Howard Chu wrote:
Hallvard B Furuseth wrote:
If I modify olcDbDirectory of a BDB database to a broken directory, the Modify returns success but BDB says "failed to reopen database" and slapd shuts down. Maybe other modifications can shut down slapd too, I don't know.
It would be nice if slapd tried to restore the old config value, reopen the old directory, and return unwillingToPerform or something to the Modify. However I don't know how hard that would be, or how obscure a case it is.
The Modify operation has already completed though, there's nothing to "return" an error message to by then.
We do as much pre-checking as possible to validate the syntax of changes before committing them. But here you've got an input with perfectly valid syntax. The only way to know that it's bad is to commit the change.
We already undo bad changes when we can detect them...
For this particular case, ITS#4829 needs to be considered as well. What is the definition of a "broken directory"? If you specify a directory that doesn't exist, the backend ought to just create it and use it. In that case, you'll end up with an empty context in the server. That might be what was intended, and also might not be; we have no way to tell. Therefore there is no sensible pre-check that we can perform.
According to Howard's and Hallvard's analysis, slapd should do its best to determine if the change is inconsistent. As soon as it's self-consistent (although possibly not what the user intended; but then it's the user's fault), and no matter what, it shouldn't result in shutting down slapd. In this case, I think it is the responsibility of back-config to try and open a database, but gracefully handle failure.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------