openldap-bugs

openldap-bugs@openldap.org

1 participants
21001 discussions

Re: (ITS#8875) [Patch] Performance problems in back-mdb with large DITs and many aliases
by hyc＠symas.com 09 Jul '18

09 Jul '18

quanah(a)symas.com wrote: > --On Friday, July 06, 2018 11:20 PM +0000 hbohnenkamp(a)united-internet.de > wrote: > >> Full_Name: Henrik Bohnenkamp >> Version: >= 2.4.44, HEAD >> OS: Ubuntu 18.04, Coreos 7.5 >> URL: https://github.com/hbo/openldap-mdb-deref-problem >> Submission from: (NULL) (77.176.95.241) >> >> >> This is a followup to >> http://www.openldap.org/lists/openldap-technical/201805/msg00065.html > > Note that this is duplicate of ITS#7657. We may have to consider this for 2.5; since it changes the format of the dn2id index it's not something we can easily put in at this late stage of 2.4. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#8875) [Patch] Performance problems in back-mdb with large DITs and many aliases
by quanah＠symas.com 07 Jul '18

07 Jul '18

--On Friday, July 06, 2018 11:20 PM +0000 hbohnenkamp(a)united-internet.de wrote: > Full_Name: Henrik Bohnenkamp > Version: >= 2.4.44, HEAD > OS: Ubuntu 18.04, Coreos 7.5 > URL: https://github.com/hbo/openldap-mdb-deref-problem > Submission from: (NULL) (77.176.95.241) > > > This is a followup to > http://www.openldap.org/lists/openldap-technical/201805/msg00065.html Note that this is duplicate of ITS#7657. --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

1 0

(ITS#8875) [Patch] Performance problems in back-mdb with large DITs and many aliases
by hbohnenkamp＠united-internet.de 07 Jul '18

07 Jul '18

Full_Name: Henrik Bohnenkamp Version: >= 2.4.44, HEAD OS: Ubuntu 18.04, Coreos 7.5 URL: https://github.com/hbo/openldap-mdb-deref-problem Submission from: (NULL) (77.176.95.241) This is a followup to http://www.openldap.org/lists/openldap-technical/201805/msg00065.html When MDB is used as backend database and with large DITs (O(10^6)) with many alias entries (O(10^5)), search requests with deref=always and scope=sub will take prohibitively long. Servers with a high request rate might become utterly unresponsive. This problem is not present in the HDB backend. In this issue I want to contribute two things: - a means to demonstrate the problem; this in the form of two scripts (bash/python) which set up a large test DIT and start two slapds (one HDB, one MDB) to allow easy comparisons of the performance - a patch to fix the problem The patch is certainly not production ready (or, if it is, it needs still exhaustive testing to inspire confidence), however, I think it is far enough to at least discuss the approach. Both the scripts and the patch, together with instructions how to use the former can be found here: https://github.com/hbo/openldap-mdb-deref-problem I am looking forward to discuss the patch.

1 0

Re: (ITS#8874) --with-fetch incorrectly links libcom_err
by hyc＠symas.com 06 Jul '18

06 Jul '18

quanah(a)openldap.org wrote: > Full_Name: Quanah Gibson-Mount > Version: 2.4.46 > OS: FreeBSD 11 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (47.208.148.239) > > > When building OpenLDAP on FreeBSD where the fetch library is available, slapd > picks up a dependency on libcom_err which shouldn't exist. > > This comes in from lines 934 and 944 of build/openldap.m4: > 934 LIBS="-lfetch -lcom_err $LIBS" > 944 ol_link_fetch="-lfetch -lcom_err" > > These should be updated appropriately and configure regenerated Careful here. There may still be releases of FreeBSD that linked libfetch against com_err, for whatever reason. You'd need to check that libfetch exists, and then check that linking against libfetch by itself succeeds or fails. (And if it fails, put com_err back in and try again.) -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#8874) --with-fetch incorrectly links libcom_err
by quanah＠openldap.org 06 Jul '18

