[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Is the Redhat's openldap distribution broken?
tor, 25.11.2004 kl. 19.35 skrev Bruno Negrão:
> Since you already installed this source a lot of times, could you list to
> me which are the software required to install openldap's source?
For OL 2.2.18:
- Sleepycat 4.2.52 from source, plus the 2 mandatory patches, from
http://www.SleepyCat.com
- You can get by with the Openssl stuff that RHAS/RHEL3 gives you, but
*ONLY IF YOU DO ALL up2date UPDATES THAT REDHAT MAKES MANDATORY* The
0.9.7a that is included with the base install has serious security
problems. Personally for all Openssl OS software I install 0.9.7d from
http://www.openssl.org/ source to /usr/local..
- Cyrus SASL 2 from ftp://ftp.andrew.cmu.edu/pub/cyrus-mail. The RH
2.1.15 is seriously broken. I can't get the Cyrus source code 2.1.19 to
work with my stuff on RHAS3, it gives seg faults; I haven't tried
2.1.20. yet. You have to mv the RH /usr/lib/sasl2 to /usr/lib/sasl2.orig
and after the install to /usr/local/lib/sasl2, soft link the latter to
/usr/lib/sasl2. When install, remove the anonymous and otp libs; they're
worse than useless (your smtp server might advertise them, whilst
they're not implementable).
DO NOT UNDERESTIMATE THE DIFFICULTIES IN INSTITUTING THE ABOVE. You will
sweat pearls during the implementation, unless you read and reread all
of the READMEs and INSTALLs and adhere to them utterly. And even then.
But, it *will* work in the end.
> Also, do you have some good advice in "./configure --options" to use?
You can have mine, but that will not vouchsafe that you need the same.
This is for minus Kerberos, minus GSSAPI. For RH3 you need to add the
lib dirs to /etc/ld.so.conf and run ldconfig before running 'make test'
or ~install, or nothing will work.
CPPFLAGS="-I/usr/local/BerkeleyDB.4.2/include
-I/usr/local/ssl/include/openssl -I/usr/local/include \
LDFLAGS="-L/usr/local/lib -L/usr/local/ssl/lib -L/usr/local/lib/sasl2
-L/usr/local/BerkeleyDB.4.2/lib -L/usr/lib" \
LIBS="-lssl -lcrypt -lcrypto -lsasl2" \
./configure \
--with-tls \
--enable-crypt \
--with-cyrus-sasl \
--enable-phonetic \
--enable-crypt \
--enable-ipv6=no \
--enable-rewrite \
--enable-monitor \
--enable-proxycache \
--enable-meta \
--enable-ldap \
--enable-hdb \
--enable-proxycache
You will now have installed a BDB 4.5.52 database. Which will be utterly
useless unless you install a properly configured DB_CONFIG file in your
database directory. To configure this, you need to read the html docs in
your Sleepycat tarball directory. Even then you wont understand half of
it, so you go to Quanah's site at stanford.edu and read up on what
Quanah's written for you.
Then again, the man pages for 2.2.18 are now really good (those for
2.0.7 were worse than useless), as is the 2.2 Admin stuff from the
openldap site.
Lastly, you need people from this list to help. No names, no pack drill
- but they'll be there, if you act intelligently, try things out for
yourself, say what didn't work and why. Don't go screaming: "It doesn't
work", as you have been, write "I've tried this and that and that
doesn't work" Then maybe the'he'll be there at your side.
Good luck ;)
--Tonni
--
The bottom line is, that after setting the cart among the pigeons, at the
end of the day I can see the carrot at the end of the tunnel
mail: tonye@billy.demon.nl
http://www.billy.demon.nl
They love us, don't they, They feed us, won't they ...