[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7153) OpenLDAP doesn't start after some configuration modifications

Raphaël Ouazana-Sustowski wrote:
> On Tue, 07 Feb 2012 14:36:22 +0100, Michael Ströder wrote:
>> Raphaël Ouazana-Sustowski wrote:
>>> Wouldn't it be possible to have a more generic solution, eg: while each
>>> configuration change, OpenLDAP tests that configuration is still valid.
>> While checking the configuration data itself seems feasible it does
>> not scale well to check all entries whether they still contain a
>> certain schema element.
> Again I was talking about a more generic case.


> For the specific case of schema modification, I don't think that OpenLDAP
> doesn't start if some entries are missing some schema elements.

Schema and all entries have to be consistent. Periodically checking with 
slapschema whether everything's still alright is a good idea.

> My point is only that OpenLDAP should not bring the administrator to
> a situation where he cannot restart the service.

Nothing prevents an admin to do rm -rf /var/openldap/databases so to some 
degree an admin has to know what he does.

Ciao, Michael.