they are still ++ experimental. ++ + debian/control: Change section and priority of libldap2-dev to ++ libdevel and extra respectively (dinstall message). ++ + debian/slapd.preinst: Only query the object classes of the root ++ dn if there was no error parsing the config. ++ + Update templates for po-debconf using the patch submitted by ++ Andre Luis Lopes (closes: #189933). ++ + Use [[:space:]] instead of [\t ] in sed invocations since the ++ latter does not seem to work (reported by Daniel Lutz). ++ + debian/control: Add Replaces: entry for openldapd since ldif.5.gz ++ was included in the potato package of that name (closes: #190660). ++ + debian/control: Tighten the build dependency on libtldl3-dev as ++ versions before 1.4.3 required the .la file for dynamic binding ++ (thanks to Josip Rodin for pointing this out). ++ ++ -- Torsten Landschoff Sat, 19 Apr 2003 02:28:32 +0200 ++ ++openldap2 (2.1.17-1) unstable; urgency=low ++ ++ * New upstream release. ++ * Torsten Landschoff : ++ + debian/slapd.init: Improve the error reporting. If nothing is output ++ by the failing command don't leave the user alone but print a hint ++ to look into the logfile etc. ++ + debian/control: Require at least version 2.1.3 of libsasl2-dev ++ as this is what the configure script checks for. Pointed out by ++ Norbert Tretkowski. ++ + debian/slapd.{pre,post}inst: Small cleanups, added some comments, ++ adapted for the removal of the .la files in slapd package. ++ ++ -- Torsten Landschoff Sat, 19 Apr 2003 01:59:26 +0200 ++ ++openldap2.1 (2.1.16-1) unstable; urgency=low ++ ++ * New upstream release. ++ + build/top.mk: Remove patch to omit "-static" at linking time. Upstream ++ now respects the --enable-shared flag used at configuration time. ++ + debian/slapd.postinst: Automagically add the module load directives ++ after upgrade as needed. ++ + debian/slapd.config: ++ - Only ask questions to create a new directory on fresh install. ++ - Ask wether the right modules should automatically be loaded in ++ slapd.conf. ++ + debian/slapd.templates: Add the templates for autoloading modules ++ and fixing the directory. ++ + debian/slapd.preinst: New script to support upgrading from 2.0. ++ The old prerm did not stop the daemon so we have to do it here. ++ Also a first attempt to fix broken LDAP directories not acceptable ++ to 2.1. ++ - Conditionally load debconf when upgrading as it only has to ++ be available in that case. ++ + debian/slapd.preinst: Dump database before upgrade. ++ + debian/slapd.postinst: Recreate database from dump after upgrade. ++ Move old database out of the way. ++ ++ * Roland Bauerschmidt ++ + debian/slapd.README.Debian: mention that backend database modules are ++ now compiled as shared objects ++ ++ * Stephen Frost ++ + debian/slapd.conf: Drop the '.la' file extension ++ + debian/move_files: Drop and rm the .la files, they aren't necessary. ++ + debian/slapd.README.Debian: Dropped the .la from the module_load line. ++ + servers/slapd/daemon.c: check slapd_srvurls is not NULL before ++ deref; included in upstream CVS. ++ + servers/slapd/back-*/init.c: Change the munged symbol names to ++ init_module, they do not need to be munged, and cause problems when ++ they are and not using .la files (which cause other problems) ++ + servers/slapd/module.c: Change to use lt_dlopenext() so we don't ++ need the .la files ++ ++ -- Torsten Landschoff Wed, 26 Mar 2003 20:34:35 +0100 ++ ++openldap2.1 (2.1.12-1) experimental; urgency=low ++ ++ * Initial release of OpenLDAP 2.1 packages. Closes: #167566, #178014. ++ - this includes support for the >= and <= operators. Closes: #159078. ++ - fixes various upstream bugs. Closes: #171008. ++ ++ * Torsten Landschoff ++ - debian/check_config: Added script to check if OpenLDAP was configured ++ the way we want it. ++ - Don't build special TLS packages anymore - SSL is enabled in the ++ stock ldap library. Everything else will just give me more headaches. ++ - Build against libsasl2 instead of libsasl1. Closes: #176462. ++ - debian/control: ++ - Build-depend on debhelper 4.0 as debian/rules uses DH_COMPAT=4. ++ - Depend on coreutils | fileutils. Closes: #175704, #185676. ++ - Make libldap2 conflict with libldap2-tls which is obsolete now. ++ - debian/rules: Move the long list of configure options to a new ++ file debian/configure.options and read $(CONFIG) from that file. ++ - configure with --enable-aci. Closes: #101602. ++ - debian/slapd.init: Rewrite and add comments. ++ - Add support for running as non-root (closes: #111765, #157037). ++ - servers/slapd/main.c (main): Remove pid file on exit (closes: #162284). ++ - servers/slurpd/slurp.h: Change the default spool directory to ++ /var/spool/slurpd (avoids passing it via -t in init.d). ++ - servers/{slapd,slurpd}/Makefile.in: Install binaries into sbindir ++ instead of libexecdir. ++ - debian/control: Add Stephen Frost to the Uploaders field. Thanks ++ for your help, Stephen! ++ - contrib/ldapc++/config.{guess,sub}: Replaced with current files from ++ autotools-dev (lintian). Not actually neccessary since this part of ++ the package is not currently built but I think this is the best way ++ to shut up lintian :) ++ - build/mod.mk: Use -m 644 instead of -m 755 in installing shared ++ libraries. Shared libraries should not be marked as executable ++ (lintian). ++ - debian/libldap2.conffiles: Remove, since we are using version 4 ++ of debhelper which tags everything in /etc as conffile by default. ++ - debian/rules: Change the mode of everything upstream installed into ++ /etc to 0644 as required by policy (lintian). ++ - debian/rules: Call dh_installdeb later in the binary target so that ++ the conffiles are already there for listing. Without this nothing in ++ /etc gets tagged as conffile... (lintian). ++ - debian/rules: Pass the start and stop priority of slapd to ++ dh_installinit in preparation for a postinst supported by debhelper. ++ - debian/rules: Call dh_installdirs again. ++ - Rewrite slapd.config, slapd.postinst, slapd.templates - a first try ++ in getting slapd to configure itself. Way to go. ++ ++ * Roland Bauerschmidt ++ - debian/control: ++ - build-depend on libdb4.1-dev instead of libdb4.0-dev ++ - conflict, replace, and provide libldap2-tls (libldap2) ++ - removed ldap-gateways binary package ++ - drop suggestion to obsolete openldap-guide. Closes: #171894, #146968. ++ - debian/rules: ++ - build with BDB backend ++ - run dh_installdeb ++ - only run dh_makeshlibs for libldap2 ++ - debian/slapd.dirs: added to create /var/lib/ldap and /var/spool/slurpd ++ - debian/slapd.postinst: ++ - properly remove temporary files on errors. Closes: #160412. ++ - install init.d link if slapd.conf already exists. Closes: #159542. ++ - run db_stop even if package isn't configured for the first time. This ++ prevents hanging during upgrades. ++ - added debian/slapd.default and use it from debian/slapd.init. ++ Closes: #160964, #176832. ++ - added debian/slapd.README.Debian ++ - added versioned dependency on coreutils to make lintian quiet. ++ - added debian/slapd.postrm ++ - remove slapd.conf when package is purged ++ - remove /var/lib/ldap when slapd/purge_database is true ++ - remove /etc/ldap/schema if empty. Closes: #185173. ++ - debian/templates: added slapd/purge_database template ++ - build/top.mk: link against libcrypt before other SECURITY_LIBS ++ - debian/libldap2.shlibs: tighten dependencies. Closes: #181168. ++ ++ * Stephen Frost ++ - debian/control: added libltdl2-dev and libslp-dev to the build-depends ++ - Correct typo for back-sql init routine; already in OpenLDAP upstream ++ CVS ++ - Correct free of SASL interact results; already in OpenLDAP upstream CVS ++ - Duplicate the DN from SASL to ensure '\0' termination; already in ++ OpenLDAP upstream CVS ++ - debian/control: added Replaces: slapd (<< 2.1) for ldap-utils due to ++ ldif.5 move. ++ - Add modulepath /usr/lib/ldap to default slapd config ++ - Add moduleload back_bdb to default slapd config ++ - Changed libexecdir to ${prefix}/lib ++ - Add usr/lib/ldap to slapd portion of move_files ++ - Modified backend types to be built as modules for dynamic loading ++ - Fixed pt_BR translation ++ ++ -- Roland Bauerschmidt Sat, 15 Mar 2003 21:35:24 +0100 ++ ++openldap2 (2.0.27-3) unstable; urgency=high ++ ++ * [SECURITY]: Apply the patch used by SuSE in SuSE-SA:2002:047 ++ (or rather the parts of it not yet included upstream). ++ ++ -- Torsten Landschoff Fri, 20 Dec 2002 04:47:15 +0100 ++ ++openldap2 (2.0.27-2) unstable; urgency=low ++ ++ * debian/control: Make libldap2-dev depend on libssl-dev and ++ libsasl-dev, since those libs are pulled via the libldap.la file ++ (closes: #164791). ++ * debian/control: Add shlibs:Depends to libldap2-tls as well. Most ++ of those depends are pulled via libldap2 but of course libssl ++ is not among those. (closes: #169950). ++ * debian/libldap2-tls: Remove old divertions on "configure" and not ++ on "upgrade" - the latter is not really called. ++ ++ -- Torsten Landschoff Fri, 22 Nov 2002 00:35:29 +0100 ++ ++openldap2 (2.0.27-1) unstable; urgency=low ++ ++ * New upstream release. ++ ++ -- Torsten Landschoff Wed, 6 Nov 2002 01:12:06 +0100 ++ ++openldap2 (2.0.23-14) unstable; urgency=low ++ ++ * debian/rules: Remove search paths from .la files using some perl ++ trickery (closes: #110479). ++ * debian/libldap2.README.debian: Document the NSS problem which stops /usr ++ from being unmounted cleanly when using libnss-ldap (for more info ++ see bug#159771). ++ ++ * Started cleaning up the maintainer scripts: ++ - Remove creation of the /usr/doc symlinks (lintian). ++ - Don't run ldconfig in prerm scripts (lintian). ++ ++ -- Torsten Landschoff Mon, 30 Sep 2002 12:10:05 +0200 ++ ++openldap2 (2.0.23-13) unstable; urgency=low ++ ++ * As Ashley Clark found out the preinst of libldap-tls fails for a new ++ install. My fault - I did not check that (removing ldap is cumbersome ++ if you are using it... :) and the scripts were only checked without ++ "set -e" in effect. ++ + debian/libldap2-tls.preinst: Apply Ashley's patch (thanks a lot, ++ Ashley. closes: #162123). ++ + Coincidently the other installation scripts seem to be okay, the ++ failing command is in the middle of a pipe and therefore ignored. ++ ++ -- Torsten Landschoff Tue, 24 Sep 2002 12:56:18 +0200 ++ ++openldap2 (2.0.23-12) unstable; urgency=low ++ ++ * Apply the patch from upstream ITS#2012 to support MD5 hashes. Problem ++ is that OpenSSL comes with its own version of the crypt() function ++ which is linked in instead of the system's version from libcrypt. ++ The patch changes the link order so that slapd takes the system's ++ implementation. ++ * debian/rules: Pass --enable-crypt-first to configure to enable the ++ patch (closes: #160763). ++ * Fix the diversion handling of libldap2-tls: ++ - preinst: Only install diversions that are not there. ++ - postrm: Remove this package's diversions. ++ - postinst: Remove obsolete diversions after upgrade. ++ - Removal of diversions is done in reverted order of the installation. ++ ++ * Enable DNSSRV support as requested by Turbo. No Kerberos for now, sorry. ++ * debian/control: Updates Standards-Version to 3.5.7 and fix running ++ of ldconfig in maintainer scripts. ++ ++ -- Torsten Landschoff Mon, 23 Sep 2002 12:18:40 +0200 ++ ++openldap2 (2.0.23-11) unstable; urgency=low ++ ++ * debian/rules: Build with --with-tls (closes: #80591, #155937). ++ * debian/control: ++ + Add build dependency on libssl-dev. ++ + Specify Roland Bauerschmidt as co maintainer. ++ * Added the trickery to have libldap2 without TLS and libldap2-tls ++ with the TLS stuff. Otherwise we have to change the base system, ++ and god knows how long that would take. ++ ++ Most of the changes done by Roland Bauerschmidt. We now build the ++ source two times - with and without ssl. We mostly use the ssl enabled ++ stuff with the exception of a libldap2 package which does not have ++ support for that. If you need TLS support you have to install ++ libldap2-tls, which diverts the libraries from libldap2 out of the ++ way and replaces them with the TLS enabled version. ++ ++ -- Torsten Landschoff Thu, 29 Aug 2002 13:35:39 +0200 ++ ++openldap2 (2.0.23-10) unstable; urgency=low ++ ++ * debian/control: Build depend on libdb4.0-dev instead of libdb3-dev. ++ This should fix the index corruption problems (closes: #152959). ++ ++ -- Torsten Landschoff Sun, 18 Aug 2002 19:47:02 +0200 ++ ++openldap2 (2.0.23-9) unstable; urgency=low ++ ++ * debian/slapd.init: Wait for the daemons to actually terminate for ++ the stop action (which is used for restart) and trap all errors ++ (closes: #148033). ++ * debian/rules: Build with -D_FILE_OFFSET_BITS=64 to support files ++ bigger than 2GB on all architectures (closes: #155197). As off_t is ++ about never used in the source that should not create any problems. ++ * debian/control: Make libldap2-dev depend on libsasl-dev ++ (closes: #135223, #96957). ++ * doc/man/man1/ldapmodify.1: Fix typo (closes: #105905). ++ * debian/rules: Create symlinks for some manpages (closes: #99547). ++ * Fix spelling error in description of ldap-gateways (closes: #124859). ++ * debian/copyright: Include the full content of the LICENSE file ++ (closes: #151222). ++ ++ -- Torsten Landschoff Thu, 8 Aug 2002 15:54:46 +0200 ++ ++openldap2 (2.0.23-8) unstable; urgency=low ++ ++ * New maintainer. ++ * debian/control: Build-Conflict with libbind-dev to use the right ++ resolver library everywhere (closes: #112459). Of course, the ++ real solution must be to fix the configure script to not detect ++ libbind-dev and use the right resolver all the time. But a work around ++ is better than nothing I would say... ++ ++ -- Torsten Landschoff Wed, 7 Aug 2002 14:53:39 +0200 ++ ++openldap2 (2.0.23-7) unstable; urgency=low ++ ++ * Add Brazilian translation for debconf templates. Closes: Bug#114021 ++ * Fix hostless LDAP URLs, patch from Lamont Jones. Closes: Bug#140387 ++ ++ -- Wichert Akkerman Sat, 4 May 2002 20:05:32 +0200 ++ ++openldap2 (2.0.23-6) unstable; urgency=high ++ ++ * Make slapd.config idempotent, so that calling it once (during ++ preconfiguration) and again (during postinst) doesn't break things. ++ Patch from Anthony Towns. Closes: Bug#137552). ++ ++ -- Wichert Akkerman Sun, 14 Apr 2002 19:10:50 +0200 ++ ++openldap2 (2.0.23-5) unstable; urgency=high ++ ++ * Fix slurpd invocation in slapd.init. Closes: Bug#141959 ++ * Ask for admin DN when using LDIF initialization as well. ++ Lets hope this finally Closes: Bug#137552 ++ * Merge German translation for debconf templates. Closes: Bug#141712 ++ * Add Build-Depends on debconf-utils since we use debconf-mergetemplate ++ * Remove bogus error from slapd.init. Closes: Bug#137718 ++ ++ -- Wichert Akkerman Tue, 9 Apr 2002 14:49:27 +0200 ++ ++openldap2 (2.0.23-4) unstable; urgency=high ++ ++ * Only show already-configured note on initial installs. Closes: Bug#137100 ++ * Supply -t option to slurpd when starting it, not when stopping it. ++ Closes: Bug#136240 ++ * Use db_input instead of db_get for notes in the slapd postinst. ++ * Only fetch password from debconf when not using ldif initialization. ++ Closes: Bug#138558,#137552 ++ * Check if slapd.conf exists in slapd postinst. Closes: Bug#138136 ++ ++ -- Wichert Akkerman Sat, 6 Apr 2002 23:02:42 +0200 ++ ++openldap2 (2.0.23-3) unstable; urgency=high ++ ++ * If can not get a password for the admin entry when installing slapd ++ generate one randomly. Closes: Bug#134774 ++ * Bump shlibs dependency to 2.0.23 ++ ++ -- Wichert Akkerman Thu, 21 Feb 2002 23:23:57 +0100 ++ ++openldap2 (2.0.23-2) unstable; urgency=high ++ ++ * Create /var/spool/slurpd and tell slurpd to use that as temporary ++ directory. Closes: Bug#134564 ++ * Improve debconf prompts a bit. Closes: Bug#134945 ++ * Properly set default value for domain ++ * Clear crypted password from debconf after creating the LDAP directory ++ ++ -- Wichert Akkerman Sun, 17 Feb 2002 16:07:18 +0100 ++ ++openldap2 (2.0.23-1) unstable; urgency=high ++ ++ * Upstream updated config.{guess,sub} so we are back to zero patches ++ again. ++ * Apply fix from Klaus Duscher for the missing password problem: the ++ config script did not check if it was run twice without slapd.conf ++ being generated in between and would abort with a missing password ++ error. Closes: Bug#132566 ++ * Change slapd priority for boot sequence to start earlier and stop ++ later so people can use LDAP for NSS purposes. Closes: Bug#130277 ++ ++ -- Wichert Akkerman Sun, 17 Feb 2002 16:07:18 +0100 ++ ++openldap2 (2.0.22-2) unstable; urgency=low ++ ++ * Update config.{guess,sub} again. Closes: Bug#131469 ++ ++ -- Wichert Akkerman Thu, 7 Feb 2002 22:33:01 +0100 ++ ++openldap2 (2.0.22-1) unstable; urgency=low ++ ++ * New upstream version ++ * Build properly as non-native package ++ ++ -- Wichert Akkerman Wed, 6 Feb 2002 00:17:20 +0100 ++ ++openldap2 (2.0.21-3) unstable; urgency=high ++ ++ * Add logic to config and postinst to configure replication as well ++ * Don't fail in slapd postinst if we can't stop slapd. Closes: Bug#131617 ++ * Change localstatedir to /var/lib ++ * Remove /var/lib/ldap when purging slapd ++ * Don't remove user-supplied ldif file after creating the directory ++ * Set default replogfile ++ * Fix typo in severity for no_password note ++ * Encrypt admin password and remove it from the debconf database ++ ++ -- Wichert Akkerman Thu, 31 Jan 2002 17:03:36 +0100 ++ ++openldap2 (2.0.21-2) unstable; urgency=medium ++ ++ * Update config.{guess,sub} and forwarded upstream (ITS#1567). ++ Closes: Bug#131469 ++ * Remove -x from slapd postinst. Closes: Bug#131502 ++ ++ -- Wichert Akkerman Wed, 30 Jan 2002 10:53:45 +0100 ++ ++openldap2 (2.0.21-1) unstable; urgency=high ++ ++ * New upstream version, ++ * Update copyright ++ * Update config.guess and config.sub ++ * Redone packaging, no more dbs or debhelper ++ * Drop all patches, they are either unnecessary or alternatives have ++ been made upstream ++ ++ -- Wichert Akkerman Tue, 29 Jan 2002 17:04:10 +0100 ++ ++openldap2 (2.0.14-1) unstable; urgency=high ++ ++ * New upstream version, which includes a billion second bug. ++ Closes: Bug#111833 ++ * Drop 005_libldbm_dbopen, upgrading the database in place no longer works ++ with the new db-env code. ++ * Redo 008_porting_maxpathlen ++ ++ -- Wichert Akkerman Sat, 15 Sep 2001 13:39:46 +0200 ++ ++openldap2 (2.0.11-2) unstable; urgency=low ++ ++ * Test if /etc/init.d/slapd is executable when purging slapd. ++ Closes: Bug#100938 ++ * Update 008_porting_maxpathlen. Closes: Bug#100584 ++ * Don't use four11 as referral example anymore. Closes: Bug#99998 ++ * Fix synopsis of slapindex manpage. Added to 002_man_fixes. ++ Closes: Bug#98805 ++ * Removed stray backup file from 002_man_fixes ++ ++ -- Wichert Akkerman Tue, 19 Jun 2001 01:01:17 +0200 ++ ++openldap2 (2.0.11-1) unstable; urgency=low ++ ++ * New upstream version ++ * Add autoconf to Build-Depends. Closes: Bug#99440 ++ * Fix new db upgrade patch. Closes: Bug#98853 ++ ++ -- Wichert Akkerman Sun, 3 Jun 2001 00:25:47 +0200 ++ ++openldap2 (2.0.10-2) unstable; urgency=low ++ ++ * Tighten shlibs dependency to >= 2.0.1-1. Closes: Bug#98683 ++ ++ -- Wichert Akkerman Fri, 25 May 2001 16:32:35 +0200 ++ ++openldap2 (2.0.10-1) unstable; urgency=low ++ ++ * New upstream version ++ * New maintainer ++ * Remove useless LINE_WIDTH bit from patch 000_clients ++ * Patch 004_ssl_fix has been merged upstream, removed ++ * Redo 005_db3_upgrade ++ * Rediff all other patches ++ ++ -- Wichert Akkerman Thu, 24 May 2001 14:56:02 +0200 ++ ++openldap2 (2.0.7-6) unstable; urgency=low ++ ++ * Make sure autoconf is run if configure.in is changed (for Hurd patch), ++ closes: #96145 ++ * Fix slapd.postinst in the case of using an ldif file, closes: #95600 ++ * Use a var for slapd.conf in slapd init script. Partially fixes bug ++ 91318. ++ * Fixed hurd patch for strrchr in replog.c, closes: #93605 ++ ++ -- Ben Collins Mon, 7 May 2001 23:00:27 -0400 ++ ++openldap2 (2.0.7-5) unstable; urgency=low ++ ++ * Fixed db3 upgrade code, closes: #92331, #92916 ++ * m68k should compile fine with db3 now, closes: #90165 ++ * Included provided patch for Hurd compilation, closes: #88079 ++ ++ -- Ben Collins Wed, 4 Apr 2001 17:46:47 -0400 ++ ++openldap2 (2.0.7-4) unstable; urgency=low ++ ++ * slapd.conf is no longer a conffile, and not provided by the package. ++ Instead, it is only generated. closes: #81359 ++ * Fixed by previous upload, closes: #71852, #78950, #82491 ++ * Actually install the netscape schema, closes: #90323 ++ * Add comment to README.Debian about being compiled with libwrap, ++ closes: #84954 ++ * Provide example sasl config file, closes: #90855 ++ * Conflict replace openldap-utils (ldap-utils), and libopenldap-dev ++ (libldap2-dev), closes: #71471 ++ * Revert to using some code to upgrade previous db's. Remove slapd's dep ++ on db3-util, and remove postinst code that upgrades the db's. ++ ++ -- Ben Collins Sat, 24 Mar 2001 21:59:20 -0500 ++ ++openldap2 (2.0.7-3) unstable; urgency=low ++ ++ * netscape-profile.schema: new schema for old roaming support ++ * 004_ssl_fix.diff: Fix for SSL support (not compiled in, but some ++ people use it). ++ * slapd.config: FINALLY fix the "dc=" base bug. ++ * Build-Depend on libdb3-dev now that it is available. ++ * Now that we use db3, make sure we upgrade existing databases to the ++ db3 format with db3_upgrade. ++ ++ -- Ben Collins Sun, 11 Mar 2001 23:36:34 -0500 ++ ++openldap2 (2.0.7-2) unstable; urgency=low ++ ++ * slapd.postinst: fix debhelper wraper so it gets the right @argv, ++ closes: #71854 ++ * sendmail appears to be compiled against glibc2.2/libdb2 now, ++ closes: #71602 ++ * %strace ldapsearch cn=admin | & grep /etc | grep ldap ++ open("/etc/ldap/ldap.conf", O_RDONLY) = 3 ++ closes: #71716 ++ * ldap_first_attribute.3: s/ber_free(3)/ber_free/. closes: #76719 ++ * init.d/slapd: fix reference to pidfile, and also remove the pidfile ++ after killing the daemon, closes: #77633, #77635 ++ * Fix fgets buffer size thinko in slurpd. closes: #78003 ++ * slapd.8: s/ldap.h/slapd.conf(5)/. closes: #80457 ++ ++ -- Ben Collins Sun, 31 Dec 2000 00:02:46 -0500 ++ ++openldap2 (2.0.7-1) unstable; urgency=low ++ ++ * New upstream ++ * Removed hack for shlibs now that dpkg 1.7 is available, added dpkg-dev ++ 1.7.1 to build-depends. ++ * start using DH_COMPAT=2 ++ ++ -- Ben Collins Fri, 10 Nov 2000 18:53:25 -0500 ++ ++openldap2 (2.0.2-2) unstable; urgency=low ++ ++ * Recompile against libdb2/glibc 2.1.94/sasl ++ ++ -- Ben Collins Wed, 27 Sep 2000 11:31:59 -0400 ++ ++openldap2 (2.0.2-1) unstable; urgency=low ++ ++ * New upstream version, includes some patches from me that fix some ++ stability issues ++ * debian/control:Build-Depends: change libwrap-dev to libwrap0-dev for ++ clarity, closes: #71366 ++ * debian/rules: make sure mail500 docs do not get installed under bogus ++ subdirs, closes: #71473 ++ * debian/README.build,debian/scripts/dbs-build.mk: Fix and document ++ build system better, closes: #71584 ++ * debian/local/slapd.conf: Setup default ACL's to work with openldap2 ++ correctly, closes: #71127, #71131 ++ * debian/README: document how to access OpenLDAP 1 servers via ++ ldap-utils, closes: #71469 ++ * debian/rules:CFLAGS: add -I/usr/include/db2 to make sure we get the ++ right header, closes: #71470 ++ * I cannot reproduce this. In debian/rules I have done exactly what is ++ needed to keep it from happening, and sparc, i386 and powerpc builds ++ do not show it, closes: #71472 ++ ++ -- Ben Collins Wed, 13 Sep 2000 22:32:35 -0400 ++ ++openldap2 (2.0.1-2) unstable; urgency=low ++ ++ * Fixed up depend for libldap2 on itself ++ ++ -- Ben Collins Wed, 6 Sep 2000 13:24:06 -0400 ++ ++openldap2 (2.0.1-1) unstable; urgency=low ++ ++ * New upstream version ++ * Added libsasl-dev to build-deps, closes: #70923 ++ ++ -- Ben Collins Tue, 5 Sep 2000 06:49:05 -0400 ++ ++openldap2 (2.0-1) unstable; urgency=low ++ ++ * Initial release of OpenLDAP 2 test code ++ ++ -- Ben Collins Tue, 29 Aug 2000 14:28:39 -0400 diff --cc debian/clean index 00000000,00000000..42e651c6 new file mode 100644 --- /dev/null +++ b/debian/clean @@@ -1,0 -1,0 +1,2 @@@ ++debian/libldap-2.4-2.links ++debian/libldap2-dev.links diff --cc debian/compat index 00000000,00000000..f599e28b new file mode 100644 --- /dev/null +++ b/debian/compat @@@ -1,0 -1,0 +1,1 @@@ ++10 diff --cc debian/configure.options index 00000000,00000000..08a55e08 new file mode 100644 --- /dev/null +++ b/debian/configure.options @@@ -1,0 -1,0 +1,204 @@@ ++#`configure' configures this package to adapt to many kinds of systems. ++# ++#Usage: ./configure [OPTION]... [VAR=VALUE]... ++# ++#To assign environment variables (e.g., CC, CFLAGS...), specify them as ++#VAR=VALUE. See below for descriptions of some of the useful variables. ++# ++#Defaults for the options are specified in brackets. ++# ++#Configuration: ++# -h, --help display this help and exit ++# --help=short display options specific to this package ++# --help=recursive display the short help of all the included packages ++# -V, --version display version information and exit ++# -q, --quiet, --silent do not print `checking...' messages ++# --cache-file=FILE cache test results in FILE [disabled] ++# -C, --config-cache alias for `--cache-file=config.cache' ++# -n, --no-create do not create output files ++# --srcdir=DIR find the sources in DIR [configure dir or `..'] ++# ++#Installation directories: ++# --prefix=PREFIX install architecture-independent files in PREFIX ++# [/usr/local] ++--prefix=/usr ++# --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX ++# [PREFIX] ++# ++#By default, `make install' will install all the files in ++#`/usr/local/bin', `/usr/local/lib' etc. You can specify ++#an installation prefix other than `/usr/local' using `--prefix', ++#for instance `--prefix=$HOME'. ++# ++#For better control, use the options below. ++# ++#Fine tuning of the installation directories: ++# --bindir=DIR user executables [EPREFIX/bin] ++# --sbindir=DIR system admin executables [EPREFIX/sbin] ++# --libexecdir=DIR program executables [EPREFIX/libexec] ++--libexecdir='${prefix}/lib' ++# --sysconfdir=DIR read-only single-machine data [PREFIX/etc] ++--sysconfdir=/etc ++# --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] ++# --localstatedir=DIR modifiable single-machine data [PREFIX/var] ++--localstatedir=/var ++# --libdir=DIR object code libraries [EPREFIX/lib] ++# --includedir=DIR C header files [PREFIX/include] ++# --oldincludedir=DIR C header files for non-gcc [/usr/include] ++# --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] ++# --datadir=DIR read-only architecture-independent data [DATAROOTDIR] ++# --infodir=DIR info documentation [DATAROOTDIR/info] ++# --localedir=DIR locale-dependent data [DATAROOTDIR/locale] ++# --mandir=DIR man documentation [DATAROOTDIR/man] ++--mandir='${prefix}/share/man' ++# --docdir=DIR documentation root [DATAROOTDIR/doc/PACKAGE] ++# --htmldir=DIR html documentation [DOCDIR] ++# --dvidir=DIR dvi documentation [DOCDIR] ++# --pdfdir=DIR pdf documentation [DOCDIR] ++# --psdir=DIR ps documentation [DOCDIR] ++# ++#Program names: ++# --program-prefix=PREFIX prepend PREFIX to installed program names ++# --program-suffix=SUFFIX append SUFFIX to installed program names ++# --program-transform-name=PROGRAM run sed PROGRAM on installed program names ++# ++#System types: ++# --build=BUILD configure for building on BUILD [guessed] ++# --host=HOST cross-compile to build programs to run on HOST [BUILD] ++# --target=TARGET configure for building compilers for TARGET [HOST] ++# ++#Optional Features: ++# --disable-option-checking ignore unrecognized --enable/--with options ++# --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) ++# --enable-FEATURE[=ARG] include FEATURE [ARG=yes] ++# --enable-debug enable debugging no|yes|traditional [yes] ++--enable-debug ++# --enable-dynamic enable linking built binaries with dynamic libs [no] ++--enable-dynamic ++# --enable-syslog enable syslog support [auto] ++--enable-syslog ++# --enable-proctitle enable proctitle support [yes] ++--enable-proctitle ++# --enable-ipv6 enable IPv6 support [auto] ++--enable-ipv6 ++# --enable-local enable AF_LOCAL (AF_UNIX) socket support [auto] ++--enable-local ++# ++#SLAPD (Standalone LDAP Daemon) Options: ++# --enable-slapd enable building slapd [yes] ++--enable-slapd ++# --enable-dynacl enable run-time loadable ACL support (experimental) [no] ++--enable-dynacl ++# --enable-aci enable per-object ACIs (experimental) no|yes|mod [no] ++--enable-aci ++# --enable-cleartext enable cleartext passwords [yes] ++--enable-cleartext ++# --enable-crypt enable crypt(3) passwords [no] ++--enable-crypt ++# --enable-lmpasswd enable LAN Manager passwords [no] ++--disable-lmpasswd ++# --enable-spasswd enable (Cyrus) SASL password verification [no] ++--enable-spasswd ++# --enable-modules enable dynamic module support [no] ++--enable-modules ++# --enable-rewrite enable DN rewriting in back-ldap and rwm overlay [auto] ++--enable-rewrite ++# --enable-rlookups enable reverse lookups of client hostnames [no] ++--enable-rlookups ++# --enable-slapi enable SLAPI support (experimental) [no] ++--enable-slapi ++# --enable-slp enable SLPv2 support [no] ++--disable-slp ++# --enable-wrappers enable tcp wrapper support [no] ++--enable-wrappers ++# ++#SLAPD Backend Options: ++# --enable-backends enable all available backends no|yes|mod ++--enable-backends=mod ++# --enable-bdb enable Berkeley DB backend no|yes|mod [yes] ++# --enable-dnssrv enable dnssrv backend no|yes|mod [no] ++# --enable-hdb enable Hierarchical DB backend no|yes|mod [yes] ++# --enable-ldap enable ldap backend no|yes|mod [no] ++# --enable-mdb enable mdb database backend no|yes|mod [yes] ++# --enable-meta enable metadirectory backend no|yes|mod [no] ++# --enable-monitor enable monitor backend no|yes|mod [yes] ++# --enable-ndb enable MySQL NDB Cluster backend no|yes|mod [no] ++--disable-ndb ++# --enable-null enable null backend no|yes|mod [no] ++# --enable-passwd enable passwd backend no|yes|mod [no] ++# --enable-perl enable perl backend no|yes|mod [no] ++# --enable-relay enable relay backend no|yes|mod [yes] ++# --enable-shell enable shell backend no|yes|mod [no] ++# --enable-sock enable sock backend no|yes|mod [no] ++# --enable-sql enable sql backend no|yes|mod [no] ++# ++#SLAPD Overlay Options: ++# --enable-overlays enable all available overlays no|yes|mod ++--enable-overlays=mod ++# --enable-accesslog In-Directory Access Logging overlay no|yes|mod [no] ++# --enable-auditlog Audit Logging overlay no|yes|mod [no] ++# --enable-collect Collect overlay no|yes|mod [no] ++# --enable-constraint Attribute Constraint overlay no|yes|mod [no] ++# --enable-dds Dynamic Directory Services overlay no|yes|mod [no] ++# --enable-deref Dereference overlay no|yes|mod [no] ++# --enable-dyngroup Dynamic Group overlay no|yes|mod [no] ++# --enable-dynlist Dynamic List overlay no|yes|mod [no] ++# --enable-memberof Reverse Group Membership overlay no|yes|mod [no] ++# --enable-ppolicy Password Policy overlay no|yes|mod [no] ++# --enable-proxycache Proxy Cache overlay no|yes|mod [no] ++# --enable-refint Referential Integrity overlay no|yes|mod [no] ++# --enable-retcode Return Code testing overlay no|yes|mod [no] ++# --enable-rwm Rewrite/Remap overlay no|yes|mod [no] ++# --enable-seqmod Sequential Modify overlay no|yes|mod [no] ++# --enable-sssvlv ServerSideSort/VLV overlay no|yes|mod [no] ++# --enable-syncprov Syncrepl Provider overlay no|yes|mod [yes] ++# --enable-translucent Translucent Proxy overlay no|yes|mod [no] ++# --enable-unique Attribute Uniqueness overlay no|yes|mod [no] ++# --enable-valsort Value Sorting overlay no|yes|mod [no] ++# ++#Library Generation & Linking Options ++# --enable-static[=PKGS] build static libraries [default=yes] ++# --enable-shared[=PKGS] build shared libraries [default=yes] ++# --enable-fast-install[=PKGS] ++# optimize for fast installation [default=yes] ++# --disable-dependency-tracking speeds up one-time build ++# --enable-dependency-tracking do not reject slow dependency extractors ++# --disable-libtool-lock avoid locking (might break parallel builds) ++# ++#Optional Packages: ++# --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] ++# --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) ++# --with-subdir=DIR change default subdirectory used for installs ++--with-subdir=ldap ++# --with-cyrus-sasl with Cyrus SASL support [auto] ++--with-cyrus-sasl ++# --with-fetch with fetch(3) URL support [auto] ++# --with-threads with threads [auto] ++--with-threads ++# --with-tls with TLS/SSL support auto|openssl|gnutls|moznss [auto] ++--with-tls=gnutls ++# --with-yielding-select with implicitly yielding select [auto] ++# --with-mp with multiple precision statistics auto|longlong|long|bignum|gmp [auto] ++# --with-odbc with specific ODBC support iodbc|unixodbc|odbc32|auto [auto] ++--with-odbc=unixodbc ++# --with-gnu-ld assume the C compiler uses GNU ld [default=no] ++# --with-pic try to use only PIC/non-PIC objects [default=use ++# both] ++# --with-tags[=TAGS] include additional configurations [automatic] ++# ++#See INSTALL file for further details. ++# ++#Some influential environment variables: ++# CC C compiler command ++# CFLAGS C compiler flags ++# LDFLAGS linker flags, e.g. -L if you have libraries in a ++# nonstandard directory ++# LIBS libraries to pass to the linker, e.g. -l ++# CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if ++# you have headers in a nonstandard directory ++# CPP C preprocessor ++# ++#Use these variables to override the choices made by `configure' or to help ++#it to find libraries and programs with nonstandard names/locations. ++# ++#Report bugs to the package provider. diff --cc debian/control index 00000000,00000000..a73cc19b new file mode 100644 --- /dev/null +++ b/debian/control @@@ -1,0 -1,0 +1,128 @@@ ++Source: openldap ++Section: net ++Priority: optional ++Maintainer: Debian OpenLDAP Maintainers ++Uploaders: Steve Langasek , ++ Torsten Landschoff , ++ Ryan Tandy ++Build-Depends: debhelper (>= 10), ++ dpkg-dev (>= 1.17.14), ++ groff-base, ++ heimdal-multidev (>= 7.4.0.dfsg.1-1~) , ++ libargon2-dev , ++ libdb5.3-dev , ++ libgnutls28-dev, ++ libltdl-dev , ++ libperl-dev (>= 5.8.0) , ++ libsasl2-dev, ++ libwrap0-dev , ++ nettle-dev , ++ perl:any, ++ po-debconf, ++ unixodbc-dev ++Build-Conflicts: libbind-dev, bind-dev, autoconf2.13 ++Standards-Version: 4.6.0 ++Homepage: https://www.openldap.org/ ++Rules-Requires-Root: no ++Vcs-Git: https://salsa.debian.org/openldap-team/openldap.git ++Vcs-Browser: https://salsa.debian.org/openldap-team/openldap ++ ++Package: slapd ++Architecture: any ++Build-Profiles: ++Pre-Depends: debconf (>= 0.5) | debconf-2.0, ${misc:Pre-Depends} ++Depends: ${shlibs:Depends}, libldap-2.4-2 (= ${binary:Version}), ++ coreutils (>= 4.5.1-1), psmisc, perl:any (>> 5.8.0) | libmime-base64-perl, ++ adduser, lsb-base (>= 3.2-13), ${perl:Depends}, ${misc:Depends} ++Recommends: ldap-utils ++Suggests: libsasl2-modules, ++ libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal ++Conflicts: umich-ldapd, ldap-server, libltdl3 (= 1.5.4-1) ++Replaces: libldap2, ldap-utils (<< 2.2.23-3) ++Provides: ldap-server, ${slapd:Provides} ++Description: OpenLDAP server (slapd) ++ This is the OpenLDAP (Lightweight Directory Access Protocol) server ++ (slapd). The server can be used to provide a standalone directory ++ service. ++ ++Package: slapd-contrib ++Architecture: any ++Build-Profiles: ++Depends: slapd (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} ++Provides: slapd-smbk5pwd ++Breaks: slapd-smbk5pwd (<< 2.4.47+dfsg-2~) ++Replaces: slapd-smbk5pwd (<< 2.4.47+dfsg-2~) ++Description: contributed plugins for OpenLDAP slapd ++ This package contains a number of slapd overlays and plugins contributed by ++ the OpenLDAP community. While distributed as part of OpenLDAP Software, they ++ are not necessarily supported by the OpenLDAP Project. ++ ++Package: slapd-smbk5pwd ++Architecture: all ++Section: oldlibs ++Build-Profiles: ++Depends: slapd-contrib, ${misc:Depends} ++Breaks: slapd (<< 2.4.47+dfsg-2~) ++Description: transitional package for slapd-contrib ++ This is a transitional package from slapd-smbk5pwd to slapd-contrib. It can be ++ safely removed. ++ ++Package: ldap-utils ++Architecture: any ++Depends: ${shlibs:Depends}, libldap-2.4-2 (= ${binary:Version}), ${misc:Depends} ++Suggests: libsasl2-modules, ++ libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal ++Conflicts: umich-ldap-utils, openldap-utils, ldap-client ++Replaces: openldap-utils, slapd (<< 2.2.23-0.pre6), openldapd ++Provides: ldap-client, openldap-utils ++Description: OpenLDAP utilities ++ This package provides utilities from the OpenLDAP (Lightweight ++ Directory Access Protocol) package. These utilities can access a ++ local or remote LDAP server and contain all the client programs ++ required to access LDAP servers. ++ ++Package: libldap-2.4-2 ++Section: libs ++Architecture: any ++Multi-Arch: same ++Conflicts: ldap-utils (<= 2.1.23-1) ++Pre-Depends: ${misc:Pre-Depends} ++Depends: ${shlibs:Depends}, ${misc:Depends} ++Recommends: libldap-common ++Replaces: libldap2, libldap-2.3-0 ++Description: OpenLDAP libraries ++ These are the run-time libraries for the OpenLDAP (Lightweight Directory ++ Access Protocol) servers and clients. ++ ++Package: libldap-common ++Section: libs ++Architecture: all ++Multi-Arch: foreign ++Depends: ${misc:Depends} ++Replaces: libldap-2.4-2 (<< 2.4.44+dfsg-1) ++Description: OpenLDAP common files for libraries ++ These are common files for the run-time libraries for the OpenLDAP ++ (Lightweight Directory Access Protocol) servers and clients. ++ ++Package: libldap2-dev ++Section: libdevel ++Architecture: any ++Multi-Arch: same ++Conflicts: libldap-dev, libopenldap-dev ++Replaces: libopenldap-dev ++Provides: libldap-dev ++Depends: libldap-2.4-2 (= ${binary:Version}), ${misc:Depends} ++Description: OpenLDAP development libraries ++ This package allows development of LDAP applications using the OpenLDAP ++ libraries. It includes headers, libraries and links to allow static and ++ dynamic linking. ++ ++Package: slapi-dev ++Section: libdevel ++Architecture: any ++Build-Profiles: ++Depends: slapd (= ${binary:Version}), ${misc:Depends} ++Description: development libraries for OpenLDAP SLAPI plugin interface ++ This package allows development of plugins for the OpenLDAP slapd server ++ using the SLAPI interface. It includes the headers and libraries needed ++ to build such plugins. diff --cc debian/copyright index 00000000,00000000..b52383e6 new file mode 100644 --- /dev/null +++ b/debian/copyright @@@ -1,0 -1,0 +1,466 @@@ ++This package was downloaded from: ++ ++ ++ ++The upstream distribution has been repackaged to remove the RFCs and ++Internet-Drafts included in the upstream distribution, since the Internet ++Society license does not meet the Debian Free Software Guidelines. The ++schema files that contain verbatim text from RFCs or Internet-Drafts have ++similarly been removed and are replaced during the package build with ++versions stripped of the literal RFC or Internet-Draft text. ++ ++Copyright: ++ ++Copyright 1998-2016 The OpenLDAP Foundation ++All rights reserved. ++ ++Redistribution and use in source and binary forms, with or without ++modification, are permitted only as authorized by the OpenLDAP ++Public License. ++ ++A copy of this license is available in the file LICENSE in the ++top-level directory of the distribution or, alternatively, at ++. ++ ++OpenLDAP is a registered trademark of the OpenLDAP Foundation. ++ ++Individual files and/or contributed packages may be copyright by ++other parties and/or subject to additional restrictions. ++ ++This work is derived from the University of Michigan LDAP v3.3 ++distribution. Information concerning this software is available ++at . ++ ++This work also contains materials derived from public sources. ++ ++Additional information about OpenLDAP can be obtained at ++. ++ ++--- ++ ++The OpenLDAP Public License ++ Version 2.8, 17 August 2003 ++ ++Redistribution and use of this software and associated documentation ++("Software"), with or without modification, are permitted provided ++that the following conditions are met: ++ ++1. Redistributions in source form must retain copyright statements ++ and notices, ++ ++2. Redistributions in binary form must reproduce applicable copyright ++ statements and notices, this list of conditions, and the following ++ disclaimer in the documentation and/or other materials provided ++ with the distribution, and ++ ++3. Redistributions must contain a verbatim copy of this document. ++ ++The OpenLDAP Foundation may revise this license from time to time. ++Each revision is distinguished by a version number. You may use ++this Software under terms of this license revision or under the ++terms of any subsequent revision of the license. ++ ++THIS SOFTWARE IS PROVIDED BY THE OPENLDAP FOUNDATION AND ITS ++CONTRIBUTORS ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, ++INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY ++AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT ++SHALL THE OPENLDAP FOUNDATION, ITS CONTRIBUTORS, OR THE AUTHOR(S) ++OR OWNER(S) OF THE SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, ++INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, ++BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER ++CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ++LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ++ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ++POSSIBILITY OF SUCH DAMAGE. ++ ++The names of the authors and copyright holders must not be used in ++advertising or otherwise to promote the sale, use or other dealing ++in this Software without specific, written prior permission. Title ++to copyright in this Software shall at all times remain with copyright ++holders. ++ ++--- ++Noted above is that various files can be copyrighted individually. ++The licenses found in the OpenLDAP tree are as follows: ++ ++CRL ++----------------------------------- ++# Copyright 1999 Computing Research Labs, New Mexico State University ++# ++# Permission is hereby granted, free of charge, to any person obtaining a ++# copy of this software and associated documentation files (the "Software"), ++# to deal in the Software without restriction, including without limitation ++# the rights to use, copy, modify, merge, publish, distribute, sublicense, ++# and/or sell copies of the Software, and to permit persons to whom the ++# Software is furnished to do so, subject to the following conditions: ++# ++# The above copyright notice and this permission notice shall be included in ++# all copies or substantial portions of the Software. ++# ++# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR ++# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, ++# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL ++# THE COMPUTING RESEARCH LAB OR NEW MEXICO STATE UNIVERSITY BE LIABLE FOR ANY ++# CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT ++# OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR ++# THE USE OR OTHER DEALINGS IN THE SOFTWARE. ++ ++----------------------------------- ++ ++ ++FSF ++----------------------------------- ++# Copyright (C) 1994, 1995-8, 1999, 2001 Free Software Foundation, Inc. ++# This Makefile.in is free software; the Free Software Foundation ++# gives unlimited permission to copy and/or distribute it, ++# with or without modifications, as long as this notice is preserved. ++ ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY, to the extent permitted by law; without ++# even the implied warranty of MERCHANTABILITY or FITNESS FOR A ++# PARTICULAR PURPOSE. ++ ++----------------------------------- ++ ++ ++HC ++----------------------------------- ++ * Permission is granted to anyone to use this software for any purpose ++ * on any computer system, and to alter it and redistribute it, subject ++ * to the following restrictions: ++ * ++ * 1. The author is not responsible for the consequences of use of this ++ * software, no matter how awful, even if they arise from flaws in it. ++ * ++ * 2. The origin of this software must not be misrepresented, either by ++ * explicit claim or by omission. Since few users ever read sources, ++ * credits should appear in the documentation. ++ * ++ * 3. Altered versions must be plainly marked as such, and must not be ++ * misrepresented as being the original software. Since few users ++ * ever read sources, credits should appear in the ++ * documentation. ++ * ++ * 4. This notice may not be removed or altered. ++ ++----------------------------------- ++ ++ ++IBM ++----------------------------------- ++ * Portions Copyright (c) 1995 by International Business Machines, Inc. ++ * ++ * International Business Machines, Inc. (hereinafter called IBM) grants ++ * permission under its copyrights to use, copy, modify, and distribute this ++ * Software with or without fee, provided that the above copyright notice and ++ * all paragraphs of this notice appear in all copies, and that the name of IBM ++ * not be used in connection with the marketing of any product incorporating ++ * the Software or modifications thereof, without specific, written prior ++ * permission. ++ * ++ * To the extent it has a right to do so, IBM grants an immunity from suit ++ * under its patents, if any, for the use, sale or manufacture of products to ++ * the extent that such products are used for performing Domain Name System ++ * dynamic updates in TCP/IP networks by means of the Software. No immunity is ++ * granted for any product per se or for any other function of any product. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES, ++ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A ++ * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL, ++ * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING ++ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN ++ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. ++ ++----------------------------------- ++ ++ ++IS ++----------------------------------- ++# Full Copyright Statement ++# ++# Copyright (C) The Internet Society (1999). All Rights Reserved. ++# ++# This document and translations of it may be copied and furnished to ++# others, and derivative works that comment on or otherwise explain it ++# or assist in its implementation may be prepared, copied, published ++# and distributed, in whole or in part, without restriction of any ++# kind, provided that the above copyright notice and this paragraph are ++# included on all such copies and derivative works. However, this ++# document itself may not be modified in any way, such as by removing ++# the copyright notice or references to the Internet Society or other ++# Internet organizations, except as needed for the purpose of ++# developing Internet standards in which case the procedures for ++# copyrights defined in the Internet Standards process must be ++# followed, or as required to translate it into languages other than ++# English. ++# ++# The limited permissions granted above are perpetual and will not be ++# revoked by the Internet Society or its successors or assigns. ++# ++# This document and the information contained herein is provided on an ++# "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING ++# TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ++# BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION ++# HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF ++# MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. ++ ++This license was present in the copies of several schema files and one ++LDIF file as distributed upstream. The relevant content has been removed ++except where it is purely functional (descriptions of an LDAP schema). ++The copyright notice has been retained with a clarifying comment. The ++provisions in the above license that prohibit modification therefore ++should no longer apply to any files distributed with the Debian package. ++ ++Several files in libraries/libldap also reference this license as the ++copyright on ABNF sequences embedded as comments in those files. These ++too are purely functional interface specifications distributed as part of ++the LDAP protocol standard and do not contain creative work such as ++free-form text. ++----------------------------------- ++ ++ ++ISC ++----------------------------------- ++ * Copyright (c) 1996, 1998 by Internet Software Consortium. ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS ++ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES ++ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE ++ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL ++ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR ++ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ++ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS ++ * SOFTWARE. ++ ++----------------------------------- ++ ++ ++JC ++----------------------------------- ++ * This software is not subject to any license of Silicon Graphics ++ * Inc. or Purdue University. ++ * ++ * Redistribution and use in source and binary forms are permitted ++ * without restriction or fee of any kind as long as this notice ++ * is preserved. ++ ++The following is additional information from Juan C. Gomez on how ++this license is to be interpreted: ++----- ++Local-Date: Fri, 06 Jun 2003 13:18:52 -0400 ++Date: Fri, 6 Jun 2003 10:18:52 -0700 ++From: Juan Gomez ++To: Stephen Frost ++X-Mailer: Lotus Notes Release 5.0.2a (Intl) 23 November 1999 ++Subject: Re: Juan C. Gomez license in OpenLDAP Source ++ ++Stephen, ++ ++"There is no restriction on modifications and derived works" on the work I ++did for the openldap server as long as this is consistent with the openldap ++license. Please forward this email to Kurt so he does the appropriate ++changes to the files to reflect this. ++ ++ ++Regards, Juan ++----------------------------------- ++ ++ ++MA ++----------------------------------- ++ * Copyright (c) 2000, Mark Adamson, Carnegie Mellon. All rights reserved. ++ * This software is not subject to any license of Carnegie Mellon University. ++ * ++ * Redistribution and use in source and binary forms are permitted without ++ * restriction or fee of any kind as long as this notice is preserved. ++ * ++ * The name "Carnegie Mellon" must not be used to endorse or promote ++ * products derived from this software without prior written permission. ++ ++The following is additional information from Mark Adamson on how this license ++is to be interpreted: ++------ ++Local-Date: Thu, 05 Jun 2003 16:53:32 -0400 ++Date: Thu, 5 Jun 2003 16:53:32 -0400 (EDT) ++From: Mark Adamson ++To: Stephen Frost ++Subject: Re: Mark Adamson license in OpenLDAP source ++ ++Hi Stephen, ++ ++ I don't see how this conflicts with the Debian FSG. The first statement ++in the copyright pertaining to CMU say only that we don't license out the ++software. The second mention denies the right to say things like, ++"Now! Powered by software from Carnegie Mellon!" There is no restriction ++on modifications and derived works. ++ ++-Mark ++------ ++----------------------------------- ++ ++ ++MIT ++----------------------------------- ++# Copyright 1991 by the Massachusetts Institute of Technology ++# ++# Permission to use, copy, modify, distribute, and sell this software and its ++# documentation for any purpose is hereby granted without fee, provided that ++# the above copyright notice appear in all copies and that both that ++# copyright notice and this permission notice appear in supporting ++# documentation, and that the name of M.I.T. not be used in advertising or ++# publicity pertaining to distribution of the software without specific, ++# written prior permission. M.I.T. makes no representations about the ++# suitability of this software for any purpose. It is provided "as is" ++# without express or implied warranty. ++ ++----------------------------------- ++ ++ ++OL2 ++----------------------------------- ++Copyright 1999-2001 The OpenLDAP Foundation, Redwood City, ++California, USA. All Rights Reserved. Permission to copy and ++distribute verbatim copies of this document is granted. ++----------------------------------- ++ ++ ++PM ++----------------------------------- ++ * Copyright (C) 2000 Pierangelo Masarati, ++ * All rights reserved. ++ * ++ * Permission is granted to anyone to use this software for any purpose ++ * on any computer system, and to alter it and redistribute it, subject ++ * to the following restrictions: ++ * ++ * 1. The author is not responsible for the consequences of use of this ++ * software, no matter how awful, even if they arise from flaws in it. ++ * ++ * 2. The origin of this software must not be misrepresented, either by ++ * explicit claim or by omission. Since few users ever read sources, ++ * credits should appear in the documentation. ++ * ++ * 3. Altered versions must be plainly marked as such, and must not be ++ * misrepresented as being the original software. Since few users ++ * ever read sources, credits should appear in the documentation. ++ * ++ * 4. This notice may not be removed or altered. ++ * ++----------------------------------- ++ ++ ++PM2 ++----------------------------------- ++ * Redistribution and use in source and binary forms are permitted only ++ * as authorized by the OpenLDAP Public License. A copy of this ++ * license is available at http://www.OpenLDAP.org/license.html or ++ * in file LICENSE in the top-level directory of the distribution. ++----------------------------------- ++ ++ ++UoC ++----------------------------------- ++ * Redistribution and use in source and binary forms are permitted ++ * provided that the above copyright notice and this paragraph are ++ * duplicated in all such forms and that any documentation, ++ * advertising materials, and other materials related to such ++ * distribution and use acknowledge that the software was developed ++ * by the University of California, Berkeley. The name of the ++ * University may not be used to endorse or promote products derived ++ * from this software without specific prior written permission. ++ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR ++ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED ++ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. ++ ++NOTE: The Regents have since retroactively removed the advertising ++clause from above. ++ ++----------------------------------- ++ ++ ++UoC2 ++----------------------------------- ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * 3. All advertising materials mentioning features or use of this software ++ * must display the following acknowledgement: ++ * This product includes software developed by the University of ++ * California, Berkeley and its contributors. ++ * 4. Neither the name of the University nor the names of its contributors ++ * may be used to endorse or promote products derived from this software ++ * without specific prior written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND ++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ++ * SUCH DAMAGE. ++ ++NOTE: The Regents have since retroactively removed the advertising ++clause from above. ++See: ++ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change ++ ++----------------------------------- ++ ++ ++UoM ++----------------------------------- ++ * Redistribution and use in source and binary forms are permitted ++ * provided that this notice is preserved and that due credit is given ++ * to the University of Michigan at Ann Arbor. The name of the University ++ * may not be used to endorse or promote products derived from this ++ * software without specific prior written permission. This software ++ * is provided ``as is'' without express or implied warranty. ++--- ++After discussing this license with the OpenLDAP Foundation we received ++clarification on it: ++--- ++ ++ * To: Stephen Frost ++ * Subject: Re: OpenLDAP Licenseing issues ++ * From: "Kurt D. Zeilenga" ++ * Date: Wed, 28 May 2003 10:55:44 -0700 ++ * Cc: Steve Langasek ,debian-legal@lists.debian.org, openldap-devel@OpenLDAP.org ++ * In-reply-to: <20030528162613.GB8524@ns.snowman.net> ++ * Message-id: <5.2.0.9.0.20030528094229.02924780@127.0.0.1> ++ * Old-return-path: ++ ++Steven, ++ ++The OpenLDAP Foundation believes it the Regents' statement grants a ++license to redistribute derived works and is confident that the University, ++who is quite aware of our actions (as they actively participate in them), ++does not consider our actions to infringe on their rights. You are ++welcomed to your opinions. I suggest, however, that before you rely ++on your or other people's opinions (including ours), that you consult ++with a lawyer familiar with applicable law and the particulars of your ++situation. ++ ++The Foundation sees no reason for it to expend its limited resources ++seeking clarifications which it believes are unnecessary. You are, ++of course, welcomed to expend time and energy seeking clarifications ++you think are necessary. I suggest you contact University's general ++counsel office (http://www.umich.edu/~vpgc/). ++ ++Regards, Kurt ++----------------------------------- ++ ++ diff --cc debian/dh_installscripts-common index 00000000,00000000..9936b4f4 new file mode 100755 --- /dev/null +++ b/debian/dh_installscripts-common @@@ -1,0 -1,0 +1,22 @@@ ++#!/usr/bin/perl -w ++ ++use strict; ++use Debian::Debhelper::Dh_Lib; ++ ++init(); ++ ++foreach my $package (@{$dh{DOPACKAGES}}) { ++ my $tmp=tmpdir($package); ++ my $ext=pkgext($package); ++ ++ if (! -d "$tmp/DEBIAN") { ++ next; ++ } ++ ++ foreach my $file (qw{postinst preinst prerm postrm config}) { ++ my $f="$tmp/DEBIAN/$file"; ++ if ($f) { ++ complex_doit("perl -pe 's~#SCRIPTSCOMMON#~qx{cat debian/${ext}scripts-common}~eg' -i $f"); ++ } ++ } ++} diff --cc debian/gbp.conf index 00000000,00000000..8b9fbcfd new file mode 100644 --- /dev/null +++ b/debian/gbp.conf @@@ -1,0 -1,0 +1,6 @@@ ++[DEFAULT] ++debian-branch = master ++upstream-branch = upstream ++debian-tag = %(version)s ++upstream-tag = upstream/%(version)s ++pristine-tar = True diff --cc debian/ldap-utils.README.Debian index 00000000,00000000..83e979ad new file mode 100644 --- /dev/null +++ b/debian/ldap-utils.README.Debian @@@ -1,0 -1,0 +1,5 @@@ ++If you want to play with shell and ldapsearch output, be sure your dn ++entries are one per line. A perl script could be: ++ ++ ldapsearch ... | perl -p -0040 -e 's/\n //' ++ diff --cc debian/ldap-utils.dirs index 00000000,00000000..a65408f7 new file mode 100644 --- /dev/null +++ b/debian/ldap-utils.dirs @@@ -1,0 -1,0 +1,2 @@@ ++usr/bin ++usr/share/man diff --cc debian/ldap-utils.install index 00000000,00000000..7a0238ae new file mode 100644 --- /dev/null +++ b/debian/ldap-utils.install @@@ -1,0 -1,0 +1,10 @@@ ++debian/tmp/usr/bin/ldapadd usr/bin ++debian/tmp/usr/bin/ldapdelete usr/bin ++debian/tmp/usr/bin/ldapmodrdn usr/bin ++debian/tmp/usr/bin/ldapsearch usr/bin ++debian/tmp/usr/bin/ldapcompare usr/bin ++debian/tmp/usr/bin/ldapmodify usr/bin ++debian/tmp/usr/bin/ldappasswd usr/bin ++debian/tmp/usr/bin/ldapwhoami usr/bin ++debian/tmp/usr/bin/ldapexop usr/bin ++debian/tmp/usr/bin/ldapurl usr/bin diff --cc debian/ldap-utils.manpages index 00000000,00000000..b7778fe1 new file mode 100644 --- /dev/null +++ b/debian/ldap-utils.manpages @@@ -1,0 -1,0 +1,11 @@@ ++debian/tmp/usr/share/man/man1/ldapcompare.1 ++debian/tmp/usr/share/man/man1/ldapdelete.1 ++debian/tmp/usr/share/man/man1/ldapexop.1 ++debian/tmp/usr/share/man/man1/ldapmodify.1 ++debian/tmp/usr/share/man/man1/ldapmodrdn.1 ++debian/tmp/usr/share/man/man1/ldappasswd.1 ++debian/tmp/usr/share/man/man1/ldapsearch.1 ++debian/tmp/usr/share/man/man1/ldapwhoami.1 ++debian/tmp/usr/share/man/man1/ldapurl.1 ++debian/tmp/usr/share/man/man1/ldapadd.1 ++debian/tmp/usr/share/man/man5/ldif.5 diff --cc debian/ldiftopasswd index 00000000,00000000..543bdd57 new file mode 100755 --- /dev/null +++ b/debian/ldiftopasswd @@@ -1,0 -1,0 +1,174 @@@ ++#!/usr/bin/perl -w ++# ++# ++# Comments on usage from the email we received: ++# I showed a friend the following script. He said I should submit it for ++# inclusion in openldap, because it might useful for others. ++# ++# The attached perl script, when used like ++# ++# ldapsearch | ldiftopasswd ++# ++# will automatically: ++# ++# 1. create /etc/passwd, /etc/shadow, /etc/group, and /etc/gshadow ++# ++# 2. append /etc/passwd.top, /etc/shadow.top, /etc/group.top, and /etc/gshadow.top to respective files. ++# ++# 3. use data from ldap to create the files (note: gshadow isn't really ++# supported, because I don't use it, nor could I find any ++# documentation. Adding support for other files should be easy). ++# ++# (of course you need access to all fields including the password field ++# for this, so use correct parameters to ldapsearch). ++# ++# This could be useful for instance on laptop computers where you don't ++# want to run a slave slapd server for some reason (perhaps memory ++# constraints). ++# ---------------------------------------- ++use strict; ++use Getopt::Long; ++use MIME::Base64; ++use IO::File; ++ ++my $passwdfile="/etc/passwd"; ++my $shadowfile="/etc/shadow"; ++my $groupfile="/etc/group"; ++my $gshadowfile="/etc/gshadow"; ++my $help; ++GetOptions ( ++ '--passwd=s',\$passwdfile, ++ '--shadow=s',\$shadowfile, ++ '--group=s',\$groupfile, ++ '--gshadow=s',\$gshadowfile, ++ '--help',\$help, ++ ) or die "Bad options\n"; ++ ++if ($help or $#ARGV != -1) { ++ print STDERR "usage: $0 [etcfile=filename] [--help]\n"; ++ exit 255; ++} ++ ++sub start_file($) { ++ my ($file) = @_; ++ my $outhandle = new IO::File; ++ $outhandle->open(">$file") or die "Cannot open $file for writing"; ++ ++ open(TMP,"<$file.top") or die "cannot open $file.top for reading"; ++ while () { $outhandle->print($_); } ++ close(TMP) or die "cannot close $file for reading"; ++ ++ return($outhandle); ++} ++ ++my $PASSWD = start_file($passwdfile); ++my $SHADOW = start_file($shadowfile); ++my $GROUP = start_file($groupfile); ++my $GSHADOW = start_file($gshadowfile); ++ ++sub dopasswd($) { ++ my ($record) = @_; ++ my $userPassword="*"; ++ ++ $PASSWD->print( ++ $record->{"uid"},":", ++ "x",":", ++ $record->{"uidNumber"},":", ++ $record->{"gidNumber"},":", ++ $record->{"gecos"},":", ++ $record->{"homeDirectory"},":", ++ $record->{"loginShell"},"\n"); ++ ++ if (defined($record->{"userPassword"}) && ++ $record->{"userPassword"} =~ /^{(crypt)}(.*)$/) ++ { $userPassword = $2; } ++ ++ $SHADOW->print( ++ $record->{"uid"},":", ++ $userPassword,":", ++ $record->{"shadowLastChange"} || "10706",":", ++ $record->{"shadowMin"} || "0",":", ++ $record->{"shadowMax"} || "99999",":", ++ $record->{"shadowWarning"} || "7",":", ++ $record->{"shadowInactive"} || "",":", ++ $record->{"shadowExpire"} || "",":", ++ "","\n"); ++} ++ ++sub dogroup($) { ++ my ($record) = @_; ++ my $userPassword="*"; ++ ++ my $members=""; ++ if (defined($record->{"memberUid"})) { ++ $members = join(",",@{$record->{"memberUid"}}); ++ } ++ ++ $GROUP->print( ++ $record->{"cn"},":", ++ "x",":", ++ $record->{"gidNumber"},":", ++ $members,"\n"); ++ ++ if (defined($record->{"userPassword"}) && ++ $record->{"userPassword"} =~ /^{(crypt)}(.*)$/) ++ { $userPassword = $2; } ++ ++# !FIXME! ++# $GSHADOW->print ++# $record->{"cn"},":", ++# "*",":", ++# "",":", ++# "","\n"; ++} ++ ++ ++my %record; ++my $user=0; ++my $group=0; ++ ++while (<>) { ++ if (/^$/) { ++ if ($user) { ++ dopasswd(\%record); ++ } ++ if ($group) { ++ dogroup(\%record); ++ } ++ ++ $user = $group = 0; ++ %record=(); ++ } ++ elsif (/^objectClass: posixAccount$/) { ++ $user = 1; ++ } ++ elsif (/^objectClass: posixGroup$/) { ++ $group = 1; ++ } ++ elsif (/^(uid|uidNumber|gidNumber|gecos|homeDirectory|loginShell): (.*)$/) { ++ if (!defined($record{$1})) { $record{$1} = $2; } ++ } ++ elsif (/^(userPassword|shadowLastChange|shadowMin|shadowMax|shadowWarning|shadowInactive|shadowExpire): (.*)$/) { ++ if (!defined($record{$1})) { $record{$1} = $2; } ++ } ++ elsif (/^(cn): (.*)$/) { ++ if (!defined($record{$1})) { $record{$1} = $2; } ++ } ++ elsif (/^(uniqueMember): (.*)$/) { ++ push @{$record{$1}},$2; ++ if ($2 =~ /uid=([a-zA-Z]*),/) { ++ push @{$record{"memberUid"}},$1; ++ } ++ } ++ elsif (/^(memberUid): (.*)$/) { ++ push @{$record{$1}},$2; ++ } ++ elsif (/^(userPassword):: (.*)$/) { ++ $record{$1} = decode_base64($2); ++ } ++} ++ ++$PASSWD->close or die "Cannot close $passwdfile for writing"; ++$SHADOW->close or die "Cannot close $shadowfile for writing"; ++$GROUP->close or die "Cannot close $groupfile for writing"; ++$GSHADOW->close or die "Cannot close $gshadowfile for writing"; diff --cc debian/libldap-2.4-2.README.Debian index 00000000,00000000..151703c5 new file mode 100644 --- /dev/null +++ b/debian/libldap-2.4-2.README.Debian @@@ -1,0 -1,0 +1,22 @@@ ++Notes about Debian's libldap2 package ++------------------------------------- ++ ++It has been reported that using libnss-ldap can cause a failure to ++unmount /usr on system shutdown. The reason is that the nss module ++uses libldap from /usr and is used by the shell in the system ++scripts executed on shutdown/reboot. ++ ++More precisely bash uses the getpwuid function to get the data of ++the current user which pulls in the nss modules which includes ++the ldap libraries if you are using that module. ++ ++Possible solutions to this problem are: ++ ++a) use another shell that does not utilize getpwuid for getting info ++ about the current user (take dash for example). ++b) make sure that the nsswitch.conf is replaced by a version which does ++ not mention ldap before the system is shut down (and have a startup ++ script that installs the "full" version of that file). ++c) move the libraries to /lib (not recommended). ++ ++ -- Torsten Landschoff Mon, 30 Sep 2002 11:06:22 +0200 diff --cc debian/libldap-2.4-2.install index 00000000,00000000..35b0d969 new file mode 100644 --- /dev/null +++ b/debian/libldap-2.4-2.install @@@ -1,0 -1,0 +1,4 @@@ ++usr/lib/*/liblber-2.4.so.2 ++usr/lib/*/liblber-2.4.so.2.*.* ++usr/lib/*/libldap_r-2.4.so.2 ++usr/lib/*/libldap_r-2.4.so.2.*.* diff --cc debian/libldap-2.4-2.links.in index 00000000,00000000..c81df266 new file mode 100644 --- /dev/null +++ b/debian/libldap-2.4-2.links.in @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/${DEB_HOST_MULTIARCH}/libldap_r-2.4.so.2 usr/lib/${DEB_HOST_MULTIARCH}/libldap-2.4.so.2 diff --cc debian/libldap-2.4-2.lintian-overrides index 00000000,00000000..f5baab4d new file mode 100644 --- /dev/null +++ b/debian/libldap-2.4-2.lintian-overrides @@@ -1,0 -1,0 +1,4 @@@ ++libldap-2.4-2: package-name-doesnt-match-sonames liblber-2.4-2 libldap-r-2.4-2 ++# #687022 ++libldap-2.4-2: dev-pkg-without-shlib-symlink */liblber-2.4.so.* * ++libldap-2.4-2: dev-pkg-without-shlib-symlink */libldap_r-2.4.so.* * diff --cc debian/libldap-2.4-2.shlibs index 00000000,00000000..13fdedb3 new file mode 100644 --- /dev/null +++ b/debian/libldap-2.4-2.shlibs @@@ -1,0 -1,0 +1,9 @@@ ++# While only libldap_r is packaged, the client programs are linked ++# against libldap during build. This is here just to satisfy ++# dpkg-shlibdeps for ldap-utils: libldap is not around when ++# dpkg-gensymbols runs, so it's not listed in the symbols file. A better ++# long-term workaround will be to patch the upstream build system so the ++# client programs are linked against libldap_r. ++liblber-2.4 2 libldap-2.4-2 (>= 2.4.7) ++libldap-2.4 2 libldap-2.4-2 (>= 2.4.7) ++libldap_r-2.4 2 libldap-2.4-2 (>= 2.4.7) diff --cc debian/libldap-2.4-2.symbols index 00000000,00000000..1c89a2e7 new file mode 100644 --- /dev/null +++ b/debian/libldap-2.4-2.symbols @@@ -1,0 -1,0 +1,647 @@@ ++liblber-2.4.so.2 libldap-2.4-2 #MINVER# ++ OPENLDAP_2.4_2@OPENLDAP_2.4_2 2.4.7 ++ ber_alloc@OPENLDAP_2.4_2 2.4.7 ++ ber_alloc_t@OPENLDAP_2.4_2 2.4.7 ++ ber_bprint@OPENLDAP_2.4_2 2.4.7 ++ ber_bvarray_add@OPENLDAP_2.4_2 2.4.7 ++ ber_bvarray_add_x@OPENLDAP_2.4_2 2.4.7 ++ ber_bvarray_dup_x@OPENLDAP_2.4_2 2.4.7 ++ ber_bvarray_free@OPENLDAP_2.4_2 2.4.7 ++ ber_bvarray_free_x@OPENLDAP_2.4_2 2.4.7 ++ ber_bvdup@OPENLDAP_2.4_2 2.4.7 ++ ber_bvecadd@OPENLDAP_2.4_2 2.4.7 ++ ber_bvecadd_x@OPENLDAP_2.4_2 2.4.7 ++ ber_bvecfree@OPENLDAP_2.4_2 2.4.7 ++ ber_bvecfree_x@OPENLDAP_2.4_2 2.4.7 ++ ber_bvfree@OPENLDAP_2.4_2 2.4.7 ++ ber_bvfree_x@OPENLDAP_2.4_2 2.4.7 ++ ber_bvreplace@OPENLDAP_2.4_2 2.4.7 ++ ber_bvreplace_x@OPENLDAP_2.4_2 2.4.7 ++ ber_decode_oid@OPENLDAP_2.4_2 2.4.7 ++ ber_dump@OPENLDAP_2.4_2 2.4.7 ++ ber_dup@OPENLDAP_2.4_2 2.4.7 ++ ber_dupbv@OPENLDAP_2.4_2 2.4.7 ++ ber_dupbv_x@OPENLDAP_2.4_2 2.4.7 ++ ber_encode_oid@OPENLDAP_2.4_2 2.4.7 ++ ber_errno_addr@OPENLDAP_2.4_2 2.4.7 ++ ber_error_print@OPENLDAP_2.4_2 2.4.7 ++ ber_first_element@OPENLDAP_2.4_2 2.4.7 ++ ber_flatten2@OPENLDAP_2.4_2 2.4.7 ++ ber_flatten@OPENLDAP_2.4_2 2.4.7 ++ ber_flush2@OPENLDAP_2.4_2 2.4.7 ++ ber_flush@OPENLDAP_2.4_2 2.4.7 ++ ber_free@OPENLDAP_2.4_2 2.4.7 ++ ber_free_buf@OPENLDAP_2.4_2 2.4.7 ++ ber_get_bitstringa@OPENLDAP_2.4_2 2.4.7 ++ ber_get_boolean@OPENLDAP_2.4_2 2.4.7 ++ ber_get_enum@OPENLDAP_2.4_2 2.4.7 ++ ber_get_int@OPENLDAP_2.4_2 2.4.7 ++ ber_get_next@OPENLDAP_2.4_2 2.4.7 ++ ber_get_null@OPENLDAP_2.4_2 2.4.7 ++ ber_get_option@OPENLDAP_2.4_2 2.4.7 ++ ber_get_stringa@OPENLDAP_2.4_2 2.4.7 ++ ber_get_stringa_null@OPENLDAP_2.4_2 2.4.7 ++ ber_get_stringal@OPENLDAP_2.4_2 2.4.7 ++ ber_get_stringb@OPENLDAP_2.4_2 2.4.7 ++ ber_get_stringbv@OPENLDAP_2.4_2 2.4.7 ++ ber_get_stringbv_null@OPENLDAP_2.4_2 2.4.7 ++ ber_get_tag@OPENLDAP_2.4_2 2.4.7 ++ ber_init2@OPENLDAP_2.4_2 2.4.7 ++ ber_init@OPENLDAP_2.4_2 2.4.7 ++ ber_init_w_nullc@OPENLDAP_2.4_2 2.4.7 ++ ber_int_errno_fn@OPENLDAP_2.4_2 2.4.7 ++ ber_int_log_proc@OPENLDAP_2.4_2 2.4.7 ++ ber_int_memory_fns@OPENLDAP_2.4_2 2.4.7 ++ ber_int_options@OPENLDAP_2.4_2 2.4.7 ++ ber_int_sb_close@OPENLDAP_2.4_2 2.4.7 ++ ber_int_sb_destroy@OPENLDAP_2.4_2 2.4.7 ++ ber_int_sb_init@OPENLDAP_2.4_2 2.4.7 ++ ber_int_sb_read@OPENLDAP_2.4_2 2.4.7 ++ ber_int_sb_write@OPENLDAP_2.4_2 2.4.7 ++ ber_len@OPENLDAP_2.4_2 2.4.7 ++ ber_log_bprint@OPENLDAP_2.4_2 2.4.7 ++ ber_log_dump@OPENLDAP_2.4_2 2.4.7 ++ ber_log_sos_dump@OPENLDAP_2.4_2 2.4.7 ++ ber_mem2bv@OPENLDAP_2.4_2 2.4.7 ++ ber_mem2bv_x@OPENLDAP_2.4_2 2.4.7 ++ ber_memalloc@OPENLDAP_2.4_2 2.4.7 ++ ber_memalloc_x@OPENLDAP_2.4_2 2.4.7 ++ ber_memcalloc@OPENLDAP_2.4_2 2.4.7 ++ ber_memcalloc_x@OPENLDAP_2.4_2 2.4.7 ++ ber_memfree@OPENLDAP_2.4_2 2.4.7 ++ ber_memfree_x@OPENLDAP_2.4_2 2.4.7 ++ ber_memrealloc@OPENLDAP_2.4_2 2.4.7 ++ ber_memrealloc_x@OPENLDAP_2.4_2 2.4.7 ++ ber_memvfree@OPENLDAP_2.4_2 2.4.7 ++ ber_memvfree_x@OPENLDAP_2.4_2 2.4.7 ++ ber_next_element@OPENLDAP_2.4_2 2.4.7 ++ ber_peek_element@OPENLDAP_2.4_2 2.4.21 ++ ber_peek_tag@OPENLDAP_2.4_2 2.4.7 ++ ber_printf@OPENLDAP_2.4_2 2.4.7 ++ ber_ptrlen@OPENLDAP_2.4_2 2.4.7 ++ ber_put_berval@OPENLDAP_2.4_2 2.4.7 ++ ber_put_bitstring@OPENLDAP_2.4_2 2.4.7 ++ ber_put_boolean@OPENLDAP_2.4_2 2.4.7 ++ ber_put_enum@OPENLDAP_2.4_2 2.4.7 ++ ber_put_int@OPENLDAP_2.4_2 2.4.7 ++ ber_put_null@OPENLDAP_2.4_2 2.4.7 ++ ber_put_ostring@OPENLDAP_2.4_2 2.4.7 ++ ber_put_seq@OPENLDAP_2.4_2 2.4.7 ++ ber_put_set@OPENLDAP_2.4_2 2.4.7 ++ ber_put_string@OPENLDAP_2.4_2 2.4.7 ++ ber_pvt_err_file@OPENLDAP_2.4_2 2.4.7 ++ ber_pvt_log_output@OPENLDAP_2.4_2 2.4.7 ++ ber_pvt_log_print@OPENLDAP_2.4_2 2.4.7 ++ ber_pvt_log_printf@OPENLDAP_2.4_2 2.4.7 ++ ber_pvt_opt_on@OPENLDAP_2.4_2 2.4.7 ++ ber_pvt_sb_buf_destroy@OPENLDAP_2.4_2 2.4.7 ++ ber_pvt_sb_buf_init@OPENLDAP_2.4_2 2.4.7 ++ ber_pvt_sb_copy_out@OPENLDAP_2.4_2 2.4.7 ++ ber_pvt_sb_do_write@OPENLDAP_2.4_2 2.4.7 ++ ber_pvt_sb_grow_buffer@OPENLDAP_2.4_2 2.4.7 ++ ber_pvt_socket_set_nonblock@OPENLDAP_2.4_2 2.4.7 ++ ber_read@OPENLDAP_2.4_2 2.4.7 ++ ber_realloc@OPENLDAP_2.4_2 2.4.7 ++ ber_remaining@OPENLDAP_2.4_2 2.4.7 ++ ber_reset@OPENLDAP_2.4_2 2.4.7 ++ ber_rewind@OPENLDAP_2.4_2 2.4.7 ++ ber_scanf@OPENLDAP_2.4_2 2.4.7 ++ ber_set_option@OPENLDAP_2.4_2 2.4.7 ++ ber_skip_data@OPENLDAP_2.4_2 2.4.7 ++ ber_skip_element@OPENLDAP_2.4_2 2.4.21 ++ ber_skip_tag@OPENLDAP_2.4_2 2.4.7 ++ ber_sockbuf_add_io@OPENLDAP_2.4_2 2.4.7 ++ ber_sockbuf_alloc@OPENLDAP_2.4_2 2.4.7 ++ ber_sockbuf_ctrl@OPENLDAP_2.4_2 2.4.7 ++ ber_sockbuf_free@OPENLDAP_2.4_2 2.4.7 ++ ber_sockbuf_io_debug@OPENLDAP_2.4_2 2.4.7 ++ ber_sockbuf_io_fd@OPENLDAP_2.4_2 2.4.7 ++ ber_sockbuf_io_readahead@OPENLDAP_2.4_2 2.4.7 ++ ber_sockbuf_io_tcp@OPENLDAP_2.4_2 2.4.7 ++ ber_sockbuf_remove_io@OPENLDAP_2.4_2 2.4.7 ++ ber_sos_dump@OPENLDAP_2.4_2 2.4.7 ++ ber_start@OPENLDAP_2.4_2 2.4.7 ++ ber_start_seq@OPENLDAP_2.4_2 2.4.7 ++ ber_start_set@OPENLDAP_2.4_2 2.4.7 ++ ber_str2bv@OPENLDAP_2.4_2 2.4.7 ++ ber_str2bv_x@OPENLDAP_2.4_2 2.4.7 ++ ber_strdup@OPENLDAP_2.4_2 2.4.7 ++ ber_strdup_x@OPENLDAP_2.4_2 2.4.7 ++ ber_strndup@OPENLDAP_2.4_2 2.4.7 ++ ber_strndup_x@OPENLDAP_2.4_2 2.4.7 ++ ber_strnlen@OPENLDAP_2.4_2 2.4.17 ++ ber_write@OPENLDAP_2.4_2 2.4.7 ++ der_alloc@OPENLDAP_2.4_2 2.4.7 ++ lutil_debug@OPENLDAP_2.4_2 2.4.7 ++ lutil_debug_file@OPENLDAP_2.4_2 2.4.7 ++libldap_r-2.4.so.2 libldap-2.4-2 #MINVER# ++ OPENLDAP_2.4_2@OPENLDAP_2.4_2 2.4.7 ++ ldap_X509dn2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_abandon@OPENLDAP_2.4_2 2.4.7 ++ ldap_abandon_ext@OPENLDAP_2.4_2 2.4.7 ++ ldap_add@OPENLDAP_2.4_2 2.4.7 ++ ldap_add_ext@OPENLDAP_2.4_2 2.4.7 ++ ldap_add_ext_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_add_result_entry@OPENLDAP_2.4_2 2.4.7 ++ ldap_add_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_alloc_ber_with_options@OPENLDAP_2.4_2 2.4.7 ++ ldap_append_referral@OPENLDAP_2.4_2 2.4.7 ++ ldap_attributetype2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_attributetype2name@OPENLDAP_2.4_2 2.4.7 ++ ldap_attributetype2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_attributetype_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_bind@OPENLDAP_2.4_2 2.4.7 ++ ldap_bind_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_build_add_req@OPENLDAP_2.4_2 2.4.43 ++ ldap_build_bind_req@OPENLDAP_2.4_2 2.4.43 ++ ldap_build_compare_req@OPENLDAP_2.4_2 2.4.43 ++ ldap_build_delete_req@OPENLDAP_2.4_2 2.4.43 ++ ldap_build_extended_req@OPENLDAP_2.4_2 2.4.43 ++ ldap_build_moddn_req@OPENLDAP_2.4_2 2.4.43 ++ ldap_build_modify_req@OPENLDAP_2.4_2 2.4.43 ++ ldap_build_search_req@OPENLDAP_2.4_2 2.4.7 ++ ldap_bv2dn@OPENLDAP_2.4_2 2.4.7 ++ ldap_bv2dn_x@OPENLDAP_2.4_2 2.4.7 ++ ldap_bv2escaped_filter_value@OPENLDAP_2.4_2 2.4.7 ++ ldap_bv2escaped_filter_value_len@OPENLDAP_2.4_2 2.4.7 ++ ldap_bv2escaped_filter_value_x@OPENLDAP_2.4_2 2.4.7 ++ ldap_bv2rdn@OPENLDAP_2.4_2 2.4.7 ++ ldap_bv2rdn_x@OPENLDAP_2.4_2 2.4.7 ++ ldap_cancel@OPENLDAP_2.4_2 2.4.7 ++ ldap_cancel_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_charray2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_charray_add@OPENLDAP_2.4_2 2.4.7 ++ ldap_charray_dup@OPENLDAP_2.4_2 2.4.7 ++ ldap_charray_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_charray_inlist@OPENLDAP_2.4_2 2.4.7 ++ ldap_charray_merge@OPENLDAP_2.4_2 2.4.7 ++ ldap_chase_referrals@OPENLDAP_2.4_2 2.4.7 ++ ldap_chase_v3referrals@OPENLDAP_2.4_2 2.4.7 ++ ldap_clear_select_write@OPENLDAP_2.4_2 2.4.31 ++ ldap_compare@OPENLDAP_2.4_2 2.4.7 ++ ldap_compare_ext@OPENLDAP_2.4_2 2.4.7 ++ ldap_compare_ext_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_compare_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_connect_to_host@OPENLDAP_2.4_2 2.4.7 ++ ldap_connect_to_path@OPENLDAP_2.4_2 2.4.7 ++ ldap_contentrule2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_contentrule2name@OPENLDAP_2.4_2 2.4.7 ++ ldap_contentrule2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_contentrule_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_control_create@OPENLDAP_2.4_2 2.4.7 ++ ldap_control_dup@OPENLDAP_2.4_2 2.4.7 ++ ldap_control_find@OPENLDAP_2.4_2 2.4.7 ++ ldap_control_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_controls_dup@OPENLDAP_2.4_2 2.4.7 ++ ldap_controls_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_count_entries@OPENLDAP_2.4_2 2.4.7 ++ ldap_count_messages@OPENLDAP_2.4_2 2.4.7 ++ ldap_count_references@OPENLDAP_2.4_2 2.4.7 ++ ldap_count_values@OPENLDAP_2.4_2 2.4.7 ++ ldap_count_values_len@OPENLDAP_2.4_2 2.4.7 ++ ldap_create@OPENLDAP_2.4_2 2.4.7 ++ ldap_create_assertion_control@OPENLDAP_2.4_2 2.4.11 ++ ldap_create_assertion_control_value@OPENLDAP_2.4_2 2.4.11 ++ ldap_create_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_create_deref_control@OPENLDAP_2.4_2 2.4.15 ++ ldap_create_deref_control_value@OPENLDAP_2.4_2 2.4.15 ++ ldap_create_page_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_create_page_control_value@OPENLDAP_2.4_2 2.4.7 ++ ldap_create_passwordpolicy_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_create_session_tracking_control@OPENLDAP_2.4_2 2.4.28 ++ ldap_create_session_tracking_value@OPENLDAP_2.4_2 2.4.28 ++ ldap_create_sort_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_create_sort_control_value@OPENLDAP_2.4_2 2.4.7 ++ ldap_create_sort_keylist@OPENLDAP_2.4_2 2.4.7 ++ ldap_create_vlv_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_create_vlv_control_value@OPENLDAP_2.4_2 2.4.7 ++ ldap_dcedn2dn@OPENLDAP_2.4_2 2.4.7 ++ ldap_delete@OPENLDAP_2.4_2 2.4.7 ++ ldap_delete_ext@OPENLDAP_2.4_2 2.4.7 ++ ldap_delete_ext_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_delete_result_entry@OPENLDAP_2.4_2 2.4.7 ++ ldap_delete_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_derefresponse_free@OPENLDAP_2.4_2 2.4.15 ++ ldap_destroy@OPENLDAP_2.4_2 2.4.25 ++ ldap_dn2ad_canonical@OPENLDAP_2.4_2 2.4.7 ++ ldap_dn2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_dn2bv_x@OPENLDAP_2.4_2 2.4.7 ++ ldap_dn2dcedn@OPENLDAP_2.4_2 2.4.7 ++ ldap_dn2domain@OPENLDAP_2.4_2 2.4.7 ++ ldap_dn2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_dn2ufn@OPENLDAP_2.4_2 2.4.7 ++ ldap_dn_normalize@OPENLDAP_2.4_2 2.4.7 ++ ldap_dnfree@OPENLDAP_2.4_2 2.4.7 ++ ldap_dnfree_x@OPENLDAP_2.4_2 2.4.7 ++ ldap_domain2dn@OPENLDAP_2.4_2 2.4.7 ++ ldap_domain2hostlist@OPENLDAP_2.4_2 2.4.7 ++ ldap_dump_connection@OPENLDAP_2.4_2 2.4.7 ++ ldap_dump_requests_and_responses@OPENLDAP_2.4_2 2.4.7 ++ ldap_dup@OPENLDAP_2.4_2 2.4.25 ++ ldap_err2string@OPENLDAP_2.4_2 2.4.7 ++ ldap_explode_dn@OPENLDAP_2.4_2 2.4.7 ++ ldap_explode_rdn@OPENLDAP_2.4_2 2.4.7 ++ ldap_extended_operation@OPENLDAP_2.4_2 2.4.7 ++ ldap_extended_operation_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_find_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_find_request_by_msgid@OPENLDAP_2.4_2 2.4.7 ++ ldap_first_attribute@OPENLDAP_2.4_2 2.4.7 ++ ldap_first_entry@OPENLDAP_2.4_2 2.4.7 ++ ldap_first_message@OPENLDAP_2.4_2 2.4.7 ++ ldap_first_reference@OPENLDAP_2.4_2 2.4.7 ++ ldap_free_connection@OPENLDAP_2.4_2 2.4.7 ++ ldap_free_request@OPENLDAP_2.4_2 2.4.7 ++ ldap_free_select_info@OPENLDAP_2.4_2 2.4.7 ++ ldap_free_sort_keylist@OPENLDAP_2.4_2 2.4.7 ++ ldap_free_urldesc@OPENLDAP_2.4_2 2.4.7 ++ ldap_free_urllist@OPENLDAP_2.4_2 2.4.7 ++ ldap_get_attribute_ber@OPENLDAP_2.4_2 2.4.7 ++ ldap_get_dn@OPENLDAP_2.4_2 2.4.7 ++ ldap_get_dn_ber@OPENLDAP_2.4_2 2.4.7 ++ ldap_get_entry_controls@OPENLDAP_2.4_2 2.4.7 ++ ldap_get_message_ber@OPENLDAP_2.4_2 2.4.7 ++ ldap_get_option@OPENLDAP_2.4_2 2.4.7 ++ ldap_get_values@OPENLDAP_2.4_2 2.4.7 ++ ldap_get_values_len@OPENLDAP_2.4_2 2.4.7 ++ ldap_gssapi_bind@OPENLDAP_2.4_2 2.4.15 ++ ldap_gssapi_bind_s@OPENLDAP_2.4_2 2.4.15 ++ ldap_host_connected_to@OPENLDAP_2.4_2 2.4.7 ++ ldap_init@OPENLDAP_2.4_2 2.4.7 ++ ldap_init_fd@OPENLDAP_2.4_2 2.4.7 ++ ldap_initialize@OPENLDAP_2.4_2 2.4.7 ++ ldap_install_tls@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_bisect_delete@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_bisect_find@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_bisect_insert@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_check_async_open@OPENLDAP_2.4_2 2.4.28 ++ ldap_int_client_controls@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_connect_cbs@OPENLDAP_2.4_2 2.4.15 ++ ldap_int_error_init@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_flush_request@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_global_options@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_gmtime_mutex@OPENLDAP_2.4_2 2.4.23 ++ ldap_int_hostname@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_hostname_mutex@OPENLDAP_2.4_2 2.4.39 ++ ldap_int_inet4or6@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_initialize@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_initialize_global_options@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_msgtype2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_open_connection@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_parse_numericoid@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_parse_ruleid@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_poll@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_put_controls@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_resolv_mutex@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_sasl_bind@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_sasl_close@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_sasl_config@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_sasl_external@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_sasl_get_option@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_sasl_init@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_sasl_open@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_sasl_set_option@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_select@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_thread_destroy@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_thread_initialize@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_thread_pool_shutdown@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_thread_pool_startup@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_timeval_dup@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_tls_config@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_tls_destroy@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_tls_impl@OPENLDAP_2.4_2 2.4.15 ++ ldap_int_tls_start@OPENLDAP_2.4_2 2.4.7 ++ ldap_int_utils_init@OPENLDAP_2.4_2 2.4.7 ++ ldap_is_ldap_url@OPENLDAP_2.4_2 2.4.7 ++ ldap_is_ldapi_url@OPENLDAP_2.4_2 2.4.7 ++ ldap_is_ldaps_url@OPENLDAP_2.4_2 2.4.7 ++ ldap_is_read_ready@OPENLDAP_2.4_2 2.4.7 ++ ldap_is_write_ready@OPENLDAP_2.4_2 2.4.7 ++ ldap_ld_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_log_printf@OPENLDAP_2.4_2 2.4.7 ++ ldap_mark_select_clear@OPENLDAP_2.4_2 2.4.7 ++ ldap_mark_select_read@OPENLDAP_2.4_2 2.4.7 ++ ldap_mark_select_write@OPENLDAP_2.4_2 2.4.7 ++ ldap_matchingrule2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_matchingrule2name@OPENLDAP_2.4_2 2.4.7 ++ ldap_matchingrule2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_matchingrule_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_matchingruleuse2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_matchingruleuse2name@OPENLDAP_2.4_2 2.4.7 ++ ldap_matchingruleuse2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_matchingruleuse_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_memalloc@OPENLDAP_2.4_2 2.4.7 ++ ldap_memcalloc@OPENLDAP_2.4_2 2.4.7 ++ ldap_memfree@OPENLDAP_2.4_2 2.4.7 ++ ldap_memrealloc@OPENLDAP_2.4_2 2.4.7 ++ ldap_memvfree@OPENLDAP_2.4_2 2.4.7 ++ ldap_modify@OPENLDAP_2.4_2 2.4.7 ++ ldap_modify_ext@OPENLDAP_2.4_2 2.4.7 ++ ldap_modify_ext_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_modify_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_modrdn2@OPENLDAP_2.4_2 2.4.7 ++ ldap_modrdn2_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_modrdn@OPENLDAP_2.4_2 2.4.7 ++ ldap_modrdn_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_mods_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_msgdelete@OPENLDAP_2.4_2 2.4.7 ++ ldap_msgfree@OPENLDAP_2.4_2 2.4.7 ++ ldap_msgid@OPENLDAP_2.4_2 2.4.7 ++ ldap_msgtype@OPENLDAP_2.4_2 2.4.7 ++ ldap_nameform2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_nameform2name@OPENLDAP_2.4_2 2.4.7 ++ ldap_nameform2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_nameform_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_new_connection@OPENLDAP_2.4_2 2.4.7 ++ ldap_new_select_info@OPENLDAP_2.4_2 2.4.7 ++ ldap_next_attribute@OPENLDAP_2.4_2 2.4.7 ++ ldap_next_entry@OPENLDAP_2.4_2 2.4.7 ++ ldap_next_message@OPENLDAP_2.4_2 2.4.7 ++ ldap_next_reference@OPENLDAP_2.4_2 2.4.7 ++ ldap_ntlm_bind@OPENLDAP_2.4_2 2.4.7 ++ ldap_objectclass2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_objectclass2name@OPENLDAP_2.4_2 2.4.7 ++ ldap_objectclass2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_objectclass_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_open@OPENLDAP_2.4_2 2.4.7 ++ ldap_open_defconn@OPENLDAP_2.4_2 2.4.7 ++ ldap_open_internal_connection@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_deref_control@OPENLDAP_2.4_2 2.4.15 ++ ldap_parse_derefresponse_control@OPENLDAP_2.4_2 2.4.15 ++ ldap_parse_extended_result@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_intermediate@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_ntlm_bind_result@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_page_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_pageresponse_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_passwd@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_password_expiring_control@OPENLDAP_2.4_2 2.4.51 ++ ldap_parse_passwordpolicy_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_reference@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_refresh@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_result@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_sasl_bind_result@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_session_tracking_control@OPENLDAP_2.4_2 2.4.28 ++ ldap_parse_sortresponse_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_vlvresponse_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_parse_whoami@OPENLDAP_2.4_2 2.4.7 ++ ldap_passwd@OPENLDAP_2.4_2 2.4.7 ++ ldap_passwd_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_passwordpolicy_err2txt@OPENLDAP_2.4_2 2.4.7 ++ ldap_perror@OPENLDAP_2.4_2 2.4.7 ++ ldap_put_vrFilter@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_bv2scope@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_csnstr@OPENLDAP_2.4_2 2.4.23 ++ ldap_pvt_ctime@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_discard@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_filter_value_unescape@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_find_wildcard@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_get_controls@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_get_fqdn@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_get_hname@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_gethostbyaddr_a@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_gethostbyname_a@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_gettime@OPENLDAP_2.4_2 2.4.23 ++ ldap_pvt_hex_unescape@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_put_control@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_put_filter@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_runqueue_find@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_runqueue_insert@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_runqueue_isrunning@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_runqueue_next_sched@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_runqueue_persistent_backload@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_runqueue_remove@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_runqueue_resched@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_runqueue_runtask@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_runqueue_stoptask@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_sasl_generic_install@OPENLDAP_2.4_2 2.4.15 ++ ldap_pvt_sasl_generic_remove@OPENLDAP_2.4_2 2.4.15 ++ ldap_pvt_sasl_getmechs@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_sasl_install@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_sasl_mutex_dispose@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_sasl_mutex_lock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_sasl_mutex_new@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_sasl_mutex_unlock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_sasl_remove@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_sasl_secprops@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_sasl_secprops_unparse@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_scope2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_scope2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_search@OPENLDAP_2.4_2 2.4.15 ++ ldap_pvt_search_s@OPENLDAP_2.4_2 2.4.15 ++ ldap_pvt_sockbuf_io_sasl_generic@OPENLDAP_2.4_2 2.4.15 ++ ldap_pvt_str2lower@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_str2lowerbv@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_str2scope@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_str2upper@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_str2upperbv@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_strtok@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_cond_broadcast@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_cond_destroy@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_cond_init@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_cond_signal@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_cond_wait@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_create@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_destroy@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_exit@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_get_concurrency@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_initialize@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_join@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_key_create@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_key_destroy@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_key_getdata@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_key_setdata@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_kill@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_mutex_destroy@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_mutex_init@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_mutex_lock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_mutex_trylock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_mutex_unlock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_backload@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_context@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_context_reset@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_destroy@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_getkey@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_idle@OPENLDAP_2.4_2 2.4.31 ++ ldap_pvt_thread_pool_init@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_maxthreads@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_pause@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_pausecheck@OPENLDAP_2.4_2 2.4.9 ++ ldap_pvt_thread_pool_pausing@OPENLDAP_2.4_2 2.4.9 ++ ldap_pvt_thread_pool_purgekey@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_query@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_resume@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_retract@OPENLDAP_2.4_2 2.4.17 ++ ldap_pvt_thread_pool_setkey@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_submit@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_tid@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_pool_unidle@OPENLDAP_2.4_2 2.4.31 ++ ldap_pvt_thread_rdwr_destroy@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rdwr_init@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rdwr_rlock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rdwr_rtrylock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rdwr_runlock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rdwr_wlock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rdwr_wtrylock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rdwr_wunlock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rmutex_destroy@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rmutex_init@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rmutex_lock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rmutex_trylock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_rmutex_unlock@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_self@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_set_concurrency@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_sleep@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_thread_yield@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_accept@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_check_hostname@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_ctx_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_destroy@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_get_my_dn@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_get_option@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_get_peer_dn@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_get_strength@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_init@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_init_def_ctx@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_inplace@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_sb_ctx@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_tls_set_option@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_url_scheme2proto@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_url_scheme2tls@OPENLDAP_2.4_2 2.4.7 ++ ldap_pvt_url_scheme_port@OPENLDAP_2.4_2 2.4.7 ++ ldap_rdn2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_rdn2bv_x@OPENLDAP_2.4_2 2.4.7 ++ ldap_rdn2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_rdnfree@OPENLDAP_2.4_2 2.4.7 ++ ldap_rdnfree_x@OPENLDAP_2.4_2 2.4.7 ++ ldap_refresh@OPENLDAP_2.4_2 2.4.7 ++ ldap_refresh_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_rename2@OPENLDAP_2.4_2 2.4.7 ++ ldap_rename2_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_rename@OPENLDAP_2.4_2 2.4.7 ++ ldap_rename_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_result2error@OPENLDAP_2.4_2 2.4.7 ++ ldap_result@OPENLDAP_2.4_2 2.4.7 ++ ldap_return_request@OPENLDAP_2.4_2 2.4.7 ++ ldap_sasl_bind@OPENLDAP_2.4_2 2.4.7 ++ ldap_sasl_bind_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_sasl_interactive_bind@OPENLDAP_2.4_2 2.4.25 ++ ldap_sasl_interactive_bind_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_scherr2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_search@OPENLDAP_2.4_2 2.4.7 ++ ldap_search_ext@OPENLDAP_2.4_2 2.4.7 ++ ldap_search_ext_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_search_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_search_st@OPENLDAP_2.4_2 2.4.7 ++ ldap_send_initial_request@OPENLDAP_2.4_2 2.4.7 ++ ldap_send_server_request@OPENLDAP_2.4_2 2.4.7 ++ ldap_send_unbind@OPENLDAP_2.4_2 2.4.7 ++ ldap_set_ber_options@OPENLDAP_2.4_2 2.4.7 ++ ldap_set_nextref_proc@OPENLDAP_2.4_2 2.4.7 ++ ldap_set_option@OPENLDAP_2.4_2 2.4.7 ++ ldap_set_rebind_proc@OPENLDAP_2.4_2 2.4.7 ++ ldap_set_urllist_proc@OPENLDAP_2.4_2 2.4.7 ++ ldap_simple_bind@OPENLDAP_2.4_2 2.4.7 ++ ldap_simple_bind_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_sort_entries@OPENLDAP_2.4_2 2.4.7 ++ ldap_sort_strcasecmp@OPENLDAP_2.4_2 2.4.7 ++ ldap_sort_values@OPENLDAP_2.4_2 2.4.7 ++ ldap_start_tls@OPENLDAP_2.4_2 2.4.7 ++ ldap_start_tls_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_str2attributetype@OPENLDAP_2.4_2 2.4.7 ++ ldap_str2charray@OPENLDAP_2.4_2 2.4.7 ++ ldap_str2contentrule@OPENLDAP_2.4_2 2.4.7 ++ ldap_str2dn@OPENLDAP_2.4_2 2.4.7 ++ ldap_str2matchingrule@OPENLDAP_2.4_2 2.4.7 ++ ldap_str2matchingruleuse@OPENLDAP_2.4_2 2.4.7 ++ ldap_str2nameform@OPENLDAP_2.4_2 2.4.7 ++ ldap_str2objectclass@OPENLDAP_2.4_2 2.4.7 ++ ldap_str2rdn@OPENLDAP_2.4_2 2.4.7 ++ ldap_str2structurerule@OPENLDAP_2.4_2 2.4.7 ++ ldap_str2syntax@OPENLDAP_2.4_2 2.4.7 ++ ldap_strdup@OPENLDAP_2.4_2 2.4.7 ++ ldap_structurerule2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_structurerule2name@OPENLDAP_2.4_2 2.4.7 ++ ldap_structurerule2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_structurerule_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_sync_destroy@OPENLDAP_2.4_2 2.4.7 ++ ldap_sync_init@OPENLDAP_2.4_2 2.4.7 ++ ldap_sync_init_refresh_and_persist@OPENLDAP_2.4_2 2.4.7 ++ ldap_sync_init_refresh_only@OPENLDAP_2.4_2 2.4.7 ++ ldap_sync_initialize@OPENLDAP_2.4_2 2.4.7 ++ ldap_sync_poll@OPENLDAP_2.4_2 2.4.7 ++ ldap_syntax2bv@OPENLDAP_2.4_2 2.4.7 ++ ldap_syntax2name@OPENLDAP_2.4_2 2.4.7 ++ ldap_syntax2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_syntax_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_tls_inplace@OPENLDAP_2.4_2 2.4.7 ++ ldap_turn@OPENLDAP_2.4_2 2.4.7 ++ ldap_turn_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_ucs_to_utf8s@OPENLDAP_2.4_2 2.4.7 ++ ldap_unbind@OPENLDAP_2.4_2 2.4.7 ++ ldap_unbind_ext@OPENLDAP_2.4_2 2.4.7 ++ ldap_unbind_ext_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_unbind_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_url_desc2str@OPENLDAP_2.4_2 2.4.7 ++ ldap_url_dup@OPENLDAP_2.4_2 2.4.7 ++ ldap_url_duplist@OPENLDAP_2.4_2 2.4.7 ++ ldap_url_list2hosts@OPENLDAP_2.4_2 2.4.7 ++ ldap_url_list2urls@OPENLDAP_2.4_2 2.4.7 ++ ldap_url_parse@OPENLDAP_2.4_2 2.4.7 ++ ldap_url_parse_ext@OPENLDAP_2.4_2 2.4.7 ++ ldap_url_parsehosts@OPENLDAP_2.4_2 2.4.7 ++ ldap_url_parselist@OPENLDAP_2.4_2 2.4.7 ++ ldap_url_parselist_ext@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_bytes@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_charlen2@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_charlen@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_chars@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_copy@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_isalnum@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_isalpha@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_isascii@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_isdigit@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_islower@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_isspace@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_isupper@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_isxdigit@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_lentab@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_mintab@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_next@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_offset@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_prev@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_strchr@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_strcspn@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_strpbrk@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_strspn@OPENLDAP_2.4_2 2.4.7 ++ ldap_utf8_strtok@OPENLDAP_2.4_2 2.4.7 ++ ldap_value_dup@OPENLDAP_2.4_2 2.4.7 ++ ldap_value_free@OPENLDAP_2.4_2 2.4.7 ++ ldap_value_free_len@OPENLDAP_2.4_2 2.4.7 ++ ldap_whoami@OPENLDAP_2.4_2 2.4.7 ++ ldap_whoami_s@OPENLDAP_2.4_2 2.4.7 ++ ldap_x_mb_to_utf8@OPENLDAP_2.4_2 2.4.7 ++ ldap_x_mbs_to_utf8s@OPENLDAP_2.4_2 2.4.7 ++ ldap_x_ucs4_to_utf8@OPENLDAP_2.4_2 2.4.7 ++ ldap_x_utf8_to_mb@OPENLDAP_2.4_2 2.4.7 ++ ldap_x_utf8_to_ucs4@OPENLDAP_2.4_2 2.4.7 ++ ldap_x_utf8_to_wc@OPENLDAP_2.4_2 2.4.7 ++ ldap_x_utf8s_to_mbs@OPENLDAP_2.4_2 2.4.7 ++ ldap_x_utf8s_to_wcs@OPENLDAP_2.4_2 2.4.7 ++ ldap_x_wc_to_utf8@OPENLDAP_2.4_2 2.4.7 ++ ldap_x_wcs_to_utf8s@OPENLDAP_2.4_2 2.4.7 ++ ldif_close@OPENLDAP_2.4_2 2.4.25 ++ ldif_countlines@OPENLDAP_2.4_2 2.4.25 ++ ldif_debug@OPENLDAP_2.4_2 2.4.25 ++ ldif_fetch_url@OPENLDAP_2.4_2 2.4.25 ++ ldif_getline@OPENLDAP_2.4_2 2.4.25 ++ ldif_is_not_printable@OPENLDAP_2.4_2 2.4.25 ++ ldif_must_b64_encode_register@OPENLDAP_2.4_2 2.4.25 ++ ldif_must_b64_encode_release@OPENLDAP_2.4_2 2.4.25 ++ ldif_open@OPENLDAP_2.4_2 2.4.25 ++ ldif_open_url@OPENLDAP_2.4_2 2.4.25 ++ ldif_parse_line2@OPENLDAP_2.4_2 2.4.25 ++ ldif_parse_line@OPENLDAP_2.4_2 2.4.25 ++ ldif_put@OPENLDAP_2.4_2 2.4.25 ++ ldif_put_wrap@OPENLDAP_2.4_2 2.4.25 ++ ldif_read_record@OPENLDAP_2.4_2 2.4.39 ++ ldif_sput@OPENLDAP_2.4_2 2.4.25 ++ ldif_sput_wrap@OPENLDAP_2.4_2 2.4.25 diff --cc debian/libldap-common.install index 00000000,00000000..b64373e6 new file mode 100644 --- /dev/null +++ b/debian/libldap-common.install @@@ -1,0 -1,0 +1,1 @@@ ++etc/ldap/ldap.conf diff --cc debian/libldap-common.manpages index 00000000,00000000..6f9e09c5 new file mode 100644 --- /dev/null +++ b/debian/libldap-common.manpages @@@ -1,0 -1,0 +1,1 @@@ ++debian/tmp/usr/share/man/man5/ldap.conf.5 diff --cc debian/libldap2-dev.dirs index 00000000,00000000..e69de29b new file mode 100644 --- /dev/null +++ b/debian/libldap2-dev.dirs diff --cc debian/libldap2-dev.install index 00000000,00000000..2bc4f874 new file mode 100644 --- /dev/null +++ b/debian/libldap2-dev.install @@@ -1,0 -1,0 +1,13 @@@ ++usr/include/lber.h ++usr/include/lber_types.h ++usr/include/ldap_cdefs.h ++usr/include/ldap_features.h ++usr/include/ldap.h ++usr/include/ldap_schema.h ++usr/include/ldap_utf8.h ++usr/include/ldif.h ++usr/include/openldap.h ++usr/lib/*/liblber.a ++usr/lib/*/liblber.so ++usr/lib/*/libldap_r.a ++usr/lib/*/libldap_r.so diff --cc debian/libldap2-dev.links.in index 00000000,00000000..8ded4daf new file mode 100644 --- /dev/null +++ b/debian/libldap2-dev.links.in @@@ -1,0 -1,0 +1,12 @@@ ++usr/share/man/man3/lber-encode.3 usr/share/man/man3/ber_put_bitstring.3 ++usr/share/man/man3/lber-encode.3 usr/share/man/man3/ber_put_boolean.3 ++usr/share/man/man3/lber-encode.3 usr/share/man/man3/ber_start_seq.3 ++usr/share/man/man3/lber-memory.3 usr/share/man/man3/ber_memalloc.3 ++usr/share/man/man3/lber-memory.3 usr/share/man/man3/ber_memcalloc.3 ++usr/share/man/man3/lber-memory.3 usr/share/man/man3/ber_memfree.3 ++usr/share/man/man3/lber-memory.3 usr/share/man/man3/ber_memrealloc.3 ++usr/share/man/man3/lber-types.3 usr/share/man/man3/ber_int_t.3 ++usr/share/man/man3/lber-types.3 usr/share/man/man3/ber_len_t.3 ++usr/share/man/man3/lber-types.3 usr/share/man/man3/ber_tag_t.3 ++usr/lib/${DEB_HOST_MULTIARCH}/libldap_r.so usr/lib/${DEB_HOST_MULTIARCH}/libldap.so ++usr/lib/${DEB_HOST_MULTIARCH}/libldap_r.a usr/lib/${DEB_HOST_MULTIARCH}/libldap.a diff --cc debian/libldap2-dev.manpages index 00000000,00000000..7c726776 new file mode 100644 --- /dev/null +++ b/debian/libldap2-dev.manpages @@@ -1,0 -1,0 +1,1 @@@ ++debian/tmp/usr/share/man/man3/* diff --cc debian/patches/Fix-warnings-issued-by-autoconf-2.68.patch index 00000000,00000000..0f4d40c6 new file mode 100644 --- /dev/null +++ b/debian/patches/Fix-warnings-issued-by-autoconf-2.68.patch @@@ -1,0 -1,0 +1,103 @@@ ++From 5adcdb7642dbafae484b8f3feb391490ff9be087 Mon Sep 17 00:00:00 2001 ++From: =?UTF-8?q?Ond=C5=99ej=20Kuzn=C3=ADk?= ++Date: Wed, 24 May 2017 16:12:48 +0100 ++Subject: [PATCH] Fix warnings issued by autoconf 2.68+ ++ ++--- ++ build/openldap.m4 | 12 ++++++------ ++ configure.in | 8 ++++---- ++ 2 files changed, 10 insertions(+), 10 deletions(-) ++ ++diff --git a/build/openldap.m4 b/build/openldap.m4 ++index 95b86ee457..d8cf32f707 100644 ++--- a/build/openldap.m4 +++++ b/build/openldap.m4 ++@@ -321,13 +321,13 @@ dnl -------------------------------------------------------------------- ++ dnl Get major and minor version from ++ AC_DEFUN([OL_BDB_HEADER_VERSION], ++ [AC_CACHE_CHECK([for Berkeley DB major version in db.h], [ol_cv_bdb_major],[ ++- AC_LANG_CONFTEST([ +++ AC_LANG_CONFTEST([AC_LANG_SOURCE([ ++ #include ++ #ifndef DB_VERSION_MAJOR ++ # define DB_VERSION_MAJOR 1 ++ #endif ++ __db_version DB_VERSION_MAJOR ++-]) +++])]) ++ set X `eval "$ac_cpp -P conftest.$ac_ext" | $EGREP __db_version` none none ++ ol_cv_bdb_major=${3} ++ ]) ++@@ -337,13 +337,13 @@ esac ++ ++ dnl Determine minor version ++ AC_CACHE_CHECK([for Berkeley DB minor version in db.h], [ol_cv_bdb_minor],[ ++- AC_LANG_CONFTEST([ +++ AC_LANG_CONFTEST([AC_LANG_SOURCE([ ++ #include ++ #ifndef DB_VERSION_MINOR ++ # define DB_VERSION_MINOR 0 ++ #endif ++ __db_version DB_VERSION_MINOR ++-]) +++])]) ++ set X `eval "$ac_cpp -P conftest.$ac_ext" | $EGREP __db_version` none none ++ ol_cv_bdb_minor=${3} ++ ]) ++@@ -678,7 +678,7 @@ AC_DEFUN([OL_PTHREAD_TEST_FUNCTION],[[ ++ ]]) ++ ++ AC_DEFUN([OL_PTHREAD_TEST_PROGRAM], ++-AC_LANG_SOURCE([OL_PTHREAD_TEST_INCLUDES +++[AC_LANG_SOURCE([OL_PTHREAD_TEST_INCLUDES ++ ++ int main(argc, argv) ++ int argc; ++@@ -686,7 +686,7 @@ int main(argc, argv) ++ { ++ OL_PTHREAD_TEST_FUNCTION ++ } ++-])) +++])]) ++ dnl -------------------------------------------------------------------- ++ AC_DEFUN([OL_PTHREAD_TRY], [# Pthread try link: $1 ($2) ++ if test "$ol_link_threads" = no ; then ++diff --git a/configure.in b/configure.in ++index 0c0d990e82..38db157bd3 100644 ++--- a/configure.in +++++ b/configure.in ++@@ -1225,11 +1225,11 @@ if test $ol_link_tls = no ; then ++ AC_CHECK_HEADERS(gnutls/gnutls.h) ++ ++ if test $ac_cv_header_gnutls_gnutls_h = yes ; then ++- AC_PREPROC_IFELSE( +++ AC_PREPROC_IFELSE([AC_LANG_SOURCE( ++ [[#include ] ++ [#if GNUTLS_VERSION_NUMBER < 0x020c00] ++ [#error "GnuTLS 2.12.0 or newer required"] ++-[#endif]], +++[#endif]])], ++ , [AC_MSG_FAILURE([GnuTLS is too old])]) ++ ++ AC_CHECK_LIB(gnutls, gnutls_init, ++@@ -1506,7 +1506,7 @@ pthread_rwlock_t rwlock; ++ AC_MSG_ERROR([LinuxThreads header/library mismatch]); ++ fi ++ ++- AC_CACHE_CHECK([if pthread_create() works], +++ AC_CACHE_CHECK([AC_LANG_SOURCE([if pthread_create() works])], ++ ol_cv_pthread_create_works,[ ++ AC_RUN_IFELSE([OL_PTHREAD_TEST_PROGRAM], ++ [ol_cv_pthread_create_works=yes], ++@@ -2556,7 +2556,7 @@ if test "$ac_cv_func_getpeereid" != yes; then ++ fi ++ AC_CHECK_MEMBERS([struct stat.st_fstype, struct stat.st_vfstype]) ++ if test "$ac_cv_member_struct_stat_st_fstype" = yes; then ++- AC_COMPILE_IFELSE([struct stat st; char *ptr=st.st_fstype;], +++ AC_COMPILE_IFELSE([AC_LANG_SOURCE([struct stat st; char *ptr=st.st_fstype;])], ++ AC_DEFINE([HAVE_STRUCT_STAT_ST_FSTYPE_CHAR],1,[define to 1 if st_fstype is char *]), ++ AC_DEFINE([HAVE_STRUCT_STAT_ST_FSTYPE_INT],1,[define to 1 if st_fstype is int])) ++ fi ++-- ++2.33.0 ++ diff --cc debian/patches/ITS-9086-Add-debug-logging-for-more-GnuTLS-errors.patch index 00000000,00000000..c3912440 new file mode 100644 --- /dev/null +++ b/debian/patches/ITS-9086-Add-debug-logging-for-more-GnuTLS-errors.patch @@@ -1,0 -1,0 +1,110 @@@ ++From 82ce81ee7ad4a252aed2d6a10ea808ff18a65ffd Mon Sep 17 00:00:00 2001 ++From: Ryan Tandy ++Date: Sun, 22 Sep 2019 03:08:30 +0000 ++Subject: [PATCH] ITS#9086 Add debug logging for more GnuTLS errors ++ ++--- ++ libraries/libldap/tls_g.c | 56 ++++++++++++++++++++++++++++++++++----- ++ 1 file changed, 49 insertions(+), 7 deletions(-) ++ ++diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c ++index f3b4cd710..249f7e8d5 100644 ++--- a/libraries/libldap/tls_g.c +++++ b/libraries/libldap/tls_g.c ++@@ -188,9 +188,16 @@ tlsg_getfile( const char *path, gnutls_datum_t *buf ) ++ { ++ int rc = -1, fd; ++ struct stat st; +++ char ebuf[128]; ++ ++ fd = open( path, O_RDONLY ); ++- if ( fd >= 0 && fstat( fd, &st ) == 0 ) { +++ if ( fd < 0 ) { +++ Debug( LDAP_DEBUG_ANY, +++ "TLS: opening `%s' failed: %s\n", +++ path, AC_STRERROR_R( errno, ebuf, sizeof ebuf ), NULL ); +++ return -1; +++ } +++ if ( fstat( fd, &st ) == 0 ) { ++ buf->size = st.st_size; ++ buf->data = LDAP_MALLOC( st.st_size + 1 ); ++ if ( buf->data ) { ++@@ -236,7 +243,17 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) ++ ctx->cred, ++ lt->lt_cacertfile, ++ GNUTLS_X509_FMT_PEM ); ++- if ( rc < 0 ) return -1; +++ if ( rc < 0 ) { +++ Debug( LDAP_DEBUG_ANY, +++ "TLS: could not use CA certificate file `%s': %s (%d)\n", +++ lo->ldo_tls_cacertfile, gnutls_strerror( rc ), rc ); +++ return -1; +++ } else if ( rc == 0 ) { +++ Debug( LDAP_DEBUG_ANY, +++ "TLS: warning: no certificate loaded from CA certificate file `%s'.\n", +++ lo->ldo_tls_cacertfile, NULL, NULL ); +++ /* only warn, no return */ +++ } ++ } ++ ++ if ( lo->ldo_tls_certfile && lo->ldo_tls_keyfile ) { ++@@ -254,18 +271,38 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) ++ * do some special checks here... ++ */ ++ rc = tlsg_getfile( lt->lt_keyfile, &buf ); ++- if ( rc ) return -1; +++ if ( rc ) { +++ Debug( LDAP_DEBUG_ANY, +++ "TLS: could not use private key file `%s`.\n", +++ lt->lt_keyfile, NULL, NULL ); +++ return -1; +++ } ++ rc = gnutls_x509_privkey_import( key, &buf, ++ GNUTLS_X509_FMT_PEM ); ++ LDAP_FREE( buf.data ); ++- if ( rc < 0 ) return rc; +++ if ( rc < 0 ) { +++ Debug( LDAP_DEBUG_ANY, +++ "TLS: could not use private key: %s (%d)\n", +++ gnutls_strerror( rc ), rc, NULL ); +++ return rc; +++ } ++ ++ rc = tlsg_getfile( lt->lt_certfile, &buf ); ++- if ( rc ) return -1; +++ if ( rc ) { +++ Debug( LDAP_DEBUG_ANY, +++ "TLS: could not use certificate file `%s`.\n", +++ lt->lt_certfile, NULL, NULL ); +++ return -1; +++ } ++ rc = gnutls_x509_crt_list_import( certs, &max, &buf, ++ GNUTLS_X509_FMT_PEM, 0 ); ++ LDAP_FREE( buf.data ); ++- if ( rc < 0 ) return rc; +++ if ( rc < 0 ) { +++ Debug( LDAP_DEBUG_ANY, +++ "TLS: could not use certificate: %s (%d)\n", +++ gnutls_strerror( rc ), rc, NULL ); +++ return rc; +++ } ++ ++ /* If there's only one cert and it's not self-signed, ++ * then we have to build the cert chain. ++@@ -282,7 +319,12 @@ tlsg_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) ++ } ++ } ++ rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key ); ++- if ( rc ) return -1; +++ if ( rc ) { +++ Debug( LDAP_DEBUG_ANY, +++ "TLS: could not use certificate with key: %s (%d)\n", +++ gnutls_strerror( rc ), rc, NULL ); +++ return -1; +++ } ++ } else if ( lo->ldo_tls_certfile || lo->ldo_tls_keyfile ) { ++ Debug( LDAP_DEBUG_ANY, ++ "TLS: only one of certfile and keyfile specified\n", ++-- ++2.20.1 ++ diff --cc debian/patches/ITS-9177-Finish-updating-migration-to-latest-autocon.patch index 00000000,00000000..b99cb390 new file mode 100644 --- /dev/null +++ b/debian/patches/ITS-9177-Finish-updating-migration-to-latest-autocon.patch @@@ -1,0 -1,0 +1,67 @@@ ++From 1a55a5c61bbb94ecb2585cfc95a29699cc4bb64e Mon Sep 17 00:00:00 2001 ++From: Quanah Gibson-Mount ++Date: Thu, 9 Apr 2020 23:38:01 +0000 ++Subject: [PATCH] ITS#9177 - Finish updating migration to latest autoconf and ++ related build tools ++ ++--- ++ configure.in | 15 ++++++--------- ++ 1 file changed, 6 insertions(+), 9 deletions(-) ++ ++diff --git a/configure.in b/configure.in ++index 838f3616d2..5b69c7abb6 100644 ++--- a/configure.in +++++ b/configure.in ++@@ -26,8 +26,7 @@ dnl Configure.in for OpenLDAP ++ AC_COPYRIGHT([[Copyright 1998-2021 The OpenLDAP Foundation. All rights reserved. ++ Restrictions apply, see COPYRIGHT and LICENSE files.]]) ++ AC_REVISION([$Id: 0c7c0a9ee7af45f44c9f20258933ee4f03368876 $]) ++-AC_INIT([OpenLDAP],,[http://www.openldap.org/its/]) ++-m4_define([AC_PACKAGE_BUGREPORT],[]) +++AC_INIT([OpenLDAP],,[https://bugs.openldap.org],,[https://www.openldap.org]) ++ AC_CONFIG_SRCDIR(build/version.sh)dnl ++ dnl ---------------------------------------------------------------- ++ dnl OpenLDAP Autoconf Macros ++@@ -35,6 +34,7 @@ builtin(include, build/openldap.m4)dnl ++ dnl ================================================================ ++ ++ AC_CONFIG_AUX_DIR(build)dnl +++AC_CONFIG_MACRO_DIRS([build]) ++ ++ eval `$ac_aux_dir/version.sh` ++ if test -z "$OL_STRING"; then ++@@ -69,9 +69,8 @@ dnl Determine host platform ++ dnl we try not to use this for much ++ AC_CANONICAL_TARGET([]) ++ ++-AM_INIT_AUTOMAKE([$OL_PACKAGE],[$OL_VERSION], [no defines])dnl ++-AC_SUBST(PACKAGE)dnl ++-AC_SUBST(VERSION)dnl +++AC_SUBST(PACKAGE,$OL_PACKAGE)dnl +++AC_SUBST(VERSION,$OL_VERSION)dnl ++ AC_DEFINE_UNQUOTED(OPENLDAP_PACKAGE,"$PACKAGE",Package) ++ AC_DEFINE_UNQUOTED(OPENLDAP_VERSION,"$VERSION",Version) ++ ++@@ -89,10 +88,7 @@ AC_SUBST(OPENLDAP_LIBVERSION)dnl ++ OPENLDAP_RELEASE_DATE="$OL_RELEASE_DATE" ++ AC_SUBST(OPENLDAP_RELEASE_DATE)dnl ++ ++-dnl We use autoconf features new to 2.59. Later versions like won't work. ++-dnl aclocal.m4 should be built using aclocal from automake 1.5 ++-dnl libtool 1.5 should be installed. ++-AC_PREREQ(2.59)dnl Required Autoconf version +++AC_PREREQ(2.69)dnl Required Autoconf version ++ ++ AH_TOP([ ++ /* begin of portable.h.pre */ ++@@ -674,6 +670,7 @@ fi ++ ++ AC_LIBTOOL_WIN32_DLL ++ AC_LIBTOOL_DLOPEN +++AC_PROG_MAKE_SET ++ AC_PROG_LIBTOOL ++ ++ dnl ---------------------------------------------------------------- ++-- ++2.33.0 ++ diff --cc debian/patches/ITS6035-olcauthzregex-needs-restart.patch index 00000000,00000000..acd3c6f1 new file mode 100644 --- /dev/null +++ b/debian/patches/ITS6035-olcauthzregex-needs-restart.patch @@@ -1,0 -1,0 +1,13 @@@ ++--- a/doc/man/man5/slapd-config.5 +++++ b/doc/man/man5/slapd-config.5 ++@@ -409,6 +409,10 @@ ++ and replacement patterns. The matching patterns are checked in the order they ++ appear in the attribute, stopping at the first successful match. ++ +++Note that changes to +++.B olcAuthzRegexp +++take effect the next time the server is started, not immediately upon +++changing the configuration. ++ .\".B Caution: ++ .\"Because the plus sign + is a character recognized by the regular expression engine, ++ .\"and it will appear in names that include a REALM, be careful to escape the diff --cc debian/patches/add-tlscacert-option-to-ldap-conf index 00000000,00000000..e8e731aa new file mode 100644 --- /dev/null +++ b/debian/patches/add-tlscacert-option-to-ldap-conf @@@ -1,0 -1,0 +1,10 @@@ ++--- a/libraries/libldap/ldap.conf +++++ b/libraries/libldap/ldap.conf ++@@ -11,3 +11,7 @@ ++ #SIZELIMIT 12 ++ #TIMELIMIT 15 ++ #DEREF never +++ +++# TLS certificates (needed for GnuTLS) +++TLS_CACERT /etc/ssl/certs/ca-certificates.crt +++ diff --cc debian/patches/contrib-makefiles index 00000000,00000000..2f20843e new file mode 100644 --- /dev/null +++ b/debian/patches/contrib-makefiles @@@ -1,0 -1,0 +1,185 @@@ ++--- a/contrib/slapd-modules/passwd/Makefile +++++ b/contrib/slapd-modules/passwd/Makefile ++@@ -13,7 +13,7 @@ ++ INCS = $(LDAP_INC) ++ LIBS = $(LDAP_LIB) ++ ++-PROGRAMS = pw-kerberos.la pw-netscape.la pw-radius.la pw-apr1.la +++PROGRAMS = pw-netscape.la pw-apr1.la ++ LTVER = 0:0:0 ++ ++ prefix=/usr/local ++@@ -27,24 +27,24 @@ ++ .SUFFIXES: .c .o .lo ++ ++ .c.lo: ++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $< +++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $< ++ ++ all: $(PROGRAMS) ++ ++ pw-kerberos.la: kerberos.lo ++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \ +++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \ ++ -rpath $(moduledir) -module -o $@ $? -lkrb5 ++ ++ pw-netscape.la: netscape.lo ++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \ +++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \ ++ -rpath $(moduledir) -module -o $@ $? ++ ++ pw-radius.la: radius.lo ++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \ +++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \ ++ -rpath $(moduledir) -module -o $@ $? -lradius ++ ++ pw-apr1.la: apr1.lo ++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \ +++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \ ++ -rpath $(moduledir) -module -o $@ $? ++ ++ clean: ++--- a/contrib/slapd-modules/passwd/pbkdf2/Makefile +++++ b/contrib/slapd-modules/passwd/pbkdf2/Makefile ++@@ -12,7 +12,7 @@ ++ #DEFS = -DSLAPD_PBKDF2_DEBUG ++ ++ INCS = $(LDAP_INC) ++-LIBS = $(LDAP_LIB) -lcrypto +++LIBS = $(LDAP_LIB) -lnettle ++ ++ PROGRAMS = pw-pbkdf2.la ++ LTVER = 0:0:0 ++@@ -30,12 +30,12 @@ ++ .SUFFIXES: .c .o .lo ++ ++ .c.lo: ++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $< +++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $< ++ ++ all: $(PROGRAMS) ++ ++ pw-pbkdf2.la: pw-pbkdf2.lo ++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \ +++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \ ++ -rpath $(moduledir) -module -o $@ $? $(LIBS) ++ ++ clean: ++--- a/contrib/slapd-modules/smbk5pwd/Makefile +++++ b/contrib/slapd-modules/smbk5pwd/Makefile ++@@ -19,10 +19,10 @@ ++ $(LDAP_BUILD)/libraries/liblber/liblber.la ++ ++ SSL_INC = ++-SSL_LIB = -lcrypto +++SSL_LIB = -lnettle ++ ++-HEIMDAL_INC = -I/usr/heimdal/include ++-HEIMDAL_LIB = -L/usr/heimdal/lib -lkrb5 -lkadm5srv +++HEIMDAL_INC = $(shell krb5-config.heimdal --cflags krb5 kadm-server) +++HEIMDAL_LIB = $(shell krb5-config.heimdal --libs krb5 kadm-server) ++ ++ LIBTOOL = $(LDAP_BUILD)/libtool ++ CC = gcc ++@@ -30,7 +30,8 @@ ++ # Omit DO_KRB5, DO_SAMBA or DO_SHADOW if you don't want to support it. ++ DEFS = -DDO_KRB5 -DDO_SAMBA -DDO_SHADOW ++ INCS = $(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC) ++-LIBS = $(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB) +++# put /usr/lib/heimdal before /usr/lib in case libkrb5-dev is installed, #745356 +++LIBS = $(HEIMDAL_LIB) $(LDAP_LIB) $(SSL_LIB) ++ ++ PROGRAMS = smbk5pwd.la ++ LTVER = 0:0:0 ++@@ -46,12 +47,12 @@ ++ .SUFFIXES: .c .o .lo ++ ++ .c.lo: ++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $< +++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $< ++ ++ all: $(PROGRAMS) ++ ++ smbk5pwd.la: smbk5pwd.lo ++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \ +++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \ ++ -rpath $(moduledir) -module -o $@ $? $(LIBS) ++ ++ clean: ++--- a/contrib/slapd-modules/autogroup/Makefile +++++ b/contrib/slapd-modules/autogroup/Makefile ++@@ -27,12 +27,12 @@ ++ .SUFFIXES: .c .o .lo ++ ++ .c.lo: ++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $< +++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $< ++ ++ all: $(PROGRAMS) ++ ++ autogroup.la: autogroup.lo ++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \ +++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \ ++ -rpath $(moduledir) -module -o $@ $? $(LIBS) ++ ++ clean: ++--- a/contrib/slapd-modules/lastbind/Makefile +++++ b/contrib/slapd-modules/lastbind/Makefile ++@@ -37,12 +37,12 @@ ++ .SUFFIXES: .c .o .lo ++ ++ .c.lo: ++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $< +++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $< ++ ++ all: $(PROGRAMS) ++ ++ lastbind.la: lastbind.lo ++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \ +++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \ ++ -rpath $(moduledir) -module -o $@ $? $(LIBS) ++ ++ clean: ++--- a/contrib/slapd-modules/passwd/sha2/Makefile +++++ b/contrib/slapd-modules/passwd/sha2/Makefile ++@@ -28,12 +28,12 @@ ++ .SUFFIXES: .c .o .lo ++ ++ .c.lo: ++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $< +++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $< ++ ++ all: $(PROGRAMS) ++ ++ pw-sha2.la: slapd-sha2.lo sha2.lo ++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \ +++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \ ++ -rpath $(moduledir) -module -o $@ $? $(LIBS) ++ ++ clean: ++--- a/contrib/slapd-modules/passwd/argon2/Makefile +++++ b/contrib/slapd-modules/passwd/argon2/Makefile ++@@ -14,7 +14,7 @@ ++ INCS = $(LDAP_INC) ++ LIBS = $(LDAP_LIB) ++ ++-implementation = sodium +++implementation = argon2 ++ ++ ifeq ($(implementation),argon2) ++ LIBS += -largon2 ++@@ -42,12 +42,12 @@ ++ .SUFFIXES: .c .o .lo ++ ++ .c.lo: ++- $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $< +++ $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) $(DEFS) $(INCS) -c $< ++ ++ all: $(PROGRAMS) ++ ++ pw-argon2.la: pw-argon2.lo ++- $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info $(LTVER) \ +++ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -version-info $(LTVER) \ ++ -rpath $(moduledir) -module -o $@ $? $(LIBS) ++ ++ clean: diff --cc debian/patches/debian-version index 00000000,00000000..542346bc new file mode 100644 --- /dev/null +++ b/debian/patches/debian-version @@@ -1,0 -1,0 +1,14 @@@ ++Description: Replace upstream version with Debian version in version strings ++Forwarded: not-needed ++Author: Ryan Tandy ++--- a/build/version.sh +++++ b/build/version.sh ++@@ -40,7 +40,7 @@ ++ echo OL_API_INC=$ol_api_inc ++ echo OL_API_LIB_RELEASE=$ol_api_lib_release ++ echo OL_API_LIB_VERSION=$ol_api_lib_version ++-echo OL_VERSION=$ol_version +++echo OL_VERSION=\"${DEB_VERSION:-$ol_version}\" ++ echo OL_TYPE=$ol_type ++ echo OL_STRING=\"${ol_string}\" ++ echo OL_RELEASE_DATE=\"${ol_release_date}\" diff --cc debian/patches/do-not-second-guess-sonames index 00000000,00000000..bbf099c7 new file mode 100644 --- /dev/null +++ b/debian/patches/do-not-second-guess-sonames @@@ -1,0 -1,0 +1,68 @@@ ++Rip out code that second-guesses the libsasl soname / Debian shlibs. If ++cyrus sasl upstream is breaking the ABI, this needs to be fixed upstream ++there, not kludged around upstream here! ++ ++Debian bug #546885 ++ ++Upstream ITS #6302 filed. ++ ++--- a/libraries/libldap/cyrus.c +++++ b/libraries/libldap/cyrus.c ++@@ -74,28 +74,6 @@ ++ */ ++ int ldap_int_sasl_init( void ) ++ { ++-#ifdef HAVE_SASL_VERSION ++- /* stringify the version number, sasl.h doesn't do it for us */ ++-#define VSTR0(maj, min, pat) #maj "." #min "." #pat ++-#define VSTR(maj, min, pat) VSTR0(maj, min, pat) ++-#define SASL_VERSION_STRING VSTR(SASL_VERSION_MAJOR, SASL_VERSION_MINOR, \ ++- SASL_VERSION_STEP) ++- { int rc; ++- sasl_version( NULL, &rc ); ++- if ( ((rc >> 16) != ((SASL_VERSION_MAJOR << 8)|SASL_VERSION_MINOR)) || ++- (rc & 0xffff) < SASL_VERSION_STEP) { ++- char version[sizeof("xxx.xxx.xxxxx")]; ++- sprintf( version, "%u.%d.%d", (unsigned)rc >> 24, (rc >> 16) & 0xff, ++- rc & 0xffff ); ++- ++- Debug( LDAP_DEBUG_ANY, ++- "ldap_int_sasl_init: SASL library version mismatch:" ++- " expected " SASL_VERSION_STRING "," ++- " got %s\n", version, 0, 0 ); ++- return -1; ++- } ++- } ++-#endif ++ ++ /* SASL 2 takes care of its own memory completely internally */ ++ #if SASL_VERSION_MAJOR < 2 && !defined(CSRIMALLOC) ++--- a/servers/slapd/sasl.c +++++ b/servers/slapd/sasl.c ++@@ -1145,26 +1145,6 @@ int slap_sasl_init( void ) ++ #endif ++ ++ #ifdef HAVE_CYRUS_SASL ++-#ifdef HAVE_SASL_VERSION ++- /* stringify the version number, sasl.h doesn't do it for us */ ++-#define VSTR0(maj, min, pat) #maj "." #min "." #pat ++-#define VSTR(maj, min, pat) VSTR0(maj, min, pat) ++-#define SASL_VERSION_STRING VSTR(SASL_VERSION_MAJOR, SASL_VERSION_MINOR, \ ++- SASL_VERSION_STEP) ++- ++- sasl_version( NULL, &rc ); ++- if ( ((rc >> 16) != ((SASL_VERSION_MAJOR << 8)|SASL_VERSION_MINOR)) || ++- (rc & 0xffff) < SASL_VERSION_STEP) ++- { ++- char version[sizeof("xxx.xxx.xxxxx")]; ++- sprintf( version, "%u.%d.%d", (unsigned)rc >> 24, (rc >> 16) & 0xff, ++- rc & 0xffff ); ++- Debug( LDAP_DEBUG_ANY, "slap_sasl_init: SASL library version mismatch:" ++- " expected %s, got %s\n", ++- SASL_VERSION_STRING, version, 0 ); ++- return -1; ++- } ++-#endif ++ ++ sasl_set_mutex( ++ ldap_pvt_sasl_mutex_new, diff --cc debian/patches/evolution-ntlm index 00000000,00000000..cd9bc267 new file mode 100644 --- /dev/null +++ b/debian/patches/evolution-ntlm @@@ -1,0 -1,0 +1,222 @@@ ++Patch from evolution-exchange (2.10.3). The ldap_ntlm_bind function is ++actually called by evolution-data-server, checked at version 1.12.2. ++Without this patch, the Exchange addressbook integration uses simple binds ++with cleartext passwords. ++ ++Russ checked with openldap-software for upstream's opinion on this patch ++on 2007-12-21. Upstream had never received it as a patch submission and ++given that it's apparently only for older Exchange servers that can't do ++SASL and DIGEST-MD5, it's not very appealing. ++ ++Bug#457374 filed against evolution-data-server asking if this support is ++still required on 2007-12-21. ++ ++--- a/include/ldap.h +++++ b/include/ldap.h ++@@ -2517,5 +2517,25 @@ ldap_parse_deref_control LDAP_P(( ++ LDAPControl **ctrls, ++ LDAPDerefRes **drp )); ++ +++/* +++ * hacks for NTLM +++ */ +++#define LDAP_AUTH_NTLM_REQUEST ((ber_tag_t) 0x8aU) +++#define LDAP_AUTH_NTLM_RESPONSE ((ber_tag_t) 0x8bU) +++LDAP_F( int ) +++ldap_ntlm_bind LDAP_P(( +++ LDAP *ld, +++ LDAP_CONST char *dn, +++ ber_tag_t tag, +++ struct berval *cred, +++ LDAPControl **sctrls, +++ LDAPControl **cctrls, +++ int *msgidp )); +++LDAP_F( int ) +++ldap_parse_ntlm_bind_result LDAP_P(( +++ LDAP *ld, +++ LDAPMessage *res, +++ struct berval *challenge)); +++ ++ LDAP_END_DECL ++ #endif /* _LDAP_H */ ++--- /dev/null +++++ b/libraries/libldap/ntlm.c ++@@ -0,0 +1,138 @@ +++/* $OpenLDAP: pkg/ldap/libraries/libldap/ntlm.c,v 1.1.4.10 2002/01/04 20:38:21 kurt Exp $ */ +++/* +++ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. +++ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file +++ */ +++ +++/* Mostly copied from sasl.c */ +++ +++#include "portable.h" +++ +++#include +++#include +++ +++#include +++#include +++#include +++#include +++ +++#include "ldap-int.h" +++ +++int +++ldap_ntlm_bind( +++ LDAP *ld, +++ LDAP_CONST char *dn, +++ ber_tag_t tag, +++ struct berval *cred, +++ LDAPControl **sctrls, +++ LDAPControl **cctrls, +++ int *msgidp ) +++{ +++ BerElement *ber; +++ int rc; +++ ber_int_t id; +++ +++ Debug( LDAP_DEBUG_TRACE, "ldap_ntlm_bind\n", 0, 0, 0 ); +++ +++ assert( ld != NULL ); +++ assert( LDAP_VALID( ld ) ); +++ assert( msgidp != NULL ); +++ +++ if( msgidp == NULL ) { +++ ld->ld_errno = LDAP_PARAM_ERROR; +++ return ld->ld_errno; +++ } +++ +++ /* create a message to send */ +++ if ( (ber = ldap_alloc_ber_with_options( ld )) == NULL ) { +++ ld->ld_errno = LDAP_NO_MEMORY; +++ return ld->ld_errno; +++ } +++ +++ assert( LBER_VALID( ber ) ); +++ +++ LDAP_NEXT_MSGID( ld, id ); +++ rc = ber_printf( ber, "{it{istON}" /*}*/, +++ id, LDAP_REQ_BIND, +++ ld->ld_version, dn, tag, +++ cred ); +++ +++ /* Put Server Controls */ +++ if( ldap_int_put_controls( ld, sctrls, ber ) != LDAP_SUCCESS ) { +++ ber_free( ber, 1 ); +++ return ld->ld_errno; +++ } +++ +++ if ( ber_printf( ber, /*{*/ "N}" ) == -1 ) { +++ ld->ld_errno = LDAP_ENCODING_ERROR; +++ ber_free( ber, 1 ); +++ return ld->ld_errno; +++ } +++ +++ /* send the message */ +++ *msgidp = ldap_send_initial_request( ld, LDAP_REQ_BIND, dn, ber, id ); +++ +++ if(*msgidp < 0) +++ return ld->ld_errno; +++ +++ return LDAP_SUCCESS; +++} +++ +++int +++ldap_parse_ntlm_bind_result( +++ LDAP *ld, +++ LDAPMessage *res, +++ struct berval *challenge) +++{ +++ ber_int_t errcode; +++ ber_tag_t tag; +++ BerElement *ber; +++ ber_len_t len; +++ +++ Debug( LDAP_DEBUG_TRACE, "ldap_parse_ntlm_bind_result\n", 0, 0, 0 ); +++ +++ assert( ld != NULL ); +++ assert( LDAP_VALID( ld ) ); +++ assert( res != NULL ); +++ +++ if ( ld == NULL || res == NULL ) { +++ return LDAP_PARAM_ERROR; +++ } +++ +++ if( res->lm_msgtype != LDAP_RES_BIND ) { +++ ld->ld_errno = LDAP_PARAM_ERROR; +++ return ld->ld_errno; +++ } +++ +++ if ( ld->ld_error ) { +++ LDAP_FREE( ld->ld_error ); +++ ld->ld_error = NULL; +++ } +++ if ( ld->ld_matched ) { +++ LDAP_FREE( ld->ld_matched ); +++ ld->ld_matched = NULL; +++ } +++ +++ /* parse results */ +++ +++ ber = ber_dup( res->lm_ber ); +++ +++ if( ber == NULL ) { +++ ld->ld_errno = LDAP_NO_MEMORY; +++ return ld->ld_errno; +++ } +++ +++ tag = ber_scanf( ber, "{ioa" /*}*/, +++ &errcode, challenge, &ld->ld_error ); +++ ber_free( ber, 0 ); +++ +++ if( tag == LBER_ERROR ) { +++ ld->ld_errno = LDAP_DECODING_ERROR; +++ return ld->ld_errno; +++ } +++ +++ ld->ld_errno = errcode; +++ +++ return( ld->ld_errno ); +++} +++ ++--- a/libraries/libldap/Makefile.in +++++ b/libraries/libldap/Makefile.in ++@@ -27,7 +27,7 @@ SRCS = bind.c open.c result.c error.c co ++ init.c options.c print.c string.c util-int.c schema.c \ ++ charray.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \ ++ tls2.c tls_o.c tls_g.c tls_m.c \ ++- turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \ +++ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c ntlm.c \ ++ assertion.c deref.c ldif.c fetch.c ++ ++ OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \ ++@@ -40,7 +40,7 @@ OBJS = bind.lo open.lo result.lo error.l ++ init.lo options.lo print.lo string.lo util-int.lo schema.lo \ ++ charray.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \ ++ tls2.lo tls_o.lo tls_g.lo tls_m.lo \ ++- turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \ +++ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo ntlm.lo \ ++ assertion.lo deref.lo ldif.lo fetch.lo ++ ++ LDAP_INCDIR= ../../include ++--- a/libraries/libldap_r/Makefile.in +++++ b/libraries/libldap_r/Makefile.in ++@@ -29,7 +29,7 @@ XXSRCS = apitest.c test.c \ ++ init.c options.c print.c string.c util-int.c schema.c \ ++ charray.c os-local.c dnssrv.c utf-8.c utf-8-conv.c \ ++ tls2.c tls_o.c tls_g.c tls_m.c \ ++- turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c \ +++ turn.c ppolicy.c dds.c txn.c ldap_sync.c stctrl.c ntlm.c \ ++ assertion.c deref.c ldif.c fetch.c ++ SRCS = threads.c rdwr.c rmutex.c tpool.c rq.c \ ++ thr_posix.c thr_cthreads.c thr_thr.c thr_nt.c \ ++@@ -47,7 +47,7 @@ OBJS = threads.lo rdwr.lo rmutex.lo tpoo ++ init.lo options.lo print.lo string.lo util-int.lo schema.lo \ ++ charray.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo \ ++ tls2.lo tls_o.lo tls_g.lo tls_m.lo \ ++- turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo \ +++ turn.lo ppolicy.lo dds.lo txn.lo ldap_sync.lo stctrl.lo ntlm.lo \ ++ assertion.lo deref.lo ldif.lo fetch.lo ++ ++ LDAP_INCDIR= ../../include diff --cc debian/patches/fix-build-top-mk index 00000000,00000000..418fe35b new file mode 100644 --- /dev/null +++ b/debian/patches/fix-build-top-mk @@@ -1,0 -1,0 +1,11 @@@ ++--- a/build/top.mk +++++ b/build/top.mk ++@@ -20,7 +20,7 @@ ++ RELEASEDATE= @OPENLDAP_RELEASE_DATE@ ++ ++ @SET_MAKE@ ++-SHELL = /bin/sh +++SHELL = @SHELL@ ++ ++ top_builddir = @top_builddir@ ++ diff --cc debian/patches/getaddrinfo-is-threadsafe index 00000000,00000000..ab6e2b70 new file mode 100644 --- /dev/null +++ b/debian/patches/getaddrinfo-is-threadsafe @@@ -1,0 -1,0 +1,43 @@@ ++Author: Steve Langasek ++ ++OpenLDAP upstream conservatively assumes that certain resolver functions ++(getaddrinfo, getnameinfo, res_query, dn_expand) are not re-entrant; but we ++know that the glibc implementations of these functions are thread-safe, so ++we should bypass the use of this mutex. This fixes a locking problem when ++an application uses libldap and libnss-ldap is also used for hosts ++resolution. ++ ++Closes Debian bug #340601. ++ ++Not suitable for forwarding upstream; might be made suitable by adding a ++configure-time check for glibc and disabling the mutex only on known ++thread-safe implementations. ++ ++--- a/libraries/libldap/os-ip.c +++++ b/libraries/libldap/os-ip.c ++@@ -602,13 +602,7 @@ ldap_connect_to_host(LDAP *ld, Sockbuf * ++ hints.ai_socktype = socktype; ++ snprintf(serv, sizeof serv, "%d", port ); ++ ++- /* most getaddrinfo(3) use non-threadsafe resolver libraries */ ++- LDAP_MUTEX_LOCK(&ldap_int_resolv_mutex); ++- ++ err = getaddrinfo( host, serv, &hints, &res ); ++- ++- LDAP_MUTEX_UNLOCK(&ldap_int_resolv_mutex); ++- ++ if ( err != 0 ) { ++ osip_debug(ld, "ldap_connect_to_host: getaddrinfo failed: %s\n", ++ AC_GAI_STRERROR(err), 0, 0); ++--- a/libraries/libldap/util-int.c +++++ b/libraries/libldap/util-int.c ++@@ -431,9 +431,7 @@ int ldap_pvt_get_hname( ++ int rc; ++ #if defined( HAVE_GETNAMEINFO ) ++ ++- LDAP_MUTEX_LOCK( &ldap_int_resolv_mutex ); ++ rc = getnameinfo( sa, len, name, namelen, NULL, 0, 0 ); ++- LDAP_MUTEX_UNLOCK( &ldap_int_resolv_mutex ); ++ if ( rc ) *err = (char *)AC_GAI_STRERROR( rc ); ++ return rc; ++ diff --cc debian/patches/index-files-created-as-root index 00000000,00000000..263b0148 new file mode 100644 --- /dev/null +++ b/debian/patches/index-files-created-as-root @@@ -1,0 -1,0 +1,37 @@@ ++Document in the man page that slapindex should be run as the same user ++as slapd, and print a warning if it's run as root (since Debian defaults ++to running slapd as openldap). ++ ++Not suitable for upstream in this form. This patch needs to be reworked ++to check the BerkeleyDB database ownership and only warn if running as ++root with a database that's not owned by root. ++ ++Upstream ITS #5356 filed requesting better handling of this. Current ++upstream discussion leans towards putting the check into the database ++backend and aborting if slapd is run as a different user than the database ++owner, which is an even better fix. ++ ++--- a/doc/man/man8/slapindex.8 +++++ b/doc/man/man8/slapindex.8 ++@@ -148,6 +148,10 @@ ++ should not be running (at least, not in read-write ++ mode) when you do this to ensure consistency of the database. ++ .LP +++slapindex ought to be run as the user specified for +++.BR slapd (8) +++to ensure correct database permissions. +++.LP ++ This command provides ample opportunity for the user to obtain ++ and drink their favorite beverage. ++ .SH EXAMPLES ++--- a/servers/slapd/slapindex.c +++++ b/servers/slapd/slapindex.c ++@@ -34,6 +34,8 @@ ++ int ++ slapindex( int argc, char **argv ) ++ { +++ if (geteuid() == 0) +++ fprintf( stderr, "\nWARNING!\nRunning as root!\nThere's a fair chance slapd will fail to start.\nCheck file permissions!\n\n"); ++ ID id; ++ int rc = EXIT_SUCCESS; ++ const char *progname = "slapindex"; diff --cc debian/patches/lastbind-makefile-manpage index 00000000,00000000..66e5a79e new file mode 100644 --- /dev/null +++ b/debian/patches/lastbind-makefile-manpage @@@ -1,0 -1,0 +1,46 @@@ ++--- a/contrib/slapd-modules/lastbind/Makefile +++++ b/contrib/slapd-modules/lastbind/Makefile ++@@ -17,6 +17,7 @@ ++ $(LDAP_BUILD)/libraries/liblber/liblber.la ++ ++ LIBTOOL = $(LDAP_BUILD)/libtool +++INSTALL = /usr/bin/install ++ CC = gcc ++ OPT = -g -O2 -Wall ++ DEFS = -DSLAPD_OVER_LASTBIND=SLAPD_MOD_DYNAMIC ++@@ -25,6 +26,7 @@ ++ ++ PROGRAMS = lastbind.la ++ LTVER = 0:0:0 +++MANPAGES = slapo-lastbind.5 ++ ++ prefix=/usr/local ++ exec_prefix=$(prefix) ++@@ -33,6 +35,8 @@ ++ libdir=$(exec_prefix)/lib ++ libexecdir=$(exec_prefix)/libexec ++ moduledir = $(libexecdir)$(ldap_subdir) +++mandir = $(exec_prefix)/share/man +++man5dir = $(mandir)/man5 ++ ++ .SUFFIXES: .c .o .lo ++ ++@@ -48,9 +52,17 @@ ++ clean: ++ rm -rf *.o *.lo *.la .libs ++ ++-install: $(PROGRAMS) +++install: install-lib install-man FORCE +++ +++install-lib: $(PROGRAMS) ++ mkdir -p $(DESTDIR)$(moduledir) ++ for p in $(PROGRAMS) ; do \ ++ $(LIBTOOL) --mode=install cp $$p $(DESTDIR)$(moduledir) ; \ ++ done ++ +++install-man: $(MANPAGES) +++ mkdir -p $(DESTDIR)$(man5dir) +++ $(INSTALL) -m 644 $(MANPAGES) $(DESTDIR)$(man5dir) +++ +++FORCE: +++ diff --cc debian/patches/ldap-conf-tls-cacertdir index 00000000,00000000..e8aab912 new file mode 100644 --- /dev/null +++ b/debian/patches/ldap-conf-tls-cacertdir @@@ -1,0 -1,0 +1,29 @@@ ++--- a/doc/man/man5/ldap.conf.5 +++++ b/doc/man/man5/ldap.conf.5 ++@@ -317,7 +317,7 @@ certificates in separate individual file ++ .B TLS_CACERT ++ is always used before ++ .B TLS_CACERTDIR. ++-This parameter is ignored with GnuTLS. +++This parameter is ignored with GnuTLS. On Debian openldap is linked against GnuTLS. ++ ++ When using Mozilla NSS, may contain a Mozilla NSS cert/key ++ database. If contains a Mozilla NSS cert/key database and ++@@ -428,7 +428,7 @@ This parameter is ignored with GnuTLS. ++ Specifies the file to obtain random bits from when /dev/[u]random is ++ not available. Generally set to the name of the EGD/PRNGD socket. ++ The environment variable RANDFILE can also be used to specify the filename. ++-This parameter is ignored with GnuTLS and Mozilla NSS. +++This parameter is ignored with GnuTLS and Mozilla NSS. On Debian openldap is linked against GnuTLS. ++ .TP ++ .B TLS_REQCERT ++ Specifies what checks to perform on server certificates in a TLS session, ++@@ -461,7 +461,7 @@ Specifies if the Certificate Revocation ++ used to verify if the server certificates have not been revoked. This ++ requires ++ .B TLS_CACERTDIR ++-parameter to be set. This parameter is ignored with GnuTLS and Mozilla NSS. +++parameter to be set. This parameter is ignored with GnuTLS and Mozilla NSS. On Debian openldap is linked against GnuTLS. ++ .B ++ can be specified as one of the following keywords: ++ .RS diff --cc debian/patches/ldapi-socket-place index 00000000,00000000..a482bbfc new file mode 100644 --- /dev/null +++ b/debian/patches/ldapi-socket-place @@@ -1,0 -1,0 +1,16 @@@ ++Move the ldapi socket to /var/run/slapd from /var/run, since /var/run ++is only writable by root and slapd runs as openldap. ++ ++Debian-specific. ++ ++--- a/include/ldap_defaults.h +++++ b/include/ldap_defaults.h ++@@ -39,7 +39,7 @@ ++ #define LDAP_ENV_PREFIX "LDAP" ++ ++ /* default ldapi:// socket */ ++-#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "ldapi" +++#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "run" LDAP_DIRSEP "slapd" LDAP_DIRSEP "ldapi" ++ ++ /* ++ * SLAPD DEFINITIONS diff --cc debian/patches/libldap-symbol-versions index 00000000,00000000..fb28f490 new file mode 100644 --- /dev/null +++ b/debian/patches/libldap-symbol-versions @@@ -1,0 -1,0 +1,161 @@@ ++Add symbol versioning to the public LDAP libraries. This is required for ++library transitions, such as the current transition from 2.1 to 2.4, ++since programs will sometimes have both libraries loaded by different ++dependency chains during the transition. ++ ++Not yet contributed upstream. ++ ++Upstream ITS #5365 filed requesting symbol versioning for libldap and ++libber. ++ ++--- a/libraries/libldap_r/Makefile.in +++++ b/libraries/libldap_r/Makefile.in ++@@ -61,6 +61,9 @@ XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS) ++ XXXLIBS = $(LTHREAD_LIBS) ++ NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) ++ UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) $(LTHREAD_LIBS) +++ifneq (,$(VERSION_OPTION)) +++ VERSION_FLAGS = "$(VERSION_OPTION)$(XXDIR)/libldap.map" +++endif ++ ++ .links : Makefile ++ @for i in $(XXSRCS); do \ ++--- a/build/top.mk +++++ b/build/top.mk ++@@ -104,6 +104,9 @@ LTFLAGS_MOD = $(@PLAT@_LTFLAGS_MOD) ++ # LINK_LIBS referenced in library and module link commands. ++ LINK_LIBS = $(MOD_LIBS) $(@PLAT@_LINK_LIBS) ++ +++# option to pass to $(CC) to support library symbol versioning, if any +++VERSION_OPTION = @VERSION_OPTION@ +++ ++ LTSTATIC = @LTSTATIC@ ++ ++ LTLINK = $(LIBTOOL) --mode=link \ ++@@ -113,7 +116,7 @@ LTCOMPILE_LIB = $(LIBTOOL) $(LTONLY_LIB) ++ $(CC) $(LT_CFLAGS) $(LT_CPPFLAGS) $(LIB_DEFS) -c ++ ++ LTLINK_LIB = $(LIBTOOL) $(LTONLY_LIB) --mode=link \ ++- $(CC) $(LT_CFLAGS) $(LDFLAGS) $(LTFLAGS_LIB) +++ $(CC) $(LT_CFLAGS) $(LDFLAGS) $(LTFLAGS_LIB) $(VERSION_FLAGS) ++ ++ LTCOMPILE_MOD = $(LIBTOOL) $(LTONLY_MOD) --mode=compile \ ++ $(CC) $(LT_CFLAGS) $(LT_CPPFLAGS) $(MOD_DEFS) -c ++--- a/build/openldap.m4 +++++ b/build/openldap.m4 ++@@ -1136,3 +1136,54 @@ AC_DEFUN([OL_SSL_COMPAT], ++ #endif ++ ], [ol_cv_ssl_crl_compat=yes], [ol_cv_ssl_crl_compat=no])]) ++ ]) +++ +++dnl ==================================================================== +++dnl check for symbol versioning support +++AC_DEFUN([OL_SYMBOL_VERSIONING], +++[AC_CACHE_CHECK([for .symver assembler directive], +++ [ol_cv_asm_symver_directive],[ +++cat > conftest.s <&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then +++ ol_cv_asm_symver_directive=yes +++else +++ ol_cv_asm_symver_directive=no +++fi +++rm -f conftest*]) +++AC_CACHE_CHECK([for ld --version-script], +++ [ol_cv_ld_version_script_option],[ +++if test $ol_cv_asm_symver_directive = yes; then +++ cat > conftest.s < conftest.map <&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then +++ if AC_TRY_COMMAND([${CC-cc} $CFLAGS $LDFLAGS -shared +++ -o conftest.so conftest.o +++ -Wl,--version-script,conftest.map +++ 1>&AS_MESSAGE_LOG_FD]); +++ then +++ ol_cv_ld_version_script_option=yes +++ else +++ ol_cv_ld_version_script_option=no +++ fi +++ else +++ ol_cv_ld_version_script_option=no +++ fi +++else +++ ol_cv_ld_version_script_option=no +++fi +++rm -f conftest*])]) ++--- a/configure.in +++++ b/configure.in ++@@ -1909,6 +1909,13 @@ else ++ fi ++ AC_SUBST(LTSTATIC)dnl ++ +++VERSION_OPTION="" +++OL_SYMBOL_VERSIONING +++if test $ol_cv_ld_version_script_option = yes ; then +++ VERSION_OPTION="-Wl,--version-script=" +++fi +++AC_SUBST(VERSION_OPTION) +++ ++ dnl ---------------------------------------------------------------- ++ if test $ol_enable_wrappers != no ; then ++ AC_CHECK_HEADERS(tcpd.h,[ ++--- /dev/null +++++ b/libraries/libldap/libldap.map ++@@ -0,0 +1,7 @@ +++OPENLDAP_2.4_2 { +++ global: +++ ldap_*; +++ ldif_*; +++ local: +++ *; +++}; ++--- a/libraries/libldap/Makefile.in +++++ b/libraries/libldap/Makefile.in ++@@ -52,6 +52,9 @@ XLIBS = $(LIBRARY) $(LDAP_LIBLBER_LA) $( ++ XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS) ++ NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) ++ UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS) +++ifneq (,$(VERSION_OPTION)) +++ VERSION_FLAGS = $(VERSION_OPTION)$(srcdir)/libldap.map +++endif ++ ++ apitest: $(XLIBS) apitest.o ++ $(LTLINK) -o $@ apitest.o $(LIBS) ++--- a/libraries/liblber/Makefile.in +++++ b/libraries/liblber/Makefile.in ++@@ -38,6 +38,9 @@ XLIBS = $(LIBRARY) $(LDAP_LIBLUTIL_A) ++ XXLIBS = ++ NT_LINK_LIBS = $(AC_LIBS) ++ UNIX_LINK_LIBS = $(AC_LIBS) +++ifneq (,$(VERSION_OPTION)) +++ VERSION_FLAGS = "$(VERSION_OPTION)$(srcdir)/liblber.map" +++endif ++ ++ dtest: $(XLIBS) dtest.o ++ $(LTLINK) -o $@ dtest.o $(LIBS) ++--- /dev/null +++++ b/libraries/liblber/liblber.map ++@@ -0,0 +1,8 @@ +++OPENLDAP_2.4_2 { +++ global: +++ ber_*; +++ der_alloc; +++ lutil_*; +++ local: +++ *; +++}; diff --cc debian/patches/man-slapd index 00000000,00000000..5f551375 new file mode 100644 --- /dev/null +++ b/debian/patches/man-slapd @@@ -1,0 -1,0 +1,60 @@@ ++Patch the slapd man page to not refer to a header file that isn't ++installed with the slapd package and to reference the correct path ++for slapd. ++ ++Debian-specific. ++ ++--- a/doc/man/man8/slapd.8 +++++ b/doc/man/man8/slapd.8 ++@@ -5,7 +5,7 @@ ++ .SH NAME ++ slapd \- Stand-alone LDAP Daemon ++ .SH SYNOPSIS ++-.B LIBEXECDIR/slapd +++.B /usr/sbin/slapd ++ [\c ++ .BR \-4 | \-6 ] ++ [\c ++@@ -103,11 +103,10 @@ ++ will not fork or disassociate from the invoking terminal. Some general ++ operation and status messages are printed for any value of \fIdebug-level\fP. ++ \fIdebug-level\fP is taken as a bit string, with each bit corresponding to a ++-different kind of debugging information. See for details. ++-Comma-separated arrays of friendly names can be specified to select ++-debugging output of the corresponding debugging information. ++-All the names recognized by the \fIloglevel\fP directive ++-described in \fBslapd.conf\fP(5) are supported. +++different kind of debugging information. Comma-separated arrays of friendly +++names can be specified to select debugging output of the corresponding +++debugging information. All the names recognized by the \fIloglevel\fP +++directive described in \fBslapd.conf\fP(5) are supported. ++ If \fIdebug-level\fP is \fB?