Ready for release?

1bd26d59 · Kurt Zeilenga · 77ad6666 · 1bd26d59 · 1bd26d59 · 1bd26d59
Commit 1bd26d59 authored Sep 29, 2005 by Kurt Zeilenga
--- a/CHANGES
+++ b/CHANGES
@@ -12,6 +12,11 @@ OpenLDAP 2.3.8 Release
 	Fixed slapd rewrite session var set bug (ITS#4023)
 	Fixed slapd syncrepl empty uniqueMember bug (ITS#4040)
 	Fixed slapd alias resolution bug (ITS#4030)
+	Fixed slapd password-hash cleartext bug (ITS#4021)
+	Fixed slapd realloc zero bug (ITS#3981)
+	Fixed slapd nested overlay configuration bug (ITS#4047)
+	Fixed slapd password modify oldPassword ignore bug (ITS#4049)
+	Updated slapd authz backend detection (ITS#4018)
 	Fixed slapd-bdb/hdb pointer/integer size mismatch (ITS#4015)
 	Updated slapd-hdb index management
 	Fixed slapd-glue mixtures bug (ITS#3979)
@@ -31,8 +36,6 @@ OpenLDAP 2.3.8 Release
 	Fixed slapcat out-of-memory problem (ITS#4010)
 	Fixed slurpd unrecognized slave names bug (ITS#4012)
 	Fixed liblber dgram len bug (ITS#4046)
-	Updated slapd authz backend detection (ITS#4018)
-	Fixed slapd realloc zero bug (ITS#3981)
 	Documentation
 		Added slapo-valsort(5) man page (ITS#3994)
 		Added slap tool -F option documentation (ITS#4026)
@@ -40,6 +43,7 @@ OpenLDAP 2.3.8 Release
 		Fixed misc POSIX conformance issues (ITS#2667)
 		Fixed --without-threads build issue (ITS#4006)
 		Fixed test script exit checks (ITS#4045)
+		Added test suite parameterized directory support

 OpenLDAP 2.3.7 Release
 	Updated slapd ManageDIT support

--- a/libraries/liblutil/passwd.c
+++ b/libraries/liblutil/passwd.c
@@ -73,6 +73,10 @@ static lutil_cryptfunc lutil_crypt;
 lutil_cryptfunc *lutil_cryptptr = lutil_crypt;
 #endif

+/* KLUDGE:
+ *  chk_fn is NULL iff name is {CLEARTEXT}
+ *	otherwise, things will break
+ */
 struct pw_scheme {
 	struct berval name;
 	LUTIL_PASSWD_CHK_FUNC *chk_fn;
@@ -147,7 +151,7 @@ static const struct pw_scheme pw_schemes_default[] =

 #ifdef SLAPD_CLEARTEXT
 	/* pseudo scheme */
-	{ {0, "{CLEARTEXT}"},		NULL, hash_clear },
+	{ BER_BVC("{CLEARTEXT}"),	NULL, hash_clear },
 #endif

 	{ BER_BVNULL, NULL, NULL }
@@ -306,7 +310,9 @@ lutil_passwd(
 	 */
 	if (( passwd->bv_val[0] == '{' ) &&
 		( strchr( passwd->bv_val, '}' ) > passwd->bv_val+1 ))
+	{
 		return 1;
+	}
 	if( is_allowed_scheme("{CLEARTEXT}", schemes ) ) {
 		return ( passwd->bv_len == cred->bv_len ) ?
 			memcmp( passwd->bv_val, cred->bv_val, passwd->bv_len )

--- a/servers/slapd/back-ldbm/modrdn.c
+++ b/servers/slapd/back-ldbm/modrdn.c
@@ -163,10 +163,15 @@ ldbm_back_modrdn(
 	}

 	/* check parent for "children" acl */
-	if ( ! access_allowed( op, p, children, NULL,
+	rs->sr_err = access_allowed( op, p, children, NULL,
 			op->oq_modrdn.rs_newSup != NULL ?
 				ACL_WDEL : ACL_WRITE,
-			NULL ) )
+			NULL );
+
+	if ( BER_BVISEMPTY( &p_ndn ))
+		p = NULL;
+
+	if ( !rs->sr_err )
 	{
 		Debug( LDAP_DEBUG_TRACE, "no access to parent\n", 0,
 			0, 0 );
@@ -176,9 +181,6 @@ ldbm_back_modrdn(
 		goto return_results;
 	}

-	if ( BER_BVISEMPTY( &p_ndn ))
-		p = NULL;
-
 	Debug( LDAP_DEBUG_TRACE,
 		   "ldbm_back_modrdn: wr to children of entry %s OK\n",
 		   p_ndn.bv_val, 0, 0 );

--- a/servers/slapd/backglue.c
+++ b/servers/slapd/backglue.c
@@ -922,8 +922,6 @@ glue_sub_add( BackendDB *be, int advert, int online )
 int
 glue_sub_init()
 {
-	int rc;
-
 	glue.on_bi.bi_type = "glue";

 	glue.on_bi.bi_db_init = glue_db_init;

--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -1379,7 +1379,7 @@ config_passwd_hash(ConfigArgs *c) {
 	}
 	for(i = 1; i < c->argc; i++) {
 		if(!lutil_passwd_scheme(c->argv[i])) {
-			sprintf( c->msg, "<%s> schema not available", c->argv[0] );
+			sprintf( c->msg, "<%s> scheme not available", c->argv[0] );
 			Debug(LDAP_DEBUG_ANY, "%s: %s (%s)\n",
 				c->log, c->msg, c->argv[i]);
 		} else {

--- a/servers/slapd/main.c
+++ b/servers/slapd/main.c
@@ -261,14 +261,15 @@ int main( int argc, char **argv )
 	struct sync_cookie *scp = NULL;
 	struct sync_cookie *scp_entry = NULL;

+	char	*serverNamePrefix = "";
+	size_t	l;
+
 #ifdef CSRIMALLOC
 	FILE *leakfile;
 	if( ( leakfile = fopen( "slapd.leak", "w" )) == NULL ) {
 		leakfile = stderr;
 	}
 #endif
-	char	*serverNamePrefix = "";
-	size_t	l;

 	slap_sl_mem_init();


--- a/servers/slapd/passwd.c
+++ b/servers/slapd/passwd.c
@@ -68,13 +68,15 @@ int passwd_extop(
 		return LDAP_STRONG_AUTH_REQUIRED;
 	}

+	qpw->rs_old.bv_len = 0;
 	qpw->rs_old.bv_val = NULL;
+	qpw->rs_new.bv_len = 0;
 	qpw->rs_new.bv_val = NULL;
 	qpw->rs_mods = NULL;
 	qpw->rs_modtail = NULL;

-	rs->sr_err = slap_passwd_parse( op->ore_reqdata, &id, &qpw->rs_old,
-		&qpw->rs_new, &rs->sr_text );
+	rs->sr_err = slap_passwd_parse( op->ore_reqdata, &id,
+		&qpw->rs_old, &qpw->rs_new, &rs->sr_text );

 	if ( rs->sr_err == LDAP_SUCCESS && !BER_BVISEMPTY( &id ) ) {
 		Statslog( LDAP_DEBUG_STATS, "%s PASSMOD id=\"%s\"%s%s\n",
@@ -109,6 +111,12 @@ int passwd_extop(
 	}

 	if( op->o_bd == NULL ) {
+		if ( qpw->rs_old.bv_val != NULL ) {
+			rs->sr_text = "unwilling to verify old password";
+			rc = LDAP_UNWILLING_TO_PERFORM;
+			goto error_return;
+		}
+
 #ifdef HAVE_CYRUS_SASL
 		rc = slap_sasl_setpass( op, rs );
 #else
@@ -200,6 +208,12 @@ int passwd_extop(
 		goto error_return;
 	}

+	if ( qpw->rs_old.bv_val != NULL ) {
+		rs->sr_text = "unwilling to verify old password";
+		rc = LDAP_UNWILLING_TO_PERFORM;
+		goto error_return;
+	}
+
 	ml = ch_malloc( sizeof(Modifications) );
 	if ( !qpw->rs_modtail ) qpw->rs_modtail = &ml->sml_next;

@@ -349,6 +363,15 @@ int slap_passwd_parse( struct berval *reqdata,
 			goto decoding_error;
 		}

+		if( oldpass->bv_len == 0 ) {
+			Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: OLD empty.\n",
+				0, 0, 0 );
+
+			*text = "old password value is empty";
+			rc = LDAP_UNWILLING_TO_PERFORM;
+			goto done;
+		}
+
 		tag = ber_peek_tag( ber, &len );
 	}

@@ -371,6 +394,15 @@ int slap_passwd_parse( struct berval *reqdata,
 			goto decoding_error;
 		}

+		if( newpass->bv_len == 0 ) {
+			Debug( LDAP_DEBUG_TRACE, "slap_passwd_parse: NEW empty.\n",
+				0, 0, 0 );
+
+			*text = "new password value is empty";
+			rc = LDAP_UNWILLING_TO_PERFORM;
+			goto done;
+		}
+
 		tag = ber_peek_tag( ber, &len );
 	}


--- a/tests/data/slapd-aci.conf
+++ b/tests/data/slapd-aci.conf
@@ -13,16 +13,16 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include ./schema/core.schema
-include ./schema/cosine.schema
-include ./schema/inetorgperson.schema
-include ./schema/openldap.schema
-include ./schema/nis.schema
-include ./testdata/test.schema
+include		@SCHEMADIR@/core.schema
+include		@SCHEMADIR@/cosine.schema
+include		@SCHEMADIR@/inetorgperson.schema
+include		@SCHEMADIR@/openldap.schema
+include		@SCHEMADIR@/nis.schema
+include		@DATADIR@/test.schema

 #
-pidfile     ./testrun/slapd.1.pid
-argsfile    ./testrun/slapd.1.args
+pidfile		@TESTDIR@/slapd.1.pid
+argsfile	@TESTDIR@/slapd.1.args

 #mod#modulepath	../servers/slapd/back-@BACKEND@/
 #mod#moduleload	back_@BACKEND@.la
@@ -40,7 +40,7 @@ access to dn="cn=Subschema"

 database	@BACKEND@
 suffix		"dc=example,dc=com"
-directory	./testrun/db.1.a
+directory	@TESTDIR@/db.1.a
 rootdn		"cn=Manager,dc=example,dc=com"
 rootpw		secret
 #bdb#index		objectClass	eq

--- a/tests/data/slapd-acl.conf
+++ b/tests/data/slapd-acl.conf
@@ -14,13 +14,13 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include ./schema/core.schema
-include ./schema/cosine.schema
-include ./schema/inetorgperson.schema
-include ./schema/openldap.schema
-include ./schema/nis.schema
-pidfile     ./testrun/slapd.1.pid
-argsfile    ./testrun/slapd.1.args
+include		@SCHEMADIR@/core.schema
+include		@SCHEMADIR@/cosine.schema
+include		@SCHEMADIR@/inetorgperson.schema
+include		@SCHEMADIR@/openldap.schema
+include		@SCHEMADIR@/nis.schema
+pidfile		@TESTDIR@/slapd.1.pid
+argsfile	@TESTDIR@/slapd.1.args

 # global ACLs
 #
@@ -44,7 +44,7 @@ access		to *
 database	@BACKEND@
 #ldbm#cachesize	0
 suffix		"dc=example,dc=com"
-directory	./testrun/db.1.a
+directory	@TESTDIR@/db.1.a
 rootdn		"cn=Manager,dc=example,dc=com"
 rootpw		secret
 #bdb#index		objectClass	eq

--- a/tests/data/slapd-cache-master.conf
+++ b/tests/data/slapd-cache-master.conf
@@ -14,14 +14,14 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include ./schema/core.schema
-include ./schema/cosine.schema
-include ./schema/inetorgperson.schema
-include ./schema/openldap.schema
-include ./schema/nis.schema
+include @SCHEMADIR@/core.schema
+include @SCHEMADIR@/cosine.schema
+include @SCHEMADIR@/inetorgperson.schema
+include @SCHEMADIR@/openldap.schema
+include @SCHEMADIR@/nis.schema
 #
-pidfile     ./testrun/slapd.1.pid
-argsfile    ./testrun/slapd.1.args
+pidfile     @TESTDIR@/slapd.1.pid
+argsfile    @TESTDIR@/slapd.1.args

 #mod#modulepath	../servers/slapd/back-@BACKEND@/
 #mod#moduleload	back_@BACKEND@.la
@@ -34,7 +34,7 @@ argsfile    ./testrun/slapd.1.args

 database	@BACKEND@
 suffix		"dc=example,dc=com"
-directory	./testrun/db.1.a
+directory	@TESTDIR@/db.1.a
 rootdn		"cn=Manager,dc=example,dc=com"
 rootpw		secret
 #bdb#index		objectClass	eq

