Re: Handling bad cn=config updates

Hallvard B Furuseth wrote: > If I modify olcDbDirectory of a BDB database to a broken directory, the > Modify returns success but BDB says "failed to reopen database" and > slapd shuts down. Maybe other modifications can shut down slapd too, I > don't know. > > It would be nice if slapd tried to restore the old config value, reopen > the old directory, and return unwillingToPerform or something to the > Modify. However I don't know how hard that would be, or how obscure a > case it is. The Modify operation has already completed though, there's nothing to "return" an error message to by then. We do as much pre-checking as possible to validate the syntax of changes before committing them. But here you've got an input with perfectly valid syntax. The only way to know that it's bad is to commit the change. We already undo bad changes when we can detect them... For this particular case, ITS#4829 needs to be considered as well. What is the definition of a "broken directory"? If you specify a directory that doesn't exist, the backend ought to just create it and use it. In that case, you'll end up with an empty context in the server. That might be what was intended, and also might not be; we have no way to tell. Therefore there is no sensible pre-check that we can perform.