[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: max open files

В Чтв, 18/03/2010 в 12:45 -0700, Quanah Gibson-Mount пишет:
> --On Thursday, March 18, 2010 8:46 AM -0400 Alex McKenzie 
> <alex@chem.umass.edu> wrote:
> > I've been following the list for around a year, and I understand the
> > difficulties involved in supporting old versions, but the simple fact
> > is, most of us don't have time to custom compile all our server
> > software.  My Ubuntu-default installs of Apache, postfix, SSH, and just
> > about everything else work fine and can be supported by their
> > developers.  It's only LDAP (and a few things in beta) that absolutely
> > have to run the newest version at all times.  I chose to accept a
> > limited feature-set and bullied GnuTLS into working "well enough" for
> > our limited LDAP environment, but if I ever find an alternative, I'll be
> > moving away from LDAP to whatever that is.
> For a moment, consider our frustration.  Debian/Ubuntu, because of their 
> issues with the OpenSSL license, build against GnuTLS.  Which is a known 
> security risk 
> (<http://www.openldap.org/lists/openldap-devel/200802/msg00072.html>), and 
> also known to have tons of problems in working with OpenLDAP.  RedHat built 
> their OpenLDAP against BDB 4.3 at one point, even though this was a known 
> bad version of BDB, and the configure script would deliberately quit if it 
> was encountered, so RH hacked configure instead of bothering to study why 
> this was a problem.  Distributions also make specific decisions on how to 
> compile OpenLDAP (i.e., which options to use), that are not always best 
> suited to end users who want a production LDAP server.
> While I agree most applications are easily and readily used with what is 
> compiled by OS distributors.  But as is stated in the FAQ, and which is a 
> point people still continue to miss, is that the builds from OS distros are 
> geared toward providing the LDAP libraries for other clients (such as 
> postfix, etc).  They are not geared towards running OpenLDAP as a 
> production service.  Which is why we recommend over and over and over again 
> to avoid using them.

You would better recommend to file a bug so that maintainers would
finally consider recommendations of development team.

Also It's strange maintainers are not members of this list, isn't it? :)

>   If they happen to work for you great.  If they don't, 
> then either support requests need to be taken to the distro provider, or a 
> build of the latest stable release needs to be used.
> Consider your case, where you are using OpenLDAP 2.4.7, which was the first 
> public experimental release of 2.4.  Read over the change log at the 
> hundreds, if not over a thousand at this point, bugs that were fixed since 
> then.  As to your note about adding new features, all new branches, like 
> 2.4 was at the time 2.4.7 was released, are open for new features until 
> development is stabilized and it is feature frozen.  OpenLDAP 2.4 has been 
> feature frozen for a very long time now.  This is not an unusual 
> development pattern.
> So yes, if someone wants support for a problem they are experiencing, then 
> they need to show that the problem exists in the current stable release. 
> This also is not an uncommon practice.  You may find it frustrating, but we 
> find it frustrating to be inundated with requests for help on issues that 
> were long ago fixed.
> --Quanah
> --
> Quanah Gibson-Mount
> Principal Software Engineer
> Zimbra, Inc
> --------------------
> Zimbra ::  the leader in open source messaging and collaboration
Покотиленко Костик <casper@meteor.dp.ua>