[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Installation openLDAP in Debian

Jose Ildefonso Camargo Tolosa wrote:
On Wed, Apr 20, 2011 at 4:18 PM, Howard Chu<hyc@symas.com>  wrote:
Jose Ildefonso Camargo Tolosa wrote:

On Wed, Apr 20, 2011 at 2:53 PM, Howard Chu<hyc@symas.com>    wrote:

The tree of files is not meant for you to ever look at or modify
Just use slapcat or ldapsearch. If you know anything about LDAP at all
is MUCH easier than editing flat text files, since you can use any LDAP
(commandline or GUI) to do all the administration.

I don't find complex to directly modify the files, actually, I find it
easier than having to write a ldif modification script every time I
need to apply a change! I just go ahead and edit the corresponding
ldif file on slapd.d

You are editing the backing store of a slapd internal database. If slapd is
running while you're doing this, you will probably corrupt the database.
Even if slapd is not running, you'll probably corrupt the database.

Ok, I'll fall for this: how in the world can I corrupt a text (ldif)
file? I have done that for quite some time, and I have never had a
single issue with it.  Off course, I need to restart slapd to make it
use my changes, but it is not big deal on my environment (for other
environments, you can use ldapmodify (or similar) and make changes on
the fly).

There are many possibilities. The most obvious is leaving random whitespace at the end of a line, which frequently trips up people who manually edit flat text files. I won't go into the other possibilities because frankly, it's an internal implementation detail and not worth mentioning. Suffice to say, if you're not going to take the word of the programmer who designed and implemented all of this that editing by hand is prone to corruption, then we have nothing further to discuss.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/