--- a/tests/data/slapd-chain1.conf
+++ b/tests/data/slapd-chain1.conf
@@ -14,13 +14,13 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include ./schema/core.schema
-include ./schema/cosine.schema
-include ./schema/inetorgperson.schema
-include ./schema/openldap.schema
-include ./schema/nis.schema
-pidfile     ./testrun/slapd.1.pid
-argsfile    ./testrun/slapd.1.args
+include		@SCHEMADIR@/core.schema
+include		@SCHEMADIR@/cosine.schema
+include		@SCHEMADIR@/inetorgperson.schema
+include		@SCHEMADIR@/openldap.schema
+include		@SCHEMADIR@/nis.schema
+pidfile		@TESTDIR@/slapd.1.pid
+argsfile	@TESTDIR@/slapd.1.args

 #mod#modulepath	../servers/slapd/back-@BACKEND@/
 #mod#moduleload	back_@BACKEND@.la
@@ -48,7 +48,7 @@ chain-acl-passwd	secret
 database	@BACKEND@
 #ldbm#cachesize	0
 suffix		"dc=example,dc=com"
-directory	./testrun/db.1.a
+directory	@TESTDIR@/db.1.a
 rootdn		"cn=Manager,dc=example,dc=com"
 rootpw		secret
 #bdb#index		objectClass	eq

--- a/tests/data/slapd-chain2.conf
+++ b/tests/data/slapd-chain2.conf
@@ -14,13 +14,13 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include ./schema/core.schema
-include ./schema/cosine.schema
-include ./schema/inetorgperson.schema
-include ./schema/openldap.schema
-include ./schema/nis.schema
-pidfile     ./testrun/slapd.2.pid
-argsfile    ./testrun/slapd.2.args
+include		@SCHEMADIR@/core.schema
+include		@SCHEMADIR@/cosine.schema
+include		@SCHEMADIR@/inetorgperson.schema
+include		@SCHEMADIR@/openldap.schema
+include		@SCHEMADIR@/nis.schema
+pidfile		@TESTDIR@/slapd.2.pid
+argsfile	@TESTDIR@/slapd.2.args

 #mod#modulepath	../servers/slapd/back-@BACKEND@/
 #mod#moduleload	back_@BACKEND@.la
@@ -41,7 +41,7 @@ argsfile    ./testrun/slapd.2.args
 database	@BACKEND@
 #ldbm#cachesize	0
 suffix		"dc=example,dc=com"
-directory	./testrun/db.2.a
+directory	@TESTDIR@/db.2.a
 rootdn		"cn=Manager,dc=example,dc=com"
 rootpw		secret
 #bdb#index		objectClass	eq

--- a/tests/data/slapd-component.conf
+++ b/tests/data/slapd-component.conf
@@ -14,19 +14,19 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include ./schema/core.schema
-include ./schema/cosine.schema
-include ./schema/inetorgperson.schema
-include ./schema/openldap.schema
-include ./schema/nis.schema
+include		@SCHEMADIR@/core.schema
+include		@SCHEMADIR@/cosine.schema
+include		@SCHEMADIR@/inetorgperson.schema
+include		@SCHEMADIR@/openldap.schema
+include		@SCHEMADIR@/nis.schema

-include ./testdata/test.schema
-include ./testdata/ditcontentrules.conf
+include		@DATADIR@/test.schema
+include		@DATADIR@/ditcontentrules.conf

-pidfile     ./testrun/slapd.1.pid
-argsfile    ./testrun/slapd.1.args
+pidfile		@TESTDIR@/slapd.1.pid
+argsfile	@TESTDIR@/slapd.1.args

-moduleload      ./testdata/comp_libs/compmatch.la
+moduleload      @DATADIR@/comp_libs/compmatch.la

 #mod#modulepath	../servers/slapd/back-@BACKEND@/
 #mod#moduleload	back_@BACKEND@.la
@@ -39,7 +39,7 @@ moduleload      ./testdata/comp_libs/compmatch.la

 database	@BACKEND@
 suffix		"dc=example,dc=com"
-directory	./testrun/db.1.a
+directory	@TESTDIR@/db.1.a
 rootdn		"cn=Manager,dc=example,dc=com"
 rootpw		secret
 #bdb#index		objectClass eq

--- a/tests/data/slapd-dn.conf
+++ b/tests/data/slapd-dn.conf
@@ -13,15 +13,15 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include ./schema/core.schema
-include ./schema/cosine.schema
-include ./schema/inetorgperson.schema
-include ./schema/openldap.schema
-include ./schema/nis.schema
+include		@SCHEMADIR@/core.schema
+include		@SCHEMADIR@/cosine.schema
+include		@SCHEMADIR@/inetorgperson.schema
+include		@SCHEMADIR@/openldap.schema
+include		@SCHEMADIR@/nis.schema

