Bug#765747: RFS: openldap/2.4.40-1 [RC]
Ryan Tandy <ryan@nardis.ca> writes:
> On 18/10/14 02:26 AM, Ferenc Wagner wrote:
>
>> Ryan Tandy <ryan@nardis.ca> writes:
>>
>>> * debian/slapd.init.ldif:
>>
>> Btw: why do you give rigths to the RootDN explicitly? Doesn't it skip
>> all ACL processing anyway?
>
> Good point, again; I hadn't noticed that. In debian/slapd.conf the
> rootdn line is commented and we just have the explicit ACLs. I think I
> would do the same with slapd.init.ldif, and drop olcRoot{DN,PW}.
I'd go the other way, as a RootDN is good to have anyway (replication
needs it), while the explicit rules clutter up the ACLs. Or do you want
to differentiate between the write and manage access levels this way?
>> Maybe the Logging section could mention rsyslog [...]
>
> Would you be willing to provide a patch against the README for that?
Probably yes, but not tonight. :)
>> I backported your package to wheezy and upgraded a machine carrying a
>> partial replica. The upgrade failed, so I added the -s option to the
>> slapadd call in the postinst. Please consider using it.
>
> See #614569. I would like to fix it for jessie, but it might be in a
> later upload. I only want to add -s in cases where it's strictly needed,
> not in general.
That would certainly be more correct; I'm just not sure if it's worth
the trouble. Bringing up problems during upgrade isn't too useful.
>> Btw. is the dump/restore necessary with MDB?
>
> It's not (details in #750022). I filed #759597 about that.
Cool. I added a note about the example DB_CONFIG being unnecessary
copied in.
--
Regards,
Feri.
Reply to: