openldap-devel

openldap-devel@openldap.org

1418 discussions

Re: #15646 BerkeleyDB hybrid mutexes
by Howard Chu 10 Oct '07

10 Oct '07

Keith Bostic wrote: > On Oct 9, 2007, at 12:02 AM, Howard Chu wrote: > >> With a CPU-hog running in the background, the test with BDB 4.2.52 >> takes only 37 seconds, while BDB 4.6.21 takes 1:42. Watching with >> top you can see that BDB 4.6.21 gets a lot less CPU than BDB >> 4.2.52. This is the problem with using yield() on an NPTL system - >> whereas on most POSIX systems yield() only yields control to some >> other thread in the current process, on NPTL yield() gives up the >> CPU for the entire process. > > Is there a call that would be preferable on NPTL? > > What call on NPTL will only yield control from the thread, not the > entire process? When we first encountered this problem in the OpenLDAP source we used select() with a zero timeout. But I recall that that performed poorly as well, and nowadays we just avoid doing any type of yield at all. I think the real answer here is that on Linux 2.6 you really just want to use the native mutex (pthread, futex, whatever it's called) and not do anything else. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

back-ldap connection caching
by Howard Chu 10 Oct '07

10 Oct '07

After running SLAMD against back-ldap I've noticed some problems in the approach - while a single load generator may send multiple requests over a single connection, back-ldap always creates new connections for each incoming Simple Bind, and leaves them available to be shared by other sessions. Thinking about it, this usage doesn't really make a lot of sense. Any identity that's explicitly binding to back-ldap is necessarily going to be different from any other session's ID. The only sessions that it makes sense to share are those that were implicitly bound because they were authenticated elsewhere, and fell into this backend (via glue, typically) while processing some other request. So I think this means we should separate out the explicitly bound connections from everything else. They should only live as long as their inbound slapd connection lives, and should only be used by ops from their inbound slapd connection. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

2 3

#15646 BerkeleyDB hybrid mutexes
by Howard Chu 08 Oct '07

08 Oct '07

Fyi, hybrid mutex support in BDB 4.6.21 is still not a good idea on 2.6 Linux systems. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

2 1

slapo-memberof nested group behavior
by Faraz Khan 08 Oct '07

08 Oct '07

Dear all, i know that nested groups have been discussed in detail before- just wanted to know what the priority of implementing nested groups through slapo-memberof or otherwise is. The functionality already discussed is: If A memberof B and C memberof A then C memberof B Functionality required would be that the memberof attribute handles recursion correctly. The administrative importance of this functionality cannot be emphasized more upon. I am willing to help out with the slapo-memberof module if the functionality can be built into the current overlay only. Pointers on how to accomplish this would be appreciated. -- Faraz R Khan Chief Architect Emergen Consulting Pvt Ltd +92.21.111.111.320 x200 www.emergen.biz

2 1

Old open bugs
by Howard Chu 08 Oct '07

08 Oct '07

I just noticed that ITS#4468 was fixed in 2.3.34 by the fix for ITS#4805. Hallvard, are you still tracking ITS#3864 and #4467? Ando, did fixes for ITS#4563 and 4591 ever get backported from HEAD into a release? -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

2 2

Re: commit: ldap/build openldap.m4
by Gavin Henry 05 Oct '07

05 Oct '07

hyc(a)OpenLDAP.org wrote: > Update of /repo/OpenLDAP/pkg/ldap/build > > Modified Files: > Tag: OPENLDAP_REL_ENG_2_3 > openldap.m4 1.140.2.13 -> 1.140.2.14 > > Log Message: > Reject BDB 4.6 or newer > Much easier than telling folks they can use the early version of 4.6 I think. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghenry(a)suretecsystems.com Open Source. Open Solutions(tm). http://www.suretecsystems.com/

1 0

Re: commit: ldap/servers/slapd filter.c
by Howard Chu 05 Oct '07

05 Oct '07

ando(a)OpenLDAP.org wrote: > Update of /repo/OpenLDAP/pkg/ldap/servers/slapd > > Modified Files: > filter.c 1.142 -> 1.143 > > Log Message: > for consistency, always represent UUIDs correctly (ITS#5168; really, a de-normalize hook would help) I guess we need a syntax flag that says "denormalization needed" and perhaps a usage flag for the normalizer that says "denormalize a normalized value" -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

2 1

syncprov_playlog() and sl_mutex
by Pierangelo Masarati 04 Oct '07

04 Oct '07

There seems to be no (longer?) reason for syncprov_playlog() to release the sl_mutex from inside. I'd prefer, for readability, to lock/unlock either inside or outside the function call. Fixing (unless there's objection...) p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati(a)sys-net.it ---------------------------------------

1 1

Basic examples of new overlays worthwhile ?
by Buchan Milne 03 Oct '07

03 Oct '07

Someone on #ldap was having trouble with slapo-memberof, so I did a quick basic example to confirm it works, available at http://pastebin.ca/724050 So, I wonder if it is worthwhile having some examples like this in the documentation or not ? Or, would it be better to ship a test for the overlay, and provide a more complete example of a rfc2307bis-type setup ? Alternatively, is there a to-do list for the outstanding documentation work ? Regards, Buchan

3 2

Patch for memberOf overlay section from Buchan Milne (Was: Re: commit: openldap-guide/admin overlays.sdf)
by Pierangelo Masarati 03 Oct '07

03 Oct '07

ghenry(a)OpenLDAP.org wrote: > Update of /repo/OpenLDAP/pkg/openldap-guide/admin > > Modified Files: > overlays.sdf 1.11 -> 1.12 > > Log Message: > Patch for memberOf overlay section from Buchan Milne. Few comments (I'd fix it myself, but I'm not native English and I don't have sdf installed, so you'd probably do a much better job): The last sentence > Note that the {{B:memberOf}} attribute is an operational attribute, so > it must be requested explicitly. should be completed by adding (for dummies :) > Note that the {{B:memberOf}} attribute is an operational attribute, so > it must be requested explicitly in search requests. Moreover, I made "memberOf" operational by hacking the original definition, in order to be able to add it to arbitrary entries without the need to add the "extensibleObject" objectClass, or to create a specific "memberOfGroup" auxiliary obhjectClass that allows "memberOf" and add it to all entries where the attribute is added. This has to be fixed somehow. Either we define our own "member-of" attribute and make it operational, or we define a "memberOfGroup" auxiliary objectClass as described above, or whatever. Finally, I'd mention that if the overlay is added to an existing database, data is not sanitized by populating all entries according to their group membership. This is on the TODO list. There might be other minor sanity checks missing that I'm not aware of. p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati(a)sys-net.it ---------------------------------------

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-devel