[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4770) monitoringslapd.sdf patch



Gavin,

from the preamble, one may infer that monitoring is optional in the 
sense it can be optionally built.  That's how it used to be; however, in 
2.4, it is always enabled, but it still must be explicitly exposed in 
slapd.conf/slapd.d by using "database monitor".  I would replace 
"enabled" with "exposed", and possibly explicitly indicate that in 2.4 
it is no longer an option to build the monitor interface.

No global directive should occur after "database monitor", as it 
represents a database instantiation like any other.  Although most 
global directives wouldn't complain if appearing __after__ a database 
instantiation, such use should be considered at least "bad practice".

About access control, it may be worth stressing that some attributes can 
actually be written; this requires to protect them and, at the same 
time, to grant the desired identities write privileges on them.

Sorry I haven't time to go into too much detail.  Anyway, it seems 
you're doing a great job.

Thanks, p.



Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------