 #
-pidfile     ./testrun/slapd.1.pid
-argsfile    ./testrun/slapd.1.args
+pidfile		@TESTDIR@/slapd.1.pid
+argsfile	@TESTDIR@/slapd.1.args

 #mod#modulepath	../servers/slapd/back-@BACKEND@/
 #mod#moduleload	back_@BACKEND@.la
@@ -34,7 +34,7 @@ argsfile    ./testrun/slapd.1.args

 database	@BACKEND@
 suffix		"dc=example,dc=com"
-directory	./testrun/db.1.a
+directory	@TESTDIR@/db.1.a
 rootdn		"cn=Manager,dc=example,dc=com"
 rootpw		secret
 #bdb#index		objectClass	eq

--- a/tests/data/slapd-dnssrv.conf
+++ b/tests/data/slapd-dnssrv.conf
@@ -14,9 +14,9 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include ./schema/core.schema
-pidfile     ./test-db/slapd.pid
-argsfile    ./test-db/slapd.args
+include		@SCHEMADIR@/core.schema
+pidfile		@TESTDIR@/slapd.pid
+argsfile	@TESTDIR@/slapd.args

 sasl-secprops noanonymous
 #sasl-secprops none

--- a/tests/data/slapd-emptydn.conf
+++ b/tests/data/slapd-emptydn.conf
@@ -13,15 +13,15 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include ./schema/core.schema
-include ./schema/cosine.schema
-include ./schema/inetorgperson.schema
-include ./schema/openldap.schema
-include ./schema/nis.schema
+include		@SCHEMADIR@/core.schema
+include		@SCHEMADIR@/cosine.schema
+include		@SCHEMADIR@/inetorgperson.schema
+include		@SCHEMADIR@/openldap.schema
+include		@SCHEMADIR@/nis.schema

 #
-pidfile     ./testrun/slapd.1.pid
-argsfile    ./testrun/slapd.1.args
+pidfile		@TESTDIR@/slapd.1.pid
+argsfile	@TESTDIR@/slapd.1.args

 access		to dn.exact=""
 		by * read
@@ -40,7 +40,7 @@ access		to dn.exact="cn=Subschema"

 database	@BACKEND@
 suffix		"dc=example,dc=com"
-directory	./testrun/db.1.a
+directory	@TESTDIR@/db.1.a
 rootdn		"cn=Manager,dc=example,dc=com"
 rootpw		secret
 #bdb#index		objectClass	eq
@@ -65,7 +65,7 @@ access		to dn.subtree="dc=example,dc=com"

 database	@BACKEND@
 suffix		""
-directory	./testrun/db.2.a
+directory	@TESTDIR@/db.2.a
 rootdn		"cn=Manager,c=US"
 rootpw		secret
 #bdb#index		objectClass	eq

--- a/tests/data/slapd-glue-ldap.conf
+++ b/tests/data/slapd-glue-ldap.conf
@@ -13,14 +13,14 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include ./schema/core.schema
-include ./schema/cosine.schema
-include ./schema/inetorgperson.schema
-include ./schema/openldap.schema
-include ./schema/nis.schema
-include ./schema/ppolicy.schema
-pidfile     ./test-db/slapd.m.pid
-argsfile    ./test-db/slapd.m.args
+include		@SCHEMADIR@/core.schema
+include		@SCHEMADIR@/cosine.schema
+include		@SCHEMADIR@/inetorgperson.schema
+include		@SCHEMADIR@/openldap.schema
+include		@SCHEMADIR@/nis.schema
+include		@SCHEMADIR@/ppolicy.schema
+pidfile		@TESTDIR@/slapd.m.pid
+argsfile	@TESTDIR@/slapd.m.args

 #mod#modulepath	../servers/slapd/back-@BACKEND@/
 #mod#moduleload	back_@BACKEND@.la

--- a/tests/data/slapd-glue-syncrepl1.conf
+++ b/tests/data/slapd-glue-syncrepl1.conf
@@ -14,13 +14,13 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include		./schema/core.schema
-include		./schema/cosine.schema
-include		./schema/inetorgperson.schema
-include		./schema/openldap.schema
-include		./schema/nis.schema
-pidfile		./testrun/slapd.1.pid
-argsfile	./testrun/slapd.1.args
+include		@SCHEMADIR@/core.schema
+include		@SCHEMADIR@/cosine.schema
+include		@SCHEMADIR@/inetorgperson.schema
+include		@SCHEMADIR@/openldap.schema
+include		@SCHEMADIR@/nis.schema
+pidfile		@TESTDIR@/slapd.1.pid
+argsfile	@TESTDIR@/slapd.1.args

