Hi Shawn,
On 30/09/2023 16:01, Shawn McKinney wrote:
On Sep 29, 2023, at 10:59 AM, Emmanuel Lécharny <[email protected]> wrote:
Some more about rpmbuild:
AFAICT, it really can't be used anymore on Mac OS, as there are dependencies
that require Linux.
So it's a dead end.
OTOH, it works pretty well in the builds.apache.org Apache Jenkins instance, so
I wonder if it's not a waste of time trying to have it working on a Mac...
What’s hanging in the balance? We can still use it on a Mac but the installer
won’t work?
Yes. It was convenient for me to get the packages built locally, but
considering they are also properly built by jenkins, I can live with
that (it's just a matter of waiting 1h45 for them to be generated.
So be it.
That seems OK assuming it’s documented somewhere how to do it manually.
Indeed.
My assumption rests that installation is necessary for devops usage, i.e.
Jenkins pipelines. And config mgmt activities, provisioning runtime envs.
Not so important for dev'prs who use Mac as their dev env. Who should be
capable of the setup of test env. (Nobody runs Mac ldap servers in prod)
Agreed.
And as of today, I think we are fine.
I have the builds.apache.org hapy for Directory, now that I have shut
down the failing SASL checks:
# test SASL auth and confidentiality
ldapwhoami -h localhost -p 10389 -Y DIGEST-MD5 -N -O "minssf=128" -U
user.1 -R example.com -w secret |& tee /tmp/ldapwhoami.log
grep "SASL/DIGEST-MD5 authentication started" /tmp/ldapwhoami.log
grep "SASL username: user.1" /tmp/ldapwhoami.log
grep "SASL SSF: 128" /tmp/ldapwhoami.log
grep "SASL data security layer installed." /tmp/ldapwhoami.log
ldapsearch -h localhost -p 10389 -Y DIGEST-MD5 -N -O "minssf=128" -U
user.1 -R example.com -w secret -s sub -b "ou=users,ou=system"
It was failing with such an error:
modifying entry
"ads-interceptorId=passwordHashingInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config"
+ /opt/apacheds-2.0.0.AM27-SNAPSHOT/bin/apacheds.sh stop
+ wait_for_apacheds_down
+ timeout 60 sh -c 'while nc -z localhost 10389; do sleep 1; done'
+ /opt/apacheds-2.0.0.AM27-SNAPSHOT/bin/apacheds.sh start
+ wait_for_apacheds_up
+ timeout 60 sh -c 'while ! nc -z localhost 10389; do sleep 1; done'
+ ldapmodify -h localhost -p 10389 -x -D uid=admin,ou=system -w secret
-f /data.ldif
adding new entry "uid=user.1,ou=users,ou=system"
+ ldapwhoami -h localhost -p 10389 -Y DIGEST-MD5 -N -O minssf=128 -U
user.1 -R example.com -w secret
+ tee /tmp/ldapwhoami.log
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available: No worthy mechs found
+ grep 'SASL/DIGEST-MD5 authentication started' /tmp/ldapwhoami.log
script returned exit code 1
We do have a bunch of SASL tests for the server, they are all passing
green, this specific check is pretty much useless, and there should be
some missing parameter somewhere, but I don't have time to analyse it in
depth.
What I'd like to do now, is to cut the M27 release to have it past us,
it's long expected...
--
*Emmanuel Lécharny* P. +33 (0)6 08 33 32 61
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
