[Date Prev][Date Next]
Re: (ITS#7367) [PATCH] MozNSS: update list of supported cipher suites
This is quite off-topic, but I could not resist replying.
On 10/03/2012 03:29 PM, firstname.lastname@example.org wrote:
> --On Wednesday, October 03, 2012 8:33 AM +0000 email@example.com wrote:
>> I understand that you don't want to support older OpenLDAP versions,
>> builds with non-default libraries, etc. But the users will rather use
>> the package from their distribution, instead of compiling it by
>> themselves. And we cannot support users' builds, because we do not have
>> the sources and the build environment under control. And we cannot
>> rebase the packages freely.
> Redhat needs to come up with a solution to this problem, because they are
> putting their users in a catch-22 situation. Either they get support from
> RedHat for a package that will not work,
There are many Red Hat customers who are happy using the openldap server
that comes with the distribution, and they do escalate problems through
the support they are paying for, and they do get help and fixes that
they pay for.
> or they build their own, and can't
> get support from RedHat.
Why should they get support from Red Hat if they build their own (in
which case they have to support it themselves, or use the openldap
community), or install 3rd party software (in which case they should get
support from whoever provided the software)?
> There are reasons new *patch* level releases are
> made. I see zero reason why RedHat cannot update the versions of OpenLDAP
> they ship since the fixes are incremental. No one should be running
> OpenLDAP 2.4.23 as a *production server*.
The openldap in RHEL6 is *not* a *stock* openldap 2.4.23. They are
running 2.4.23 with many patches backported from later openldap
releases. The current version is openldap-2.4.23-26.el6_3.2.x86_64 -
note the "-26" which means a lot more than 26 patches.
> Keep the RPM version string the
> same, and note the upstream release in the RPM patchlevel, if that is
> necessary, but fix the actual code to be current.
That's not what many Red Hat customers pay for. They pay for very
stable releases with only critical patches applied. The Red Hat
customers that want to use newer versions have many options - use Fedora
(which does track upstream openldap closely), build their own, go to
> This is why the Debian folks *wisely* recommend that people do *not* use
> the distribution build for a production server.
Can you point me to a link that has that statement in context?
> As long as RedHat keeps up this policy, the only advice ever for RedHat
> customers is to build their own RPMs, and get support elsewhere, since
> RedHat clearly can't keep working server versions together for their
Clearly. Except for the many customers who are quite happy.
> And then that leads to the question of what exactly they are
> paying RedHat for support for in the first place.
I like how you use "RedHat" instead of "Red Hat".
> Quanah Gibson-Mount
> Sr. Member of Technical Staff
> Zimbra, Inc
> A Division of VMware, Inc.
> Zimbra :: the leader in open source messaging and collaboration