[Fedora-directory-commits] ldapserver/ldap/cm Makefile,1.45,1.46
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/cm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5620/ldapserver/ldap/cm
Modified Files:
Makefile
Log Message:
Bump version from 1.0 to 1.0.1
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/cm/Makefile,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -r1.45 -r1.46
--- Makefile 19 Nov 2005 00:50:32 -0000 1.45
+++ Makefile 7 Dec 2005 21:49:52 -0000 1.46
@@ -108,9 +108,9 @@
endif
ifdef USE_64
-VERSION=-ver 1.0-64bit
+VERSION=-ver 1.0.1-64bit
else
-VERSION=-ver 1.0
+VERSION=-ver 1.0.1
endif
ifeq ($(ARCH), HPUX)
@@ -266,7 +266,7 @@
ifdef BUILD_RPM
# name and version of RPM - must correspond to the spec file - these get branded
RPM_BASE_NAME=fedora
- RPM_VERSION=1.0
+ RPM_VERSION=1.0.1
RPM_FILE_BASE=$(RPM_BASE_NAME)-ds-$(RPM_VERSION)
RPM_ARCH = $(shell uname -i)
# root dir for RPM built and temp files
18 years, 4 months
[Fedora-directory-commits] ldapserver/include version.h,1.7,1.8
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/include
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5620/ldapserver/include
Modified Files:
version.h
Log Message:
Bump version from 1.0 to 1.0.1
Index: version.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/include/version.h,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- version.h 29 Oct 2005 02:25:55 -0000 1.7
+++ version.h 7 Dec 2005 21:49:47 -0000 1.8
@@ -44,9 +44,9 @@
exist, the PRODUCT_VERSION define has _DEF appended.
*/
-#define DIRECTORY_VERSION_DEF "1.0"
+#define DIRECTORY_VERSION_DEF "1.0.1"
#define DIRECTORY_COMPATIBLE "3.0"
-#define DIRECTORY_VERSION_STRING "Fedora-DirServer/1.0"
+#define DIRECTORY_VERSION_STRING "Fedora-DirServer/1.0.1"
#define DS_VERSION_DEF DIRECTORY_VERSION_DEF
#define DS_VERSION_STRING DIRECTORY_VERSION_STRING
18 years, 4 months
[Fedora-directory-commits] adminserver/include/nt regparms.h, 1.7, 1.8
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/include/nt
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5560/adminserver/include/nt
Modified Files:
regparms.h
Log Message:
Bump version from 1.0 to 1.0.1
Index: regparms.h
===================================================================
RCS file: /cvs/dirsec/adminserver/include/nt/regparms.h,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- regparms.h 28 Oct 2005 22:45:01 -0000 1.7
+++ regparms.h 7 Dec 2005 21:42:40 -0000 1.8
@@ -46,19 +46,19 @@
/* Admin IDs */
#define ADM_ID_PRODUCT "admin"
#define ADM_NAME_SHORT "Administration"
-#define ADM_VERSION "1.0"
-#define ADM_NAME_VERSION "Administration 1.0"
+#define ADM_VERSION "1.0.1"
+#define ADM_NAME_VERSION "Administration 1.0.1"
#define ADM_NAME_SERVER "Administration Server"
#define ADM_NAME_FULL "Fedora Administration Server"
-#define ADM_NAME_FULL_VERSION "Fedora Administration Server 1.0"
-#define ADM_NAME_SERVICE "Fedora Administration 1.0"
+#define ADM_NAME_FULL_VERSION "Fedora Administration Server 1.0.1"
+#define ADM_NAME_SERVICE "Fedora Administration 1.0.1"
#define ADM_EXE "ns-admin.exe"
#define ADM_EXE_START "admin.exe"
#define ADM_ID_SERVICE "admin10"
-#define ADM_KEY_ROOT "Administration\\1.0"
+#define ADM_KEY_ROOT "Administration\\1.0.1"
#define ADM_SERVER_LST_NAME "adm:Netscape Enterprise Server"
#define ADM_DIR_ROOT "admin"
-#define ADM_NAME_UNINSTALL "Uninstall Administration Server 1.0"
+#define ADM_NAME_UNINSTALL "Uninstall Administration Server 1.0.1"
/* original definitions */
// Upper-level registry parameters
18 years, 4 months
[Fedora-directory-commits] adminserver/admserv/console/src/com/netscape/management/admserv admserv.properties, 1.4, 1.5
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/console/src/com/netscape/management/admserv
