diff options
author | deeenes | 2023-03-02 14:33:58 +0100 |
---|---|---|
committer | deeenes | 2023-03-03 01:37:33 +0100 |
commit | 77a5d65c0f2e9a4bed6c97c69d3045dbfa7fd291 (patch) | |
tree | 9ad9c5df8da6d9188977527e12597ee68230fb06 | |
parent | 5afbd4f47797399c4bb552db4fa657d1118dba9b (diff) | |
download | aur-77a5d65c0f2e9a4bed6c97c69d3045dbfa7fd291.tar.gz |
4.4.7 -> 5.5.0 (see squashed commits for details)
adopted the package in aur and set myself as maintainer
new patches for startup scripts
updated config keys according to v5.5.0
install script: disclaimer about license + certificates dir does not exist any more
systemd service: updated JRE version; extended timeout and little wait before start, as recommended
PKGBUILD for v5.5.0: updated patches, openjdk 17, accept license at installation, no certificates dir
systemd service: removed start delay, maybe not necessary
fixed trivial mistake in cypher-shell CLASSPATH
logged recent updates in SRCINFO
-rw-r--r-- | .SRCINFO | 22 | ||||
-rw-r--r-- | PKGBUILD | 36 | ||||
-rw-r--r-- | bin.patch | 12 | ||||
-rw-r--r-- | neo4j.conf | 339 | ||||
-rw-r--r-- | neo4j.install | 13 | ||||
-rw-r--r-- | neo4j.service | 3 | ||||
-rw-r--r-- | startup-scripts-fix-paths.patch | 101 | ||||
-rw-r--r-- | startup-scripts-paths.patch | 42 |
8 files changed, 313 insertions, 255 deletions
@@ -1,29 +1,27 @@ pkgbase = neo4j-enterprise pkgdesc = A fully transactional graph database implemented in Java - pkgver = 4.4.7 + pkgver = 5.5.0 pkgrel = 1 url = http://neo4j.org/ install = neo4j.install arch = any license = custom makedepends = patch - depends = jre11-openjdk-headless + depends = jre17-openjdk-headless conflicts = neo4j-community options = !strip backup = etc/neo4j/neo4j.conf - source = http://dist.neo4j.org/neo4j-enterprise-4.4.7-unix.tar.gz - source = bin.patch - source = startup-scripts-paths.patch + source = http://dist.neo4j.org/neo4j-enterprise-5.5.0-unix.tar.gz + source = startup-scripts-fix-paths.patch source = neo4j.conf source = neo4j.install source = neo4j.service source = neo4j-tmpfile.conf - sha256sums = b0a0fa18f8285f5860ad79d51f6a343143d31e37c9637f457da53631704a114e - sha256sums = 3d6485fe74e174044954216cbfecf0e87611952d9cb0a2e4dd5758aecbaaf3ae - sha256sums = 40848f03cb4fac18e992b7e2ed017d247fd5936e22599ee758f18ef77c2652aa - sha256sums = 49a3533e37212bf0cee4a1caa5eee2ff0cdb0e5f673a743dd7cd8149d96d7604 - sha256sums = f1c083521502749200cb24fb5dcf20ab2f988f3b31fef278d774e7089f034208 - sha256sums = 4e56e56e38cfe91755adf76642972bece509a9fd3f7d1851d65715fff762b9db - sha256sums = e1311352e05b1e698599b91883141b938ceb418abd7e6bc11cc964854f0a21e1 + sha256sums = 4e7a26d5ed0a89fce2c7f94dc756586f0e666f7d756e3fd1c4a0fddea98bfa46 + sha256sums = 4c5acebaa604a6ecf5ab998ae5c5f178ddde3a9a906241c60649492481b5ce52 + sha256sums = 5d5b0a2137dd093b1e18b264b4a54b9d1f84029100ef6a513361d71d1ddeb8f6 + sha256sums = 8cdf6de9864f66b8f435b8da5c04245a7fa23dde986cc7aec3133261e4003c64 + sha256sums = 42d4fa137d2a0eb1541780a4afef1bdaebf6c6e593cf7f285b527ea0e07bdf74 + sha256sums = e1311352e05b1e698599b91883141b938ceb418abd7e6bc11cc964854f0a21e1 pkgname = neo4j-enterprise @@ -1,45 +1,44 @@ -# Maintainer: Amina Khakimova <hakami1024@gmail.com> +# Maintainer: Denes Turei <turei.denes@gmail.com> +# Contributor: Amina Khakimova <hakami1024@gmail.com> # Contributor: Marcel Campello Ferreira <marcel.campello.ferreira@gmail.com> -# Contributor: Denes Turei <turei.denes@gmail.com> pkgname=neo4j-enterprise -pkgver=4.4.7 +pkgver=5.5.0 pkgrel=1 pkgdesc='A fully transactional graph database implemented in Java' arch=(any) url=http://neo4j.org/ license=(custom) makedepends=(patch) -depends=('jre11-openjdk-headless') +depends=('jre17-openjdk-headless') conflicts=(neo4j-community) backup=(etc/neo4j/neo4j.conf) options=(!strip) install=neo4j.install source=(http://dist.neo4j.org/neo4j-enterprise-$pkgver-unix.tar.gz - bin.patch - startup-scripts-paths.patch + startup-scripts-fix-paths.patch neo4j.conf neo4j.install neo4j.service neo4j-tmpfile.conf) -sha256sums=('b0a0fa18f8285f5860ad79d51f6a343143d31e37c9637f457da53631704a114e' - '3d6485fe74e174044954216cbfecf0e87611952d9cb0a2e4dd5758aecbaaf3ae' - '40848f03cb4fac18e992b7e2ed017d247fd5936e22599ee758f18ef77c2652aa' - '49a3533e37212bf0cee4a1caa5eee2ff0cdb0e5f673a743dd7cd8149d96d7604' - 'f1c083521502749200cb24fb5dcf20ab2f988f3b31fef278d774e7089f034208' - '4e56e56e38cfe91755adf76642972bece509a9fd3f7d1851d65715fff762b9db' + +sha256sums=('4e7a26d5ed0a89fce2c7f94dc756586f0e666f7d756e3fd1c4a0fddea98bfa46' + '4c5acebaa604a6ecf5ab998ae5c5f178ddde3a9a906241c60649492481b5ce52' + '5d5b0a2137dd093b1e18b264b4a54b9d1f84029100ef6a513361d71d1ddeb8f6' + '8cdf6de9864f66b8f435b8da5c04245a7fa23dde986cc7aec3133261e4003c64' + '42d4fa137d2a0eb1541780a4afef1bdaebf6c6e593cf7f285b527ea0e07bdf74' 'e1311352e05b1e698599b91883141b938ceb418abd7e6bc11cc964854f0a21e1') + prepare() { - cd $srcdir/neo4j-enterprise-$pkgver - patch -Np1 -i ../bin.patch - patch --strip=2 < ../startup-scripts-paths.patch + cd $srcdir/$pkgname-$pkgver + patch --forward --strip=1 --input=../startup-scripts-fix-paths.patch } + package() { - cd $srcdir/neo4j-enterprise-$pkgver + cd $srcdir/$pkgname-$pkgver # Config files CONFIG_DIR=etc/neo4j install -dm755 $pkgdir/$CONFIG_DIR - install -dm700 $pkgdir/$CONFIG_DIR/certificates [[ $(ls -A conf/* 2>/dev/null) ]] && cp -r data/* $pkgdir/$CONFIG_DIR install -Dm644 $srcdir/neo4j.conf $pkgdir/etc/neo4j/neo4j.conf @@ -86,6 +85,9 @@ package() { LICENSES_DIR=usr/share/licenses/neo4j install -dm755 $pkgdir/$LICENSES_DIR cp LICENSE.txt LICENSES.txt NOTICE.txt $pkgdir/$LICENSES_DIR + LICENSE_STATUS_DIR=$pkgdir/usr/share/java/neo4j/licenses + mkdir -p $LICENSE_STATUS_DIR + echo -n "yes" > $LICENSE_STATUS_DIR/ACCEPT_LICENSE_AGREEMENT # Service definition files install -Dm644 $srcdir/neo4j.service $pkgdir/usr/lib/systemd/system/neo4j.service diff --git a/bin.patch b/bin.patch deleted file mode 100644 index 5f422733521c..000000000000 --- a/bin.