[Date Prev][Date Next]
Re: Migrating openldap db backend from ibdm to bdb
--On Monday, February 26, 2007 8:19 PM +0100 Hallvard B Furuseth
Quanah Gibson-Mount writes:
Using vendor packages to run an OpenLDAP server is nearly always a bad
idea (Mandriva's a definite exception). There is almost nothing that
motivates the vendor to use current releases, or backport stability
fixes. There are known problems with the connection code in OL
2.3.27, for example, that were fixed in OpenLDAP 2.3.32. In general,
use vendor packages at extreme risk.
Is there something particular which makes this more so for OpenLDAP than
other packages, or are OpenLDAP releases more buggy than other packages,
or are existing bugs more likely to be fatal, or...?
I had the impression that this was mostly a RedHat issue. But if it's
more general, it sounds like the only likely fix would be in OpenLDAP
or the release methods or something.
The distro operators are generally interested in one thing -- The LDAP C
api, and the libraries provided by OpenLDAP. Using the software to
actually run a slapd server is not something they particularly worry about.
The only bugs they tend to backport are those ones involving a security
vulnerability. I've tried for a few months now to get the Debian folks to
pick up the connection code patch from 2.3.32 and apply it to their
distribution. I'm still hopeful that they'll do it, but I removed myself
from their packaging list after it became clear that creating a quality
package in support of upstream was not anything they were interested in.
Principal Software Developer
ITS/Shared Application Services
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html