Re: [Pkg-openldap-devel] new debconf template for openldap

To: debian-l10n-english@lists.debian.org
Cc: pkg-openldap-devel@lists.alioth.debian.org
Subject: Re: [Pkg-openldap-devel] new debconf template for openldap
From: Ryan Tandy <ryan@nardis.ca>
Date: Sat, 7 Jan 2017 15:25:48 -0800
Message-id: <[🔎] 20170107232548.GC581@kiwi.nardis.ca>
Mail-followup-to: debian-l10n-english@lists.debian.org, pkg-openldap-devel@lists.alioth.debian.org
In-reply-to: <[🔎] 20170107221016.GA5872@xibalba.demon.co.uk>
References: <[🔎] 20170107204356.GB581@kiwi.nardis.ca> <[🔎] 20170107221016.GA5872@xibalba.demon.co.uk>

Hi Justin,

Thank you for the review!

On Sat, Jan 07, 2017 at 10:10:16PM +0000, Justin B Rye wrote:

In the version of slapd about to be installed, the ppolicy overlay
requires the new pwdMaxRecordedFailure attribute to be defined in the
ppolicy schema. The schema contained in the cn=config database does not
currently include this attribute.


Expanding "ppolicy" and crushing everything else:

 In the new version of slapd, the Password Policy (ppolicy) overlay schema
 requires a defined pwdMaxRecordedFailure attribute, which is not present
 in the schema contained in the cn=config database.

I had to read this a few times. Initially I parsed "overlay schema" as aschema overlaid onto others, rather than an overlay and a relatedschema. Just to be clear, an overlay is a slapd plugin (a sharedlibrary), and the schema is configuration that supplies schema entities(primarily attribute types and object classes). "The schema" technicallymeans the entire slapd schema collectively. "The ppolicy schema" is morecolloquial and means either the subset of it used by the ppolicyoverlay, or the schema fragment shipped in a file called "ppolicy.ldif"(normally these are equivalent).

I also realized it would probably be more correct to say "attributetype" and not just "attribute". (Attributes are things that have values;attribute types define their names and what the values can look like.)


This is all rather esoteric OpenLDAP-specific stuff, I realize. Sorry.

Anyway, my attempt at adjusting it:

In the new version of slapd, the Password Policy (ppolicy) overlayrequires the schema to define the pwdMaxRecordedFailure attributetype, which is not present in the schema currently in use.

(Or would just "the schema currently in use" be okay?)

I think so. The context for that bit is that new users sometimes thinkthe schema files shipped by the package represent the activeconfiguration, while in reality those are only consulted at the timethey're imported into the database. In this case it should be fine sincewe provide specific guidance.

Oh, I used apt-get source - hope the attached patch is useful.

That's perfect, thanks! Besides the paragraph I commented on above, I'lltake the rest of your patch verbatim.

Reply to:

Follow-Ups:
- Re: [Pkg-openldap-devel] new debconf template for openldap
  - From: Justin B Rye <justin.byam.rye@gmail.com>

References:
- new debconf template for openldap
  - From: Ryan Tandy <ryan@nardis.ca>
- Re: new debconf template for openldap
  - From: Justin B Rye <justin.byam.rye@gmail.com>

Prev by Date: Re: new debconf template for openldap
Next by Date: Re: [Pkg-openldap-devel] new debconf template for openldap
Previous by thread: Re: new debconf template for openldap
Next by thread: Re: [Pkg-openldap-devel] new debconf template for openldap
Index(es):
- Date
- Thread