- drop the custom linker script, it's not needed

- bring forward changes to build with -z nodelete (#677338)

- add a proposed patch to avoid losing password expiration warnings relayed
  via policy controls when expiration is less than a day away (based on
  patch from Masahiro Matsuya, #637190, upstream #407)

- require the pam package explicitly, so that /%{_lib}/security won't be
  an orphaned directory (part of #553857)

- stop increasing the bind and search timelimits beyond their defaults

- make mentions of pam_ldap.conf and %{name}.conf more consistent (rcritten)
- drop no-longer-used .versions file

- fix source URLs

- split out pam_ldap as a separate source package, update URL, change
  %{version} to reflect pam_ldap's versioning rather than nss_ldap's
- set config file to /etc/pam_ldap.conf, rootbindpw file /etc/pam_ldap.secret
- drop %post bits that care about upgrades from RHL 7.2
- drop %post/%postun calls to ldconfig
- drop buildrequires on openssl-devel, krb5-devel, cyrus-sasl-devel
- update to version 185
  - drop now-obsolete patches to the rebind callback
- add %pre logic for the upgrading-from-a-non-split-nss_ldap case

- add "rtkit" and "pulse" to the list of users whom we default to ignoring
  for looking up supplemental groups (Gordon Messmer, part of #186527)

- set close-on-exec on the dummy socket created in the child atfork() (#512856)