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -au0r neo4j-enterprise-orig/bin/neo4j-admin neo4j-enterprise-mod/bin/neo4j-admin ---- neo4j-enterprise-orig/bin/neo4j-admin -+++ neo4j-enterprise-mod/bin/neo4j-admin -@@ -3,0 +4,2 @@ -+export NEO4J_CONF=/etc/neo4j -+ -diff -au0r neo4j-enterprise-orig/bin/cypher-shell neo4j-enterprise-mod/bin/cypher-shell ---- neo4j-enterprise-orig/bin/cypher-shell -+++ neo4j-enterprise-mod/bin/cypher-shell -@@ -75,1 +75,1 @@ -- APP_HOME="$(cd "$(dirname "$0")" && pwd)" -+ APP_HOME="$(cd "$(dirname "$(readlink -f "$0")")" && pwd)" diff --git a/neo4j.conf b/neo4j.conf index 1a15c95c966d..e7352747d1d2 100644 --- a/neo4j.conf +++ b/neo4j.conf @@ -6,44 +6,43 @@ #***************************************************************** # The name of the default database. -#dbms.default_database=neo4j +#server.default_database=neo4j # Paths of directories in the installation. -dbms.directories.data=/var/lib/neo4j/data -dbms.directories.plugins=/usr/share/java/neo4j/plugins -dbms.directories.certificates=/etc/neo4j/certificates -dbms.directories.logs=/var/log/neo4j -dbms.directories.lib=/usr/share/java/neo4j -dbms.directories.run=/run/neo4j -dbms.directories.metrics=/var/lib/neo4j/data -dbms.directories.transaction.logs.root=/var/lib/neo4j/data/transactions -dbms.directories.dumps.root=/var/lib/neo4j/data/dumps +server.directories.data=/var/lib/neo4j/data +server.directories.plugins=/usr/share/java/neo4j/plugins +server.directories.logs=/var/log/neo4j +server.directories.lib=/usr/share/java/neo4j +server.directories.run=/run/neo4j +server.directories.metrics=/var/lib/neo4j/data +server.directories.transaction.logs.root=/var/lib/neo4j/data/transactions +server.directories.dumps.root=/var/lib/neo4j/data/dumps # This setting constrains all `LOAD CSV` import files to be under the `import` directory. Remove or comment it out to # allow files to be loaded from anywhere in the filesystem; this introduces possible security problems. See the # `LOAD CSV` section of the manual for details. -dbms.directories.import=import +server.directories.import=import # Whether requests to Neo4j are authenticated. # To disable authentication, uncomment this line -#dbms.security.auth_enabled=false +#server.security.auth_enabled=false # Enable this to be able to upgrade a store from an older version. -#dbms.allow_upgrade=true +#server.allow_upgrade=true # Number of databases in Neo4j is limited. # To change this limit please uncomment and adapt following setting: -# dbms.max_databases=100 +# server.max_databases=100 # Enable online backups to be taken from this database. -#dbms.backup.enabled=true +#server.backup.enabled=true # By default the backup service will only listen on localhost. # To enable remote backups you will have to bind to an external # network interface (e.g. 0.0.0.0 for all interfaces). # The protocol running varies depending on deployment. In a Causal Clustering environment this is the # same protocol that runs on causal_clustering.transaction_listen_address. -#dbms.backup.listen_address=0.0.0.0:6362 +#server.backup.listen_address=0.0.0.0:6362 #******************************************************************** # Memory Settings @@ -59,24 +58,24 @@ dbms.directories.import=import # Java Heap Size: by default the Java heap size is dynamically calculated based # on available system resources. Uncomment these lines to set specific initial # and maximum heap size. -#dbms.memory.heap.initial_size=512m -#dbms.memory.heap.max_size=512m +#server.memory.heap.initial_size=512m +#server.memory.heap.max_size=512m # The amount of memory to use for mapping the store files. # The default page cache memory assumes the machine is dedicated to running # Neo4j, and is heuristically set to 50% of RAM minus the Java heap size. -#dbms.memory.pagecache.size=10g +#server.memory.pagecache.size=10g # Limit the amount of memory that all of the running transaction can consume. # By default there is no limit. -#dbms.memory.transaction.global_max_size=256m +#server.memory.transaction.global_max_size=256m # Limit the amount of memory that a single transaction can consume. # By default there is no limit. -#dbms.memory.transaction.max_size=16m +#server.memory.transaction.max_size=16m # Transaction state location. It is recommended to use ON_HEAP. -dbms.tx_state.memory_allocation=ON_HEAP +db.tx_state.memory_allocation=ON_HEAP #***************************************************************** # Network connector configuration @@ -84,7 +83,7 @@ dbms.tx_state.memory_allocation=ON_HEAP # With default configuration Neo4j only accepts local connections. # To accept non-local connections, uncomment this line: -#dbms.default_listen_address=0.0.0.0 +#server.default_listen_address=0.0.0.0 # You can also choose a specific network interface, and configure a non-default # port for each connector, by setting their individual listen_address. @@ -92,7 +91,7 @@ dbms.tx_state.memory_allocation=ON_HEAP # The address at which this server can be reached by its clients. This may be the server's IP address or DNS name, or # it may be the address of a reverse proxy which sits in front of the server. This setting may be overridden for # individual connectors below. -#dbms.default_advertised_address=localhost +#server.default_advertised_address=localhost # You can also choose a specific advertised hostname or IP address, and # configure an advertised port for each connector, by setting their @@ -103,38 +102,38 @@ dbms.tx_state.memory_allocation=ON_HEAP # Read more in SSL policy section in this file for how to define a SSL policy. # Bolt connector -dbms.connector.bolt.enabled=true -#dbms.connector.bolt.tls_level=DISABLED -#dbms.connector.bolt.listen_address=:7687 -#dbms.connector.bolt.advertised_address=:7687 +server.bolt.enabled=true +#server.bolt.tls_level=DISABLED +#server.bolt.listen_address=:7687 +#server.bolt.advertised_address=:7687 # HTTP Connector. There can be zero or one HTTP connectors. -dbms.connector.http.enabled=true -#dbms.connector.http.listen_address=:7474 -#dbms.connector.http.advertised_address=:7474 +server.http.enabled=true +#server.http.listen_address=:7474 +#server.http.advertised_address=:7474 # HTTPS Connector. There can be zero or one HTTPS connectors. -dbms.connector.https.enabled=false -#dbms.connector.https.listen_address=:7473 -#dbms.connector.https.advertised_address=:7473 +server.https.enabled=false +#server.https.listen_address=:7473 +#server.https.advertised_address=:7473 # Cluster Routing Connector. Enables the opening of an additional port to allow # for internal communication using the same security configuration as CLUSTER -#dbms.routing.enabled=false +#server.routing.enabled=false # Customize the listen address and advertised address used for the routing connector. -#dbms.routing.listen_address=0.0.0.0:7688 -#dbms.routing.advertised_address=:7688 +#server.routing.listen_address=0.0.0.0:7688 +#server.routing.advertised_address=:7688 # Number of Neo4j worker threads. -#dbms.threads.worker_count= +#server.threads.worker_count= #***************************************************************** # SSL policy configuration #***************************************************************** # Each policy is configured under a separate namespace, e.g. -# dbms.ssl.policy.<scope>.* +# server.ssl.policy.<scope>.* # <scope> can be any of 'bolt', 'https', 'cluster' or 'backup' # # The scope is the name of the component where the policy will be used @@ -142,16 +141,16 @@ dbms.connector.https.enabled=false # Allowable values are 'bolt', 'https', 'cluster' or 'backup'. # E.g if bolt and https connectors should use the same policy, the following could be declared -# dbms.ssl.policy.bolt.base_directory=certificates/default -# dbms.ssl.policy.https.base_directory=certificates/default +# server.ssl.policy.bolt.base_directory=certificates/default +# server.ssl.policy.https.base_directory=certificates/default # However, it's strongly encouraged to not use the same key pair for multiple scopes. # # N.B: Note that a connector must be configured to support/require # SSL/TLS for the policy to actually be utilized. # -# see: dbms.connector.*.tls_level +# see: server.*.tls_level -# SSL settings (dbms.ssl.policy.<scope>.*) +# SSL settings (server.ssl.policy.<scope>.*) # .base_directory Base directory for SSL policies paths. All relative paths within the # SSL configuration will be resolved from the base dir. # @@ -180,106 +179,106 @@ dbms.connector.https.enabled=false # the JVM platform. # Bolt SSL configuration -#dbms.ssl.policy.bolt.enabled=true -#dbms.ssl.policy.bolt.base_directory=certificates/bolt -#dbms.ssl.policy.bolt.private_key=private.key -#dbms.ssl.policy.bolt.public_certificate=public.crt -#dbms.ssl.policy.bolt.client_auth=NONE +#server.ssl.policy.bolt.enabled=true +#server.ssl.policy.bolt.base_directory=certificates/bolt +#server.ssl.policy.bolt.private_key=private.key +#server.ssl.policy.bolt.public_certificate=public.crt +#server.ssl.policy.bolt.client_auth=NONE # Https SSL configuration -#dbms.ssl.policy.https.enabled=true -#dbms.ssl.policy.https.base_directory=certificates/https -#dbms.ssl.policy.https.private_key=private.key -#dbms.ssl.policy.https.public_certificate=public.crt -#dbms.ssl.policy.https.client_auth=NONE +#server.ssl.policy.https.enabled=true +#server.ssl.policy.https.base_directory=certificates/https +#server.ssl.policy.https.private_key=private.key +#server.ssl.policy.https.public_certificate=public.crt +#server.ssl.policy.https.client_auth=NONE # Cluster SSL configuration -#dbms.ssl.policy.cluster.enabled=true -#dbms.ssl.policy.cluster.base_directory=certificates/cluster -#dbms.ssl.policy.cluster.private_key=private.key -#dbms.ssl.policy.cluster.public_certificate=public.crt +#server.ssl.policy.cluster.enabled=true +#server.ssl.policy.cluster.base_directory=certificates/cluster +#server.ssl.policy.cluster.private_key=private.key +#server.ssl.policy.cluster.public_certificate=public.crt # Backup SSL configuration -#dbms.ssl.policy.backup.enabled=true -#dbms.ssl.policy.backup.base_directory=certificates/backup -#dbms.ssl.policy.backup.private_key=private.key -#dbms.ssl.policy.backup.public_certificate=public.crt +#server.ssl.policy.backup.enabled=true +#server.ssl.policy.backup.base_directory=certificates/backup +#server.ssl.policy.backup.private_key=private.key +#server.ssl.policy.backup.public_certificate=public.crt #***************************************************************** # Logging configuration #***************************************************************** # To enable HTTP logging, uncomment this line -#dbms.logs.http.enabled=true +#server.logs.http.enabled=true # Number of HTTP logs to keep. -#dbms.logs.http.rotation.keep_number=5 +#server.logs.http.rotation.keep_number=5 # Size of each HTTP log that is kept. -#dbms.logs.http.rotation.size=20m +#server.logs.http.rotation.size=20m # To enable GC Logging, uncomment this line -#dbms.logs.gc.enabled=true +#server.logs.gc.enabled=true # GC Logging Options # see https://docs.oracle.com/en/java/javase/11/tools/java.html#GUID-BE93ABDC-999C-4CB5-A88B-1994AAAC74D5 -#dbms.logs.gc.options=-Xlog:gc*,safepoint,age*=trace +#server.logs.gc.options=-Xlog:gc*,safepoint,age*=trace # Number of GC logs to keep. -#dbms.logs.gc.rotation.keep_number=5 +#server.logs.gc.rotation.keep_number=5 # Size of each GC log that is kept. -#dbms.logs.gc.rotation.size=20m +#server.logs.gc.rotation.size=20m # Log level for the debug log. One of DEBUG, INFO, WARN and ERROR. Be aware that logging at DEBUG level can be very verbose. -#dbms.logs.debug.level=INFO +#server.logs.debug.level=INFO # Size threshold for rotation of the debug log. If set to zero then no rotation will occur. Accepts a binary suffix "k", # "m" or "g". -#dbms.logs.debug.rotation.size=20m +#server.logs.debug.rotation.size=20m # Maximum number of history files for the internal log. -#dbms.logs.debug.rotation.keep_number=7 +#server.logs.debug.rotation.keep_number=7 # Log executed queries. One of OFF, INFO and VERBOSE. INFO logs queries longer than a given threshold, VERBOSE logs start and end of all queries. -#dbms.logs.query.enabled=VERBOSE +#server.logs.query.enabled=VERBOSE # If the execution of query takes more time than this threshold, the query is logged. If set to zero then all queries -# are logged. Only used if `dbms.logs.query.enabled` is set to INFO -#dbms.logs.query.threshold=0 +# are logged. Only used if `server.logs.query.enabled` is set to INFO +#server.logs.query.threshold=0 # The file size in bytes at which the query log will auto-rotate. If set to zero then no rotation will occur. Accepts a # binary suffix "k", "m" or "g". -#dbms.logs.query.rotation.size=20m +#server.logs.query.rotation.size=20m # Maximum number of history files for the query log. -#dbms.logs.query.rotation.keep_number=7 +#server.logs.query.rotation.keep_number=7 # Include parameters for the executed queries being logged (this is enabled by default). -#dbms.logs.query.parameter_logging_enabled=true +#server.logs.query.parameter_logging_enabled=true # Uncomment this line to include detailed time information for the executed queries being logged: -#dbms.logs.query.time_logging_enabled=true +#server.logs.query.time_logging_enabled=true # Uncomment this line to include bytes allocated by the executed queries being logged: -#dbms.logs.query.allocation_logging_enabled=true +#server.logs.query.allocation_logging_enabled=true # Uncomment this line to include page hits and page faults information for the executed queries being logged: -#dbms.logs.query.page_logging_enabled=true +#server.logs.query.page_logging_enabled=true -# The security log is always enabled when `dbms.security.auth_enabled=true`, and resides in `logs/security.log`. +# The security log is always enabled when `server.security.auth_enabled=true`, and resides in `logs/security.log`. # Log level for the security log. One of DEBUG, INFO, WARN and ERROR. -#dbms.logs.security.level=INFO +#server.logs.security.level=INFO # Threshold for rotation of the security log. -#dbms.logs.security.rotation.size=20m +#server.logs.security.rotation.size=20m # Minimum time interval after last rotation of the security log before it may be rotated again. -#dbms.logs.security.rotation.delay=300s +#server.logs.security.rotation.delay=300s # Maximum number of history files for the security log. -#dbms.logs.security.rotation.keep_number=7 +#server.logs.security.rotation.keep_number=7 #***************************************************************** # Causal Clustering Configuration @@ -293,7 +292,7 @@ dbms.connector.https.enabled=false # CORE - Core member of the cluster, part of the consensus quorum. # READ_REPLICA - Read replica in the cluster, an eventually-consistent read-only instance of the database. # To operate this Neo4j instance in Causal Clustering mode as a core member, uncomment this line: -#dbms.mode=CORE +#server.mode=CORE # Expected number of Core servers in the cluster at formation #causal_clustering.minimum_core_cluster_size_at_formation=3 @@ -458,22 +457,22 @@ dbms.connector.https.enabled=false # This can be one of the built-in `native` or `ldap` auth providers, # or it can be an externally provided plugin, with a custom name prefixed by `plugin`, # i.e. `plugin-<AUTH_PROVIDER_NAME>`. -#dbms.security.authentication_providers=native -#dbms.security.authorization_providers=native +#server.security.authentication_providers=native +#server.security.authorization_providers=native # The time to live (TTL) for cached authentication and authorization info when using # external auth providers (LDAP or plugin). Setting the TTL to 0 will # disable auth caching. -#dbms.security.auth_cache_ttl=10m +#server.security.auth_cache_ttl=10m # The maximum capacity for authentication and authorization caches (respectively). -#dbms.security.auth_cache_max_capacity=10000 +#server.security.auth_cache_max_capacity=10000 # Set to log successful authentication events to the security log. # If this is set to `false` only failed authentication events will be logged, which # could be useful if you find that the successful events spam the logs too much, # and you do not require full auditing capability. -#dbms.security.log_successful_authentication=true +#server.security.log_successful_authentication=true #================================================ # LDAP Auth Provider Configuration @@ -485,29 +484,29 @@ dbms.connector.https.enabled=false # The default port for `ldap` is 389 and for `ldaps` 636. # For example: `ldaps://ldap.example.com:10389`. # -# NOTE: You may want to consider using STARTTLS (`dbms.security.ldap.use_starttls`) instead of LDAPS +# NOTE: You may want to consider using STARTTLS (`server.security.ldap.use_starttls`) instead of LDAPS # for secure connections, in which case the correct protocol is `ldap`. -#dbms.security.ldap.host=localhost +#server.security.ldap.host=localhost # Use secure communication with the LDAP server using opportunistic TLS. # First an initial insecure connection will be made with the LDAP server, and then a STARTTLS command # will be issued to negotiate an upgrade of the connection to TLS before initiating authentication. -#dbms.security.ldap.use_starttls=false +#server.security.ldap.use_starttls=false # The LDAP referral behavior when creating a connection. This is one of `follow`, `ignore` or `throw`. # `follow` automatically follows any referrals # `ignore` ignores any referrals # `throw` throws an exception, which will lead to authentication failure -#dbms.security.ldap.referral=follow +#server.security.ldap.referral=follow # The timeout for establishing an LDAP connection. If a connection with the LDAP server cannot be # established within the given time the attempt is aborted. # A value of 0 means to use the network protocol's (i.e., TCP's) timeout value. -#dbms.security.ldap.connection_timeout=30s +#server.security.ldap.connection_timeout=30s # The timeout for an LDAP read request (i.e. search). If the LDAP server does not respond within # the given time the request will be aborted. A value of 0 means wait for a response indefinitely. -#dbms.security.ldap.read_timeout=30s +#server.security.ldap.read_timeout=30s #---------------------------------- # LDAP Authentication Configuration @@ -517,26 +516,26 @@ dbms.connector.https.enabled=false # for example `DIGEST-MD5`. `simple` is basic username # and password authentication and SASL is used for more advanced mechanisms. See RFC 2251 LDAPv3 # documentation for more details. -#dbms.security.ldap.authentication.mechanism=simple +#server.security.ldap.authentication.mechanism=simple # LDAP user DN template. An LDAP object is referenced by its distinguished name (DN), and a user DN is # an LDAP fully-qualified unique user identifier. This setting is used to generate an LDAP DN that # conforms with the LDAP directory's schema from the user principal that is submitted with the # authentication token when logging in. # The special token {0} is a placeholder where the user principal will be substituted into the DN string. -#dbms.security.ldap.authentication.user_dn_template=uid={0},ou=users,dc=example,dc=com +#server.security.ldap.authentication.user_dn_template=uid={0},ou=users,dc=example,dc=com # Determines if the result of authentication via the LDAP server should be cached or not. # Caching is used to limit the number of LDAP requests that have to be made over the network # for users that have already been authenticated successfully. A user can be authenticated against # an existing cache entry (instead of via an LDAP server) as long as it is alive -# (see `dbms.security.auth_cache_ttl`). +# (see `server.security.auth_cache_ttl`). # An important consequence of setting this to `true` is that # Neo4j then needs to cache a hashed version of the credentials in order to perform credentials # matching. This hashing is done using a cryptographic hash function together with a random salt. # Preferably a conscious decision should be made if this method is considered acceptable by # the security standards of the organization in which this Neo4j