[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

new debconf template for openldap

Dear debian-l10n-english,

I would like to ask for your review of a new debconf template for slapd.
Some background information: If slapd's configuration is not replicated to or from any other server, and has no overlays (plugins) applied to it, we can upgrade the schema automatically. However, if those conditions are not met (replicating the config database is uncommon but definitely supported), then it is not safe to perform the change offline: it has to be done by the admin *before* removing or replacing the old binaries.
What we do here is generate an LDIF file containing the necessary changeset, and show the admin how to apply it.
"Replication with other servers may be affected" is intentionally vague: depending on the specific configuration, this specific change might not be replicated, replication in general might get stuck and never sync again, or everything might just work.
Lintian complains about this template being too long, so I'd welcome suggestions for how to reduce it, as well as any other feedback. 

Template: slapd/ppolicy_schema_needs_update
Type: select
__Choices: abort installation, continue regardless
DefaultChoice: abort installation
#flag:comment:2
# "ppolicy", "pwdMaxRecordedFailure", and "cn=config" are not translatable.
#flag:translate!:5,7
_Description: Manual ppolicy schema update recommended
In the version of slapd about to be installed, the ppolicy overlay
requires the new pwdMaxRecordedFailure attribute to be defined in the
ppolicy schema. The schema contained in the cn=config database does not
currently include this attribute.
.
You may choose to continue the installation. In this case, the
maintainer scripts will add the new attribute automatically during the
upgrade. However, the change will not be acted on by slapd overlays,
and replication with other servers may be affected.
.
The ppolicy schema can be updated by applying the changes found in the
following LDIF file:
.
${ldif}
.
If slapd is using the default access control rules, after starting
slapd, the changes can be applied using the following command:
.
ldapmodify -H ldapi:/// -Y EXTERNAL -f ${ldif}
.
It is recommended to abort the upgrade now and to update the ppolicy
schema before upgrading slapd. If replication is in use, the schema
update should be applied on every server before continuing with the
upgrade.
The full templates file can be found in the git repository: https://anonscm.debian.org/git/pkg-openldap/openldap.git/tree/debian/slapd.templates 

Thank you,
Ryan
Reply to: