[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapadd: which database to open

In part, I favor Michael's argument. In fact, the only reason for preferring a picky slapadd is to avoid trouble. An experienced user will not likely get in trouble, like using a wrong ldif file instead of the right one. The inexperienced or incautious user would probably erroneously feel safe when the wrong ldif happens to load in the right, yet unintended database.

There isn't much hazard involved here; typically slapadd will be done to empty databases. If they have multiple suffixes they likely have multiple ldif files. Automatically loading into "the other backend" several times would still produce the desired end result, as they are more or less independent. If they have one single ldif for multiple suffixes, then traditional slapadd can offer them no help at all.

In the case where they have multiple backends and some are populated and some aren't, and they pick the wrong ldif file, likely either it is a backend they needed to load soon anyway or the objects are already present and nothing will happen as a result.

My favorite approach would be to have slapadd return more sophisticated and useful messages, like

Better messages are always a good idea.

the first entry "cn=foo,dc=z" seems to belong to database #X, whose suffix is "dc=z"; did you mean to use -n X (or -b "dc=z")?

It may be a good idea to emit informational warnings about backend selection.

With respect to the "smart" behavior Matthew suggests (loading multiple databases within one execution of slapadd), it looks definitely intriguing, but since it quite departs from the current behavior, I'd protect it behind an explicit switch (e.g. -b "", or - n "detect").

Purely from a UI perspective, -b "" sounds like loading LDIF into the rootDSE; a bit confusing perhaps. Additionally, empty arguments tend to cause great confusion between users and their shell. -n detect sounds okay.

It might be a reasonable default as it is only changing behavior for what was previously an error condition. While users might rely on all sorts of odd features, it seems unlikely that anyone relies on slapadd to print and error and do nothing in this case.

Perhaps if someone were used to populating suffixes with ldifs, and used slapadd in a for-loop to do this, checking the exit code to find out when the right ldif had been found. Seems far-fetched though.

Still, having it available as an option is better than nothing.

Matthew Backes
Symas Corporation