Nicholas Dronen wrote:
Hi, Pierangelo:
Unfortunately, we're more or less at the mercy of Red Hat when it comes to the versions of packages that are included in their distribution. We use a commercial version, not Fedora, for support reasons. In this particular case, the fact that we were exceeding the default limit of 1024 file descriptors for select(2) resulted in pam_authenticate blocking for up to four minutes, which is a huge problem in a production system, enough to justify including a rebuilt RPM. Generally, JPam's use of libldap is pretty simple -- just enough to bind and authenticate a user -- so as long as that basic functionality works as desired, we should be okay with 2.3.27. http://2.3.27. :-) If we're not, then we'll have to include our own RPM.
I would say you're at the mercy of redhat 'cause you want to. You are free to package your own version of openldap and install it on your system without losing support from RH as long as it doesn't interfere with RH existing packages. We deploy our own openldap rpm to our customers. It installs in /opt/ldap, is up-to-date with recommened versions of openssl, cyrus-sasl, berkeleydb and anything else it could need (it's latest OpenLDAP, of course), has its own init script, man pages and so on. So it's up to you...
Ing. Luca Scamoni Responsabile Ricerca e Sviluppo
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 0382 573859 (137) Mobile: +39 347 1014425 Fax: +39 0382 476497 Email: luca.scamoni@sys-net.it -----------------------------------