From 481b02a979bd25d5b237d6cb59fd7c8702b3aad8 Mon Sep 17 00:00:00 2001
From: Rick Hansen <rickh@benon.com>
Date: Mon, 1 May 2017 14:28:41 +1000
Subject: [PATCH 1/3] Fixed typo for bind DN argument in .default

---
 nginx-ldap-auth.default | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nginx-ldap-auth.default b/nginx-ldap-auth.default
index 94d1ff5..39dc74f 100644
--- a/nginx-ldap-auth.default
+++ b/nginx-ldap-auth.default
@@ -4,7 +4,7 @@
 #
 #URL="--url ldap://example.com:389"
 #BASE="-b dc=nodomain"
-#BIND_DN="-d cn=admin,dc=nodomain"
+#BIND_DN="-D cn=admin,dc=nodomain"
 #BIND_PASS="-w secret"
 #COOKIE="-c nginxauth"
 #FILTER="-f (cn=%(username)s)"

From f94670848ea6682faa5452fb5863c1a4c28d9c14 Mon Sep 17 00:00:00 2001
From: Rick Hansen <rickh@benon.com>
Date: Mon, 1 May 2017 14:31:45 +1000
Subject: [PATCH 2/3] Use unbuffered IO and redirect output to log file

---
 nginx-ldap-auth-daemon.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/nginx-ldap-auth-daemon.py b/nginx-ldap-auth-daemon.py
index 8806183..31626d1 100755
--- a/nginx-ldap-auth-daemon.py
+++ b/nginx-ldap-auth-daemon.py
@@ -1,6 +1,6 @@
 #!/bin/sh
-''''which python2 >/dev/null && exec python2 "$0" "$@" # '''
-''''which python  >/dev/null && exec python  "$0" "$@" # '''
+''''which python2 >/dev/null && exec python2 -u "$0" "$@" &>>$LOG # '''
+''''which python  >/dev/null && exec python  -u "$0" "$@" &>>$LOG # '''
 
 # Copyright (C) 2014-2015 Nginx, Inc.
 

From d66d4a04e7993db7b61c0d0003c8b5059766592e Mon Sep 17 00:00:00 2001
From: Rick Hansen <rickh@benon.com>
Date: Mon, 1 May 2017 14:34:22 +1000
Subject: [PATCH 3/3] Update spec file to rotate log file

---
 nginx-ldap-auth.logrotate | 8 ++++++++
 rpm/nginx-ldap-auth.spec  | 3 +++
 2 files changed, 11 insertions(+)
 create mode 100644 nginx-ldap-auth.logrotate

diff --git a/nginx-ldap-auth.logrotate b/nginx-ldap-auth.logrotate
new file mode 100644
index 0000000..da80a55
--- /dev/null
+++ b/nginx-ldap-auth.logrotate
@@ -0,0 +1,8 @@
+/var/log/nginx-ldap-auth/daemon.log {
+	delaycompress
+	create 0644 nginx-ldap-auth nginx-ldap-auth
+	su nginx-ldap-auth nginx-ldap-auth
+	postrotate
+		/usr/bin/systemctl restart nginx-ldap-auth
+	endscript
+}
diff --git a/rpm/nginx-ldap-auth.spec b/rpm/nginx-ldap-auth.spec
index f86f203..8de6b6e 100644
--- a/rpm/nginx-ldap-auth.spec
+++ b/rpm/nginx-ldap-auth.spec
@@ -12,6 +12,7 @@ BuildRequires:	systemd
 Requires:	systemd
 Requires:	python-ldap
 Requires:	python-argparse
+Requires:	logrotate
 
 %description
 Reference implementation of method for authenticating users on behalf of
@@ -28,10 +29,12 @@ mkdir -p %buildroot%_unitdir
 install -m644 %name.service %buildroot%_unitdir/
 install -d -m755 %buildroot/etc/default
 install -m644 %name.default %buildroot/etc/default/%name
+install -m644 %name.logrotate %buildroot%_sysconfdir/logrotate.d/%name
 
 %files
 %doc README.md nginx-ldap-auth.conf backend-sample-app.py LICENSE
 /etc/default/%name
+%_sysconfdir/logrotate.d/%name
 %_bindir/nginx-ldap-auth-daemon
 %_unitdir/%name.service