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5560/adminserver/admserv/console/src/com/netscape/management/admserv
Modified Files:
admserv.properties
Log Message:
Bump version from 1.0 to 1.0.1
Index: admserv.properties
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/console/src/com/netscape/management/admserv/admserv.properties,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- admserv.properties 28 Oct 2005 22:43:51 -0000 1.4
+++ admserv.properties 7 Dec 2005 21:42:35 -0000 1.5
@@ -22,7 +22,7 @@
# Admin Server Component Localization file
admin-title=Administration Server
-admin-version=Version 1.0
+admin-version=Version 1.0.1
admin-smallIcon=com/netscape/management/admserv/images/AdminServer.gif
admin-largeIcon=com/netscape/management/admserv/images/AdminServerL.gif
18 years, 4 months
[Fedora-directory-commits] ldapserver/ldap/cm/newinst ns-update, 1.9, 1.10
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/cm/newinst
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5433/ldapserver/ldap/cm/newinst
Modified Files:
ns-update
Log Message:
Bug(s) fixed: 175098
Bug Description: The dsgw cookie directory needs to be writable by the admin server uid
Reviewed by: Nathan (Thanks!)
Fix Description: DS Gateway authentication breaks because the admin server uid cannot write to the bin/slapd/authck directory. This fix makes sure that directory is owned by the correct uid. I've also put a similar fix into the ds spec file %post section to fix this when upgrading from fds10 to fds101.
Platforms tested: Fedora Core 4
Flag Day: no
Doc impact: no
Index: ns-update
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/cm/newinst/ns-update,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- ns-update 17 Nov 2005 17:34:35 -0000 1.9
+++ ns-update 7 Dec 2005 21:29:14 -0000 1.10
@@ -200,4 +200,13 @@
./fix_secmod_db_64 $sroot/alias $sroot/shared32/bin
fi
+# chown the cookie directory - bug 175098
+if [ "$ssuser" ] ; then
+ if [ "$ssgrp" ] ; then
+ chown $ssuser:$ssgrp $sroot/bin/slapd/authck
+ else
+ chown $ssuser $sroot/bin/slapd/authck
+ fi
+fi
+
exit $rc
18 years, 4 months
[Fedora-directory-commits] ldapserver/ldap/admin/src create_instance.c, 1.23, 1.24
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/admin/src
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5433/ldapserver/ldap/admin/src
Modified Files:
create_instance.c
Log Message:
Bug(s) fixed: 175098
Bug Description: The dsgw cookie directory needs to be writable by the admin server uid
Reviewed by: Nathan (Thanks!)
Fix Description: DS Gateway authentication breaks because the admin server uid cannot write to the bin/slapd/authck directory. This fix makes sure that directory is owned by the correct uid. I've also put a similar fix into the ds spec file %post section to fix this when upgrading from fds10 to fds101.
Platforms tested: Fedora Core 4
Flag Day: no
Doc impact: no
Index: create_instance.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/create_instance.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- create_instance.c 21 Oct 2005 19:21:10 -0000 1.23
+++ create_instance.c 7 Dec 2005 21:29:08 -0000 1.24
@@ -1921,6 +1921,7 @@
PR_snprintf(subdir, sizeof(subdir), "%s%cbin%cslapd%cauthck", sroot, FILE_PATHSEP, FILE_PATHSEP, FILE_PATHSEP);
if( (t = create_instance_mkdir_p(subdir, NEWDIR_MODE)) )
return(t);
+ chownfile (pw, subdir);
return (t);
}
18 years, 4 months
[Fedora-directory-commits] ldapserver ldapserver.spec.tmpl, 1.18, 1.19
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5433/ldapserver
Modified Files:
ldapserver.spec.tmpl
Log Message:
Bug(s) fixed: 175098
Bug Description: The dsgw cookie directory needs to be writable by the admin server uid
Reviewed by: Nathan (Thanks!)
Fix Description: DS Gateway authentication breaks because the admin server uid cannot write to the bin/slapd/authck directory. This fix makes sure that directory is owned by the correct uid. I've also put a similar fix into the ds spec file %post section to fix this when upgrading from fds10 to fds101.
Platforms tested: Fedora Core 4
Flag Day: no
Doc impact: no
Index: ldapserver.spec.tmpl
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldapserver.spec.tmpl,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- ldapserver.spec.tmpl 16 Nov 2005 17:40:35 -0000 1.18
+++ ldapserver.spec.tmpl 7 Dec 2005 21:29:03 -0000 1.19
@@ -44,8 +44,8 @@
%define __os_install_post %{nil}
Summary: @COMPANY-PRODUCT-NAME@
Name: @LCASE-COMPANY-NAME-NOSP@-ds
-Version: @GEN-VERSION@
-Release: 2.@PLATFORM@
+Version: @NOSP-VERSION@
+Release: 1.@PLATFORM@
License: GPL plus extensions
Group: System Environment/Daemons
URL: @COMPANY-URL@
@@ -78,6 +78,8 @@
# the echo yes is for dsktune to continue
# the second echo yes is for some platforms that need it
(echo yes ; echo yes) | ./setup -b $RPM_BUILD_ROOT/%{prefix}
+# remove the setup log files so they aren't packaged
+rm -f $RPM_BUILD_ROOT/%{prefix}/setup/*/*.log
%clean
if [ -z "$RPM_INSTALL_PREFIX" ]; then
@@ -120,7 +122,37 @@
if [ -z "$RPM_INSTALL_PREFIX" ]; then
RPM_INSTALL_PREFIX=%{prefix}
fi
-echo "Install finished. Please run $RPM_INSTALL_PREFIX/setup/setup to set up the servers."
+if [ "$1" -ge 1 ] ; then
+# patch file to upgrade admin server from 1.0 to 1.0.1
+ if [ -f $RPM_INSTALL_PREFIX/setup/adminserver10to101.patch ] ; then
+ patch -d $RPM_INSTALL_PREFIX -p0 < $RPM_INSTALL_PREFIX/setup/adminserver10to101.patch
+ fi
+# patch file to fix start-admin on Fedora Core 2
+ if [ -f $RPM_INSTALL_PREFIX/setup/adminserver-start-admin.patch ] ; then
+ patch -d $RPM_INSTALL_PREFIX -p0 < $RPM_INSTALL_PREFIX/setup/adminserver-start-admin.patch
+ fi
+# fix up file permissions
+ testfile=$RPM_INSTALL_PREFIX/admin-serv/config/nss.conf
+ if [ ! -f $testfile ] ; then
+ testfile=$RPM_INSTALL_PREFIX/admin-serv/config/adm.conf
+ fi
+ if [ -f $testfile ] ; then
+ usergroup=`ls -l $testfile | awk '{print $3":"$4}'`
+ if [ -d $RPM_INSTALL_PREFIX/admin-serv/config ] ; then
+ chown $usergroup $RPM_INSTALL_PREFIX/admin-serv/config
+ fi
+ if [ -d $RPM_INSTALL_PREFIX/bin/slapd/authck ] ; then
+ chown $usergroup $RPM_INSTALL_PREFIX/bin/slapd/authck
+ fi
+ if [ -d $RPM_INSTALL_PREFIX/alias ] ; then
+ chown $usergroup $RPM_INSTALL_PREFIX/alias
+ fi
+ fi
+ echo "Install finished. Please restart your directory servers first,"
+ echo "then the admin server. Do not run setup."
+else
+ echo "Install finished. Please run $RPM_INSTALL_PREFIX/setup/setup to set up the servers."
+fi
%preun
# only run uninstall if this is the last version of the package
@@ -133,6 +165,11 @@
fi
%changelog
+* Tue Dec 6 2005 Rich Megginson <rmeggins(a)redhat.com> - 1.0.1-1
+- Use nosp version instead of gen version to get patch version numbers
+- Patch the admin server in the post install section
+- Remove the unnecessary log files after setup so they aren't packaged
+
* Wed Nov 09 2005 Nathan Kinder <nkinder(a)redhat.com> 7.1-2
- Changed cyrus-sasl dependency to >= 2.1.15 for RHEL3 compatibility
18 years, 4 months
[Fedora-directory-commits] ldapserver Makefile, 1.28, 1.29 internal_comp_deps.mk, 1.32, 1.33 nsdefs.mk, 1.15, 1.16
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5380/ldapserver
Modified Files:
Makefile internal_comp_deps.mk nsdefs.mk
Log Message:
Bug(s) fixed: 175053
Bug Description: The BUILD_BOMB is on by default
Reviewed by: Nathan (Thanks!)
Fix Description: Move the pumpkin and build bomb stuff into the internal makefiles. If you want the build bomb on, you have to set BUILD_PUMPKIN=1 on the make command line. The diff also contains some of the versioning for 1.0 to 1.0.1.
Platforms tested: Fedora Core 4
Flag Day: no
Doc impact: no
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/ldapserver/Makefile,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- Makefile 10 Nov 2005 01:35:45 -0000 1.28
+++ Makefile 7 Dec 2005 21:25:50 -0000 1.29
@@ -161,10 +161,6 @@
consoleComponents: $(DS_CONSOLE_COMPONENT_DEP)
-pumpkin:
- @echo NSOS_RELEASE is: $(NSOS_RELEASE)
- $(PERL) pumpkin.pl $(PUMPKIN_AGE) pumpkin.dat
-
buildnum:
if test ! -d $(BUILD_ARCH); then mkdir $(BUILD_ARCH); fi;
$(PERL) buildnum.pl -p $(BUILD_ARCH)
@@ -218,7 +214,7 @@
buildAndPkgDirectory: buildDirectory pkgDirectory
-buildDirectory: buildnum pumpkin $(OBJDIR) $(DIRVER_H) $(SDKVER_H) components
+buildDirectory: buildnum $(PUMPKIN_TARGET) $(OBJDIR) $(DIRVER_H) $(SDKVER_H) components
@echo
@echo
@echo ==== Starting LDAP Server ==========
@@ -357,6 +353,7 @@
-e 's/@COMPANY-PRODUCT-NAME@/Fedora Directory Server/g' \
-e 's/@LCASE-COMPANY-NAME-NOSP@/fedora/g' \
-e 's/@GEN-VERSION(a)/1.0/g' \
+ -e 's/@NOSP-VERSION(a)/1.0.1/g' \
-e 's+@COMPANY-URL@+http://directory.fedora.redhat.com/+g' \
ldapserver.spec.tmpl > $@
mv $@ $(OBJDIR)
Index: internal_comp_deps.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/internal_comp_deps.mk,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- internal_comp_deps.mk 4 Nov 2005 02:45:20 -0000 1.32
+++ internal_comp_deps.mk 7 Dec 2005 21:25:50 -0000 1.33
@@ -45,6 +45,13 @@
BUILD_MODE = ext
+ifdef BUILD_PUMPKIN
+PUMPKIN_AGE := 120
+#BUILD_BOMB=
+BUILD_BOMB=-DPUMPKIN_HOUR=$(shell cat $(BUILD_ROOT)/pumpkin.dat)
+BOMB=$(BUILD_BOMB)
+endif # BUILD_PUMPKIN
+
ifndef NSPR_SOURCE_ROOT
NSPR_IMPORT = $(COMPONENTS_DIR)/nspr20/$(NSPR_RELDATE)/$(FULL_RTL_OBJDIR)
NSPR_DEP = $(NSPR_LIBPATH)/libnspr4.$(LIB_SUFFIX)
@@ -732,3 +739,11 @@
then echo "Error: could not get component NT4SYNC files $@" ; \
fi
# Windows sync component for NT4
+
+# BUILD_BOMB stuff
+PUMPKIN_TARGET = pumpkin
+$(PUMPKIN_TARGET):
+ifdef BUILD_PUMPKIN
+ @echo NSOS_RELEASE is: $(NSOS_RELEASE)
+ $(PERL) pumpkin.pl $(PUMPKIN_AGE) pumpkin.dat
+endif # BUILD_PUMPKIN
Index: nsdefs.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/nsdefs.mk,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- nsdefs.mk 29 Oct 2005 02:25:50 -0000 1.15
+++ nsdefs.mk 7 Dec 2005 21:25:50 -0000 1.16
@@ -59,9 +59,6 @@
USE_HCL=1
-PUMPKIN_AGE := 120
-#BUILD_BOMB=
-BUILD_BOMB=-DPUMPKIN_HOUR=$(shell cat $(BUILD_ROOT)/pumpkin.dat)
BUILD_CHECKER=no
ifndef BUILD_DEBUG
BUILD_DEBUG=full
@@ -171,7 +168,6 @@
echo BUILD_SECURITY=$(BUILD_SECURITY)
echo BUILD_DEBUG=$(BUILD_DEBUG)
echo BUILD_NSPR_THREADS=$(BUILD_NSPR_THREADS)
-echo BUILD_BOMB=$(BUILD_BOMB)
echo BUILD_DLL_VERSION=$(BUILD_DLL_VERSION)
echo BUILD_HTTPDLL_NAME=$(BUILD_HTTPDLL_NAME)
echo BUILD_ADMIN_NAME=$(BUILD_ADMIN_NAME)
@@ -189,7 +185,6 @@
endif
SECURITY=$(BUILD_SECURITY)
DEBUG=$(BUILD_DEBUG)
-BOMB=$(BUILD_BOMB)
NSPR_THREADS=$(BUILD_NSPR_THREADS)
BUILD_DLL=$(BUILD_DLL_VERSION)
ADMINDLL_NAME=$(BUILD_ADMIN_NAME)
@@ -232,8 +227,8 @@
OBJDIR=$(COMMON_OBJDIR)
OBJDIR_32=$(COMMON_OBJDIR_32)
DO_SEARCH=no
-DIR_VERSION:=1.0
-NOSP_DIR_VERSION:=1.0
+DIR_VERSION:=1.0.1
+NOSP_DIR_VERSION:=1.0.1
DIR_NORM_VERSION:=1.0
PRODUCT_NAME="$(PRODUCTCORE) $(DIR_VERSION)"
# When you change DIRSDK_VERSION or DIRSDK_VERSION_DLL_SUFFIX, you must
18 years, 4 months
[Fedora-directory-commits] adminserver/admserv/cfgstuff admserv.conf, 1.11, 1.12 httpd.conf, 1.6, 1.7
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/cfgstuff
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3638/adminserver/admserv/cfgstuff
Modified Files:
admserv.conf httpd.conf
Log Message:
Bug(s) fixed: 174837
Bug Description: CVE-2005-3630 use of IFRAME exposes password from adm.conf for users
Reviewed by: Nathan, Rob C. (Thanks!)
Files: https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121993
Branch: HEAD
Fix Description: Just use the existing Apache security mechanisms to deny access to everything by default, then allow access to certain directories. In addition, there is a patch file I've checked in which can apply these diffs to an existing FDS 1.0 installtion. I've changed the packaging makefile to package the patch file into the setup directory where it will be used to patch an upgrade install of FDS 1.0.1 on top of FDS 1.0.
Platforms tested: Fedora Core 4
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: admserv.conf
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cfgstuff/admserv.conf,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- admserv.conf 19 Nov 2005 00:43:02 -0000 1.11
+++ admserv.conf 7 Dec 2005 20:46:06 -0000 1.12
@@ -25,7 +25,7 @@
SetEnv ADMSERV_ROOT %%%sroot%%%/admin-serv/config/
ADMCacheLifeTime 600
-ADMServerVersionString "Fedora-Administrator/1.0"
+ADMServerVersionString "Fedora-Administrator/1.0.1"
ScriptAlias /clients/orgchart/bin/ "%%%sroot%%%/clients/orgchart/bin/"
ScriptAlias /clients/dsgw/bin/ "%%%sroot%%%/clients/dsgw/bin/"
@@ -33,6 +33,45 @@
ScriptAlias /dist/ "%%%sroot%%%/dist/"
ScriptAlias /manual/help/ %%%sroot%%%/manual/help/
+# all access is explicitly denied by default in httpd.conf
+# the following Directory directives turn on access for specific
+# directories
+<Directory "%%%sroot%%%/java/">
+ AllowOverride None
+ Options None
+ Order allow,deny
+ Allow from all
+</Directory>
+
+<Directory "%%%sroot%%%/manual/">
+ AllowOverride None
+ Options None
+ Order allow,deny
+ Allow from all
+</Directory>
+
+<Directory "%%%sroot%%%/clients/*/*html/">
+ AllowOverride None
+ Options None
+ Order allow,deny
+ Allow from all
+</Directory>
+
+<Directory "%%%sroot%%%/clients/dsgw/*config/">
+ AllowOverride None
+ Options None
+ Order allow,deny
+ Allow from all
+</Directory>
+
+<Directory "%%%sroot%%%/bin/admin/admin/icons/">
+ AllowOverride None
+ Options None
+ Order allow,deny
+ Allow from all
+</Directory>
+
+# enable access for CGI progs/scripts
<Directory "%%%sroot%%%/clients/orgchart/bin/">
AllowOverride None
Options None
@@ -69,6 +108,8 @@
AuthType basic
AuthName "Admin Server"
Require valid-user
+ Order allow,deny
+ Allow from all
</Location>
# Handle Other Console tasks
@@ -79,6 +120,8 @@
Require valid-user
AdminSDK on
Options +ExecCGI
+ Order allow,deny
+ Allow from all
</LocationMatch>
# Handle Admin Express
@@ -90,6 +133,8 @@
AdminSDK on
NESCompatEnv on
Options +ExecCGI
+ Order allow,deny
+ Allow from all
</LocationMatch>
# Handle internal commands
@@ -98,6 +143,8 @@
AuthType basic
AuthName "Admin Server"
Require valid-user
+ Order allow,deny
+ Allow from all
</LocationMatch>
# Handle Stop, Start, Restart, Instance Creation - invoke mod_restartd
@@ -112,4 +159,6 @@
AdminSDK off
Options +ExecCGI
RetainPerms on
+ Order allow,deny
+ Allow from all
</LocationMatch>
Index: httpd.conf
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cfgstuff/httpd.conf,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- httpd.conf 3 Nov 2005 23:20:49 -0000 1.6
+++ httpd.conf 7 Dec 2005 20:46:06 -0000 1.7
@@ -248,9 +248,10 @@
#
# Controls who can get stuff from this server.
-#
- Order allow,deny
- Allow from all
+# By default, no one may access anything
+# Access must be explicitly granted in admserv.conf
+ Order deny,allow
+ Deny from all
</Directory>
18 years, 4 months
[Fedora-directory-commits] adminserver/admserv/cfgstuff adminserver-start-admin.patch, NONE, 1.1
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/cfgstuff
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1354
Added Files:
adminserver-start-admin.patch
Log Message:
patch to convert libldap- to libldap
adminserver-start-admin.patch:
--- NEW FILE adminserver-start-admin.patch ---
--- start-admin 9 Sep 2005 19:12:03 -0000 1.4
+++ start-admin 7 Dec 2005 17:27:40 -0000
@@ -41,17 +41,17 @@
HTTPD=%%%httpd%%%
# see if httpd is linked with the openldap libraries - we need to override them
OS=`uname -s`
if [ $OS = "Linux" ]; then
hasol=0
- /usr/bin/ldd $HTTPD 2>&1 | grep libldap- > /dev/null 2>&1 && hasol=1
+ /usr/bin/ldd $HTTPD 2>&1 | grep libldap > /dev/null 2>&1 && hasol=1
if [ $hasol -eq 1 ] ; then
LD_PRELOAD="${SERVER_ROOT}/bin/admin/lib/libssl3.so ${SERVER_ROOT}/bin/admin/lib/libldap50.so"
export LD_PRELOAD
fi
fi
$HTTPD -k start -d $ADMSERV_ROOT -f $ADMSERV_ROOT/config/httpd.conf "$@"
18 years, 4 months