Michael Ströder wrote:
Howard Chu wrote:
> Michael Ströder wrote:
>> There's no mechanism like include.
> False. OpenLDAP's LDIF library supports include directives, and they're used
> frequently in the test suite. The include statement has been documented in the
> ldif(5) manpage since 2006.
How do you use this proprieatry include-statement in cn=config?
The full discussion of include: was on the ldapext mailing list, there's
nothing proprietary about it. If you don't like the fact that there's no new
version of RFC2849 with the relevant text, feel free to spend the time to
polish up a new version of that document.
> From my understanding this can only be used when editing LDIF
back-config and slapadd the whole stuff at once. But this defeats the goal of
cn=config because slapadd needs a restart.
This conversation was about checking a config into a version control system.
If you're actually doing that, then you should be checking in a complete
slapcat'd LDIF as a single file. The only way to make use of such a version
controlled file is by slapadd of course, but most likely the reason you're
digging an old version out of your VCS in the first place is because you need
to restore a backup, and slapd would already be down in that case.
> You're blaming the tools when it's your own ignorance at
Ah, yes...again you don't want to hear the defencencies of the current
approach which get obvious again in this thread.
What you call a deficiency(sp) is sheer nonsense. Tell me how you expect to
provide read/write database access to a file included from any arbitrary
filesystem location? Think about the safety of such a proposition as well; not
everybody has AppArmor or other security mechanisms on their machines. You cry
that it can't do "X" when in fact it would be irresponsible to ever allow it
to do "X". You haven't thought it through, you're just babbling.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/