instance is deployed. -#dbms.security.ldap.authentication.cache_enabled=true +#server.security.ldap.authentication.cache_enabled=true #---------------------------------- # LDAP Authorization Configuration @@ -548,7 +547,7 @@ dbms.connector.https.enabled=false # # If this is set to `false` (default), the search for group membership will be performed # directly after authentication using the LDAP context bound with the user's own account. -# The mapped roles will be cached for the duration of `dbms.security.auth_cache_ttl`, +# The mapped roles will be cached for the duration of `server.security.auth_cache_ttl`, # and then expire, requiring re-authentication. To avoid frequently having to re-authenticate # sessions you may want to set a relatively long auth cache expiration time together with this option. # NOTE: This option will only work if the users are permitted to search for their @@ -557,34 +556,34 @@ dbms.connector.https.enabled=false # If this is set to `true`, the search will be performed using a special system account user # with read access to all the users in the directory. # You need to specify the username and password using the settings -# `dbms.security.ldap.authorization.system_username` and -# `dbms.security.ldap.authorization.system_password` with this option. +# `server.security.ldap.authorization.system_username` and +# `server.security.ldap.authorization.system_password` with this option. # Note that this account only needs read access to the relevant parts of the LDAP directory # and does not need to have access rights to Neo4j, or any other systems. -#dbms.security.ldap.authorization.use_system_account=false +#server.security.ldap.authorization.use_system_account=false # An LDAP system account username to use for authorization searches when -# `dbms.security.ldap.authorization.use_system_account` is `true`. -# Note that the `dbms.security.ldap.authentication.user_dn_template` will not be applied to this username, +# `server.security.ldap.authorization.use_system_account` is `true`. +# Note that the `server.security.ldap.authentication.user_dn_template` will not be applied to this username, # so you may have to specify a full DN. -#dbms.security.ldap.authorization.system_username= +#server.security.ldap.authorization.system_username= # An LDAP system account password to use for authorization searches when -# `dbms.security.ldap.authorization.use_system_account` is `true`. -#dbms.security.ldap.authorization.system_password= +# `server.security.ldap.authorization.use_system_account` is `true`. +#server.security.ldap.authorization.system_password= # The name of the base object or named context to search for user objects when LDAP authorization is enabled. -# A common case is that this matches the last part of `dbms.security.ldap.authentication.user_dn_template`. -#dbms.security.ldap.authorization.user_search_base=ou=users,dc=example,dc=com +# A common case is that this matches the last part of `server.security.ldap.authentication.user_dn_template`. +#server.security.ldap.authorization.user_search_base=ou=users,dc=example,dc=com # The LDAP search filter to search for a user principal when LDAP authorization is # enabled. The filter should contain the placeholder token {0} which will be substituted for the # user principal. -#dbms.security.ldap.authorization.user_search_filter=(&(objectClass=*)(uid={0})) +#server.security.ldap.authorization.user_search_filter=(&(objectClass=*)(uid={0})) # A list of attribute names on a user object that contains groups to be used for mapping to roles # when LDAP authorization is enabled. -#dbms.security.ldap.authorization.group_membership_attributes=memberOf +#server.security.ldap.authorization.group_membership_attributes=memberOf # An authorization mapping from LDAP group names to Neo4j role names. # The map should be formatted as a semicolon separated list of key-value pairs, where the @@ -592,74 +591,74 @@ dbms.connector.https.enabled=false # For example: group1=role1;group2=role2;group3=role3,role4,role5 # # You could also use whitespaces and quotes around group names to make this mapping more readable, -# for example: dbms.security.ldap.authorization.group_to_role_mapping=\ +# for example: server.security.ldap.authorization.group_to_role_mapping=\ # "cn=Neo4j Read Only,cn=users,dc=example,dc=com" = reader; \ # "cn=Neo4j Read-Write,cn=users,dc=example,dc=com" = publisher; \ # "cn=Neo4j Schema Manager,cn=users,dc=example,dc=com" = architect; \ # "cn=Neo4j Administrator,cn=users,dc=example,dc=com" = admin -#dbms.security.ldap.authorization.group_to_role_mapping= +#server.security.ldap.authorization.group_to_role_mapping= #***************************************************************** # OpenID Connect configuration #***************************************************************** # The display name for the provider. This will be displayed in clients such as Neo4j Browser and Bloom. -#dbms.security.oidc.<provider>.display_name= +#server.security.oidc.<provider>.display_name= # The OIDC auth_flow for clients such as Neo4j Browser and Bloom to use. Supported values are 'pkce' and 'implicit' -#dbms.security.oidc.<provider>.auth_flow=pkce +#server.security.oidc.<provider>.auth_flow=pkce # The OpenID Connect Discovery URL for the provider -#dbms.security.oidc.<provider>.well_known_discovery_uri= +#server.security.oidc.<provider>.well_known_discovery_uri= # URL of the provider's Authorization Endpoint -#dbms.security.oidc.<provider>.auth_endpoint= +#server.security.oidc.<provider>.auth_endpoint= # Parameters to use with the Authorization Endpoint. -#dbms.security.oidc.<provider>.auth_params= +#server.security.oidc.<provider>.auth_params= # URL of the provider's OAuth 2.0 Token Endpoint -#dbms.security.oidc.<provider>.token_endpoint= +#server.security.oidc.<provider>.token_endpoint= # Parameters to use with the Token Endpoint. -#dbms.security.oidc.<provider>.token_params= +#server.security.oidc.<provider>.token_params= # URL of the provider's JSON Web Key Set -#dbms.security.oidc.<provider>.jwks_uri= +#server.security.oidc.<provider>.jwks_uri= # URL of the provider's UserInfo Endpoint -#dbms.security.oidc.<provider>.user_info_uri= +#server.security.oidc.<provider>.user_info_uri= # URL that the provider asserts as its issuer identifier. This will be checked against the iss claim in the token -#dbms.security.oidc.<provider>.issuer= +#server.security.oidc.<provider>.issuer= # The expected value for the `aud` claim -#dbms.security.oidc.<provider>.audience= +#server.security.oidc.<provider>.audience= # The client_id of this client as issued by the provider. -#dbms.security.oidc.<provider>.client_id= +#server.security.oidc.<provider>.client_id= # Whether to fetch the groups claim from the user info endpoint on the identity provider. The default is false, read it from the token. -#dbms.security.oidc.<provider>.get_groups_from_user_info=false +#server.security.oidc.<provider>.get_groups_from_user_info=false # Whether to fetch the username claim from the user info endpoint on the identity provider. The default is false, read it from the token. -#dbms.security.oidc.<provider>.get_username_from_user_info=false +#server.security.oidc.<provider>.get_username_from_user_info=false # The claim to use for the database username. -#dbms.security.oidc.<provider>.claims.username=sub +#server.security.oidc.<provider>.claims.username=sub # The claim to use for the database roles. -#dbms.security.oidc.<provider>.claims.groups= +#server.security.oidc.<provider>.claims.groups= # General parameters to use with the Identity Provider. -#dbms.security.oidc.<provider>.params= +#server.security.oidc.<provider>.params= # General config to use with the Identity Provider. -#dbms.security.oidc.<provider>.config= +#server.security.oidc.<provider>.config= -# An authorization mapping from identity provider group names to Neo4j role names. See dbms.security.ldap.authorization.group_to_role_mapping above +# An authorization mapping from identity provider group names to Neo4j role names. See server.security.ldap.authorization.group_to_role_mapping above # for the format. -#dbms.security.oidc.<provider>.authorization.group_to_role_mapping= +#server.security.oidc.<provider>.authorization.group_to_role_mapping= #***************************************************************** # Miscellaneous configuration @@ -674,23 +673,23 @@ metrics.csv.rotation.compression=zip # Determines if Cypher will allow using file URLs when loading data using # `LOAD CSV`. Setting this value to `false` will cause Neo4j to fail `LOAD CSV` # clauses that load data from the file system. -#dbms.security.allow_csv_import_from_file_urls=true +#server.security.allow_csv_import_from_file_urls=true # Value of the Access-Control-Allow-Origin header sent over any HTTP or HTTPS # connector. This defaults to '*', which allows broadest compatibility. Note # that any URI provided here limits HTTP/HTTPS access to that URI only. -#dbms.security.http_access_control_allow_origin=* +#server.security.http_access_control_allow_origin=* # Value of the HTTP Strict-Transport-Security (HSTS) response header. This header # tells browsers that a webpage should only be accessed using HTTPS instead of HTTP. # It is attached to every HTTPS response. Setting is not set by default so # 'Strict-Transport-Security' header is not sent. Value is expected to contain # directives like 'max-age', 'includeSubDomains' and 'preload'. -#dbms.security.http_strict_transport_security= +#server.security.http_strict_transport_security= # Retention policy for transaction logs needed to perform recovery and backups. -#dbms.tx_log.rotation.retention_policy=7 days +#server.tx_log.rotation.retention_policy=7 days # Limit the number of IOs the background checkpoint process will consume per second. # This setting is advisory, is ignored in Neo4j Community Edition, and is followed to @@ -704,11 +703,11 @@ metrics.csv.rotation.compression=zip # Set this to -1 to disable the IOPS limit and remove the limitation entirely, # this will let the checkpointer flush data as fast as the hardware will go. # Removing the setting, or commenting it out, will set the default value of 600. -# dbms.checkpoint.iops.limit=600 +# server.checkpoint.iops.limit=600 # Only allow read operations from this Neo4j instance. This mode still requires # write access to the directory for lock purposes. -#dbms.read_only=false +#server.read_only=false # Comma separated list of JAX-RS packages containing JAX-RS resources, one # package name for each mountpoint. The listed package names will be loaded @@ -716,19 +715,19 @@ metrics.csv.rotation.compression=zip # org.neo4j.examples.server.unmanaged.HelloWorldResource.java from # neo4j-server-examples under /examples/unmanaged, resulting in a final URL of # http://localhost:7474/examples/unmanaged/helloworld/{nodeId} -#dbms.unmanaged_extension_classes=org.neo4j.examples.server.unmanaged=/examples/unmanaged +#server.unmanaged_extension_classes=org.neo4j.examples.server.unmanaged=/examples/unmanaged # A comma separated list of procedures and user defined functions that are allowed # full access to the database through unsupported/insecure internal APIs. -#dbms.security.procedures.unrestricted=my.extensions.example,my.procedures.* +#server.security.procedures.unrestricted=my.extensions.example,my.procedures.* # A comma separated list of procedures to be loaded by default. # Leaving this unconfigured will load all procedures found. -#dbms.security.procedures.allowlist=apoc.coll.*,apoc.load.*,gds.* +#server.security.procedures.allowlist=apoc.coll.*,apoc.load.*,gds.* # For how long should drivers cache the discovery data from -# the dbms.routing.getRoutingTable() procedure. Defaults to 300s. -#dbms.routing_ttl=300s +# the server.routing.getRoutingTable() procedure. Defaults to 300s. +#server.routing_ttl=300s #******************************************************************** # JVM Parameters @@ -736,11 +735,11 @@ metrics.csv.rotation.compression=zip # G1GC generally strikes a good balance between throughput and tail # latency, without too much tuning. -dbms.jvm.additional=-XX:+UseG1GC +server.jvm.additional=-XX:+UseG1GC # Have common exceptions keep producing stack traces, so they can be # debugged regardless of how often logs are rotated. -dbms.jvm.additional=-XX:-OmitStackTraceInFastThrow +server.jvm.additional=-XX:-OmitStackTraceInFastThrow # Make sure that `initmemory` is not only allocated, but committed to # the process, before starting the database. This reduces memory @@ -749,66 +748,66 @@ dbms.jvm.additional=-XX:-OmitStackTraceInFastThrow # due to heap-growing GC events, where a decrease in available page # cache leads to an increase in mean IO response time. # Try reducing the heap memory, if this flag degrades performance. -dbms.jvm.additional=-XX:+AlwaysPreTouch +server.jvm.additional=-XX:+AlwaysPreTouch # Trust that non-static final fields are really final. # This allows more optimizations and improves overall performance. # NOTE: Disable this if you use embedded mode, or have extensions or dependencies that may use reflection or # serialization to change the value of final fields! -dbms.jvm.additional=-XX:+UnlockExperimentalVMOptions -dbms.jvm.additional=-XX:+TrustFinalNonStaticFields +server.jvm.additional=-XX:+UnlockExperimentalVMOptions +server.jvm.additional=-XX:+TrustFinalNonStaticFields # Disable explicit garbage collection, which is occasionally invoked by the JDK itself. -dbms.jvm.additional=-XX:+DisableExplicitGC +server.jvm.additional=-XX:+DisableExplicitGC #Increase maximum number of nested calls that can be inlined from 9 (default) to 15 -dbms.jvm.additional=-XX:MaxInlineLevel=15 +server.jvm.additional=-XX:MaxInlineLevel=15 # Disable biased locking -dbms.jvm.additional=-XX:-UseBiasedLocking +server.jvm.additional=-XX:-UseBiasedLocking # Allow Neo4j to use @Contended annotation -#dbms.jvm.additional=-XX:-RestrictContended +#server.jvm.additional=-XX:-RestrictContended # Restrict size of cached JDK buffers to 256 KB -dbms.jvm.additional=-Djdk.nio.maxCachedBufferSize=262144 +server.jvm.additional=-Djdk.nio.maxCachedBufferSize=262144 # More efficient buffer allocation in Netty by allowing direct no cleaner buffers. -dbms.jvm.additional=-Dio.netty.tryReflectionSetAccessible=true +server.jvm.additional=-Dio.netty.tryReflectionSetAccessible=true # Exits JVM on the first occurrence of an out-of-memory error. Its preferable to restart VM in case of out of memory errors. -# dbms.jvm.additional=-XX:+ExitOnOutOfMemoryError +# server.jvm.additional=-XX:+ExitOnOutOfMemoryError # Expand Diffie Hellman (DH) key size from default 1024 to 2048 for DH-RSA cipher suites used in server TLS handshakes. # This is to protect the server from any potential passive eavesdropping. -dbms.jvm.additional=-Djdk.tls.ephemeralDHKeySize=2048 +server.jvm.additional=-Djdk.tls.ephemeralDHKeySize=2048 # This mitigates a DDoS vector. -dbms.jvm.additional=-Djdk.tls.rejectClientInitiatedRenegotiation=true +server.jvm.additional=-Djdk.tls.rejectClientInitiatedRenegotiation=true # Enable remote debugging -#dbms.jvm.additional=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 +#server.jvm.additional=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 # This filter prevents deserialization of arbitrary objects via java object serialization, addressing potential vulnerabilities. # By default this filter whitelists all neo4j classes, as well as classes from the hazelcast library and the java standard library. # These defaults should only be modified by expert users! # For more details (including filter syntax) see: https://openjdk.java.net/jeps/290 -#dbms.jvm.additional=-Djdk.serialFilter=java.**;org.neo4j.**;com.neo4j.**;com.hazelcast.**;net.sf.ehcache.Element;com.sun.proxy.*;org.openjdk.jmh.**;!* +#server.jvm.additional=-Djdk.serialFilter=java.**;org.neo4j.**;com.neo4j.**;com.hazelcast.**;net.sf.ehcache.Element;com.sun.proxy.*;org.openjdk.jmh.**;!* # Increase the default flight recorder stack sampling depth from 64 to 256, to avoid truncating frames when profiling. -dbms.jvm.additional=-XX:FlightRecorderOptions=stackdepth=256 +server.jvm.additional=-XX:FlightRecorderOptions=stackdepth=256 # Allow profilers to sample between safepoints. Without this, sampling profilers may produce less accurate results. -dbms.jvm.additional=-XX:+UnlockDiagnosticVMOptions -dbms.jvm.additional=-XX:+DebugNonSafepoints +server.jvm.additional=-XX:+UnlockDiagnosticVMOptions +server.jvm.additional=-XX:+DebugNonSafepoints # Disable logging JMX endpoint. -dbms.jvm.additional=-Dlog4j2.disable.jmx=true +server.jvm.additional=-Dlog4j2.disable.jmx=true # Limit JVM metaspace and code cache to allow garbage collection. Used by cypher for code generation and may grow indefinitely unless constrained. # Useful for memory constrained environments -#dbms.jvm.additional=-XX:MaxMetaspaceSize=1024m -#dbms.jvm.additional=-XX:ReservedCodeCacheSize=512m +#server.jvm.additional=-XX:MaxMetaspaceSize=1024m +#server.jvm.additional=-XX:ReservedCodeCacheSize=512m #******************************************************************** # Wrapper Windows NT/2000/XP Service Properties @@ -819,7 +818,7 @@ dbms.jvm.additional=-Dlog4j2.disable.jmx=true # service can then be reinstalled. # Name of the service -dbms.windows_service_name=neo4j +server.windows_service_name=neo4j #******************************************************************** # Other Neo4j system properties diff --git a/neo4j.install b/neo4j.install index 987307729e5d..9d0f6a56fc12 100644 --- a/neo4j.install +++ b/neo4j.install @@ -8,6 +8,7 @@ post_install() { post_upgrade() { assert_user_and_group_exist directory_permissions + license_disclaimer } post_remove() { @@ -20,7 +21,6 @@ post_remove() { } directory_permissions() { - chown -R neo4j:neo4j /etc/neo4j/certificates chown -R neo4j:neo4j /var/lib/neo4j chown -R neo4j:neo4j /var/log/neo4j chown -R neo4j:neo4j /etc/neo4j @@ -34,3 +34,14 @@ assert_user_and_group_exist() { useradd --system -g neo4j -d /var/lib/neo4j -s /bin/false neo4j fi } + +license_disclaimer() { + echo $(sed 's/ +/ /g' <<- EOF + By installing the neo4j-enterprise package you are accepting + the commercial license agreement from Neo4j Inc. Read the license + under the /usr/share/licenses/neo4j directory or at + https://neo4j.com/licensing/. Check and modify the licensing status + by the "neo4j-admin server license" command. +EOF +) +} diff --git a/neo4j.service b/neo4j.service index 879fecb24523..fbdbac8b4251 100644 --- a/neo4j.service +++ b/neo4j.service @@ -6,11 +6,12 @@ User=neo4j Type=forking Environment=NEO4J_CONF=/etc/neo4j Environment=NEO4J_HOME=/usr/share/java/neo4j -Environment=JAVA_HOME=/usr/lib/jvm/java-11-openjdk +Environment=JAVA_HOME=/usr/lib/jvm/java-17-openjdk ExecStart=/usr/bin/neo4j start ExecStop=/usr/bin/neo4j stop PIDFile=/run/neo4j/neo4j.pid LimitNOFILE=40000 +TimeoutSec=120 [Install] WantedBy=multi-user.target diff --git a/startup-scripts-fix-paths.patch b/startup-scripts-fix-paths.patch new file mode 100644 index 000000000000..70332502dd95 --- /dev/null +++ b/startup-scripts-fix-paths.patch @@ -0,0 +1,101 @@ +diff --unified --recursive --text package.orig/bin/cypher-shell package.new/bin/cypher-shell +--- package.orig/bin/cypher-shell 2023-02-10 09:56:40.000000000 +0100 ++++ package.new/bin/cypher-shell 2023-03-03 01:04:50.033915121 +0100 +@@ -18,7 +18,6 @@ + # Copyright (c) 2001-2006 The Apache Software Foundation. All rights + # reserved. + +- + # resolve links - $0 may be a softlink + PRG="$0" + +@@ -38,6 +37,10 @@ + # Reset the REPO variable. If you need to influence this use the environment setup file. + REPO= + ++# Paths for Arch Linux AUR installation: ++BASEDIR="/usr/share/java/neo4j" ++CLASSPATH="$BASEDIR:$BASEDIR/*" ++REPO="$BASEDIR" + + # OS specific support. $var _must_ be set to either true or false. + cygwin=false; +@@ -97,7 +100,10 @@ + REPO="$BASEDIR"/lib + fi + +-CLASSPATH="$BASEDIR"/etc:"$REPO"/neo4j-java-driver-5.5.0.jar:"$REPO"/reactive-streams-1.0.4.jar:"$REPO"/netty-handler-4.1.87.Final.jar:"$REPO"/netty-common-4.1.87.Final.jar:"$REPO"/netty-resolver-4.1.87.Final.jar:"$REPO"/netty-buffer-4.1.87.Final.jar:"$REPO"/netty-transport-4.1.87.Final.jar:"$REPO"/netty-transport-native-unix-common-4.1.87.Final.jar:"$REPO"/netty-codec-4.1.87.Final.jar:"$REPO"/netty-tcnative-classes-2.0.56.Final.jar:"$REPO"/reactor-core-3.5.1.jar:"$REPO"/cypher-literal-interpreter-5.5.0.jar:"$REPO"/neo4j-values-5.5.0.jar:"$REPO"/neo4j-graphdb-api-5.5.0.jar:"$REPO"/annotations-5.5.0.jar:"$REPO"/eclipse-collections-11.1.0.jar:"$REPO"/eclipse-collections-api-11.1.0.jar:"$REPO"/commons-lang3-3.12.0.jar:"$REPO"/neo4j-common-5.5.0.jar:"$REPO"/lz4-java-1.8.0.jar:"$REPO"/neo4j-resource-5.5.0.jar:"$REPO"/neo4j-collections-5.5.0.jar:"$REPO"/caffeine-3.1.2.jar:"$REPO"/neo4j-exceptions-5.5.0.jar:"$REPO"/neo4j-unsafe-5.5.0.jar:"$REPO"/jna-5.12.1.jar:"$REPO"/cypher-ast-factory-5.5.0.jar:"$REPO"/neo4j-cypher-javacc-parser-5.5.0.jar:"$REPO"/argparse4j-0.9.0.jar:"$REPO"/jline-terminal-3.21.0.jar:"$REPO"/jline-reader-3.21.0.jar:"$REPO"/jline-terminal-jansi-3.21.0.jar:"$REPO"/jansi-2.4.0.jar:"$REPO"/cypher-shell-5.5.0.jar ++BASEDIR="/usr/share/java/neo4j" ++REPO="$BASEDIR" ++ ++CLASSPATH="$BASEDIR":"$REPO"/neo4j-java-driver-5.5.0.jar:"$REPO"/reactive-streams-1.0.4.jar:"$REPO"/netty-handler-4.1.87.Final.jar:"$REPO"/netty-common-4.1.87.Final.jar:"$REPO"/netty-resolver-4.1.87.Final.jar:"$REPO"/netty-buffer-4.1.87.Final.jar:"$REPO"/netty-transport-4.1.87.Final.jar:"$REPO"/netty-transport-native-unix-common-4.1.87.Final.jar:"$REPO"/netty-codec-4.1.87.Final.jar:"$REPO"/netty-tcnative-classes-2.0.56.Final.jar:"$REPO"/reactor-core-3.5.1.jar:"$REPO"/cypher-literal-interpreter-5.5.0.jar:"$REPO"/neo4j-values-5.5.0.jar:"$REPO"/neo4j-graphdb-api-5.5.0.jar:"$REPO"/annotations-5.5.0.jar:"$REPO"/eclipse-collections-11.1.0.jar:"$REPO"/eclipse-collections-api-11.1.0.jar:"$REPO"/commons-lang3-3.12.0.jar:"$REPO"/neo4j-common-5.5.0.jar:"$REPO"/lz4-java-1.8.0.jar:"$REPO"/neo4j-resource-5.5.0.jar:"$REPO"/neo4j-collections-5.5.0.jar:"$REPO"/caffeine-3.1.2.jar:"$REPO"/neo4j-exceptions-5.5.0.jar:"$REPO"/neo4j-unsafe-5.5.0.jar:"$REPO"/jna-5.12.1.jar:"$REPO"/cypher-ast-factory-5.5.0.jar:"$REPO"/neo4j-cypher-javacc-parser-5.5.0.jar:"$REPO"/argparse4j-0.9.0.jar:"$REPO"/jline-terminal-3.21.0.jar:"$REPO"/jline-reader-3.21.0.jar:"$REPO"/jline-terminal-jansi-3.21.0.jar:"$REPO"/jansi-2.4.0.jar:"$REPO"/cypher-shell-5.5.0.jar + + ENDORSED_DIR= + if [ -n "$ENDORSED_DIR" ] ; then +@@ -124,5 +130,5 @@ + -Dapp.repo="$REPO" \ + -Dapp.home="$BASEDIR" \ + -Dbasedir="$BASEDIR" \ +- org.neo4j.shell.startup.CypherShellBoot \ ++ org.neo4j.shell.Main \ + "$@" +diff --unified --recursive --text package.orig/bin/neo4j package.new/bin/neo4j +--- package.orig/bin/neo4j 2023-02-10 10:10:35.000000000 +0100 ++++ package.new/bin/neo4j 2023-03-02 20:35:49.448160240 +0100 +@@ -2,7 +2,7 @@ + # Copyright (c) "Neo4j" + # Neo4j Sweden AB [http://neo4j.com] + # This file is a commercial add-on to Neo4j Enterprise Edition. +- ++export NEO4J_CONF=/etc/neo4j + + # resolve links - $0 may be a softlink + PRG="$0" +@@ -102,6 +102,10 @@ + [ -n "$REPO" ] && REPO=`cygpath --path --windows "$REPO"` + fi + ++BASEDIR="/usr/share/java/neo4j" ++CLASSPATH="$BASEDIR:$BASEDIR/*" ++REPO="$BASEDIR/repo" ++ + exec "$JAVACMD" -Xmx128m \ + -classpath "$CLASSPATH" \ + -Dapp.name="neo4j" \ +@@ -110,4 +114,4 @@ + -Dapp.home="$BASEDIR" \ + -Dbasedir="$BASEDIR" \ + org.neo4j.server.startup.Neo4jBoot \ +- "$@" +\ No newline at end of file ++ "$@" +diff --unified --recursive --text package.orig/bin/neo4j-admin package.new/bin/neo4j-admin +--- package.orig/bin/neo4j-admin 2023-02-10 10:10:35.000000000 +0100 ++++ package.new/bin/neo4j-admin 2023-03-02 20:28:39.903178130 +0100 +@@ -1,6 +1,8 @@ + #!/usr/bin/env sh + # Copyright (c) "Neo4j" + # Neo4j Sweden AB [http://neo4j.com] ++export NEO4J_CONF=/etc/neo4j ++ + # This file is a commercial add-on to Neo4j Enterprise Edition. + + +@@ -102,6 +104,10 @@ + [ -n "$REPO" ] && REPO=`cygpath --path --windows "$REPO"` + fi + ++BASEDIR="/usr/share/java/neo4j" ++CLASSPATH="$BASEDIR:$BASEDIR/*:$CLASSPATH" ++REPO="$BASEDIR/repo" ++ + exec "$JAVACMD" -Xmx128m \ + -classpath "$CLASSPATH" \ + -Dapp.name="neo4j-admin" \ +@@ -110,4 +116,4 @@ + -Dapp.home="$BASEDIR" \ + -Dbasedir="$BASEDIR" \ + org.neo4j.server.startup.Neo4jAdminBoot \ +- "$@" +\ No newline at end of file ++ "$@" diff --git a/startup-scripts-paths.patch b/startup-scripts-paths.patch deleted file mode 100644 index 6b173524b083..000000000000 --- a/startup-scripts-paths.patch +++ /dev/null @@ -1,42 +0,0 @@ -diff --unified --recursive --text src/neo4j-enterprise-4.4.7-orig/bin/neo4j src/neo4j-enterprise-4.4.7-new/bin/neo4j ---- src/neo4j-enterprise-4.4.7-orig/bin/neo4j 2022-05-06 23:30:17.000000000 +0200 -+++ src/neo4j-enterprise-4.4.7-new/bin/neo4j 2022-06-09 21:08:55.156813447 +0200 -@@ -102,6 +102,10 @@ - [ -n "$REPO" ] && REPO=`cygpath --path --windows "$REPO"` - fi - -+BASEDIR="/usr/share/java/neo4j" -+CLASSPATH="$BASEDIR:$BASEDIR/*" -+REPO="$BASEDIR/repo" -+ - exec "$JAVACMD" -Xmx128m \ - -classpath "$CLASSPATH" \ - -Dapp.name="neo4j" \ -@@ -110,4 +114,4 @@ - -Dapp.home="$BASEDIR" \ - -Dbasedir="$BASEDIR" \ - org.neo4j.server.startup.Neo4jCommand \ -- "$@" -\ No newline at end of file -+ "$@" -diff --unified --recursive --text src/neo4j-enterprise-4.4.7-orig/bin/neo4j-admin src/neo4j-enterprise-4.4.7-new/bin/neo4j-admin ---- src/neo4j-enterprise-4.4.7-orig/bin/neo4j-admin 2022-06-09 21:01:43.606862555 +0200 -+++ src/neo4j-enterprise-4.4.7-new/bin/neo4j-admin 2022-06-09 21:08:08.529086874 +0200 -@@ -104,6 +104,10 @@ - [ -n "$REPO" ] && REPO=`cygpath --path --windows "$REPO"` - fi - -+BASEDIR="/usr/share/java/neo4j" -+CLASSPATH="$BASEDIR:$BASEDIR/*" -+REPO="$BASEDIR/repo" -+ - exec "$JAVACMD" -Xmx128m \ - -classpath "$CLASSPATH" \ - -Dapp.name="neo4j-admin" \ -@@ -112,4 +116,4 @@ - -Dapp.home="$BASEDIR" \ - -Dbasedir="$BASEDIR" \ - org.neo4j.server.startup.Neo4jAdminCommand \ -- "$@" -\ No newline at end of file -+ "$@" |