[Date Prev][Date Next]
Re: max open files
В Чтв, 18/03/2010 в 12:45 -0700, Quanah Gibson-Mount пишет:
> --On Thursday, March 18, 2010 8:46 AM -0400 Alex McKenzie
> <firstname.lastname@example.org> wrote:
> > I've been following the list for around a year, and I understand the
> > difficulties involved in supporting old versions, but the simple fact
> > is, most of us don't have time to custom compile all our server
> > software. My Ubuntu-default installs of Apache, postfix, SSH, and just
> > about everything else work fine and can be supported by their
> > developers. It's only LDAP (and a few things in beta) that absolutely
> > have to run the newest version at all times. I chose to accept a
> > limited feature-set and bullied GnuTLS into working "well enough" for
> > our limited LDAP environment, but if I ever find an alternative, I'll be
> > moving away from LDAP to whatever that is.
> For a moment, consider our frustration. Debian/Ubuntu, because of their
> issues with the OpenSSL license, build against GnuTLS. Which is a known
> security risk
> (<http://www.openldap.org/lists/openldap-devel/200802/msg00072.html>), and
> also known to have tons of problems in working with OpenLDAP. RedHat built
> their OpenLDAP against BDB 4.3 at one point, even though this was a known
> bad version of BDB, and the configure script would deliberately quit if it
> was encountered, so RH hacked configure instead of bothering to study why
> this was a problem. Distributions also make specific decisions on how to
> compile OpenLDAP (i.e., which options to use), that are not always best
> suited to end users who want a production LDAP server.
> While I agree most applications are easily and readily used with what is
> compiled by OS distributors. But as is stated in the FAQ, and which is a
> point people still continue to miss, is that the builds from OS distros are
> geared toward providing the LDAP libraries for other clients (such as
> postfix, etc). They are not geared towards running OpenLDAP as a
> production service. Which is why we recommend over and over and over again
> to avoid using them.
You would better recommend to file a bug so that maintainers would
finally consider recommendations of development team.
Also It's strange maintainers are not members of this list, isn't it? :)
> If they happen to work for you great. If they don't,
> then either support requests need to be taken to the distro provider, or a
> build of the latest stable release needs to be used.
> Consider your case, where you are using OpenLDAP 2.4.7, which was the first
> public experimental release of 2.4. Read over the change log at the
> hundreds, if not over a thousand at this point, bugs that were fixed since
> then. As to your note about adding new features, all new branches, like
> 2.4 was at the time 2.4.7 was released, are open for new features until
> development is stabilized and it is feature frozen. OpenLDAP 2.4 has been
> feature frozen for a very long time now. This is not an unusual
> development pattern.
> So yes, if someone wants support for a problem they are experiencing, then
> they need to show that the problem exists in the current stable release.
> This also is not an uncommon practice. You may find it frustrating, but we
> find it frustrating to be inundated with requests for help on issues that
> were long ago fixed.
> Quanah Gibson-Mount
> Principal Software Engineer
> Zimbra, Inc
> Zimbra :: the leader in open source messaging and collaboration
Покотиленко Костик <email@example.com>