\fP, a list of installed debug-levels is printed, ++ and slapd exits. ++ ++@@ -317,7 +316,7 @@ ++ .LP ++ .nf ++ .ft tt ++- LIBEXECDIR/slapd +++ /usr/sbin/slapd ++ .ft ++ .fi ++ .LP ++@@ -328,7 +327,7 @@ ++ .LP ++ .nf ++ .ft tt ++- LIBEXECDIR/slapd \-f /var/tmp/slapd.conf \-d 255 +++ /usr/sbin/slapd \-f /var/tmp/slapd.conf \-d 255 ++ .ft ++ .fi ++ .LP ++@@ -336,7 +335,7 @@ ++ .LP ++ .nf ++ .ft tt ++- LIBEXECDIR/slapd \-Tt +++ /usr/sbin/slapd \-Tt ++ .ft ++ .fi ++ .LP diff --cc debian/patches/no-bdb-ABI-second-guessing index 00000000,00000000..db76aa7a new file mode 100644 --- /dev/null +++ b/debian/patches/no-bdb-ABI-second-guessing @@@ -1,0 -1,0 +1,42 @@@ ++Author: Steve Langasek ++Description: don't second-guess BDB ABI ++ OpenLDAP upstream conservatively assumes that any change to the version ++ number of libdb can result in an API-breaking change that could impact ++ the database. In Debian, we know that such changes require bumping the ++ library soname and changing the package name, and demand such rigor from ++ our package maintainers even when upstreams don't deliver; so any such ++ check in the source code works against the packaging system by forcing ++ database upgrades when we know none are required. Disable this check ++ so we rely on the packaging system to do its job. ++Bug-Debian: http://bugs.debian.org/651333 ++Forwarded: not-needed ++ ++--- a/servers/slapd/back-bdb/init.c +++++ b/servers/slapd/back-bdb/init.c ++@@ -762,7 +762,7 @@ bdb_back_initialize( ++ bi->bi_controls = controls; ++ ++ { /* version check */ ++- int major, minor, patch, ver; +++ int major, minor, patch; ++ char *version = db_version( &major, &minor, &patch ); ++ #ifdef HAVE_EBCDIC ++ char v2[1024]; ++@@ -776,17 +776,6 @@ bdb_back_initialize( ++ version = v2; ++ #endif ++ ++- ver = (major << 24) | (minor << 16) | patch; ++- if( ver != DB_VERSION_FULL ) { ++- /* fail if a versions don't match */ ++- Debug( LDAP_DEBUG_ANY, ++- LDAP_XSTRING(bdb_back_initialize) ": " ++- "BDB library version mismatch:" ++- " expected " DB_VERSION_STRING "," ++- " got %s\n", version, 0, 0 ); ++- return -1; ++- } ++- ++ Debug( LDAP_DEBUG_TRACE, LDAP_XSTRING(bdb_back_initialize) ++ ": %s\n", version, 0, 0 ); ++ } diff --cc debian/patches/sasl-default-path index 00000000,00000000..6d5c7b07 new file mode 100644 --- /dev/null +++ b/debian/patches/sasl-default-path @@@ -1,0 -1,0 +1,55 @@@ ++Add /etc/ldap/sasl2 to the SASL configuration search path. ++ ++Not submitted upstream. Somewhat Debian-specific and probably not of ++interest upstream. ++ ++--- a/include/ldap_defaults.h +++++ b/include/ldap_defaults.h ++@@ -63,4 +63,6 @@ ++ /* dn of the default "monitor" subentry */ ++ #define SLAPD_MONITOR_DN "cn=Monitor" ++ +++#define SASL_CONFIGPATH LDAP_SYSCONFDIR LDAP_DIRSEP "sasl2" +++ ++ #endif /* _LDAP_CONFIG_H */ ++--- a/servers/slapd/sasl.c +++++ b/servers/slapd/sasl.c ++@@ -1103,12 +1103,38 @@ static const rewrite_mapper slapd_mapper ++ }; ++ #endif ++ +++static int +++slap_sasl_getconfpath( void * context, char ** path ) +++{ +++ char * sasl_default_configpath; +++ size_t len; +++ +++#if SASL_VERSION_MAJOR >= 2 +++ sasl_default_configpath = "/usr/lib/sasl2"; +++#else +++ sasl_default_configpath = "/usr/lib/sasl"; +++#endif +++ +++ len = strlen(SASL_CONFIGPATH) + 1 /* colon */ + +++ strlen(sasl_default_configpath) + 1 /* \0 */; +++ *path = malloc( len ); +++ if ( *path == NULL ) +++ return SASL_FAIL; +++ +++ if (snprintf( *path, len, "%s:%s", SASL_CONFIGPATH, +++ sasl_default_configpath ) != len-1 ) +++ return SASL_FAIL; +++ +++ return SASL_OK; +++} +++ ++ int slap_sasl_init( void ) ++ { ++ #ifdef HAVE_CYRUS_SASL ++ int rc; ++ static sasl_callback_t server_callbacks[] = { ++ { SASL_CB_LOG, (slap_sasl_cb_ft)&slap_sasl_log, NULL }, +++ { SASL_CB_GETCONFPATH, (slap_sasl_cb_ft)&slap_sasl_getconfpath, NULL }, ++ { SASL_CB_GETOPT, (slap_sasl_cb_ft)&slap_sasl_getopt, NULL }, ++ { SASL_CB_LIST_END, NULL, NULL } ++ }; diff --cc debian/patches/series index 00000000,00000000..46946cee new file mode 100644 --- /dev/null +++ b/debian/patches/series @@@ -1,0 -1,0 +1,24 @@@ ++debian-version ++man-slapd ++evolution-ntlm ++slapi-errorlog-file ++ldapi-socket-place ++wrong-database-location ++index-files-created-as-root ++sasl-default-path ++libldap-symbol-versions ++getaddrinfo-is-threadsafe ++do-not-second-guess-sonames ++contrib-makefiles ++smbk5pwd-makefile-manpage ++lastbind-makefile-manpage ++ldap-conf-tls-cacertdir ++add-tlscacert-option-to-ldap-conf ++fix-build-top-mk ++switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.diff ++no-bdb-ABI-second-guessing ++ITS6035-olcauthzregex-needs-restart.patch ++set-maintainer-name ++ITS-9086-Add-debug-logging-for-more-GnuTLS-errors.patch ++Fix-warnings-issued-by-autoconf-2.68.patch ++ITS-9177-Finish-updating-migration-to-latest-autocon.patch diff --cc debian/patches/set-maintainer-name index 00000000,00000000..35f8f77e new file mode 100644 --- /dev/null +++ b/debian/patches/set-maintainer-name @@@ -1,0 -1,0 +1,16 @@@ ++--- a/build/mkversion +++++ b/build/mkversion ++@@ -50,12 +50,7 @@ ++ fi ++ ++ APPLICATION=$1 ++-# Reproducible builds set SOURCE_DATE_EPOCH, want constant strings ++-if [ -n "${SOURCE_DATE_EPOCH}" ]; then ++- WHOWHERE="openldap" ++-else ++- WHOWHERE="$USER@$(uname -n):$(pwd)" ++-fi +++WHOWHERE="${DEB_MAINTAINER:-openldap}" ++ ++ cat << __EOF__ ++ /* This work is part of OpenLDAP Software . diff --cc debian/patches/slapi-errorlog-file index 00000000,00000000..48994512 new file mode 100644 --- /dev/null +++ b/debian/patches/slapi-errorlog-file @@@ -1,0 -1,0 +1,16 @@@ ++The slapi error log file defaults to /var/errors given our setting ++of --localstatedir. Move it to /var/log/slapi-errors instead. ++ ++Debian-specific. ++ ++--- a/servers/slapd/slapi/slapi_overlay.c +++++ b/servers/slapd/slapi/slapi_overlay.c ++@@ -930,7 +930,7 @@ int slapi_over_config( BackendDB *be, Co ++ ldap_pvt_thread_mutex_init( &slapi_printmessage_mutex ); ++ ++ if ( slapi_log_file == NULL ) ++- slapi_log_file = slapi_ch_strdup( LDAP_RUNDIR LDAP_DIRSEP "errors" ); +++ slapi_log_file = slapi_ch_strdup( LDAP_RUNDIR LDAP_DIRSEP "log" LDAP_DIRSEP "slapi-errors" ); ++ ++ rc = slapi_int_init_object_extensions(); ++ if ( rc != 0 ) diff --cc debian/patches/smbk5pwd-makefile-manpage index 00000000,00000000..b05cba2b new file mode 100644 --- /dev/null +++ b/debian/patches/smbk5pwd-makefile-manpage @@@ -1,0 -1,0 +1,251 @@@ ++From: Peter Marschall ++Date: Sun, 26 Jul 2015 15:04:26 +0200 ++Subject: [PATCH] contrib/smbk5pwd: add man page, install it too ++ ++Add a manual page slapo-smbk5pwd.5 and update smbk5pwd's Makefile to ++install the new manual page. ++ ++This patch is derived from the corresponding patch upstreamed in ITS#8205 ++ ++--- ++ contrib/slapd-modules/smbk5pwd/Makefile | 14 +- ++ contrib/slapd-modules/smbk5pwd/slapo-smbk5pwd.5 | 179 ++++++++++++++++++++++++ ++ 2 files changed, 192 insertions(+), 1 deletion(-) ++ create mode 100644 contrib/slapd-modules/smbk5pwd/slapo-smbk5pwd.5 ++ ++diff --git a/contrib/slapd-modules/smbk5pwd/Makefile b/contrib/slapd-modules/smbk5pwd/Makefile ++index 676d914..0042a49 100644 ++--- a/contrib/slapd-modules/smbk5pwd/Makefile +++++ b/contrib/slapd-modules/smbk5pwd/Makefile ++@@ -25,6 +25,7 @@ ++ HEIMDAL_LIB = $(shell krb5-config.heimdal --libs krb5 kadm-server) ++ ++ LIBTOOL = $(LDAP_BUILD)/libtool +++INSTALL = /usr/bin/install ++ CC = gcc ++ OPT = -g -O2 -Wall ++ # Omit DO_KRB5, DO_SAMBA or DO_SHADOW if you don't want to support it. ++@@ -34,6 +35,7 @@ ++ LIBS = $(HEIMDAL_LIB) $(LDAP_LIB) $(SSL_LIB) ++ ++ PROGRAMS = smbk5pwd.la +++MANPAGES = slapo-smbk5pwd.5 ++ LTVER = 0:0:0 ++ ++ prefix=/usr/local ++@@ -43,6 +45,8 @@ ++ libdir=$(exec_prefix)/lib ++ libexecdir=$(exec_prefix)/libexec ++ moduledir = $(libexecdir)$(ldap_subdir) +++mandir = $(exec_prefix)/share/man +++man5dir = $(mandir)/man5 ++ ++ .SUFFIXES: .c .o .lo ++ ++@@ -58,9 +62,17 @@ ++ clean: ++ rm -rf *.o *.lo *.la .libs ++ ++-install: $(PROGRAMS) +++install: install-lib install-man FORCE +++ +++install-lib: $(PROGRAMS) ++ mkdir -p $(DESTDIR)$(moduledir) ++ for p in $(PROGRAMS) ; do \ ++ $(LIBTOOL) --mode=install cp $$p $(DESTDIR)$(moduledir) ; \ ++ done ++ +++install-man: $(MANPAGES) +++ mkdir -p $(DESTDIR)$(man5dir) +++ $(INSTALL) -m 644 $(MANPAGES) $(DESTDIR)$(man5dir) +++ +++FORCE: +++ ++diff --git a/contrib/slapd-modules/smbk5pwd/slapo-smbk5pwd.5 b/contrib/slapd-modules/smbk5pwd/slapo-smbk5pwd.5 ++new file mode 100644 ++index 0000000..431a765 ++--- /dev/null +++++ b/contrib/slapd-modules/smbk5pwd/slapo-smbk5pwd.5 ++@@ -0,0 +1,179 @@ +++.TH SLAPO-SMBK5PWD 5 "RELEASEDATE" "OpenLDAP LDVERSION" +++.\" Copyright 2015 The OpenLDAP Foundation All Rights Reserved. +++.\" Copying restrictions apply. See COPYRIGHT/LICENSE. +++.\" $OpenLDAP$ +++.SH NAME +++slapo-smbk5pwd \- Samba & Kerberos password sync overlay to slapd +++.SH SYNOPSIS +++ETCDIR/slapd.conf +++.RS +++.LP +++include +++.B "/krb5-kdc.schema" +++.LP +++include +++.B "/samba.schema" +++.LP +++moduleload +++.B smbk5pwd.so +++.LP +++ ... +++.LP +++database mdb +++.LP +++ ... +++.LP +++overlay +++.B smbk5pwd +++.RE +++ +++.SH DESCRIPTION +++.LP +++The +++.B smbk5pwd +++overlay to +++.BR slapd (8) +++overloads the Password Modify Extended Operation (RFC 3062) to update +++Kerberos keys and Samba password hashes for an LDAP user, as well as +++updating password change related attributes for Kerberos, Samba and/or +++UNIX user accounts. +++.LP +++The Samba support is written using the Samba 3.0 LDAP schema; +++Kerberos support is written for Heimdal using its hdb-ldap backend. +++.LP +++Additionally, a new +++.B {K5KEY} +++password hash mechanism is provided. +++For +++.B krb5KDCEntry +++objects that have this scheme specifier in their +++.I userPassword +++attribute, Simple Binds will be checked against the Kerberos keys of the entry. +++No data is needed after the +++.B {K5KEY} +++scheme specifier in the +++.IR userPassword , +++it is looked up from the entry directly. +++ +++.SH CONFIGURATION +++The +++.B smbk5pwd +++overlay supports the following +++.B slapd.conf +++configuration options, which should appear after the +++.B overlay +++directive: +++.TP +++.BI smbk5pwd-enable " " +++can be used to enable only the desired modules. +++Legal values for +++.I +++are +++.LP +++.RS +++.TP +++.B krb5 +++If the user has the +++.B krb5KDCEntry +++objectclass, update the +++.B krb5Key +++and +++.B krb5KeyVersionNumber +++attributes using the new password in the Password Modify operation, +++provided the Kerberos account is not expired. +++Exiration is determined by evaluating the +++.B krb5ValidEnd +++attribute. +++.TP +++.B samba +++If the user is a +++.B sambaSamAccount +++object, synchronize the +++.B sambaLMPassword +++and +++.B sambaNTPassword +++to the password entered in the Password Modify operation, and update +++.B sambaPwdLastSet +++accordingly. +++.TP +++.B shadow +++Update the attribute +++.BR shadowLastChange , +++if the entry has the objectclass +++.BR shadowAccount . +++.LP +++By default all modules compiled in are enabled. +++Setting the config statement restricts the enabled modules to the ones +++explicitly mentioned. +++.RE +++.TP +++.BI smbk5pwd-can-change " " +++If the +++.B samba +++module is enabled and the user is a +++.BR sambaSamAccount , +++update the attribute +++.B sambaPwdCanChange +++to point +++.I +++into the future, essentially denying any Samba password change until then. +++A value of +++.B 0 +++disables this feature. +++.TP +++.BI smbk5pwd-must-change " " +++If the +++.B samba +++module is enabled and the user is a +++.BR sambaSamAccount , +++update the attribute +++.B sambaPwdMustChange +++to point +++.I +++into the future, essentially setting the Samba password expiration time. +++A value of +++.B 0 +++disables this feature. +++.LP +++Alternatively, the overlay supports table-driven configuration, +++and thus can be run-time loaded and configured via back-config. +++ +++.SH EXAMPLE +++The layout of a slapd.d based, table-driven configuration entry looks like: +++.LP +++.EX +++ # {0}smbk5pwd, {1}bdb, config +++ dn: olcOverlay={0}smbk5pwd,olcDatabase={1}mdb,cn=config +++ objectClass: olcOverlayConfig +++ objectClass: olcSmbK5PwdConfig +++ olcOverlay: {0}smbk5pwd +++ olcSmbK5PwdEnable: krb5 +++ olcSmbK5PwdEnable: samba +++ olcSmbK5PwdMustChange: 2592000 +++.EE +++.LP +++which enables both +++.B krb5 +++and +++.B samba +++modules with a Samba password expiration time of 30 days (= +++.B 2592000 +++seconds). +++ +++.SH SEE ALSO +++.BR slapd.conf (5), +++.BR ldappasswd (1), +++.BR ldap (3), +++.LP +++"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/) +++.LP +++ +++.SH ACKNOWLEDGEMENTS +++This manual page has been writen by Peter Marschall based on the +++module's README file written by Howard Chu. +++.LP +++.B OpenLDAP +++is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). +++.B OpenLDAP +++is derived from University of Michigan LDAP 3.3 Release. +++ ++-- ++2.5.0 ++ diff --cc debian/patches/switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.diff index 00000000,00000000..f0dd4e1f new file mode 100644 --- /dev/null +++ b/debian/patches/switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.diff @@@ -1,0 -1,0 +1,40 @@@ ++From: Jan-Marek Glogowski ++Date: Tue, 18 May 2010 17:47:05 +0200 ++Subject: Switch to lt_dlopenadvise() so back_perl can be opened with RTLD_GLOBAL. ++ Open all modules with RTLD_GLOBAL, needed so that back_perl can load ++ non-trivial Perl extensions that require symbols from back_perl.so itself. ++Bug-Debian: http://bugs.debian.org/327585 ++ ++--- ++--- a/servers/slapd/module.c +++++ b/servers/slapd/module.c ++@@ -117,6 +117,20 @@ int module_unload( const char *file_name ++ return -1; /* not found */ ++ } ++ +++static lt_dlhandle slapd_lt_dlopenext_global( const char *filename ) +++{ +++ lt_dlhandle handle = 0; +++ lt_dladvise advise; +++ +++ if (!lt_dladvise_init (&advise) && !lt_dladvise_ext (&advise) +++ && !lt_dladvise_global (&advise)) +++ handle = lt_dlopenadvise (filename, advise); +++ +++ lt_dladvise_destroy (&advise); +++ +++ return handle; +++} +++ ++ int module_load(const char* file_name, int argc, char *argv[]) ++ { ++ module_loaded_t *module; ++@@ -180,7 +194,7 @@ int module_load(const char* file_name, i ++ * to calling Debug. This is because Debug is a macro that expands ++ * into multiple function calls. ++ */ ++- if ((module->lib = lt_dlopenext(file)) == NULL) { +++ if ((module->lib = slapd_lt_dlopenext_global(file)) == NULL) { ++ error = lt_dlerror(); ++ #ifdef HAVE_EBCDIC ++ strcpy( ebuf, error ); diff --cc debian/patches/wrong-database-location index 00000000,00000000..25d96cb6 new file mode 100644 --- /dev/null +++ b/debian/patches/wrong-database-location @@@ -1,0 -1,0 +1,74 @@@ ++Move the default slapd database location to /var/lib/ldap instead of ++/var/openldap-data. ++ ++Debian-specific. ++ ++--- a/doc/man/man5/slapd-bdb.5 +++++ b/doc/man/man5/slapd-bdb.5 ++@@ -131,7 +131,7 @@ Specify the directory where the BDB file ++ associated indexes live. ++ A separate directory must be specified for each database. ++ The default is ++-.BR LOCALSTATEDIR/openldap\-data . +++.BR LOCALSTATEDIR/lib/ldap . ++ .TP ++ .B dirtyread ++ Allow reads of modified but not yet committed data. ++--- a/doc/man/man5/slapd.conf.5 +++++ b/doc/man/man5/slapd.conf.5 ++@@ -2007,7 +2007,7 @@ suffix "dc=our\-domain,dc=com" ++ # The database directory MUST exist prior to ++ # running slapd AND should only be accessible ++ # by the slapd/tools. Mode 0700 recommended. ++-directory LOCALSTATEDIR/openldap\-data +++directory LOCALSTATEDIR/lib/ldap ++ # Indices to maintain ++ index objectClass eq ++ index cn,sn,mail pres,eq,approx,sub ++--- a/include/ldap_defaults.h +++++ b/include/ldap_defaults.h ++@@ -47,7 +47,7 @@ ++ /* location of the default slapd config file */ ++ #define SLAPD_DEFAULT_CONFIGFILE LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.conf" ++ #define SLAPD_DEFAULT_CONFIGDIR LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.d" ++-#define SLAPD_DEFAULT_DB_DIR LDAP_RUNDIR LDAP_DIRSEP "openldap-data" +++#define SLAPD_DEFAULT_DB_DIR LDAP_RUNDIR LDAP_DIRSEP "lib" LDAP_DIRSEP "ldap" ++ #define SLAPD_DEFAULT_DB_MODE 0600 ++ #define SLAPD_DEFAULT_UCDATA LDAP_DATADIR LDAP_DIRSEP "ucdata" ++ /* default max deref depth for aliases */ ++--- a/servers/slapd/Makefile.in +++++ b/servers/slapd/Makefile.in ++@@ -445,9 +445,9 @@ install-conf: FORCE ++ ++ install-db-config: FORCE ++ @-$(MKDIR) $(DESTDIR)$(localstatedir) $(DESTDIR)$(sysconfdir) ++- @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/openldap-data +++ @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/lib/ldap ++ $(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \ ++- $(DESTDIR)$(localstatedir)/openldap-data/DB_CONFIG.example +++ $(DESTDIR)$(localstatedir)/lib/ldap/DB_CONFIG.example ++ $(INSTALL) $(INSTALLFLAGS) -m 600 $(srcdir)/DB_CONFIG \ ++ $(DESTDIR)$(sysconfdir)/DB_CONFIG.example ++ ++--- a/doc/man/man5/slapd-config.5 +++++ b/doc/man/man5/slapd-config.5 ++@@ -2051,7 +2051,7 @@ olcSuffix: "dc=our\-domain,dc=com" ++ # The database directory MUST exist prior to ++ # running slapd AND should only be accessible ++ # by the slapd/tools. Mode 0700 recommended. ++-olcDbDirectory: LOCALSTATEDIR/openldap\-data +++olcDbDirectory: LOCALSTATEDIR/lib/ldap ++ # Indices to maintain ++ olcDbIndex: objectClass eq ++ olcDbIndex: cn,sn,mail pres,eq,approx,sub ++--- a/doc/man/man5/slapd-mdb.5 +++++ b/doc/man/man5/slapd-mdb.5 ++@@ -52,7 +52,7 @@ Specify the directory where the LMDB fil ++ associated indexes live. ++ A separate directory must be specified for each database. ++ The default is ++-.BR LOCALSTATEDIR/openldap\-data . +++.BR LOCALSTATEDIR/lib/ldap . ++ .TP ++ \fBenvflags \fR{\fBnosync\fR,\fBnometasync\fR,\fBwritemap\fR,\fBmapasync\fR,\fBnordahead\fR} ++ Specify flags for finer-grained control of the LMDB library's operation. diff --cc debian/po/POTFILES.in index 00000000,00000000..07cbdde8 new file mode 100644 --- /dev/null +++ b/debian/po/POTFILES.in @@@ -1,0 -1,0 +1,1 @@@ ++[type: gettext/rfc822deb] slapd.templates diff --cc debian/po/ca.po index 00000000,00000000..120b001f new file mode 100644 --- /dev/null +++ b/debian/po/ca.po @@@ -1,0 -1,0 +1,441 @@@ ++# openldap po-debconf translation to Catalan. ++# This file is distributed under the same license as the openldap package. ++# Innocent De Marchi , 2011-2017. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap 2.4.44+dfsg-4\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-19 19:35+0100\n" ++"Last-Translator: Innocent De Marchi \n" ++"Language-Team: catalan \n" ++"Language: ca_ES\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"X-Generator: Poedit 1.8.11\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Voleu ometre la configuració del servidor OpenLDAP?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Si desactivau aquesta opció, no es generarà la configuració ni la base de " ++"dades inicial." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "sempre" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "quan sigui necessari" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "mai" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Bolcar les bases de dades a un fitxer en fer l'actualització:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Abans d'actualitzar a una nova versió del servidor OpenLDAP, les dades dels " ++"seus directoris LDAP poden desar-se a fitxers de text en el format estàndard " ++"d'intercanvi de dades LDAP («LDAP Data Interchange Format»)." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Seleccionant «sempre» el bolcat de les bases de dades es farà sense " ++"condicions abans de l'actualització. Seleccionant «quan sigui necessari» " ++"només es farà el bolcat de les bases de dades si la nova versió és " ++"incompatible amb el format anterior de les bases de dades i és necessari re-" ++"importar-les. Si seleccionau «mai», no es farà el bolcat." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Directori a fer servir en el bolcat de les bases de dades:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Seleccionau el directori d'exportació de les bases de dades LDAP. En aquest " ++"directori, es generaran diversos fitxers LDIF que es corresponen amb les " ++"bases de dades localitzades en el servidor. Comproveu que hi ha espai lliure " ++"suficient a la partició on està ubicat el directori seleccionat. La primer " ++"aparició de la cadena «VERSION» serà reemplaçada per la versió del servidor " ++"de la qual està actualitzant." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Moure la base de dades anterior?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Hi ha fitxers a «/var/lib/ldap» que probablement interrompran el procés de " ++"configuració. Si activau aquesta opció, el guió de manteniment mourà els " ++"fitxers de les bases de dades anteriors fora del directori anterior abans de " ++"generar una nova base de dades." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Tornar a intentar la configuració?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"La configuració que ha introduït no és vàlida. Comproveu que el nom de " ++"domini DNS és sintàcticament correcte, que el camp del nom de l'organització " ++"està emplenat i que les contrasenyes de l'administrador coincideixen. Si " ++"decideix no tornar a intentar la configuració, el servidor LDAP quedarà " ++"sense configurar. Executi «dpkg-reconfigure slapd» per tornar a intentar-ho " ++"més tard." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "Nom del domini DNS:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"El nom de domini DNS es fa servir per construir el DN base del directori " ++"LDAP. Per exemple, si el vostre nom de domini és «elmeu.domini.org» es " ++"generarà el directori amb el DN base «dc=elmeu, dc=domini, dc=org»" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Nom de l'organització:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Escriviu el nom de l'organització per fer servir en el DN base del directori " ++"LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Contrasenya de l'administrador:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "" ++"Escriviu la contrasenya per l'accés com administrador al vostre directori " ++"LDAP:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Confirmeu la vostra contrasenya:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Introduïu de nou la contrasenya d'administrador per al directori LDAP per " ++"comprovar que s'ha escrit correctament." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Les contrasenyes no coincideixen" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "Les dues contrasenyes no coincideixen. Tornau a provar-ho." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Desitjau que s'elimini la base de dades en purgar el paquet slapd?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "ha fallat «slapcat» durant l'actualització" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "S'ha produït un error en l'actualització del directori LDAP." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"El programa «slapcat» ha fallat en l'extracció del directori LDAP. Aquest " ++"error pot ésser causat per un fitxer de configuració incorrecte (per " ++"exemple, per que faltin línies «moduleload» necessàries pel motor de la base " ++"de dades)" ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Aquest error farà que «slapadd» torni a fallar més endavant. Els fitxers de " ++"la base de dades anterior es mouran a «/var/backups». Si desitjau tornar a " ++"intentar l'actualització, haureu de tornar a moure els fitxers de la base de " ++"dades anterior a la seva ubicació inicial, solucionar la causa de l'error i " ++"tornar a executar:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"A continuació, tornau els arxius de la base de dades a la zona de seguretat " ++"i després intenteu executar «slapadd» des de ${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Configuració de control d'accés de slapd potencialment insegur" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Una o més de les bases de dades configurades té una norma de control d'accés " ++"que permet als usuaris modificar la major part dels seus atributs. Aquest " ++"situació pot ser perillosa, depenent de com s'utilitza la base de dades." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"En el cas que les normes d'accés de slapd comencin per \"to *\", és " ++"recomanable eliminar totes les instàncies a \"by self write\", de manera que " ++"els usuaris només puguin modificar els atributs específicament permesos." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Consulteu «/usr/share/doc/slapd/README.Debian.gz» per a més detalls." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "aturar la instal·lació" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "continua sense tenir en compte" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "" ++"Es recomana l'actualització manual de la directiva de contrasenya («ppolicy»)" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"La nova versió de la superposició de directiva de contrasenya («ppolicy») " ++"requereix que l'esquema defineixi el tipus d'atribut " ++"«pwdMaxRecordedFailure», que no està inclòs en l'esquema actualment en ús. " ++"És recomana aturar ara l'actualització, i actualitzar la directiva de " ++"contrasenya abans d'actualitzar «slapd». Si la replicació està en marxa, " ++"l'actualització de l'esquema s'ha d'aplicar a cada servidor abans de " ++"continuar amb l'actualització." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++"Un s'ha generat un fitxer LDIF amb els canvis necessaris per a " ++"l'actualització:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"per que si «slapd» fa servir les regles d'accés predeterminades, aquests " ++"canvis es poden fer efectius (després d'iniciar «slapd») fent servir l'ordre:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"En canvi, si decidiu continuar amb la instal·lació, el nou tipus d'atribut " ++"s'afegirà automàticament, però el canvi no es veurà afectat per les " ++"superposicions de «slapd», i la replicació amb altres servidors es pot veure " ++"afectada." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Motor de base de dades a fer servir:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB i BDB fan servir formats d'emmagatzematge semblants, però HDB permet " ++#~ "fer canvis de nom dels subarbres. Tots dos tenen les mateixes opcions de " ++#~ "configuració." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "El motor MDB és el recomanat. MDB fa servir un nou format " ++#~ "d'emmagatzematge i requereix menys tasques de configuració que BDB o HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "En qualsevol cas, heu de revisar la configuració de base de dades " ++#~ "resultant per ajustar-la a les vostres necessitats. Consulteu «/usr/share/" ++#~ "doc/slapd/README.Debian.gz» per a més detalls." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Desitjau permetre el protocol LDAPv2?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "El protocol obsolet LDAPv2 està desactivat per defecte a slapd. Els " ++#~ "programes i usuaris haurien d'actualitzar-se a LDAPv3. Si teniu " ++#~ "programes antics que no poden fer servir LDAPv3, seleccioneu aquesta " ++#~ "opció i s'afegirà l'opció «allow bind_v2» al vostre fitxer de " ++#~ "configuració slapd.conf." diff --cc debian/po/cs.po index 00000000,00000000..325a1b0b new file mode 100644 --- /dev/null +++ b/debian/po/cs.po @@@ -1,0 -1,0 +1,500 @@@ ++# ++# Translators, if you are not familiar with the PO format, gettext ++# documentation is worth reading, especially sections dedicated to ++# this format, e.g. by running: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# ++# Some information specific to po-debconf are available at ++# /usr/share/doc/po-debconf/README-trans ++# or http://www.debian.org/intl/l10n/po-debconf/README-trans ++# ++# Developers do not need to manually edit POT or PO files. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-22 11:49+0100\n" ++"Last-Translator: Miroslav Kure \n" ++"Language-Team: Czech \n" ++"Language: cs\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Přeskočit nastavení OpenLDAP serveru?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Přistoupíte-li na tuto možnost, nevytvoří se databáze ani počáteční " ++"nastavení." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "vždy" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "v případě potřeby" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "nikdy" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Při aktualizaci uložit databáze do souboru:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Před aktualizací na novější verzi serveru OpenLDAP se mohou data z LDAP " ++"adresářů vyexportovat do textových souborů ve formátu LDAP Data Interchange " ++"Format, což je standardizovaný formát pro popis těchto dat." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Výběrem „“vždy“ zajistíte, že se databáze vyexportují do souborů před každou " ++"aktualizací. Volba „v případě potřeby“ znamená, že se databáze vyexportují " ++"pouze v případě, že je formát nové databáze nekompatibilní s předchozí verzí " ++"a tudíž je potřeba data znovu nahrát. Zvolíte-li „nikdy“, data se nebudou " ++"exportovat." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Adresář pro exportované databáze:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Zadejte prosím adresář, do kterého se budou exportovat LDAP databáze. V " ++"tomto adresáři se vytvoří několik LDIF souborů odpovídajících kořenům LDAP " ++"adresářů na daném serveru. Ujistěte se, že máte na dané oblasti dostatek " ++"místa. První výskyt řetězce \"VERSION\" se nahradí verzí LDAP serveru, ze " ++"kterého aktualizujete na novější verzi." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Přesunout starou databázi?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Ve /var/lib/ldap jsou stále soubory, které pravděpodobně naruší instalační " ++"proces. Budete-li souhlasit, instalační skripty před vytvořením nové " ++"databáze nejprve přesunou staré databázové soubory na jiné místo." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Zopakovat nastavení?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"Zadané nastavení není platné. Ujistěte se, že máte doménové jméno (DNS) ve " ++"správném formátu, že je vyplněné pole pro organizaci a že administrátorská " ++"hesla souhlasí. Jestliže znovu nespustíte tohoto průvodce, LDAP server " ++"nebude nakonfigurován. Budete-li chtít balík nastavit později, použijte " ++"příkaz „dpkg-reconfigure slapd“." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "DNS název domény:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"Název domény se používá pro vytvoření základního DN vašeho LDAP adresáře. " ++"Například zadáním „foo.bar.cz“ se vytvoří adresář se základním DN „dc=foo, " ++"dc=bar, dc=cz“." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Název organizace:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Zadejte prosím jméno organizace, které se použije v základním DN vašeho LDAP " ++"adresáře." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Administrátorské heslo:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "Zadejte prosím heslo pro administrátorský záznam v LDAP adresáři." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Potvrzení hesla:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Zadejte prosím znovu administrátorské heslo k LDAP adresáři, abyste se " ++"ujistili, že jste jej zadali správně." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Hesla nesouhlasí" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "Zadaná hesla nejsou stejná. Zkuste to znovu." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Chcete při vyčištění balíku slapd ze systému smazat i databázi?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "slapcat během aktualizace selhal" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Při pokusu o aktualizaci LDAP adresáře se vyskytla chyba." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"Program „slapcat“ selhal. Tuto chybu může způsobit třeba chybný konfigurační " ++"soubor. (Například pokud chybí příslušné řádky „moduleload“ pro backend " ++"databáze, která uchovává obsah LDAP adresáře.)" ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Tato chyba později způsobí také selhání příkazu „slapadd“. Staré databázové " ++"soubory budou přesunuty do /var/backups. Budete-li chtít později zkusit " ++"provést tuto aktualizaci znovu, přesuňte staré databázové soubory zpět na " ++"jejich původní místo, spravte příčinu toho, proč slapcat selhal a spusťte:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Poté přesuňte databázové soubory zpět mezi zálohy a zkuste spustit slapadd z " ++"${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Potenciálně nebezpečné nastavení přístupu slapd" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Jedna nebo více nakonfigurovaných databází obsahuje pravidlo, které umožňuje " ++"uživatelům měnit většinu jejich vlastních atributů. V závislosti na způsobu " ++"používání databáze to může být nebezpečné." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"V případě přístupových pravidel slapd začínajících „to *“ je doporučeno " ++"odstranit výskyty „by self write“, aby uživatelé mohli měnit pouze " ++"explicitně povolené atributy." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Více informací naleznete v /usr/share/doc/slapd/README.Debian.gz." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "přerušit instalaci" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "přesto pokračovat" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Je doporučeno aktualizovat ppolicy schéma ručně" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"Nová verze politiky hesel (ppolicy) vyžaduje, aby schéma definovalo typ " ++"atributu pwdMaxRecordedFailure, který není v aktuálně používaném schématu " ++"přítomný. Doporučujeme nyní přerušit aktualizaci a aktualizovat ppolicy " ++"schéma ručně před samotnou aktualizací slapd. Pokud využíváte replikaci, " ++"měli byste před pokračováním aktualizovat schéma na všech serverech." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "Byl vytvořen LDIF soubor se změnami potřebnými pro aktualizaci:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"pokud slapd používá výchozí přístupová oprávnění, můžete změny aplikovat " ++"příkazem (po spuštění slapd):" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Jestliže se rozhodnete pokračovat v instalaci, bude nový typ atributu přidán " ++"automaticky, avšak slapd overlaye tuto změnu nezaregistrují a může to mít " ++"vliv i na replikaci s ostatními servery." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Databázový backend:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB i BDB ukládají data obdobně, ale HDB přidává podporu pro přejmenování " ++#~ "podstromů. Oba backendy podporují stejné konfigurační parametry." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "Doporučenou volbou je backend MDB. MDB používá nový formát úložiště a " ++#~ "vyžaduje méně nastavování než BDB enbo HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "Ve všech případech byste měli zkontrolovat, zda nastavení databáze " ++#~ "odpovídá vašim potřebám. Více informací naleznete v souboru /usr/share/" ++#~ "doc/slapd/README.Debian.gz." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Povolit protokol LDAPv2?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "Zastaralý protokol LDAPv2 je nyní v slapd implicitně zakázán. Programy i " ++#~ "uživatelé by měli přejít na LDAPv3. Máte-li staré programy, které " ++#~ "nezvládají LDAPv3, povolte tuto možnost, což do souboru slapd.conf přidá " ++#~ "řádek „allow bind_v2“." ++ ++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand" ++#~ msgstr "slurpd je zastaralý, repliky se musí znovu nastavit ručně" ++ ++#~ msgid "" ++#~ "One or more slurpd \"replica\" options were found in your slapd config " ++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, " ++#~ "you will need to migrate your replicas to use the syncrepl protocol " ++#~ "instead." ++#~ msgstr "" ++#~ "Při aktualizaci byla v konfiguračním souboru slapd nalezena nejméně jedna " ++#~ "volba „replica“ pro slurpd. Protože je slurpd od OpenLDAPu verze 2.4 " ++#~ "překonaný, budete muset své repliky převést, aby místo toho používaly " ++#~ "protokol syncrepl." ++ ++#~ msgid "" ++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be " ++#~ "done automatically and you will need to configure your replica servers by " ++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for " ++#~ "details." ++#~ msgstr "" ++#~ "Konverzi ze slurpd na protokol syncrepl (založený na technologii pull) " ++#~ "nelze provést automaticky a budete muset své replikační servery nastavit " ++#~ "ručně. Podrobnosti naleznete na http://www.openldap.org/doc/admin24/" ++#~ "syncrepl.html." ++ ++#~ msgid "TLSCipherSuite values have changed" ++#~ msgstr "Hodnota TLSCipherSuite se změnila" ++ ++#~ msgid "" ++#~ "A \"TLSCipherSuite\" option was found in your slapd config when " ++#~ "upgrading. The values allowed for this option are determined by the SSL " ++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a " ++#~ "result, your existing TLSCipherSuite setting will not work with this " ++#~ "package." ++#~ msgstr "" ++#~ "Při aktualizaci byla ve vašem konfiguračním souboru programu slapd " ++#~ "nalezena volba „TLSCipherSuite“. Přípustné hodnoty, které můžete v této " ++#~ "volbě použít, jsou určeny použitou implementací SSL. Ta se změnila z " ++#~ "OpenSSL na GnuTLS, což znamená, že stávající nastavení TLSCipherSuite " ++#~ "nebude s tímto balíkem fungovat." ++ ++#~ msgid "" ++#~ "This setting has been automatically commented out for you. If you have " ++#~ "specific encryption needs that require this option to be re-enabled, see " ++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of " ++#~ "ciphers supported by GnuTLS." ++#~ msgstr "" ++#~ "Toto nastavení bylo automaticky zakomentováno. Máte-li speciální " ++#~ "požadavky, které vyžadují opětovné zapnutí této volby, zjistěte si prosím " ++#~ "seznam šifer podporovaných v GnuTLS (např. příkazem „gnutls-cli -l“, " ++#~ "který se nachází v balíku gnutls-bin)." ++ ++#~ msgid "Back up current database and create a new one?" ++#~ msgstr "Zazálohovat stávající databázi a vytvořit novou?" ++ ++#~ msgid "" ++#~ "The directory suffix (domain) you specified doesn't match the one " ++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires " ++#~ "moving aside the current LDAP database and creating a new one. Please " ++#~ "confirm whether you want to back up and abandon the current database." ++#~ msgstr "" ++#~ "Zadali jste příponu adresáře (doménu), která neodpovídá té v souboru /etc/" ++#~ "ldap/slapd.conf. Změna přípony adresáře vyžaduje odsunutí stávající LDAP " ++#~ "databáze a vytvoření nové. Potvrďte prosím, zda chcete zazálohovat a " ++#~ "opustit stávající databázi." diff --cc debian/po/da.po index 00000000,00000000..a0a492e6 new file mode 100644 --- /dev/null +++ b/debian/po/da.po @@@ -1,0 -1,0 +1,416 @@@ ++# Danish translation openldap. ++# Copyright (C) 2017 openldap & nedenstående oversættere. ++# This file is distributed under the same license as the openldap package. ++# Claus Hindsgaul , 2005, 2006. ++# Joe Hansen , 2010, 2014, 2017. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-10 05:26+0100\n" ++"Last-Translator: Joe Hansen \n" ++"Language-Team: Danish \n" ++"Language: da\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Undlad opsætning af OpenLDAP-server?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Hvis du aktiverer denne indstilling, vil der ikke blive oprettet en " ++"begyndelsesopsætning eller -database for dig." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "altid" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "når nødvendigt" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "aldrig" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Læg databaser i fil ved opgradering:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Inden du opgraderer til en ny version af OpenLDAP-serveren, kan dine LDAP-" ++"mappers data blive lagt som rene tekstfiler i formatet LDAP Data Interchange." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Angivelse af »altid«, vil få databaserne til at blive dumpet uden " ++"betingelser før en opgradering. Valg af »når nødvendigt« vil kun dumpe " ++"databasen, hvis den nye version er inkompatibel med det gamle " ++"databaseformat, og den skal genimporteres. Hvis du vælger »aldrig«, vil der " ++"ikke blive udført en dumpning." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Mappe til de dumpede databaser:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Angiv den mappe, LDAP-databasen skal eksporteres til. I denne mappe vil der " ++"blive oprettet adskillige LDIF-filer, som svarer til den søgedatabase, der " ++"ligger på serveren. Sørg for at du har nok fri plads på den partition, " ++"mappen ligger på. Første forekomst af strengen »VERSION« erstattes med den " ++"serverversion, du opgraderer fra." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Flyt gammel database?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Der er stadig filer i /var/lib/ldap, som sikkert vil forstyrre " ++"opsætningsprocessen. Hvis du aktiverer denne indstilling, vil " ++"vedligeholdelsesskriptene flytte de gamle filer, før de opretter en ny " ++"database." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Gentag opsætningen?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"Den opsætning, du har angivet, er ikke gyldig. Sørg for at DNS-domænenavnet " ++"har en gyldig syntaks, at organisationen er udfyldt, og at administrator-" ++"adgangskoderne er ens. Hvis du vælger ikke at gentage opsætningen af LDAP-" ++"serveren, vil den ikke blive sat op. Kør 'dpkg-reconfigure slapd', hvis du " ++"vil prøve igen senere." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "DNS-domænenavn:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"Domænenavnet bruges til at opbygge basis-DN for din LDAP-mappe. For eksempel " ++"vil 'foo.eksempel.org' oprette mappen med 'dc=foo, dc=eksempel, dc=org' som " ++"basis-DN." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Organisationsnavn:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Indtast venligst navnet på organisationen som skal bruges i basis-DN'en på " ++"din LDAP-mappe." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Administratoradgangskode:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "Angiv administratoropslagets adgangskode i din LDAP-mappe." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Bekræft administratoradgangskode:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Indtast venligst administratoradgangskoden på din LDAP-mappe igen for at " ++"bekræfte, at du har tastet den korrekt." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Adgangskoderne var ikke ens" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "De to adgangskoder, du indtastede, var ikke ens. Prøv igen." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Ønsker du at databasen bliver fjernet, når slapd bliver afinstalleret?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "slapcatfejl under opgraderingen" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Der opstod en fejl under opgradering af din LDAP-mappe." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"Programmet 'slapcat' fejlede under udtrækning af LDAP-mappen. Fejlen kan " ++"skyldes en fejlbehæftet opsætningsfil (f.eks. kan de korrekte " ++"'moduleloadlinjer' til understøttelse af din motors database mangle)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Denne fejl vil også senere få 'slapadd' til at fejle. De gamle databasefiler " ++"er ved at blive flyttet til /var/backups. Hvis du vil forsøge denne " ++"opgradering igen, så flyt de gamle databasefiler tilbage, ret den fejl, der " ++"fik slapcat til at fejle, og kør:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Flyt derefter databasefilerne tilbage til et sikkerhedskopiområde, og prøv " ++"at køre slapadd fra ${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Potentiel usikker slapd-adgangskontrolkonfiguration" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"En eller flere af de konfigurerede databaser har en adgangskontrolregel, som " ++"giver brugere mulighed for at ændre deres egne attributter. Dette kan være " ++"usikkert, afhængig af hvordan databasen bruges." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"I tilfældet med slapd-adgangsregler som begynder med »to *«, anbefales det " ++"at fjerne alle instanser af »by self write«, så at brugerne kun kan ændre " ++"specifikt tilladte attributter." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Se /usr/share/doc/slapd/README.Debian.gz for yderligere detaljer." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "afbryd installation" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "fortsæt alligevel" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Manuel ppolicy-skemaopdatering anbefales" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"Den nye version af Password Policy-dækket (ppolicy) kræver skemaet for at " ++"definere attributtypen pwdMaxRecordedFailure, som ikke er til stede i " ++"skemaet i brug i øjeblikket. Det anbefales at afbryde opgraderingen nu, og " ++"opdatere ppolicy-skemaet før opgradering af slapd. Hvis replikering er i " ++"brug, så skal skemaopdateringen bruges på alle servere før opgraderingen " ++"fortsættes." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++"En LDIF-fil er blevet oprettet med ændringerne krævet for opgraderingen:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"så hvis slapd bruger standardreglerne for adgangskontrol, så kan disse " ++"ændringer anvendes (efter start af slapd) ved at bruge kommandoen:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Hvis du i stedet for vælger at fortsætte installationen, så vil den nye " ++"attributtype blive tilføjet automatisk, men der vil ikke blive handlet på " ++"ændringen af slapd-overdækker, og replikering med andre servere kan blive " ++"påvirket." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Databasemotor at bruge:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB og BDB bruger lignende lagerformater, men HDB tilføjer understøttelse " ++#~ "af omdøbning af undertræer. Begge understøtter de samme " ++#~ "konfigurationsindstillinger." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "MDB-motoren anbefales. MDB bruger et nyt lagerformat og kræver mindre " ++#~ "konfiguration end BDB eller HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "Uanset hvad bør du gennemse databasekonfigurationen for dine behov. Se /" ++#~ "usr/share/doc/slapd/README.Debian.gz for yderligere detaljer." diff --cc debian/po/de.po index 00000000,00000000..a06987e1 new file mode 100644 --- /dev/null +++ b/debian/po/de.po @@@ -1,0 -1,0 +1,516 @@@ ++# Translation of openldap debconf templates to German ++# Copyright (C) Helge Kreutzmann , 2006-2008, 2010, 2014, 2017. ++# This file is distributed under the same license as the openldap package. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap 2.4.44+dfsg-4\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-15 14:12+0100\n" ++"Last-Translator: Helge Kreutzmann \n" ++"Language-Team: de \n" ++"Language: de\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "OpenLDAP-Server-Konfiguration auslassen?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Falls Sie diese Option aktivieren, wird keine Startkonfiguration oder " ++"Datenbank für Sie erstellt." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "immer" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "wenn benötigt" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "nie" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Datenbank beim Upgrade in Datei ausgeben (»dump«):" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Bevor Sie ein Upgrade auf eine neue Version des OpenLDAP-Servers " ++"durchführen, können die Daten Ihres LDAP-Verzeichnisses in reine Text-" ++"Dateien im standardisierten »LDAP Data Interchange Format« ausgegeben werden." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Die Auswahl von »immer« führt dazu, dass die Datenbanken bedingungslos vor " ++"Upgrades ausgegeben werden. Die Auswahl von »wenn benötigt« führt dazu, dass " ++"die Datenbank nur ausgegeben wird, falls die neue Version nicht mit dem " ++"alten Datenbankformat kompatibel ist und die Datenbank re-importiert werden " ++"muss. Die »nie«-Auswahl führt dazu, dass keine Ausgabe der Daten erfolgt." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Verzeichnis für Datenbank-Ausgaben (»dumps«):" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Bitte geben Sie ein Verzeichnis an, in das die Datenbanken exportiert " ++"werden. Innerhalb dieses Verzeichnisses werden mehrere LDIF-Dateien " ++"erstellt, die zu den im Server befindlichen Suchbasen korrespondieren. " ++"Stellen Sie sicher, dass Sie genug freien Platz auf der Partition haben, auf " ++"der sich das Verzeichnis befindet. Das erste Auftreten der Zeichenkette " ++"»VERSION« wird durch die Server-Version ersetzt, von der aus Sie das Upgrade " ++"durchführen." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Alte Datenbank verschieben?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Es sind noch Dateien in /var/lib/ldap, die wahrscheinlich den " ++"Konfigurationsprozess durcheinander bringen werden. Wird diese Option " ++"aktiviert, dann werden die Betreuerskripte die alten Datenbankdateien " ++"beiseite schieben, bevor sie eine neue Datenbank erstellen." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Konfiguration erneut versuchen?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"Die von Ihnen eingegebene Konfiguration ist ungültig. Stellen Sie sicher, " ++"dass der DNS-Domainname einer gültigen Syntax folgt, das Feld für die " ++"Organisation nicht leer geblieben ist und dass die Administratorpasswörter " ++"übereinstimmen. Falls Sie sich entscheiden, die Konfiguration nicht erneut " ++"zu versuchen, wird der LDAP-Server nicht eingerichtet. Führen Sie »dpkg-" ++"reconfigure slapd« aus, falls Sie die Konfiguration später erneut versuchen " ++"wollen." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "DNS-Domainname:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"Der DNS-Domainname wird zur Erzeugung des Basis-DN Ihres LDAP-Verzeichnisses " ++"verwendet. Zum Beispiel erstellt »foo.example.org« das Verzeichnis mit der " ++"Basis-DN »dc=foo, dc=example, dc=org«." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Name der Organisation:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Bitte geben Sie den Namen der Organisation ein, die im Basis-DN Ihres LDAP-" ++"Verzeichnisses verwendet werden soll." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Administrator-Passwort:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "" ++"Bitte geben Sie das Passwort für den Administrator-Eintrag in Ihrem LDAP-" ++"Verzeichnis ein." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Passwort bestätigen:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Bitte geben Sie das Passwort für den Administrator-Eintrag Ihres LDAP-" ++"Verzeichnisses nochmal ein, um sicher zu gehen, dass Sie es richtig " ++"eingegeben haben." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Passwörter stimmen nicht überein" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "" ++"Die beiden eingegebenen Passwörter sind nicht gleich. Bitte versuchen Sie es " ++"noch einmal." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "" ++"Soll die Datenbank entfernt werden, wenn slapd vollständig gelöscht wird?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "slapcat-Fehlschlag beim Upgrade" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "" ++"Während des Versuchs, ein Upgrade des LDAP-Verzeichnisses durchzuführen, " ++"trat ein Fehler auf." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"Das Programm »slapcat« schlug beim Versuch, das LDAP-Verzeichnis zu " ++"extrahieren, fehl. Dies könnte durch eine inkorrekte Konfigurationsdatei " ++"verursacht worden sein (beispielsweise fehlende »moduleload«-Zeilen, um die " ++"Backend-Datenbank zu unterstützen)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Dieser Fehlschlag wird später dazu führen, dass auch »slapadd« fehlschlägt. " ++"Die alten Datenbankdateien werden jetzt nach /var/backups verschoben. Falls " ++"Sie dieses Upgrade erneut versuchen wollen, sollten Sie die alten " ++"Datenbankdateien wieder zurück an ihren Platz verschieben, den Grund für den " ++"Fehlschlag von slapcat beheben und folgendes ausführen:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Verschieben Sie dann die Datenbankdateien zurück in den Sicherungsbereich " ++"und versuchen Sie, Slapadd von ${location} auszuführen." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Möglicherweise unsichere Slapd-Zugriffssteuerkonfiguration" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Eine oder mehrere der konfigurierten Datenbanken hat eine " ++"Zugriffssteuerregel, die Benutzern erlaubt, die meisten ihrer eigenen " ++"Konfigurationsoptionen zu verändern. Dies kann unsicher sein, abhängig " ++"davon, wie die Datenbank verwandt wird." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"Im Falle der mit »to *« beginnenden Slapd-Zugriffsregeln, wird empfohlen, " ++"alle Instanzen von »by self write« zu entfernen, so dass Benutzer nur in der " ++"Lage sind, speziell erlaubte Attribute zu ändern." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Lesen Sie /usr/share/doc/slapd/README.Debian.gz für weitere Details." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "Installation abbrechen" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "Trotzdem fortfahren" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Manuelle Aktualisierung des Ppolicy-Schematas empfohlen" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"Die neue Version der Passwort-Richtlinien-Einblendung (Ppolicy) verlangt, " ++"dass im Schema der Attributstyp pwdMaxRecordedFailure definiert wird, der im " ++"aktuell benutzten Schema nicht vorhanden ist. Es wird empfohlen, die " ++"Aktualisierung jetzt abzubrechen und das Ppolicy-Schema zu aktualisieren, " ++"bevor das Upgrade von Slapd durchgeführt wird. Falls Replizierung verwandt " ++"wird, sollte die Schema-Aktualisierung auf jedem Server angewandt werden, " ++"bevor mit dem Upgrade fortgefahren wird." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++"Eine LDIF-Datei wurde mit den für das Upgrade benötigten Änderungen erstellt:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"Falls Slapd daher die Standardzugriffssteuerungsregeln verwendet, können " ++"diese Änderungen (nach dem Start von Slapd) mittels des folgenden Befehls " ++"angewandt werden:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Falls Sie sich stattdessen entscheiden, mit der Installation fortzufahren, " ++"wird der neue Attributstyp automatisch hinzugefügt, aber auf die Änderung " ++"wird nicht durch die Slapd-Überblendungen reagiert und die Replizierung mit " ++"anderen Servern könnte betroffen sein." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Zu verwendendes Datenbank-Backend:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB und BDB verwenden ähnliche Speicherformate, aber HDB enthält " ++#~ "zusätzlich Unterstützung für Teilbaum-Umbenennungen. Beide unterstützen " ++#~ "die gleichen Konfigurationsoptionen." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "Das MDB-Backend wird empfohlen. MDB verwendet ein neues Speicherformat " ++#~ "und benötigt weniger Konfiguration als BDB oder HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "In jedem Fall sollten Sie die erstellte Datenbankkonfiguration im " ++#~ "Hinblick auf Ihre Anforderungen prüfen. Lesen Sie /usr/share/doc/slapd/" ++#~ "README.Debian.gz für weitere Details." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "LDAPv2-Protokoll erlauben?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "Das veraltete LDAPv2-Protokoll ist standardmäßig in slapd deaktiviert. " ++#~ "Programme und Benutzer sollten ein Upgrade auf LDAPv3 durchführen. Falls " ++#~ "Sie alte Programme haben, die LDAPv3 nicht benutzen können, sollten Sie " ++#~ "diese Option wählen und »allow bind_v2« wird zu der Datei slapd.conf " ++#~ "hinzugefügt." ++ ++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand" ++#~ msgstr "Slurpd ist veraltet; Replikas müssen von Hand rekonfiguriert werden" ++ ++#~ msgid "" ++#~ "One or more slurpd \"replica\" options were found in your slapd config " ++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, " ++#~ "you will need to migrate your replicas to use the syncrepl protocol " ++#~ "instead." ++#~ msgstr "" ++#~ "In Ihrer Konfiguration wurde beim Upgrade eine oder mehrere »replica«-" ++#~ "Optionen gefunden. Da slurpd beginnend mit OpenLDAP 2.4 veraltet ist, " ++#~ "müssen Sie Ihre Repliken auf die Verwendung des Syncrepl-Protokolls " ++#~ "migrieren." ++ ++#~ msgid "" ++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be " ++#~ "done automatically and you will need to configure your replica servers by " ++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for " ++#~ "details." ++#~ msgstr "" ++#~ "Die Umstellung von slurpd auf das »pull«-basierte Syncrepl-Protokoll kann " ++#~ "nicht automatisch geschehen und Sie müssen Ihre Repliken-Server von Hand " ++#~ "konfigurieren. Bitte lesen Sie http://www.openldap.org/doc/admin24/" ++#~ "syncrepl.html für Details." ++ ++#~ msgid "TLSCipherSuite values have changed" ++#~ msgstr "TLSCipherSuite-Werte haben sich geändert" ++ ++#~ msgid "" ++#~ "A \"TLSCipherSuite\" option was found in your slapd config when " ++#~ "upgrading. The values allowed for this option are determined by the SSL " ++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a " ++#~ "result, your existing TLSCipherSuite setting will not work with this " ++#~ "package." ++#~ msgstr "" ++#~ "Eine Option »TLSCipherSuite« wurde beim Upgrade in Ihrer Slapd-" ++#~ "Konfiguration gefunden. Die erlaubten Werte hierfür hängen von der " ++#~ "verwendeten SSL-Implementation ab, die von OpenSSL auf GnuTLS geändert " ++#~ "wurde. Im Ergebnis werden Ihre existierenden TLSCipherSuite-Einstellungen " ++#~ "nicht mit diesem Paket funktionieren." ++ ++#~ msgid "" ++#~ "This setting has been automatically commented out for you. If you have " ++#~ "specific encryption needs that require this option to be re-enabled, see " ++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of " ++#~ "ciphers supported by GnuTLS." ++#~ msgstr "" ++#~ "Diese Einstellung wurde für Sie automatisch auskommentiert. Falls Sie " ++#~ "spezielle Anforderung an die Verschlüsselung haben, bei denen diese " ++#~ "Option wieder aktiviert werden muss, lesen Sie die Ausgabe von »gnutls-" ++#~ "cli -l« aus dem Paket Gnutls-bin für die Liste der von GnuTLS " ++#~ "unterstützen Chiffren." ++ ++#~ msgid "Back up current database and create a new one?" ++#~ msgstr "Die aktuelle Datenbank sichern und eine neue erstellen?" ++ ++#~ msgid "" ++#~ "The directory suffix (domain) you specified doesn't match the one " ++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires " ++#~ "moving aside the current LDAP database and creating a new one. Please " ++#~ "confirm whether you want to back up and abandon the current database." ++#~ msgstr "" ++#~ "Die von Ihnen angegebene Verzeichnisendung (Domain) passt nicht zu der " ++#~ "aktuell in /etc/ldap/slapd.conf eingetragenen. Eine Änderung der " ++#~ "Verzeichnisendung verlangt, dass die aktuelle LDAP-Datenbank beiseite " ++#~ "geschoben und eine neue erstellt wird. Bitte bestätigen Sie, ob Sie die " ++#~ "aktuelle Datenbank sichern und aufgeben wollen." diff --cc debian/po/es.po index 00000000,00000000..3eaeebfb new file mode 100644 --- /dev/null +++ b/debian/po/es.po @@@ -1,0 -1,0 +1,429 @@@ ++# openldap po-debconf translation to Spanish ++# Copyright 2006 Rudy Godoy ++# Copyright 2008 Steve Langasek ++# Copyright (C) 2009, 2010 Software in the Public Interest ++# This file is distributed under the same license as the openldap package. ++# ++# Changes: ++# - Initial translation ++# Rudy Godoy , 2006 ++# ++# - Reviewer ++# Javier Fernandez-Sanguino ++# ++# - Updates ++# Steve Langasek , 2008 ++# Francisco Javier Cuadrado , 2009, 2010 ++# Camaleón , 2014, 2020 ++# ++# Traductores, si no conocen el formato PO, merece la pena leer la ++# documentación de gettext, especialmente las secciones dedicadas a este ++# formato, por ejemplo ejecutando: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# ++# Equipo de traducción al español, por favor lean antes de traducir ++# los siguientes documentos: ++# ++# - El proyecto de traducción de Debian al español ++# http://www.debian.org/intl/spanish/coordinacion ++# especialmente las notas de traducción en ++# http://www.debian.org/intl/spanish/notas ++# ++# - La guía de traducción de po's de debconf: ++# /usr/share/doc/po-debconf/README-trans ++# o http://www.debian.org/intl/l10n/po-debconf/README-trans ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap 2.4.23-3exp1\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2020-04-14 07:14+0000\n" ++"Last-Translator: Camaleón \n" ++"Language-Team: Debian Spanish \n" ++"Language: es\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=utf-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "¿Desea omitir la configuración del servidor OpenLDAP?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"No se creará la configuración ni la base de datos inicial si habilita esta " ++"opción." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "siempre" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "cuando se necesite" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "nunca" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Volcar las bases de datos a un fichero al actualizar:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Antes de que actualice a una nueva versión del servidor OpenLDAP, se puede " ++"volcar la información de sus directorios LDAP en ficheros de texto plano en " ++"el formato estandarizado «LDAP Data Interchange Format» (formato de " ++"intercambio de datos de LDAP)." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Si selecciona «siempre» se volcarán sus bases de datos de forma " ++"incondicional antes de cada actualización. Si selecciona «cuando se " ++"necesite» sólo se hará un volcado si la nueva versión es incompatible con el " ++"formato de la base de datos antigua y la información se debe volver a " ++"importar. Si selecciona «nunca» no se hará ningún volcado." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Directorio donde volcar las bases de datos:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Especifique el directorio donde se exportarán las bases de datos de LDAP. En " ++"éste se crearán diversos ficheros LDIF que corresponden a las bases de datos " ++"ubicadas en el servidor. Asegúrese de que tiene suficiente espacio libre en " ++"la partición donde se ubica el directorio. La primera ocurrencia de la " ++"cadena «VERSION» se reemplaza con la versión del servidor desde la cual va a " ++"actualizar." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "¿Desea mover la base de datos antigua?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Existen ficheros en «/var/lib/ldap» que probablemente interrumpan el proceso " ++"de configuración. Si activa esta opción, se moverán los ficheros de las " ++"bases de datos antiguas antes de crear una nueva base de datos." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "¿Desea volver a intentar la configuración?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"La configuración que ha introducido no es válida. Asegúrese de que el nombre " ++"de dominio DNS es válido, que el campo de la organización no está en blanco " ++"y que las claves del administrador coinciden. El servidor LDAP quedará sin " ++"configurar si decide no volver a intentar la configuración. Ejecute «dpkg-" ++"reconfigure slapd» si desea volver a intentarlo más tarde." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "Introduzca el nombre de dominio DNS:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"El nombre de dominio DNS se utiliza para construir el DN base del directorio " ++"LDAP. Por ejemplo, si introduce «foo.example.org» el directorio se creará " ++"con un DN base de «dc=foo, dc=example, dc=org»." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Nombre de la organización:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Introduzca el nombre de la organización a utilizar en el DN base del " ++"directorio LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Contraseña del administrador:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "" ++"Introduzca la contraseña para la entrada de administrador de su directorio " ++"LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Confirme la contraseña:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Introduzca de nuevo la misma contraseña de administrador para su directorio " ++"LDAP para verificar que la introdujo correctamente." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Las contraseñas no coinciden" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "" ++"Las dos contraseñas que ha introducido son distintas. Inténtelo de nuevo." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "" ++"¿Desea que se borre la base de datos cuando se purgue el paquete slapd?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "fallo de slapcat durante la actualización" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Se produjo un error mientras se actualizaba su directorio LDAP." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"El programa «slapcat» falló mientras extraía el directorio LDAP. Este fallo " ++"puede deberse a un fichero de configuración incorrecto (por ejemplo, que " ++"falte alguna línea «moduleload» necesaria para el motor del base de datos)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Este fallo hará que también falle «slapadd» más adelante. Se van a mover los " ++"ficheros de la base de datos antigua a «/var/backups». Si desea volver a " ++"intentar la actualización debe mover los ficheros de la base de datos a su " ++"ubicación normal, arreglar lo que hizo que fallara «slapcat» y ejecutar:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Mueva los ficheros de la base de datos de nuevo al área de la copia de " ++"seguridad e intente ejecutar «slapadd» desde «${location}»." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Configuración potencialmente insegura en el control de acceso de slapd" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Una o varias de las bases de datos configuradas contiene una regla de " ++"control de acceso que permite a los usuarios modificar la mayoría de sus " ++"propios atributos. Esta configuración puede ser insegura dependiendo de cómo " ++"se utilice la base de datos." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"Se recomienda que elimine cualquier instancia «by self write» en las reglas " ++"de acceso de slapd que empiecen con «to *» para que los usuarios sólo puedan " ++"modificar los atributos que se hayan permitido expresamente." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Consulte «/usr/share/doc/slapd/README.Debian.gz» para más detalles." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "cancelar la instalación" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "continuar de todas formas" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Se recomienda actualizar manualmente el esquema ppolicy" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"La nueva versión de la superposición Password Policy (ppolicy) requiere que " ++"el esquema defina el tipo de atributo PwdMaxRecordedFailure, no disponible " ++"en el esquema que está actualmente en uso. Se recomienda cancelar la " ++"instalación ahora y actualizar el esquema ppolicy antes de actualizar la " ++"versión de slapd. Si usa la replicación, debe aplicar la actualización del " ++"esquema en cada servidor antes de continuar con la actualización de la " ++"versión." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++"Se ha generado un archivo LDIF con los cambios requeridos para la " ++"actualización:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"por lo que si slapd utiliza las reglas de control de acceso predeterminadas, " ++"puede aplicar estos cambios (después de iniciar slapd) utilizando la orden:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Si decide continuar con la instalación, se añadirá el nuevo tipo de atributo " ++"automáticamente, pero el cambio no afectará a las superposiciones de slapd, " ++"lo que podría afectar a la replicación con otros servidores." diff --cc debian/po/eu.po index 00000000,00000000..74a65ed6 new file mode 100644 --- /dev/null +++ b/debian/po/eu.po @@@ -1,0 -1,0 +1,436 @@@ ++# Basque translation for openldap_2.4.40-2_eu.po ++# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER ++# This file is distributed under the same license as the PACKAGE package. ++# ++# Piarres Beobide , 2008. ++# Iñaki Larrañaga Murgoitio , 2010, 2014, 2017. ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap_2.4.40-2_eu\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-10 12:14+0100\n" ++"Last-Translator: Iñaki Larrañaga Murgoitio \n" ++"Language-Team: Basque \n" ++"Language: eu\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"X-Generator: Lokalize 1.5\n" ++"Plural-Forms: nplurals=2; plural=(n != 1);\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Ez konfiguratu OpenLDAP zerbitzaria?