[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP 2.5 plans and community engagement

On 8/9/19 1:47 AM, Quanah Gibson-Mount wrote:
> --On Wednesday, August 7, 2019 8:08 AM -0400 David Magda
> <dmagda@ee.ryerson.ca> wrote:
> I.e., 'providing' a build of OpenLDAP has a number of complexities.

Full ack.

It's really hard to decide what is needed in a package.

Linux distributions tend to enable all features to please everybody. But
for highly secured systems it is mandatory to disable unneeded
functionality. E.g. I'm maintaining the full-featured builds for
openSUSE but personally I'm using stripped down builds without all
deprecated backends.

Also Linux distros implement pseudo config management in there packages
which trys to create a default config. Mostly this defeats serious
deployments using a decent config management. I saw production systems
break after a "yum update" or "apt-get upgrade" because of overzealous
package post installation tasks.

>>> 2015 had a lot of serious bugs in its release, the releases were rushed,
>>> and the result of rushing was bad.  I don't think 2015 is a "good"
>>> example of how things should be done.
>>
>> That is an argument for timed releases.
> 
> I fail to see how that's the case.

Me too. Especially because timed releases can also lead to some kind of
rush before the release date.

> What I see is that we need to:
> a) Ensure we have CI/CD
> and
> b) Better/expanded test cases & databases to validate against
> and
> c) more participation from the community in testing/validating new
> features and code fixes.

Again, full ack here.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature