--On April 4, 2011 3:00:34 PM +0200 Simone Piccardi <piccardi(a)truelite.it>
First, keep your replies on the list.
On 01/04/2011 18:11, Quanah Gibson-Mount wrote:
> Hi Markus,
> While I understand this is often the case with companies, this policy is
> short sighted. If you want to have a stable, secure, and functional LDAP
> server, then you need to be able to build OpenLDAP from source.
That's true, but is true also for a lot of other programs.
However, OpenLDAP is an amazingly complex piece of software, which a lot of
other programs are not.
And if you need to build everything from source, it will become soon
manutention nightmare (often you have to do so for a lot of different
I didn't say for him to build everything from source. I said to build
OpenLDAP from source. Personally, I do build everything that OpenLDAP uses
from source myself, short of the kernel & gcc.
So that kind of policy is a must in a lot of cases, and your
cannot be accepted.
I don't care whether or not you accept what I said. It wasn't a
suggestion, it is the result of over a decade of experience working with
LDAP software from a number of projects.
Not having good packages in a distribution harms everyone, but
unfortunately this is a general problem, not affecting just RedHat or
Correct. And this is something the OpenLDAP Foundation has zero control
over. The distributions decide what OpenLDAP releases they include. The
distributions decide what patches they apply to their OpenLDAP builds. The
distributions occasionally apply their own patches to OpenLDAP that can
break it in horrible ways. Distributions do not update their OpenLDAP
builds after they release a particular OS, either. So again, if someone
chooses against better advice to use the build a distribution provides,
then they need to seek help from those who provide the build they are
using. If that is not acceptable to them, then they either need to learn
to build OpenLDAP themselves so they can use current releases rather than
ones that have had hundreds of bugs fixed since their release, or they
should use a version of OpenLDAP that comes with support from a company
that provides such a thing. Symas is a good example of that.
If they choose to use a distribution build, and then contact the OpenLDAP
foundation about problems they face with it, the first thing they are going
to be asked to do is to upgrade their software. If their policy doesn't
allow that, then they need to contact the distributor. Not the foundation.
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration