--- Begin Message ---
Package: 389-admin
Version: 1.1.30-1
Severity: important
Tags: patch
User: [email protected]
Usertags: origin-ubuntu ubuntu-patch saucy
389-admin is still built against Apache 2.2 and configured accordingly,
but we're now on Apache 2.4. There's an upstream patch to improve
things, and I massaged it into the Debian packaging (it needs to go
below http_conf_fix because that patch needs to be extended to cover
2.4). I don't really have a setup where I can test this - could you
check this out to make sure I haven't broken anything?
* Build-depend on apache2-dev rather than apache2-threaded-dev.
* Backport upstream patch to handle Apache 2.4 module layout.
* Use group nogroup rather than nobody.
diff -Nru 389-admin-1.1.30/debian/control 389-admin-1.1.30/debian/control
--- 389-admin-1.1.30/debian/control 2012-06-28 12:22:42.000000000 +0100
+++ 389-admin-1.1.30/debian/control 2013-10-07 14:55:19.000000000 +0100
@@ -15,7 +15,7 @@
libperl-dev,
po-debconf,
389-ds-base-dev,
- apache2-threaded-dev,
+ apache2-dev,
libadminutil-dev,
apache2-mpm-worker,
libapache2-mod-nss,
diff -Nru 389-admin-1.1.30/debian/patches/apache_2.4.patch
389-admin-1.1.30/debian/patches/apache_2.4.patch
--- 389-admin-1.1.30/debian/patches/apache_2.4.patch 1970-01-01
01:00:00.000000000 +0100
+++ 389-admin-1.1.30/debian/patches/apache_2.4.patch 2013-10-07
14:54:46.000000000 +0100
@@ -0,0 +1,767 @@
+Description: Add configuration for Apache 2.4
+Author: Noriko Hosoi <[email protected]>
+Origin:
https://git.fedorahosted.org/cgit/389/admin.git/commit/?id=1e2a818e8403e8b4b5f346841ea7f06e7942d48c
+Forwarded: not-needed
+Last-Update: 2013-10-07
+
+Index: b/Makefile.am
+===================================================================
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -408,7 +408,8 @@
+ admserv/cfgstuff/nss.conf admserv/cfgstuff/httpd.conf
+
+ if APACHE24
+-HTTPD_CONF_SRC = admserv/cfgstuff/httpd-2.2.conf.in
++# F18 and newer
++HTTPD_CONF_SRC = admserv/cfgstuff/httpd-2.4.conf.in
+ else
+ if APACHE22
+ HTTPD_CONF_SRC = admserv/cfgstuff/httpd-2.2.conf.in
+Index: b/admserv/cfgstuff/httpd-2.4.conf.in
+===================================================================
+--- /dev/null
++++ b/admserv/cfgstuff/httpd-2.4.conf.in
+@@ -0,0 +1,742 @@
++# BEGIN COPYRIGHT BLOCK
++# Copyright (C) 2013 Red Hat, Inc.
++# All rights reserved.
++#
++# This program is free software; you can redistribute it and/or
++# modify it under the terms of the GNU General Public License
++# as published by the Free Software Foundation; version 2
++# of the License.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
USA.
++#
++
++# END COPYRIGHT BLOCK
++#
++# Based upon the NCSA server configuration files originally by Rob McCool.
++#
++# This is the main Apache server configuration file. It contains the
++# configuration directives that give the server its instructions.
++# See <URL:http://httpd.apache.org/docs-2.0/> for detailed information about
++# the directives.
++#
++# Do NOT simply read the instructions in here without understanding
++# what they do. They're here only as hints or reminders. If you are unsure
++# consult the online docs. You have been warned.
++#
++# The configuration directives are grouped into three basic sections:
++# 1. Directives that control the operation of the Apache server process as a
++# whole (the 'global environment').
++# 2. Directives that define the parameters of the 'main' or 'default' server,
++# which responds to requests that aren't handled by a virtual host.
++# These directives also provide default values for the settings
++# of all virtual hosts.
++# 3. Settings for virtual hosts, which allow Web requests to be sent to
++# different IP addresses or hostnames and have them handled by the
++# same Apache server process.
++#
++# Configuration and logfile names: If the filenames you specify for many
++# of the server's control files begin with "/" (or "drive:/" for Win32), the
++# server will use that explicit path. If the filenames do *not* begin
++# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
++# with ServerRoot set to "/path/redhat/apache" will be interpreted by the
++# server as "/path/redhat/apache/logs/foo.log".
++#
++
++### Section 1: Global Environment
++#
++# The directives in this section affect the overall operation of Apache,
++# such as the number of concurrent requests it can handle or where it
++# can find its configuration files.
++#
++
++#
++# ServerRoot: The top of the directory tree under which the server's
++# configuration, error, and log files are kept.
++#
++# NOTE! If you intend to place this on an NFS (or otherwise network)
++# mounted filesystem then please read the LockFile documentation (available
++# at <URL:http://httpd.apache.org/docs-2.0/mod/mpm_common.html#lockfile>);
++# you will save yourself a lot of trouble.
++#
++# Do NOT add a slash at the end of the directory path.
++#
++#ServerRoot This is passed in via the start-admin command line
++
++#
++# Timeout: The number of seconds before receives and sends time out.
++#
++Timeout 300
++
++#
++# KeepAlive: Whether or not to allow persistent connections (more than
++# one request per connection). Set to "Off" to deactivate.
++#
++KeepAlive Off
++
++#
++# MaxKeepAliveRequests: The maximum number of requests to allow
++# during a persistent connection. Set to 0 to allow an unlimited amount.
++# We recommend you leave this number high, for maximum performance.
++#
++MaxKeepAliveRequests 100
++
++#
++# KeepAliveTimeout: Number of seconds to wait for the next request from the
++# same client on the same connection.
++#
++KeepAliveTimeout 15
++
++# The console bombs on the x.y.z version format, so omit the .z
++ServerTokens Minor
++
++# start one server in multi threaded mode
++StartServers 1
++# mtm
++ServerLimit 1
++
++MaxClients 64
++MinSpareThreads 32
++MaxSpareThreads 64
++ThreadsPerChild 64
++
++#
++# Dynamic Shared Object (DSO) Support
++#
++# To be able to use the functionality of a module which was built as a DSO you
++# have to place corresponding `LoadModule' lines at this location so the
++# directives contained in it are actually available _before_ they are used.
++# Statically compiled modules (those listed by `httpd -l') do not need
++# to be loaded here.
++#
++# Example:
++# LoadModule foo_module modules/mod_foo.so
++LoadModule authz_host_module @moddir@/mod_authz_host.so
++LoadModule auth_basic_module @moddir@/mod_auth_basic.so
++LoadModule authn_file_module @moddir@/mod_authn_file.so
++LoadModule log_config_module @moddir@/mod_log_config.so
++LoadModule env_module @moddir@/mod_env.so
++LoadModule mime_magic_module @moddir@/mod_mime_magic.so
++LoadModule unique_id_module @moddir@/mod_unique_id.so
++LoadModule setenvif_module @moddir@/mod_setenvif.so
++LoadModule mime_module @moddir@/mod_mime.so
++LoadModule negotiation_module @moddir@/mod_negotiation.so
++LoadModule dir_module @moddir@/mod_dir.so
++LoadModule alias_module @moddir@/mod_alias.so
++LoadModule rewrite_module @moddir@/mod_rewrite.so
++LoadModule cgi_module @moddir@/mod_cgi.so
++LoadModule restartd_module @admmoddir@/mod_restartd.so
++LoadModule nss_module @nssmoddir@/libmodnss.so
++LoadModule admserv_module @admmoddir@/mod_admserv.so
++LoadModule mpm_worker_module @moddir@/mod_mpm_worker.so
++LoadModule access_compat_module @moddir@/mod_access_compat.so
++LoadModule authn_core_module @moddir@/mod_authn_core.so
++LoadModule authz_core_module @moddir@/mod_authz_core.so
++LoadModule authz_user_module @moddir@/mod_authz_user.so
++LoadModule unixd_module @moddir@/mod_unixd.so
++
++### Section 2: 'Main' server configuration
++#
++# The directives in this section set up the values used by the 'main'
++# server, which responds to any requests that aren't handled by a
++# <VirtualHost> definition. These values also provide defaults for
++# any <VirtualHost> containers you may define later in the file.
++#
++# All of these directives may appear inside <VirtualHost> containers,
++# in which case these default settings will be overridden for the
++# virtual host being defined.
++#
++
++#
++# ServerAdmin: Your address, where problems with the server should be
++# e-mailed. This address appears on some server-generated pages, such
++# as error documents. e.g. [email protected]
++#
++#ServerAdmin [email protected]
++
++#
++# ServerName gives the name and port that the server uses to identify itself.
++# This can often be determined automatically, but we recommend you specify
++# it explicitly to prevent problems during startup.
++#
++# If this is not set to valid DNS name for your host, server-generated
++# redirections will not work. See also the UseCanonicalName directive.
++#
++# If your host doesn't have a registered DNS name, enter its IP address here.
++# You will have to access it by its address anyway, and this will make
++# redirections work in a sensible way.
++#
++#ServerName www.example.com:80
++
++#
++# UseCanonicalName: Determines how Apache constructs self-referencing
++# URLs and the SERVER_NAME and SERVER_PORT variables.
++# When set "Off", Apache will use the Hostname and Port supplied
++# by the client. When set "On", Apache will use the value of the
++# ServerName directive.
++#
++UseCanonicalName Off
++
++#
++# DocumentRoot: The directory out of which you will serve your
++# documents. By default, all requests are taken from this directory, but
++# symbolic links and aliases may be used to point to other locations.
++#
++DocumentRoot @htmldir@
++
++#
++# Each directory to which Apache has access can be configured with respect
++# to which services and features are allowed and/or disabled in that
++# directory (and its subdirectories).
++#
++# First, we configure the "default" to be a very restrictive set of
++# features.
++#
++<Directory />
++ Options FollowSymLinks
++ AllowOverride None
++</Directory>
++
++#
++# Note that from this point forward you must specifically allow
++# particular features to be enabled - so if something's not working as
++# you might expect, make sure that you have specifically enabled it
++# below.
++#
++
++#
++# This should be changed to whatever you set DocumentRoot to.
++#
++<Directory @htmldir@>
++
++#
++# Possible values for the Options directive are "None", "All",
++# or any combination of:
++# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
++#
++# Note that "MultiViews" must be named *explicitly* --- "Options All"
++# doesn't give it to you.
++#
++# The Options directive is both complicated and important. Please see
++# http://httpd.apache.org/docs-2.0/mod/core.html#options
++# for more information.
++#
++ Options Indexes FollowSymLinks
++
++#
++# AllowOverride controls what directives may be placed in .htaccess files.
++# It can be "All", "None", or any combination of the keywords:
++# Options FileInfo AuthConfig Limit
++#
++ AllowOverride None
++
++#
++# Controls who can get stuff from this server.
++# By default, no one may access anything
++# Access must be explicitly granted in admserv.conf
++ Order deny,allow
++ Deny from all
++
++</Directory>
++
++#
++# DirectoryIndex: sets the file that Apache will serve if a directory
++# is requested.
++#
++# The index.html.var file (a type-map) is used to deliver content-
++# negotiated documents. The MultiViews Option can be used for the
++# same purpose, but it is much slower.
++#
++DirectoryIndex index.html index.html.var
++
++#
++# AccessFileName: The name of the file to look for in each directory
++# for additional configuration directives. See also the AllowOverride
++# directive.
++#
++AccessFileName .htaccess
++
++#
++# The following lines prevent .htaccess and .htpasswd files from being
++# viewed by Web clients.
++#
++<Files ~ "^\.ht">
++ Order allow,deny
++ Deny from all
++</Files>
++
++#
++# TypesConfig describes where the mime.types file (or equivalent) is
++# to be found.
++#
++TypesConfig /etc/mime.types
++
++#
++# DefaultType is the default MIME type the server will use for a document
++# if it cannot otherwise determine one, such as from filename extensions.
++# If your server contains mostly text or HTML documents, "text/plain" is
++# a good value. If most of your content is binary, such as applications
++# or images, you may want to use "application/octet-stream" instead to
++# keep browsers from trying to display binary files as though they are
++# text.
++#
++DefaultType none
++
++#
++# The mod_mime_magic module allows the server to use various hints from the
++# contents of the file itself to determine its type. The MIMEMagicFile
++# directive tells the module where the hint definitions are located.
++#
++<IfModule mod_mime_magic.c>
++ MIMEMagicFile @mimemagic@
++</IfModule>
++
++#
++# HostnameLookups: Log the names of clients or just their IP addresses
++# e.g., www.apache.org (on) or 204.62.129.132 (off).
++# The default is off because it'd be overall better for the net if people
++# had to knowingly turn this feature on, since enabling it means that
++# each client request will result in AT LEAST one lookup request to the
++# nameserver.
++#
++HostnameLookups Off
++
++#
++# EnableMMAP: Control whether memory-mapping is used to deliver
++# files (assuming that the underlying OS supports it).
++# The default is on; turn this off if you serve from NFS-mounted
++# filesystems. On some systems, turning it off (regardless of
++# filesystem) can improve performance; for details, please see
++# http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap
++#
++#EnableMMAP off
++
++#
++# EnableSendfile: Control whether the sendfile kernel support is
++# used to deliver files (assuming that the OS supports it).
++# The default is on; turn this off if you serve from NFS-mounted
++# filesystems. Please see
++# http://httpd.apache.org/docs-2.0/mod/core.html#enablesendfile
++#
++#EnableSendfile off
++
++#
++# LogLevel: Control the number of messages logged to the error_log.
++# Possible values include: debug, info, notice, warn, error, crit,
++# alert, emerg.
++#
++LogLevel warn
++
++#
++# The following directives define some format nicknames for use with
++# a CustomLog directive (see below).
++#
++LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
++LogFormat "%h %l %u %t \"%r\" %>s %b" common
++LogFormat "%{Referer}i -> %U" referer
++LogFormat "%{User-agent}i" agent
++
++# You need to enable mod_logio.c to use %I and %O
++#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I
%O" combinedio
++
++#
++# Optionally add a line containing the server version and virtual host
++# name to server-generated pages (internal error documents, FTP directory
++# listings, mod_status and mod_info output etc., but not CGI generated
++# documents or custom error documents).
++# Set to "EMail" to also include a mailto: link to the ServerAdmin.
++# Set to one of: On | Off | EMail
++#
++ServerSignature On
++
++#
++# Aliases: Add here as many aliases as you need (with no limit). The format
is
++# Alias fakename realname
++#
++# Note that if you include a trailing / on fakename then the server will
++# require it to be present in the URL. So "/icons" isn't aliased in this
++# example, only "/icons/". If the fakename is slash-terminated, then the
++# realname must also be slash terminated, and if the fakename omits the
++# trailing slash, the realname must also omit it.
++#
++# We include the /icons/ alias for FancyIndexed directory listings. If you
++# do not use FancyIndexing, you may comment this out.
++#
++
++#
++# This should be changed to the ServerRoot/manual/. The alias provides
++# the manual, even if you choose to move your DocumentRoot. You may comment
++# this out if you do not care for the documentation.
++#
++
++#
++# ScriptAlias: This controls which directories contain server scripts.
++# ScriptAliases are essentially the same as Aliases, except that
++# documents in the realname directory are treated as applications and
++# run by the server when requested rather than as documents sent to the
client.
++# The same rules about trailing "/" apply to ScriptAlias directives as to
++# Alias.
++#
++
++<IfModule mod_cgid.c>
++#
++# Additional to mod_cgid.c settings, mod_cgid has Scriptsock <path>
++# for setting UNIX socket for communicating with cgid.
++#
++Scriptsock @piddir@/admin-serv.cgisock
++</IfModule>
++
++# and this one is for mod_restartd because mod_cgid will consume the other one
++Scriptsock @piddir@/admin-serv.cgisock
++
++#
++# Redirect allows you to tell clients about documents which used to exist in
++# your server's namespace, but do not anymore. This allows you to tell the
++# clients where to look for the relocated document.
++# Example:
++# Redirect permanent /foo http://www.example.com/bar
++
++#
++# DefaultLanguage and AddLanguage allows you to specify the language of
++# a document. You can then use content negotiation to give a browser a
++# file in a language the user can understand.
++#
++# Specify a default language. This means that all data
++# going out without a specific language tag (see below) will
++# be marked with this one. You probably do NOT want to set
++# this unless you are sure it is correct for all cases.
++#
++# * It is generally better to not mark a page as
++# * being a certain language than marking it with the wrong
++# * language!
++#
++# DefaultLanguage nl
++#
++# Note 1: The suffix does not have to be the same as the language
++# keyword --- those with documents in Polish (whose net-standard
++# language code is pl) may wish to use "AddLanguage pl .po" to
++# avoid the ambiguity with the common suffix for perl scripts.
++#
++# Note 2: The example entries below illustrate that in some cases
++# the two character 'Language' abbreviation is not identical to
++# the two character 'Country' code for its country,
++# E.g. 'Danmark/dk' versus 'Danish/da'.
++#
++# Note 3: In the case of 'ltz' we violate the RFC by using a three char
++# specifier. There is 'work in progress' to fix this and get
++# the reference data for rfc1766 cleaned up.
++#
++# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
++# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
++# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
++# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
++# Norwegian (no) - Polish (pl) - Portugese (pt)
++# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
++# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
++#
++AddLanguage ca .ca
++AddLanguage cs .cz .cs
++AddLanguage da .dk
++AddLanguage de .de
++AddLanguage el .el
++AddLanguage en .en
++AddLanguage eo .eo
++AddLanguage es .es
++AddLanguage et .et
++AddLanguage fr .fr
++AddLanguage he .he
++AddLanguage hr .hr
++AddLanguage it .it
++AddLanguage ja .ja
++AddLanguage ko .ko
++AddLanguage ltz .ltz
++AddLanguage nl .nl
++AddLanguage nn .nn
++AddLanguage no .no
++AddLanguage pl .po
++AddLanguage pt .pt
++AddLanguage pt-BR .pt-br
++AddLanguage ru .ru
++AddLanguage sv .sv
++AddLanguage zh-CN .zh-cn
++AddLanguage zh-TW .zh-tw
++
++#
++# LanguagePriority allows you to give precedence to some languages
++# in case of a tie during content negotiation.
++#
++# Just list the languages in decreasing order of preference. We have
++# more or less alphabetized them here. You probably want to change this.
++#
++LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl
pt pt-BR ru sv zh-CN zh-TW
++
++#
++# ForceLanguagePriority allows you to serve a result page rather than
++# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
++# [in case no accepted languages matched the available variants]
++#
++ForceLanguagePriority Prefer Fallback
++
++#
++# Commonly used filename extensions to character sets. You probably
++# want to avoid clashes with the language extensions, unless you
++# are good at carefully testing your setup after each change.
++# See http://www.iana.org/assignments/character-sets for the
++# official list of charset names and their respective RFCs.
++#
++AddCharset ISO-8859-1 .iso8859-1 .latin1
++AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
++AddCharset ISO-8859-3 .iso8859-3 .latin3
++AddCharset ISO-8859-4 .iso8859-4 .latin4
++AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru
++AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb
++AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk
++AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb
++AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk
++AddCharset ISO-2022-JP .iso2022-jp .jis
++AddCharset ISO-2022-KR .iso2022-kr .kis
++AddCharset ISO-2022-CN .iso2022-cn .cis
++AddCharset Big5 .Big5 .big5
++# For russian, more than one charset is used (depends on client, mostly):
++AddCharset WINDOWS-1251 .cp-1251 .win-1251
++AddCharset CP866 .cp866
++AddCharset KOI8-r .koi8-r .koi8-ru
++AddCharset KOI8-ru .koi8-uk .ua
++AddCharset ISO-10646-UCS-2 .ucs2
++AddCharset ISO-10646-UCS-4 .ucs4
++AddCharset UTF-8 .utf8
++
++# The set below does not map to a specific (iso) standard
++# but works on a fairly wide range of browsers. Note that
++# capitalization actually matters (it should not, but it
++# does for some browsers).
++#
++# See http://www.iana.org/assignments/character-sets
++# for a list of sorts. But browsers support few.
++#
++AddCharset GB2312 .gb2312 .gb
++AddCharset utf-7 .utf7
++AddCharset utf-8 .utf8
++AddCharset big5 .big5 .b5
++AddCharset EUC-TW .euc-tw
++AddCharset EUC-JP .euc-jp
++AddCharset EUC-KR .euc-kr
++AddCharset shift_jis .sjis
++
++#
++# AddType allows you to add to or override the MIME configuration
++# file mime.types for specific file types.
++#
++#AddType application/x-tar .tgz
++#
++# AddEncoding allows you to have certain browsers uncompress
++# information on the fly. Note: Not all browsers support this.
++# Despite the name similarity, the following Add* directives have nothing
++# to do with the FancyIndexing customization directives above.
++#
++#AddEncoding x-compress .Z
++#AddEncoding x-gzip .gz .tgz
++#
++# If the AddEncoding directives above are commented-out, then you
++# probably should define those extensions to indicate media types:
++#
++AddType application/x-compress .Z
++AddType application/x-gzip .gz .tgz
++
++#
++# AddHandler allows you to map certain file extensions to "handlers":
++# actions unrelated to filetype. These can be either built into the server
++# or added with the Action directive (see below)
++#
++# To use CGI scripts outside of ScriptAliased directories:
++# (You will also need to add "ExecCGI" to the "Options" directive.)
++#
++AddHandler cgi-script .pl
++
++#
++# For files that include their own HTTP headers:
++#
++#AddHandler send-as-is asis
++
++#
++# For server-parsed imagemap files:
++#
++#AddHandler imap-file map
++
++#
++# For type maps (negotiated resources):
++# (This is enabled by default to allow the Apache "It Worked" page
++# to be distributed in multiple languages.)
++#
++AddHandler type-map var
++
++#
++# Filters allow you to process content before it is sent to the client.
++#
++# To parse .shtml files for server-side includes (SSI):
++# (You will also need to add "Includes" to the "Options" directive.)
++#
++#AddType text/html .shtml
++#AddOutputFilter INCLUDES .shtml
++
++#
++# Action lets you define media types that will execute a script whenever
++# a matching file is called. This eliminates the need for repeated URL
++# pathnames for oft-used CGI file processors.
++# Format: Action media/type /cgi-script/location
++# Format: Action handler-name /cgi-script/location
++#
++
++#
++# Customizable error responses come in three flavors:
++# 1) plain text 2) local redirects 3) external redirects
++#
++# Some examples:
++#ErrorDocument 500 "The server made a boo boo."
++#ErrorDocument 404 /missing.html
++#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
++#ErrorDocument 402 http://www.example.com/subscription_info.html
++#
++
++#
++# Putting this all together, we can internationalize error responses.
++#
++# We use Alias to redirect any /error/HTTP_<error>.html.var response to
++# our collection of by-error message multi-language collections. We use
++# includes to substitute the appropriate text.
++#
++# You can modify the messages' appearance without changing any of the
++# default HTTP_<error>.html.var files by adding the line:
++#
++# Alias /error/include/ "/your/include/path/"
++#
++# which allows you to create your own set of files by starting with the
++# /path/to/error/include/ files and copying them to /your/include/path/,
++# even on a per-VirtualHost basis. The default include files will display
++# your Apache version number and your ServerAdmin email address regardless
++# of the setting of ServerSignature.
++#
++# The internationalized error documents require mod_alias, mod_include
++# and mod_negotiation. To activate them, uncomment the following 30 lines.
++
++# Alias /error/ "/path/redhat/apache/error/"
++#
++# <Directory "/path/redhat/apache/error">
++# AllowOverride None
++# Options IncludesNoExec
++# AddOutputFilter Includes html
++# AddHandler type-map var
++# Order allow,deny
++# Allow from all
++# LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
++# ForceLanguagePriority Prefer Fallback
++# </Directory>
++#
++# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
++# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
++# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
++# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
++# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
++# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
++# ErrorDocument 410 /error/HTTP_GONE.html.var
++# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
++# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
++# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
++# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
++# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
++# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
++# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
++# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
++# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
++# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
++
++
++#
++# The following directives modify normal HTTP response behavior to
++# handle known problems with browser implementations.
++#
++BrowserMatch "Mozilla/2" nokeepalive
++BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
++BrowserMatch "RealPlayer 4\.0" force-response-1.0
++BrowserMatch "Java/1\.0" force-response-1.0
++BrowserMatch "JDK/1\.0" force-response-1.0
++
++#
++# The following directive disables redirects on non-GET requests for
++# a directory that does not include the trailing slash. This fixes a
++# problem with Microsoft WebFolders which does not appropriately handle
++# redirects for folders with DAV methods.
++# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
++#
++BrowserMatch "Microsoft Data Access Internet Publishing Provider"
redirect-carefully
++BrowserMatch "^WebDrive" redirect-carefully
++BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
++BrowserMatch "^gnome-vfs" redirect-carefully
++
++#
++# Allow server status reports generated by mod_status,
++# with the URL of http://servername/server-status
++# Change the ".example.com" to match your domain to enable.
++#
++#<Location /server-status>
++# SetHandler server-status
++# Order deny,allow
++# Deny from all
++# Allow from .example.com
++#</Location>
++
++#
++# Allow remote server configuration reports, with the URL of
++# http://servername/server-info (requires that mod_info.c be loaded).
++# Change the ".example.com" to match your domain to enable.
++#
++#<Location /server-info>
++# SetHandler server-info
++# Order deny,allow
++# Deny from all
++# Allow from .example.com
++#</Location>
++
++
++### Section 3: Virtual Hosts
++#
++# VirtualHost: If you want to maintain multiple domains/hostnames on your
++# machine you can setup VirtualHost containers for them. Most configurations
++# use only name-based virtual hosts so the server doesn't need to worry about
++# IP addresses. This is indicated by the asterisks in the directives below.
++#
++# Please see the documentation at
++# <URL:http://httpd.apache.org/docs-2.0/vhosts/>
++# for further details before you try to setup virtual hosts.
++#
++# You may use the command line option '-S' to verify your virtual host
++# configuration.
++
++#
++# Use name-based virtual hosting.
++#
++#NameVirtualHost *:80
++
++#
++# VirtualHost example:
++# Almost any Apache directive may go into a VirtualHost container.
++# The first VirtualHost section is used for requests without a known
++# server name.
++#
++#<VirtualHost *:80>
++# ServerAdmin [email protected]
++# DocumentRoot /www/docs/dummy-host.example.com
++# ServerName dummy-host.example.com
++# ErrorLog logs/dummy-host.example.com-error_log
++# CustomLog logs/dummy-host.example.com-access_log common
++#</VirtualHost>
++
++Include @configdir@/admserv.conf
++Include @configdir@/nss.conf
++Include @configdir@/console.conf
diff -Nru 389-admin-1.1.30/debian/patches/fix-group-name.patch
389-admin-1.1.30/debian/patches/fix-group-name.patch
--- 389-admin-1.1.30/debian/patches/fix-group-name.patch 1970-01-01
01:00:00.000000000 +0100
+++ 389-admin-1.1.30/debian/patches/fix-group-name.patch 2013-10-07
15:03:40.000000000 +0100
@@ -0,0 +1,18 @@
+Description: nobody's group is called "nogroup" on Debian, not "nobody"
+Author: Colin Watson <[email protected]>
+Forwarded: not-needed
+Last-Update: 2013-10-07
+
+Index: b/configure.ac
+===================================================================
+--- a/configure.ac
++++ b/configure.ac
+@@ -114,7 +114,7 @@
+
+ # server userid, groupid
+ httpduser=nobody
+-httpdgroup=nobody
++httpdgroup=nogroup
+ admservport=9830
+ admservip=0.0.0.0
+ # this is the subdir under $PACKAGE_BASE_NAME where admin server
diff -Nru 389-admin-1.1.30/debian/patches/fix-linking.patch
389-admin-1.1.30/debian/patches/fix-linking.patch
--- 389-admin-1.1.30/debian/patches/fix-linking.patch 2012-06-28
12:22:42.000000000 +0100
+++ 389-admin-1.1.30/debian/patches/fix-linking.patch 2013-10-07
14:55:46.000000000 +0100
@@ -5,11 +5,11 @@
libds-admin-serv.so didn't link against libldap2 though it used it's
symbols
-diff --git a/Makefile.am b/Makefile.am
-index 792f782..84dc317 100644
+Index: b/Makefile.am
+===================================================================
--- a/Makefile.am
+++ b/Makefile.am
-@@ -274,6 +274,7 @@ update_SCRIPTS = admserv/makeUpgradeTar.sh
+@@ -283,6 +283,7 @@
libds_admin_serv_la_SOURCES = $(libbase_a_SOURCES) $(libsi18n_a_SOURCES)
$(libadmin_a_SOURCES)
libds_admin_serv_la_LINK = $(MYLINK)
libds_admin_serv_la_LIBADD = $(ADMINUTIL_LINK) \
diff -Nru 389-admin-1.1.30/debian/patches/http_conf_fix
389-admin-1.1.30/debian/patches/http_conf_fix
--- 389-admin-1.1.30/debian/patches/http_conf_fix 2012-06-28
12:22:42.000000000 +0100
+++ 389-admin-1.1.30/debian/patches/http_conf_fix 2013-10-07
15:02:11.000000000 +0100
@@ -2,10 +2,10 @@
Description: comment out mod_log_config (built in) and rename mod_nss
dirsrv httpd.conf path fixes
-Index: 389-admin/admserv/cfgstuff/httpd-2.2.conf.in
+Index: b/admserv/cfgstuff/httpd-2.2.conf.in
===================================================================
---- 389-admin.orig/admserv/cfgstuff/httpd-2.2.conf.in 2011-10-11
15:33:59.489805355 +0300
-+++ 389-admin/admserv/cfgstuff/httpd-2.2.conf.in 2011-10-11
16:04:29.993761158 +0300
+--- a/admserv/cfgstuff/httpd-2.2.conf.in
++++ b/admserv/cfgstuff/httpd-2.2.conf.in
@@ -120,7 +120,7 @@
LoadModule authz_host_module @moddir@/mod_authz_host.so
LoadModule auth_basic_module @moddir@/mod_auth_basic.so
@@ -24,10 +24,10 @@
LoadModule admserv_module @admmoddir@/mod_admserv.so
### Section 2: 'Main' server configuration
-Index: 389-admin/admserv/cfgstuff/httpd.conf.in
+Index: b/admserv/cfgstuff/httpd.conf.in
===================================================================
---- 389-admin.orig/admserv/cfgstuff/httpd.conf.in 2011-10-11
16:02:22.689869333 +0300
-+++ 389-admin/admserv/cfgstuff/httpd.conf.in 2011-10-11 16:04:29.997761279
+0300
+--- a/admserv/cfgstuff/httpd.conf.in
++++ b/admserv/cfgstuff/httpd.conf.in
@@ -119,7 +119,7 @@
# LoadModule foo_module modules/mod_foo.so
LoadModule access_module @moddir@/mod_access.so
@@ -46,3 +46,33 @@
LoadModule admserv_module @admmoddir@/mod_admserv.so
### Section 2: 'Main' server configuration
+Index: b/admserv/cfgstuff/httpd-2.4.conf.in
+===================================================================
+--- a/admserv/cfgstuff/httpd-2.4.conf.in
++++ b/admserv/cfgstuff/httpd-2.4.conf.in
+@@ -120,7 +120,7 @@
+ LoadModule authz_host_module @moddir@/mod_authz_host.so
+ LoadModule auth_basic_module @moddir@/mod_auth_basic.so
+ LoadModule authn_file_module @moddir@/mod_authn_file.so
+-LoadModule log_config_module @moddir@/mod_log_config.so
++#LoadModule log_config_module @moddir@/mod_log_config.so
+ LoadModule env_module @moddir@/mod_env.so
+ LoadModule mime_magic_module @moddir@/mod_mime_magic.so
+ LoadModule unique_id_module @moddir@/mod_unique_id.so
+@@ -132,14 +132,14 @@
+ LoadModule rewrite_module @moddir@/mod_rewrite.so
+ LoadModule cgi_module @moddir@/mod_cgi.so
+ LoadModule restartd_module @admmoddir@/mod_restartd.so
+-LoadModule nss_module @nssmoddir@/libmodnss.so
++LoadModule nss_module @nssmoddir@/mod_nss.so
+ LoadModule admserv_module @admmoddir@/mod_admserv.so
+ LoadModule mpm_worker_module @moddir@/mod_mpm_worker.so
+ LoadModule access_compat_module @moddir@/mod_access_compat.so
+ LoadModule authn_core_module @moddir@/mod_authn_core.so
+ LoadModule authz_core_module @moddir@/mod_authz_core.so
+ LoadModule authz_user_module @moddir@/mod_authz_user.so
+-LoadModule unixd_module @moddir@/mod_unixd.so
++#LoadModule unixd_module @moddir@/mod_unixd.so
+
+ ### Section 2: 'Main' server configuration
+ #
diff -Nru 389-admin-1.1.30/debian/patches/series
389-admin-1.1.30/debian/patches/series
--- 389-admin-1.1.30/debian/patches/series 2012-06-28 12:22:42.000000000
+0100
+++ 389-admin-1.1.30/debian/patches/series 2013-10-07 15:02:33.000000000
+0100
@@ -1,4 +1,6 @@
man_page_fixes
+apache_2.4.patch
http_conf_fix
fix-linking.patch
fix-script-name-cgi.patch
+fix-group-name.patch
Thanks,
--
Colin Watson [[email protected]]
--- End Message ---
