[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: BDB selection, et al.

Quanah Gibson-Mount wrote:
--On Friday, July 18, 2008 9:11 PM -0400 William Jojo<jojowil@hvcc.edu>

I have noticed that the Symas packages user BDB 4.2 (with 2.3.42) as does
Ubuntu with 2.4.9+. I was wondering what the preference is over 4.4
(which I use) and 4.[67].

4.2.52 + patches has the longest history of being solid.

4.3 was a disaster

4.4 was likely okay

4.5 was likely okay

4.6 also seems okay, and has some useful improvements

4.7 is not yet supported, but will be in a future release, and has
additional useful improvements over 4.6.

4.7 can be made to work, if you're willing to tweak things a bit. The memory manager in 4.6 is much improved over earlier versions; the memory manager in 4.7 is slightly better still. The lock manager in 4.7 is more efficient in multi-core systems than in previous versions.

I ask because I build OpenLDAP (among other things) for AIX 5.2/5.3/6.1
at (shameless plug) http://pware.hvcc.edu/ and I was considering moving
to 2.4.10 with BDB 4.6, but now I am not certain where to go for a few of

* Why the choice to stay with BDB 4.2?

Proven track record over later releases (4.4, 4.5) for stability and performance.

* And OpenSSL 0.9.7l (over the 0.9.8 series)?

I use OpenSSL 0.9.8 in my builds and have for ages.

The Symas OpenLDAP 2.4 packages also use OpenSSL 0.9.8. However, the OpenSSL build system changed, making it more difficult to complete the Windows build. That's one of the reasons we stayed with 0.9.7 for so long in our OpenLDAP 2.3 packages.

* 2.3.39 has been *stable* since 11/2007 and I have not moved from that
point within the software suite offered. Is a later version of 2.3 going
to be marked stable (like is in the Symas prodcut).

Not likely.

True, no further 2.3.x release will be marked Stable.

Stable is really a fairly meaningless term.

False. At the time that a release was marked stable, it was considered the most stable release. I.e., after sufficient amount of time in release, no major issues were discovered.

Assigning meaning
to it as a guideline as to what version to build is a very bad idea.
There's a major DoS vulnerability in 2.3.39, for example, that was fixed in
2.3.43 and 2.4.11.

It's important to note that the Stable marker only changes if there's a new release that we consider stable. The subsequent discovery of bugs in a Stable release won't trigger the removal of that marker. So 2.3.39 is still marked Stable, even though important bug fixes are in 2.3.43, because those bugs were discovered long after 2.3.39 was released.

In the meantime, when moving the Stable marker, the Project's practice has been that it can only be moved to the Current release stream, which is 2.4. But we haven't yet seen a 2.4 release remain long enough in public use without new issues quickly being discovered. So there is not yet a new Stable release.

* 2.4.x seems stable enough to me and certainly to Ubuntu x86[_64], but I
would like some other indication that I should make the leap before I
begin to change dependencies to several of the products I produce. Is
2.4.x going to be marked stable in the near future?

Hopefully.  Note that stable does not remotely mean bug free (or relatively
low in bug count).  It simply means stable as far as core (i.e., not new)
functionality is concerned.

No. It means low bug count as of a particular point in time, e.g., within a couple weeks after the release.

And as I recall, we need to get to a feature freeze in the core code first. I think 2.4 is just about at this point now.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/