Howard Chu wrote:
Hallvard B Furuseth wrote:
> If I modify olcDbDirectory of a BDB database to a broken directory, the
> Modify returns success but BDB says "failed to reopen database" and
> slapd shuts down. Maybe other modifications can shut down slapd too, I
> don't know.
>
> It would be nice if slapd tried to restore the old config value, reopen
> the old directory, and return unwillingToPerform or something to the
> Modify. However I don't know how hard that would be, or how obscure a
> case it is.
The Modify operation has already completed though, there's nothing to
"return" an error message to by then.
We do as much pre-checking as possible to validate the syntax of changes
before committing them. But here you've got an input with perfectly
valid syntax. The only way to know that it's bad is to commit the change.
We already undo bad changes when we can detect them...
For this particular case, ITS#4829 needs to be considered as well. What
is the definition of a "broken directory"? If you specify a directory
that doesn't exist, the backend ought to just create it and use it. In
that case, you'll end up with an empty context in the server. That might
be what was intended, and also might not be; we have no way to tell.
Therefore there is no sensible pre-check that we can perform.
According to Howard's and Hallvard's analysis, slapd should do its best
to determine if the change is inconsistent. As soon as it's
self-consistent (although possibly not what the user intended; but then
it's the user's fault), and no matter what, it shouldn't result in
shutting down slapd. In this case, I think it is the responsibility of
back-config to try and open a database, but gracefully handle failure.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati(a)sys-net.it
---------------------------------------