--On Monday, July 18, 2005 10:36 AM +0200 Buchan Milne
<[EMAIL PROTECTED]> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Kurt D. Zeilenga wrote:
This problem is likely specific to the 3rd package of
OpenLDAP Software you are using. You should contact that
party for assistance.
Maybe you missed my (the maintainer of said 3rd-party packages)
responses to Javier's problems, which resulted from him following the
advice of the admin guide
(http://www.openldap.org/doc/admin23/install.html) to download and
compile all the necessary software from source, which resulted in half a
2.2.27 and half a 2.2.23 installation?
Javier solved the problem by (on my advice) removing the
locally-compiled 2.2.27 library from /usr/local/lib and running ldconfig.
I wonder if it may be useful to include a mention that the user should
first check if the software provided by their vendor is relatively
up-to-date, before modifying their installation to a (to the
inexperienced user) difficult to repair state?
If not, maybe I will patch the version of the admin guide we ship so we
don't have users shoot themselves in the foot when following it
(although, I don't know if this would have helped Javier, since he
probably read the on-line copy).
Surely someone just installing OpenLDAP the first time (and who may not
necessarily be experienced in building software from source) should
rather stick with the packages provided, maintained (from a security
updates point of view at least) and supported (in terms of
application-level support, integration with other packages and updates
between releases of the vendor's product) by the vendor rather than
compile everything from source
I think part of the problem here is even suggesting people mess with the
vendor maintained LDAP libraries. Although Buchan does an excellent job of
keeping his distro's versions of OpenLDAP up to date, many do not, with an
unnamed large corporation that distributes linux being one of the worst
offenders. If we are going to suggest that people build their own LDAP
installation, we should at least caveat that they build it into a location
completely separate from the distributions LDAP libraries (like /opt,
/usr/local, etc).
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