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Aukera hau gaitzen baduzu, ez da hasierako konfigurazio edo datu-baserik " ++"sortuko." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "beti" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "beharrezkoa denean" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "inoiz ere ez" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Irauli datu-baseak fitxategi batetara bertsio-berritzean:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"OpenLDAP zerbitzariaren bertsio berri batetara bertsio-berritu aurretik, " ++"zure LDAP direktorioak testu lau fitxategietara irauliko dira LDAPen datuen " ++"elkartrukatzeko formatu estandarra erabiliz." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"\"Beti\" hautatzean, datu-baseak baldintzarik gabe irauliko dira bertsio-" ++"berritze baten aurretik. \"Beharrezkoa denean\" hautatuz, bertsio berria " ++"datu-base zaharraren formatuarekin bateragarria ez denean eta berriro " ++"inportatu behar denean bakarrik irauliko da datu-basea. \"Inoiz ere ez\" " ++"hautatzen baduzu, inoiz ez da datu-basea irauliko." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Datu-baseak iraultzean erabiliko den direktorioa:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Zehaztu LDAP esportatzeko erabiliko den direktorioa. Direktorio honetan " ++"zerbitzariko datu-base ezberdinei dagozkien LDIF fitxategiak sortuko dira. " ++"Ziurtatu zaitez direktorioaren partizioan behar duzun bezainbeste leku libre " ++"duzula. \"VERSION\" katearen lehenengo agerpena zerbitzariaren jatorrizko " ++"bertsio zenbakiagatik ordeztuko da." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Aldatu datu-base zaharra lekuz?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Konfigurazioko prozesua apur dezaketen fitxategiak daude oraindik /var/lib/" ++"ldap direktorioan. Aukera hau gaitzen baduzu mantentzailearen script-ek datu-" ++"base zaharreko fitxategiak hortik kenduko ditu datu-base berria sortu " ++"aurretik." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Berriz saiatu konfigurazioa egiten?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"Zuk sartutako konfigurazioa baliogabea da. Ziurtatu DNSaren domeinu-izena " ++"sintaktikoki zuzena dela, erakundeari dagokion eremua ezin da hutsik egon " ++"eta LDAPeko administratzailearen pasahitzak berdinak izan behar dira. " ++"Konfigurazioa ez berregitea hautatzen baduzu, LDAP zerbitzaria ez da " ++"konfiguratuko. Beranduago konfigurazioa egin nahi izanez gero, exekutatu " ++"'dpkg-reconfigure slapd'." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "DNSaren domeinu-izena:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"DNSaren domeinu-izena LDAP direktorioaren DN oinarria eraikitzeko erabiliko " ++"da. Adibidez, 'proba.adibide.org' erabiliz DN oinarri gisa 'dc=proba, " ++"dc=example, dc=org' edukiarekin sortuko du direktorioa." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Erakundearen izena:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Idatzi LDAP direktorioko DN oinarrian erabiliko den erakundearen izena." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Administratzailearen pasahitza:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "Idatzi LDAP direktorioko administratzailearen sarrerarako pasahitza." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Berretsi pasahitza:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Idatzi LDAP direktorioko administratzailearen sarrerarako pasahitza berriro " ++"ondo idatzi duzula ziurtatzeko." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Pasahitzak ez dira berdinak" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "Idatzitako bi pasahitzak ez dira berdinak. Saiatu berriro." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Slapd kentzen bada, datu-basea ere ezabatzea nahi duzu?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "slapcat-ek huts egin du bertsio-berritzean" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Errorea gertatu da LDAP direktorioa bertsio-berritzean." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"'slapcat' programak huts egin du LDAP direktorioa erauztean. Konfigurazioko " ++"fitxategia oker egoteagatik gerta daiteke (adibidez, datu-basearen motorra " ++"onartzeko 'moduleload' lerroak falta badira)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Hutsegite honek 'slapdd'-ek lehenago edo beranduago hutsegitea eragingo du. " ++"Datu-base zaharra /var/backups karpetara eramango da. Bertsio-berritze hau " ++"berriro saiatzea nahi izanez gero, datu-base zaharreko fitxategiak aurreko " ++"kokalekura eraman beharko dituzu. Konpondu slapcat-en hutsegitea eragin " ++"duena eta exekutatu honako komandoa:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Ondoren, eraman datu-basearen fitxategiak babeskopiako kokaleku batera, eta " ++"saiatu slapadd ${location}(e)tik exekutatzen." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Potentzialki ez-segurua den slapd atzitzeko kontrolaren konfigurazioa" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Konfiguratutako datu-base batek (edo gehiagok) erabiltzaileek beraien " ++"atributu gehienak aldatzeko baimentzen duen atzipeneko kontrol-arau bat du. " ++"Hau ez-segurua izan daiteke, datu-basea nola erabiltzen den arabera." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"slapd-ren \"to *\"-rekin hasten diren atzipen arauen kasuan, \"by self write" ++"\"-ren instantziak kentzea gomendatzen da. Horrela, erabiltzaileek bereziki " ++"baimendutako atributuak soilik alda ditzakete." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Irakurri /usr/share/doc/slapd/README.Debian.gz xehetasun gehiagorako." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "utzi bertan behera instalazioa" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "jarraitu dena den" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "ppolicy eskema eskuz eguneratzea gomendatzen da" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"Pasahitzen politikaren (Password Policy, ppolicy) gainjarpenaren bertsio " ++"berriak eskema behar du, erabiltzen ari den uneko eskeman aurkitzen ez den " ++"\"pwdMaxRecordedFailure\" atributu mota definitzeko. Bertsio-berritzea " ++"oraintxe bertan behera botatzea gomendatzen da, eta \"ppolicy\" eskema " ++"eguneratu slapd bertsio-berritu aurretik. Erreplikazioa erabiltzen ari bada, " ++"eskemaren eguneraketa zerbitzari bakoitzean aplikatu beharko litzateke " ++"bertsio-berritzearekin jarraitu aurretik." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++"LDIF fitxategia sortu da bertsio-berritzeak eskatzen dituen aldaketekin:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"'slapd'-ek sarbidetzaren kontrolaren arau lehenetsiak erabiltzen baditu, " ++"aldaketa hauek aplikatzeko (slapd abiarazi ostean) erabili komando hau:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Horren ordez, instalazioarekin aurrera jarraitzea erabakitzen baduzu, " ++"atributu mota berria automatikoki gehituko da, baina aldaketak ez du " ++"eraginik izango slapd-ren gainjarpenetan, eta beste zerbitzariekin " ++"erreplikazioek eragina jasan dezakete." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Datu-basearen motorra:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB eta BDB motorrek antzeko biltegiratze formatuak erabiltzen dituzte, " ++#~ "baina HDB-ek azpizuhaitzak berrizendatzeko euskarria dauka. Biek " ++#~ "konfigurazioko aukera berdinak onartzen dituzte." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "MDB motorra gomendatzen da. MDB-ek biltegiratze formatu berri bat " ++#~ "erabiltzen du, eta BDB edo HDB baino konfigurazio gutxiago eskatzen du." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "Edozein kasutan, sortutako datu-basearen konfigurazioa gainbegiratu " ++#~ "beharko zenuke zure beharrei erantzuten diela ziurtatzeko. Irakurri /usr/" ++#~ "share/doc/slapd/README.Debian.gz xehetasun gehiagorako." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Onartu LDAPv2 protokoloa?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "Lehenespenez slapd-en LDAPv2 protokolo zaharkitua desgaituta dago. " ++#~ "Programa eta erabiltzaileak LDAPv3-ra migratu beharko lirateke. Hautatu " ++#~ "aukera hau baldin eta LDAPv3 erabili ezin duten programa zaharrak " ++#~ "badituzu, eta slapd.conf fitxategiari 'allow bind_v2' gehituko zaio." diff --cc debian/po/fi.po index 00000000,00000000..56fe5794 new file mode 100644 --- /dev/null +++ b/debian/po/fi.po @@@ -1,0 -1,0 +1,497 @@@ ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2008-04-09 20:55+0200\n" ++"Last-Translator: Esko Arajärvi \n" ++"Language-Team: Finnish \n" ++"Language: fi\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"X-Poedit-Language: Finnish\n" ++"X-Poedit-Country: FINLAND\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Ohitetaanko OpenLDAP-palvelimen asetus?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "Jos valitset tämän vaihtoehdon, asetuksia ja tietokantaa ei luoda." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "aina" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "tarvittaessa" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "ei koskaan" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Vedosta tietokannat tiedostoon päivitettäessä:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Ennen päivitystä OpenLDAP-palvelimen uuteen versioon, LDAP-hakemistoista " ++"voidaan tallentaa vedos standardissa LDAP-tiedonsiirtomuodossa oleviin " ++"tekstitiedostoihin." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Valinta ”aina” merkitsee, että tietokannat vedostetaan tilanteesta " ++"riippumatta ennen päivitystä. Valinta ”tarvittaessa” merkitsee, että " ++"tietokannoista otetaan vedos vain, jos uusi versio ei ole yhteensopiva " ++"vanhan tietokantamuodon kanssa ja tiedot tulee tuoda kantaan uudelleen. " ++"Valittaessa ”ei koskaan” vedostusta ei tehdä." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Tietokantavedosten hakemisto:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Anna hakemisto, johon LDAP-tietokannat vedostetaan. Hakemistoon luodaan " ++"useita LDIF-tiedostoja, joiden sisältö vastaa palvelimen hakukantoja. " ++"Varmista, että valitulla levyosiolla on tarpeeksi vapaata tilaa. Merkkijonon " ++"”VERSION” ensimmäinen esiintymä korvataan päivitettävän palvelimen " ++"versionumerolla." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Siirretäänkö vanha tietokanta?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Hakemistossa /var/lib/ldap on vielä tiedostoja ja ne luultavasti hajoavat " ++"asetusprosessissa. Jos valitset tämän vaihtoehdon, vanhat " ++"tietokantatiedostot siirretään syrjään ennen uuden tietokannan luomista." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Yritetäänkö asetusten tekoa uudelleen?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++#, fuzzy ++#| msgid "" ++#| "The configuration you entered is invalid. Make sure that the DNS domain " ++#| "name is syntactically valid, the organization is not left empty and the " ++#| "admin passwords match. If you decide not to retry the configuration the " ++#| "LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want " ++#| "to retry later." ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"Antamasi asetukset ovat epäkelpoja. Varmista, että DNS-aluenimen syntaksi on " ++"oikea, organisaatiokenttä ei ole tyhjä ja että ylläpitosalasanat täsmäävät. " ++"Jos päätät olla yrittämättä asetusten tekemistä uudelleen, LDAP-palvelimen " ++"asetukset eivät ole valmiit. Voit tehdä asetukset myöhemmin ajamalla " ++"komennon ”dpkg-reconfigure slapd”." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "DNS-aluenimi:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"DNS-aluenimeä käytetään perus-DN:n (erittelevä nimi) luomisessa LDAP-" ++"hakemistolle. Esimerkiksi ”foo.esimerkki.fi” luo hakemiston, jonka perus-DN " ++"on ”dc=foo, dc=esimerkki, dc=fi”." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Organisaation nimi:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "Anna LDAP-hakemiston perus-DN:ssä käytettävä organisaation nimi." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Ylläpitosalasana:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "Anna LDAP-hakemiston ylläpitosalasana." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Vahvista salasana:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Syötä LDAP-hakemiston ylläpitosalasana uudelleen varmistaaksesi, että " ++"kirjoitit sen oikein." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Salasanat eivät täsmää" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "Syöttämäsi kaksi salasanaa eivät olleet sama. Yritä uudelleen." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Haluatko, että tietokanta poistetaan siivottaessa paketti slapd?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "Toimintahäiriö ohjelmassa slapcat päivityksen aikana" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Päivitettäessä LDAP-hakemistoa tapahtui virhe." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"LDAP-hakemiston tuottavassa ohjelmassa ”slapcat” tapahtui toimintahäiriö. " ++"Tämä saattaa johtua virheellisestä asetustiedostosta (esimerkiksi " ++"puuttuvista, taustatietokannan tuen lisäävistä ”moduleload”-riveistä)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Tämän toimintahäiriön takia ohjelmassa ”slapadd” tulee myöhemmin ilmenemään " ++"toimintahäiriö. Vanhat tietokantatiedostot siirretään hakemistoon /var/" ++"backups. Jos haluat yrittää päivittämistä uudelleen, vanhat " ++"tietokantatiedostot tulisi siirtää takaisin paikoilleen, korjata " ++"toimintahäiriön aiheuttanut virhe ja ajaa:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++#, fuzzy ++#| msgid "" ++#| "Then move the database files back to a backup area and then try running " ++#| "slapadd from $location." ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Siirrä tämän jälkeen tietokantatiedostot takaisin varmuuskopiohakemistoon ja " ++"aja slapadd sijainnista $location." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Käytettävä taustatietokanta:" ++ ++#, fuzzy ++#~| msgid "" ++#~| "The HDB backend is recommended. HDB and BDB use similar storage formats, " ++#~| "but HDB adds support for subtree renames. Both support the same " ++#~| "configuration options." ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB-taustatietokantaa suositellaan. HDB ja BDB käyttävät samantapaisia " ++#~ "tallennusmuotoja, mutta HDB tukee lisäksi puun osien uudelleennimeämistä. " ++#~ "Molemmat tukevat samoja asetusvalintoja." ++ ++#, fuzzy ++#~| msgid "" ++#~| "The HDB backend is recommended. HDB and BDB use similar storage formats, " ++#~| "but HDB adds support for subtree renames. Both support the same " ++#~| "configuration options." ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "HDB-taustatietokantaa suositellaan. HDB ja BDB käyttävät samantapaisia " ++#~ "tallennusmuotoja, mutta HDB tukee lisäksi puun osien uudelleennimeämistä. " ++#~ "Molemmat tukevat samoja asetusvalintoja." ++ ++#, fuzzy ++#~| msgid "" ++#~| "In either case, you should review the resulting database configuration " ++#~| "for your needs. See /usr/share/doc/slapd/README.DB_CONFIG.gz for more " ++#~| "details." ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "Joka tapauksessa tulisi tarkistaa, että tuloksena olevat tietokanta-" ++#~ "asetukset vastaavat tarpeita. Tiedostosta /usr/share/doc/slapd/README." ++#~ "DB_CONFIG.gz löytyy lisätietoja (englanniksi)." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Sallitaanko LDAPv2-yhteyskäytäntö?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "Vanhentunut LDAPv2-yhteyskäytäntö on slapdissa oletuksena poissa " ++#~ "käytöstä. Järjestelmät ja ohjelmat päivittää käyttämään LDAPv3:a. Jos " ++#~ "jotkin vanhat ohjelmat eivät voi käyttää LDAPv3-yhteyskäytäntöä, valitse " ++#~ "tämä lisätäksesi asetuksen ”allow bind_v2” tiedostoon slapd.conf" ++ ++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand" ++#~ msgstr "" ++#~ "slurpd on vanhentunut; kopioiden asetukset tulee tehdä käsin uudelleen" ++ ++#~ msgid "" ++#~ "One or more slurpd \"replica\" options were found in your slapd config " ++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, " ++#~ "you will need to migrate your replicas to use the syncrepl protocol " ++#~ "instead." ++#~ msgstr "" ++#~ "Päivitettäessä slapdin asetuksista löytyi yksi tai useampia ”replica”-" ++#~ "asetuksia. Koska slurpd on vanhentunut OpenLDAPin versiosta 2.4 alkaen, " ++#~ "tulee kopiot vaihtaa käyttämään syncrepl-yhteyskäytäntöä." ++ ++#~ msgid "" ++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be " ++#~ "done automatically and you will need to configure your replica servers by " ++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for " ++#~ "details." ++#~ msgstr "" ++#~ "Muunnosta slurpdista vetoon perustuvaan syncrepl-yhteyskäytäntöön ei " ++#~ "voida tehdä automaattisesti ja kopiopalvelimien asetukset tulee tehdä " ++#~ "käsin. Lisätietoja (englanniksi) löytyy tiedostosta http://www.openldap." ++#~ "org/doc/admin24/syncrepl.html." ++ ++#~ msgid "TLSCipherSuite values have changed" ++#~ msgstr "TLSCipherSuite-arvot ovat muuttuneet" ++ ++#~ msgid "" ++#~ "A \"TLSCipherSuite\" option was found in your slapd config when " ++#~ "upgrading. The values allowed for this option are determined by the SSL " ++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a " ++#~ "result, your existing TLSCipherSuite setting will not work with this " ++#~ "package." ++#~ msgstr "" ++#~ "Asetus ”TLSCipherSuite” löydettiin päivitettäessä slapdin asetuksista. " ++#~ "Tämän asetuksen sallitut arvot riippuvat käytetystä SSL-toteutuksesta. " ++#~ "Käytetty toteutus on vaihdettu OpenSSL:stä GnuTLS:ään. Tämän seurauksena " ++#~ "nykyinen TLSCipherSuite-asetus ei toimi tämän paketin kanssa." ++ ++#~ msgid "" ++#~ "This setting has been automatically commented out for you. If you have " ++#~ "specific encryption needs that require this option to be re-enabled, see " ++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of " ++#~ "ciphers supported by GnuTLS." ++#~ msgstr "" ++#~ "Tämä asetus on automaattisesti kommentoitu pois käytöstä. Jos on tarpeen " ++#~ "asettaa tietty salaus tällä asetuksella, lista GnuTLS:n tukemista " ++#~ "salauksista voidaan tulostaa paketin gnutls-bin avulla komennolla ”gnutls-" ++#~ "cli -l”." ++ ++#~ msgid "Back up current database and create a new one?" ++#~ msgstr "Tehdäänkö nykyisestä tietokannasta varmuuskopio ja luodaanko uusi?" ++ ++#~ msgid "" ++#~ "The directory suffix (domain) you specified doesn't match the one " ++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires " ++#~ "moving aside the current LDAP database and creating a new one. Please " ++#~ "confirm whether you want to back up and abandon the current database." ++#~ msgstr "" ++#~ "Annettu hakemistopääte (verkkotunnus) ei täsmää tiedostossa /etc/ldap/" ++#~ "slapd.conf olevaan. Hakemistopäätteen muuttaminen vaatii, että nykyinen " ++#~ "LDAP-tietokanta siirretään syrjään ja luodaan uusi. Vahvista haluatko " ++#~ "tehdä tehdä varmuuskopion nykyisestä tietokannasta ja hylätä sen." diff --cc debian/po/fr.po index 00000000,00000000..45a09933 new file mode 100644 --- /dev/null +++ b/debian/po/fr.po @@@ -1,0 -1,0 +1,520 @@@ ++# Translation of openldap debconf templates to French ++# Copyright (C) 2006-2010 Christian Perrier ++# This file is distributed under the same license as the openldap package. ++# ++# ++# Christian Perrier , 2006-2010, 2014. ++# Jean-Pierre Giraud , 2017. ++msgid "" ++msgstr "" ++"Project-Id-Version: \n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-21 16:28+0100\n" ++"Last-Translator: Jean-Pierre Giraud \n" ++"Language-Team: French \n" ++"Language: fr\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"X-Generator: Lokalize 1.5\n" ++"Plural-Forms: nplurals=2; plural=(n > 1);\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Voulez-vous omettre la configuration d'OpenLDAP ?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Si vous choisissez cette option, aucune configuration par défaut et aucune " ++"base de données ne seront créées." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "Toujours" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "Lorsque nécessaire" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "Jamais" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "" ++"Sauvegarde des bases de données dans un fichier pour la mise à niveau :" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Avant la mise à niveau du serveur OpenLDAP, les données des annuaires LDAP " ++"peuvent être exportées dans des fichiers au format texte LDIF (« LDAP Data " ++"Interchange Format » : format d'échange de données LDAP)." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Si vous choisissez l'option « Toujours », les données seront " ++"systématiquement exportées avant une mise à niveau. Si vous choisissez " ++"« Lorsque nécessaire », elles ne seront exportées que lorsque la nouvelle " ++"version utilisera un format incompatible avec l'ancienne, ce qui imposera de " ++"réimporter les données. Si vous choisissez « Jamais », les données ne seront " ++"jamais exportées." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Répertoire où exporter les bases de données :" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Veuillez indiquer le répertoire où les bases de données LDAP seront " ++"exportées. Plusieurs fichiers LDIF seront créés dans ce répertoire. Ils " ++"correspondent aux bases de recherche présentes sur le serveur. Veuillez " ++"vérifier que la partition où se trouve ce répertoire comporte suffisamment " ++"de place disponible. La première occurrence de « VERSION » dans le nom de ce " ++"répertoire sera remplacée par la version d'OpenLDAP utilisée avant la mise à " ++"niveau." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Faut-il déplacer l'ancienne base de données ?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Des fichiers présents dans /var/lib/ldap vont probablement provoquer l'échec " ++"de la procédure de configuration. Si vous choisissez cette option, les " ++"scripts de configuration déplaceront les anciens fichiers des bases de " ++"données avant de créer une nouvelle base de données." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Faut-il recommencer la configuration ?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"La configuration que vous avez indiquée n'est pas valable. Veuillez vérifier " ++"que le nom de domaine DNS utilise une syntaxe correcte, que « organisation » " ++"n'est pas vide et que les mots de passe d'administrateur correspondent. Si " ++"vous choisissez de ne pas recommencer la configuration, le serveur LDAP ne " ++"sera pas configuré. Si vous voulez recommencer ce processus, utilisez la " ++"commande « dpkg-reconfigure slapd »." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "Nom de domaine :" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"Le nom de domaine DNS est utilisé pour établir le nom distinctif de base " ++"(« base DN » ou « Distinguished Name ») de l'annuaire LDAP. Par exemple, si " ++"vous indiquez « toto.example.org » ici, le nom distinctif de base sera " ++"« dc=toto, dc=example, dc=org »." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Nom d'entité (« organization ») :" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Veuillez indiquer la valeur qui sera utilisée comme nom d'entité " ++"(« organization ») dans le nom distinctif de base de l'annuaire LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Mot de passe de l'administrateur :" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "" ++"Veuillez indiquer le mot de passe de l'administrateur de l'annuaire LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Mot de passe de l'administrateur :" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Veuillez entrer à nouveau le mot de passe de l'administrateur de l'annuaire " ++"LDAP afin de vérifier qu'il a été saisi correctement." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Erreur de saisie du mot de passe" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "" ++"Les deux mots de passe que vous avez entrés sont différents. Veuillez " ++"recommencer." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Faut-il supprimer la base de données lors de la purge du paquet ?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "Échec de slapcat durant la mise à niveau" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Une erreur s'est produite lors de la mise à niveau de l'annuaire LDAP." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"Le programme « slapcat » a échoué en extrayant les données du répertoire " ++"LDAP. Cela peut être dû à un fichier de configuration non valable (par " ++"exemple l'absence de lignes « moduleload » permettant de gérer les divers " ++"types de bases de données)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Cet échec provoquera l'échec ultérieur de « slapadd ». Les anciens fichiers " ++"de bases de données seront déplacés dans /var/backups. Si vous souhaitez " ++"tenter à nouveau la mise à jour, vous devrez les remettre en place, corriger " ++"l'erreur qui a provoqué l'échec de slapcat et utiliser la commande suivante :" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Déplacez ensuite les bases de données vers un emplacement de sauvegarde et " ++"tentez d'utiliser la commande « slapadd » depuis ${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Configuration potentiellement peu sûre du contrôle d'accès de slapd" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Une ou plusieurs des bases de données configurées comportent une règle de " ++"contrôle d'accès qui permet aux utilisateurs de modifier un ou plusieurs de " ++"leurs propres paramètres. Cela peut être peu sûr, selon la façon dont la " ++"base de données est configurée." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"Pour les règles d'accès à slapd qui commencent par « to * », il est " ++"recommandé de supprimer toute occurrence de « by self write », afin que les " ++"utilisateurs ne puissent modifier que des paramètres explicitement autorisés." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "" ++"Veuillez consulter le fichier /usr/share/doc/slapd/README.Debian.gz pour " ++"plus d'informations." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "Abandonner l'installation" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "Continuer quand même" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Mise à jour manuelle du schéma ppolicy recommandée" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"La nouvelle version de la surcouche Password Policy (ppolicy – politique de " ++"mot de passe) nécessite que le schéma définisse le type d'attribut " ++"pwdMaxRecordedFailure qui n'est pas présent dans le schéma actuel. Il est " ++"recommandé d'abandonner la mise à niveau maintenant, et de mettre à jour le " ++"schéma ppolicy avant de mettre à niveau slapd. Si vous utilisez une " ++"réplication, la mise à jour du schéma doit être appliquée sur chaque serveur " ++"avant de poursuivre la mise à niveau." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++"Un fichier LDAP a été créé avec les modifications requises pour la mise à " ++"jour :" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"aussi, si slapd utilise les règles de contrôle d'accès par défaut, ces " ++"modifications peuvent être appliquées (après le démarrage de slapd) avec la " ++"commande :" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Si vous choisissez plutôt de poursuivre l'installation, le nouveau type " ++"d'attribut sera ajouté automatiquement, mais la modification ne sera pas " ++"appliquée par les surcouches de slapd, et la réplication sur d'autres " ++"serveurs peut être affectée." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Module de base de données à utiliser :" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB et BDB utilisent des formats de stockage analogues. Par contre, HDB " ++#~ "gère les renommages de sous-arbres. Les deux formats utilisent les mêmes " ++#~ "options de configuration." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "Le module MDB est recommandé. Il utilise un nouveau format de stockage et " ++#~ "est plus simple à configurer que BDB ou HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "Quel que soit votre choix, vous devriez vérifier les options de " ++#~ "configuration de la base de données. Pour plus d'informations, veuillez " ++#~ "consulter le fichier /usr/share/doc/slapd/README.Debian.gz." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Faut-il autoriser le protocole LDAPv2 ?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "L'ancien protocole LDAPv2 est désactivé dans slapd. Il est conseillé de " ++#~ "migrer les programmes et les utilisateurs vers la version LDAPv3. Si vous " ++#~ "utilisez d'anciens programmes qui ne gèrent pas encore LDAPv3, vous " ++#~ "devriez choisir cette option, ce qui ajoutera l'option « allow bind_v2 » " ++#~ "au fichier slapd.conf." ++ ++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand" ++#~ msgstr "Programme slurpd obsolète : reconfiguration manuelle des réplicats" ++ ++#~ msgid "" ++#~ "One or more slurpd \"replica\" options were found in your slapd config " ++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, " ++#~ "you will need to migrate your replicas to use the syncrepl protocol " ++#~ "instead." ++#~ msgstr "" ++#~ "Une ou plusieurs options « replica » de slurpd ont été trouvée dans le " ++#~ "fichier de configuration lors de la mise à niveau. Le programme slurpd " ++#~ "est obsolète à partir de la version 2.4 d'OpenLDAP et il est nécessaire " ++#~ "de migrer les réplicats pour qu'ils utilisent le protocole syncrepl à la " ++#~ "place." ++ ++#~ msgid "" ++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be " ++#~ "done automatically and you will need to configure your replica servers by " ++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for " ++#~ "details." ++#~ msgstr "" ++#~ "Cette conversion ne peut se faire automatiquement et vous devez " ++#~ "configurer les serveurs réplicats vous-même. Veuillez consulter http://" ++#~ "www.openldap.org/doc/admin24/syncrepl.html pour plus d'informations." ++ ++#~ msgid "TLSCipherSuite values have changed" ++#~ msgstr "Changement des valeurs possibles pour « TLSCipherSuite »" ++ ++#~ msgid "" ++#~ "A \"TLSCipherSuite\" option was found in your slapd config when " ++#~ "upgrading. The values allowed for this option are determined by the SSL " ++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a " ++#~ "result, your existing TLSCipherSuite setting will not work with this " ++#~ "package." ++#~ msgstr "" ++#~ "L'option « TLSCipherSuite » a été trouvée dans le fichier de " ++#~ "configuration de slapd lors de la mise à niveau. Les valeurs possibles " ++#~ "pour cette option dépendent de l'implémentation de SSL qui est utilisée. " ++#~ "Comme OpenSSL a été remplacé par GnuTLS, les réglages actuels de " ++#~ "« TLSCipherSuite » ne fonctionnent plus avec cette version du paquet." ++ ++#~ msgid "" ++#~ "This setting has been automatically commented out for you. If you have " ++#~ "specific encryption needs that require this option to be re-enabled, see " ++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of " ++#~ "ciphers supported by GnuTLS." ++#~ msgstr "" ++#~ "Ce réglage a été automatiquement mis en commentaire. Si une méthode " ++#~ "spécifique de chiffrement impose de la réactiver, vous devriez consulter " ++#~ "l'affichage de la commande « gnutls-cli -l » du paquet gnutls-bin pour " ++#~ "une liste des méthodes de chiffrement gérées par GnuTLS." ++ ++#~ msgid "Back up current database and create a new one?" ++#~ msgstr "" ++#~ "Faut-il sauvegarder l'ancienne base de données et en créer une nouvelle ?" ++ ++#~ msgid "" ++#~ "The directory suffix (domain) you specified doesn't match the one " ++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires " ++#~ "moving aside the current LDAP database and creating a new one. Please " ++#~ "confirm whether you want to back up and abandon the current database." ++#~ msgstr "" ++#~ "Le suffixe d'annuaire (domaine) indiqué ne correspond pas à celui qui est " ++#~ "actuellement mentionné dans /etc/ldap/slapd.conf. Le changement du " ++#~ "suffixe d'annuaire nécessite de déplacer la base de données actuelle et " ++#~ "d'en créer une nouvelle. Veuillez confirmer si vous voulez délaisser la " ++#~ "base de données actuelle (une sauvegarde sera effectuée)." diff --cc debian/po/gl.po index 00000000,00000000..7928a681 new file mode 100644 --- /dev/null +++ b/debian/po/gl.po @@@ -1,0 -1,0 +1,490 @@@ ++# translation of openldap_2.4.23-2_gl.po to Galician ++# Galician translation of openldap's debconf templates. ++# This file is distributed under the same license as the openldap package. ++# ++# Jacobo Tarrio , 2006. ++# Jorge Barreiro , 2010, 2014. ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap_2.4.40-2_gl\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2014-11-17 00:40+0100\n" ++"Last-Translator: Jorge Barreiro \n" ++"Language-Team: Galician \n" ++"Language: gl\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"X-Generator: Lokalize 1.4\n" ++"Plural-Forms: nplurals=2; plural=n != 1;\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Omitir a configuración do servidor OpenLDAP?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Se escolle esta opción non se creará ningunha configuración ou base de datos " ++"inicial." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "sempre" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "cando se precise" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "nunca" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Envorcar as bases de datos a un ficheiro na actualización:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Antes de actualizar a unha nova versión do servidor OpenLDAP, pódense " ++"envorcar os datos dos seus directorios LDAP a ficheiros de texto normal no " ++"formato estándar LDIF, formato de intercambio de datos LDAP." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"A opción «sempre» fará que as bases de datos se envorquen incondicionalmente " ++"antes dunha actualización. Se escolle «cando se precise» só se ha envorcar a " ++"base de datos se a nova versión é incompatíbel co formato antigo da base de " ++"datos e hai que reimportala. Se escolle «nunca» non se ha envorcar a base de " ++"datos." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Directorio para as bases de datos envorcadas:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Especifique o directorio no que se han exportar as bases de datos LDAP. " ++"Neste directorio hanse crear varios ficheiros LDIF que se corresponden coas " ++"bases de busca almacenadas no servidor. Asegúrese de ter espazo libre " ++"dabondo na partición na que reside o directorio. A primeira aparición da " ++"cadea «VERSION» substitúese pola versión do servidor a partires da que se " ++"actualiza." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Trasladar a base de datos antiga?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Aínda hai ficheiros en /var/lib/ldap que probablemente fagan fallar o " ++"proceso de configuración. Se activa esta opción, os «scripts» do mantedor " ++"apartarán os ficheiros da base de datos antiga antes de crear unha nova base " ++"de datos." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Volver tentar a configuración?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"A configuración que introduciu non é válida. Asegúrese de que o nome de " ++"dominio DNS teña unha sintaxe válida, o campo para a organización non quede " ++"baleiro e os contrasinais do administrador coincidan. Se decide non volver " ++"tentar a configuración non se ha configurar o servidor LDAP. Execute «dpkg-" ++"reconfigure slapd» se quere volver a tentalo noutro momento." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "Nome de dominio DNS:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"O nome de dominio DNS emprégase para construír o DN base do directorio LDAP. " ++"Por exemplo, «foo.example.org» creará o directorio con «dc=foo, dc=example, " ++"dc=org» coma DN base." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Nome da organización:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Introduza aquí o nome da organización a empregar no DN base do seu " ++"directorio LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Contrasinal do administrador:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "" ++"Introduza o contrasinal para a entrada do administrador no directorio LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Confirme o contrasinal:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Volva introducir o contrasinal do administrador do seu directorio LDAP para " ++"comprobar que o introduciu correctamente." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Contrasinais distintos" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "Os dous contrasinais que introduciu non son iguais. Volva tentalo." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Quere que se elimine a base de datos ao purgar slapd?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "Fallou a execución de slapcat durante a actualización" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Produciuse un erro ao actualizar o directorio LDAP." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"O programa «slapcat» fallou ao extraer o directorio LDAP. Isto pode estar " ++"causado por un ficheiro de configuración incorrecto (por exemplo, se non hai " ++"liñas «moduleload» para o uso da base de datos)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Este fallo fará que «slapadd» tamén falle. Trasladaranse os ficheiros de " ++"base de datos antigos a /var/backups. Se quere volver tentar a " ++"actualización, debería mover os ficheiros da base de datos antiga ao seu " ++"sitio, arranxar o que fixo que fallara slapcat, e executar:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Despois volva trasladar os ficheiros da base de datos a unha zona de copias " ++"de seguridade e probe a executar slapadd desde ${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "" ++"A configuración de control de acceso de slapd é potencialmente insegura" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Polo menos unha das bases de datos configuradas ten unha regra de control de " ++"acceso que permite aos usuarios modificar a maioría dos atributos. Isto pode " ++"ser inseguro dependendo da maneira en que se use a base de datos." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"No caso das regras de acceso de «slapd» que comezan con «to *», " ++"recoméndaselle eliminar calquera instancia de «by self write», de maneira " ++"que os usuarios só poidan modificar os atributos especificamente permitidos." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Pode obter máis información en /usr/share/doc/slapd/README.Debian.gz ." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Motor de base de datos a empregar:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB e BDB empregan formatos de almacenamento semellantes, pero HDB " ++#~ "permite ademais o cambio de nome de subárbores. Ámbolos dous permiten " ++#~ "usar as mesmas opcións de configuración." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "Recoméndase o motor MDB. MDB usa un formato de almacenamento novo e " ++#~ "precisa menos configuración que BDB ou HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "En calquera caso, debería revisar que a configuración da base de datos se " ++#~ "axusta ás súas necesidades. Pode obter máis información en /usr/share/doc/" ++#~ "slapd/README.Debian.gz ." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Admitir o protocolo LDAPv2?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "O protocolo obsoleto LDAPv2 está desactivado por defecto en slapd. Os " ++#~ "programas e os usuarios deberíanse actualizar a LDAPv3. Se ten programas " ++#~ "antigos que non poidan empregar LDAPv3 debería escoller esta opción, que " ++#~ "fará que se engada «allow bind_v2» ao ficheiro slapd.conf ." ++ ++#~ msgid "Back up current database and create a new one?" ++#~ msgstr "¿Facer unha copia da base de datos actual e crear unha nova?" ++ ++#~ msgid "" ++#~ "The directory suffix (domain) you specified doesn't match the one " ++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires " ++#~ "moving aside the current LDAP database and creating a new one. Please " ++#~ "confirm whether you want to back up and abandon the current database." ++#~ msgstr "" ++#~ "O sufixo de directorio (dominio) que especificou non coincide co que hai " ++#~ "en /etc/ldap/slapd.conf. Para cambiar o sufixo do directorio hai que " ++#~ "apartar a base de datos LDAP actual e crear unha nova. Confirme se quere " ++#~ "facer unha copia de seguridade da base de datos actual e abandonala." ++ ++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand" ++#~ msgstr "slurpd está obsoleto; é preciso reconfigurar as réplicas á man" ++ ++#~ msgid "" ++#~ "One or more slurpd \"replica\" options were found in your slapd config " ++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, " ++#~ "you will need to migrate your replicas to use the syncrepl protocol " ++#~ "instead." ++#~ msgstr "" ++#~ "Atopouse unha ou máis opcións \"replica\" na configuración de slapd ao " ++#~ "actualizar. Como slurpd está obsoleto a partires de OpenLDAP 2.4, ha ter " ++#~ "que migrar as súas réplicas para que empreguen no seu canto o protocolo " ++#~ "syncrepl." ++ ++#~ msgid "" ++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be " ++#~ "done automatically and you will need to configure your replica servers by " ++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for " ++#~ "details." ++#~ msgstr "" ++#~ "Non se pode realizar automaticamente a conversión de slurpd ao protocolo " ++#~ "syncrepl baseado en pull, e ha ter que configurar manualmente os seus " ++#~ "servidores réplica. Consulte http://www.openldap.org/doc/admin24/syncrepl." ++#~ "html para máis detalles." ++ ++#~ msgid "TLSCipherSuite values have changed" ++#~ msgstr "Os valores de TLSCipherSuite cambiaron" ++ ++#~ msgid "" ++#~ "A \"TLSCipherSuite\" option was found in your slapd config when " ++#~ "upgrading. The values allowed for this option are determined by the SSL " ++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a " ++#~ "result, your existing TLSCipherSuite setting will not work with this " ++#~ "package." ++#~ msgstr "" ++#~ "Atopouse unha opción \"TLSCipherSuite\" na configuración de slapd ao " ++#~ "actualizar. Os valores admitidos para esta opción están determinados pola " ++#~ "implementación de SSL en uso, que se cambiou de OpenSSL a GnuTLS. Coma " ++#~ "resultado, a configuración actual de TLSCipherSuite non ha funcionar con " ++#~ "este paquete." ++ ++#~ msgid "" ++#~ "This setting has been automatically commented out for you. If you have " ++#~ "specific encryption needs that require this option to be re-enabled, see " ++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of " ++#~ "ciphers supported by GnuTLS." ++#~ msgstr "" ++#~ "Anulouse cun comentario esta configuración por vostede. Se ten " ++#~ "necesidades de cifrado específicas que precisan de que se volva activar " ++#~ "esta opción, consulte a saída de \"gnutls-cli -l\" no paquete gnutls-bin " ++#~ "para obter a lista de sistemas de cifrado soportados por GnuTLS." diff --cc debian/po/it.po index 00000000,00000000..4b994408 new file mode 100644 --- /dev/null +++ b/debian/po/it.po @@@ -1,0 -1,0 +1,435 @@@ ++# Italian (it) translation of debconf templates for openldap ++# This file is distributed under the same license as the openldap package. ++# Luca Monducci , 2007-2017. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap 2.4.40-2 italian debconf templates\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-21 11:42+0100\n" ++"Last-Translator: Luca Monducci \n" ++"Language-Team: Italian \n" ++"Language: it\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Omettere la configurazione del server OpenLDAP?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Se si accetta, non verranno creati la configurazione iniziale né il database." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "sempre" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "quando necessario" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "mai" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Fare il dump su file dei database prima dell'aggiornamento:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Prima dell'aggiornamento a una nuova versione del server OpenLDAP, è " ++"possibile fare il dump delle proprie directory LDAP in dei semplici file di " ++"testo in formato LDIF (lo standard per lo scambio di dati LDAP)." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Selezionando \"sempre\" il dump dei database verrà effettuato prima di ogni " ++"aggiornamento. Con \"quando necessario\" il dump dei database verrà fatto " ++"solo quando la nuova versione è incompatibile con il vecchio formato del " ++"database e quindi deve essere reimportato. Infine con \"mai\" il dump dei " ++"database non verrà mai fatto." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Directory per il dump dei database:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Indicare la directory in cui verranno esportati i database LDAP. In questa " ++"directory verrà creato un file LDIF per ogni base di ricerca presente sul " ++"server. Assicurarsi di avere spazio libero sufficiente sulla partizione che " ++"contiene la directory indicata. La prima occorrenza della stringa \"VERSION" ++"\" viene sostituita con la versione del server che si sta aggiornando." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Spostare il vecchio database?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Ci sono ancora dei file in /var/lib/ldap che potrebbero intralciare il " ++"processo di configurazione. Se si accetta, gli script di installazione " ++"toglieranno di mezzo i file dei vecchi database prima di creare il nuovo " ++"database." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Ripetere la configurazione?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"La configurazione inserita non è valida. Assicurarsi che il nome di dominio " ++"DNS sia sintatticamente corretto, che il campo per il nome " ++"dell'organizzazione non sia stato lasciato in bianco e che le password di " ++"amministrazione coincidano. Se si decide di non riprovare la configurazione, " ++"il server LDAP non verrà impostato. In seguito, per riprovare la " ++"configurazione, usare \"dpkg-reconfigure slapd\"." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "Nome di dominio DNS:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"Il nome DNS di dominio è usato per costruire la base DN della directory " ++"LDAP. Per esempio con \"pippo.esempio.org\" sarà creata una directory con " ++"\"dc=pippo, dc=esempio, dc=org\" come base DN." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Nome dell'organizzazione:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Inserire il nome dell'organizzazione da usare nella base DN della propria " ++"directory LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Password dell'amministratore:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "" ++"Inserire la password per l'amministrazione della propria directory LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Conferma della password:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Inserire di nuovo la password per l'amministrazione della propria directory " ++"LDAP, per verificare che sia stata digitata correttamente." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Le password non coincidono" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "Le due password inserite non sono uguali; si prega di riprovare." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Eliminare il database in caso di rimozione completa di slapd?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "Problema con slapcat durante l'aggiornamento" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "" ++"Si è verificato un errore durante l'aggiornamento della directory LDAP." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"Il programma \"slapcat\" ha riportato un errore durante l'estrazione della " ++"directory LDAP. L'errore potrebbe essere causato da un file di " ++"configurazione sbagliato (per esempio, la mancanza delle righe \"moduleload" ++"\" per il supporto al database di backend)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Questo errore provocherà anche il successivo fallimento di \"slapadd\". I " ++"file del vecchio database saranno spostati in /var/backups. Per riprovare " ++"l'aggiornamento è necessario riportare i file nella posizione originale, " ++"correggere ciò che ha causato il fallimento di slapcat ed eseguire:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Poi spostare i file del database in un'area di backup e provare a eseguire " ++"slapadd da ${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Configurazione degli accessi di slapd potenzialmente non sicura" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Uno o più dei database configurati hanno una regola di accesso che permette " ++"agli utenti di modificare la maggior parte dei propri attributi. Ciò è non " ++"sicuro, il livello di pericolosità dipende da qual è l'uso del database." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"Se esistono regole di accesso che iniziano con \"to *\", si raccomanda di " ++"togliere tutti i \"by self write\" in modo che gli utenti possano modificare " ++"solo gli attributi a loro consentiti." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "" ++"Consultare /usr/share/doc/slapd/README.Debian.gz per maggiori informazioni." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "interrompi l'installazione" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "continua comunque" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Aggiornamento manuale dello schema ppolicy" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"La nuova versione dell'overlay Password Policy (ppolicy) richiede la " ++"definizione nello schema del tipo di attributo pwdMaxRecordedFailure il " ++"quale non è presente nello schema attualmente in uso. Si raccomanda di " ++"interrompere adesso l'aggiornamento e di preparare lo schema ppolicy prima " ++"di aggiornare slapd. Nel caso si utilizzi la replica, occorre preparare lo " ++"schema su ogni server prima di continuare con l'aggiornamento." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "È stato generato un file LDIF con le necessarie modifiche allo schema:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"se slapd sta usando le regole di controllo d'accesso predefinite, le " ++"modifiche possono essere applicate (dopo aver avviato slapd) usando il " ++"comando:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Nel caso si decida di continuare l'installazione, il nuovo tipo di attributo " ++"verrà aggiunto automaticamente ma la modifica non agirà sul funzionamento " ++"degli overlay di slapd e potrebbe influenzare la replica con altri server." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Database di backend da usare:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB e BDB usano un formato di memorizzazione simile ma HDB dispone in più " ++#~ "del supporto per rinominare i sottoalberi. Entrambi hanno le stesse " ++#~ "opzioni da configurare." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "Si raccomanda MDB come backend. MDB usa un formato di memorizzazione " ++#~ "nuovo e richiede la configurazione di un minor numero di opzioni rispetto " ++#~ "a BDB e HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "In ogni caso è opportuno rivedere la configurazione del database in base " ++#~ "alle proprie necessità. Consultare /usr/share/doc/slapd/README.Debian.gz " ++#~ "per maggiori informazioni." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Abilitare il protocollo LDAPv2?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "Con la configurazione predefinita di slapd il vecchio protocollo LDAPv2 è " ++#~ "disabilitato. I programmi e gli utenti dovrebbero aggiornarsi a LDAPv3. " ++#~ "Se si usa qualche vecchio programma che non può usare LDAPv3, si dovrebbe " ++#~ "accettare in modo da aggiungere \"allow bind_v2\" al file di " ++#~ "configurazione slapd.conf." diff --cc debian/po/ja.po index 00000000,00000000..90be29be new file mode 100644 --- /dev/null +++ b/debian/po/ja.po @@@ -1,0 -1,0 +1,416 @@@ ++# ++# Translators, if you are not familiar with the PO format, gettext ++# documentation is worth reading, especially sections dedicated to ++# this format, e.g. by running: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# ++# Some information specific to po-debconf are available at ++# /usr/share/doc/po-debconf/README-trans ++# or http://www.debian.org/intl/l10n/po-debconf/README-trans ++# ++# Developers do not need to manually edit POT or PO files. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-15 13:46+0900\n" ++"Last-Translator: Kenshi Muto \n" ++"Language-Team: Japanese \n" ++"Language: ja\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "OpenLDAP サーバの設定を省略しますか?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "ここで「はい」を選ぶと、初期設定やデータベースは作成されません。" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "常に" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "必要なときに" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "行わない" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "更新時にデータベースをファイルにダンプ:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"OpenLDAP サーバの新しいバージョンへの更新の前に、LDAP ディレクトリのデータ" ++"を、標準 LDAP データ交換フォーマットのプレインテキストファイルにダンプできま" ++"す。" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"「常に」を選ぶと、無条件に更新の前にデータベースをダンプするようになります。" ++"「必要なときに」を選ぶと、新しいバージョンが古いデータベースフォーマットと非" ++"互換で、再インポートが必要なときに、データベースをダンプします。「行わない」" ++"を選ぶと、データベースのダンプを行いません。" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "データベースのダンプに使うディレクトリ:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"LDAP データベースをエキスポートするディレクトリを指定してください。このディレ" ++"クトリの中には、サーバ上に配置された検索ベースに関連するいくつかの LDIF ファ" ++"イルが作成されます。ディレクトリを格納するパーティションに十分な空き領域があ" ++"ることを確認してください。最初に出現する文字列 \"VERSION\" は、更新対象のサー" ++"バのバージョンで置き換えられます。" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "古いデータベースを移動しますか?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"おそらく設定手順を壊すと思われるファイルが、/var/lib/ldap にまだあります。こ" ++"の選択肢で「はい」を選ぶと、メンテナスクリプトは新しいデータベースを作成する" ++"前に古いデータベースファイルを別の場所に移動します。" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "設定を再試行しますか?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"入力された設定は無効です。DNS ドメイン名が有効な文法になっていること、組織名" ++"のフィールドが空になっていないことと、管理者パスワードが合っていることを確認" ++"してください。設定を再試行しないと、LDAP サーバはセットアップされません。あと" ++"で再試行するときには、\"dpkg-reconfigure slapd\" を実行してください。" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "DNS ドメイン名:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"DNS ドメイン名は LDAP ディレクトリのベース DN を形成するのに使われます。たと" ++"えば、'foo.example.org' は、ベース DN として 'dc=foo, dc=example, dc=org' の" ++"ディレクトリを作成します。" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "組織名:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "LDAP ディレクトリのベース DN 内で使う組織の名前を入力してください。" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "管理者のパスワード:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "" ++"あなたの LDAP ディレクトリでの管理者エントリのパスワードを入力してください。" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "パスワードの確認:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"正しくタイプしたかの確認のために、先ほど入力したのと同じ LDAP ディレクトリ用" ++"の admin のパスワードを再度入力してください。" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "パスワードが合致しません" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "2回入力されたパスワードは同じではありません。再度入力してください。" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "slapd をパージしたときにデータベースを削除しますか?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "更新中に slapcat が失敗" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "LDAP ディレクトリの更新中にエラーが発生しました。" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"LDAP ディレクトリの展開中に 'slapcat' プログラムが失敗しました。これは不正な" ++"設定ファイル (たとえばバックエンドデータベースをサポートするための " ++"'moduleload' 行がないなど) によって引き起こされた可能性があります。" ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"この失敗は、後で 'slapadd' を失敗させることになります。古いデータベースファイ" ++"ルは /var/backups に移動されます。更新を再試行したいのであれば、古いデータ" ++"ベースファイルを元の場所に戻して slapcat が失敗する原因を修正し、次のように実" ++"行します:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"そして、データベースファイルをバックアップ領域に戻し、slapadd を ${location} " ++"から実行してみます。" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "潜在的に安全でない slapd のアクセス制御設定です" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"設定されたデータベースには、ユーザに自身の属性のほとんどの変更を許容する 1 つ" ++"以上のアクセス制御ルールがあります。これはデータベースの使いようによっては安" ++"全でない可能性があります。" ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"\"to *\" で始まる slapd アクセスルールがある場合、各 \"by self write\" 記述を" ++"削除することをお勧めします。そうすれば、ユーザが変更できるのは明示的に許可さ" ++"れた属性のみになります。" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "" ++"詳細については /usr/share/doc/slapd/README.Debian.gz を参照してください。" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "インストールの中止" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "かまわず続ける" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "手動の ppolicy スキーマ更新の推奨" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"Password Policy (ppolicy) オーバレイの新しいバージョンは、現在使用しているス" ++"キーマに存在しない pwdMaxRecordedFailure 属性型をスキーマに定義する必要があり" ++"ます。アップグレードを今すぐ中止し、slapd をアップグレードする前に ppolicy ス" ++"キーマを更新することをお勧めします。レプリケーションが使われている場合、この" ++"アップグレードを続ける前にスキーマの更新を各サーバに適用しておくべきです。" ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "アップグレードに必要な変更付きの LDIF ファイルが生成されました:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"slapd がデフォルトのアクセス制御ルールを使っているのであれば、これらの変更は " ++"(slapd が開始した後に) 以下のコマンドによって適用できます:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"インストールを続けることを選ぶと、新しい属性型は自動的に追加されますが、この" ++"変更は slapd オーバレイで実行されず、他のサーバとのレプリケーションに影響する" ++"可能性があります。" ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "利用するデータベースバックエンド:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB と BDB は似たストレージフォーマットを使いますが、HDB にはサブツリーの" ++#~ "名前変更のサポートが加わっています。共に、同じ設定オプションをサポートしま" ++#~ "す。" ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "MDB バックエンドをお勧めします。MDB は新しいストレージフォーマットを採用し" ++#~ "ており、BDB や HDB よりも少ない設定で済みます。" ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "いずれの場合でも、必要に応じてデータベース設定の結果を再確認すべきです。詳" ++#~ "細については /usr/share/doc/slapd/README.Debian.gz を参照してください。" diff --cc debian/po/nl.po index 00000000,00000000..11580452 new file mode 100644 --- /dev/null +++ b/debian/po/nl.po @@@ -1,0 -1,0 +1,450 @@@ ++# Dutch translation of openldap debconf templates. ++# Copyright (C) 2008-2011 THE PACKAGE'S COPYRIGHT HOLDER ++# This file is distributed under the same license as the openldap package. ++# Bart Cornelis , 2008. ++# Jeroen Schot , 2011. ++# Frans Spiesschaert , 2014, 2017. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap 2.4.44+dfsg-4\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-12 14:24+0100\n" ++"Last-Translator: Frans Spiesschaert \n" ++"Language-Team: Debian Dutch l10n Team \n" ++"Language: nl\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"Plural-Forms: nplurals=2; plural=(n != 1);\n" ++"X-Generator: Gtranslator 2.91.6\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Wilt u het configureren van de OpenLDAP-server overslaan?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Wanneer u deze optie kiest, worden er geen initiële configuratie en databank " ++"voor u aangemaakt." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "altijd" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "wanneer nodig" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "nooit" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Bij de opwaardering de databanken exporteren naar bestand:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Vooraleer een opwaardering naar een nieuwe versie van de OpenLDAP-server " ++"uitgevoerd wordt, kunnen de data in uw LDAP-catalogi geëxporteerd worden " ++"naar een gewoon tekstbestand in LDIF-indeling (dit is het gestandaardiseerde " ++"'LDAP Data Interchange Format')." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Wanneer u 'altijd' selecteert, worden de databanken voor elke opwaardering " ++"onvoorwaardelijk naar een bestand geëxporteerd. Wanneer u 'wanneer nodig' " ++"selecteert, worden de databanken enkel geëxporteerd wanneer de nieuwe " ++"databank-indeling incompatibel is met de oude indeling en de data opnieuw " ++"geïmporteerd moeten worden. Wanneer u 'nooit' kiest wordt er geen databank-" ++"export gemaakt." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Voor databank-exports te gebruiken map:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Geef de map op waarnaar LDAP-databanken geëxporteerd moeten worden. In deze " ++"map worden verschillende LDIF-bestanden aangemaakt die overeenkomen met de " ++"zoekbasissen op de server. U dient ervoor te zorgen dat u genoeg vrije " ++"ruimte heeft op de partitie waar de map zich bevindt. Het eerste voorkomen " ++"van de tekst 'VERSION' wordt vervangen door de server-versie vanwaar u " ++"opwaardeert." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Wilt u de oude databank verplaatsen?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Er bevinden zich nog bestanden in /var/lib/ldap die het configuratieproces " ++"waarschijnlijk zullen verstoren. Als u voor deze optie kiest, zullen de " ++"scripts van de pakketbeheerder de oude databankbestanden wegzetten voordat " ++"ze de nieuwe databank aanmaken." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Configuratie opnieuw proberen?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"De door u ingevoerde configuratie is ongeldig. Zorg ervoor dat: de DNS-" ++"domeinnaam een geldige syntaxis heeft, het veld voor de organisatie niet " ++"leeg is, en de beheerderswachtwoorden overeenkomen. Wanneer u ervoor kiest " ++"om de configuratie niet opnieuw te proberen, wordt uw LDAP-server niet " ++"ingesteld. U kunt later altijd 'dpkg-reconfigure slapd' uitvoeren om de " ++"configuratie opnieuw te proberen. " ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "DNS-domeinnaam:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"De DNS-domeinnaam wordt gebruikt als de basis-DN van uw LDAP-catalogus. foo." ++"example.org invoeren geeft u de basis-DN dc=foo, dc=example, dc=org." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Organisatienaam:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Geef op welke organisatienaam gebruikt moet worden in de basis-DN van uw " ++"LDAP-catalogus." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Beheerderswachtwoord:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "" ++"Gelieve het wachtwoord op te geven voor het beheerdersaccount in uw LDAP-" ++"catalogus." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Bevestig het wachtwoord:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Gelieve het beheerderswachtwoord van uw LDAP-catalogus nogmaals in te tikken " ++"(dit om tikfouten tegen te gaan)." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Wachtwoorden komen niet overeen" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "" ++"De twee door u ingevoerde wachtwoorden kwamen niet overeen. Gelieve nogmaals " ++"te proberen." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Wilt u dat de databank verwijderd wordt wanneer slapd gewist wordt?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "slapcat gaf een fout tijdens de opwaardering" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "" ++"Er is een fout opgetreden tijdens het opwaarderen van uw LDAP-catalogus." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"Bij het uitpakken van de LDAP-catalogus signaleerde het programma 'slapcat' " ++"een fout. Dit kan veroorzaakt worden door een onjuist configuratiebestand " ++"(bv. het ontbreken van 'moduleload'-regels voor het ondersteunen van de " ++"backenddatabank)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Deze mislukking zorgt ervoor dat 'slapadd' zo meteen ook mislukt. De oude " ++"databankbestanden worden verplaatst naar /var/backups . Als u deze " ++"opwaardering opnieuw wilt proberen, dient u eerst de oude databankbestanden " ++"terug te plaatsen, daarna de oorzaak van het mislukken van slapcat op te " ++"lossen, en tenslotte de volgende opdracht uit te voeren:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Vervolgens verplaatst u de databankbestanden terug naar de reservekopie-map " ++"en probeert u slapadd uit te voeren vanaf ${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "De configuratie van de slapd-toegangscontrole is mogelijk onveilig" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Een of meer van de geconfigureerde databanken gebruikt bij de " ++"toegangscontrole een regel die gebruikers toelaat om het grootste deel van " ++"hun eigen attributen te wijzigen. Afhankelijk van de wijze waarop de " ++"databank gebruikt wordt, is dit mogelijk onveilig." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"In het geval er slapd-toegangsregels van toepassing zijn die met \"to *\" " ++"beginnen, wordt aanbevolen om elk voorkomen van \"by self write\" te " ++"verwijderen, waardoor gebruikers enkel die attributen kunnen wijzigen " ++"waarvoor dit expliciet toegestaan wordt." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Raadpleeg /usr/share/doc/slapd/README.Debian.gz voor meer details." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "de installatie afbreken" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "desondanks toch voortgaan" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Het handmatig bijwerken van het ppolicy schema wordt aanbevolen" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"De nieuwe versie van de Password Policy (ppolicy) overlay vereist dat het " ++"schema het attribuuttype pwdMaxRecordedFailure definieert, maar dit komt " ++"niet voor in het schema dat momenteel in gebruik is. Het wordt aanbevolen om " ++"de opwaardering nu af te breken en het ppolicy-schema bij te werken " ++"vooraleer slapd opgewaardeerd wordt. Indien replicatie toegepast wordt, moet " ++"het bijwerken van het schema op elke server uitgevoerd worden voor u " ++"voortgaat met de opwaardering." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++"Er werd een LDIF-bestand gegenereerd met de voor de opwaardering vereiste " ++"wijzigingen:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"dus als slapd de standaardregels voor toegangscontrole gebruikt, kunnen deze " ++"wijzigingen toegepast worden door (na het starten van slapd) de volgende " ++"opdracht uit te voeren:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Indien u er integendeel voor kiest de installatie voort te zetten, zal het " ++"nieuwe attribuuttype automatisch toegevoegd worden, maar zullen de slapd-" ++"overlays geen rekening houden met de aanpassing en dit kan de replicatie met " ++"andere servers beïnvloeden." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Te gebruiken databankbackend:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB en BDB gebruiken een gelijkaardige opslagindeling, maar HDB " ++#~ "ondersteunt ook het hernoemen van deelbomen. Beide ondersteunen dezelfde " ++#~ "configuratieopties." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "Het MDB-backend is de aanbevolen keuze. MDB maakt gebruik van een nieuw " ++#~ "opslagformaat en vraagt minder configuratie dan BDB of HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "In elk geval is het een goed idee om te controleren of de resulterende " ++#~ "databankconfiguratie aan uw noden voldoet. Meer informatie vindt u in /" ++#~ "usr/share/doc/slapd/README.Debian.gz." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "LDAPv2-protocol toelaten?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "Het verouderde LDAPv2-protocol is standaard uitgeschakeld in slapd. " ++#~ "Programma's en gebruikers dienen op te waarderen naar LDAPv3. Als u oude " ++#~ "programma's heeft die geen LDAPv3 aankunnen, dient u deze optie te kiezen " ++#~ "(hierdoor wordt 'allow bind_v2' toegevoegd aan uw 'slapd.conf'-bestand)." diff --cc debian/po/pt.po index 00000000,00000000..3e013b56 new file mode 100644 --- /dev/null +++ b/debian/po/pt.po @@@ -1,0 -1,0 +1,525 @@@ ++# Portuguese translation for openldap debconf messages. ++# Copyright (C) Tiago Fernandes , 2006 ++# This file is distributed under the same license as the openldap package. ++# ++# Tiago Fernandes , 2006,2008,2010. ++# Rui Branco - DebianPT , 2017. ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap 2.4.44+dfsg-3\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-04-10 22:08+0000\n" ++"Last-Translator: Rui Branco - DebianPT \n" ++"Language-Team: Portuguese \n" ++"Language: pt\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"Plural-Forms: nplurals=2;\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Omitir a configuração do servidor OpenLDAP?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Se activar esta opção, não será criada inicialmente uma configuração ou base " ++"de dados para si." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "sempre" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "quando necessário" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "nunca" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Despejar as bases de dados para ficheiro durante a actualização:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Antes de actualizar para uma nova versão do servidor OpenLDAP, os dados dos " ++"seu directórios LDAP podem ser despejados para ficheiros de texto simples no " ++"formato padronizado LDAP Data Interchange Format." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Seleccionar \"sempre\" fará com as bases de dados sejam despejadas " ++"incondicionalmente antes de uma actualização. Seleccionar \"quando necessário" ++"\" irá apenas despejar a base de dados se a nova versão for incompatível com " ++"o formato da base de dados antiga e for necessário reimportar-la. Se " ++"seleccionar \"nunca\", não será feito qualquer despejo." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Directório a utilizar para bases de dados despejadas:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Por favor, especifique o directório para onde as bases de dados LDAP serão " ++"exportadas. Dentro deste directório serão criados vários ficheiros LDIF que " ++"correspondem às bases de pesquisas localizadas no servidor. Assegure-se que " ++"tem espaço livre suficiente na partição onde se encontra o directório. A " ++"primeira ocorrência da string \"VERSION\" é substituída com a versão do " ++"servidor que está a actualizar." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Mover a base de dados antiga?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Ainda existem ficheiros em /var/lib/ldap que provavelmente irão parar o " ++"processo de configuração. Se activar esta opção, os scripts do maintainer " ++"irão mover os ficheiros antigos da base de dados para fora do caminho, antes " ++"de criar a nova base de dados." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Tentar novamente a configuração?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"A configuração que inseriu é inválida. Assegure-se que o nome do domínio DNS " ++"tem uma sintaxe válida, que a organização é preenchida e que as palavras-" ++"chave de administrador coincidem. Se decidir não tentar novamente a " ++"configuração, o servidor de LDAP não ficará configurado. Corra \"dpkg-" ++"reconfigure slapd\" se quiser tentar novamente mais tarde." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "Nome do domínio DNS:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"O nome do domínio DNS é usado para construir o DN base do seu directório " ++"LDAP. Por exemplo, 'foo.exemplo.org' irá criar o directório com 'dc=foo," ++"dc=exemplo,dc=org' como DN base." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Nome da Organização:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Por favor, insira o nome da organização a usar, no DN base do seu directório " ++"LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Palavra-passe do administrador:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "" ++"Por favor, insira a palavra-passe para a entrada admin do seu directório " ++"LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Confirme a palavra-passe:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Por favor introduza novamente a palavra-passe de admin do seu directório " ++"LDAP, para verificar se a introduziu correctamente." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "A palavra-passe não coincide" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "" ++"As duas palavra-passe que você introduziu não são iguais. Por favor, tente " ++"novamente." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Quer que a base de dados seja removida quando o slapd for purgado?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "Falha do slapcat durante a actualização" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Ocorreu um erro durante a actualização do directório LDAP." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"O programa 'slapcat' falhou enquanto extraía o directório LDAP. Isto pode " ++"ter sido causado por um ficheiro de configuração incorrecto (por exemplo, " ++"linhas 'moduleload' em falta para suportar o backend da base de dados)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Esta falha irá fazer com que o 'slapadd' falhe também mais tarde. Os " ++"ficheiros antigos da base de dados serão movidos para /var/backups. Se " ++"quiser tentar novamente esta actualização, deverá mover os ficheiros antigos " ++"da base de dados antiga de volta para o seu lugar, corrigir o que possa ter " ++"causado a falha do slapcat, e executar:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Depois mova os ficheiros da base de dados de volta para a área de backup e a " ++"seguir tente correr o slapadd a partir de ${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Configuração de controlo de acesso ao slapd potencialmente insegura" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Uma ou mais das bases de dados configuradas têm uma regra de controlo de " ++"acesso que permite os utilizadores modificarem os seus próprios atributos. " ++"Isto pode ser inseguro, dependendo de como a base de dados é utilizada." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"No caso das regras de acesso do slapd que começam com \" até *\", é " ++"recomendado que se remova qualquer instância de \"by self write\", de " ++"maneira a que os utilizadores possam modificar especificamente atributos " ++"permitidos." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Ver /usr/share/doc/slapd/README.Debian.gz para mais detalhes." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "abortar a instalação" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "continuar de qualquer forma " ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Recomendada actualização manual do esquema ppolicy" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"A nova versão do overlay da politica de palavra-chave (ppolicy) requer ao " ++"esquema que seja definida um tipo de atributo pwdMaxRecordedFailure, o qual " ++"não está presente no esquema em uso. É recomendadoabortar a instalação neste " ++"momento, e actualizar o esquema ppolicy antes de actualizar o slapd. Se a " ++"replicação está em uso, a actualização do esquema deverá ser efectuada em " ++"cada servidor antes de continuar a actualização." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++"Um ficheiro LDIF foi criado com as alterações requeridas para a actualização:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"assim se o slapd estiver a usar as regras de controlo de acesso por " ++"predefinição, estas alterações podem ser aplicadas (depois de iniciar o " ++"slapd) ao usar o seguinte comando:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Se escolher continuar a instalação, o novo tipo de atributo será " ++"automaticamente adicionado, mas a alteração não terá efeito nos overlays " ++"slapd, e replicação com outros servidores pode ser afectada." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Backend a usar para a base de dados:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB e BDB usam formatos similares de armazenamento, mas o HDB adiciona " ++#~ "suporte para renomeação de sub-árvores. Ambos suportam as mesmas opções " ++#~ "de configuração." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "É recomendado o backend MDB. MDB utiliza um novo formato de armazenamento " ++#~ "e requer menos configurações do que BDB ou HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "Em qualquer caso, deverá rever a configuração da base de dados " ++#~ "resultante, para as suas necessidades. Ver /usr/share/doc/slapd/README." ++#~ "Debian.gz para mais detalhes." ++ ++#~ msgid "" ++#~ "In the version of slapd about to be installed, the ppolicy overlay " ++#~ "requires the new pwdMaxRecordedFailure attribute to be defined in the " ++#~ "ppolicy schema. The schema contained in the cn=config database does not " ++#~ "currently include this attribute." ++#~ msgstr "" ++#~ "Na versão do slapd prestes a ser instalada, o 'overlay' ppolicy requer a " ++#~ "definição de um novo atributo pwdMaxRecordedFailure no esquema ppolicy. " ++#~ "O esquema contido na base de dados cn=config não inclui actualmente este " ++#~ "atributo." ++ ++#~ msgid "" ++#~ "The ppolicy schema can be updated by applying the changes found in the " ++#~ "following LDIF file:" ++#~ msgstr "" ++#~ "O esquema ppolicy pode ser actualizado aplicando as alterações " ++#~ "encontradas no seguinte ficheiro LDIF:" ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Permitir o protocolo LDAPv2?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "O protocolo obsoleto LDAPv2 está desactivado por pré-definição no slapd. " ++#~ "Os programas e utilizadores devem actualizar para LDAPv3. Se tiver " ++#~ "programas antigos que não conseguem usar LDAPv3, deverá seleccionar esta " ++#~ "opção e será adicionado 'allow bind_v2' ao seu ficheiro slapd.conf." ++ ++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand" ++#~ msgstr "o slurpd está obsoleto; as réplicas terão de ser configuradas á mão" ++ ++#~ msgid "" ++#~ "One or more slurpd \"replica\" options were found in your slapd config " ++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, " ++#~ "you will need to migrate your replicas to use the syncrepl protocol " ++#~ "instead." ++#~ msgstr "" ++#~ "Foi encontrada, durante a actualização, uma ou mais opções \"replica\" do " ++#~ "slurpd na sua configuração do slapd. Devido ao slurpd estar obsoleto a " ++#~ "partir do OpenLDAP 2.4, terá de migrar as suas réplicas para usar o " ++#~ "protocolo syncrepl, em seu lugar." ++ ++#~ msgid "" ++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be " ++#~ "done automatically and you will need to configure your replica servers by " ++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for " ++#~ "details." ++#~ msgstr "" ++#~ "A conversão do slurpd para o protocolo syncrepl (pull-based) não poderá " ++#~ "ser feita automaticamente e terá de configurar manualmente os seus " ++#~ "servidores replicados. Por favor, para mais detalhes veja http://www." ++#~ "openldap.org/doc/admin24/syncrepl.html ." ++ ++#~ msgid "TLSCipherSuite values have changed" ++#~ msgstr "Os valores para TLSCipherSuite foram alterados" ++ ++#~ msgid "" ++#~ "A \"TLSCipherSuite\" option was found in your slapd config when " ++#~ "upgrading. The values allowed for this option are determined by the SSL " ++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a " ++#~ "result, your existing TLSCipherSuite setting will not work with this " ++#~ "package." ++#~ msgstr "" ++#~ "Durante a actualização a opção \"TLSCipherSuite\" foi encontrada na " ++#~ "configuração do seu slapd. Os valores permitidos para esta opção são " ++#~ "determinados pela implementação SSL usada, a qual foi alterada de OpenSSL " ++#~ "para GnuTLS. Como resultado, a sua actual opção TLSCipherSuite não irá " ++#~ "funcionar com este pacote." ++ ++#~ msgid "" ++#~ "This setting has been automatically commented out for you. If you have " ++#~ "specific encryption needs that require this option to be re-enabled, see " ++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of " ++#~ "ciphers supported by GnuTLS." ++#~ msgstr "" ++#~ "Esta opção foi comentada automaticamente para si. Se tiver necessidades " ++#~ "específicas de encriptação que necessitem que esta opção seja reactivada, " ++#~ "veja o output de 'gnutls-cli -l' que existe no pacote gnutls-bin, para " ++#~ "obter a lista de cifras suportadas pelo GnuTLS." ++ ++#~ msgid "Back up current database and create a new one?" ++#~ msgstr "Fazer cópia de segurança da base de dados actual e criar uma nova?" ++ ++#~ msgid "" ++#~ "The directory suffix (domain) you specified doesn't match the one " ++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires " ++#~ "moving aside the current LDAP database and creating a new one. Please " ++#~ "confirm whether you want to back up and abandon the current database." ++#~ msgstr "" ++#~ "O sufixo de directório (domínio) que especificou não coincide com o " ++#~ "actual em /etc/ldap/slapd.conf. Alterar o sufixo do directório requer " ++#~ "mover para outro local a actual base de dados LDAP e criar uma nova. Por " ++#~ "favor, confirme se deseja fazer cópia de segurança e abandonar a base de " ++#~ "dados actual." diff --cc debian/po/pt_BR.po index 00000000,00000000..9315aa36 new file mode 100644 --- /dev/null +++ b/debian/po/pt_BR.po @@@ -1,0 -1,0 +1,514 @@@ ++# openldap Brazilian Portuguese translation ++# Copyright (C) 2007 THE openldap'S COPYRIGHT HOLDER ++# This file is distributed under the same license as the openldap package. ++# André Luís Lopes , 2003-2006. ++# Felipe Augusto van de Wiel (faw) , 2007. ++# Steve Langasek , 2008. ++# Eder L. Marques (frolic) , 2008. ++# Adriano Rafael Gomes , 2011-2017. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap 2.4.44+dfsg-4\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-10 10:28-0200\n" ++"Last-Translator: Adriano Rafael Gomes \n" ++"Language-Team: l10n Portuguese \n" ++"Language: pt_BR\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Omitir a configuração do servidor OpenLDAP?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Se você habilitar esta opção, nenhuma configuração inicial ou base de dados " ++"será criada para você." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "sempre" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "quando necessário" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "nunca" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Descarregar as bases de dados para arquivos na atualização:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Antes de atualizar para uma nova versão do servidor OpenLDAP, os dados dos " ++"seus diretórios LDAP podem ser descarregados em arquivos texto plano no " ++"formato padrão \"LDAP Interchange Format\" (Formato de Intercâmbio LDAP)." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Selecionar \"sempre\" fará com que as bases de dados sejam descarregadas " ++"incondicionalmente antes de atualizar. Selecionar \"quando necessário\" só " ++"descarregará a base de dados se a nova versão for incompatível com o formato " ++"da antiga base de dados e tiver que ser importada novamente. Se você " ++"selecionar \"nunca\", nenhum descarregamento será feito." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Diretório para descarregar suas bases de dados:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Por favor, especifique o diretório onde as bases de dados LDAP serão " ++"exportadas. Nesse diretório, vários arquivos LDIF serão criados " ++"correspondendo às bases de procura localizadas no servidor. Tenha certeza de " ++"ter espaço livre suficiente na partição onde este diretório está localizado. " ++"A primeira ocorrência da string \"VERSION\" é substituída com a versão do " ++"servidor a partir da qual você está atualizando." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Mover a base de dados antiga?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Ainda há arquivos em /var/lib/ldap que provavelmente quebrarão o processo de " ++"configuração. Se você habilitar esta opção, os scripts do mantenedor moverão " ++"os arquivos da antiga base de dados para fora do caminho antes de criar uma " ++"nova base de dados." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Tentar novamente a configuração?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"A configuração que você informou é inválida. Tenha certeza de que o nome de " ++"domínio DNS tem uma sintaxe válida, o campo para a organização não foi " ++"deixado vazio e as senhas do admin conferem. Se você decidir não tentar " ++"novamente a configuração, o servidor LDAP não será configurado. Execute " ++"\"dpkg-reconfigure slapd\" se você quiser tentar novamente mais tarde." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "Nome do domínio DNS:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"O nome do domínio DNS é usado para construir a base DN de seu diretório " ++"LDAP. Por exemplo, \"foo.example.org\" criará o diretório com \"dc=foo, " ++"dc=example, dc=org\" como base DN." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Nome da organização:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Por favor, informe o nome da organização para usar na base DN de seu " ++"diretório LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Senha do administrador:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "" ++"Por favor, informe a senha para a entrada administrativa em seu diretório " ++"LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Confirme a senha:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Por favor, informe novamente a senha para a entrada administrativa de seu " ++"diretório LDAP para verificar se você a digitou corretamente." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "As senhas não conferem" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "" ++"As duas senhas que você informou não foram as mesmas. Por favor, tente " ++"novamente." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "" ++"Você deseja que a base de dados seja removida quando o pacote slapd for " ++"expurgado (\"purged\")?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "Falha do slapcat durante a atualização" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Um erro ocorreu durante a atualização do diretório LDAP." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"O programa \"slapcat\" falhou ao extrair o diretório LDAP. Isso pode ter " ++"sido causado por um arquivo de configuração incorreto (por exemplo, se " ++"estiverem faltando as linhas \"moduleload\" para suportar o \"backend\" da " ++"base de dados)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Esta falha fará com que o \"slapadd\" também falhe posteriormente. Os " ++"arquivos da antiga base de dados serão movidos para /var/backups. Se você " ++"quer tentar esta atualização novamente, você deve mover os arquivos da " ++"antiga base de dados de volta para o local original, corrigir o que quer que " ++"tenha causado a falha do slapcat e executar:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Então mova os arquivos da base de dados de volta para uma área de backup e " ++"depois tente executar slapadd a partir de ${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Configuração de controle de acesso do slapd potencialmente insegura" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Uma ou mais das bases de dados configuradas tem uma regra de controle de " ++"acesso que permite que usuários modifiquem a maioria dos seus próprios " ++"atributos. Isso pode ser inseguro, dependendo de como a base de dados é " ++"usada." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"No caso das regras de acesso do slapd que comecem com \"to *\", é " ++"recomendado remover quaisquer instâncias de \"by self write\", de modo que " ++"os usuários possam modificar somente atributos especificamente permitidos." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Veja /usr/share/doc/slapd/README.Debian.gz para mais detalhes." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "cancelar a instalação" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "continuar independentemente" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Recomendada a atualização manual do esquema ppolicy" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"A nova versão da sobreposição \"Password Policy\" (ppolicy) exige que o " ++"esquema defina o tipo do atributo pwdMaxRecordedFailure, o qual não está " ++"presente no esquema atualmente em uso. É recomendado cancelar a atualização " ++"agora e atualizar o esquema ppolicy antes de atualizar o slapd. Se a " ++"replicação estiver em uso, a atualização do esquema deverá ser aplicada em " ++"cada servidor antes de continuar com a atualização." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++"Um arquivo LDIF foi gerado com as modificações necessárias para a " ++"atualização:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"então se o slapd estiver usando as regras padrão de controle de acesso, " ++"essas modificações podem ser aplicadas (depois de iniciar o slapd) usando o " ++"comando:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Se em vez disso você escolher continuar a instalação, o tipo do novo " ++"atributo será adicionado automaticamente, mas a modificação não sofrerá " ++"ações por sobreposições do slapd, e a replicação com outros servidores pode " ++"ser afetada." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "\"Backend\" de base de dados a ser usado:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "O HDB e o BDB usam formatos de armazenamento similares, mas o HDB " ++#~ "adiciona suporte para renomeação de subárvores. Ambos suportam as mesmas " ++#~ "opções de configuração." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "O \"backend\" MDB é recomendado. O MDB usa um novo formato de " ++#~ "armazenamento e requer menos configuração que o BDB e o HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "Em qualquer caso, você deve revisar a configuração resultante da base de " ++#~ "dados para que atenda as suas necessidades. Veja /usr/share/doc/slapd/" ++#~ "README.Debian.gz para mais detalhes." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Permitir o protocolo LDAPv2?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "O protocolo obsoleto LDAPv2 é desabilitado por padrão no slapd. Os " ++#~ "programas e usuários devem atualizar-se para o LDAPv3. Se você tem " ++#~ "programas antigos que não usam LDAPv3, você deve selecionar esta opção e " ++#~ "\"allow bind_v2\" será adicionado ao seu arquivo slapd.conf." ++ ++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand" ++#~ msgstr "" ++#~ "O slurpd está obsoleto, réplicas devem ser configuradas manualmente." ++ ++#~ msgid "" ++#~ "One or more slurpd \"replica\" options were found in your slapd config " ++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, " ++#~ "you will need to migrate your replicas to use the syncrepl protocol " ++#~ "instead." ++#~ msgstr "" ++#~ "Uma ou mais opções slurpd \"replica\" foram encontradas em seu arquivo de " ++#~ "configuração slapd quando estava atualizando. Por causa de o slurpd está " ++#~ "obsoleto a partir do OpenLDAP 2.4, em vez disso você precisará migrar " ++#~ "suas replicas para usar o protocolo syncrepl." ++ ++#~ msgid "" ++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be " ++#~ "done automatically and you will need to configure your replica servers by " ++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for " ++#~ "details." ++#~ msgstr "" ++#~ "A conversão de slurpd para o protocolo syncrepl baseado no método de " ++#~ "puxar (\"pull\") atualizações, não pode ser feito automaticamente e você " ++#~ "precisará configurar seus servidores de réplica manualmente. Por favor, " ++#~ "veja http://www.openldap.org/doc/admin24/syncrepl.html para detalhes." ++ ++#~ msgid "TLSCipherSuite values have changed" ++#~ msgstr "Os valores da TLSCipherSuite mudou" ++ ++#~ msgid "" ++#~ "A \"TLSCipherSuite\" option was found in your slapd config when " ++#~ "upgrading. The values allowed for this option are determined by the SSL " ++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a " ++#~ "result, your existing TLSCipherSuite setting will not work with this " ++#~ "package." ++#~ msgstr "" ++#~ "Uma opção \"TLSCipherSuite\" foi encontrada em seu arquivo slapd durante " ++#~ "a atualização. Os valores permitidos para esta opção são determinados " ++#~ "pela implementação SSL utilizada, a qual foi alterada de OpenSSL para " ++#~ "GnuTLS. Como resultado, sua configuração TLSCipherSuite existente não irá " ++#~ "funcionar com este pacote." ++ ++#~ msgid "" ++#~ "This setting has been automatically commented out for you. If you have " ++#~ "specific encryption needs that require this option to be re-enabled, see " ++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of " ++#~ "ciphers supported by GnuTLS." ++#~ msgstr "" ++#~ "Esta configuração foi automaticamente comentada para você. Se você tem " ++#~ "necessidades específicas de criptografia que requerem que esta opção seja " ++#~ "reabilitada, veja a saída do comando 'gnutls-cli -l' no pacote gnutls-bin " ++#~ "para uma lista das cifras suportadas pelo GnuTLS." ++ ++#~ msgid "Back up current database and create a new one?" ++#~ msgstr "Fazer backup da base de dados atual e criar uma nova?" ++ ++#~ msgid "" ++#~ "The directory suffix (domain) you specified doesn't match the one " ++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires " ++#~ "moving aside the current LDAP database and creating a new one. Please " ++#~ "confirm whether you want to back up and abandon the current database." ++#~ msgstr "" ++#~ "O sufixo de diretório (domínio) que você especificou não confere com o " ++#~ "atual em /etc/ldap/slapd.conf. Mudar o sufixo do diretório requer mover a " ++#~ "atual base de dados LDAP e criar uma nova. Por favor, confirme se você " ++#~ "quer fazer um backup da base de dados atual e abandoná-la." diff --cc debian/po/ru.po index 00000000,00000000..4d9e6e3e new file mode 100644 --- /dev/null +++ b/debian/po/ru.po @@@ -1,0 -1,0 +1,507 @@@ ++# translation of openldap_2.4.21-1_ru.po to Russian ++# ++# Translators, if you are not familiar with the PO format, gettext ++# documentation is worth reading, especially sections dedicated to ++# this format, e.g. by running: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# Some information specific to po-debconf are available at ++# /usr/share/doc/po-debconf/README-trans ++# or http://www.debian.org/intl/l10n/po-debconf/README-trans# ++# Developers do not need to manually edit POT or PO files. ++# ++# Yuri Kozlov , 2007, 2008. ++# Yuri Kozlov , 2010, 2014, 2017. ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap 2.4.44+dfsg-4\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-10 19:00+0300\n" ++"Last-Translator: Yuri Kozlov \n" ++"Language-Team: Russian \n" ++"Language: ru\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"X-Generator: Lokalize 2.0\n" ++"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" ++"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Не выполнять настройку сервера OpenLDAP?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Если вы ответите утвердительно, начальная конфигурация или база данных " ++"создаваться не будет." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "всегда" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "только при необходимости" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "никогда" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "При обновлении сохранять данные из базы данных в файл:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Перед обновлением до новой версии сервера OpenLDAP данные из ваших каталогов " ++"LDAP могут быть сохранены в текстовые файлы в стандартизованном формате " ++"обмена данных LDAP." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Если выбрать \"всегда\", то перед обновлением данные из баз будут " ++"обязательно сохранены. Если выбрать \"только при необходимости\", то база " ++"данных будет сохранена, только если новая версия не совместима со старым " ++"форматом базы данных и должна быть импортирована повторно. Если выбрать " ++"\"никогда\", то сохранение базы будет пропущено." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Каталог сохранения данных из баз:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Укажите каталог, куда будут экспортированы базы данных LDAP. В этом каталоге " ++"будет создано несколько файлов LDIF, которые соответствуют поисковым базам, " ++"расположенным на сервере. Убедитесь, что у вас достаточно места на разделе, " ++"где расположен каталог. Первое появление строки со словом \"VERSION\" " ++"заменяется на версию сервера, с которой производится обновление." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Переместить старую базу данных?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"В каталоге /var/lib/ldap находятся файлы, которые, вероятно, негативно " ++"повлияют на процесс настройки. Если вы ответите утвердительно, то " ++"сопровождающие сценарии, перед тем как создать новую базу, переместят старые " ++"файлы базы данных в другое место." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Повторить настройку?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"Введённая вами конфигурация неправильна. Убедитесь, что доменное имя DNS " ++"записано в правильном формате, что поле названия организации непустое и что " ++"пароль администратора верен. Если вы не станете повторять настройку, то " ++"сервер LDAP останется не настроенным. Если позднее вы захотите выполнить " ++"настройку, запустите команду «dpkg-reconfigure slapd»." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "Доменное имя DNS:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"Доменное имя DNS используется для построения базового DN каталога LDAP. " ++"Например, если ввести «foo.bar.org», то это даст базовый DN «dc=foo, dc=bar, " ++"dc=org»." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Название организации:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Введите название организации для использования в базовом DN каталога LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Пароль администратора:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "Введите пароль для записи admin в каталоге LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Повторите ввод пароля:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Введите тот же пароль для admin в каталоге LDAP ещё раз, чтобы убедиться в " ++"правильности ввода." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Пароли не совпадают" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "Введённые вами пароли не совпадают. Попробуйте ещё раз." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Удалять базу данных при вычистке slapd?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "Ошибка slapcat при обновлении" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Возникла ошибка при попытке обновления каталога LDAP." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"Ошибка возникла при выполнении программы «slapcat», которая пыталась " ++"распаковать каталог LDAP. Это могло произойти из-за некорректного файла " ++"конфигурации (например, в случае отсутствия строк «moduleload» для вашего " ++"типа сервера базы данных)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"В дальнейшем, это также вызовет отказ в работе «slapadd». Старые файлы базы " ++"данных были перенесены в каталог /var/backups. Если вы хотите попытаться " ++"выполнить обновление ещё раз, переместите старые файлы базы данных обратно, " ++"исправьте ошибку, вызывающую отказ работы «slapcat» и выполните:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Переместите файлы базы данных обратно в место хранения резервной копии и " ++"затем попытайтесь запустить slapadd из ${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Потенциально небезопасная настройка управления доступом slapd" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"В одной или более базах данных настроено правило контроля доступа, которое " ++"позволяет пользователям изменять не только собственные атрибуты. Это может " ++"быть небезопасно, в зависимости от использования базы данных." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"В случае, когда правила доступа slapd начинаются с «to *», рекомендуется " ++"удалять все экземпляры «by self write» для того, чтобы пользователи могли " ++"изменять только явно разрешённые атрибуты." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Смотрите подробности в файле /usr/share/doc/slapd/README.Debian.gz." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "прервать установку" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "продолжить" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Рекомендуется обновление схемы ppolicy вручную" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"Для новой версии оверлея Password Policy (ppolicy) требуется определение " ++"типа атрибутов pwdMaxRecordedFailure, который отсутствует в используемой в " ++"данной момент схеме. Рекомендуется прервать установку прямо сейчас и " ++"обновить схему ppolicy перед обновлением slapd. Если используется " ++"репликация, то обновление схемы должно быть выполнено на каждом сервере " ++"перед продолжением обновления." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "Был создан файл LDIF с изменениями, требующимися для обновления:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"и если в slapd используются правила управления доступом по умолчанию, то эти " ++"изменения можно применить (после запуска slapd) командой:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Если вы выберете продолжение установки, то новый тип атрибута будет добавлен " ++"автоматически, но изменение не будет применено в оверлеях slapd, и это может " ++"повлиять на другие серверы при репликации." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Используемые серверы баз данных:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB и BDB используют схожие форматы хранения, но в HDB добавлена " ++#~ "поддержка переименования поддеревьев. Оба типа сервера поддерживают " ++#~ "одинаковые параметры настройки." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "Рекомендуется использовать сервер MDB. MDB использует новый формат " ++#~ "хранения и требует меньше настроек чем BDB или HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "В любом случае, убедитесь в соответствии получившихся настроек базы " ++#~ "данных вашим требованиям. Подробней о настройке смотрите в файле /usr/" ++#~ "share/doc/slapd/README.Debian.gz." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Включить протокол LDAPv2?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "По умолчанию в slapd старый протокол LDAPv2 выключен. Клиентские " ++#~ "программы нужно обновить до версий с поддержкой LDAPv3. Если у вас есть " ++#~ "старые программы, которые не могут использовать LDAPv3, то вы должны " ++#~ "ответить утвердительно, и в файл slapd.conf будет добавлена запись «allow " ++#~ "bind_v2»." ++ ++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand" ++#~ msgstr "slurpd устарел; реплики должны быть перенастроены вручную" ++ ++#~ msgid "" ++#~ "One or more slurpd \"replica\" options were found in your slapd config " ++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, " ++#~ "you will need to migrate your replicas to use the syncrepl protocol " ++#~ "instead." ++#~ msgstr "" ++#~ "При обновлении в вашем конфигурационном файле для slapd найден один или " ++#~ "несколько параметров \"replica\" для slurpd. Так как slurpd устарел " ++#~ "начиная с OpenLDAP версии 2.4, для реплик вам нужно перейти на протокол " ++#~ "syncrepl." ++ ++#~ msgid "" ++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be " ++#~ "done automatically and you will need to configure your replica servers by " ++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for " ++#~ "details." ++#~ msgstr "" ++#~ "Автоматическое преобразование настроек slurpd в настройки основанного на " ++#~ "вытягивании протокола syncrepl невозможно, и поэтому вы должны настроить " ++#~ "свои серверы реплик вручную. Подробней об этом смотрите на странице " ++#~ "http://www.openldap.org/doc/admin24/syncrepl.html." ++ ++#~ msgid "TLSCipherSuite values have changed" ++#~ msgstr "Изменились значения для TLSCipherSuite" ++ ++#~ msgid "" ++#~ "A \"TLSCipherSuite\" option was found in your slapd config when " ++#~ "upgrading. The values allowed for this option are determined by the SSL " ++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a " ++#~ "result, your existing TLSCipherSuite setting will not work with this " ++#~ "package." ++#~ msgstr "" ++#~ "При обновлении в настройке slapd был найден параметр \"TLSCipherSuite\". " ++#~ "Допустимые значения этого параметра, определяемые авторами SSL, были " ++#~ "изменены при переходе с OpenSSL на GnuTLS. В результате, имеющаяся " ++#~ "настройка TLSCipherSuite не заработает с этим пакетом." ++ ++#~ msgid "" ++#~ "This setting has been automatically commented out for you. If you have " ++#~ "specific encryption needs that require this option to be re-enabled, see " ++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of " ++#~ "ciphers supported by GnuTLS." ++#~ msgstr "" ++#~ "Данная настройка будет автоматически закомментирована. Если для какого-то " ++#~ "специфичного шифрования вам требуется её использовать, то список " ++#~ "поддерживаемых GnuTLS алгоритмов можно посмотреть, запустив команду " ++#~ "'gnutls-cli -l' из пакета gnutls-bin." ++ ++#~ msgid "Back up current database and create a new one?" ++#~ msgstr "Сделать резервную копию имеющейся базы данных и создать новую?" ++ ++#~ msgid "" ++#~ "The directory suffix (domain) you specified doesn't match the one " ++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires " ++#~ "moving aside the current LDAP database and creating a new one. Please " ++#~ "confirm whether you want to back up and abandon the current database." ++#~ msgstr "" ++#~ "Вы указали суффикс каталога (домен), который не совпадает с имеющимся в /" ++#~ "etc/ldap/slapd.conf. Изменение суффикса каталога требует перемещения " ++#~ "имеющейся базы данных LDAP и создание новой. Подтвердите, что хотите " ++#~ "сделать резервную копию базы данных и отказаться от имеющейся." diff --cc debian/po/sk.po index 00000000,00000000..aea7895d new file mode 100644 --- /dev/null +++ b/debian/po/sk.po @@@ -1,0 -1,0 +1,431 @@@ ++# Slovak translations for openldap package ++# Slovenské preklady pre balík openldap. ++# Copyright (C) 2011 THE openldap'S COPYRIGHT HOLDER ++# This file is distributed under the same license as the PACKAGE package. ++# ++# Slavko , 2011. ++# Ivan Masár , 2017. ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap 2.4.23-7\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-10 10:01+0200\n" ++"Last-Translator: Ivan Masár \n" ++"Language-Team: x\n" ++"Language: sk\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n" ++"X-Generator: Virtaal 0.7.1\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Vynechať nastavenia servera OpenLDAP?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Ak zvolíte túto možnosť, nebude vytvorené počiatočné nastavenie ani databáza." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "vždy" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "keď je treba" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "nikdy" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Pri aktualizácii uložiť databázy do súboru:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Pred aktualizáciou na novšiu verziu servera OpenLDAP môžu byť vaše dáta z " ++"adresárov LDAP uložené do textových súborov vo formáte LDAP Data Interchange " ++"Format, čo je štandardizovaný formát na popis týchto dát." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Výberom „vždy“ zaistíte, že budú databázy uložené do súborov pred každou " ++"aktualizáciou. Voľba „keď je treba“ znamená, že budú databázy uložené len v " ++"prípade, že je nová verzia nekompatibilná s formátom starej databázy, a teda " ++"bude potrebné opätovné nahratie dát. Ak zvolíte „nikdy“, dáta sa nebudú " ++"ukladať." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Adresár pre exportované databázy:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Prosím, zadajte adresár, kam majú byť uložené databázy LDAP. V tomto " ++"adresári bude vytvorených niekoľko súborov LDIF, jeden pre každý koreň " ++"adresárov LDAP daného servera. Presvedčte sa, že je na zvolenej oblasti " ++"dostatok miesta. Prvý výskyt reťazca „VERSION” bude nahradený verziou " ++"servera LDAP, z ktorej aktualizujete." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Presunúť starú databázu?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Vo /var/lib/ldap stále existujú súbory, ktoré pravdepodobne narušia proces " ++"nastavenia. Ak zvolíte túto možnosť, inštalačné skripty pred vytvorením " ++"novej databázy najprv presunú staré databázové súbory inam." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Opakovať nastavenie?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"Zadali ste neplatné nastavenie. Skontrolujte, či je zadané doménové meno " ++"(DNS) v platnom tvare, že je vyplnené pole organizácie a heslá " ++"administrátora súhlasia. Ak sa rozhodnete neopakovať nastavenie, ostane " ++"server LDAP nenastavený. Ak budete chcieť opakovať nastavenie neskôr, " ++"spustite „dpkg-reconfigure slapd”." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "Meno domény (DNS):" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"Meno domény (DNS) sa použije na vytvorenie základného DN adresára LDAP. " ++"Napríklad „foo.example.org“ vytvorí adresár so základným DN „dc=foo, " ++"dc=example, dc=org“." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Názov organizácie:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Prosím, zadajte názov organizácie, ktorý sa použije v základnom DN vášho " ++"adresára LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Heslo správcu:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "Prosím zadajte heslo správcu vášho adresára LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Overenie hesla:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Prosím, zadajte znova heslo správcu vášho adresára LDAP na overenie, že ste " ++"ho napísali správne." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Heslá sa nezhodujú" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "Zadané heslá nie sú rovnaké. Prosím, skúste to znova." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Chcete aby pri odstránení balíka slapd bola odstránená aj databáza?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "Zlyhanie slapcat počas aktualizácie" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Pri aktualizácii adresára LDAP nastala chyba." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"Program „slapcat“ zlyhal pri práci s adresárom LDAP. Táto chyba môže byť " ++"spôsobená chybným konfiguračným súborom (napríklad chýbajúce riadky " ++"„moduleload“ s podporou backend databázy)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Táto chyba bude mať za následok, že „slapadd“ neskôr tiež zlyhá. Súbory " ++"starej databázy budú presunuté do /var/backups. Ak budete chcieť skúsiť túto " ++"aktualizáciu neskôr znova, mali by ste najprv presunúť súbory starej " ++"databázy naspäť, opraviť príčinu zlyhania slapcat a spustiť:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Potom presuňte súbory databázy späť medzi zálohy a až potom skúste spustiť " ++"slapadd z ${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Potenciálne nebezpečná konfigurácia riadenia prístupu slapd" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Jedna alebo viac z nastavených databáz obsahuje pravidlo riadenia prístupu, " ++"ktoré umožňuje používateľom meniť väčšinu svojich vlastných atribútov. To " ++"môže byť nebezpečné podľa toho ako sa databáza používa." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"V prípade pravidiel riadenia prístupu slapd, ktoré začínajú na „to *“ sa " ++"odporúča odstrániť všetky prípady „by self write“, aby používatelia mohli " ++"meniť iba konkrétne povolené atribúty." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "" ++"Ďalšie informácie nájdete v súbore /usr/share/doc/slapd/README.Debian.gz." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "prerušiť inštaláciu" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "napriek tomu pokračovať" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Odporúča sa manuálna aktualizácia schémy ppolicy" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"Nová verzia prekrytia politiky hesla (ppolicy; Password Policy) vyžaduje, " ++"aby schéma definovala typ atribútu pwdMaxRecordedFailure, ktorý v momentálne " ++"používanej schéme nie je prítomný. Odporuča sa teraz prerušiť inštaláciu a " ++"aktualizovať schému ppolicy pred aktualizáciou slapd. Ak používate " ++"replikáciu, aktualizáciu schémy by ste mali použiť na každom serveri " ++"predtým, než budete pokračovať v aktualizácii." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "Bol vytvorený súbor LDIF so zmenami potrebnými na aktualizáciu:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"takže ak slapd používa predvolené pravidlá riadenia prístupu, tieto zmeny je " ++"možné použiť (po spustení slapd) príkazom:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Ak sa namiesto toho rozhodnete pokračovať v inštalácii, nový typ atribúty sa " ++"pridá automaticky, ale zmena sa neprejaví v prekrytiach slapd a môže to " ++"ovplyvniť replikáciu s ostatnými servermi." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Použiť backend databázy:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB a BDB používajú podobné formáty úložiska, ale HDB pridáva podporu " ++#~ "premenovania podstromov. Oba podporujú rovnaké konfiguračné voľby." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "Odporúča sa použiť backend MDB. MDB používa nový formát úložiska a " ++#~ "vyžaduje menej konfigurácie ako BDB či HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "V každom prípade by ste mali skontrolovať, či výsledné nastavenie " ++#~ "databázy zodpovedá vašim potrebám. Ďalšie informácie nájdete v súbore /" ++#~ "usr/share/doc/slapd/README.Debian.gz." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Povoliť protokol LDAPv2?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "Zastaraný protokol LDAPv2 je v slapd predvolene zakázaný. Programy a " ++#~ "používatelia by mali prejsť na LDAPv3. Ak máte staré programy, ktoré " ++#~ "nedokážu používať LDAPv3, mali by ste povoliť túto možnosť a do " ++#~ "konfiguračného súboru slapd.conf bude pridaný riadok „allow bind_v2”." diff --cc debian/po/sv.po index 00000000,00000000..699d363f new file mode 100644 --- /dev/null +++ b/debian/po/sv.po @@@ -1,0 -1,0 +1,526 @@@ ++# Translation of openldap debconf template to Swedish ++# Copyright (C) 2010, 2017 Martin Bagge ++# This file is distributed under the same license as the openldap package. ++# ++# Martin Ågren , 2008. ++# Martin Bagge , 2010, 2017 ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap_2.4.10-2_sv\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-12 14:59+0100\n" ++"Last-Translator: Martin Bagge / brother \n" ++"Language-Team: Swedish \n" ++"Language: sv\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"X-Generator: Poedit 1.8.11\n" ++"Plural-Forms: nplurals=2; plural=(n != 1);\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Utelämna konfiguration av OpenLDAP-servern?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Om du aktiverar det här alternativet kommer ingen initial konfiguration " ++"eller databas att skapas åt dig." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "alltid " ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "vid behov" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "aldrig" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Dumpa databaser till fil vid uppgradering:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Innan du uppgraderar till en ny version av OpenLDAP-servern, kan datat från " ++"dina LDAP-kataloger dumpas till klartextfiler i standardformatet LDAP Data " ++"Interchange Format." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Väljer du \"alltid\" kommer databaserna alltid att dumpas före en " ++"uppgradering. Väljer du \"vid behov\" kommer databasen bara dumpas om den " ++"nya versionen är inkompatibel med det gamla databasformatet och måste " ++"återimporteras. Om du väljer \"aldrig\", kommer ingen dump göras." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Katalog att dumpa databaser i:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Ange den katalog dit LDAP-databaser ska exporteras. I denna katalog kommer " ++"flera LDIF-filer att skapas som svarar mot sökbaserna på servern. Se till " ++"att du har tillräckligt med ledigt utrymme på den partition där katalogen " ++"finns. Den första förekomsten av strängen \"VERSION\" ersätts med den " ++"serverversion du uppgraderar från." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Flytta gammal databas?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Det finns fortfarande filer i /var/lib/ldap/ som troligen kommer göra att " ++"konfigurationsprocessen inte fungerar. Om du aktiverar detta val, kommer " ++"administrationsskripten att flytta den gamla databasfilen ur vägen innan en " ++"ny databas skapas." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Försöka konfigurera igen?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"Konfigurationen du angav är ogiltig. Säkerställ att DNS-domännamnet är " ++"syntaktiskt giltigt, att organisationsfältet inte lämnats tomt och att " ++"administratörslösenorden överensstämmer. Om du väljer att inte försöka " ++"konfigurera igen kommer LDAP-servern inte att ha korrekta inställningar. Kör " ++"\"dpkg-reconfigure slapd\" om du vill försöka igen senare." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "DNS-domännamn:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"DNS-domännamnet används för att konstruera bas-DN:et för LDAP-katalogen. " ++"Till exempel kommer \"foo.example.org\" att skapa en katalog med \"dc=foo, " ++"dc=example, dc=org\" som bas-DN." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Organisationsnamn:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Ange namnet på organisationen som ska användas i bas-DN:et för din LDAP-" ++"katalog." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Administratörslösenord:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "Ange lösenordet för admin-posten i LDAP-katalogen." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Bekräfta lösenordet:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Ange administratörslösenordet för din LDAP-katalog igen för att verifiera " ++"att du har skrivit in det korrekt." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Lösenorden matchar inte" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "De två lösenord du har angett var inte lika. Försök igen." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Vill du att databasen ska tas bort när slapd rensas bort?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "slapcat-fel vid uppgradering" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Ett fel inträffade när LDAP-katalogen uppgraderades." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"Programmet \"slapcat\" misslyckades när det extraherade LDAP-katalogen. " ++"Detta kan bero på en felaktig konfigurationsfil (till exempel, saknade " ++"\"moduleload\"-rader för att stödja bakändsdatabasen)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Detta fel kommer göra att \"slapadd\" misslyckas även senare. Den gamla " ++"databasen kommer flyttas till /var/backups. Om du vill försöka utföra den " ++"här uppgraderingen igen, behöver du flytta tillbaka de gamla databasfilerna, " ++"korrigera det som har fått slapcat att misslyckas och köra:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Flytta sedan tillbaka databasfilerna till ett utrymme för säkerhetskopior " ++"och kör slapadd från ${location}." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Potentiellt osäker rättighetsinställning för slapd" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"En eller flera av de inställda databaserna har rättighetsinställningar som " ++"innebär att användare tillåts att ändra de flesta av sina attribut. Detta " ++"kan vara osäkert, beroende på hur databasen används." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"I fallen där rättighetsinställningarna börjar med \"to *\" är det " ++"rekommenderat att ta bort \"by self write\" i förekommande fall. Det får " ++"till följd att användare bara får justera specifikt tillåtna attribut." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Läs /usr/share/doc/slapd/README.Debian.gz för detaljerad information." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "avbryt installation" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "fortsätt oavsett" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Manuell uppdatering av ppolicy-schema rekommenderas" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"Den nya versionen av överbryggningen av lösenordspolicyn (ppolicy, password " ++"policy) kräver att schemat definierar attributtypen pwdMaxRecordedFailure " ++"vilket inte är med i nuvarande schema. Det är rekommenderat att avbryta " ++"uppgraderingen nu och uppdatera ppolicy-schemat före uppgraderingen av " ++"slapd. Om replikering används måste schemauppdateringen appliceras på alla " ++"servrar innan uppgraderingen genomförs." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "En LDIF-fil har skapats med ändringarna som krävs för uppgraderingen:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"om slapd använder standardregler för åtkomsthantering kan dessa ändringar " ++"appliceras (efter att slapd startats) genom följande kommando:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Om du istället fortsätter med installationen kommer den nya attributtypen " ++"att läggas till automatiskt men ändringen kommer inte leda till att " ++"överbryggad slapd agerar på detta. Replikering till andra servrar kan " ++"påverkas." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Databasbakända att använda:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB och BDB använder liknande lagringsformat, men HDB lägger till stöd " ++#~ "för namnbyten på underträd. Båda stödjer samma konfigurationsalternativ." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "MDB-bakändan är rekommenderad. MDB använder ett nytt lagringsformat och " ++#~ "behöver mindre inställningar än BDB eller HDB." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "I vilket fall, behöver du se över den resulterande databaskonfigurationen " ++#~ "för dina behov. Se /usr/share/doc/slapd/README.Debian.gz för fler " ++#~ "detaljer." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Tillåt LDAPv2-protokollet?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "Det inte längre aktuella LDAPv2-protokollet är som standard avaktiverat i " ++#~ "slapd. Program och använder ska uppgradera till LDAPv3. Om du har gamla " ++#~ "program som inte kan använda LDAPv3, behöver du välja detta vilket gör " ++#~ "att \"allow bin_v2\" läggs till i din slapd.conf-fil." ++ ++#~ msgid "slurpd is obsolete; replicas must be reconfigured by hand" ++#~ msgstr "slurpd är inte aktuell; repliker måste konfigureras för hand" ++ ++#~ msgid "" ++#~ "One or more slurpd \"replica\" options were found in your slapd config " ++#~ "when upgrading. Because slurpd is obsolete beginning with OpenLDAP 2.4, " ++#~ "you will need to migrate your replicas to use the syncrepl protocol " ++#~ "instead." ++#~ msgstr "" ++#~ "En eller flera av slurpds \"replica\"-val har hittats i din slapd-" ++#~ "konfiguration vid uppgraderingen. Eftersom slurpd inte är aktuell längre " ++#~ "från och med OpenLDAP 2.4, kommer du behöva migrera dina repliker till " ++#~ "att använda syncrepl-protokollet istället." ++ ++#~ msgid "" ++#~ "The conversion from slurpd to the pull-based syncrepl protocol cannot be " ++#~ "done automatically and you will need to configure your replica servers by " ++#~ "hand. Please see http://www.openldap.org/doc/admin24/syncrepl.html for " ++#~ "details." ++#~ msgstr "" ++#~ "Konverteringen från slurpd till det frågebaserade syncrepl-protokollet " ++#~ "kan inte göras automatiskt och du kommer behöva konfigurera dina replica-" ++#~ "servrar för hand. Se http://www.openldap.org/doc/admin24/syncrepl.html " ++#~ "för detaljer." ++ ++#~ msgid "TLSCipherSuite values have changed" ++#~ msgstr "Värden på TLSCipherSuite har ändrats" ++ ++#~ msgid "" ++#~ "A \"TLSCipherSuite\" option was found in your slapd config when " ++#~ "upgrading. The values allowed for this option are determined by the SSL " ++#~ "implementation used, which has been changed from OpenSSL to GnuTLS. As a " ++#~ "result, your existing TLSCipherSuite setting will not work with this " ++#~ "package." ++#~ msgstr "" ++#~ "Ett \"TLSCipherSuite\"-val hittades i din slapd-konfiguration vid " ++#~ "uppgraderingen. De värden som tillåts för detta val avgörs av den SSL-" ++#~ "implementation som används och detta har ändrats från OpenSSL till " ++#~ "GnuTLS. Som en följd av detta kommer inte din befintliga TLSCipherSuite-" ++#~ "inställning att fungera med det här paketet." ++ ++#~ msgid "" ++#~ "This setting has been automatically commented out for you. If you have " ++#~ "specific encryption needs that require this option to be re-enabled, see " ++#~ "the output of 'gnutls-cli -l' in the gnutls-bin package for the list of " ++#~ "ciphers supported by GnuTLS." ++#~ msgstr "" ++#~ "Den inställning har automatiskt kommenterats ut åt dig. Om du har " ++#~ "särskilda krypteringsbehov som kräver att detta val återaktiveras, se " ++#~ "utdatat från \"gnutls-cli -l\" i gnutls-bin-paketet för en lista över " ++#~ "krypton som stöds av GnuTLS." ++ ++#~ msgid "Back up current database and create a new one?" ++#~ msgstr "Säkerhetskopiera aktuell databas och skapa en ny?" ++ ++#~ msgid "" ++#~ "The directory suffix (domain) you specified doesn't match the one " ++#~ "currently in /etc/ldap/slapd.conf. Changing the directory suffix requires " ++#~ "moving aside the current LDAP database and creating a new one. Please " ++#~ "confirm whether you want to back up and abandon the current database." ++#~ msgstr "" ++#~ "Katalogsuffixet (domänen) du angett matchar inte den som för tillfället " ++#~ "anges i /etc/ldap/slapd.conf. Om du ändrar katalogsuffixet krävs att du " ++#~ "flyttar den nuvarande LDAP-databasen å sidan och skapar en ny. Bekräfta " ++#~ "att du vill säkerhetskopiera och överge den nuvarande databasen." ++ ++#~ msgid "Change backend type from LDBM to BDB?" ++#~ msgstr "Ändra bakändstyp från LDBM till BDB?" ++ ++#~ msgid "" ++#~ "The LDBM backend type has serious stability problems and has been " ++#~ "deprecated by OpenLDAP as of 2.2. It is no longer supported by the " ++#~ "OpenLDAP packages." ++#~ msgstr "" ++#~ "LDBM-bakändstypen har allvarliga stabilitetsproblem och har blivit " ++#~ "utdaterad av OpenLDAP från och med 2.2. Den stöds inte längre av OpenLDAP-" ++#~ "paketen." ++ ++#~ msgid "" ++#~ "When the BDB backend is used, it must be configured properly. For more " ++#~ "information, see /usr/share/doc/slapd/README.DB_CONFIG.gz." ++#~ msgstr "" ++#~ "När BDB-bakändan används, måste den konfigureras ordentligt. För mer " ++#~ "information, se /usr/share/doc/slapd/README.DB_CONFIG.gz." ++ ++#~ msgid "" ++#~ "If you enable this option, an attempt will be made to update the " ++#~ "configuration to use BDB instead of LDBM and convert the databases. If " ++#~ "you do not enable this option, the upgrade will be aborted." ++#~ msgstr "" ++#~ "Om du aktiverar detta val, kommer ett försök göras att uppdatera " ++#~ "konfigurationen till att använda BDB istället för LDBM och konvertera " ++#~ "databaserna. Om du inte aktiverar detta val, kommer uppgraderingen att " ++#~ "avbrytas." diff --cc debian/po/templates.pot index 00000000,00000000..0f016e35 new file mode 100644 --- /dev/null +++ b/debian/po/templates.pot @@@ -1,0 -1,0 +1,333 @@@ ++# SOME DESCRIPTIVE TITLE. ++# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER ++# This file is distributed under the same license as the openldap package. ++# FIRST AUTHOR , YEAR. ++# ++#, fuzzy ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" ++"Last-Translator: FULL NAME \n" ++"Language-Team: LANGUAGE \n" ++"Language: \n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=CHARSET\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" diff --cc debian/po/tr.po index 00000000,00000000..c339bfeb new file mode 100644 --- /dev/null +++ b/debian/po/tr.po @@@ -1,0 -1,0 +1,436 @@@ ++# Turkish debconf templates translation for openldap ++# This file is distributed under the same license as the openldap package. ++# Atila KOÇ , 2012, 2014, 2017. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-01-13 18:42+0300\n" ++"Last-Translator: Atila KOÇ \n" ++"Language-Team: Turkish \n" ++"Language: tr\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=utf-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"X-Generator: Poedit 1.8.7.1\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "OpenLDAP sunucu yapılandırması atlansın mı?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Bu seçeneği seçmeniz durumunda sizin için ne bir ön yapılandırma yapılacak " ++"ne de bir veritabanı yaratılacak. " ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "her zaman" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "gerektiğinde" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "hiçbir zaman" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Yükseltme sırasında veritabanlarının dökümü yapılsın mı?:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Makineniz yeni OpenLDAP sunucu sürümüne yükseltilmeden önce, LDAP " ++"dizinlerindeki verileriniz LDAP Veri Değişimi Biçimi'nde (LDIF) metin " ++"dosyalarına yedeklenebilir." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"\"her zaman\" seçimi veritabanlarının yükseltme öncesinde kayıtsız şartsız " ++"bir dökümünü sağlayacaktır. \"gerektiğinde\" seçimi yeni ile eski sürüm " ++"arasında veritabanı biçim farklılığı varsa ve bu nedenle yeni veritabanına " ++"eski verilerin sonradan alınması gerekirse döküm yapacaktır. \"hiçbir zaman" ++"\" seçeneğini seçerseniz döküm yapılmayacaktır." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Veritabanı dökümü için kullanılacak dizin:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"LDAP veritabanlarının dışa aktarımı için bir dizin belirtiniz. Bu dizine " ++"sunucuda varolan arama tabanlarına karşılık gelen bir çok LDIF dosyası " ++"kaydedilecektir. İlgili dizinin bulunduğu disk bölümünde yeterince boş alan " ++"olduğundan emin olunuz. \"VERSION\" dizgesi ilk görüldüğü yerde yükseltme " ++"işleminden önceki sunucu sürümünüzle değiştirilecektir." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Eski veritabanı taşınsın mı?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"/var/lib/ldap dizininde yapılandırma sürecini bozabilecek bazı dosyalar " ++"bulunmaktadır. Bu seçeneği seçerseniz, bakımcı betikleri yeni bir veritabanı " ++"yaratmadan önce bu eski veritabanı dosyalarını başka bir yere taşıyacaktır." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Yapılandırma yeniden denensin mi?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"Girdiğiniz yapılandırma ayarları geçersiz. DNS alan adının sözdizimsel " ++"olarak geçerli olduğundan, örgüt adı için ayrılmış alanın boş olmadığından " ++"ve yönetici parolalarının uyumlu olduğundan emin olunuz. Yapılandırmayı " ++"yeniden denemeyi seçmezseniz LDAP sunucu kurulmayacaktır. Kurulumu sonra " ++"denemek isterseniz, 'dpkg-reconfigure slapd' komutunu çalıştırın." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "DNS alan adı:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"DNS alan adı LDAP dizinin temel DN yapılandırması için kullanılmıştır. " ++"Örneğin, 'gecici.example.org' alan adı 'dc=gecici, dc=example, dc=org' temel " ++"DN'ye sahip dizini yaratacaktır." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Örgüt adı:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "LDAP dizininizin temel DN'si olarak kullanılacak örgüt adını giriniz." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Yönetici parolası:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "LDAP dizini yöneticisi için parola giriniz." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Parolayı doğrulayınız:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"LDAP dizini yönetici parolasını tekrar giriniz ve doğru yazdığınızdan emin " ++"olunuz." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Parola uyumsuzluğu" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "Girdiğiniz iki parola aynı değil, lütfen tekrar deneyiniz." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "" ++"slapd paketi tamamen kaldırıldığında veritabanının da kaldırılmasını ister " ++"misiniz?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "Yükseltme sırasında 'slapcat' hatası" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "LDAP dizini yükseltilirken bir hata oluştu." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"'slapcat' programı LDAP dizinini dışa aktarırken başarısız oldu. Buna hatalı " ++"bir yapılandırma dosyası neden olmuş olabilir (örneğin, arka uç " ++"veritabanlarını desteklemek için gerekli 'moduleload' satırlarının eksik " ++"olması gibi)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Bu hata 'slapadd' programının da hata vermesine neden olacaktır. Eski " ++"veritabanı dosyaları /var/backups dizinine taşınacaktır. Eğer bu yükseltmeyi " ++"yeniden denemek isterseniz, eski veritabanı dosyalarını yerlerine geri " ++"almalı, 'slapcat' programının hatasına neden olan her ne ise düzeltmeli ve " ++"aşağıdaki komutu çalıştırmalısınız:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Daha sonra veritabanı dosyalarını bir yedekleme alanına geri taşıyın ve " ++"${location} konumundan 'slapadd' komutunu çalıştırınız." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Olası güvensiz slapd erişim denetimi yapılandırması" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Yapılandırılmış bir ya da daha fazla veritabanında, kullanıcıların " ++"kendilerine ait bir çok özelliği değiştirmesine izin veren bir erişim " ++"denetimi kuralı var. Bu durum, veritabanı kullanım şekline bağlı olarak, " ++"güvenli olmayabilir." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"\"to *\" ile başlayan slapd erişim kurallarında, kullanıcıların yalnızca " ++"değiştirilmesine izin verilmiş özellikleri değiştirebilmeleri için, tüm \"by " ++"self write\" alanlarının kaldırılması önerilir." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "" ++"Daha fazla bilgi için /usr/share/doc/slapd/README.Debian.gz dosyasını " ++"okuyunuz." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "kurulumdan çık" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "yine de sürdür" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "ppolicy şemasının elle yükseltilmesi öneriliyor" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"Parola ilkesi katmanının (ppolicy) yeni sürümü, şu anda kullanılmakta olan " ++"şemanın içermediği pwdMaxRecordedFailure özniteliğinin şemada tanımlanmasını " ++"gerektiriyor. Şimdi kurulumdan çıkmanız ve slapd yükseltmesine başlamadan " ++"önce ppolicy şemasını güncellemeniz önerilir. Eğer dizinlerinizi kopyalayan " ++"başka sunucular varsa, yükseltmeye başlamadan önce bütün sunuculardaki " ++"şemaları güncellemeniz gerekiyor." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "" ++"Yükseltme için gerekli değişiklikleri içeren bir LDIF dosyası oluşturuldu:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"Eğer slapd öntanımlı erişim denetimi kurallarını kullanıyorsa, bu " ++"değişiklikler slapd başlatıldıktan sonra aşağıdaki komutu çalıştırarak " ++"uygulanabilir:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Eğer kurulumu sürdürmeyi yeğlerseniz, yeni öznitelik kendiliğinden eklenecek " ++"fakat bu değişim slapd katmanlarında hayata geçmeyecek ve dizinleri " ++"kopyalayan sunucular varsa bu durumdan etkilenebileceklerdir." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Kullanılacak veritabanı arka ucu:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB ve BDB benzer depolama biçimleri kullanırlar, fakat HDB alt ağaç " ++#~ "yeniden adlandırmalarına olanak tanır. Her ikisi de aynı yapılandırma " ++#~ "seçeneklerini desteklerler." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "MDB arka ucu önerilir. MDB yeni bir depolama biçimi kullanır ve BDB ya da " ++#~ "HDB'ye göre daha az yapılandırma gerektirir." ++ ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "Her durumda sonuçlanan veritabanı yapılandırmasının gereksinimlerinize " ++#~ "uyduğundan emin olmalısınız. Daha fazla bilgi için /usr/share/doc/slapd/" ++#~ "README.Debian.gz dosyasını okuyunuz." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "LDAPv2 iletişim kuralına izin verilsin mi?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "Eskimiş LDAPv2 iletişim kuralı slapd yapılandırmasında öntanımlı olarak " ++#~ "devre dışı bırakılmıştır. Programlar ve kullanıcılar LDAPv3 iletişim " ++#~ "kuralına geçmelidirler. LDAPv3 iletişim kuralına geçemeyecek eski " ++#~ "programlarınız varsa slapd.conf dosyasına 'allow bind_v2' satırını " ++#~ "ekleyecek olan bu seçeneği seçmelisiniz." diff --cc debian/po/vi.po index 00000000,00000000..24decc91 new file mode 100644 --- /dev/null +++ b/debian/po/vi.po @@@ -1,0 -1,0 +1,434 @@@ ++# Vietnamese translation for OpenLDAP. ++# Copyright © 2010 Free Software Foundation, Inc. ++# Clytie Siddall , 2005-2010. ++# Trần Ngọc Quân , 2014, 2017. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openldap 2.4.44+dfsg-4\n" ++"Report-Msgid-Bugs-To: openldap@packages.debian.org\n" ++"POT-Creation-Date: 2019-10-03 23:01+0000\n" ++"PO-Revision-Date: 2017-02-09 13:57+0700\n" ++"Last-Translator: Trần Ngọc Quân \n" ++"Language-Team: Vietnamese \n" ++"Language: vi\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"Plural-Forms: nplurals=1; plural=0;\n" ++"X-Generator: Gtranslator 2.91.7\n" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "Omit OpenLDAP server configuration?" ++msgstr "Bỏ qua bước cấu hình trình phục vụ OpenLDAP?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:1001 ++msgid "" ++"If you enable this option, no initial configuration or database will be " ++"created for you." ++msgstr "" ++"Bật tùy chọn này thì không tạo cho bạn cấu hình hay cơ sở dữ liệu đầu tiên." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "always" ++msgstr "luôn luôn" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "when needed" ++msgstr "khi cần thiết" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:2001 ++msgid "never" ++msgstr "không bao giờ" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "Dump databases to file on upgrade:" ++msgstr "Đổ các cơ sở dữ liệu vào tập tin khi nâng cấp:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Before upgrading to a new version of the OpenLDAP server, the data from your " ++"LDAP directories can be dumped into plain text files in the standard LDAP " ++"Data Interchange Format." ++msgstr "" ++"Trước khi nâng cấp lên phiên bản mới của trình phục vụ OpenLDAP, dữ liệu nằm " ++"trong các thư mục LDAP có thể được đổ vào tập tin nhập thô theo định dạng " ++"trao đổi dữ liệu LDAP tiêu chuẩn." ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:2002 ++msgid "" ++"Selecting \"always\" will cause the databases to be dumped unconditionally " ++"before an upgrade. Selecting \"when needed\" will only dump the database if " ++"the new version is incompatible with the old database format and it needs to " ++"be reimported. If you select \"never\", no dump will be done." ++msgstr "" ++"Chọn mục “luôn luôn” thì gây ra các cơ sở dữ liệu bị đổ một cách không điều " ++"kiện trước khi nâng cấp. Chọn “khi cần thiết” thì chỉ đổ cơ sở dữ liệu nếu " ++"phiên bản mới không tương thích với định dạng cơ sở dữ liệu cũ và cần phải " ++"nhập lại nó. Còn chọn “không bao giờ” thì không đổ gì." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "Directory to use for dumped databases:" ++msgstr "Thư mục dùng để đổ cơ sở dữ liệu:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:3001 ++msgid "" ++"Please specify the directory where the LDAP databases will be exported. In " ++"this directory, several LDIF files will be created which correspond to the " ++"search bases located on the server. Make sure you have enough free space on " ++"the partition where the directory is located. The first occurrence of the " ++"string \"VERSION\" is replaced with the server version you are upgrading " ++"from." ++msgstr "" ++"Ghi rõ tên thư mục vào đó cần xuất các cơ sở dữ liệu LDAP. Trong thư mục này " ++"thì tạo vài tập tin LDIF tương ứng với những cơ bản tìm kiếm nằm trên máy " ++"phục vụ. Hãy kiểm tra xem vẫn có đủ sức chứa trống trong phân vùng đó. Lần " ++"đầu tiên gặp chuỗi “VERSION” (phiên bản) thì được thay thế bằng phiên bản từ " ++"đó bạn đang nâng cấp." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "Move old database?" ++msgstr "Di chuyển cơ sở dữ liệu cũ?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:4001 ++msgid "" ++"There are still files in /var/lib/ldap which will probably break the " ++"configuration process. If you enable this option, the maintainer scripts " ++"will move the old database files out of the way before creating a new " ++"database." ++msgstr "" ++"Vẫn còn có một số tập tin nằm trong thư mục “/var/lib/ldap” mà rất có thể " ++"làm hỏng tiến trình cấu hình. Bật tùy chọn này thì văn lệnh bảo trì chuyển " ++"các tập tin cơ sở dữ liệu ra trước khi tạo một cơ sở dữ liệu mới." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "Retry configuration?" ++msgstr "Thử cấu hình lại?" ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:5001 ++msgid "" ++"The configuration you entered is invalid. Make sure that the DNS domain name " ++"is syntactically valid, the field for the organization is not left empty and " ++"the admin passwords match. If you decide not to retry the configuration the " ++"LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to " ++"retry later." ++msgstr "" ++"Bạn đã nhập một cấu hình không hợp lệ. Hãy kiểm tra lại tên miền DNS có cú " ++"pháp đúng, không bỏ trống trường tổ chức, và có hai mật khẩu quản lý trùng " ++"nhau. Nếu bạn quyết định không nên thử lại làm bước cấu hình thì không cài " ++"đặt trình phục vụ LDAP. Muốn thử lại về sau thì chạy lệnh cấu hình lại “dpkg-" ++"reconfigure slapd”." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "DNS domain name:" ++msgstr "Tên miền DNS:" ++ ++# The DNS domain name is used to construct the base DN of your LDAP ++# directory. Entering foo.bar.org will give you the base DN dc=foo, dc=bar, ++# dc=org. ++#. Type: string ++#. Description ++#: ../slapd.templates:6001 ++msgid "" ++"The DNS domain name is used to construct the base DN of the LDAP directory. " ++"For example, 'foo.example.org' will create the directory with 'dc=foo, " ++"dc=example, dc=org' as base DN." ++msgstr "" ++"Tên miền DNS được dùng để cấu trúc tên miền cơ bản của thư mục LDAP. Chẳng " ++"hạn, “foo.thí_dụ.org” sẽ tạo thư mục có “dc=foo, dc=thí_dụ, dc=org” là tên " ++"miền cơ bản." ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "Organization name:" ++msgstr "Tên tổ chức:" ++ ++#. Type: string ++#. Description ++#: ../slapd.templates:7001 ++msgid "" ++"Please enter the name of the organization to use in the base DN of your LDAP " ++"directory." ++msgstr "" ++"Hãy nhập tên của tổ chức cần dùng trong tên miền cơ bản của thư mục LDAP." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Administrator password:" ++msgstr "Mật khẩu quản trị:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:8001 ++msgid "Please enter the password for the admin entry in your LDAP directory." ++msgstr "Hãy nhập mật khẩu cho mục nhập quản trị trong thư mục LDAP của bạn." ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "Confirm password:" ++msgstr "Xác nhận mật khẩu:" ++ ++#. Type: password ++#. Description ++#: ../slapd.templates:9001 ++msgid "" ++"Please enter the admin password for your LDAP directory again to verify that " ++"you have typed it correctly." ++msgstr "" ++"Hãy nhập lại mật khẩu quản trị cho thư mục LDAP để xác nhận lại bạn đã gõ " ++"đúng." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "Password mismatch" ++msgstr "Mật khẩu không khớp" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:10001 ++msgid "The two passwords you entered were not the same. Please try again." ++msgstr "Bạn đã gõ hai mật khẩu khác nhau. Hãy thử lại." ++ ++#. Type: boolean ++#. Description ++#: ../slapd.templates:11001 ++msgid "Do you want the database to be removed when slapd is purged?" ++msgstr "Khi tẩy gói phần mềm slapd, bạn có muốn xóa bỏ cơ sở dữ liệu đi không?" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "slapcat failure during upgrade" ++msgstr "slapcat gặp lỗi trong khi nâng cấp" ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "An error occurred while upgrading the LDAP directory." ++msgstr "Gặp lỗi trong khi nâng cấp thư mục LDAP." ++ ++#. Type: error ++#. Description ++#: ../slapd.templates:14001 ++msgid "" ++"The 'slapcat' program failed while extracting the LDAP directory. This may " ++"be caused by an incorrect configuration file (for example, missing " ++"'moduleload' lines to support the backend database)." ++msgstr "" ++"Chương trình “slapcat” bị lỗi trong khi giải nén thư mục LDAP. Có thể do một " ++"tập tin cấu hình sai (v.d. thiếu dòng “moduleload” để hỗ trợ cơ sở dữ liệu " ++"ứng dụng chạy phía sau)." ++ ++#. Type: error ++#. Description ++#. This paragraph is followed by a (non translatable) paragraph ++#. containing a command line ++#: ../slapd.templates:14001 ++msgid "" ++"This failure will cause 'slapadd' to fail later as well. The old database " ++"files will be moved to /var/backups. If you want to try this upgrade again, " ++"you should move the old database files back into place, fix whatever caused " ++"slapcat to fail, and run:" ++msgstr "" ++"Lỗi này cũng sẽ là nguyên nhân làm cho tiến trình “slapadd” thất bại về sau. " ++"Các tập tin cơ sở dữ liệu cũ sẽ được di chuyển vào thư mục “/var/backups”. " ++"Muốn thử lại tiến trình nâng cấp thì bạn nên di chuyển các tập tin cơ sở dữ " ++"liệu cũ về nơi gốc, sửa chữa những gì làm cho slapcat bị lỗi, và chạy câu " ++"lệnh:" ++ ++#. Type: error ++#. Description ++#. Translators: keep "${location}" unchanged. This is a variable that ++#. will be replaced by a directory name at execution ++#: ../slapd.templates:14001 ++msgid "" ++"Then move the database files back to a backup area and then try running " ++"slapadd from ${location}." ++msgstr "" ++"Sau đó, hãy di chuyển các tập tin cơ sở dữ liệu sang một vùng sao lưu, và " ++"thử chạy trình slapadd từ vị trí “${location}”." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "Potentially unsafe slapd access control configuration" ++msgstr "Cấu hình điều khiển truy cập slapd tiềm ẩn sự thiếu an toàn" ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "" ++"One or more of the configured databases has an access control rule that " ++"allows users to modify most of their own attributes. This may be unsafe, " ++"depending on how the database is used." ++msgstr "" ++"Có một hay hơn cơ sở dữ liệu cấu hình có chứa quy tắc điều khiển truy cập mà " ++"nó lại cho phép người dùng sửa đổi phần lớn các thuộc tính mà họ sở hữu. Như " ++"vậy là thiếu an toàn, còn tùy thuộc vào cơ sở dữ liệu dùng để làm gì." ++ ++#. Type: note ++#. Description ++#. Translators: keep "by self write" and "to *" unchanged. These are part ++#. of the slapd configuration and are not translatable. ++#: ../slapd.templates:15001 ++msgid "" ++"In the case of slapd access rules that begin with \"to *\", it is " ++"recommended to remove any instances of \"by self write\", so that users are " ++"only able to modify specifically allowed attributes." ++msgstr "" ++"Trong trường hợp quy tắc truy cập slapd mà bắt đầu bằng \"to *\", khuyên bạn " ++"nên xóa bỏ mọi thực thể \"by self write\", như thế người dùng chỉ có thể sửa " ++"các thuộc tính cho phép đã chỉ ra." ++ ++#. Type: note ++#. Description ++#: ../slapd.templates:15001 ++msgid "See /usr/share/doc/slapd/README.Debian.gz for more details." ++msgstr "Đọc /usr/share/doc/slapd/README.Debian.gz để biết thêm chi tiết." ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "abort installation" ++msgstr "hủy bỏ cài đặt" ++ ++#. Type: select ++#. Choices ++#: ../slapd.templates:16001 ++msgid "continue regardless" ++msgstr "vẫn tiếp tục" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "Manual ppolicy schema update recommended" ++msgstr "Khuyến khích cập nhật lược đồ ppolicy" ++ ++#. Type: select ++#. Description ++#. "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#: ../slapd.templates:16002 ++msgid "" ++"The new version of the Password Policy (ppolicy) overlay requires the schema " ++"to define the pwdMaxRecordedFailure attribute type, which is not present in " ++"the schema currently in use. It is recommended to abort the upgrade now, and " ++"to update the ppolicy schema before upgrading slapd. If replication is in " ++"use, the schema update should be applied on every server before continuing " ++"with the upgrade." ++msgstr "" ++"Phiên bản mới của overlay Chính sách Mật khẩu (ppolicy) cần lược đồ để định " ++"nghĩa kiểu thuộc tính pwdMaxRecordedFailure, cái mà không hiện diện trong " ++"lược đồ hiện đang dùng. Khuyến khích bạn bây giờ bãi bỏ nâng cấp, và cập " ++"nhật lược đồ trước khi nâng cấp slapd. Nếu bản sao đang dùng, cập nhật lược " ++"đồ có thể được áp dụng cho mọi máy phục vụ trước khi tiếp tục với nâng cấp." ++ ++#. Type: select ++#. Description ++#. This paragraph is followed by the path to the generated file (not ++#. translatable). The sentence continues in the following paragraph. ++#: ../slapd.templates:16002 ++msgid "" ++"An LDIF file has been generated with the changes required for the upgrade:" ++msgstr "Một tập tin LDIF đã được tạo với các thay đổi theo yêu cầu cập nhật:" ++ ++#. Type: select ++#. Description ++#. This paragraph continues the sentence started in the previous ++#. paragraph. It is followed by a command line. ++#: ../slapd.templates:16002 ++msgid "" ++"so if slapd is using the default access control rules, these changes can be " ++"applied (after starting slapd) by using the command:" ++msgstr "" ++"như vậy nếu slapd đang sử dụng các quy tắc điều khiển truy cập mặc định, " ++"những thay đổi có thể được áp dụng (sau khi khởi động slapd) bằng cách dùng " ++"lệnh:" ++ ++#. Type: select ++#. Description ++#: ../slapd.templates:16002 ++msgid "" ++"If instead you choose to continue the installation, the new attribute type " ++"will be added automatically, but the change will not be acted on by slapd " ++"overlays, and replication with other servers may be affected." ++msgstr "" ++"Nếu thay vào đó bạn chọn tiếp tục cài đặt, kiểu thuộc tính mới sẽ được thêm " ++"một cách tự động, nhưng thay đổi sẽ không được thực hiện trên các overlay " ++"slapd, và bản sao với các máy phục vụ khác có thể chịu tác động." ++ ++#~ msgid "Database backend to use:" ++#~ msgstr "Ứng dụng chạy cơ sở dữ liệu cần dùng:" ++ ++#~ msgid "" ++#~ "HDB and BDB use similar storage formats, but HDB adds support for subtree " ++#~ "renames. Both support the same configuration options." ++#~ msgstr "" ++#~ "HDB và BDB dùng định dạng lưu trữ tương tự nhau, nhưng HDB thêm hỗ trợ để " ++#~ "thay đổi tên của cây con. Cả hai hỗ trợ cùng những tùy chọn cấu hình." ++ ++#~ msgid "" ++#~ "The MDB backend is recommended. MDB uses a new storage format and " ++#~ "requires less configuration than BDB or HDB." ++#~ msgstr "" ++#~ "Khuyên bạn dùng ứng dụng chạy phía sau MDB. MDB dùng định dạng lưu trữ " ++#~ "mới và phần cấu hình cũng ít hơn là BDB hay HDB." ++ ++# The BDB backend is the recommended choice of the OpenLDAP developers. ++# When using the BDB backend make sure that you configure the underlying ++# database for your requirements. Look into /usr/share/doc/slapd/README. ++# DB_CONFIG.gz ++#~ msgid "" ++#~ "In any case, you should review the resulting database configuration for " ++#~ "your needs. See /usr/share/doc/slapd/README.Debian.gz for more details." ++#~ msgstr "" ++#~ "Trong mỗi trường hợp, bạn nên xem lại cấu hình cơ sở dữ liệu kết quả có " ++#~ "thích hợp với nhu cầu của bạn. Xem tài liệu Đọc Đi “/usr/share/doc/slapd/" ++#~ "README.DB_CONFIG.gz” để tìm chi tiết." ++ ++#~ msgid "Allow LDAPv2 protocol?" ++#~ msgstr "Cho phép giao thức LDAPv2?" ++ ++#~ msgid "" ++#~ "The obsolete LDAPv2 protocol is disabled by default in slapd. Programs " ++#~ "and users should upgrade to LDAPv3. If you have old programs which can't " ++#~ "use LDAPv3, you should select this option and 'allow bind_v2' will be " ++#~ "added to your slapd.conf file." ++#~ msgstr "" ++#~ "Giao thức LDAPv2 (phiên bản 2) cũ bị tắt theo mặc định trong slapd. Các " ++#~ "chương trình và người dùng đều nên nâng cấp lên LDAPv3 (phiên bản 3). Có " ++#~ "chương trình cũ không thể dùng LDAPv3 thì bạn nên bật tùy chọn này và " ++#~ "thêm chuỗi “allow bind_v2” vào tập tin cấu hình “slapd.conf”." diff --cc debian/rules index 00000000,00000000..ad040468 new file mode 100755 --- /dev/null +++ b/debian/rules @@@ -1,0 -1,0 +1,212 @@@ ++#!/usr/bin/make -f ++ ++include /usr/share/dpkg/architecture.mk ++include /usr/share/dpkg/pkg-info.mk ++ ++# Set this variable if you're building packages outside of Debian and don't ++# want the checks for DFSG-freeness. ++#DFSG_NONFREE = 1 ++ ++export DEB_CFLAGS_MAINT_APPEND := -Wall -Wno-format-extra-args -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE ++export DEB_BUILD_MAINT_OPTIONS := hardening=+pie,+bindnow ++ ++# Expose maintainer address to build/mkversion (see debian/patches/set-maintainer-name) ++export DEB_MAINTAINER := $(shell sed -ne 's/Maintainer:\s\+//p' debian/control) ++ ++# Expose DEB_VERSION to build/version.sh (see debian/patches/debian-version) ++export DEB_VERSION ++ ++# Workaround for bad glibc behavior when resolving localhost ++export RESOLV_MULTI = off ++ ++CONFIG = $(shell grep -v "^\#" debian/configure.options) ++ifeq ($(DEB_HOST_ARCH_OS),hurd) ++ CONFIG += --disable-bdb --disable-hdb --disable-mdb ++endif ++ifneq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),) ++ CONFIG += --disable-slapd ++endif ++ ++CONTRIB_MODULES = autogroup lastbind passwd passwd/argon2 passwd/pbkdf2 passwd/sha2 smbk5pwd ++ ++# Ensure CC is set correctly for cross builds, unless it has already ++# been set explicitly. ++ifeq ($(origin CC),default) ++ export CC := $(DEB_HOST_GNU_TYPE)-gcc ++endif ++ ++installdir := $(CURDIR)/debian/tmp ++builddir := $(CURDIR)/debian/build ++slapddir := $(CURDIR)/debian/slapd/usr/sbin ++ ++MAKEVARS := STRIP= ++ ++# Standard variables used in contrib Makefiles. ++# We override these in make invocations rather than patch every one. ++CONTRIB_MAKEVARS := \ ++ LDAP_BUILD='$(builddir)' \ ++ prefix=/usr \ ++ ldap_subdir=/ldap \ ++ moduledir='$$(libdir)$$(ldap_subdir)' ++ ++# These variables are used only by get-orig-source, which will normally only ++# be run by maintainers. ++VERSION = $(subst +dfsg,,$(DEB_VERSION_UPSTREAM)) ++URL = https://www.openldap.org/software/download/OpenLDAP/openldap-release/ ++ ++# Download the upstream source and make changes as required for DFSG reasons. ++# Assumes wget is available, as this is generally only used by the package ++# maintainers. ++get-orig-source: ++ @if [ ! -d "debian/schema" ] ; then \ ++ echo 'Run this from the top directory of the Debian source' >&2; \ ++ exit 1; \ ++ fi ++ wget $(URL)/openldap-$(VERSION).tgz ++ tar xzf openldap-$(VERSION).tgz ++ rm -r openldap-$(VERSION)/doc/drafts ++ rm -r openldap-$(VERSION)/doc/rfc ++ set -e; for schema in debian/schema/*.schema debian/schema/*.ldif ; do \ ++ file=`basename "$$schema"`; \ ++ rm openldap-$(VERSION)/servers/slapd/schema/$$file; \ ++ done ++ mv openldap-$(VERSION) openldap-$(VERSION)+dfsg ++ tar cf openldap_$(VERSION)+dfsg.orig.tar openldap-$(VERSION)+dfsg ++ rm -r openldap-$(VERSION)+dfsg ++ gzip -9 openldap_$(VERSION)+dfsg.orig.tar ++ ++DH = dh $@ --builddirectory=$(builddir) ++.PHONY: build ++build: ++ $(DH) ++%: ++ $(DH) ++ ++override_dh_auto_configure: ++ # Check if we include the RFCs, Internet-Drafts, or upstream schemas ++ # with RFC text (which are non DFSG-free). You can set DFSG_NONFREE ++ # to build the packages from the unchanged upstream sources but Debian ++ # can not ship the RFCs in main so this test is here to make sure it ++ # does not get in by accident again. -- Torsten ++ if [ -z "$(DFSG_NONFREE)" ]; then \ ++ if [ -e doc/drafts ] || [ -e doc/rfc ]; then exit 1; fi; \ ++ if [ -e servers/slapd/schema/core.schema ] \ ++ && grep -q 'RFC 4519 definition' servers/slapd/schema/core.schema; \ ++ then \ ++ exit 1; \ ++ fi; \ ++ fi ++ ++ # Copy our stripped schema versions into where upstream expects them. ++ if [ -z "$(DFSG_NONFREE)" ]; then \ ++ cp debian/schema/*.schema debian/schema/*.ldif \ ++ servers/slapd/schema/; \ ++ fi ++ ++ dh_auto_configure -- $(CONFIG) ++ ++override_dh_auto_build: ++ dh_auto_build -- $(MAKEVARS) ++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),) ++ for mod in $(CONTRIB_MODULES); do \ ++ dh_auto_build -Dcontrib/slapd-modules/$$mod -Bcontrib/slapd-modules/$$mod -- $(CONTRIB_MAKEVARS) || exit $$?; \ ++ done ++endif ++ ++override_dh_auto_install: ++ dh_auto_install -- $(MAKEVARS) ++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),) ++ for mod in $(CONTRIB_MODULES); do \ ++ dh_auto_install -Dcontrib/slapd-modules/$$mod -Bcontrib/slapd-modules/$$mod -- $(CONTRIB_MAKEVARS) || exit $$?; \ ++ done ++ ++ # Empty the dependency_libs file in the .la files. ++ for F in $(installdir)/usr/lib/ldap/*.la; do \ ++ sed -i "s/^dependency_libs=.*/dependency_libs=''/" $$F; \ ++ done ++endif ++ ++ # Check all built libraries for unresolved symbols except for the ++ # libslapi library. It is a special case since the SLAPI interface ++ # depends on symbols defined in slapd itself. Those symbols will ++ # remain unresolved until the plugin is loaded into slapd. ++ for F in $(installdir)/usr/lib/$(DEB_HOST_MULTIARCH)/*.so.*.*.*; do \ ++ if echo "$$F" | grep -q libslapi ; then \ ++ continue; \ ++ fi; \ ++ if LD_LIBRARY_PATH=$(installdir)/usr/lib/$(DEB_HOST_MULTIARCH) ldd -d -r $$F 2>&1 | grep '^undefined symbol:'; then \ ++ echo; \ ++ echo "library $$F has undefined references. Please fix this before continuing."; \ ++ exit 1; \ ++ fi; \ ++ done ++ ++ # Upstream manpages are section 8C but installed as section 8 ++ find $(installdir)/usr/share/man -name \*.8 \ ++ | xargs perl -pi -e 's#(\.TH \w+ 8)C#$$1#' ++ ++override_dh_installinit: ++ dh_installinit -- "defaults 19 80" ++ ++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),) ++override_dh_installman: ++ dh_installman ++ rm -f $(CURDIR)/debian/slapd/usr/share/man/man5/slapo-smbk5pwd.* ++ ++override_dh_fixperms-arch: ++ dh_fixperms ++ chmod +x $(CURDIR)/debian/slapd/usr/share/slapd/ldiftopasswd ++endif ++ ++override_dh_strip: ++ dh_strip -plibldap-2.4-2 --dbgsym-migration='libldap-2.4-2-dbg (<< 2.4.45+dfsg-1~)' ++ dh_strip -pslapd --dbgsym-migration='slapd-dbg (<< 2.4.45+dfsg-1~)' ++ dh_strip --remaining-packages ++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),) ++ # hardlink these so not confined by apparmor; do this here and not ++ # in dh_link so that dh_strip doesn't get confused and put the wrong ++ # binary in the debug package. ++ for f in slapacl slapadd slapauth slapcat slapdn slapindex slappasswd slaptest slapschema ; do \ ++ ln -f $(slapddir)/slapd $(slapddir)/$$f ; \ ++ done ++endif ++ ++override_dh_link: ++ for pkg in libldap2-dev libldap-2.4-2; do \ ++ sed -e"s/\$${DEB_HOST_MULTIARCH}/$(DEB_HOST_MULTIARCH)/g" < debian/$$pkg.links.in > debian/$$pkg.links; \ ++ done ++ dh_link ++ ++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),) ++override_dh_makeshlibs: ++ echo "slapd:Provides=$$(objdump -p debian/slapd/usr/lib/$(DEB_HOST_MULTIARCH)/libslapi-*.so.* \ ++ | sed -ne '/SONAME/ { s/[[:space:]]*SONAME[[:space:]]*//; \ ++ s/\.so\./-/; p; q }' \ ++ )" >> debian/slapd.substvars ++ dh_makeshlibs -pslapd -X/usr/lib/ldap/ -V "$$(sed -ne's/slapd:Provides=//p' debian/slapd.substvars)" ++ dh_makeshlibs --remaining-packages ++endif ++ ++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),) ++override_dh_installdeb: ++ dh_installdeb ++ perl -w debian/dh_installscripts-common -p slapd ++endif ++ ++override_dh_auto_clean: ++ dh_auto_clean ++ # Update translation templates for debconf ++ debconf-updatepo ++ifeq ($(filter pkg.openldap.noslapd,$(DEB_BUILD_PROFILES)),) ++ # Remove our stripped schema from the upstream source area. ++ if [ -z "$(DFSG_NONFREE)" ]; then \ ++ set -e; for s in debian/schema/*.schema debian/schema/*.ldif; do \ ++ rm -f servers/slapd/schema/`basename $$s`; \ ++ done; \ ++ fi ++ ++ # Clean the contrib directory ++ for mod in $(CONTRIB_MODULES); do \ ++ dh_auto_clean -Dcontrib/slapd-modules/$$mod -Bcontrib/slapd-modules/$$mod || exit $?; \ ++ done ++endif diff --cc debian/schema/README index 00000000,00000000..e601c459 new file mode 100644 --- /dev/null +++ b/debian/schema/README @@@ -1,0 -1,0 +1,15 @@@ ++This directory contains stripped versions of schema files that the ++OpenLDAP distribution includes in servers/slapd/schema. The original ++versions as distributed upstream contain text from the RFCs embedded as ++comments, and that text is covered by the Internet Society license which ++does not meet the Debian Free Software Guidelines. (It doesn't permit ++creation and distribution of modified versions.) Accordingly, Debian ++cannot include the original versions of these files in Debian packages. ++ ++Instead, in this directory are equivalent versions of those files with all ++of the text taken from IETF RFCs or Internet-Drafts removed and only the ++functional schema definition retained. ++ ++Where possible, the schema files as distributed by the OpenLDAP project ++are retained. This is only done where RFC or Internet-Draft text is ++embedded in the schema file and covered by the Internet Society license. diff --cc debian/schema/collective.schema index 00000000,00000000..c3dc1a14 new file mode 100644 --- /dev/null +++ b/debian/schema/collective.schema @@@ -1,0 -1,0 +1,65 @@@ ++# collective.schema -- Collective attribute schema ++# $OpenLDAP: pkg/ldap/servers/slapd/schema/collective.schema,v 1.12.2.2 2007/08/31 23:14:06 quanah Exp $ ++## This work is part of OpenLDAP Software . ++## ++## Copyright 1998-2007 The OpenLDAP Foundation. ++## All rights reserved. ++## ++## Redistribution and use in source and binary forms, with or without ++## modification, are permitted only as authorized by the OpenLDAP ++## Public License. ++## ++## A copy of this license is available in the file LICENSE in the ++## top-level directory of the distribution or, alternatively, at ++## . ++# ++ ++# The version of this file as distributed by the OpenLDAP Foundation ++# contains text from an IETF RFC explaining the schema. Unfortunately, ++# that text is covered by a license that doesn't meet Debian's Free ++# Software Guidelines. This is a stripped version of the schema that ++# contains only the functional schema definition, not the text of the ++# RFC. ++# ++# For an explanation of this schema, see RFC 3671, at (among other ++# places): http://www.ietf.org/rfc/rfc3671.txt ++ ++attributeType ( 2.5.4.7.1 NAME 'c-l' ++ SUP l COLLECTIVE ) ++ ++attributeType ( 2.5.4.8.1 NAME 'c-st' ++ SUP st COLLECTIVE ) ++ ++attributeType ( 2.5.4.9.1 NAME 'c-street' ++ SUP street COLLECTIVE ) ++ ++attributeType ( 2.5.4.10.1 NAME 'c-o' ++ SUP o COLLECTIVE ) ++ ++attributeType ( 2.5.4.11.1 NAME 'c-ou' ++ SUP ou COLLECTIVE ) ++ ++attributeType ( 2.5.4.16.1 NAME 'c-PostalAddress' ++ SUP postalAddress COLLECTIVE ) ++ ++attributeType ( 2.5.4.17.1 NAME 'c-PostalCode' ++ SUP postalCode COLLECTIVE ) ++ ++attributeType ( 2.5.4.18.1 NAME 'c-PostOfficeBox' ++ SUP postOfficeBox COLLECTIVE ) ++ ++attributeType ( 2.5.4.19.1 NAME 'c-PhysicalDeliveryOfficeName' ++ SUP physicalDeliveryOfficeName COLLECTIVE ) ++ ++attributeType ( 2.5.4.20.1 NAME 'c-TelephoneNumber' ++ SUP telephoneNumber COLLECTIVE ) ++ ++attributeType ( 2.5.4.21.1 NAME 'c-TelexNumber' ++ SUP telexNumber COLLECTIVE ) ++ ++attributeType ( 2.5.4.23.1 NAME 'c-FacsimileTelephoneNumber' ++ SUP facsimileTelephoneNumber COLLECTIVE ) ++ ++attributeType ( 2.5.4.25.1 NAME 'c-InternationalISDNNumber' ++ SUP internationalISDNNumber COLLECTIVE ) ++ diff --cc debian/schema/compare-schema index 00000000,00000000..ce6b80c1 new file mode 100755 --- /dev/null +++ b/debian/schema/compare-schema @@@ -1,0 -1,0 +1,26 @@@ ++#!/bin/sh ++# ++# Compare the stripped versions of the schema with the unmodified versions ++# from the source as distributed upstream and find any non-comment changes ++# so that our stripped versions can be updated. ++# ++# Takes the directory containing our stripped schema and the directory ++# containing the upstream schema. Uses the first directory as a working ++# area. ++ ++set -e ++ ++ours="$1" ++theirs="$2" ++if [ -z "$ours" ] || [ -z "$theirs" ] ; then ++ echo 'Usage: compare-schema ' >&2 ++ exit 1 ++fi ++ ++cd $ours ++for schema in *.schema *.ldif ; do ++ grep -v '^#' "$schema" | grep -v '^ *$' > "${schema}.debian" ++ grep -v '^#' "$theirs/$schema" | grep -v '^ *$' > "${schema}.upstream" ++ diff -u "${schema}.debian" "${schema}.upstream" ++ rm "${schema}.debian" "${schema}.upstream" ++done diff --cc debian/schema/corba.schema index 00000000,00000000..918e9df6 new file mode 100644 --- /dev/null +++ b/debian/schema/corba.schema @@@ -1,0 -1,0 +1,61 @@@ ++# corba.schema -- Corba Object Schema ++# depends upon core.schema ++# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.4.2.3 2007/01/02 21:44:09 kurt Exp $ ++# $OpenLDAP: pkg/ldap/servers/slapd/schema/corba.schema,v 1.4.2.3 2007/01/02 21:44:09 kurt Exp $ ++## This work is part of OpenLDAP Software . ++## ++## Copyright 1998-2007 The OpenLDAP Foundation. ++## All rights reserved. ++## ++## Redistribution and use in source and binary forms, with or without ++## modification, are permitted only as authorized by the OpenLDAP ++## Public License. ++## ++## A copy of this license is available in the file LICENSE in the ++## top-level directory of the distribution or, alternatively, at ++## . ++# ++ ++# The version of this file as distributed by the OpenLDAP Foundation ++# contains text from an IETF RFC explaining the schema. Unfortunately, ++# that text is covered by a license that doesn't meet Debian's Free ++# Software Guidelines. This is a stripped version of the schema that ++# contains only the functional schema definition, not the text of the ++# RFC. ++# ++# For an explanation of this schema, see RFC 2714, at (among other ++# places): http://www.ietf.org/rfc/rfc2714.txt ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.14 ++ NAME 'corbaIor' ++ DESC 'Stringified interoperable object reference of a CORBA object' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.15 ++ NAME 'corbaRepositoryId' ++ DESC 'Repository ids of interfaces implemented by a CORBA object' ++ EQUALITY caseExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++ ++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.10 ++ NAME 'corbaContainer' ++ DESC 'Container for a CORBA object' ++ SUP top ++ STRUCTURAL ++ MUST cn ) ++ ++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.9 ++ NAME 'corbaObject' ++ DESC 'CORBA object representation' ++ SUP top ++ ABSTRACT ++ MAY ( corbaRepositoryId $ description ) ) ++ ++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.11 ++ NAME 'corbaObjectReference' ++ DESC 'CORBA interoperable object reference' ++ SUP corbaObject ++ AUXILIARY ++ MUST corbaIor ) diff --cc debian/schema/core.ldif index 00000000,00000000..cc1811f4 new file mode 100644 --- /dev/null +++ b/debian/schema/core.ldif @@@ -1,0 -1,0 +1,603 @@@ ++# OpenLDAP Core schema ++# $OpenLDAP$ ++## This work is part of OpenLDAP Software . ++## ++## Copyright 1998-2014 The OpenLDAP Foundation. ++## All rights reserved. ++## ++## Redistribution and use in source and binary forms, with or without ++## modification, are permitted only as authorized by the OpenLDAP ++## Public License. ++## ++## A copy of this license is available in the file LICENSE in the ++## top-level directory of the distribution or, alternatively, at ++## . ++# ++ ++# The version of this file as distributed by the OpenLDAP Foundation ++# contains text claiming copyright by the Internet Society and including ++# the IETF RFC license, which does not meet Debian's Free Software ++# Guidelines. However, apart from short and obvious comments, the text of ++# this file is purely a functional interface specification, which is not ++# subject to that license and is not copyrightable under US law. ++# ++# The license statement is retained below so as not to remove credit, but ++# as best as we can determine, it is not applicable to the contents of ++# this file. ++ ++## Portions Copyright (C) The Internet Society (1997-2003). ++## All Rights Reserved. ++## ++## This document and translations of it may be copied and furnished to ++## others, and derivative works that comment on or otherwise explain it ++## or assist in its implementation may be prepared, copied, published ++## and distributed, in whole or in part, without restriction of any ++## kind, provided that the above copyright notice and this paragraph are ++## included on all such copies and derivative works. However, this ++## document itself may not be modified in any way, such as by removing ++## the copyright notice or references to the Internet Society or other ++## Internet organizations, except as needed for the purpose of ++## developing Internet standards in which case the procedures for ++## copyrights defined in the Internet Standards process must be ++## followed, or as required to translate it into languages other than ++## English. ++## ++## The limited permissions granted above are perpetual and will not be ++## revoked by the Internet Society or its successors or assigns. ++## ++## This document and the information contained herein is provided on an ++## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING ++## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ++## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION ++## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF ++## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. ++# ++# ++# ++# Includes LDAPv3 schema items from: ++# RFC 2252/2256 (LDAPv3) ++# ++# Select standard track schema items: ++# RFC 1274 (uid/dc) ++# RFC 2079 (URI) ++# RFC 2247 (dc/dcObject) ++# RFC 2587 (PKI) ++# RFC 2589 (Dynamic Directory Services) ++# ++# Select informational schema items: ++# RFC 2377 (uidObject) ++# ++# ++# Standard attribute types from RFC 2256 ++# ++dn: cn=core,cn=schema,cn=config ++objectClass: olcSchemaConfig ++cn: core ++# ++# system schema ++#olcAttributeTypes: ( 2.5.4.0 NAME 'objectClass' ++# DESC 'RFC2256: object classes of the entity' ++# EQUALITY objectIdentifierMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ++# ++# system schema ++#olcAttributeTypes: ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) ++# DESC 'RFC2256: name of aliased object' ++# EQUALITY distinguishedNameMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) ++# ++olcAttributeTypes: ( 2.5.4.2 NAME 'knowledgeInformation' ++ DESC 'RFC2256: knowledge information' ++ EQUALITY caseIgnoreMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) ++# ++# system schema ++#olcAttributeTypes: ( 2.5.4.3 NAME ( 'cn' 'commonName' ) ++# DESC 'RFC2256: common name(s) for which the entity is known by' ++# SUP name ) ++# ++olcAttributeTypes: ( 2.5.4.4 NAME ( 'sn' 'surname' ) ++ DESC 'RFC2256: last (family) name(s) for which the entity is known by' ++ SUP name ) ++# ++olcAttributeTypes: ( 2.5.4.5 NAME 'serialNumber' ++ DESC 'RFC2256: serial number of the entity' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) ++# ++# RFC 4519 definition ('countryName' in X.500 and RFC2256) ++olcAttributeTypes: ( 2.5.4.6 NAME ( 'c' 'countryName' ) ++ DESC 'RFC4519: two-letter ISO-3166 country code' ++ SUP name ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 ++ SINGLE-VALUE ) ++# ++olcAttributeTypes: ( 2.5.4.7 NAME ( 'l' 'localityName' ) ++ DESC 'RFC2256: locality which this object resides in' ++ SUP name ) ++# ++olcAttributeTypes: ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) ++ DESC 'RFC2256: state or province which this object resides in' ++ SUP name ) ++# ++olcAttributeTypes: ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) ++ DESC 'RFC2256: street address of this object' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) ++# ++olcAttributeTypes: ( 2.5.4.10 NAME ( 'o' 'organizationName' ) ++ DESC 'RFC2256: organization this object belongs to' ++ SUP name ) ++# ++olcAttributeTypes: ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) ++ DESC 'RFC2256: organizational unit this object belongs to' ++ SUP name ) ++# ++olcAttributeTypes: ( 2.5.4.12 NAME 'title' ++ DESC 'RFC2256: title associated with the entity' ++ SUP name ) ++# ++# system schema ++#olcAttributeTypes: ( 2.5.4.13 NAME 'description' ++# DESC 'RFC2256: descriptive information' ++# EQUALITY caseIgnoreMatch ++# SUBSTR caseIgnoreSubstringsMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) ++# ++# Deprecated by enhancedSearchGuide ++olcAttributeTypes: ( 2.5.4.14 NAME 'searchGuide' ++ DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) ++# ++olcAttributeTypes: ( 2.5.4.15 NAME 'businessCategory' ++ DESC 'RFC2256: business category' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) ++# ++olcAttributeTypes: ( 2.5.4.16 NAME 'postalAddress' ++ DESC 'RFC2256: postal address' ++ EQUALITY caseIgnoreListMatch ++ SUBSTR caseIgnoreListSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) ++# ++olcAttributeTypes: ( 2.5.4.17 NAME 'postalCode' ++ DESC 'RFC2256: postal code' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) ++# ++olcAttributeTypes: ( 2.5.4.18 NAME 'postOfficeBox' ++ DESC 'RFC2256: Post Office Box' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) ++# ++olcAttributeTypes: ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' ++ DESC 'RFC2256: Physical Delivery Office Name' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) ++# ++olcAttributeTypes: ( 2.5.4.20 NAME 'telephoneNumber' ++ DESC 'RFC2256: Telephone Number' ++ EQUALITY telephoneNumberMatch ++ SUBSTR telephoneNumberSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) ++# ++olcAttributeTypes: ( 2.5.4.21 NAME 'telexNumber' ++ DESC 'RFC2256: Telex Number' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) ++# ++olcAttributeTypes: ( 2.5.4.22 NAME 'teletexTerminalIdentifier' ++ DESC 'RFC2256: Teletex Terminal Identifier' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) ++# ++olcAttributeTypes: ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) ++ DESC 'RFC2256: Facsimile (Fax) Telephone Number' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) ++# ++olcAttributeTypes: ( 2.5.4.24 NAME 'x121Address' ++ DESC 'RFC2256: X.121 Address' ++ EQUALITY numericStringMatch ++ SUBSTR numericStringSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) ++# ++olcAttributeTypes: ( 2.5.4.25 NAME 'internationaliSDNNumber' ++ DESC 'RFC2256: international ISDN number' ++ EQUALITY numericStringMatch ++ SUBSTR numericStringSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) ++# ++olcAttributeTypes: ( 2.5.4.26 NAME 'registeredAddress' ++ DESC 'RFC2256: registered postal address' ++ SUP postalAddress ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) ++# ++olcAttributeTypes: ( 2.5.4.27 NAME 'destinationIndicator' ++ DESC 'RFC2256: destination indicator' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) ++# ++olcAttributeTypes: ( 2.5.4.28 NAME 'preferredDeliveryMethod' ++ DESC 'RFC2256: preferred delivery method' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 ++ SINGLE-VALUE ) ++# ++olcAttributeTypes: ( 2.5.4.29 NAME 'presentationAddress' ++ DESC 'RFC2256: presentation address' ++ EQUALITY presentationAddressMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 ++ SINGLE-VALUE ) ++# ++olcAttributeTypes: ( 2.5.4.30 NAME 'supportedApplicationContext' ++ DESC 'RFC2256: supported application context' ++ EQUALITY objectIdentifierMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ++# ++olcAttributeTypes: ( 2.5.4.31 NAME 'member' ++ DESC 'RFC2256: member of a group' ++ SUP distinguishedName ) ++# ++olcAttributeTypes: ( 2.5.4.32 NAME 'owner' ++ DESC 'RFC2256: owner (of the object)' ++ SUP distinguishedName ) ++# ++olcAttributeTypes: ( 2.5.4.33 NAME 'roleOccupant' ++ DESC 'RFC2256: occupant of role' ++ SUP distinguishedName ) ++# ++# system schema ++#olcAttributeTypes: ( 2.5.4.34 NAME 'seeAlso' ++# DESC 'RFC2256: DN of related object' ++# SUP distinguishedName ) ++# ++# system schema ++#olcAttributeTypes: ( 2.5.4.35 NAME 'userPassword' ++# DESC 'RFC2256/2307: password of user' ++# EQUALITY octetStringMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) ++# ++# Must be transferred using ;binary ++# with certificateExactMatch rule (per X.509) ++olcAttributeTypes: ( 2.5.4.36 NAME 'userCertificate' ++ DESC 'RFC2256: X.509 user certificate, use ;binary' ++ EQUALITY certificateExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) ++# ++# Must be transferred using ;binary ++# with certificateExactMatch rule (per X.509) ++olcAttributeTypes: ( 2.5.4.37 NAME 'cACertificate' ++ DESC 'RFC2256: X.509 CA certificate, use ;binary' ++ EQUALITY certificateExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) ++# ++# Must be transferred using ;binary ++olcAttributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList' ++ DESC 'RFC2256: X.509 authority revocation list, use ;binary' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) ++# ++# Must be transferred using ;binary ++olcAttributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList' ++ DESC 'RFC2256: X.509 certificate revocation list, use ;binary' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) ++# ++# Must be stored and requested in the binary form ++olcAttributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair' ++ DESC 'RFC2256: X.509 cross certificate pair, use ;binary' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 ) ++# ++# 2.5.4.41 is defined above as it's used for subtyping ++#olcAttributeTypes: ( 2.5.4.41 NAME 'name' ++# EQUALITY caseIgnoreMatch ++# SUBSTR caseIgnoreSubstringsMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) ++# ++olcAttributeTypes: ( 2.5.4.42 NAME ( 'givenName' 'gn' ) ++ DESC 'RFC2256: first name(s) for which the entity is known by' ++ SUP name ) ++# ++olcAttributeTypes: ( 2.5.4.43 NAME 'initials' ++ DESC 'RFC2256: initials of some or all of names, but not the surname(s).' ++ SUP name ) ++# ++olcAttributeTypes: ( 2.5.4.44 NAME 'generationQualifier' ++ DESC 'RFC2256: name qualifier indicating a generation' ++ SUP name ) ++# ++olcAttributeTypes: ( 2.5.4.45 NAME 'x500UniqueIdentifier' ++ DESC 'RFC2256: X.500 unique identifier' ++ EQUALITY bitStringMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 ) ++# ++olcAttributeTypes: ( 2.5.4.46 NAME 'dnQualifier' ++ DESC 'RFC2256: DN qualifier' ++ EQUALITY caseIgnoreMatch ++ ORDERING caseIgnoreOrderingMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ++# ++olcAttributeTypes: ( 2.5.4.47 NAME 'enhancedSearchGuide' ++ DESC 'RFC2256: enhanced search guide' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) ++# ++olcAttributeTypes: ( 2.5.4.48 NAME 'protocolInformation' ++ DESC 'RFC2256: protocol information' ++ EQUALITY protocolInformationMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 ) ++# ++# 2.5.4.49 is defined above as it's used for subtyping ++#olcAttributeTypes: ( 2.5.4.49 NAME 'distinguishedName' ++# EQUALITY distinguishedNameMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++# ++olcAttributeTypes: ( 2.5.4.50 NAME 'uniqueMember' ++ DESC 'RFC2256: unique member of a group' ++ EQUALITY uniqueMemberMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 ) ++# ++olcAttributeTypes: ( 2.5.4.51 NAME 'houseIdentifier' ++ DESC 'RFC2256: house identifier' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) ++# ++# Must be transferred using ;binary ++olcAttributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms' ++ DESC 'RFC2256: supported algorithms' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) ++# ++# Must be transferred using ;binary ++olcAttributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList' ++ DESC 'RFC2256: delta revocation list; use ;binary' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) ++# ++olcAttributeTypes: ( 2.5.4.54 NAME 'dmdName' ++ DESC 'RFC2256: name of DMD' ++ SUP name ) ++# ++olcAttributeTypes: ( 2.5.4.65 NAME 'pseudonym' ++ DESC 'X.520(4th): pseudonym for the object' ++ SUP name ) ++# ++# Standard object classes from RFC2256 ++# ++# system schema ++#olcObjectClasses: ( 2.5.6.1 NAME 'alias' ++# DESC 'RFC2256: an alias' ++# SUP top STRUCTURAL ++# MUST aliasedObjectName ) ++# ++olcObjectClasses: ( 2.5.6.2 NAME 'country' ++ DESC 'RFC2256: a country' ++ SUP top STRUCTURAL ++ MUST c ++ MAY ( searchGuide $ description ) ) ++# ++olcObjectClasses: ( 2.5.6.3 NAME 'locality' ++ DESC 'RFC2256: a locality' ++ SUP top STRUCTURAL ++ MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) ) ++# ++olcObjectClasses: ( 2.5.6.4 NAME 'organization' ++ DESC 'RFC2256: an organization' ++ SUP top STRUCTURAL ++ MUST o ++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ ++ x121Address $ registeredAddress $ destinationIndicator $ ++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ ++ telephoneNumber $ internationaliSDNNumber $ ++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ ++ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) ++# ++olcObjectClasses: ( 2.5.6.5 NAME 'organizationalUnit' ++ DESC 'RFC2256: an organizational unit' ++ SUP top STRUCTURAL ++ MUST ou ++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ ++ x121Address $ registeredAddress $ destinationIndicator $ ++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ ++ telephoneNumber $ internationaliSDNNumber $ ++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ ++ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) ++# ++olcObjectClasses: ( 2.5.6.6 NAME 'person' ++ DESC 'RFC2256: a person' ++ SUP top STRUCTURAL ++ MUST ( sn $ cn ) ++ MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) ++# ++olcObjectClasses: ( 2.5.6.7 NAME 'organizationalPerson' ++ DESC 'RFC2256: an organizational person' ++ SUP person STRUCTURAL ++ MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $ ++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ ++ telephoneNumber $ internationaliSDNNumber $ ++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ ++ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) ) ++# ++olcObjectClasses: ( 2.5.6.8 NAME 'organizationalRole' ++ DESC 'RFC2256: an organizational role' ++ SUP top STRUCTURAL ++ MUST cn ++ MAY ( x121Address $ registeredAddress $ destinationIndicator $ ++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ ++ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ ++ seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ ++ postOfficeBox $ postalCode $ postalAddress $ ++ physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) ++# ++olcObjectClasses: ( 2.5.6.9 NAME 'groupOfNames' ++ DESC 'RFC2256: a group of names (DNs)' ++ SUP top STRUCTURAL ++ MUST ( member $ cn ) ++ MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) ++# ++olcObjectClasses: ( 2.5.6.10 NAME 'residentialPerson' ++ DESC 'RFC2256: an residential person' ++ SUP person STRUCTURAL ++ MUST l ++ MAY ( businessCategory $ x121Address $ registeredAddress $ ++ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ ++ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ ++ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ ++ postOfficeBox $ postalCode $ postalAddress $ ++ physicalDeliveryOfficeName $ st $ l ) ) ++# ++olcObjectClasses: ( 2.5.6.11 NAME 'applicationProcess' ++ DESC 'RFC2256: an application process' ++ SUP top STRUCTURAL ++ MUST cn ++ MAY ( seeAlso $ ou $ l $ description ) ) ++# ++olcObjectClasses: ( 2.5.6.12 NAME 'applicationEntity' ++ DESC 'RFC2256: an application entity' ++ SUP top STRUCTURAL ++ MUST ( presentationAddress $ cn ) ++ MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ ++ description ) ) ++# ++olcObjectClasses: ( 2.5.6.13 NAME 'dSA' ++ DESC 'RFC2256: a directory system agent (a server)' ++ SUP applicationEntity STRUCTURAL ++ MAY knowledgeInformation ) ++# ++olcObjectClasses: ( 2.5.6.14 NAME 'device' ++ DESC 'RFC2256: a device' ++ SUP top STRUCTURAL ++ MUST cn ++ MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) ) ++# ++olcObjectClasses: ( 2.5.6.15 NAME 'strongAuthenticationUser' ++ DESC 'RFC2256: a strong authentication user' ++ SUP top AUXILIARY ++ MUST userCertificate ) ++# ++olcObjectClasses: ( 2.5.6.16 NAME 'certificationAuthority' ++ DESC 'RFC2256: a certificate authority' ++ SUP top AUXILIARY ++ MUST ( authorityRevocationList $ certificateRevocationList $ ++ cACertificate ) MAY crossCertificatePair ) ++# ++olcObjectClasses: ( 2.5.6.17 NAME 'groupOfUniqueNames' ++ DESC 'RFC2256: a group of unique names (DN and Unique Identifier)' ++ SUP top STRUCTURAL ++ MUST ( uniqueMember $ cn ) ++ MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) ++# ++olcObjectClasses: ( 2.5.6.18 NAME 'userSecurityInformation' ++ DESC 'RFC2256: a user security information' ++ SUP top AUXILIARY ++ MAY ( supportedAlgorithms ) ) ++# ++olcObjectClasses: ( 2.5.6.16.2 NAME 'certificationAuthority-V2' ++ SUP certificationAuthority ++ AUXILIARY MAY ( deltaRevocationList ) ) ++# ++olcObjectClasses: ( 2.5.6.19 NAME 'cRLDistributionPoint' ++ SUP top STRUCTURAL ++ MUST ( cn ) ++ MAY ( certificateRevocationList $ authorityRevocationList $ ++ deltaRevocationList ) ) ++# ++olcObjectClasses: ( 2.5.6.20 NAME 'dmd' ++ SUP top STRUCTURAL ++ MUST ( dmdName ) ++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ ++ x121Address $ registeredAddress $ destinationIndicator $ ++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ ++ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ ++ street $ postOfficeBox $ postalCode $ postalAddress $ ++ physicalDeliveryOfficeName $ st $ l $ description ) ) ++# ++# ++# Object Classes from RFC 2587 ++# ++olcObjectClasses: ( 2.5.6.21 NAME 'pkiUser' ++ DESC 'RFC2587: a PKI user' ++ SUP top AUXILIARY ++ MAY userCertificate ) ++# ++olcObjectClasses: ( 2.5.6.22 NAME 'pkiCA' ++ DESC 'RFC2587: PKI certificate authority' ++ SUP top AUXILIARY ++ MAY ( authorityRevocationList $ certificateRevocationList $ ++ cACertificate $ crossCertificatePair ) ) ++# ++olcObjectClasses: ( 2.5.6.23 NAME 'deltaCRL' ++ DESC 'RFC2587: PKI user' ++ SUP top AUXILIARY ++ MAY deltaRevocationList ) ++# ++# ++# Standard Track URI label schema from RFC 2079 ++# system schema ++#olcAttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' ++# DESC 'RFC2079: Uniform Resource Identifier with optional label' ++# EQUALITY caseExactMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++# ++olcObjectClasses: ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' ++ DESC 'RFC2079: object that contains the URI attribute type' ++ MAY ( labeledURI ) ++ SUP top AUXILIARY ) ++# ++# ++# Derived from RFC 1274, but with new "short names" ++# ++#olcAttributeTypes: ( 0.9.2342.19200300.100.1.1 ++# NAME ( 'uid' 'userid' ) ++# DESC 'RFC1274: user identifier' ++# EQUALITY caseIgnoreMatch ++# SUBSTR caseIgnoreSubstringsMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++# ++olcAttributeTypes: ( 0.9.2342.19200300.100.1.3 ++ NAME ( 'mail' 'rfc822Mailbox' ) ++ DESC 'RFC1274: RFC822 Mailbox' ++ EQUALITY caseIgnoreIA5Match ++ SUBSTR caseIgnoreIA5SubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) ++# ++olcObjectClasses: ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' ++ DESC 'RFC1274: simple security object' ++ SUP top AUXILIARY ++ MUST userPassword ) ++# ++# RFC 1274 + RFC 2247 ++olcAttributeTypes: ( 0.9.2342.19200300.100.1.25 ++ NAME ( 'dc' 'domainComponent' ) ++ DESC 'RFC1274/2247: domain component' ++ EQUALITY caseIgnoreIA5Match ++ SUBSTR caseIgnoreIA5SubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++# ++# RFC 2247 ++olcObjectClasses: ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' ++ DESC 'RFC2247: domain component object' ++ SUP top AUXILIARY MUST dc ) ++# ++# RFC 2377 ++olcObjectClasses: ( 1.3.6.1.1.3.1 NAME 'uidObject' ++ DESC 'RFC2377: uid object' ++ SUP top AUXILIARY MUST uid ) ++# ++# From COSINE Pilot ++olcAttributeTypes: ( 0.9.2342.19200300.100.1.37 ++ NAME 'associatedDomain' ++ DESC 'RFC1274: domain associated with object' ++ EQUALITY caseIgnoreIA5Match ++ SUBSTR caseIgnoreIA5SubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++# ++# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema) ++olcAttributeTypes: ( 1.2.840.113549.1.9.1 ++ NAME ( 'email' 'emailAddress' 'pkcs9email' ) ++ DESC 'RFC3280: legacy attribute for email addresses in DNs' ++ EQUALITY caseIgnoreIA5Match ++ SUBSTR caseIgnoreIA5SubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) ++# diff --cc debian/schema/core.schema index 00000000,00000000..cf0968a3 new file mode 100644 --- /dev/null +++ b/debian/schema/core.schema @@@ -1,0 -1,0 +1,622 @@@ ++# OpenLDAP Core schema ++# $OpenLDAP$ ++## This work is part of OpenLDAP Software . ++## ++## Copyright 1998-2014 The OpenLDAP Foundation. ++## All rights reserved. ++## ++## Redistribution and use in source and binary forms, with or without ++## modification, are permitted only as authorized by the OpenLDAP ++## Public License. ++## ++## A copy of this license is available in the file LICENSE in the ++## top-level directory of the distribution or, alternatively, at ++## . ++# ++ ++# The version of this file as distributed by the OpenLDAP Foundation ++# contains text claiming copyright by the Internet Society and including ++# the IETF RFC license, which does not meet Debian's Free Software ++# Guidelines. However, apart from short and obvious comments, the text of ++# this file is purely a functional interface specification, which is not ++# subject to that license and is not copyrightable under US law. ++# ++# The license statement is retained below so as not to remove credit, but ++# as best as we can determine, it is not applicable to the contents of ++# this file. ++ ++## Portions Copyright (C) The Internet Society (1997-2006). ++## All Rights Reserved. ++## ++## This document and translations of it may be copied and furnished to ++## others, and derivative works that comment on or otherwise explain it ++## or assist in its implementation may be prepared, copied, published ++## and distributed, in whole or in part, without restriction of any ++## kind, provided that the above copyright notice and this paragraph are ++## included on all such copies and derivative works. However, this ++## document itself may not be modified in any way, such as by removing ++## the copyright notice or references to the Internet Society or other ++## Internet organizations, except as needed for the purpose of ++## developing Internet standards in which case the procedures for ++## copyrights defined in the Internet Standards process must be ++## followed, or as required to translate it into languages other than ++## English. ++## ++## The limited permissions granted above are perpetual and will not be ++## revoked by the Internet Society or its successors or assigns. ++## ++## This document and the information contained herein is provided on an ++## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING ++## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ++## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION ++## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF ++## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. ++ ++# ++# ++# Includes LDAPv3 schema items from: ++# RFC 2252/2256 (LDAPv3) ++# ++# Select standard track schema items: ++# RFC 1274 (uid/dc) ++# RFC 2079 (URI) ++# RFC 2247 (dc/dcObject) ++# RFC 2587 (PKI) ++# RFC 2589 (Dynamic Directory Services) ++# RFC 4524 (associatedDomain) ++# ++# Select informational schema items: ++# RFC 2377 (uidObject) ++ ++# ++# Standard attribute types from RFC 2256 ++# ++ ++# system schema ++#attributetype ( 2.5.4.0 NAME 'objectClass' ++# DESC 'RFC2256: object classes of the entity' ++# EQUALITY objectIdentifierMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ++ ++# system schema ++#attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' ) ++# DESC 'RFC2256: name of aliased object' ++# EQUALITY distinguishedNameMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) ++ ++attributetype ( 2.5.4.2 NAME 'knowledgeInformation' ++ DESC 'RFC2256: knowledge information' ++ EQUALITY caseIgnoreMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) ++ ++# system schema ++#attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' ) ++# DESC 'RFC2256: common name(s) for which the entity is known by' ++# SUP name ) ++ ++attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' ) ++ DESC 'RFC2256: last (family) name(s) for which the entity is known by' ++ SUP name ) ++ ++attributetype ( 2.5.4.5 NAME 'serialNumber' ++ DESC 'RFC2256: serial number of the entity' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} ) ++ ++# RFC 4519 definition ('countryName' in X.500 and RFC2256) ++attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) ++ DESC 'RFC4519: two-letter ISO-3166 country code' ++ SUP name ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 ++ SINGLE-VALUE ) ++ ++#attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' ) ++# DESC 'RFC2256: ISO-3166 country 2-letter code' ++# SUP name SINGLE-VALUE ) ++ ++attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' ) ++ DESC 'RFC2256: locality which this object resides in' ++ SUP name ) ++ ++attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' ) ++ DESC 'RFC2256: state or province which this object resides in' ++ SUP name ) ++ ++attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' ) ++ DESC 'RFC2256: street address of this object' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) ++ ++attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' ) ++ DESC 'RFC2256: organization this object belongs to' ++ SUP name ) ++ ++attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' ) ++ DESC 'RFC2256: organizational unit this object belongs to' ++ SUP name ) ++ ++attributetype ( 2.5.4.12 NAME 'title' ++ DESC 'RFC2256: title associated with the entity' ++ SUP name ) ++ ++# system schema ++#attributetype ( 2.5.4.13 NAME 'description' ++# DESC 'RFC2256: descriptive information' ++# EQUALITY caseIgnoreMatch ++# SUBSTR caseIgnoreSubstringsMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) ++ ++# Deprecated by enhancedSearchGuide ++attributetype ( 2.5.4.14 NAME 'searchGuide' ++ DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 ) ++ ++attributetype ( 2.5.4.15 NAME 'businessCategory' ++ DESC 'RFC2256: business category' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) ++ ++attributetype ( 2.5.4.16 NAME 'postalAddress' ++ DESC 'RFC2256: postal address' ++ EQUALITY caseIgnoreListMatch ++ SUBSTR caseIgnoreListSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) ++ ++attributetype ( 2.5.4.17 NAME 'postalCode' ++ DESC 'RFC2256: postal code' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) ++ ++attributetype ( 2.5.4.18 NAME 'postOfficeBox' ++ DESC 'RFC2256: Post Office Box' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) ++ ++attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' ++ DESC 'RFC2256: Physical Delivery Office Name' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) ++ ++attributetype ( 2.5.4.20 NAME 'telephoneNumber' ++ DESC 'RFC2256: Telephone Number' ++ EQUALITY telephoneNumberMatch ++ SUBSTR telephoneNumberSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) ++ ++attributetype ( 2.5.4.21 NAME 'telexNumber' ++ DESC 'RFC2256: Telex Number' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) ++ ++attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier' ++ DESC 'RFC2256: Teletex Terminal Identifier' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) ++ ++attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) ++ DESC 'RFC2256: Facsimile (Fax) Telephone Number' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) ++ ++attributetype ( 2.5.4.24 NAME 'x121Address' ++ DESC 'RFC2256: X.121 Address' ++ EQUALITY numericStringMatch ++ SUBSTR numericStringSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) ++ ++attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber' ++ DESC 'RFC2256: international ISDN number' ++ EQUALITY numericStringMatch ++ SUBSTR numericStringSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) ++ ++attributetype ( 2.5.4.26 NAME 'registeredAddress' ++ DESC 'RFC2256: registered postal address' ++ SUP postalAddress ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) ++ ++attributetype ( 2.5.4.27 NAME 'destinationIndicator' ++ DESC 'RFC2256: destination indicator' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) ++ ++attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod' ++ DESC 'RFC2256: preferred delivery method' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 ++ SINGLE-VALUE ) ++ ++attributetype ( 2.5.4.29 NAME 'presentationAddress' ++ DESC 'RFC2256: presentation address' ++ EQUALITY presentationAddressMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.43 ++ SINGLE-VALUE ) ++ ++attributetype ( 2.5.4.30 NAME 'supportedApplicationContext' ++ DESC 'RFC2256: supported application context' ++ EQUALITY objectIdentifierMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ++ ++attributetype ( 2.5.4.31 NAME 'member' ++ DESC 'RFC2256: member of a group' ++ SUP distinguishedName ) ++ ++attributetype ( 2.5.4.32 NAME 'owner' ++ DESC 'RFC2256: owner (of the object)' ++ SUP distinguishedName ) ++ ++attributetype ( 2.5.4.33 NAME 'roleOccupant' ++ DESC 'RFC2256: occupant of role' ++ SUP distinguishedName ) ++ ++# system schema ++#attributetype ( 2.5.4.34 NAME 'seeAlso' ++# DESC 'RFC2256: DN of related object' ++# SUP distinguishedName ) ++ ++# system schema ++#attributetype ( 2.5.4.35 NAME 'userPassword' ++# DESC 'RFC2256/2307: password of user' ++# EQUALITY octetStringMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) ++ ++# Must be transferred using ;binary ++# with certificateExactMatch rule (per X.509) ++attributetype ( 2.5.4.36 NAME 'userCertificate' ++ DESC 'RFC2256: X.509 user certificate, use ;binary' ++ EQUALITY certificateExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) ++ ++# Must be transferred using ;binary ++# with certificateExactMatch rule (per X.509) ++attributetype ( 2.5.4.37 NAME 'cACertificate' ++ DESC 'RFC2256: X.509 CA certificate, use ;binary' ++ EQUALITY certificateExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) ++ ++# Must be transferred using ;binary ++attributetype ( 2.5.4.38 NAME 'authorityRevocationList' ++ DESC 'RFC2256: X.509 authority revocation list, use ;binary' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) ++ ++# Must be transferred using ;binary ++attributetype ( 2.5.4.39 NAME 'certificateRevocationList' ++ DESC 'RFC2256: X.509 certificate revocation list, use ;binary' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) ++ ++# Must be stored and requested in the binary form ++attributetype ( 2.5.4.40 NAME 'crossCertificatePair' ++ DESC 'RFC2256: X.509 cross certificate pair, use ;binary' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 ) ++ ++# system schema ++#attributetype ( 2.5.4.41 NAME 'name' ++# EQUALITY caseIgnoreMatch ++# SUBSTR caseIgnoreSubstringsMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) ++ ++attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) ++ DESC 'RFC2256: first name(s) for which the entity is known by' ++ SUP name ) ++ ++attributetype ( 2.5.4.43 NAME 'initials' ++ DESC 'RFC2256: initials of some or all of names, but not the surname(s).' ++ SUP name ) ++ ++attributetype ( 2.5.4.44 NAME 'generationQualifier' ++ DESC 'RFC2256: name qualifier indicating a generation' ++ SUP name ) ++ ++attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier' ++ DESC 'RFC2256: X.500 unique identifier' ++ EQUALITY bitStringMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 ) ++ ++attributetype ( 2.5.4.46 NAME 'dnQualifier' ++ DESC 'RFC2256: DN qualifier' ++ EQUALITY caseIgnoreMatch ++ ORDERING caseIgnoreOrderingMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ++ ++attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide' ++ DESC 'RFC2256: enhanced search guide' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 ) ++ ++attributetype ( 2.5.4.48 NAME 'protocolInformation' ++ DESC 'RFC2256: protocol information' ++ EQUALITY protocolInformationMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 ) ++ ++# system schema ++#attributetype ( 2.5.4.49 NAME 'distinguishedName' ++# EQUALITY distinguishedNameMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.5.4.50 NAME 'uniqueMember' ++ DESC 'RFC2256: unique member of a group' ++ EQUALITY uniqueMemberMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 ) ++ ++attributetype ( 2.5.4.51 NAME 'houseIdentifier' ++ DESC 'RFC2256: house identifier' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) ++ ++# Must be transferred using ;binary ++attributetype ( 2.5.4.52 NAME 'supportedAlgorithms' ++ DESC 'RFC2256: supported algorithms' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 ) ++ ++# Must be transferred using ;binary ++attributetype ( 2.5.4.53 NAME 'deltaRevocationList' ++ DESC 'RFC2256: delta revocation list; use ;binary' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 ) ++ ++attributetype ( 2.5.4.54 NAME 'dmdName' ++ DESC 'RFC2256: name of DMD' ++ SUP name ) ++ ++attributetype ( 2.5.4.65 NAME 'pseudonym' ++ DESC 'X.520(4th): pseudonym for the object' ++ SUP name ) ++ ++# Standard object classes from RFC2256 ++ ++# system schema ++#objectclass ( 2.5.6.0 NAME 'top' ++# DESC 'RFC2256: top of the superclass chain' ++# ABSTRACT ++# MUST objectClass ) ++ ++# system schema ++#objectclass ( 2.5.6.1 NAME 'alias' ++# DESC 'RFC2256: an alias' ++# SUP top STRUCTURAL ++# MUST aliasedObjectName ) ++ ++objectclass ( 2.5.6.2 NAME 'country' ++ DESC 'RFC2256: a country' ++ SUP top STRUCTURAL ++ MUST c ++ MAY ( searchGuide $ description ) ) ++ ++objectclass ( 2.5.6.3 NAME 'locality' ++ DESC 'RFC2256: a locality' ++ SUP top STRUCTURAL ++ MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) ) ++ ++objectclass ( 2.5.6.4 NAME 'organization' ++ DESC 'RFC2256: an organization' ++ SUP top STRUCTURAL ++ MUST o ++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ ++ x121Address $ registeredAddress $ destinationIndicator $ ++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ ++ telephoneNumber $ internationaliSDNNumber $ ++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ ++ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) ++ ++objectclass ( 2.5.6.5 NAME 'organizationalUnit' ++ DESC 'RFC2256: an organizational unit' ++ SUP top STRUCTURAL ++ MUST ou ++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ ++ x121Address $ registeredAddress $ destinationIndicator $ ++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ ++ telephoneNumber $ internationaliSDNNumber $ ++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ ++ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) ++ ++objectclass ( 2.5.6.6 NAME 'person' ++ DESC 'RFC2256: a person' ++ SUP top STRUCTURAL ++ MUST ( sn $ cn ) ++ MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) ++ ++objectclass ( 2.5.6.7 NAME 'organizationalPerson' ++ DESC 'RFC2256: an organizational person' ++ SUP person STRUCTURAL ++ MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $ ++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ ++ telephoneNumber $ internationaliSDNNumber $ ++ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ ++ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) ) ++ ++objectclass ( 2.5.6.8 NAME 'organizationalRole' ++ DESC 'RFC2256: an organizational role' ++ SUP top STRUCTURAL ++ MUST cn ++ MAY ( x121Address $ registeredAddress $ destinationIndicator $ ++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ ++ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ ++ seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ ++ postOfficeBox $ postalCode $ postalAddress $ ++ physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) ++ ++objectclass ( 2.5.6.9 NAME 'groupOfNames' ++ DESC 'RFC2256: a group of names (DNs)' ++ SUP top STRUCTURAL ++ MUST ( member $ cn ) ++ MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) ++ ++objectclass ( 2.5.6.10 NAME 'residentialPerson' ++ DESC 'RFC2256: an residential person' ++ SUP person STRUCTURAL ++ MUST l ++ MAY ( businessCategory $ x121Address $ registeredAddress $ ++ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ ++ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ ++ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $ ++ postOfficeBox $ postalCode $ postalAddress $ ++ physicalDeliveryOfficeName $ st $ l ) ) ++ ++objectclass ( 2.5.6.11 NAME 'applicationProcess' ++ DESC 'RFC2256: an application process' ++ SUP top STRUCTURAL ++ MUST cn ++ MAY ( seeAlso $ ou $ l $ description ) ) ++ ++objectclass ( 2.5.6.12 NAME 'applicationEntity' ++ DESC 'RFC2256: an application entity' ++ SUP top STRUCTURAL ++ MUST ( presentationAddress $ cn ) ++ MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $ ++ description ) ) ++ ++objectclass ( 2.5.6.13 NAME 'dSA' ++ DESC 'RFC2256: a directory system agent (a server)' ++ SUP applicationEntity STRUCTURAL ++ MAY knowledgeInformation ) ++ ++objectclass ( 2.5.6.14 NAME 'device' ++ DESC 'RFC2256: a device' ++ SUP top STRUCTURAL ++ MUST cn ++ MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) ) ++ ++objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser' ++ DESC 'RFC2256: a strong authentication user' ++ SUP top AUXILIARY ++ MUST userCertificate ) ++ ++objectclass ( 2.5.6.16 NAME 'certificationAuthority' ++ DESC 'RFC2256: a certificate authority' ++ SUP top AUXILIARY ++ MUST ( authorityRevocationList $ certificateRevocationList $ ++ cACertificate ) MAY crossCertificatePair ) ++ ++objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' ++ DESC 'RFC2256: a group of unique names (DN and Unique Identifier)' ++ SUP top STRUCTURAL ++ MUST ( uniqueMember $ cn ) ++ MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) ) ++ ++objectclass ( 2.5.6.18 NAME 'userSecurityInformation' ++ DESC 'RFC2256: a user security information' ++ SUP top AUXILIARY ++ MAY ( supportedAlgorithms ) ) ++ ++objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2' ++ SUP certificationAuthority ++ AUXILIARY MAY ( deltaRevocationList ) ) ++ ++objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint' ++ SUP top STRUCTURAL ++ MUST ( cn ) ++ MAY ( certificateRevocationList $ authorityRevocationList $ ++ deltaRevocationList ) ) ++ ++objectclass ( 2.5.6.20 NAME 'dmd' ++ SUP top STRUCTURAL ++ MUST ( dmdName ) ++ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ ++ x121Address $ registeredAddress $ destinationIndicator $ ++ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ ++ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ ++ street $ postOfficeBox $ postalCode $ postalAddress $ ++ physicalDeliveryOfficeName $ st $ l $ description ) ) ++ ++# ++# Object Classes from RFC 2587 ++# ++objectclass ( 2.5.6.21 NAME 'pkiUser' ++ DESC 'RFC2587: a PKI user' ++ SUP top AUXILIARY ++ MAY userCertificate ) ++ ++objectclass ( 2.5.6.22 NAME 'pkiCA' ++ DESC 'RFC2587: PKI certificate authority' ++ SUP top AUXILIARY ++ MAY ( authorityRevocationList $ certificateRevocationList $ ++ cACertificate $ crossCertificatePair ) ) ++ ++objectclass ( 2.5.6.23 NAME 'deltaCRL' ++ DESC 'RFC2587: PKI user' ++ SUP top AUXILIARY ++ MAY deltaRevocationList ) ++ ++# ++# Standard Track URI label schema from RFC 2079 ++# system schema ++#attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' ++# DESC 'RFC2079: Uniform Resource Identifier with optional label' ++# EQUALITY caseExactMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++ ++objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' ++ DESC 'RFC2079: object that contains the URI attribute type' ++ SUP top AUXILIARY ++ MAY ( labeledURI ) ) ++ ++# ++# Derived from RFC 1274, but with new "short names" ++# ++#attributetype ( 0.9.2342.19200300.100.1.1 ++# NAME ( 'uid' 'userid' ) ++# DESC 'RFC1274: user identifier' ++# EQUALITY caseIgnoreMatch ++# SUBSTR caseIgnoreSubstringsMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.3 ++ NAME ( 'mail' 'rfc822Mailbox' ) ++ DESC 'RFC1274: RFC822 Mailbox' ++ EQUALITY caseIgnoreIA5Match ++ SUBSTR caseIgnoreIA5SubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) ++ ++objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' ++ DESC 'RFC1274: simple security object' ++ SUP top AUXILIARY ++ MUST userPassword ) ++ ++# RFC 1274 + RFC 2247 ++attributetype ( 0.9.2342.19200300.100.1.25 ++ NAME ( 'dc' 'domainComponent' ) ++ DESC 'RFC1274/2247: domain component' ++ EQUALITY caseIgnoreIA5Match ++ SUBSTR caseIgnoreIA5SubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++# RFC 2247 ++objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject' ++ DESC 'RFC2247: domain component object' ++ SUP top AUXILIARY MUST dc ) ++ ++# RFC 2377 ++objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject' ++ DESC 'RFC2377: uid object' ++ SUP top AUXILIARY MUST uid ) ++ ++# RFC 4524 ++# The 'associatedDomain' attribute specifies DNS [RFC1034][RFC2181] ++# host names [RFC1123] that are associated with an object. That is, ++# values of this attribute should conform to the following ABNF: ++# ++# domain = root / label *( DOT label ) ++# root = SPACE ++# label = LETDIG [ *61( LETDIG / HYPHEN ) LETDIG ] ++# LETDIG = %x30-39 / %x41-5A / %x61-7A ; "0" - "9" / "A"-"Z" / "a"-"z" ++# SPACE = %x20 ; space (" ") ++# HYPHEN = %x2D ; hyphen ("-") ++# DOT = %x2E ; period (".") ++attributetype ( 0.9.2342.19200300.100.1.37 ++ NAME 'associatedDomain' ++ DESC 'RFC1274: domain associated with object' ++ EQUALITY caseIgnoreIA5Match ++ SUBSTR caseIgnoreIA5SubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++# RFC 2459 -- deprecated in favor of 'mail' (in cosine.schema) ++attributetype ( 1.2.840.113549.1.9.1 ++ NAME ( 'email' 'emailAddress' 'pkcs9email' ) ++ DESC 'RFC3280: legacy attribute for email addresses in DNs' ++ EQUALITY caseIgnoreIA5Match ++ SUBSTR caseIgnoreIA5SubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) ++ diff --cc debian/schema/cosine.schema index 00000000,00000000..a0f5ae27 new file mode 100644 --- /dev/null +++ b/debian/schema/cosine.schema @@@ -1,0 -1,0 +1,404 @@@ ++# RFC1274: Cosine and Internet X.500 schema ++# $OpenLDAP: pkg/ldap/servers/slapd/schema/cosine.schema,v 1.19.2.5 2007/01/02 21:44:09 kurt Exp $ ++## This work is part of OpenLDAP Software . ++## ++## Copyright 1998-2007 The OpenLDAP Foundation. ++## All rights reserved. ++## ++## Redistribution and use in source and binary forms, with or without ++## modification, are permitted only as authorized by the OpenLDAP ++## Public License. ++## ++## A copy of this license is available in the file LICENSE in the ++## top-level directory of the distribution or, alternatively, at ++## . ++ ++# RFC1274: Cosine and Internet X.500 schema ++# ++# This file contains LDAPv3 schema derived from X.500 COSINE "pilot" ++# schema. As this schema was defined for X.500(89), some ++# oddities were introduced in the mapping to LDAPv3. The ++# mappings were based upon: draft-ietf-asid-ldapv3-attributes-03.txt ++# (a work in progress) ++# ++# Note: It seems that the pilot schema evolved beyond what was ++# described in RFC1274. However, this document attempts to describes ++# RFC1274 as published. ++# ++# Depends on core.schema ++ ++# The version of this file as distributed by the OpenLDAP Foundation ++# contains text from an IETF RFC explaining the schema. Unfortunately, ++# that text is covered by a license that doesn't meet Debian's Free ++# Software Guidelines. This is a stripped version of the schema that ++# contains only the functional schema definition, not the text of the ++# RFC. ++# ++# For an explanation of this schema, see RFC 1274, at (among other ++# places): http://www.ietf.org/rfc/rfc1274.txt ++ ++#(in core.schema) ++##attributetype ( 0.9.2342.19200300.100.1.1 NAME ( 'uid' 'userid' ) ++## EQUALITY caseIgnoreMatch ++## SUBSTR caseIgnoreSubstringsMatch ++## SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++#(in core.schema) ++##attributetype ( 0.9.2342.19200300.100.1.3 NAME ( 'mail' 'rfc822Mailbox' ) ++## EQUALITY caseIgnoreIA5Match ++## SUBSTR caseIgnoreIA5SubstringsMatch ++## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info' ++ DESC 'RFC1274: general information' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.5 ++ NAME ( 'drink' 'favouriteDrink' ) ++ DESC 'RFC1274: favorite drink' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' ++ DESC 'RFC1274: room number' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo' ++ DESC 'RFC1274: photo (G3 fax)' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass' ++ DESC 'RFC1274: category of user' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host' ++ DESC 'RFC1274: host computer' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager' ++ DESC 'RFC1274: DN of manager' ++ EQUALITY distinguishedNameMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier' ++ DESC 'RFC1274: unique identifier of document' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle' ++ DESC 'RFC1274: title of document' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion' ++ DESC 'RFC1274: version of document' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor' ++ DESC 'RFC1274: DN of author of document' ++ EQUALITY distinguishedNameMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation' ++ DESC 'RFC1274: location of document original' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.20 ++ NAME ( 'homePhone' 'homeTelephoneNumber' ) ++ DESC 'RFC1274: home telephone number' ++ EQUALITY telephoneNumberMatch ++ SUBSTR telephoneNumberSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary' ++ DESC 'RFC1274: DN of secretary' ++ EQUALITY distinguishedNameMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 ) ++ ++## Deprecated in favor of modifyTimeStamp ++#attributetype ( 0.9.2342.19200300.100.1.23 NAME 'lastModifiedTime' ++# DESC 'RFC1274: time of last modify, replaced by modifyTimestamp' ++# OBSOLETE ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.53 ++# USAGE directoryOperation ) ++ ++## Deprecated in favor of modifiersName ++#attributetype ( 0.9.2342.19200300.100.1.24 NAME 'lastModifiedBy' ++# DESC 'RFC1274: last modifier, replaced by modifiersName' ++# OBSOLETE ++# EQUALITY distinguishedNameMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ++# USAGE directoryOperation ) ++ ++##(in core.schema) ++##attributetype ( 0.9.2342.19200300.100.1.25 NAME ( 'dc' 'domainComponent' ) ++## EQUALITY caseIgnoreIA5Match ++## SUBSTR caseIgnoreIA5SubstringsMatch ++## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++## incorrect syntax? ++attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++## missing from RFC1274 ++## incorrect syntax? ++attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++## incorrect syntax!! ++attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++## incorrect syntax!! ++attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++## incorrect syntax!! ++attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++## incorrect syntax!! ++attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++#attributetype ( 0.9.2342.19200300.100.1.37 NAME 'associatedDomain' ++# EQUALITY caseIgnoreIA5Match ++# SUBSTR caseIgnoreIA5SubstringsMatch ++# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName' ++ DESC 'RFC1274: DN of entry associated with domain' ++ EQUALITY distinguishedNameMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' ++ DESC 'RFC1274: home postal address' ++ EQUALITY caseIgnoreListMatch ++ SUBSTR caseIgnoreListSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle' ++ DESC 'RFC1274: personal title' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.41 ++ NAME ( 'mobile' 'mobileTelephoneNumber' ) ++ DESC 'RFC1274: mobile telephone number' ++ EQUALITY telephoneNumberMatch ++ SUBSTR telephoneNumberSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.42 ++ NAME ( 'pager' 'pagerTelephoneNumber' ) ++ DESC 'RFC1274: pager telephone number' ++ EQUALITY telephoneNumberMatch ++ SUBSTR telephoneNumberSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.43 ++ NAME ( 'co' 'friendlyCountryName' ) ++ DESC 'RFC1274: friendly country name' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier' ++ DESC 'RFC1274: unique identifer' ++ EQUALITY caseIgnoreMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus' ++ DESC 'RFC1274: organizational status' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox' ++ DESC 'RFC1274: Janet mailbox' ++ EQUALITY caseIgnoreIA5Match ++ SUBSTR caseIgnoreIA5SubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.47 ++ NAME 'mailPreferenceOption' ++ DESC 'RFC1274: mail preference option' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' ++ DESC 'RFC1274: name of building' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality' ++ DESC 'RFC1274: DSA Quality' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE ) ++ ++attributetype ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality' ++ DESC 'RFC1274: Single Level Quality' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) ++ ++attributetype ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality' ++ DESC 'RFC1274: Subtree Mininum Quality' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) ++ ++attributetype ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality' ++ DESC 'RFC1274: Subtree Maximun Quality' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE ) ++ ++attributetype ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature' ++ DESC 'RFC1274: Personal Signature (G3 fax)' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect' ++ DESC 'RFC1274: DIT Redirect' ++ EQUALITY distinguishedNameMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio' ++ DESC 'RFC1274: audio (u-law)' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} ) ++ ++attributetype ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher' ++ DESC 'RFC1274: publisher of document' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++ ++#objectclass ( 0.9.2342.19200300.100.4.3 NAME 'pilotObject' ++# DESC 'RFC1274: pilot object' ++# SUP top AUXILIARY ++# MAY ( info $ photo $ manager $ uniqueIdentifier $ ++# lastModifiedTime $ lastModifiedBy $ dITRedirect $ audio ) ++# ) ++ ++objectclass ( 0.9.2342.19200300.100.4.4 ++ NAME ( 'pilotPerson' 'newPilotPerson' ) ++ SUP person STRUCTURAL ++ MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $ ++ favouriteDrink $ roomNumber $ userClass $ ++ homeTelephoneNumber $ homePostalAddress $ secretary $ ++ personalTitle $ preferredDeliveryMethod $ businessCategory $ ++ janetMailbox $ otherMailbox $ mobileTelephoneNumber $ ++ pagerTelephoneNumber $ organizationalStatus $ ++ mailPreferenceOption $ personalSignature ) ++ ) ++ ++objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account' ++ SUP top STRUCTURAL ++ MUST userid ++ MAY ( description $ seeAlso $ localityName $ ++ organizationName $ organizationalUnitName $ host ) ++ ) ++ ++objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document' ++ SUP top STRUCTURAL ++ MUST documentIdentifier ++ MAY ( commonName $ description $ seeAlso $ localityName $ ++ organizationName $ organizationalUnitName $ ++ documentTitle $ documentVersion $ documentAuthor $ ++ documentLocation $ documentPublisher ) ++ ) ++ ++objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room' ++ SUP top STRUCTURAL ++ MUST commonName ++ MAY ( roomNumber $ description $ seeAlso $ telephoneNumber ) ++ ) ++ ++objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries' ++ SUP top STRUCTURAL ++ MUST commonName ++ MAY ( description $ seeAlso $ telephonenumber $ ++ localityName $ organizationName $ organizationalUnitName ) ++ ) ++ ++objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain' ++ SUP top STRUCTURAL ++ MUST domainComponent ++ MAY ( associatedName $ organizationName $ description $ ++ businessCategory $ seeAlso $ searchGuide $ userPassword $ ++ localityName $ stateOrProvinceName $ streetAddress $ ++ physicalDeliveryOfficeName $ postalAddress $ postalCode $ ++ postOfficeBox $ streetAddress $ ++ facsimileTelephoneNumber $ internationalISDNNumber $ ++ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ ++ preferredDeliveryMethod $ destinationIndicator $ ++ registeredAddress $ x121Address ) ++ ) ++ ++objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart' ++ SUP domain STRUCTURAL ++ MAY ( commonName $ surname $ description $ seeAlso $ telephoneNumber $ ++ physicalDeliveryOfficeName $ postalAddress $ postalCode $ ++ postOfficeBox $ streetAddress $ ++ facsimileTelephoneNumber $ internationalISDNNumber $ ++ telephoneNumber $ teletexTerminalIdentifier $ ++ telexNumber $ preferredDeliveryMethod $ destinationIndicator $ ++ registeredAddress $ x121Address ) ++ ) ++ ++objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain' ++ SUP domain STRUCTURAL ++ MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $ ++ SOARecord $ CNAMERecord ) ++ ) ++ ++objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject' ++ DESC 'RFC1274: an object related to an domain' ++ SUP top AUXILIARY ++ MUST associatedDomain ) ++ ++objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry' ++ SUP country STRUCTURAL ++ MUST friendlyCountryName ) ++ ++## (in core.schema) ++## objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject' ++## SUP top AUXILIARY ++## MUST userPassword ) ++ ++objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' ++ SUP ( organization $ organizationalUnit ) STRUCTURAL ++ MAY buildingName ) ++ ++objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA' ++ SUP dsa STRUCTURAL ++ MAY dSAQuality ) ++ ++objectclass ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData' ++ SUP top AUXILIARY ++ MUST dsaQuality ++ MAY ( subtreeMinimumQuality $ subtreeMaximumQuality ) ++ ) diff --cc debian/schema/duaconf.schema index 00000000,00000000..8c1683f9 new file mode 100644 --- /dev/null +++ b/debian/schema/duaconf.schema @@@ -1,0 -1,0 +1,153 @@@ ++# $OpenLDAP$ ++## This work is part of OpenLDAP Software . ++## ++## Copyright 1998-2014 The OpenLDAP Foundation. ++## All rights reserved. ++## ++## Redistribution and use in source and binary forms, with or without ++## modification, are permitted only as authorized by the OpenLDAP ++## Public License. ++## ++## A copy of this license is available in the file LICENSE in the ++## top-level directory of the distribution or, alternatively, at ++## . ++ ++# DUA schema from draft-joslin-config-schema (a work in progress) ++ ++# Contents of this file are subject to change (including deletion) ++# without notice. ++# ++# Not recommended for production use! ++# Use with extreme caution! ++ ++## Notes: ++## - The matching rule for attributes followReferrals and dereferenceAliases ++## has been changed to booleanMatch since their syntax is boolean ++## - There was a typo in the name of the dereferenceAliases attributeType ++## in the DUAConfigProfile objectClass definition ++## - Credit goes to the original Authors ++ ++# The version of this file as distributed by the OpenLDAP Foundation ++# contains text from an IETF Internet-Draft explaining the schema. ++# Unfortunately, that text is covered by a license that doesn't meet ++# Debian's Free Software Guidelines. This is a stripped version of the ++# schema that contains only the functional schema definition, not the text ++# of the Internet-Draft. ++# ++# For an explanation of this schema, see ++# draft-joslin-config-schema-07.txt. ++ ++objectidentifier DUAConfSchemaOID 1.3.6.1.4.1.11.1.3.1 ++ ++attributeType ( DUAConfSchemaOID:1.0 NAME 'defaultServerList' ++ DESC 'Default LDAP server host address used by a DUA' ++ EQUALITY caseIgnoreMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ++ SINGLE-VALUE ) ++ ++attributeType ( DUAConfSchemaOID:1.1 NAME 'defaultSearchBase' ++ DESC 'Default LDAP base DN used by a DUA' ++ EQUALITY distinguishedNameMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ++ SINGLE-VALUE ) ++ ++attributeType ( DUAConfSchemaOID:1.2 NAME 'preferredServerList' ++ DESC 'Preferred LDAP server host addresses to be used by a ++ DUA' ++ EQUALITY caseIgnoreMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ++ SINGLE-VALUE ) ++ ++attributeType ( DUAConfSchemaOID:1.3 NAME 'searchTimeLimit' ++ DESC 'Maximum time in seconds a DUA should allow for a ++ search to complete' ++ EQUALITY integerMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributeType ( DUAConfSchemaOID:1.4 NAME 'bindTimeLimit' ++ DESC 'Maximum time in seconds a DUA should allow for the ++ bind operation to complete' ++ EQUALITY integerMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributeType ( DUAConfSchemaOID:1.5 NAME 'followReferrals' ++ DESC 'Tells DUA if it should follow referrals ++ returned by a DSA search result' ++ EQUALITY booleanMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ++ SINGLE-VALUE ) ++ ++attributeType ( DUAConfSchemaOID:1.16 NAME 'dereferenceAliases' ++ DESC 'Tells DUA if it should dereference aliases' ++ EQUALITY booleanMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ++ SINGLE-VALUE ) ++ ++attributeType ( DUAConfSchemaOID:1.6 NAME 'authenticationMethod' ++ DESC 'A keystring which identifies the type of ++ authentication method used to contact the DSA' ++ EQUALITY caseIgnoreMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ++ SINGLE-VALUE ) ++ ++attributeType ( DUAConfSchemaOID:1.7 NAME 'profileTTL' ++ DESC 'Time to live, in seconds, before a client DUA ++ should re-read this configuration profile' ++ EQUALITY integerMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributeType ( DUAConfSchemaOID:1.14 NAME 'serviceSearchDescriptor' ++ DESC 'LDAP search descriptor list used by a DUA' ++ EQUALITY caseExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++ ++attributeType ( DUAConfSchemaOID:1.9 NAME 'attributeMap' ++ DESC 'Attribute mappings used by a DUA' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++attributeType ( DUAConfSchemaOID:1.10 NAME 'credentialLevel' ++ DESC 'Identifies type of credentials a DUA should ++ use when binding to the LDAP server' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ++ SINGLE-VALUE ) ++ ++attributeType ( DUAConfSchemaOID:1.11 NAME 'objectclassMap' ++ DESC 'Objectclass mappings used by a DUA' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++attributeType ( DUAConfSchemaOID:1.12 NAME 'defaultSearchScope' ++ DESC 'Default search scope used by a DUA' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ++ SINGLE-VALUE ) ++ ++attributeType ( DUAConfSchemaOID:1.13 NAME 'serviceCredentialLevel' ++ DESC 'Identifies type of credentials a DUA ++ should use when binding to the LDAP server for a ++ specific service' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++attributeType ( DUAConfSchemaOID:1.15 NAME 'serviceAuthenticationMethod' ++ DESC 'Authentication method used by a service of the DUA' ++ EQUALITY caseIgnoreMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++ ++objectClass ( DUAConfSchemaOID:2.5 NAME 'DUAConfigProfile' ++ SUP top STRUCTURAL ++ DESC 'Abstraction of a base configuration for a DUA' ++ MUST ( cn ) ++ MAY ( defaultServerList $ preferredServerList $ ++ defaultSearchBase $ defaultSearchScope $ ++ searchTimeLimit $ bindTimeLimit $ ++ credentialLevel $ authenticationMethod $ ++ followReferrals $ dereferenceAliases $ ++ serviceSearchDescriptor $ serviceCredentialLevel $ ++ serviceAuthenticationMethod $ objectclassMap $ ++ attributeMap $ profileTTL ) ) diff --cc debian/schema/inetorgperson.schema index 00000000,00000000..34c3bf85 new file mode 100644 --- /dev/null +++ b/debian/schema/inetorgperson.schema @@@ -1,0 -1,0 +1,113 @@@ ++# inetorgperson.schema -- InetOrgPerson (RFC2798) ++# $OpenLDAP$ ++## This work is part of OpenLDAP Software . ++## ++## Copyright 1998-2014 The OpenLDAP Foundation. ++## All rights reserved. ++## ++## Redistribution and use in source and binary forms, with or without ++## modification, are permitted only as authorized by the OpenLDAP ++## Public License. ++## ++## A copy of this license is available in the file LICENSE in the ++## top-level directory of the distribution or, alternatively, at ++## . ++# ++# InetOrgPerson (RFC2798) ++# ++# Depends upon ++# Definition of an X.500 Attribute Type and an Object Class to Hold ++# Uniform Resource Identifiers (URIs) [RFC2079] ++# (core.schema) ++# ++# A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256] ++# (core.schema) ++# ++# The COSINE and Internet X.500 Schema [RFC1274] (cosine.schema) ++ ++# The version of this file as distributed by the OpenLDAP Foundation ++# contains text from an IETF RFC explaining the schema. Unfortunately, ++# that text is covered by a license that doesn't meet Debian's Free ++# Software Guidelines. This is a stripped version of the schema that ++# contains only the functional schema definition, not the text of the ++# RFC. ++# ++# For an explanation of this schema, see RFC 2798, at (among other ++# places): http://www.ietf.org/rfc/rfc2798.txt ++ ++attributetype ( 2.16.840.1.113730.3.1.1 ++ NAME 'carLicense' ++ DESC 'RFC2798: vehicle license or registration plate' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++ ++attributetype ( 2.16.840.1.113730.3.1.2 ++ NAME 'departmentNumber' ++ DESC 'RFC2798: identifies a department within an organization' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++ ++attributetype ( 2.16.840.1.113730.3.1.241 ++ NAME 'displayName' ++ DESC 'RFC2798: preferred name to be used when displaying entries' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ++ SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113730.3.1.3 ++ NAME 'employeeNumber' ++ DESC 'RFC2798: numerically identifies an employee within an organization' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ++ SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113730.3.1.4 ++ NAME 'employeeType' ++ DESC 'RFC2798: type of employment for a person' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++ ++attributetype ( 0.9.2342.19200300.100.1.60 ++ NAME 'jpegPhoto' ++ DESC 'RFC2798: a JPEG image' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) ++ ++attributetype ( 2.16.840.1.113730.3.1.39 ++ NAME 'preferredLanguage' ++ DESC 'RFC2798: preferred written or spoken language for a person' ++ EQUALITY caseIgnoreMatch ++ SUBSTR caseIgnoreSubstringsMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ++ SINGLE-VALUE ) ++ ++## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary ++attributetype ( 2.16.840.1.113730.3.1.40 ++ NAME 'userSMIMECertificate' ++ DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) ++ ++## OpenLDAP note: ";binary" transfer should NOT be used as syntax is binary ++attributetype ( 2.16.840.1.113730.3.1.216 ++ NAME 'userPKCS12' ++ DESC 'RFC2798: personal identity information, a PKCS #12 PFX' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) ++ ++objectclass ( 2.16.840.1.113730.3.2.2 ++ NAME 'inetOrgPerson' ++ DESC 'RFC2798: Internet Organizational Person' ++ SUP organizationalPerson ++ STRUCTURAL ++ MAY ( ++ audio $ businessCategory $ carLicense $ departmentNumber $ ++ displayName $ employeeNumber $ employeeType $ givenName $ ++ homePhone $ homePostalAddress $ initials $ jpegPhoto $ ++ labeledURI $ mail $ manager $ mobile $ o $ pager $ ++ photo $ roomNumber $ secretary $ uid $ userCertificate $ ++ x500uniqueIdentifier $ preferredLanguage $ ++ userSMIMECertificate $ userPKCS12 ) ++ ) diff --cc debian/schema/java.schema index 00000000,00000000..24c1f1b2 new file mode 100644 --- /dev/null +++ b/debian/schema/java.schema @@@ -1,0 -1,0 +1,109 @@@ ++# java.schema -- Java Object Schema ++# $OpenLDAP: pkg/ldap/servers/slapd/schema/java.schema,v 1.5.2.3 2007/01/02 21:44:09 kurt Exp $ ++## This work is part of OpenLDAP Software . ++## ++## Copyright 1998-2007 The OpenLDAP Foundation. ++## All rights reserved. ++## ++## Redistribution and use in source and binary forms, with or without ++## modification, are permitted only as authorized by the OpenLDAP ++## Public License. ++## ++## A copy of this license is available in the file LICENSE in the ++## top-level directory of the distribution or, alternatively, at ++## . ++# ++# Java Object Schema (defined in RFC 2713) ++# depends upon core.schema ++# ++ ++# The version of this file as distributed by the OpenLDAP Foundation ++# contains text from an IETF RFC explaining the schema. Unfortunately, ++# that text is covered by a license that doesn't meet Debian's Free ++# Software Guidelines. This is a stripped version of the schema that ++# contains only the functional schema definition, not the text of the ++# RFC. ++# ++# For an explanation of this schema, see RFC 2713, at (among other ++# places): http://www.ietf.org/rfc/rfc2713.txt ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.6 ++ NAME 'javaClassName' ++ DESC 'Fully qualified name of distinguished Java class or interface' ++ EQUALITY caseExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.7 ++ NAME 'javaCodebase' ++ DESC 'URL(s) specifying the location of class definition' ++ EQUALITY caseExactIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.13 ++ NAME 'javaClassNames' ++ DESC 'Fully qualified Java class or interface name' ++ EQUALITY caseExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.8 ++ NAME 'javaSerializedData' ++ DESC 'Serialized form of a Java object' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.10 ++ NAME 'javaFactory' ++ DESC 'Fully qualified Java class name of a JNDI object factory' ++ EQUALITY caseExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.11 ++ NAME 'javaReferenceAddress' ++ DESC 'Addresses associated with a JNDI Reference' ++ EQUALITY caseExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.4.1.12 ++ NAME 'javaDoc' ++ DESC 'The Java documentation for the class' ++ EQUALITY caseExactIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.1 ++ NAME 'javaContainer' ++ DESC 'Container for a Java object' ++ SUP top ++ STRUCTURAL ++ MUST cn ) ++ ++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.4 ++ NAME 'javaObject' ++ DESC 'Java object representation' ++ SUP top ++ ABSTRACT ++ MUST javaClassName ++ MAY ( javaClassNames $ javaCodebase $ ++ javaDoc $ description ) ) ++ ++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.5 ++ NAME 'javaSerializedObject' ++ DESC 'Java serialized object' ++ SUP javaObject ++ AUXILIARY ++ MUST javaSerializedData ) ++ ++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.8 ++ NAME 'javaMarshalledObject' ++ DESC 'Java marshalled object' ++ SUP javaObject ++ AUXILIARY ++ MUST javaSerializedData ) ++ ++objectclass ( 1.3.6.1.4.1.42.2.27.4.2.7 ++ NAME 'javaNamingReference' ++ DESC 'JNDI reference' ++ SUP javaObject ++ AUXILIARY ++ MAY ( javaReferenceAddress $ javaFactory ) ) diff --cc debian/schema/pmi.schema index 00000000,00000000..bc3ca0b1 new file mode 100644 --- /dev/null +++ b/debian/schema/pmi.schema @@@ -1,0 -1,0 +1,476 @@@ ++# OpenLDAP X.509 PMI schema ++# $OpenLDAP$ ++## This work is part of OpenLDAP Software . ++## ++## Copyright 1998-2014 The OpenLDAP Foundation. ++## All rights reserved. ++## ++## Redistribution and use in source and binary forms, with or without ++## modification, are permitted only as authorized by the OpenLDAP ++## Public License. ++## ++## A copy of this license is available in the file LICENSE in the ++## top-level directory of the distribution or, alternatively, at ++## . ++# ++ ++# The version of this file as distributed by the OpenLDAP Foundation ++# contains text claiming copyright by the Internet Society and including ++# the IETF RFC license, which does not meet Debian's Free Software ++# Guidelines. However, apart from short and obvious comments, the text of ++# this file is purely a functional interface specification, which is not ++# subject to that license and is not copyrightable under US law. ++# ++# The license statement is retained below so as not to remove credit, but ++# as best as we can determine, it is not applicable to the contents of ++# this file. ++ ++## Portions Copyright (C) The Internet Society (1997-2006). ++## All Rights Reserved. ++## ++## This document and translations of it may be copied and furnished to ++## others, and derivative works that comment on or otherwise explain it ++## or assist in its implementation may be prepared, copied, published ++## and distributed, in whole or in part, without restriction of any ++## kind, provided that the above copyright notice and this paragraph are ++## included on all such copies and derivative works. However, this ++## document itself may not be modified in any way, such as by removing ++## the copyright notice or references to the Internet Society or other ++## Internet organizations, except as needed for the purpose of ++## developing Internet standards in which case the procedures for ++## copyrights defined in the Internet Standards process must be ++## followed, or as required to translate it into languages other than ++## English. ++## ++## The limited permissions granted above are perpetual and will not be ++## revoked by the Internet Society or its successors or assigns. ++## ++## This document and the information contained herein is provided on an ++## "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING ++## TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ++## BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION ++## HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF ++## MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. ++ ++# ++# ++# Includes LDAPv3 schema items from: ++# ITU X.509 (08/2005) ++# ++## X.509 (08/2005) pp. 120-121 ++## ++## -- object identifier assignments -- ++## -- object classes -- ++## id-oc-pmiUser OBJECT IDENTIFIER ::= {id-oc 24} ++## id-oc-pmiAA OBJECT IDENTIFIER ::= {id-oc 25} ++## id-oc-pmiSOA OBJECT IDENTIFIER ::= {id-oc 26} ++## id-oc-attCertCRLDistributionPts OBJECT IDENTIFIER ::= {id-oc 27} ++## id-oc-privilegePolicy OBJECT IDENTIFIER ::= {id-oc 32} ++## id-oc-pmiDelegationPath OBJECT IDENTIFIER ::= {id-oc 33} ++## id-oc-protectedPrivilegePolicy OBJECT IDENTIFIER ::= {id-oc 34} ++## -- directory attributes -- ++## id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58} ++## id-at-attributeCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 59} ++## id-at-aACertificate OBJECT IDENTIFIER ::= {id-at 61} ++## id-at-attributeDescriptorCertificate OBJECT IDENTIFIER ::= {id-at 62} ++## id-at-attributeAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 63} ++## id-at-privPolicy OBJECT IDENTIFIER ::= {id-at 71} ++## id-at-role OBJECT IDENTIFIER ::= {id-at 72} ++## id-at-delegationPath OBJECT IDENTIFIER ::= {id-at 73} ++## id-at-protPrivPolicy OBJECT IDENTIFIER ::= {id-at 74} ++## id-at-xMLPrivilegeInfo OBJECT IDENTIFIER ::= {id-at 75} ++## id-at-xMLPprotPrivPolicy OBJECT IDENTIFIER ::= {id-at 76} ++## -- attribute certificate extensions -- ++## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38} ++## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39} ++## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41} ++## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42} ++## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43} ++## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48} ++## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49} ++## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50} ++## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52} ++## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55} ++## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56} ++## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57} ++## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61} ++## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62} ++## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64} ++## -- PMI matching rules -- ++## id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42} ++## id-mr-attributeCertificateExactMatch OBJECT IDENTIFIER ::= {id-mr 45} ++## id-mr-holderIssuerMatch OBJECT IDENTIFIER ::= {id-mr 46} ++## id-mr-authAttIdMatch OBJECT IDENTIFIER ::= {id-mr 53} ++## id-mr-roleSpecCertIdMatch OBJECT IDENTIFIER ::= {id-mr 54} ++## id-mr-basicAttConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 55} ++## id-mr-delegatedNameConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 56} ++## id-mr-timeSpecMatch OBJECT IDENTIFIER ::= {id-mr 57} ++## id-mr-attDescriptorMatch OBJECT IDENTIFIER ::= {id-mr 58} ++## id-mr-acceptableCertPoliciesMatch OBJECT IDENTIFIER ::= {id-mr 59} ++## id-mr-delegationPathMatch OBJECT IDENTIFIER ::= {id-mr 61} ++## id-mr-sOAIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 66} ++## id-mr-indirectIssuerMatch OBJECT IDENTIFIER ::= {id-mr 67} ++## ++## ++## X.509 (08/2005) pp. 71, 86-89 ++## ++## 14.4.1 Role attribute ++## role ATTRIBUTE ::= { ++## WITH SYNTAX RoleSyntax ++## ID id-at-role } ++## RoleSyntax ::= SEQUENCE { ++## roleAuthority [0] GeneralNames OPTIONAL, ++## roleName [1] GeneralName } ++## ++## 14.5 XML privilege information attribute ++## xmlPrivilegeInfo ATTRIBUTE ::= { ++## WITH SYNTAX UTF8String -- contains XML-encoded privilege information ++## ID id-at-xMLPrivilegeInfo } ++## ++## 17.1 PMI directory object classes ++## ++## 17.1.1 PMI user object class ++## pmiUser OBJECT-CLASS ::= { ++## -- a PMI user (i.e., a "holder") ++## SUBCLASS OF {top} ++## KIND auxiliary ++## MAY CONTAIN {attributeCertificateAttribute} ++## ID id-oc-pmiUser } ++## ++## 17.1.2 PMI AA object class ++## pmiAA OBJECT-CLASS ::= { ++## -- a PMI AA ++## SUBCLASS OF {top} ++## KIND auxiliary ++## MAY CONTAIN {aACertificate | ++## attributeCertificateRevocationList | ++## attributeAuthorityRevocationList} ++## ID id-oc-pmiAA } ++## ++## 17.1.3 PMI SOA object class ++## pmiSOA OBJECT-CLASS ::= { -- a PMI Source of Authority ++## SUBCLASS OF {top} ++## KIND auxiliary ++## MAY CONTAIN {attributeCertificateRevocationList | ++## attributeAuthorityRevocationList | ++## attributeDescriptorCertificate} ++## ID id-oc-pmiSOA } ++## ++## 17.1.4 Attribute certificate CRL distribution point object class ++## attCertCRLDistributionPt OBJECT-CLASS ::= { ++## SUBCLASS OF {top} ++## KIND auxiliary ++## MAY CONTAIN { attributeCertificateRevocationList | ++## attributeAuthorityRevocationList } ++## ID id-oc-attCertCRLDistributionPts } ++## ++## 17.1.5 PMI delegation path ++## pmiDelegationPath OBJECT-CLASS ::= { ++## SUBCLASS OF {top} ++## KIND auxiliary ++## MAY CONTAIN { delegationPath } ++## ID id-oc-pmiDelegationPath } ++## ++## 17.1.6 Privilege policy object class ++## privilegePolicy OBJECT-CLASS ::= { ++## SUBCLASS OF {top} ++## KIND auxiliary ++## MAY CONTAIN {privPolicy } ++## ID id-oc-privilegePolicy } ++## ++## 17.1.7 Protected privilege policy object class ++## protectedPrivilegePolicy OBJECT-CLASS ::= { ++## SUBCLASS OF {top} ++## KIND auxiliary ++## MAY CONTAIN {protPrivPolicy } ++## ID id-oc-protectedPrivilegePolicy } ++## ++## 17.2 PMI Directory attributes ++## ++## 17.2.1 Attribute certificate attribute ++## attributeCertificateAttribute ATTRIBUTE ::= { ++## WITH SYNTAX AttributeCertificate ++## EQUALITY MATCHING RULE attributeCertificateExactMatch ++## ID id-at-attributeCertificate } ++## ++## 17.2.2 AA certificate attribute ++## aACertificate ATTRIBUTE ::= { ++## WITH SYNTAX AttributeCertificate ++## EQUALITY MATCHING RULE attributeCertificateExactMatch ++## ID id-at-aACertificate } ++## ++## 17.2.3 Attribute descriptor certificate attribute ++## attributeDescriptorCertificate ATTRIBUTE ::= { ++## WITH SYNTAX AttributeCertificate ++## EQUALITY MATCHING RULE attributeCertificateExactMatch ++## ID id-at-attributeDescriptorCertificate } ++## ++## 17.2.4 Attribute certificate revocation list attribute ++## attributeCertificateRevocationList ATTRIBUTE ::= { ++## WITH SYNTAX CertificateList ++## EQUALITY MATCHING RULE certificateListExactMatch ++## ID id-at-attributeCertificateRevocationList} ++## ++## 17.2.5 AA certificate revocation list attribute ++## attributeAuthorityRevocationList ATTRIBUTE ::= { ++## WITH SYNTAX CertificateList ++## EQUALITY MATCHING RULE certificateListExactMatch ++## ID id-at-attributeAuthorityRevocationList } ++## ++## 17.2.6 Delegation path attribute ++## delegationPath ATTRIBUTE ::= { ++## WITH SYNTAX AttCertPath ++## ID id-at-delegationPath } ++## AttCertPath ::= SEQUENCE OF AttributeCertificate ++## ++## 17.2.7 Privilege policy attribute ++## privPolicy ATTRIBUTE ::= { ++## WITH SYNTAX PolicySyntax ++## ID id-at-privPolicy } ++## ++## 17.2.8 Protected privilege policy attribute ++## protPrivPolicy ATTRIBUTE ::= { ++## WITH SYNTAX AttributeCertificate ++## EQUALITY MATCHING RULE attributeCertificateExactMatch ++## ID id-at-protPrivPolicy } ++## ++## 17.2.9 XML Protected privilege policy attribute ++## xmlPrivPolicy ATTRIBUTE ::= { ++## WITH SYNTAX UTF8String -- contains XML-encoded privilege policy information ++## ID id-at-xMLPprotPrivPolicy } ++## ++ ++## -- object identifier assignments -- ++## -- object classes -- ++objectidentifier id-oc-pmiUser 2.5.6.24 ++objectidentifier id-oc-pmiAA 2.5.6.25 ++objectidentifier id-oc-pmiSOA 2.5.6.26 ++objectidentifier id-oc-attCertCRLDistributionPts 2.5.6.27 ++objectidentifier id-oc-privilegePolicy 2.5.6.32 ++objectidentifier id-oc-pmiDelegationPath 2.5.6.33 ++objectidentifier id-oc-protectedPrivilegePolicy 2.5.6.34 ++## -- directory attributes -- ++objectidentifier id-at-attributeCertificate 2.5.4.58 ++objectidentifier id-at-attributeCertificateRevocationList 2.5.4.59 ++objectidentifier id-at-aACertificate 2.5.4.61 ++objectidentifier id-at-attributeDescriptorCertificate 2.5.4.62 ++objectidentifier id-at-attributeAuthorityRevocationList 2.5.4.63 ++objectidentifier id-at-privPolicy 2.5.4.71 ++objectidentifier id-at-role 2.5.4.72 ++objectidentifier id-at-delegationPath 2.5.4.73 ++objectidentifier id-at-protPrivPolicy 2.5.4.74 ++objectidentifier id-at-xMLPrivilegeInfo 2.5.4.75 ++objectidentifier id-at-xMLPprotPrivPolicy 2.5.4.76 ++## -- attribute certificate extensions -- ++## id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::= {id-ce 38} ++## id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39} ++## id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41} ++## id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42} ++## id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43} ++## id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48} ++## id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49} ++## id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50} ++## id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52} ++## id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55} ++## id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56} ++## id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57} ++## id-ce-indirectIssuer OBJECT IDENTIFIER ::= {id-ce 61} ++## id-ce-noAssertion OBJECT IDENTIFIER ::= {id-ce 62} ++## id-ce-issuedOnBehalfOf OBJECT IDENTIFIER ::= {id-ce 64} ++## -- PMI matching rules -- ++objectidentifier id-mr 2.5.13 ++objectidentifier id-mr-attributeCertificateMatch id-mr:42 ++objectidentifier id-mr-attributeCertificateExactMatch id-mr:45 ++objectidentifier id-mr-holderIssuerMatch id-mr:46 ++objectidentifier id-mr-authAttIdMatch id-mr:53 ++objectidentifier id-mr-roleSpecCertIdMatch id-mr:54 ++objectidentifier id-mr-basicAttConstraintsMatch id-mr:55 ++objectidentifier id-mr-delegatedNameConstraintsMatch id-mr:56 ++objectidentifier id-mr-timeSpecMatch id-mr:57 ++objectidentifier id-mr-attDescriptorMatch id-mr:58 ++objectidentifier id-mr-acceptableCertPoliciesMatch id-mr:59 ++objectidentifier id-mr-delegationPathMatch id-mr:61 ++objectidentifier id-mr-sOAIdentifierMatch id-mr:66 ++objectidentifier id-mr-indirectIssuerMatch id-mr:67 ++## -- syntaxes -- ++## NOTE: 1.3.6.1.4.1.4203.666.11.10 is the oid arc assigned by OpenLDAP ++## to this work in progress ++objectidentifier AttributeCertificate 1.3.6.1.4.1.4203.666.11.10.2.1 ++objectidentifier CertificateList 1.3.6.1.4.1.1466.115.121.1.9 ++objectidentifier AttCertPath 1.3.6.1.4.1.4203.666.11.10.2.4 ++objectidentifier PolicySyntax 1.3.6.1.4.1.4203.666.11.10.2.5 ++objectidentifier RoleSyntax 1.3.6.1.4.1.4203.666.11.10.2.6 ++# NOTE: OIDs from (expired) ++#objectidentifier AttributeCertificate 1.2.826.0.1.3344810.7.5 ++#objectidentifier AttCertPath 1.2.826.0.1.3344810.7.10 ++#objectidentifier PolicySyntax 1.2.826.0.1.3344810.7.17 ++#objectidentifier RoleSyntax 1.2.826.0.1.3344810.7.13 ++## ++## Substitute syntaxes ++## ++## AttCertPath ++ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.4 ++ NAME 'AttCertPath' ++ DESC 'X.509 PMI attribute cartificate path: SEQUENCE OF AttributeCertificate' ++ X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) ++## ++## PolicySyntax ++ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.5 ++ NAME 'PolicySyntax' ++ DESC 'X.509 PMI policy syntax' ++ X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) ++## ++## RoleSyntax ++ldapsyntax ( 1.3.6.1.4.1.4203.666.11.10.2.6 ++ NAME 'RoleSyntax' ++ DESC 'X.509 PMI role syntax' ++ X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) ++## ++## X.509 (08/2005) pp. 71, 86-89 ++## ++## 14.4.1 Role attribute ++attributeType ( id-at-role ++ NAME 'role' ++ DESC 'X.509 Role attribute, use ;binary' ++ SYNTAX RoleSyntax ) ++## ++## 14.5 XML privilege information attribute ++## -- contains XML-encoded privilege information ++attributeType ( id-at-xMLPrivilegeInfo ++ NAME 'xmlPrivilegeInfo' ++ DESC 'X.509 XML privilege information attribute' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++## ++## 17.2 PMI Directory attributes ++## ++## 17.2.1 Attribute certificate attribute ++attributeType ( id-at-attributeCertificate ++ NAME 'attributeCertificateAttribute' ++ DESC 'X.509 Attribute certificate attribute, use ;binary' ++ SYNTAX AttributeCertificate ++ EQUALITY attributeCertificateExactMatch ) ++## ++## 17.2.2 AA certificate attribute ++attributeType ( id-at-aACertificate ++ NAME 'aACertificate' ++ DESC 'X.509 AA certificate attribute, use ;binary' ++ SYNTAX AttributeCertificate ++ EQUALITY attributeCertificateExactMatch ) ++## ++## 17.2.3 Attribute descriptor certificate attribute ++attributeType ( id-at-attributeDescriptorCertificate ++ NAME 'attributeDescriptorCertificate' ++ DESC 'X.509 Attribute descriptor certificate attribute, use ;binary' ++ SYNTAX AttributeCertificate ++ EQUALITY attributeCertificateExactMatch ) ++## ++## 17.2.4 Attribute certificate revocation list attribute ++attributeType ( id-at-attributeCertificateRevocationList ++ NAME 'attributeCertificateRevocationList' ++ DESC 'X.509 Attribute certificate revocation list attribute, use ;binary' ++ SYNTAX CertificateList ++ X-EQUALITY 'certificateListExactMatch, not implemented yet' ) ++## ++## 17.2.5 AA certificate revocation list attribute ++attributeType ( id-at-attributeAuthorityRevocationList ++ NAME 'attributeAuthorityRevocationList' ++ DESC 'X.509 AA certificate revocation list attribute, use ;binary' ++ SYNTAX CertificateList ++ X-EQUALITY 'certificateListExactMatch, not implemented yet' ) ++## ++## 17.2.6 Delegation path attribute ++attributeType ( id-at-delegationPath ++ NAME 'delegationPath' ++ DESC 'X.509 Delegation path attribute, use ;binary' ++ SYNTAX AttCertPath ) ++## AttCertPath ::= SEQUENCE OF AttributeCertificate ++## ++## 17.2.7 Privilege policy attribute ++attributeType ( id-at-privPolicy ++ NAME 'privPolicy' ++ DESC 'X.509 Privilege policy attribute, use ;binary' ++ SYNTAX PolicySyntax ) ++## ++## 17.2.8 Protected privilege policy attribute ++attributeType ( id-at-protPrivPolicy ++ NAME 'protPrivPolicy' ++ DESC 'X.509 Protected privilege policy attribute, use ;binary' ++ SYNTAX AttributeCertificate ++ EQUALITY attributeCertificateExactMatch ) ++## ++## 17.2.9 XML Protected privilege policy attribute ++## -- contains XML-encoded privilege policy information ++attributeType ( id-at-xMLPprotPrivPolicy ++ NAME 'xmlPrivPolicy' ++ DESC 'X.509 XML Protected privilege policy attribute' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ++## ++## 17.1 PMI directory object classes ++## ++## 17.1.1 PMI user object class ++## -- a PMI user (i.e., a "holder") ++objectClass ( id-oc-pmiUser ++ NAME 'pmiUser' ++ DESC 'X.509 PMI user object class' ++ SUP top ++ AUXILIARY ++ MAY ( attributeCertificateAttribute ) ) ++## ++## 17.1.2 PMI AA object class ++## -- a PMI AA ++objectClass ( id-oc-pmiAA ++ NAME 'pmiAA' ++ DESC 'X.509 PMI AA object class' ++ SUP top ++ AUXILIARY ++ MAY ( aACertificate $ ++ attributeCertificateRevocationList $ ++ attributeAuthorityRevocationList ++ ) ) ++## ++## 17.1.3 PMI SOA object class ++## -- a PMI Source of Authority ++objectClass ( id-oc-pmiSOA ++ NAME 'pmiSOA' ++ DESC 'X.509 PMI SOA object class' ++ SUP top ++ AUXILIARY ++ MAY ( attributeCertificateRevocationList $ ++ attributeAuthorityRevocationList $ ++ attributeDescriptorCertificate ++ ) ) ++## ++## 17.1.4 Attribute certificate CRL distribution point object class ++objectClass ( id-oc-attCertCRLDistributionPts ++ NAME 'attCertCRLDistributionPt' ++ DESC 'X.509 Attribute certificate CRL distribution point object class' ++ SUP top ++ AUXILIARY ++ MAY ( attributeCertificateRevocationList $ ++ attributeAuthorityRevocationList ++ ) ) ++## ++## 17.1.5 PMI delegation path ++objectClass ( id-oc-pmiDelegationPath ++ NAME 'pmiDelegationPath' ++ DESC 'X.509 PMI delegation path' ++ SUP top ++ AUXILIARY ++ MAY ( delegationPath ) ) ++## ++## 17.1.6 Privilege policy object class ++objectClass ( id-oc-privilegePolicy ++ NAME 'privilegePolicy' ++ DESC 'X.509 Privilege policy object class' ++ SUP top ++ AUXILIARY ++ MAY ( privPolicy ) ) ++## ++## 17.1.7 Protected privilege policy object class ++objectClass ( id-oc-protectedPrivilegePolicy ++ NAME 'protectedPrivilegePolicy' ++ DESC 'X.509 Protected privilege policy object class' ++ SUP top ++ AUXILIARY ++ MAY ( protPrivPolicy ) ) ++ diff --cc debian/schema/ppolicy.schema index 00000000,00000000..32076582 new file mode 100644 --- /dev/null +++ b/debian/schema/ppolicy.schema @@@ -1,0 -1,0 +1,167 @@@ ++# $OpenLDAP: pkg/ldap/servers/slapd/schema/ppolicy.schema,v 1.2.2.4 2007/01/02 21:44:09 kurt Exp $ ++## This work is part of OpenLDAP Software . ++## ++## Copyright 2004-2007 The OpenLDAP Foundation. ++## All rights reserved. ++## ++## Redistribution and use in source and binary forms, with or without ++## modification, are permitted only as authorized by the OpenLDAP ++## Public License. ++## ++## A copy of this license is available in the file LICENSE in the ++## top-level directory of the distribution or, alternatively, at ++## . ++# ++## Portions Copyright (C) The Internet Society (2004). ++## Please see full copyright statement below. ++ ++# Definitions from Draft behera-ldap-password-policy-07 (a work in progress) ++# Password Policy for LDAP Directories ++# With extensions from Hewlett-Packard: ++# pwdCheckModule etc. ++ ++# Contents of this file are subject to change (including deletion) ++# without notice. ++# ++# Not recommended for production use! ++# Use with extreme caution! ++ ++# The version of this file as distributed by the OpenLDAP Foundation ++# contains text from an IETF Internet-Draft explaining the schema. ++# Unfortunately, that text is covered by a license that doesn't meet ++# Debian's Free Software Guidelines. This is a stripped version of the ++# schema that contains only the functional schema definition, not the text ++# of the Internet-Draft. ++# ++# For an explanation of this schema, see ++# draft-behera-ldap-password-policy-08.txt. ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.1 ++ NAME 'pwdAttribute' ++ EQUALITY objectIdentifierMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.2 ++ NAME 'pwdMinAge' ++ EQUALITY integerMatch ++ ORDERING integerOrderingMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.3 ++ NAME 'pwdMaxAge' ++ EQUALITY integerMatch ++ ORDERING integerOrderingMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.4 ++ NAME 'pwdInHistory' ++ EQUALITY integerMatch ++ ORDERING integerOrderingMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.5 ++ NAME 'pwdCheckQuality' ++ EQUALITY integerMatch ++ ORDERING integerOrderingMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.6 ++ NAME 'pwdMinLength' ++ EQUALITY integerMatch ++ ORDERING integerOrderingMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.7 ++ NAME 'pwdExpireWarning' ++ EQUALITY integerMatch ++ ORDERING integerOrderingMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.8 ++ NAME 'pwdGraceAuthNLimit' ++ EQUALITY integerMatch ++ ORDERING integerOrderingMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.9 ++ NAME 'pwdLockout' ++ EQUALITY booleanMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.10 ++ NAME 'pwdLockoutDuration' ++ EQUALITY integerMatch ++ ORDERING integerOrderingMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.11 ++ NAME 'pwdMaxFailure' ++ EQUALITY integerMatch ++ ORDERING integerOrderingMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.12 ++ NAME 'pwdFailureCountInterval' ++ EQUALITY integerMatch ++ ORDERING integerOrderingMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.13 ++ NAME 'pwdMustChange' ++ EQUALITY booleanMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.14 ++ NAME 'pwdAllowUserChange' ++ EQUALITY booleanMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.15 ++ NAME 'pwdSafeModify' ++ EQUALITY booleanMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.42.2.27.8.1.30 ++ NAME 'pwdMaxRecordedFailure' ++ EQUALITY integerMatch ++ ORDERING integerOrderingMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.4.1.4754.1.99.1 ++ NAME 'pwdCheckModule' ++ EQUALITY caseExactIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ++ DESC 'Loadable module that instantiates check_password() function' ++ SINGLE-VALUE ) ++ ++objectclass ( 1.3.6.1.4.1.4754.2.99.1 ++ NAME 'pwdPolicyChecker' ++ SUP top ++ AUXILIARY ++ MAY ( pwdCheckModule ) ) ++ ++objectclass ( 1.3.6.1.4.1.42.2.27.8.2.1 ++ NAME 'pwdPolicy' ++ SUP top ++ AUXILIARY ++ MUST ( pwdAttribute ) ++ MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $ ++ pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout ++ $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $ ++ pwdMustChange $ pwdAllowUserChange $ pwdSafeModify $ ++ pwdMaxRecordedFailure ) ) diff --cc debian/slapd-contrib.examples index 00000000,00000000..2db0324c new file mode 100644 --- /dev/null +++ b/debian/slapd-contrib.examples @@@ -1,0 -1,0 +1,2 @@@ ++contrib/slapd-modules/passwd/apr1-atol.pl ++contrib/slapd-modules/passwd/apr1-ltoa.pl diff --cc debian/slapd-contrib.install index 00000000,00000000..62101941 new file mode 100644 --- /dev/null +++ b/debian/slapd-contrib.install @@@ -1,0 -1,0 +1,10 @@@ ++usr/lib/ldap/pw-apr1.so* ++usr/lib/ldap/pw-apr1.la ++usr/lib/ldap/pw-argon2.so* ++usr/lib/ldap/pw-argon2.la ++usr/lib/ldap/pw-netscape.so* ++usr/lib/ldap/pw-netscape.la ++usr/lib/ldap/pw-pbkdf2.so* ++usr/lib/ldap/pw-pbkdf2.la ++usr/lib/ldap/smbk5pwd.so* ++usr/lib/ldap/smbk5pwd.la diff --cc debian/slapd-contrib.lintian-overrides index 00000000,00000000..fa931f08 new file mode 100644 --- /dev/null +++ b/debian/slapd-contrib.lintian-overrides @@@ -1,0 -1,0 +1,4 @@@ ++# #204975 ++slapd-contrib: package-has-unnecessary-activation-of-ldconfig-trigger ++# rpath set by krb5-config.heimdal; #868840 ++binary-or-shlib-defines-rpath usr/lib/ldap/smbk5pwd.so.0.0.0 /usr/lib/*/heimdal diff --cc debian/slapd-contrib.manpages index 00000000,00000000..c859bbda new file mode 100644 --- /dev/null +++ b/debian/slapd-contrib.manpages @@@ -1,0 -1,0 +1,3 @@@ ++debian/slapo-pw-pbkdf2.5 ++debian/tmp/usr/share/man/man5/slapd-pw-argon2.5 ++debian/tmp/usr/share/man/man5/slapo-smbk5pwd.5 diff --cc debian/slapd-remain-after-exit.conf index 00000000,00000000..74ae991a new file mode 100644 --- /dev/null +++ b/debian/slapd-remain-after-exit.conf @@@ -1,0 -1,0 +1,2 @@@ ++[Service] ++RemainAfterExit=no diff --cc debian/slapd.NEWS index 00000000,00000000..1bd5fe04 new file mode 100644 --- /dev/null +++ b/debian/slapd.NEWS @@@ -1,0 -1,0 +1,42 @@@ ++openldap (2.4.49+dfsg-1) unstable; urgency=medium ++ ++ This release fixes an issue with how the slapo-ppolicy(5) overlay ++ stores the pwdChangedTime attribute in the database. Existing ++ incorrect records could cause slapd to crash if a database ++ administrator uses the Relax control to modify pwdChangedTime. ++ ++ Users of the ppolicy overlay are recommended to reload (slapcat and ++ slapadd) their database in order to fix existing data. ++ ++ Please see for more ++ information. ++ ++ -- Ryan Tandy Mon, 03 Feb 2020 09:58:29 -0800 ++ ++openldap (2.4.44+dfsg-1) unstable; urgency=medium ++ ++ The slapd package no longer includes OpenSLP support. The ++ openslp-dfsg package is being retired due to lack of maintenance and ++ security concerns. Please see for ++ more information. ++ ++ -- Ryan Tandy Tue, 15 Mar 2016 03:59:27 +0000 ++ ++openldap (2.4.23-3) unstable; urgency=low ++ ++ The OpenLDAP packages in Debian now use the slapd.d LDIF-based ++ configuration model by default. Please see README.Debian for more ++ information. ++ ++ -- Matthijs Mohlmann Mon, 19 Jul 2010 10:48:19 +0200 ++ ++openldap2.3 (2.3.23-1) unstable; urgency=low ++ ++ The Debian slapd package no longer includes support for the LDBM backend. ++ It has been disabled as a result of concerns over data loss and lack of ++ upstream support. For more information, see: ++ http://www.openldap.org/faq/index.cgi?_highlightWords=ldbm&file=756 ++ The BDB backend is now the main backend to use. This backend is supported ++ upstream and has several fixes included for known problems. ++ ++ -- Matthijs Mohlmann Sun, 26 Feb 2006 20:05:44 +0100 diff --cc debian/slapd.README.Debian index 00000000,00000000..ecec104e new file mode 100644 --- /dev/null +++ b/debian/slapd.README.Debian @@@ -1,0 -1,0 +1,333 @@@ ++Notes about Debian's slapd package ++---------------------------------- ++ ++ Please see the bottom of this file for the ways in which the Debian ++ OpenLDAP packages differ from the upstream OpenLDAP releases. Please ++ report any bugs that may be related to those changes to Debian via ++ reportbug and not to upstream; upstream is not responsible for changes ++ made in the Debian package. ++ ++ In addition to the man pages shipped with this package, please consult ++ the OpenLDAP Admin Guide for more information, including configuration ++ examples for common use cases. ++ ++Initial slapd configuration ++ ++ Upon installation the slapd package performs a number of tasks. It ++ initializes the configuration database, stored in LDAP and rooted at ++ the DN "cn=config". It creates an initial directory database with a ++ DN rooted at a suffix derived from the DNS domain configured in ++ debconf (e.g. "dc=example,dc=com"). The default backend for the ++ directory database is the MDB backend. The root (administrative) DN ++ is set to "cn=admin,". The root password is set to the ++ password configured in debconf, or a randomly generated password if ++ none was set. ++ ++ If desired, a new configuration and directory database can be ++ created by running, as root: ++ ++ dpkg-reconfigure slapd ++ ++ Caution: this command completely resets the configuration and all ++ LDAP directory data (saving a backup in /var/backups), resetting ++ slapd to a new initial state. ++ ++ The configuration database ("cn=config") and directory database ++ ("dc=,dc=") have different permissions. Upon ++ installation, the Unix root user has permission to manage the slapd ++ configuration ("cn=config") database. The LDAP directory manager ++ ("cn=admin,") has permission to manage the directory database ++ ("dc=,dc="). This policy is specific to Debian. ++ ++Maintaining the slapd configuration ++ ++ Since version 2.4.23-3 the default configuration of OpenLDAP has ++ been changed to "/etc/ldap/slapd.d"; configuration is stored in an ++ LDAP directory. The OpenLDAP packages in Debian provide an ++ automatic migration to the new configuration style. With the new ++ configuration style it is possible to change values on the fly ++ without restarting slapd. Changes are made through the use of ldif ++ files and ldap{add,modify}. ++ ++ Debian defaults to granting the Unix root user, and only the Unix ++ root user, administrative privileges to the configuration database. ++ The configuration database is stored in LDAP. Administrative ++ privileges to the configuration database are granted to root when ++ the special SASL mechanism "EXTERNAL" is used for authentication. ++ The OpenLDAP client command option for this is "-Y EXTERNAL". ++ ++ You can use the following shell command, as root, to search the ++ configuration: ++ ++ ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=config" ++ ++ To modify configuration use the command: ++ ++ ldapmodify -Y EXTERNAL -H ldapi:/// -f ++ ++ For configuration options see the several manpages that exist or the ++ documentation provided upstream. ++ ++ To change the directory administrator's password, the olcRootPW ++ attribute of the database configuration must be updated. The new ++ password should be hashed using the slappasswd(8) command. Then, the ++ root user should update the attribute using ldapmodify(1): ++ ++ ldapmodify -H ldapi:// -Y EXTERNAL << EOF ++ dn: olcDatabase={1}mdb,cn=config ++ changetype: modify ++ replace: olcRootPW ++ olcRootPW: ++ ++ EOF ++ ++ Versions of slapd before 2.4.51+dfsg-1 additionally created a database ++ entry named the same as the rootDN (cn=admin,) and having the ++ same password. If this entry exists in your directory, its password ++ must also be updated using ldappasswd(1), otherwise the old password ++ can still be used. ++ ++Using the MDB Backend ++ ++ MDB is a new database backend using the LMDB library created by the ++ OpenLDAP developers. The MDB backend has fewer configuration ++ parameters than HDB/BDB and generally does not require hand tuning. ++ ++ The database is stored in a sparse file with a specified maximum size. ++ The size should be set larger than the database is ever anticipated to ++ grow, but can be increased later if needed. When the MDB backend is ++ chosen during initial configuration, the Debian package configures the ++ automatically created database with a maximum size of 1 GiB. ++ ++ The space currently used by the database can be found using du(1); for ++ example: du -h /var/lib/ldap/data.mdb ++ ++Using BDB/HDB Backends ++ ++ HDB was the recommended backend before MDB was developed. It's the ++ same as BDB but allows some additional operations. ++ ++ slapd BDB and HDB backends rely on libdb to store data on your disks. ++ libdb uses a configuration file to tune database specific ++ parameters. This file is called DB_CONFIG, and should be created in each ++ directory containing one of your ldap databases, usually /var/lib/ldap. ++ ++ It is VERY IMPORTANT to correctly setup a DB_CONFIG file. It is not ++ just a matter of performance: depending on the version of slapd and ++ libdb being used, your slapd may just hang and stop answering queries. ++ ++ To correctly set up your DB_CONFIG file, please refer to ++ README.DB_CONFIG.gz in this directory. ++ ++BerkeleyDB Version ++ ++ slapd has been built against version 5.3.28 of BerkeleyDB. ++ ++ slapd will automatically handle database recovery, so you generally do ++ not need the BerkeleyDB utilities. However, if you want to perform ++ other operations directly on the raw database without using the slapd ++ tools, install db5.3-util and use those BerkeleyDB utilities. Utilities ++ from other db*-util packages will not work correctly and may render the ++ database unusable by slapd. ++ ++BerkeleyDB database format upgrades ++ ++ When upgrading slapd to a new version where the Berkeley DB library's ++ storage format has changed, the database has to be backed up using ++ slapcat(8) before upgrading and restored using slapadd(8) afterwards. ++ Normally the maintainer scripts will handle this automatically, ++ performing the dump and restore as needed. ++ ++ If, after upgrading, slapd fails to start and you see the message ++ "Program version doesn't match environment version" in syslog, then ++ the DB version may have changed without a dump and reload. This should ++ be reported as a bug in the slapd package. In this case you will have ++ to downgrade slapd to the previous version as the new tools are unable ++ to dump the old database, and the same error would prevent you from ++ upgrading to the fixed version. Old package versions can be ++ found at if needed. ++ ++Logging ++ ++ slapd logs to the facility local4. If you want to direct slapd's logs to ++ a separate log file, add a line like: ++ ++ local4.debug /var/log/slapd.log ++ ++ to /etc/syslog.conf. You may also want to add ";local4.none" to the ++ catch-all entry that logs to /var/log/messages so that it doesn't ++ continue to receive slapd logs. ++ ++SASL Configuration ++ ++ To enable GSSAPI (Kerberos) authentication to slapd, install either the ++ libsasl2-modules-gssapi-mit or libsasl2-modules-gssapi-heimdal packages ++ depending on which Kerberos implementation you want to use. ++ ++ SASL configuration files may be placed either in /usr/lib/sasl2 (the ++ standard path, but not a great place for configuration files) or in ++ /etc/ldap/sasl2. A SASL configuration file should be named after the ++ program that will use it. So, for instance, to configure SASL for ++ slapd, create a file named slapd.conf in /etc/ldap/sasl2 or in ++ /usr/lib/sasl2. ++ ++TCP Wrappers ++ ++ The Debian slapd package is compiled with TCP wrappers. This means that ++ you are able to restrict access to the LDAP server using /etc/hosts.deny ++ or /etc/hosts.allow. ++ ++Running slapd under a Different UID/GID ++ ++ By default, slapd runs as openldap in the openldap group. Keeping the ++ default is easiest. If for some reason you need to run slapd as a ++ different user: ++ ++ - Create the user/group for slapd -- usually: ++ ++ adduser --system --group --disabled-login ++ ++ - Stop slapd: ++ ++ /etc/init.d/slapd stop ++ ++ - Tell slapd to run under a different UID by editing /etc/default/slapd ++ and setting SLAPD_USER and SLAPD_GROUP. (For example, ++ SLAPD_USER="ldap", SLAPD_GROUP="ldap") ++ ++ - Tell linux slapd can access all database files -- usually: ++ ++ chown -R : /var/lib/ldap ++ ++ - Tell linux slapd can access configuration files -- usually: ++ ++ chown -R : /etc/ldap/slapd.d ++ ++ - Tell linux slapd can access /var/run/slapd and write a PID file: ++ ++ chgrp /var/run/slapd ++ chmod 0770 /var/run/slapd ++ ++ - Start slapd -- /etc/init.d/slapd start ++ ++ Once you have done so, remember to always run any utilities that access ++ or update the database (such as slapadd) as the same user that slapd is ++ running as. If you forget, you will need to redo the chown noted above. ++ ++If slapd Depends on Other Service ++ ++ In the event that you are running slapd with a different back-end module ++ that depends on other programs (such as an SQL database) you may need to ++ adjust the runlevels of slapd to start after the SQL database. ++ ++Creating NSS Flat Files from LDAP ++ ++ If you have need to create passwd/shadow/etc files from an LDAP ++ directory there is now a script included with these Debian packages ++ which may help you. The script is in /usr/share/slapd/ and is named ++ ldiftopasswd. In general you should be able to do: ++ ++ ldapsearch | ldiftopasswd ++ ++ and it will generate the files for you. You will need appropriate ++ privileges, of course, and appropriate arguments to ldapsearch. ++ ++Modifications Compared to Upstream ++ ++ Compared to stock OpenLDAP as shipped by the OpenLDAP project, the ++ Debian packages make the following modifications. If you see any ++ problems caused by or related to these modifications, please report them ++ via the Debian bug tracking system using reportbug, not to the OpenLDAP ++ project. ++ ++ * The only LDAP library installed is libldap_r, which in the upstream ++ release is only used for slapd, and libldap is a symlink to it. This ++ library has thread safety for use with slapd, but that thread safety ++ is not checked for any application other than slapd by upstream. ++ Upstream does not support using libldap_r for programs other than ++ slapd. The current library installation strategy in the Debian ++ packages is an attempt to deal with problems caused by symbol ++ conflicts between libldap and libldap_r when both are pulled in by the ++ same process (most commonly by libnss-ldap) and the number of packages ++ that use libldap in threaded code expecting thread safety. ++ ++ * libldap and libber have symbol versioning added to prevent problems ++ during partial upgrades from older versions of the libraries. ++ ++ * slapindex has been patched to warn when run as root and the man page ++ has been patched to notify users that slapindex should be run as the ++ user slapd runs as. There is some upstream discussion of a better ++ fix. ++ ++ * slapd is configured to look in /etc/ldap/sasl2 in addition to ++ /usr/lib/sasl2 for SASL configuration files. ++ ++ * The libldap library is patched to add two functions used by ++ evolution-exchange for NTLM authentication to Active Directory. See ++ . ++ ++ * Several paths have been adjusted to fit Debian file permissions and ++ for Filesystem Hierarchy Standard compliance, namely: ++ - The ldapi socket is in /var/run/slapd ++ - The slapi error log has been moved to /var/log/slapi-errors ++ - The slapd database location is /var/lib/ldap ++ ++ In addition, upstream patches from CVS may be applied to fix bugs in the ++ current release and will not be noted here unless they're not expected ++ to be in the next release. ++ ++ Finally, note that the Debian OpenLDAP packages have been compiled ++ against GnuTLS instead of OpenSSL to avoid licensing problems for ++ GPL-covered packages that use the LDAP libraries. This is a supported ++ configuration, but it's not widely used outside of Debian. ++ ++ For the exact patches applied to the upstream source and references to ++ the relevant upstream ITS numbers, Debian bugs, and upstream ++ synchronization status, see the debian/patches directory in the ++ openldap source package. ++ ++ -- Russ Allbery , Thu, 14 Feb 2008 18:47:07 -0800 ++ ++Unsafe access control rule installed by default in previous versions ++ ++ Versions of slapd before 2.4.40-1 configured the default database with ++ an access control rule of the form: ++ ++ to * ++ by self write ++ by dn="cn=admin,dc=example,dc=com" write ++ by * read ++ ++ Depending on how the database and client applications are configured, ++ users might be able to impersonate others by editing attributes such ++ as their Unix user and group numbers, or other application-specific ++ attributes. ++ ++ New installations no longer include "by self write", but existing ++ configurations will not be automatically modified. ++ ++ To list your current access control rules, use the command: ++ ++ ldapsearch -Y EXTERNAL -H ldapi:/// -b 'cn=config' '(olcAccess=*)' olcAccess ++ ++ To fix the problem, create an LDIF file to replace the rules as ++ needed. For example: ++ ++ dn: olcDatabase={1}hdb,cn=config ++ delete: olcAccess ++ olcAccess: {2} ++ - ++ add: olcAccess ++ olcAccess: {2}to * by dn="cn=admin,dc=example,dc=com" write by * read ++ ++ Adjust the database DN, the administrative DN, and the rule numbers ++ according to your configuration, following the output from ldapsearch. ++ ++ Next, apply the configuration changes from the file: ++ ++ ldapmodify -Y EXTERNAL -H ldapi:/// -f mods.ldif ++ ++ For more information about access control rules, refer to the ++ slapd.access(5) man page. ++ ++ -- Ryan Tandy , Mon, 20 Oct 2014 11:45:20 -0700 diff --cc debian/slapd.backup index 00000000,00000000..4046f8cd new file mode 100644 --- /dev/null +++ b/debian/slapd.backup @@@ -1,0 -1,0 +1,62 @@@ ++#!/bin/bash ++# ++# Backup LDAP directories ++# ++# This script can be put in cron to create backups. ++# ++# Author: Matthijs Mohlmann ++# Date: Sat, 15 Jul 2006 21:13:14 +0200 ++# License: GPLv2 ++ ++# Make sure the backups are secured. ++umask 077 ++ ++BACKUPDIR="/var/backups/slapd" ++DEFAULTS="/etc/default/slapd" ++ ++# Check if there is a directory slapd, otherwise create it. ++if [ ! -d "$BACKUPDIR" ]; then ++ mkdir -p -m 0700 "$BACKUPDIR" ++fi ++ ++# Load default settings. ++if [ -e "$DEFAULTS" ]; then ++ . "$DEFAULTS" ++fi ++ ++# Specify a slapd.conf if not specified. ++if [ -z "$SLAPD_CONF" ]; then ++ SLAPD_CONF="/etc/ldap/slapd.conf" ++fi ++ ++# Set IFS to end of line. ++ORIGIFS=$IFS ++IFS=`echo -en "\n\b"` ++ ++# Backup recursive through all configfiles all suffix's in the form: ++# suffix.ldif in /var/backups/slapd ++function backupDirectories() { ++ local conf=$1 ++ local directory="" ++ local include="" ++ ++ suffix=`grep "^suffix" $conf | sed -e "s/\(^suffix\s\+\|\"\|\'\)//g"` ++ for directory in "$suffix"; do ++ if [ ! -z "$suffix" ]; then ++ slapcat -l "$BACKUPDIR/$suffix.ldif" -b "$suffix" ++ fi ++ done ++ ++ includes=`grep "^include" $conf | awk '{print $2}'` ++ for include in $includes; do ++ backupDirectories "$include" ++ done ++} ++ ++backupDirectories "$SLAPD_CONF" ++ ++# Put IFS back. ++IFS=$ORIGIFS ++ ++exit 0 ++ diff --cc debian/slapd.conf index 00000000,00000000..ef6215b9 new file mode 100644 --- /dev/null +++ b/debian/slapd.conf @@@ -1,0 -1,0 +1,133 @@@ ++# This is the main slapd configuration file. See slapd.conf(5) for more ++# info on the configuration options. ++ ++####################################################################### ++# Global Directives: ++ ++# Schema and objectClass definitions ++include /etc/ldap/schema/core.schema ++include /etc/ldap/schema/cosine.schema ++include /etc/ldap/schema/nis.schema ++include /etc/ldap/schema/inetorgperson.schema ++ ++# Where the pid file is put. The init.d script ++# will not stop the server if you change this. ++pidfile /var/run/slapd/slapd.pid ++ ++# List of arguments that were passed to the server ++argsfile /var/run/slapd/slapd.args ++ ++# Read slapd.conf(5) for possible values ++loglevel none ++ ++# Where the dynamically loaded modules are stored ++modulepath /usr/lib/ldap ++moduleload back_mdb ++ ++# The maximum number of entries that is returned for a search operation ++sizelimit 500 ++ ++# The tool-threads parameter sets the actual amount of cpu's that is used ++# for indexing. ++tool-threads 1 ++ ++####################################################################### ++# Specific Backend Directives for mdb: ++# Backend specific directives apply to this backend until another ++# 'backend' directive occurs ++backend mdb ++ ++####################################################################### ++# Specific Backend Directives for 'other': ++# Backend specific directives apply to this backend until another ++# 'backend' directive occurs ++#backend ++ ++####################################################################### ++# Specific Directives for database #1, of type mdb: ++# Database specific directives apply to this databasse until another ++# 'database' directive occurs ++database mdb ++ ++# The base of your directory in database #1 ++suffix "dc=example,dc=com" ++ ++# rootdn directive for specifying a superuser on the database. This is needed ++# for syncrepl. ++# rootdn "cn=admin,dc=example,dc=com" ++ ++# Where the database file are physically stored for database #1 ++directory "/var/lib/ldap" ++ ++# The dbconfig settings are used to generate a DB_CONFIG file the first ++# time slapd starts. They do NOT override existing an existing DB_CONFIG ++# file. You should therefore change these settings in DB_CONFIG directly ++# or remove DB_CONFIG and restart slapd for changes to take effect. ++ ++# For the Debian package we use 2MB as default but be sure to update this ++# value if you have plenty of RAM ++dbconfig set_cachesize 0 2097152 0 ++ ++# Sven Hartge reported that he had to set this value incredibly high ++# to get slapd running at all. See http://bugs.debian.org/303057 for more ++# information. ++ ++# Number of objects that can be locked at the same time. ++dbconfig set_lk_max_objects 1500 ++# Number of locks (both requested and granted) ++dbconfig set_lk_max_locks 1500 ++# Number of lockers ++dbconfig set_lk_max_lockers 1500 ++ ++# Indexing options for database #1 ++index objectClass eq ++ ++# Save the time that the entry gets modified, for database #1 ++lastmod on ++ ++# Checkpoint the BerkeleyDB database periodically in case of system ++# failure and to speed slapd shutdown. ++checkpoint 512 30 ++ ++# The userPassword by default can be changed ++# by the entry owning it if they are authenticated. ++# Others should not be able to see it, except the ++# admin entry below ++# These access lines apply to database #1 only ++access to attrs=userPassword,shadowLastChange ++ by dn="cn=admin,dc=example,dc=com" write ++ by anonymous auth ++ by self write ++ by * none ++ ++# Ensure read access to the base for things like ++# supportedSASLMechanisms. Without this you may ++# have problems with SASL not knowing what ++# mechanisms are available and the like. ++# Note that this is covered by the 'access to *' ++# ACL below too but if you change that as people ++# are wont to do you'll still need this if you ++# want SASL (and possible other things) to work ++# happily. ++access to dn.base="" by * read ++ ++# The admin dn has full write access, everyone else ++# can read everything. ++access to * ++ by dn="cn=admin,dc=example,dc=com" write ++ by * read ++ ++# For Netscape Roaming support, each user gets a roaming ++# profile for which they have write access to ++#access to dn=".*,ou=Roaming,o=morsnet" ++# by dn="cn=admin,dc=example,dc=com" write ++# by dnattr=owner write ++ ++####################################################################### ++# Specific Directives for database #2, of type 'other' (can be mdb too): ++# Database specific directives apply to this databasse until another ++# 'database' directive occurs ++#database ++ ++# The base of your directory for database #2 ++#suffix "dc=debian,dc=org" diff --cc debian/slapd.config index 00000000,00000000..75957297 new file mode 100644 --- /dev/null +++ b/debian/slapd.config @@@ -1,0 -1,0 +1,168 @@@ ++#! /bin/sh ++ ++set -e ++ ++# Load debconf ++. /usr/share/debconf/confmodule ++ ++# This will be replaced with debian/slapd.scripts-common which includes ++# various helper functions and $OLD_VERSION and $SLAPD_CONF ++#SCRIPTSCOMMON# ++ ++# Check if the user wants to configure slapd manually ++want_manual_configuration() { ++ db_input medium slapd/no_configuration || true ++ db_go || true ++ db_get slapd/no_configuration ++ no_configuration="$RET" ++ ++ if [ "$no_configuration" = "true" ]; then ++ return 0 ++ fi ++ return 1 ++} ++ ++# Make sure the values entered make sense ++validate_initial_config() { ++ local invalid ++ invalid="" ++ ++ # Make sure the domain name is valid ++ # The regexp doesn't work for UTF-8 domain names, but for that to ++ # work, we would also need to Base64 encode it in the LDIF; since ++ # we're not doing it at the moment, this should be fine for now ++ db_get slapd/domain ++ if [ -z "$RET" ] || ! echo "$RET" | LC_COLLATE='C.UTF-8' grep -q '^[a-zA-Z0-9.-]*$'; then ++ db_fset slapd/domain seen false ++ invalid=true ++ fi ++ ++ # Suffix and Organization may not be empty ++ db_get shared/organization ++ if [ -z "$RET" ]; then ++ db_fset shared/organization seen false ++ invalid=true ++ fi ++ ++ # Make sure the passwords match ++ local pass1 pass2 ++ db_get slapd/password1 ++ pass1="$RET" ++ db_get slapd/password2 ++ pass2="$RET" ++ ++ if [ "$pass1" != "$pass2" ]; then ++ db_fset slapd/password1 seen false ++ db_fset slapd/password2 seen false ++ invalid=true ++ fi ++ ++ # Tell the user ++ if [ "$invalid" ]; then ++ db_fset slapd/invalid_config seen false ++ db_input critical slapd/invalid_config || true ++ db_go || true ++ db_get slapd/invalid_config ++ if [ "$RET" != "true" ]; then ++ db_set slapd/no_configuration true ++ invalid= ++ fi ++ fi ++ ++ if [ "$invalid" ]; then ++ return 1 ++ else ++ return 0 ++ fi ++} ++ ++# Query the information we need to create an initial directory ++query_initial_config() { ++ while true; do ++ db_input medium slapd/domain || true ++ db_input medium shared/organization || true ++ db_input high slapd/password1 || true ++ db_input high slapd/password2 || true ++ db_input low slapd/purge_database || true ++ # XXX - should be done more general, but for now this should do ++ # the trick ++ if [ -e "/var/lib/ldap" ] && ! is_empty_dir /var/lib/ldap; then ++ db_input low slapd/move_old_database || true ++ fi ++ db_go || true ++ ++ if validate_initial_config; then ++ break ++ fi ++ done ++} ++ ++# ----- Configuration of LDIF dumping and reloading--------------------- {{{ ++# ++# Dumping the database can have negative effects on the system we are ++# running on. If there is a lot of data dumping it might fill a partition ++# for example. Therefore we must give the user exact control over what we ++# are doing. ++ ++configure_dumping() { # {{{ ++# Ask the user for the configuration of the dumping component ++# Usage: configure_dumping ++ ++ # Look if the user wants to migrate to the BDB backend ++ if ! database_dumping_enabled; then ++ return 0 ++ fi ++ ++ # Configure if and where to dump the LDAP databases ++ db_input medium slapd/dump_database || true ++ db_go || true ++ db_get slapd/dump_database ++ ++ # Abort if the user does not want dumping ++ if [ "$RET" = never ]; then ++ return 0 ++ fi ++ ++ db_input medium slapd/dump_database_destdir || true ++ db_go || true ++ ++ # If the user entered the empty value, go back to the default ++ db_get slapd/dump_database_destdir ++ if [ "$RET" = "" ]; then ++ db_reset slapd/dump_database_destdir ++ fi ++} ++ ++# }}} ++# }}} ++ ++warn_about_selfwrite_acl() { # {{{ ++# Warn about databases having an acl beginning with "to * by self ++# write", installed by default in previous versions of slapd.init.ldif ++# but having possible security implications. ++ if [ -d "$SLAPD_CONF" ]; then ++ if grep -q '^olcAccess: {[0-9]*}to \* by self write' \ ++ "$SLAPD_CONF"/cn\=config/olcDatabase*.ldif 2>/dev/null; then ++ db_input high slapd/unsafe_selfwrite_acl || true ++ fi ++ fi ++} ++# }}} ++ ++# Create an initial directory on fresh install ++if is_initial_configuration "$@"; then ++ if ! want_manual_configuration; then ++ set_defaults_for_unseen_entries ++ query_initial_config ++ fi ++fi ++ ++# Configure the dumping component if we are upgrading some older version. ++if [ "$1" = configure ] && [ -n "$2" ]; then ++ configure_dumping ++ warn_about_selfwrite_acl ++fi ++ ++db_go || true ++ ++exit 0 diff --cc debian/slapd.default index 00000000,00000000..4212e076 new file mode 100644 --- /dev/null +++ b/debian/slapd.default @@@ -1,0 -1,0 +1,45 @@@ ++# Default location of the slapd.conf file or slapd.d cn=config directory. If ++# empty, use the compiled-in default (/etc/ldap/slapd.d with a fallback to ++# /etc/ldap/slapd.conf). ++SLAPD_CONF= ++ ++# System account to run the slapd server under. If empty the server ++# will run as root. ++SLAPD_USER="openldap" ++ ++# System group to run the slapd server under. If empty the server will ++# run in the primary group of its user. ++SLAPD_GROUP="openldap" ++ ++# Path to the pid file of the slapd server. If not set the init.d script ++# will try to figure it out from $SLAPD_CONF (/etc/ldap/slapd.d by ++# default) ++SLAPD_PIDFILE= ++ ++# slapd normally serves ldap only on all TCP-ports 389. slapd can also ++# service requests on TCP-port 636 (ldaps) and requests via unix ++# sockets. ++# Example usage: ++# SLAPD_SERVICES="ldap://127.0.0.1:389/ ldaps:/// ldapi:///" ++SLAPD_SERVICES="ldap:/// ldapi:///" ++ ++# If SLAPD_NO_START is set, the init script will not start or restart ++# slapd (but stop will still work). Uncomment this if you are ++# starting slapd via some other means or if you don't want slapd normally ++# started at boot. ++#SLAPD_NO_START=1 ++ ++# If SLAPD_SENTINEL_FILE is set to path to a file and that file exists, ++# the init script will not start or restart slapd (but stop will still ++# work). Use this for temporarily disabling startup of slapd (when doing ++# maintenance, for example, or through a configuration management system) ++# when you don't want to edit a configuration file. ++SLAPD_SENTINEL_FILE=/etc/ldap/noslapd ++ ++# For Kerberos authentication (via SASL), slapd by default uses the system ++# keytab file (/etc/krb5.keytab). To use a different keytab file, ++# uncomment this line and change the path. ++#export KRB5_KTNAME=/etc/krb5.keytab ++ ++# Additional options to pass to slapd ++SLAPD_OPTIONS="" diff --cc debian/slapd.dirs index 00000000,00000000..31018f3f new file mode 100644 --- /dev/null +++ b/debian/slapd.dirs @@@ -1,0 -1,0 +1,4 @@@ ++var/lib/slapd ++usr/share/slapd ++usr/share/lintian/overrides ++etc/ldap/sasl2 diff --cc debian/slapd.docs index 00000000,00000000..2ead1c26 new file mode 100644 --- /dev/null +++ b/debian/slapd.docs @@@ -1,0 -1,0 +1,1 @@@ ++debian/README.DB_CONFIG diff --cc debian/slapd.examples index 00000000,00000000..7fcf6744 new file mode 100644 --- /dev/null +++ b/debian/slapd.examples @@@ -1,0 -1,0 +1,3 @@@ ++debian/DB_CONFIG ++debian/slapd.backup ++debian/slapd.conf diff --cc debian/slapd.init index 00000000,00000000..581f0a4e new file mode 100644 --- /dev/null +++ b/debian/slapd.init @@@ -1,0 -1,0 +1,202 @@@ ++#!/bin/sh ++### BEGIN INIT INFO ++# Provides: slapd ++# Required-Start: $remote_fs $network $syslog ++# Required-Stop: $remote_fs $network $syslog ++# Default-Start: 2 3 4 5 ++# Default-Stop: 0 1 6 ++# Short-Description: OpenLDAP standalone server (Lightweight Directory Access Protocol) ++### END INIT INFO ++ ++# Specify path variable ++PATH=/sbin:/usr/sbin:/bin:/usr/bin ++ ++. /lib/lsb/init-functions ++ ++# Kill me on all errors ++set -e ++ ++# Set the paths to slapd as a variable so that someone who really ++# wants to can override the path in /etc/default/slapd. ++SLAPD=/usr/sbin/slapd ++ ++# Stop processing if slapd is not there ++[ -x $SLAPD ] || exit 0 ++ ++# debconf may have this file descriptor open and it makes things work a bit ++# more reliably if we redirect it as a matter of course. db_stop will take ++# care of this, but this won't hurt. ++exec 3>/dev/null ++ ++# Source the init script configuration ++if [ -f "/etc/default/slapd" ]; then ++ . /etc/default/slapd ++fi ++ ++# Load the default location of the slapd config file ++if [ -z "$SLAPD_CONF" ]; then ++ if [ -e /etc/ldap/slapd.d ]; then ++ SLAPD_CONF=/etc/ldap/slapd.d ++ else ++ SLAPD_CONF=/etc/ldap/slapd.conf ++ fi ++fi ++ ++# Stop processing if the config file is not there ++if [ ! -r "$SLAPD_CONF" ]; then ++ log_warning_msg "No configuration file was found for slapd at $SLAPD_CONF." ++ # if there is no config at all, we should assume slapd is not running ++ # and exit 0 on stop so that unconfigured packages can be removed. ++ [ "x$1" = xstop ] && exit 0 || exit 1 ++fi ++ ++# extend options depending on config type ++if [ -f "$SLAPD_CONF" ]; then ++ SLAPD_OPTIONS="-f $SLAPD_CONF $SLAPD_OPTIONS" ++elif [ -d "$SLAPD_CONF" ] ; then ++ SLAPD_OPTIONS="-F $SLAPD_CONF $SLAPD_OPTIONS" ++fi ++ ++# Find out the name of slapd's pid file ++if [ -z "$SLAPD_PIDFILE" ]; then ++ # If using old one-file configuration scheme ++ if [ -f "$SLAPD_CONF" ] ; then ++ SLAPD_PIDFILE=`sed -ne 's/^pidfile[[:space:]]\+\(.\+\)/\1/p' \ ++ "$SLAPD_CONF"` ++ # Else, if using new directory configuration scheme ++ elif [ -d "$SLAPD_CONF" ] ; then ++ SLAPD_PIDFILE=`sed -ne \ ++ 's/^olcPidFile:[[:space:]]\+\(.\+\)[[:space:]]*/\1/p' \ ++ "$SLAPD_CONF"/'cn=config.ldif'` ++ fi ++fi ++ ++# XXX: Breaks upgrading if there is no pidfile (invoke-rc.d stop will fail) ++# -- Torsten ++if [ -z "$SLAPD_PIDFILE" ]; then ++ log_failure_msg "The pidfile for slapd has not been specified" ++ exit 1 ++fi ++ ++# Pass the user and group to run under to slapd ++if [ "$SLAPD_USER" ]; then ++ SLAPD_OPTIONS="-u $SLAPD_USER $SLAPD_OPTIONS" ++fi ++ ++if [ "$SLAPD_GROUP" ]; then ++ SLAPD_OPTIONS="-g $SLAPD_GROUP $SLAPD_OPTIONS" ++fi ++ ++# Check whether we were configured to not start the services. ++check_for_no_start() { ++ if [ -n "$SLAPD_NO_START" ]; then ++ echo 'Not starting slapd: SLAPD_NO_START set in /etc/default/slapd' >&2 ++ exit 0 ++ fi ++ if [ -n "$SLAPD_SENTINEL_FILE" ] && [ -e "$SLAPD_SENTINEL_FILE" ]; then ++ echo "Not starting slapd: $SLAPD_SENTINEL_FILE exists" >&2 ++ exit 0 ++ fi ++} ++ ++# Tell the user that something went wrong and give some hints for ++# resolving the problem. ++report_failure() { ++ log_end_msg 1 ++ if [ -n "$reason" ]; then ++ log_failure_msg "$reason" ++ else ++ log_failure_msg "The operation failed but no output was produced." ++ ++ if [ -n "$SLAPD_OPTIONS" -o \ ++ -n "$SLAPD_SERVICES" ]; then ++ if [ -z "$SLAPD_SERVICES" ]; then ++ if [ -n "$SLAPD_OPTIONS" ]; then ++ log_failure_msg "Command line used: slapd $SLAPD_OPTIONS" ++ fi ++ else ++ log_failure_msg "Command line used: slapd -h '$SLAPD_SERVICES' $SLAPD_OPTIONS" ++ fi ++ fi ++ fi ++} ++ ++# Start the slapd daemon and capture the error message if any to ++# $reason. ++start_slapd() { ++ # Make sure /var/run/slapd exists with correct permissions ++ if [ ! -d /var/run/slapd ]; then ++ mkdir -p /var/run/slapd ++ [ -z "$SLAPD_USER" ] || chown -R "$SLAPD_USER" /var/run/slapd ++ [ -z "$SLAPD_GROUP" ] || chgrp -R "$SLAPD_GROUP" /var/run/slapd ++ fi ++ ++ # Make sure the pidfile directory exists with correct permissions ++ piddir=`dirname "$SLAPD_PIDFILE"` ++ if [ ! -d "$piddir" ]; then ++ mkdir -p "$piddir" ++ [ -z "$SLAPD_USER" ] || chown -R "$SLAPD_USER" "$piddir" ++ [ -z "$SLAPD_GROUP" ] || chgrp -R "$SLAPD_GROUP" "$piddir" ++ fi ++ ++ if [ -z "$SLAPD_SERVICES" ]; then ++ reason="`start-stop-daemon --start --quiet --oknodo \ ++ --pidfile "$SLAPD_PIDFILE" \ ++ --exec $SLAPD -- $SLAPD_OPTIONS 2>&1`" ++ else ++ reason="`start-stop-daemon --start --quiet --oknodo \ ++ --pidfile "$SLAPD_PIDFILE" \ ++ --exec $SLAPD -- -h "$SLAPD_SERVICES" $SLAPD_OPTIONS 2>&1`" ++ fi ++ ++ # Backward compatibility with OpenLDAP 2.1 client libraries. ++ if [ ! -h /var/run/ldapi ] && [ ! -e /var/run/ldapi ] ; then ++ ln -s slapd/ldapi /var/run/ldapi ++ fi ++} ++ ++# Stop the slapd daemon and capture the error message (if any) to ++# $reason. ++stop_slapd() { ++ reason="`start-stop-daemon --stop --quiet --oknodo --retry TERM/10 \ ++ --pidfile "$SLAPD_PIDFILE" \ ++ --exec $SLAPD 2>&1`" ++} ++ ++# Start the OpenLDAP daemons ++start_ldap() { ++ trap 'report_failure' 0 ++ log_daemon_msg "Starting OpenLDAP" "slapd" ++ start_slapd ++ trap "-" 0 ++ log_end_msg 0 ++} ++ ++# Stop the OpenLDAP daemons ++stop_ldap() { ++ trap 'report_failure' 0 ++ log_daemon_msg "Stopping OpenLDAP" "slapd" ++ stop_slapd ++ trap "-" 0 ++ log_end_msg 0 ++} ++ ++case "$1" in ++ start) ++ check_for_no_start ++ start_ldap ;; ++ stop) ++ stop_ldap ;; ++ restart|force-reload) ++ check_for_no_start ++ stop_ldap ++ start_ldap ++ ;; ++ status) ++ status_of_proc -p $SLAPD_PIDFILE $SLAPD slapd ++ ;; ++ *) ++ echo "Usage: $0 {start|stop|restart|force-reload|status}" ++ exit 1 ++ ;; ++esac diff --cc debian/slapd.init.ldif index 00000000,00000000..eacb1166 new file mode 100644 --- /dev/null +++ b/debian/slapd.init.ldif @@@ -1,0 -1,0 +1,96 @@@ ++# Global config: ++dn: cn=config ++objectClass: olcGlobal ++cn: config ++# Where the pid file is put. The init.d script ++# will not stop the server if you change this. ++olcPidFile: /var/run/slapd/slapd.pid ++# List of arguments that were passed to the server ++olcArgsFile: /var/run/slapd/slapd.args ++# Read slapd-config(5) for possible values ++olcLogLevel: none ++# The tool-threads parameter sets the actual amount of cpu's that is used ++# for indexing. ++olcToolThreads: 1 ++ ++# Frontend settings ++dn: olcDatabase={-1}frontend,cn=config ++objectClass: olcDatabaseConfig ++objectClass: olcFrontendConfig ++olcDatabase: {-1}frontend ++# The maximum number of entries that is returned for a search operation ++olcSizeLimit: 500 ++# Allow unlimited access to local connection from the local root user ++olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break ++# Allow unauthenticated read access for schema and base DN autodiscovery ++olcAccess: {1}to dn.exact="" by * read ++olcAccess: {2}to dn.base="cn=Subschema" by * read ++ ++# Config db settings ++dn: olcDatabase=config,cn=config ++objectClass: olcDatabaseConfig ++olcDatabase: config ++# Allow unlimited access to local connection from the local root user ++olcAccess: to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break ++olcRootDN: cn=admin,cn=config ++ ++# Load schemas ++dn: cn=schema,cn=config ++objectClass: olcSchemaConfig ++cn: schema ++ ++include: file:///etc/ldap/schema/core.ldif ++include: file:///etc/ldap/schema/cosine.ldif ++include: file:///etc/ldap/schema/nis.ldif ++include: file:///etc/ldap/schema/inetorgperson.ldif ++ ++# Load module ++dn: cn=module{0},cn=config ++objectClass: olcModuleList ++cn: module{0} ++# Where the dynamically loaded modules are stored ++olcModulePath: /usr/lib/ldap ++olcModuleLoad: back_mdb ++ ++# The database definition. ++dn: olcDatabase=mdb,cn=config ++objectClass: olcDatabaseConfig ++objectClass: olcMdbConfig ++olcDatabase: mdb ++# Default to a 1 GiB database for compatibility with 32-bit systems. ++olcDbMaxSize: 1073741824 ++# Checkpoint the database periodically in case of system ++# failure and to speed slapd shutdown. ++olcDbCheckpoint: 512 30 ++# Save the time that the entry gets modified, for database #1 ++olcLastMod: TRUE ++# The base of your directory in database #1 ++olcSuffix: @SUFFIX@ ++# Where the database file are physically stored for database #1 ++olcDbDirectory: /var/lib/ldap ++# Database superuser credentials ++olcRootDN: cn=admin,@SUFFIX@ ++olcRootPW: @PASSWORD@ ++# Indexing options for database #1 ++olcDbIndex: objectClass eq ++olcDbIndex: cn,uid eq ++olcDbIndex: uidNumber,gidNumber eq ++olcDbIndex: member,memberUid eq ++# The userPassword by default can be changed by the entry owning it if ++# they are authenticated. Others should not be able to see it, except ++# the admin entry above. ++olcAccess: to attrs=userPassword ++ by self write ++ by anonymous auth ++ by * none ++# Allow update of authenticated user's shadowLastChange attribute. ++# Updating it on password change is implemented at least by libpam-ldap, ++# libpam-ldapd, and the slapo-smbk5pwd overlay. ++olcAccess: to attrs=shadowLastChange ++ by self write ++ by * read ++# The admin dn (olcRootDN) bypasses ACLs and so has total access, ++# everyone else can read everything. ++olcAccess: to * ++ by * read ++ diff --cc debian/slapd.install index 00000000,00000000..0987dad9 new file mode 100644 --- /dev/null +++ b/debian/slapd.install @@@ -1,0 -1,0 +1,58 @@@ ++etc/ldap/schema ++usr/lib/slapd usr/sbin ++usr/lib/*/libslapi-*.so.* ++debian/ldiftopasswd usr/share/slapd ++debian/slapd.init.ldif usr/share/slapd ++debian/slapd-remain-after-exit.conf lib/systemd/system/slapd.service.d ++ ++usr/lib/ldap/back_*.so* ++usr/lib/ldap/back_*.la ++ ++usr/lib/ldap/accesslog*.so* ++usr/lib/ldap/accesslog.la ++usr/lib/ldap/auditlog*.so* ++usr/lib/ldap/auditlog.la ++usr/lib/ldap/constraint*.so* ++usr/lib/ldap/constraint.la ++usr/lib/ldap/dds*.so* ++usr/lib/ldap/dds.la ++usr/lib/ldap/deref*.so* ++usr/lib/ldap/deref.la ++usr/lib/ldap/dyngroup*.so* ++usr/lib/ldap/dyngroup.la ++usr/lib/ldap/dynlist*.so* ++usr/lib/ldap/dynlist.la ++usr/lib/ldap/memberof*.so* ++usr/lib/ldap/memberof.la ++usr/lib/ldap/pcache*.so* ++usr/lib/ldap/pcache.la ++usr/lib/ldap/collect*.so* ++usr/lib/ldap/collect.la ++usr/lib/ldap/ppolicy*.so* ++usr/lib/ldap/ppolicy.la ++usr/lib/ldap/refint*.so* ++usr/lib/ldap/refint.la ++usr/lib/ldap/retcode*.so* ++usr/lib/ldap/retcode.la ++usr/lib/ldap/rwm*.so* ++usr/lib/ldap/rwm.la ++usr/lib/ldap/seqmod*.so* ++usr/lib/ldap/seqmod.la ++usr/lib/ldap/sssvlv*.so* ++usr/lib/ldap/sssvlv.la ++usr/lib/ldap/syncprov*.so* ++usr/lib/ldap/syncprov.la ++usr/lib/ldap/translucent*.so* ++usr/lib/ldap/translucent.la ++usr/lib/ldap/unique*.so* ++usr/lib/ldap/unique.la ++usr/lib/ldap/valsort*.so* ++usr/lib/ldap/valsort.la ++ ++# contrib modules installed in main package ++usr/lib/ldap/autogroup.so* ++usr/lib/ldap/autogroup.la ++usr/lib/ldap/lastbind.so* ++usr/lib/ldap/lastbind.la ++usr/lib/ldap/pw-sha2.so* ++usr/lib/ldap/pw-sha2.la diff --cc debian/slapd.lintian-overrides index 00000000,00000000..e727c9a5 new file mode 100644 --- /dev/null +++ b/debian/slapd.lintian-overrides @@@ -1,0 -1,0 +1,3 @@@ ++# libslapi is a special case, used only for writing extension modules for ++# slapd, and is therefore shipped with slapd. ++slapd: package-name-doesnt-match-sonames libslapi-2.4-2 diff --cc debian/slapd.manpages index 00000000,00000000..ffd32437 new file mode 100644 --- /dev/null +++ b/debian/slapd.manpages @@@ -1,0 -1,0 +1,45 @@@ ++debian/tmp/usr/share/man/man5/slapd.*.5 ++debian/tmp/usr/share/man/man8/slap*.8 ++ ++debian/tmp/usr/share/man/man5/slapd-bdb.5 ++debian/tmp/usr/share/man/man5/slapd-config.5 ++debian/tmp/usr/share/man/man5/slapd-dnssrv.5 ++debian/tmp/usr/share/man/man5/slapd-hdb.5 ++debian/tmp/usr/share/man/man5/slapd-ldap.5 ++debian/tmp/usr/share/man/man5/slapd-ldif.5 ++debian/tmp/usr/share/man/man5/slapd-mdb.5 ++debian/tmp/usr/share/man/man5/slapd-meta.5 ++debian/tmp/usr/share/man/man5/slapd-monitor.5 ++debian/tmp/usr/share/man/man5/slapd-ndb.5 ++debian/tmp/usr/share/man/man5/slapd-null.5 ++debian/tmp/usr/share/man/man5/slapd-passwd.5 ++debian/tmp/usr/share/man/man5/slapd-perl.5 ++debian/tmp/usr/share/man/man5/slapd-relay.5 ++debian/tmp/usr/share/man/man5/slapd-shell.5 ++debian/tmp/usr/share/man/man5/slapd-sock.5 ++debian/tmp/usr/share/man/man5/slapd-sql.5 ++ ++debian/tmp/usr/share/man/man5/slapo-accesslog.5 ++debian/tmp/usr/share/man/man5/slapo-auditlog.5 ++debian/tmp/usr/share/man/man5/slapo-chain.5 ++debian/tmp/usr/share/man/man5/slapo-collect.5 ++debian/tmp/usr/share/man/man5/slapo-constraint.5 ++debian/tmp/usr/share/man/man5/slapo-dds.5 ++debian/tmp/usr/share/man/man5/slapo-dyngroup.5 ++debian/tmp/usr/share/man/man5/slapo-dynlist.5 ++debian/tmp/usr/share/man/man5/slapo-memberof.5 ++debian/tmp/usr/share/man/man5/slapo-pbind.5 ++debian/tmp/usr/share/man/man5/slapo-pcache.5 ++debian/tmp/usr/share/man/man5/slapo-ppolicy.5 ++debian/tmp/usr/share/man/man5/slapo-refint.5 ++debian/tmp/usr/share/man/man5/slapo-retcode.5 ++debian/tmp/usr/share/man/man5/slapo-rwm.5 ++debian/tmp/usr/share/man/man5/slapo-sock.5 ++debian/tmp/usr/share/man/man5/slapo-sssvlv.5 ++debian/tmp/usr/share/man/man5/slapo-syncprov.5 ++debian/tmp/usr/share/man/man5/slapo-translucent.5 ++debian/tmp/usr/share/man/man5/slapo-unique.5 ++debian/tmp/usr/share/man/man5/slapo-valsort.5 ++ ++# contrib modules installed in main package ++debian/tmp/usr/share/man/man5/slapo-lastbind.5 diff --cc debian/slapd.postinst index 00000000,00000000..2f5c5509 new file mode 100644 --- /dev/null +++ b/debian/slapd.postinst @@@ -1,0 -1,0 +1,174 @@@ ++#! /bin/sh ++ ++set -e ++ ++. /usr/share/debconf/confmodule ++ ++# This will be replaced with debian/slapd.scripts-common which includes ++# various helper functions and $OLD_VERSION and $SLAPD_CONF ++#SCRIPTSCOMMON# ++ ++postinst_upgrade_cn_config() { # {{{ ++ if previous_version_older '2.4.44+dfsg-1~'; then ++ upgrade_cnconfig_ppolicy_schema ++ fi ++} ++# }}} ++postinst_initial_configuration() { # {{{ ++# Configure slapd for the first time (when first installed) ++# Usage: postinst_initial_configuration ++ ++ if manual_configuration_wanted; then ++ echo " Omitting slapd configuration as requested." >&2 ++ else ++ crypt_admin_pass ++ create_new_configuration ++ fi ++} ++ ++# }}} ++postinst_upgrade_configuration() { # {{{ ++# Handle upgrading slapd from some older version ++# Usage: postinst_upgrade_configuration ++ ++ # Better back up the config file in any case ++ backup_config_once ++ ++ # Complete any config updates before trying to use slapadd ++ if [ -d "$SLAPD_CONF" ]; then ++ postinst_upgrade_cn_config ++ fi ++ ++ # Check if the database format has changed. ++ if database_format_changed; then ++ ++ # During upgrading we have to load the old data ++ move_incompatible_databases_away ++ load_databases ++ fi ++ ++ # Move to slapd.d configuration style. ++ migrate_to_slapd_d_style ++ ++ # One-time upgrade fix for olcAccess on cn=Subschema ++ if previous_version_older 2.4.23-5 && previous_version_newer 2.4.23-3 \ ++ && [ -e "$SLAPD_CONF/cn=config/olcDatabase={-1}frontend.ldif" ] \ ++ && ! grep -i 'olcAccess:.*subschema' "$SLAPD_CONF/cn=config/olcDatabase={-1}frontend.ldif" ++ then ++ sed -i '/olcAccess: {0}/a\ ++olcAccess: {1}to dn.exact="" by * read\ ++olcAccess: {2}to dn.base="cn=Subschema" by * read' "${SLAPD_CONF}/cn=config/olcDatabase={-1}frontend.ldif" ++ fi ++ ++ # Update permissions of all database directories and /var/run/slapd ++ update_databases_permissions ++ update_permissions /var/run/slapd ++ ++ # Versions prior to 2.4.7-1 could create a slapd.conf that wasn't ++ # readable by the openldap user. ++ update_permissions "${SLAPD_CONF}" ++} ++ ++# }}} ++ ++upgrade_cnconfig_ppolicy_schema() { # {{{ ++# Add a new required attribute to the ppolicy schema embedded in the ++# cn=config database when upgrading to 2.4.43 or later. ++# slapd.conf users get schema updates through the regular conffile ++# handling. ++ local dumped_ldif working_ldif ppolicy_dn tmp_slapd_d failed ++ ++ if ! [ -d "$SLAPD_CONF" ]; then ++ return 0 ++ fi ++ ++ if ! previous_version_older '2.4.44+dfsg-1~'; then ++ return 0 ++ fi ++ ++ # The config should have been dumped in preinst. ++ # If not, hope for the best. ++ dumped_ldif="$(database_dumping_destdir)/cn=config.ldif" ++ if ! [ -f "$dumped_ldif" ]; then ++ echo "Saved configuration not found at $dumped_ldif. Skipping configuration updates." >&2 ++ return 0 ++ fi ++ ++ # Create a working copy with lines unwrapped. ++ working_ldif="$(mktemp --tmpdir slapd-XXXXXXXX.ldif)" ++ trap "trap - INT EXIT; rm -f '$working_ldif'" INT EXIT ++ normalize_ldif "$dumped_ldif" > "$working_ldif" ++ ++ # Check whether the schema is loaded and needs an update. ++ ppolicy_dn="$(find_old_ppolicy_schema "$working_ldif")" ++ if [ -z "$ppolicy_dn" ]; then ++ return ++ fi ++ ++ echo -n "Adding pwdMaxRecordedFailure attribute to ${ppolicy_dn}... " >&2 ++ ++ # Add the pwdMaxRecordedFailure attribute to the ppolicy schema. ++ # Let slapadd update modifiersName and modifyTimestamp so these ++ # reflect reality, and entryCSN so replication is aware of the change. ++ perl -i -ne ' ++ BEGIN { my $nextidx; } ++ if (/^dn: cn=\{\d+\}ppolicy,cn=schema,cn=config/ .. /^$/) { ++ if (/^entryCSN:/ or /^modifiersName:/ or /^modifyTimestamp:/) { ++ next; ++ } elsif (/^olcAttributeTypes: \{(\d+)\}/) { ++ $nextidx = $1 + 1; ++ } elsif (/^olcObjectClasses: .*NAME '\''pwdPolicy'\''/) { ++ s/MAY \( ([^)]+) \)/MAY ( $1 \$ pwdMaxRecordedFailure )/; ++ } elsif (/^$/) { ++ print "olcAttributeTypes: {$nextidx}( 1.3.6.1.4.1.42.2.27.8.1.30 NAME '\''pwdMaxRecordedFailure'\'' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )\n"; ++ } ++ } ++ print; ++ ' "$working_ldif" ++ ++ # Import the modified config into a temporary location. ++ tmp_slapd_d="$(mktemp -d --tmpdir slapd-XXXXXXXX)" ++ trap "trap - INT EXIT; rm -rf '$tmp_slapd_d' '$working_ldif'" INT EXIT ++ capture_diagnostics slapadd -F "$tmp_slapd_d" -n0 -l "$working_ldif" || failed=1 ++ if [ "$failed" ]; then ++ cat >&2 <<-eof ++failed. ++ ++Updating the slapd configuration failed with the following error ++while running slapadd: ++eof ++ release_diagnostics ++ exit 1 ++ fi ++ ++ # Replace the old config with the updated one. ++ # The current config has already been backed up earlier. ++ rm -r "$SLAPD_CONF/cn=config.ldif" "$SLAPD_CONF/cn=config" ++ mv "$tmp_slapd_d/cn=config.ldif" "$tmp_slapd_d/cn=config" "$SLAPD_CONF/" ++ ++ echo 'done.' >&2 ++} ++# }}} ++ ++# Create a new user. Don't create the user, however, if the local ++# administrator has already customized slapd to run as a different user. ++if [ "$MODE" = "configure" ] || [ "$MODE" = "reconfigure" ] ; then ++ if [ "openldap" = "$SLAPD_USER" ] ; then ++ create_new_user ++ fi ++fi ++ ++# Configuration. ++if is_initial_configuration "$@"; then ++ postinst_initial_configuration ++else ++ postinst_upgrade_configuration ++fi ++ ++db_stop || true ++ ++#DEBHELPER# ++ ++exit 0 ++ ++# vim: set sw=8 foldmethod=marker: diff --cc debian/slapd.postrm index 00000000,00000000..4d7917a6 new file mode 100644 --- /dev/null +++ b/debian/slapd.postrm @@@ -1,0 -1,0 +1,38 @@@ ++#!/bin/sh ++ ++set -e ++ ++# Load debconf if available (might have been removed before purging ++# slapd) ++ ++if [ -e "/usr/share/debconf/confmodule" ]; then ++ . /usr/share/debconf/confmodule ++fi ++ ++# Check if the user wants the database removed on purging slapd ++remove_database_on_purge() { ++ db_get slapd/purge_database || RET=false ++ if [ "$RET" = "true" ]; then ++ return 0 ++ else ++ return 1 ++ fi ++} ++ ++if [ "$1" = "purge" ]; then ++ echo -n "Removing slapd configuration... " ++ rm -f /etc/ldap/slapd.conf 2>/dev/null || true ++ rm -rf /etc/ldap/slapd.d 2>/dev/null || true ++ echo "done." ++ ++ if remove_database_on_purge; then ++ echo -n "Purging OpenLDAP database... " ++ rm -rf /var/lib/ldap || true ++ echo done ++ fi ++fi ++ ++#DEBHELPER# ++ ++exit 0 ++ diff --cc debian/slapd.preinst index 00000000,00000000..4729c065 new file mode 100755 --- /dev/null +++ b/debian/slapd.preinst @@@ -1,0 -1,0 +1,126 @@@ ++#! /bin/sh ++ ++set -e ++ ++. /usr/share/debconf/confmodule ++ ++# This will be replaced with debian/slapd.scripts-common which includes ++# various helper functions and $OLD_VERSION and $SLAPD_CONF ++#SCRIPTSCOMMON# ++ ++ppolicy_schema_needs_update() { # {{{ ++# Provide an LDIF to add the pwdMaxRecordedFailure attribute to the ++# ppolicy schema, and recommend the user apply it before continuing with ++# the slapd upgrade. ++ local update_ldif ++ ++ update_ldif="$(mktemp --tmpdir ppolicy-schema-update-XXXXXXXX.ldif)" ++ cat > "$update_ldif" << eof ++dn: $1 ++changetype: modify ++add: olcAttributeTypes ++olcAttributeTypes: {16}( 1.3.6.1.4.1.42.2.27.8.1.30 NAME 'pwdMaxRecordedFailure' EQUALITY integerMatch ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) ++- ++delete: olcObjectClasses ++olcObjectClasses: {1}( 1.3.6.1.4.1.42.2.27.8.2.1 NAME 'pwdPolicy' SUP top AUXILIARY MUST pwdAttribute MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $ pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $ pwdMustChange $ pwdAllowUserChange $ pwdSafeModify ) ) ++- ++add: olcObjectClasses ++olcObjectClasses: {1}( 1.3.6.1.4.1.42.2.27.8.2.1 NAME 'pwdPolicy' SUP top AUXILIARY MUST pwdAttribute MAY ( pwdMinAge $ pwdMaxAge $ pwdInHistory $ pwdCheckQuality $ pwdMinLength $ pwdExpireWarning $ pwdGraceAuthNLimit $ pwdLockout $ pwdLockoutDuration $ pwdMaxFailure $ pwdFailureCountInterval $ pwdMustChange $ pwdAllowUserChange $ pwdSafeModify $ pwdMaxRecordedFailure ) ) ++ ++eof ++ ++ db_subst slapd/ppolicy_schema_needs_update ldif "$update_ldif" ++ db_fset slapd/ppolicy_schema_needs_update seen false ++ db_input critical slapd/ppolicy_schema_needs_update || true ++ db_go || true ++ db_get slapd/ppolicy_schema_needs_update ++ if [ "$RET" = 'abort installation' ]; then ++ db_stop ++ exit 1 ++ fi ++} ++# }}} ++check_ppolicy_schema() { # {{{ ++# When upgrading to 2.4.43 or later, if the cn=config database contains ++# an old version of the ppolicy schema, check that it is safe to upgrade ++# it automatically in postinst, or instruct the user to do so before ++# upgrading. ++ local config_ldif="$1" ++ ++ # Check whether the schema is loaded and needs an update. ++ local ppolicy_dn="$(find_old_ppolicy_schema "$config_ldif")" ++ if [ -z "$ppolicy_dn" ]; then ++ return ++ fi ++ ++ # If either the config or frontend databases have any overlays ++ # or syncrepl clients on them, don't assume it's safe to change ++ # the config offline. ++ # As well, if a content database is a sync provider, we want to ++ # recommend that the schema be updated on every server before ++ # going through with the upgrade. ++ if grep -q -e '^dn: olcOverlay=.\+,olcDatabase={-1}frontend,cn=config$' -e '^dn: olcOverlay=.\+,olcDatabase={0}config,cn=config$' "$config_ldif" \ ++ || sed -n '/^dn: olcDatabase={-1}frontend,cn=config$/,// p' "$config_ldif" | grep -q '^olcSyncrepl:' \ ++ || sed -n '/^dn: olcDatabase={0}config,cn=config$/,//p' "$config_ldif" | grep -q '^olcSyncrepl:' \ ++ || grep -q '^dn: olcOverlay={[0-9]\+}syncprov,olcDatabase=.\+,cn=config' "$config_ldif"; then ++ ppolicy_schema_needs_update "$ppolicy_dn" ++ fi ++ ++ # If we made it this far, it should be safe to upgrade the ++ # schema automatically in postinst. ++} ++# }}} ++preinst_check_config() { # {{{ ++# Check whether manual config changes are required before upgrading ++ if ! previous_version_older '2.4.44+dfsg-1~'; then ++ # no pre-checks required ++ return 0 ++ fi ++ ++ if ! [ -d "$SLAPD_CONF" ]; then ++ # no checks needed for slapd.conf at this time ++ return 0 ++ fi ++ ++ # If slapd was previously removed and a newer version is being ++ # installed, the config must have already been dumped during ++ # remove, or we cannot proceed. ++ if [ "$MODE" = upgrade ]; then ++ dump_config ++ fi ++ ++ # Locate the file exported by dump_config. ++ local dumped_ldif="$(database_dumping_destdir)/cn=config.ldif" ++ if [ ! -f "$dumped_ldif" ]; then ++ echo "Expected to find a configuration backup in $dumped_ldif but it is missing. Please retry the upgrade." >&2 ++ exit 1 ++ fi ++ ++ # Create a working copy with lines unwrapped. ++ local config_ldif="$(mktemp --tmpdir slapd.XXXXXXXX.ldif)" ++ trap "trap - INT EXIT; rm -f '$config_ldif'" INT EXIT ++ normalize_ldif "$dumped_ldif" > "$config_ldif" ++ ++ check_ppolicy_schema "$config_ldif" ++} ++# }}} ++ ++# If we are upgrading from an old version then stop slapd and attempt to ++# slapcat out the data so we can use it in postinst to do the upgrade. ++# If slapd was removed and is being reinstalled, slapcat is not ++# available at this time, so the data should have been dumped before the ++# old slapd was removed. ++ ++if [ "$MODE" = upgrade ] || [ "$MODE" = install -a -n "$OLD_VERSION" ]; then ++ preinst_check_config ++fi ++ ++if [ "$MODE" = upgrade ]; then ++ dump_databases ++fi ++ ++#DEBHELPER# ++ ++exit 0 ++ ++# vim: set sw=8 foldmethod=marker: diff --cc debian/slapd.prerm index 00000000,00000000..ce7d2815 new file mode 100755 --- /dev/null +++ b/debian/slapd.prerm @@@ -1,0 -1,0 +1,34 @@@ ++#!/bin/sh ++ ++set -e ++ ++. /usr/share/debconf/confmodule ++ ++# This will be replaced with debian/slapd.scripts-common which includes ++# various helper functions and $OLD_VERSION and $SLAPD_CONF ++#SCRIPTSCOMMON# ++ ++#DEBHELPER# ++ ++# Dump config and data to LDIF before removing slapd. ++# If a later version is reinstalled without being purged first, the LDIF ++# files may be required for the upgrade, and the old slapcat won't be ++# available any more. ++# During an upgrade, the new preinst will be in a better position to ++# control whether dumping is needed. ++ ++# If the config is badly broken, slapcat may fail, but this should not ++# prevent the package from being removed or purged. ++set +e ++ ++if [ "$MODE" = remove ]; then ++ # scripts-common sets OLD_VERSION incorrectly for remove ++ OLD_VERSION="$(dpkg-query -W -f '${Version}' slapd)" ++ ++ dump_config ++ dump_databases ++fi ++ ++exit 0 ++ ++# vim: set foldmethod=marker: diff --cc debian/slapd.scripts-common index 00000000,00000000..4586c862 new file mode 100644 --- /dev/null +++ b/debian/slapd.scripts-common @@@ -1,0 -1,0 +1,800 @@@ ++# -*- sh -*- ++# This file can be included with #SCRIPTSCOMMON# ++ ++ ++# ===== Dumping and reloading using LDIF files ========================= {{{ ++# ++# If incompatible changes are done to the database underlying a LDAP ++# directory we need to dump the contents and reload the data into a newly ++# created database after the new server was installed. The following ++# functions deal with this functionality. ++ ++ ++# ----- Configuration of this component -------------------------------- {{{ ++# ++# Dumping the database can have negative effects on the system we are ++# running on. If there is a lot of data dumping it might fill a partition ++# for example. Therefore we must give the user exact control over what we ++# are doing. ++ ++database_dumping_enabled() { # {{{ ++# Check if the user has enabled database dumping for the current situation. ++# Return success if yes. ++# Usage: if database_dumping_enabled; then ... fi ++ ++ # If the package is being removed, dump unconditionally as we ++ # don't know whether the next version will require reload. ++ [ "$MODE" = remove ] && return 0 ++ ++ db_get slapd/dump_database ++ case "$RET" in ++ always) ++ ;; ++ "when needed") ++ database_format_changed || return 1 ++ ;; ++ never) ++ return 1 ++ ;; ++ *) ++ echo >&2 "Unknown value for slapd/dump_database: $RET" ++ echo >&2 "Please report!" ++ exit 1 ++ ;; ++ esac ++} ++ ++# }}} ++database_format_changed() { # {{{ ++# Check if the database format has changed since the old installed version ++# Return success if yes. ++# Usage: if database_format_changed; then ++ ++ if dpkg --compare-versions "$OLD_VERSION" lt-nl 2.4.39-1; then ++ return 0 ++ else ++ return 1 ++ fi ++} ++ ++# }}} ++database_dumping_destdir() { # {{{ ++# Figure out the directory we are dumping the database to and create it ++# if it does not exist. ++# Usage: destdir=`database_dumping_destdir` ++ ++ local dir ++ db_get slapd/dump_database_destdir ++ dir=`echo "$RET"|sed -e "s/VERSION/$OLD_VERSION/"` ++ mkdir -p -m 700 "$dir" ++ echo $dir ++} ++ ++# }}} ++create_new_user() { # {{{ ++ if [ -z "`getent group openldap`" ]; then ++ addgroup --quiet --system openldap ++ fi ++ if [ -z "`getent passwd openldap`" ]; then ++ echo -n " Creating new user openldap... " >&2 ++ adduser --quiet --system --home /var/lib/ldap --shell /bin/false \ ++ --ingroup openldap --disabled-password --disabled-login \ ++ --gecos "OpenLDAP Server Account" openldap ++ echo "done." >&2 ++ fi ++} ++# }}} ++create_ldap_directories() { # {{{ ++ if [ ! -d /var/lib/ldap ]; then ++ mkdir -m 0700 /var/lib/ldap ++ fi ++ if [ ! -d /var/run/slapd ]; then ++ mkdir -m 0755 /var/run/slapd ++ fi ++ update_permissions /var/lib/ldap ++ update_permissions /var/run/slapd ++} ++# }}} ++update_permissions() { # {{{ ++ local dir ++ dir="$1" ++ if [ -d "$dir" ]; then ++ [ -z "$SLAPD_USER" ] || chown -R -H "$SLAPD_USER" "$dir" ++ [ -z "$SLAPD_GROUP" ] || chgrp -R -H "$SLAPD_GROUP" "$dir" ++ fi ++} ++# }}} ++update_databases_permissions() { # {{{ ++ get_suffix | while read -r suffix; do ++ dbdir=`get_directory "$suffix"` ++ update_permissions "$dbdir" ++ done ++} ++# }}} ++# }}} ++# ----- Dumping and loading the data ------------------------------------ {{{ ++ ++migrate_to_slapd_d_style() { # {{{ ++ ++ # Check if we need to migrate to the new style. ++ if previous_version_older 2.4.23-3 && [ -f "${SLAPD_CONF}" ] \ ++ && ! [ -d /etc/ldap/slapd.d ] ++ then ++ ++ # Create the new configuration directory ++ mkdir /etc/ldap/slapd.d ++ ++ echo -n " Migrating slapd.conf to slapd.d configuration style... " >&2 ++ capture_diagnostics slaptest -f ${SLAPD_CONF} -F /etc/ldap/slapd.d || failed=1 ++ if [ "$failed" ]; then ++ ++ echo "failed." >&2 ++ echo >&2 ++ cat <<-EOF ++Migrating slapd.conf file (${SLAPD_CONF}) to slapd.d failed with the following ++error while running slaptest: ++EOF ++ release_diagnostics " " ++ rm -rf /etc/ldap/slapd.d ++ exit 1 ++ fi ++ ++ # Backup the old slapd.conf ++ mv ${SLAPD_CONF} ${SLAPD_CONF}.old ++ SLAPD_CONF=/etc/ldap/slapd.d ++ ++ # Add olcAccess control to grant local root connections access ++ sed -i '/^olcDatabase: {-1}frontend/a\ ++olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break\ ++olcAccess: {1}to dn.exact="" by * read\ ++olcAccess: {2}to dn.base="cn=Subschema" by * read' "${SLAPD_CONF}/cn=config/olcDatabase={-1}frontend.ldif" ++ sed -i '/^olcDatabase: {0}config/a\ ++olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break' "${SLAPD_CONF}/cn=config/olcDatabase={0}config.ldif" ++ ++ # TODO: Now we are doing something that is not allowed by policy but it ++ # has to be done. ++ sed -i -e "/^[[:space:]]*SLAPD_CONF=.*/ s/^/#/" /etc/default/slapd ++ echo "done." >&2 ++ fi ++} ++ ++# }}} ++dump_config() { # {{{ ++# Dump the cn=config database to the backup directory. ++# This is not the same as backup_config_once, which copies the slapd.d ++# directory verbatim. ++ local dir ++ ++ [ -d "$SLAPD_CONF" ] || return 0 ++ ++ dir="$(database_dumping_destdir)" ++ echo "Saving current slapd configuration to $dir..." >&2 ++ slapcat -F "$SLAPD_CONF" -n0 -l "$dir/cn=config.ldif" ++} ++# }}} ++dump_databases() { # {{{ ++# If the user wants us to dump the databases they are dumped to the ++# configured directory. ++ ++ local db suffix file dir failed slapcat_opts ++ ++ database_dumping_enabled || return 0 ++ ++ dir=`database_dumping_destdir` ++ echo >&2 " Dumping to $dir: " ++ (get_suffix | while read -r suffix; do ++ dbdir=`get_directory "$suffix"` ++ if [ -n "$dbdir" ]; then ++ file="$dir/$suffix.ldif" ++ printf ' - directory %s... ' "$suffix" >&2 ++ # Need to support slapd.d migration from preinst ++ if [ -f "${SLAPD_CONF}" ]; then ++ slapcat_opts="-g -f ${SLAPD_CONF}" ++ else ++ slapcat_opts="-g -F ${SLAPD_CONF}" ++ fi ++ slapcat ${slapcat_opts} -b "$suffix" > "$file" || failed=1 ++ if [ "$failed" ]; then ++ rm -f "$file" ++ echo "failed." >&2 ++ db_subst slapd/upgrade_slapcat_failure location "$dir" <&5 ++ db_input critical slapd/upgrade_slapcat_failure <&5 || true ++ db_go <&5 || true ++ exit 1 ++ fi ++ echo "done." >&2 ++ fi ++ done) 5<&0 &2 " Loading from $dir: " ++ # restore by increasing suffix length due to possibly glued databases ++ get_suffix | awk '{ print length, $0 }' | sort -n | cut -d ' ' -f 2- \ ++ | while read -r suffix; do ++ dbdir=`get_directory "$suffix"` ++ if [ -z "$dbdir" ]; then ++ continue ++ fi ++ if ! is_empty_dir "$dbdir"; then ++ echo >&2 \ ++ " Directory $dbdir for $suffix not empty, aborting." ++ exit 1 ++ fi ++ ++ file="$dir/$suffix.ldif" ++ printf ' - directory %s... ' "$suffix" >&2 ++ ++ # If there is an old DB_CONFIG file, restore it before ++ # running slapadd ++ backupdir="$(compute_backup_path -n "$suffix")" ++ if [ -e "$backupdir"/DB_CONFIG ]; then ++ cp -a "$backupdir"/DB_CONFIG "$dbdir"/ ++ fi ++ ++ if [ -f "${SLAPD_CONF}" ]; then ++ slapadd_opts="-g -f ${SLAPD_CONF}" ++ else ++ slapadd_opts="-g -F ${SLAPD_CONF}" ++ fi ++ capture_diagnostics slapadd ${slapadd_opts} \ ++ -q -b "$suffix" -l "$file" || failed=1 ++ if [ "$failed" ]; then ++ rm -f "$dbdir"/* ++ echo "failed." >&2 ++ echo >&2 ++ cat <<-EOF ++ Loading the database from the LDIF dump failed with the following ++ error while running slapadd: ++EOF ++ release_diagnostics " " ++ exit 1 ++ fi ++ echo "done." >&2 ++ ++ if [ -n "$SLAPD_USER" ] || [ -n "$SLAPD_GROUP" ]; then ++ echo -n " - chowning database directory ($SLAPD_USER:$SLAPD_GROUP)... " ++ update_permissions "$dbdir" ++ echo "done"; ++ fi ++ done ++} ++ ++# }}} ++move_incompatible_databases_away() { # {{{ ++ echo >&2 " Moving old database directories to /var/backups:" ++ (get_suffix | while read -r suffix; do ++ dbdir=`get_directory "$suffix"` ++ move_old_database_away "$dbdir" "$suffix" <&5 ++ done) 5<&0 ++ ++# XXX: should ask the user via debconf ++# or maybe just use database_dumping_destdir ++ ++ local basedn ok_exists ++ if [ "$1" = "-n" ]; then ++ ok_exists=yes ++ shift ++ fi ++ basedn="$1" ++ ++ local id target ++ if [ "$MODE" = reconfigure ] || [ "$DEBCONF_RECONFIGURE" ]; then ++ # reconfigure: use OLD_VERSION plus a timestamp. ++ id="${OLD_VERSION:+$OLD_VERSION-}$(date +%Y%m%d-%H%M%S)" ++ else ++ # install/upgrade: use OLD_VERSION or a timestamp, not both. ++ id="${OLD_VERSION:-$(date +%Y%m%d-%H%M%S)}" ++ fi ++ target="/var/backups/$basedn-$id.ldapdb" ++ if [ -e "$target" ] && [ -z "$ok_exists" ]; then ++ echo >&2 ++ echo >&2 " Backup path $target exists. Giving up..." ++ exit 1 ++ fi ++ ++ printf '%s' "$target" ++} ++ ++# }}} ++move_old_database_away() { # {{{ ++# Move the old database away if it is still there ++# ++# In fact this function makes sure that the database directory is empty ++# with the exception of any DB_CONFIG file ++# and can be populated with a new database. If something is in the way ++# it is moved to a backup directory if the user accepted the debconf ++# option slapd/move_old_database. Otherwise we output a warning and let ++# the user fix it himself. ++# Usage: move_old_database_away [] ++ ++ local databasedir backupdir ++ databasedir="$1" ++ suffix="${2:-unknown}" ++ ++ if [ ! -e "$databasedir" ] || is_empty_dir "$databasedir"; then ++ return 0 ++ fi ++ ++ # Note that we can't just move the database dir as it might be ++ # a mount point. Instead me move the content which might ++ # include mount points as well anyway, but it's much less likely. ++ db_get slapd/move_old_database ++ if [ "$RET" = true ]; then ++ backupdir="$(compute_backup_path "$suffix")" ++ printf ' - directory %s... ' "$suffix" >&2 ++ mkdir -p "$backupdir" ++ find -H "$databasedir" -mindepth 1 -maxdepth 1 -type f \ ++ -exec mv {} "$backupdir" \; ++ echo done. >&2 ++ else ++ cat >&2 <&2 " Moving old database directory to /var/backups:" ++ move_old_database_away /var/lib/ldap ++ fi ++ create_ldap_directories ++ create_new_slapd_conf "$basedn" ++ create_new_directory "$basedn" "$dc" ++ ++ # Put the right permissions on this directory. ++ update_permissions /var/lib/ldap ++ ++ # Now that we created the new directory we don't need the passwords in the ++ # debconf database anymore. So wipe them. ++ wipe_admin_pass ++} ++# }}} ++create_new_slapd_conf() { # {{{ ++# Create the new slapd.d directory (configuration) ++# Usage: create_new_slapd_conf ++ ++ local initldif failed basedn adminpass ++ ++ # Fetch configuration ++ basedn="$1" ++ db_get slapd/internal/adminpw ++ adminpass="$RET" ++ ++ echo -n " Creating initial configuration... " >&2 ++ ++ # Create the slapd.d directory. ++ rm -rf ${SLAPD_CONF}/cn=config ${SLAPD_CONF}/cn=config.ldif ++ mkdir -p ${SLAPD_CONF} ++ initldif=`mktemp -t slapadd.XXXXXX` ++ cat /usr/share/slapd/slapd.init.ldif > ${initldif} ++ ++ # Change some defaults ++ sed -i -e "s|@SUFFIX@|$basedn|g" ${initldif} ++ sed -i -e "s|@PASSWORD@|$adminpass|g" ${initldif} ++ ++ capture_diagnostics slapadd -F "${SLAPD_CONF}" -b "cn=config" \ ++ -l "${initldif}" || failed=1 ++ if [ "$failed" ]; then ++ cat <<-EOF ++Loading the initial configuration from the ldif file (${init_ldif}) failed with ++the following error while running slapadd: ++EOF ++ release_diagnostics " " ++ exit 1 ++ fi ++ ++ update_permissions "${SLAPD_CONF}" ++ rm -f "${initldif}" ++ echo "done." >&2 ++} ++# }}} ++encode_utf8() { #{{{ ++# Make the value utf8 encoded. Takes one argument and utf8 encode it. ++# Usage: val=`encode_utf8 ` ++ perl -e 'use Encode; print encode_utf8($ARGV[0]);' "$1" ++} #}}} ++create_new_directory() { # {{{ ++# Create a new directory. Takes the basedn and the dc value of that entry. ++# Other information is extracted from debconf. ++# Usage: create_new_directory ++ ++ local basedn dc organization adminpass ++ basedn="$1" ++ dc="$2" ++ ++ # Encode to utf8 and base64 encode the organization. ++ db_get shared/organization ++ organization=`encode_utf8 "$RET"` ++ db_get slapd/internal/adminpw ++ adminpass="$RET" ++ ++ echo -n " Creating LDAP directory... " >&2 ++ ++ initldif=`mktemp -t slapadd.XXXXXX` ++ cat <<-EOF > "${initldif}" ++ dn: $basedn ++ objectClass: top ++ objectClass: dcObject ++ objectClass: organization ++ o: $organization ++ dc: $dc ++ ++ EOF ++ ++ capture_diagnostics slapadd -F "${SLAPD_CONF}" -b "${basedn}" \ ++ -l "${initldif}" || failed=1 ++ if [ "$failed" ]; then ++ rm -f ${initldif} ++ echo "failed." >&2 ++ cat <<-EOF ++Loading the initial configuration from the ldif file (${init_ldif}) failed with ++the following error while running slapadd: ++EOF ++ release_diagnostics " " ++ exit 1 ++ fi ++ ++ rm -f ${initldif} ++ echo "done." >&2 ++} ++# }}} ++backup_config_once() { # {{{ ++# Create a backup of the current configuration files. ++# Usage: backup_config_once ++ ++ local backupdir ++ ++ if [ -z "$FLAG_CONFIG_BACKED_UP" ]; then ++ if [ -e "$SLAPD_CONF" ]; then ++ backupdir=`database_dumping_destdir` ++ echo -n " Backing up $SLAPD_CONF in ${backupdir}... " >&2 ++ cp -a "$SLAPD_CONF" "$backupdir" ++ echo done. >&2 ++ fi ++ FLAG_CONFIG_BACKED_UP=yes ++ fi ++} ++ ++# }}} ++normalize_ldif() { # {{{ ++# Unwrap LDIF lines and strip comments. ++ perl -00 -pe 's/\n[ \t]//g; s/^#.*\n//mg' "$@" ++} ++# }}} ++ ++ ++set_defaults_for_unseen_entries() { # {{{ ++# Set up the defaults for our templates ++ DOMAIN=`hostname -d 2>/dev/null` || true ++ if [ -z "$DOMAIN" ]; then DOMAIN='nodomain'; fi ++ ++ db_fget slapd/domain seen ++ if [ "$RET" = false ]; then ++ db_set slapd/domain "$DOMAIN" ++ fi ++ ++ db_fget shared/organization seen ++ if [ "$RET" = false ]; then ++ db_set shared/organization "$DOMAIN" ++ fi ++} ++# }}} ++crypt_admin_pass() { # {{{ ++# Store the encrypted admin password into the debconf db ++# Usage: crypt_admin_pass ++ ++ local adminpw; ++ ++ db_get slapd/password1 ++ if [ ! -z "$RET" ]; then ++ db_set slapd/internal/adminpw "$(create_password_hash "$RET")" ++ else ++ ++ # Set the password. ++ adminpw="$(generate_admin_pass)" ++ db_set slapd/internal/generated_adminpw "$adminpw" ++ db_set slapd/internal/adminpw "$(create_password_hash "$adminpw")" ++ fi ++} ++ ++generate_admin_pass() { ++# Generate a password, if no password given then generate one. ++# Usage: generate_admin_pass ++ ++ # 15 bytes of /dev/urandom provide 120 random bits, assuming the entropy pool is full enough. ++ # Coding these 15 bytes in base64 returns a 20 characters long password. ++ head -c 15 /dev/urandom | base64 | tr -d '[:space:]' ++} ++ ++wipe_admin_pass() { ++# Remove passwords after creating the initial ldap database. ++# Usage: wipe_admin_pass ++ db_set slapd/password1 "" ++ db_set slapd/password2 "" ++ db_set slapd/internal/adminpw "" ++ db_set slapd/internal/generated_adminpw "" ++} ++ ++# }}} ++create_password_hash() { # {{{ ++# Create the password hash for the given password ++# Usage: hash=`create_password_hash "$password"` ++ ++ slappasswd -s "$1" ++} ++ ++# }}} ++previous_version_older() { # {{{ ++# Check if the previous version is newer than the reference version passed. ++# If we are not upgrading the previous version is assumed to be newer than ++# any reference version. ++# Usage: previous_version_older ++ ++ if dpkg --compare-versions "$OLD_VERSION" lt-nl "$1"; then ++ return 0 ++ else ++ return 1 ++ fi ++} ++ ++# }}} ++previous_version_newer() { # {{{ ++# Check if the previous version is newer than the reference version passed. ++# If we are not upgrading the previous version is assumed to be newer than ++# any reference version. ++# Usage: previous_version_newer ++ ++ if dpkg --compare-versions "$OLD_VERSION" gt-nl "$1"; then ++ return 0 ++ else ++ return 1 ++ fi ++} # }}} ++ ++is_initial_configuration() { # {{{ ++# Check if this is the initial configuration and not an upgrade of an ++# existing configuration ++# Usage: if is_initial_configuration "$@"; then ... fi from top level ++ ++ # Plain installation ++ if [ "$1" = configure ] && [ -z "$2" ]; then ++ return 0 ++ fi ++ # Configuration via dpkg-reconfigure ++ if [ "$1" = reconfigure ] || [ "$DEBCONF_RECONFIGURE" ]; then ++ return 0 ++ fi ++ # Upgrade but slapd.conf doesn't exist. If the user is doing this ++ # intentionally because they want to put it somewhere else, they ++ # should select manual configuration in debconf. ++ if [ "$1" = configure ] && [ ! -e "${SLAPD_CONF}" ]; then ++ return 0 ++ fi ++ return 1 ++} ++ ++# }}} ++is_empty_dir() { # {{{ ++# Check if a path refers to a directory that is "empty" from the POV of slapd ++# (i.e., contains no files except for an optional DB_CONFIG). ++# Usage: if is_empty_dir "$dir"; then ... fi ++ ++ output=`find -H "$1" -mindepth 1 -maxdepth 1 -type f \! -name DB_CONFIG 2>/dev/null` ++ if [ -n "$output" ]; then ++ return 1 ++ else ++ return 0 ++ fi ++} ++ ++# }}} ++ ++find_old_ppolicy_schema() { # {{{ ++# Helper for the ppolicy schema update in 2.4.43. Checks whether the ++# exported config includes an old version of the ppolicy schema that ++# needs the new attribute added. If such a schema is found, echos its DN ++# to stdout. If the schema is not loaded or is already up-to-date, ++# returns nothing. The provided LDIF should have its lines unwrapped ++# already. ++# Usage: ppolicy_dn="$(find_old_ppolicy_schema "$exported_ldif")" ++ local ppolicy_dn ++ ++ # Is the ppolicy schema loaded? ++ if ! ppolicy_dn="$(grep '^dn: cn={[0-9]\+}ppolicy,cn=schema,cn=config$' "$1")"; then ++ return ++ fi ++ ++ # Has the pwdMaxRecordedFailure attribute already been added? ++ # It might have been replicated from a newer server. ++ if grep -q '^olcAttributeTypes: .*NAME '\''pwdMaxRecordedFailure'\' "$1"; then ++ return ++ fi ++ ++ # The schema is loaded and needs to be updated. ++ ppolicy_dn="${ppolicy_dn#dn: }" ++ echo "$ppolicy_dn" ++} ++# }}} ++ ++# ===== Global variables ================================================ {{{ ++# ++# At some points we need to know which version we are upgrading from if ++# any. More precisely we only care about the configuration and data we ++# might have laying around. Some parts also want to know which mode the ++# script is running in. ++ ++MODE="$1" # install, upgrade, etc. - see debian-policy ++OLD_VERSION="$2" ++ ++# Source the init script configuration ++# See example file debian/slapd.default for variables defined here ++if [ -f "/etc/default/slapd" ]; then ++ . /etc/default/slapd ++fi ++ ++# Load the default location of the slapd config file ++if [ -z "$SLAPD_CONF" ]; then ++ if [ -f "/etc/ldap/slapd.conf" ] && \ ++ [ ! -e "/etc/ldap/slapd.d" ] ++ then ++ SLAPD_CONF="/etc/ldap/slapd.conf" ++ else ++ SLAPD_CONF="/etc/ldap/slapd.d" ++ fi ++fi ++ ++# }}} ++ ++# ----- Handling diagnostic output ------------------------------------ {{{ ++# ++# Often you want to run a program while you are showing progress ++# information to the user. If the program you are running outputs some ++# diagnostics it will mess up your screen. ++# ++# This is what the following functions are designed for. When running the ++# program, use capture_diagnostics to store what the program outputs to ++# stderr and use release_diagnostics to write out the captured output. ++ ++ ++capture_diagnostics() { # {{{ ++# Run the command passed and capture the diagnostic output in a temporary ++# file. You can dump that file using release_diagnostics. ++ ++ # Create the temporary file ++ local tmpfile ++ tmpfile=`mktemp` ++ exec 7<>"$tmpfile" ++ rm "$tmpfile" ++ ++ # Run the program and capture stderr. If the program fails the ++ # function fails with the same status. ++ "$@" 2>&7 || return $? ++} ++ ++# }}} ++release_diagnostics() { # {{{ ++# Dump the diagnostic output captured via capture_diagnostics, optionally ++# prefixing each line. ++# Usage: release_diagnostics "prefix" ++ ++ local script ++ script=' ++ seek STDIN, 0, 0; ++ print "$ARGV[0]$_" while ();'; ++ perl -e "$script" "$1" <&7 ++} ++ ++# }}} ++ ++ ++# }}} ++ ++# vim: set sw=8 foldmethod=marker: ++ diff --cc debian/slapd.templates index 00000000,00000000..444613ca new file mode 100644 --- /dev/null +++ b/debian/slapd.templates @@@ -1,0 -1,0 +1,171 @@@ ++Template: slapd/no_configuration ++Type: boolean ++Default: false ++_Description: Omit OpenLDAP server configuration? ++ If you enable this option, no initial configuration or database will be ++ created for you. ++ ++Template: slapd/dump_database ++Type: select ++__Choices: always, when needed, never ++Default: when needed ++_Description: Dump databases to file on upgrade: ++ Before upgrading to a new version of the OpenLDAP server, the data from ++ your LDAP directories can be dumped into plain text files in the ++ standard LDAP Data Interchange Format. ++ . ++ Selecting "always" will cause the databases to be dumped ++ unconditionally before an upgrade. Selecting "when needed" will only ++ dump the database if the new version is incompatible with the old ++ database format and it needs to be reimported. If you select "never", ++ no dump will be done. ++ ++Template: slapd/dump_database_destdir ++Type: string ++Default: /var/backups/slapd-VERSION ++_Description: Directory to use for dumped databases: ++ Please specify the directory where the LDAP databases will be exported. ++ In this directory, several LDIF files will be created which correspond ++ to the search bases located on the server. Make sure you have enough ++ free space on the partition where the directory is located. The first ++ occurrence of the string "VERSION" is replaced with the server version ++ you are upgrading from. ++ ++Template: slapd/move_old_database ++Type: boolean ++Default: true ++_Description: Move old database? ++ There are still files in /var/lib/ldap which will probably break ++ the configuration process. If you enable this option, the maintainer ++ scripts will move the old database files out of the way before ++ creating a new database. ++ ++Template: slapd/invalid_config ++Type: boolean ++Default: true ++_Description: Retry configuration? ++ The configuration you entered is invalid. Make sure that the DNS domain name ++ is syntactically valid, the field for the organization is not left empty and ++ the admin passwords match. If you decide not to retry the configuration the ++ LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to ++ retry later. ++ ++Template: slapd/domain ++Type: string ++_Description: DNS domain name: ++ The DNS domain name is used to construct the base DN of the LDAP directory. ++ For example, 'foo.example.org' will create the directory with ++ 'dc=foo, dc=example, dc=org' as base DN. ++ ++Template: shared/organization ++Type: string ++_Description: Organization name: ++ Please enter the name of the organization to use in the base DN of your ++ LDAP directory. ++ ++Template: slapd/password1 ++Type: password ++_Description: Administrator password: ++ Please enter the password for the admin entry in your LDAP directory. ++ ++Template: slapd/password2 ++Type: password ++_Description: Confirm password: ++ Please enter the admin password for your LDAP directory again to verify ++ that you have typed it correctly. ++ ++Template: slapd/password_mismatch ++Type: note ++_Description: Password mismatch ++ The two passwords you entered were not the same. Please try again. ++ ++Template: slapd/purge_database ++Type: boolean ++Default: false ++_Description: Do you want the database to be removed when slapd is purged? ++ ++Template: slapd/internal/adminpw ++Type: password ++Description: Encrypted admin password: ++ Internal template, should never be displayed to users. ++ ++Template: slapd/internal/generated_adminpw ++Type: password ++Description: Generated admin password: ++ Internal template, should never be displayed to users. ++ ++Template: slapd/upgrade_slapcat_failure ++Type: error ++#flag:translate!:5 ++#flag:comment:4 ++# This paragraph is followed by a (non translatable) paragraph ++# containing a command line ++#flag:comment:6 ++# Translators: keep "${location}" unchanged. This is a variable that ++# will be replaced by a directory name at execution ++_Description: slapcat failure during upgrade ++ An error occurred while upgrading the LDAP directory. ++ . ++ The 'slapcat' program failed while extracting the LDAP directory. This ++ may be caused by an incorrect configuration file (for example, missing ++ 'moduleload' lines to support the backend database). ++ . ++ This failure will cause 'slapadd' to fail later as well. The old database ++ files will be moved to /var/backups. If you want to try this upgrade ++ again, you should move the old database files back into place, fix ++ whatever caused slapcat to fail, and run: ++ . ++ slapcat > ${location} ++ . ++ Then move the database files back to a backup area and then try running ++ slapadd from ${location}. ++ ++Template: slapd/unsafe_selfwrite_acl ++Type: note ++#flag:comment:3 ++# Translators: keep "by self write" and "to *" unchanged. These are part ++# of the slapd configuration and are not translatable. ++_Description: Potentially unsafe slapd access control configuration ++ One or more of the configured databases has an access control rule that ++ allows users to modify most of their own attributes. This may be ++ unsafe, depending on how the database is used. ++ . ++ In the case of slapd access rules that begin with "to *", it is ++ recommended to remove any instances of "by self write", so that users ++ are only able to modify specifically allowed attributes. ++ . ++ See /usr/share/doc/slapd/README.Debian.gz for more details. ++ ++Template: slapd/ppolicy_schema_needs_update ++Type: select ++__Choices: abort installation, continue regardless ++DefaultChoice: abort installation ++#flag:comment:2 ++# "ppolicy" and "pwdMaxRecordedFailure" are not translatable. ++#flag:comment:3 ++# This paragraph is followed by the path to the generated file (not ++# translatable). The sentence continues in the following paragraph. ++#flag:comment:5 ++# This paragraph continues the sentence started in the previous ++# paragraph. It is followed by a command line. ++#flag:translate!:4,6 ++_Description: Manual ppolicy schema update recommended ++ The new version of the Password Policy (ppolicy) overlay requires the ++ schema to define the pwdMaxRecordedFailure attribute type, which is not ++ present in the schema currently in use. It is recommended to abort the ++ upgrade now, and to update the ppolicy schema before upgrading slapd. ++ If replication is in use, the schema update should be applied on every ++ server before continuing with the upgrade. ++ . ++ An LDIF file has been generated with the changes required for the upgrade: ++ . ++ ${ldif} ++ . ++ so if slapd is using the default access control rules, these changes can be ++ applied (after starting slapd) by using the command: ++ . ++ ldapmodify -H ldapi:/// -Y EXTERNAL -f ${ldif} ++ . ++ If instead you choose to continue the installation, the new attribute ++ type will be added automatically, but the change will not be acted on ++ by slapd overlays, and replication with other servers may be affected. diff --cc debian/slapi-dev.install index 00000000,00000000..aa8a25d3 new file mode 100644 --- /dev/null +++ b/debian/slapi-dev.install @@@ -1,0 -1,0 +1,2 @@@ ++usr/include/slapi-plugin.h ++usr/lib/*/libslapi.so diff --cc debian/slapo-pw-pbkdf2.5 index 00000000,00000000..e5dd5de3 new file mode 100644 --- /dev/null +++ b/debian/slapo-pw-pbkdf2.5 @@@ -1,0 -1,0 +1,112 @@@ ++.TH SLAPO-PW-PBKDF2 5 "RELEASEDATE" "OpenLDAP LDVERSION" ++.\" Copyright 2015-2018 The OpenLDAP Foundation All Rights Reserved. ++.\" Copying restrictions apply. See COPYRIGHT/LICENSE. ++.\" $OpenLDAP$ ++.SH NAME ++slapo-pw-pbkdf2 \- PBKDF2 password module to slapd ++.SH SYNOPSIS ++ETCDIR/slapd.conf ++.RS ++.LP ++.B moduleload ++.B pw-pbkdf2 ++.RE ++.SH DESCRIPTION ++.LP ++The ++.B pw-pbkdf2 ++module to ++.BR slapd (8) ++provides support for the use of the key stretching function ++PBKDF2 (Password-Based Key Derivation Function 2) following RFC 2898 ++in hashed passwords in OpenLDAP. ++.LP ++It does so by providing the following additional password schemes for use in slapd: ++.RS ++.TP ++.B {PBKDF2} ++alias to {PBKDF2-SHA1} ++.TP ++.B {PBKDF2-SHA1} ++PBKDF2 using HMAC-SHA-1 as the underlying pseudorandom function ++.TP ++.B {PBKDF2-SHA256} ++PBKDF2 using HMAC-SHA-256 as the underlying pseudorandom function ++.TP ++.B {PBKDF2-SHA512} ++PBKDF2 using HMAC-SHA-512 as the underlying pseudorandom function ++.RE ++ ++.SH CONFIGURATION ++The ++.B pw-pbkdf2 ++module does not need any configuration. ++.LP ++After loading the module, the password schemes ++{PBKDF2}, {PBKDF2-SHA1}, {PBKDF2-SHA256}, and {PBKDF2-SHA512} ++will be recognised in values of the ++.I userPassword ++attribute. ++.LP ++You can then instruct OpenLDAP to use these schemes when processing ++the LDAPv3 Password Modify (RFC 3062) extended operations by using the ++.BR password-hash ++option in ++.BR slapd.conf (5). ++ ++.SH NOTES ++If you want to use the schemes described here with ++.BR slappasswd (8), ++remember to load the module using its command line options. ++The relevant option/value is: ++.RS ++.LP ++.B \-o ++.BR module\-load = pw-pbkdf2 ++.LP ++.RE ++Depending on ++.BR pw-pbkdf2 's ++location, you may also need: ++.RS ++.LP ++.B \-o ++.BR module\-path = \fIpathspec\fP ++.RE ++ ++.SH EXAMPLES ++All of the userPassword LDAP attributes below encode the password ++.RI ' secret '. ++.EX ++.LP ++userPassword: {PBKDF2-SHA512}10000$/oQ4xZi382mk7kvCd3ZdkA$2wqjpuyV2l0U/a1QwoQPOtlQL.UcJGNACj1O24balruqQb/NgPW6OCvvrrJP8.SzA3/5iYvLnwWPzeX8IK/bEQ ++.LP ++userPassword: {PBKDF2-SHA256}10000$jq40ImWtmpTE.aYDYV1GfQ$mpiL4ui02ACmYOAnCjp/MI1gQk50xLbZ54RZneU0fCg ++.LP ++userPassword: {PBKDF2-SHA1}10000$QJTEclnXgh9Cz3ChCWpdAg$9.s98jwFJM.NXJK9ca/oJ5AyoAQ ++.EE ++.LP ++To make {PBKDF2-SHA512} the password hash used in Password Modify extended operations, ++simply set this line in slapd.conf(5): ++.EX ++.LP ++password-hash {PBKDF2-SHA512} ++.EX ++ ++.SH SEE ALSO ++.BR slapd.conf (5), ++.BR ldappasswd (1), ++.BR slappasswd (8), ++.BR ldap (3), ++.LP ++"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/) ++.LP ++ ++.SH ACKNOWLEDGEMENTS ++This manual page has been written by Peter Marschall based on the ++module's README file written by HAMANO Tsukasa ++.LP ++.B OpenLDAP ++is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). ++.B OpenLDAP ++is derived from University of Michigan LDAP 3.3 Release. diff --cc debian/source/format index 00000000,00000000..163aaf8d new file mode 100644 --- /dev/null +++ b/debian/source/format @@@ -1,0 -1,0 +1,1 @@@ ++3.0 (quilt) diff --cc debian/source/lintian-overrides index 00000000,00000000..80a0ad9e new file mode 100644 --- /dev/null +++ b/debian/source/lintian-overrides @@@ -1,0 -1,0 +1,12 @@@ ++# this file lists copyright notices applying to the schemas ++openldap source: license-problem-non-free-RFC servers/slapd/schema/README ++# RFC text removed, files contain functional interface definitions only ++# Copyright notices have been retained to preserve attribution ++openldap source: license-problem-non-free-RFC debian/schema/core.ldif ++openldap source: license-problem-non-free-RFC debian/schema/core.schema ++openldap source: license-problem-non-free-RFC debian/schema/pmi.schema ++# internal templates, not shown to users ++openldap source: untranslatable-debconf-templates slapd.templates: 89 ++openldap source: untranslatable-debconf-templates slapd.templates: 94 ++# included upstream in a future release ++openldap source: maintainer-manual-page debian/slapo-pw-pbkdf2.5 diff --cc debian/tests/check_upgradepath index 00000000,00000000..d1f25780 new file mode 100755 --- /dev/null +++ b/debian/tests/check_upgradepath @@@ -1,0 -1,0 +1,173 @@@ ++#! /bin/sh ++ ++set -e ++ ++# WARNING: This script is obsolete and will require a fair bit of work to get ++# working again. It assumes woody, uses debconf questions that don't exist ++# any more, and probably doesn't check everything that you would want to ++# check. Preserved just because I haven't done the work to see if puiparts ++# can now do the same thing in a cleaner way. ++ ++# Setup ++: ${chroot_dir:=../chroot} ++: ${debmirror:=http://ftp.de.debian.org/debian} ++: ${proxy:=http://proxy.galaxy:3128/} ++unset LC_ALL ++unset LC_CTYPE ++unset LC_MESSAGES ++# XXX: comment out when testing new versions. Needed so libc6 does not ++# ask for restarting services. ++export DEBIAN_FRONTEND=noninteractive ++ ++woodytar=$chroot_dir/woody_base.tar.gz ++ ++# List our packages ++list_packages() { ++ local p ver ++ ver=`dpkg-parsechangelog|sed -ne 's/^Version: //p'` ++ for p in `dh_listpackages`; do ++ (cd .. && echo ${p}_$ver*deb) ++ done ++} ++ ++# Run a command inside the chroot ++ ++in_target() { ++ chroot $chroot_dir/woody "$@" ++} ++ ++# Set a debconf variable inside the chroot ++ ++debconf_set() { ++ local name=$1 ++ shift ++ cat >>$chroot_dir/woody/var/cache/debconf/config.dat < $chroot_dir/woody/etc/apt/sources.list ++ echo "Acquire::HTTP::Proxy \"$proxy\";" \ ++ > $chroot_dir/woody/etc/apt/apt.conf ++ in_target apt-get update ++ in_target mount -t proc none /proc ++ ++ # We don't want any debconf interaction ++ #debconf_set debconf/frontend Noninteractive ++} ++ ++# These are our example configurations for testing the upgrade ++ ++conf_domain_or_host() { ++ debconf_set slapd/fill_method auto ++ debconf_set slapd/suffix_type "domain or host" ++ debconf_set slapd/domain "some.example.net" ++ debconf_set slapd/replicate false ++ debconf_set shared/organization Some Organization ++} ++ ++ ++check_domain_or_host() { ++ sleep 2 # wait for slapd to startup ++ in_target ldapsearch -h localhost -b dc=some,dc=example,dc=net -x \ ++ objectclass=\* ++} ++ ++conf_location() { ++ debconf_set slapd/fill_method auto ++ debconf_set slapd/suffix_type "location" ++ debconf_set shared/locale/countrycode de ++ debconf_set shared/organization "Sample Organization" ++ debconf_set slapd/replicate false ++ debconf_set shared/organization Some Organization ++} ++ ++check_location() { ++ sleep 2 # wait for slapd to startup ++ in_target ldapsearch -h localhost -b "o=Some Organization, c=de" \ ++ -x objectclass=\* ++} ++# Install slapd inside the chroot ++ ++install_slapd() { ++ in_target apt-get -y install slapd ldap-utils ++} ++ ++# Do an upgrade of our packages inside the chroot ++ ++upgrade() { ++ # Link our packages into the chroot ++ for p in `list_packages`; do ++ ln ../$p $chroot_dir/woody/root/ ++ done ++ ++ # Create a packages file ++ (cd $chroot_dir/woody/root && dpkg-scanpackages . /dev/null >Packages) ++ ++ # Switch to unstable ++ echo "deb $debmirror unstable main" \ ++ > $chroot_dir/woody/etc/apt/sources.list ++ echo "deb file:/root ./" >> $chroot_dir/woody/etc/apt/sources.list ++ ++ # Update package lists ++ in_target apt-get update ++ ++ # Tell our scripts to fix the config ++ debconf_set slapd/fix_directory true ++ debconf_set slapd/password1 foobar ++ debconf_set slapd/allow_ldap_v2 ++ ++ # Do an upgrade of our packages ++ in_target apt-get install -y `dh_listpackages` ++} ++ ++# Checks if upgrading a woody system with slapd configured with the ++# command given works. ++ ++check_upgrade() { ++ setup_chroot ++ conf_$1 ++ debconf_set slapd/password1 foobar ++ debconf_set slapd/password2 foobar ++ install_slapd ++ check_$1 ++ upgrade ++ check_$1 ++ in_target /etc/init.d/slapd stop ++ in_target umount /proc ++} ++ ++# Try upgrading our example setups ++ ++for i in location domain_or_host; do ++ check_upgrade $i ++done ++ ++echo "SUCCESS testing upgrading from woody" diff --cc debian/tests/control index 00000000,00000000..b8ebcd91 new file mode 100644 --- /dev/null +++ b/debian/tests/control @@@ -1,0 -1,0 +1,7 @@@ ++Tests: slapd ++Depends: ldap-utils ++Restrictions: allow-stderr, isolation-container, needs-root, superficial ++ ++Tests: smbk5pwd ++Depends: ldap-utils, slapd, slapd-contrib, heimdal-kdc, samba, schema2ldif ++Restrictions: allow-stderr, isolation-container, needs-root, superficial diff --cc debian/tests/create_account index 00000000,00000000..a5051af4 new file mode 100755 --- /dev/null +++ b/debian/tests/create_account @@@ -1,0 -1,0 +1,24 @@@ ++#! /usr/bin/perl -w ++ ++# Shows how to create an entry on the LDAP server ++ ++$host = "localhost"; # LDAP server ++$basedn = "dc=galaxy"; # Base DN ++$admindn = "cn=admin, $basedn"; # Admin entry ++$adminpass = "foo"; # Password ++ ++use Net::LDAP; ++ ++$ldap = Net::LDAP->new("$host", onerror => "die"); ++$ldap->bind($admindn, password => $adminpass); ++ ++# Create "ou=People" entry if not there ++ ++$results = $ldap->search(base => "$basedn", ++ filter => "ou=People", scope => "one"); ++unless ($results->count > 0) { ++ $ldap->add("ou=People, $basedn", attr => [ ++ ou => "People", ++ objectClass => [ "top", "organizationalUnit" ] ++ ]); ++} diff --cc debian/tests/find_unused_functions index 00000000,00000000..bd31d453 new file mode 100755 --- /dev/null +++ b/debian/tests/find_unused_functions @@@ -1,0 -1,0 +1,30 @@@ ++#! /usr/bin/perl -w ++ ++use autouse Data::Dumper, qw{Dumper}; ++ ++# Script to find the unused shell functions in slapd.scripts-common ++ ++our @code; ++ ++# Get all shell code from maintainer scripts ++ ++foreach my $file ((, , , ++ )) { ++ open SCRIPT, "<$file" or ++ die "Can't open $file: $!"; ++ push @code,