06 Jul '18

Full_Name: Quanah Gibson-Mount Version: 2.4.46 OS: FreeBSD 11 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (47.208.148.239) When building OpenLDAP on FreeBSD where the fetch library is available, slapd picks up a dependency on libcom_err which shouldn't exist. This comes in from lines 934 and 944 of build/openldap.m4: 934 LIBS="-lfetch -lcom_err $LIBS" 944 ol_link_fetch="-lfetch -lcom_err" These should be updated appropriately and configure regenerated

1 0

Re: (ITS#8759) mixed overlay nops & memberof cause segfault
by hyc＠symas.com 06 Jul '18

06 Jul '18

zhixu.liu(a)gmail.com wrote: > Full_Name: Z. Liu > Version: 2.4.44 > OS: Gentoo > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (221.218.169.84) > > > if we enable overlay nops & memberof together, then doing a member MODDN > operation, slapd will segfault and exit immediately. > > Example operation: > > dn: uid=test,ou=People,dc=example,dc=dc=com > changetype: moddn > newrdn: uid=chenln > deleteoldrdn: 1 > newsuperior: ou=Leave,dc=example,dc=com > > The reason is: in servers/slapd/overlays/memberof.c, function > memberof_value_modify define mod/values/nvalues in the stack, which will be > passed to other overlays, nops will try to free them if no attribute is changed. Note that code in contrib is unsupported and is not actually part of OpenLDAP Software. You can either contact the nops author and ask them for a fix, or you're welcome to submit a fix yourself. Nobody in the OpenLDAP Project is going to investigate this issue. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#8873) slapd-meta/ldap - Remove deprecated options
by quanah＠openldap.org 06 Jul '18

06 Jul '18

Full_Name: Quanah Gibson-Mount Version: HEAD OS: N/A URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (47.208.148.239) For OpenLDAP 2.5, we should remove the deprecated configuration options for back-ldap/meta/asyncmeta that have been marked as deprecated for multiple release series. Man pages should be updated accordingly as well. acl-authcDN acl-passwd idassert-authcDN idassert-passwd idassert-mode idassert-method port server suffixmassage map rewrite*

1 0

Re: (ITS#8866) RFE: slapo-constraint to return filter used in diagnostic message
by michael＠stroeder.com 04 Jul '18

04 Jul '18

On 06/20/2018 01:25 PM, Michael Ströder wrote: > This patch is meant to enhance user experience in case a client software > is used to maintain data directly via LDAP. This is a real-world issue. > > Find the patch against master here: > https://www.stroeder.com/temp/0001-ITS-8866-slapo-unique-to-return-filter-u… > > Also cleanly applies to RE24 and therefore > could be easily added to upcoming release 2.4.47. ;-) Any chance to see this in 2.4.47? It simply works and the patch was also reviewed by another C programmer. Ciao, Michael.

1 0

Re: (ITS#8872) configure.in has long been deprecated
by hyc＠symas.com 30 Jun '18

30 Jun '18

fturco(a)fastmail.fm wrote: > Full_Name: Francesco Turco > Version: 2.4.45 > OS: Gentoo Linux > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (2001:b07:2eb:c9ed:21c:c0ff:fead:3d70) > > > The Portage package manager reports the following warning message when building > net-nds/openldap-2.4.45 on Gentoo Linux: > > * This package has a configure.in file which has long been deprecated. Please > * update it to use configure.ac instead as newer versions of autotools will > die > * when it finds this file. See https://bugs.gentoo.org/426262 for details. > > Original bug report: https://bugs.gentoo.org/607686 Not a priority. The version of autoconf we use has been frozen for a long time and isn't going to change any time soon. End-users aren't expected to run the autotools themselves anyway, only the OpenLDAP Release Engineer does that. And changing filenames out of the blue is not viewed fondly by people trolling commit histories. Closing this ITS. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#8872) configure.in has long been deprecated
by fturco＠fastmail.fm 30 Jun '18

30 Jun '18

Full_Name: Francesco Turco Version: 2.4.45 OS: Gentoo Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2001:b07:2eb:c9ed:21c:c0ff:fead:3d70) The Portage package manager reports the following warning message when building net-nds/openldap-2.4.45 on Gentoo Linux: * This package has a configure.in file which has long been deprecated. Please * update it to use configure.ac instead as newer versions of autotools will die * when it finds this file. See https://bugs.gentoo.org/426262 for details. Original bug report: https://bugs.gentoo.org/607686

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs