Full_Name: Alexey Kamenskiy Version: 2.4.45 OS: CentOS Linux release 7.3.1611 (Core) URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (220.248.35.50) Setting up fresh 2.4.45 with MDB noticed that MDB does allow to create multiple databases in the same directory (noticed by mistake of creating multiple MDBs in default /var/lib/ldap). It shows no error and no any warning. After this ALL of the databases are writeable and readable. On reading the results returned for all 3 databases (and not for the DIT specified in ldapsearch -b).
aleksey.kamensky@gmail.com wrote: > Full_Name: Alexey Kamenskiy > Version: 2.4.45 > OS: CentOS Linux release 7.3.1611 (Core) > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (220.248.35.50) > > > Setting up fresh 2.4.45 with MDB noticed that MDB does allow to create multiple > databases in the same directory (noticed by mistake of creating multiple MDBs in > default /var/lib/ldap). > > It shows no error and no any warning. After this ALL of the databases are > writeable and readable. On reading the results returned for all 3 databases (and > not for the DIT specified in ldapsearch -b). None of the other backends protect from this either. (Nor can they, since any individual backend doesn't know anything about any other backend's configuration.) Not a bug. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
On Wed, Sep 20, 2017 at 7:28 PM, Howard Chu <hyc@symas.com> wrote: > aleksey.kamensky@gmail.com wrote: > >> Full_Name: Alexey Kamenskiy >> Version: 2.4.45 >> OS: CentOS Linux release 7.3.1611 (Core) >> URL: ftp://ftp.openldap.org/incoming/ >> Submission from: (NULL) (220.248.35.50) >> >> >> Setting up fresh 2.4.45 with MDB noticed that MDB does allow to create >> multiple >> databases in the same directory (noticed by mistake of creating multiple >> MDBs in >> default /var/lib/ldap). >> >> It shows no error and no any warning. After this ALL of the databases are >> writeable and readable. On reading the results returned for all 3 >> databases (and >> not for the DIT specified in ldapsearch -b). >> > > None of the other backends protect from this either. (Nor can they, since > any individual backend doesn't know anything about any other backend's > configuration.) Not a bug. You are right that other backends (I am talking here hdb/bdb) do not explicitly check for this, but those backends will produce error on attempt to read/write into database created in the directory where DB already exists. LMDB just works in this case and returns bad results if try to read. Even if not intentionally those errors serve as a reminder that one should not create two DBs in same directory. And on the other hand saying "not an issue because no one else does it this way" is not a good approach IMO as it only stimulates copying and does not help those offering improvements.
Aleksey Kamensky wrote: > And on the other hand saying "not an issue because no one else does it this > way" is not a good approach IMO as it only stimulates copying and does not > help those offering improvements. Feel free to submit a patch improving the situation. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/