 #mod#modulepath	../servers/slapd/back-@BACKEND@/
 #mod#moduleload	back_@BACKEND@.la
@@ -35,7 +35,7 @@ argsfile	./testrun/slapd.1.args
 database	@BACKEND@
 suffix		"ou=Information Technology Division,ou=People,dc=example,dc=com"
 subordinate
-directory	./testrun/db.1.a
+directory	@TESTDIR@/db.1.a
 rootdn		"cn=Manager 1,dc=example,dc=com"
 #bdb#index		objectclass	eq
 #bdb#index		uid	pres,eq,sub
@@ -55,7 +55,7 @@ overlay		syncprov
 database	@BACKEND@
 suffix		"ou=Groups,dc=example,dc=com"
 subordinate
-directory	./testrun/db.1.b
+directory	@TESTDIR@/db.1.b
 rootdn		"cn=Manager 1,dc=example,dc=com"
 #bdb#index		objectclass	eq
 #bdb#index		uid	pres,eq,sub
@@ -88,7 +88,7 @@ updateref	@URI2@

 database	@BACKEND@
 suffix		"dc=example,dc=com"
-directory	./testrun/db.1.c
+directory	@TESTDIR@/db.1.c
 rootdn		"cn=Manager 1,dc=example,dc=com"
 rootpw		secret
 #bdb#index		objectclass	eq

--- a/tests/data/slapd-glue-syncrepl2.conf
+++ b/tests/data/slapd-glue-syncrepl2.conf
@@ -14,13 +14,13 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include		./schema/core.schema
-include		./schema/cosine.schema
-include		./schema/inetorgperson.schema
-include		./schema/openldap.schema
-include		./schema/nis.schema
-pidfile		./testrun/slapd.2.pid
-argsfile	./testrun/slapd.2.args
+include		@SCHEMADIR@/core.schema
+include		@SCHEMADIR@/cosine.schema
+include		@SCHEMADIR@/inetorgperson.schema
+include		@SCHEMADIR@/openldap.schema
+include		@SCHEMADIR@/nis.schema
+pidfile		@TESTDIR@/slapd.2.pid
+argsfile	@TESTDIR@/slapd.2.args

 #mod#modulepath	../servers/slapd/back-@BACKEND@/
 #mod#moduleload	back_@BACKEND@.la
@@ -35,7 +35,7 @@ argsfile	./testrun/slapd.2.args
 database	@BACKEND@
 suffix		"ou=Information Technology Division,ou=People,dc=example,dc=com"
 subordinate
-directory	./testrun/db.2.a
+directory	@TESTDIR@/db.2.a
 rootdn		"cn=Manager 2,dc=example,dc=com"
 #bdb#index		objectclass	eq
 #bdb#index		uid	pres,eq,sub
@@ -68,7 +68,7 @@ updateref	@URI1@
 database	@BACKEND@
 suffix		"ou=Groups,dc=example,dc=com"
 subordinate
-directory	./testrun/db.2.b
+directory	@TESTDIR@/db.2.b
 rootdn		"cn=Manager 2,dc=example,dc=com"
 #bdb#index		objectclass	eq
 #bdb#index		uid	pres,eq,sub
@@ -88,7 +88,7 @@ overlay		syncprov

 database	@BACKEND@
 suffix		"dc=example,dc=com"
-directory	./testrun/db.2.c
+directory	@TESTDIR@/db.2.c
 rootdn		"cn=Manager 2,dc=example,dc=com"
 rootpw		secret
 #bdb#index		objectclass	eq

--- a/tests/data/slapd-glue.conf
+++ b/tests/data/slapd-glue.conf
@@ -14,13 +14,13 @@
 ## top-level directory of the distribution or, alternatively, at
 ## <http://www.OpenLDAP.org/license.html>.

-include ./schema/core.schema
-include ./schema/cosine.schema
-include ./schema/inetorgperson.schema
-include ./schema/openldap.schema
-include ./schema/nis.schema
-pidfile     ./testrun/slapd.1.pid
-argsfile    ./testrun/slapd.1.args