Christian Kratzer wrote:
Hi,
On Fri, 28 Mar 2014, Nick Milas wrote:
On 28/3/2014 1:25 ??, Christian Kratzer wrote:
I consider cn=config superior once you get your head wrapped around it.
On 28/3/2014 12:53 ??, Simone Piccardi wrote:
- I can put comments on it
Christian,
Please allow me to intervene in the thread to say that your comments are very
valid, but still, Simone's need for comments is beyond doubt.
Here is a long discussion done in 2012 about this (this link points to my own
message, but it is a long thread with valuable info):
http://www.openldap.org/lists/openldap-technical/201203/msg00214.html
yes cn=config needs some work and polishing.
As we already have ordering in acl and such comments should not bee too hard to
add.
We still have the problem of formatting of individual attributes like olcAccess
and olcSyncrepl which have tons of information.
The syncrepl consumer needs to be moved into an overlay (as was already done
for the provider, years ago). At that point the config will simply be split
into its own set of attributes, instead of a single large value.
That's why I currently maintain my acl externally and version them using svn
which allows me to keep my indentation, comments and formtting.
I consider this quite similar to the way I maintain cisco router and asa
firewall configs and specific acl on a tftp server and use copy tftp
running-config to apply them.
Ideally I would like to fire up ldapvi and see my comments and my formatting of
large attributes such as olcSyncrepl and olcAccess perhaps split up over
multiple lines.
This of course poses challenges as the attributes are plain ascii strings.
The best approach needs thiniking.
I take the opportunity to repeat here that, IMHO it is vital to have (at
least) correct ordering of ACLs and the ability to add comments anywhere in
the config. Also see other usability issues mentioned in the above thread and
elsewhere.
Ordering is already implemented. +1 for the rest.
I hope that now, when 2.5 branch has started, such issues may be addressed!
I would suppose that patches and discussion is welcome. As a cn=config user I
am equally interested in getting full usablity.
Certainly, patches welcome.
Kind of like havin feature parity between ipv4 and ipv6 is so important in
other areas.
Greetings
Christian
All the best,
Nick
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
