Tracey Gates wrote:
> When I try to do a delete on an entry for my LDAP I'm getting an error
> message using the following line:
Tracey, if you deploy back-hdb this could be related to this ITS:
http://www.openldap.org/its/index.cgi?findid=3765
Ciao, Michael.
HI!
I can't sync my CVS tree:
$ cvs up -RdP .
cannot create_adm_p
/tmp/cvs-serv3397/servers/slapd/back-sql/rdbms_depend/ibmdb2
No space left on device
Ciao, Michael.
Howard Chu wrote:
>
> I still find the juggling between back-config and frontendDB a bit
> confusing (and I wrote the darn thing...) which is another reason for
> writing out this explanation. It's a bit like a Klein bottle - the
> frontendDB encompasses all of the backends, but the config backend
Michael Ströder wrote:
>
> If I'm using option -f slapd.conf and -F configdir/ together which
> config data is authorative?
> [..]
> My conclusion:
> Drop -f slapd.conf completely in 2.3.x and rather develop good setup
> tools...
Well, same question for file DB_CONFIG
Quanah Gibson-Mount wrote:
>
> --On Thursday, July 28, 2005 7:18 PM +0200 Michael Ströder
> <[EMAIL PROTECTED]> wrote:
>
>> Michael Ströder wrote:
>>
>>> If I'm using option -f slapd.conf and -F configdir/ together which
>>> config data is
Quanah Gibson-Mount wrote:
>
>> => One has to decide which route to go and after that one has to follow
>> that route consequently to avoid inconsistencies and double effort.
>
> And sometimes, there is more than one route to a destination, each route
> with its pros and cons.
Quanah, do you hav
Howard Chu wrote:
>
> Well, it probably does take more keystrokes to run ldapmodify than it
> does to edit slapd.conf. I guess that proves Michael's point that we
> need better setup tools, or at least a more terse format than LDIF for
> specifying modifications.
Recent web2ldap works pretty well
Quanah Gibson-Mount wrote:
>
> -f -F should be used one time to convert from the conf file to the
> config backend. I would say running slapd with -f and -F was invalid
> once the conversion is done.
=> Using -f -F together should be invalid when starting slapd. The
conversion should be done wit
HI!
I'd like to suggest that http://www.openldap.org/doc/admin/ shows a list
of the different versions of the Admin Guide.
http://www.openldap.org/doc/admin23/
http://www.openldap.org/doc/admin22/
Ciao, Michael.
Kurt D. Zeilenga wrote:
> I see
> no problem with proxy backends making things work using manageDIT,
> manageDSAit, proxyAuthz, and other controls.
What's the difference of manageDIT and manageDSAit controls?
I guess with manageDsaIT you refer to control 2.16.840.1.113730.3.4.2
described in RFC32
Pierangelo Masarati wrote:
> Michael Ströder wrote:
>
>> Where can I read about manageDIT?
>>
> Basically, on this list and in OpenLDAP code.
Is it encoded as simple as manageDSAIT without a control value?
Which OID?
Ciao, Michael.
Kurt D. Zeilenga wrote:
> If a client wanted to know which OIDs/descriptors were unknown,
> it could simply rely on published schema(s) for the subtree(s) and
> other published information. (Note that the published
> subschema/information may be incomplete, but then so would be the
> information i
Pierangelo Masarati wrote:
>
> We need to be able to deal with dumb clients,
Agreed. That's why I'd vote for just generate more informative messages
and return it in errorMessage of the LDAPResult message. So every
existing LDAP client displaying / logging errorMessage can immediately
provide mor
Howard Chu wrote:
>
> To me the notions of "externally scripted module" and "production use"
> are mutually incompatible. You use a scripting backend to prototype an
> interaction, and if it needs to perform well in production use you
> rewrite it in C.
This is not generally true. Some web apps o
HI!
Some interoperability test cases require to set an illegal value for
LDAP protocol version used. E.g. BLITS 3.0 sets it to 4 to make the
server fail.
Now setting LDAP_OPT_PROTOCOL_VERSION to e.g. 4 is denied in options.c:
if (vers < LDAP_VERSION_MIN || vers > LDAP_VERSION_MAX) {
Kurt D. Zeilenga wrote:
> please test... and report issues using ITS.
http://www.openldap.org/its/index.cgi?findid=4139
Ciao, Michael.
With latest RE23 I get this in my syslog:
unable to open pid file
"/opt/openldap-OPENLDAP_REL_ENG_2_3/var/run/slapd.pid": 13 (Permission
denied)
It used to work before with the directory permissions set by 'make install'.
Ciao, Michael.
Could anyone please examine ITS#4144 before releasing RE23?
Ciao, Michael.
Howard Chu wrote:
>
> The question is how important is it that clients be able to immediately
> follow a write request with a read request,
In a project we had problems with a PKI product of a major vendor
accessing another directory server product. The RA component of this
product was first conf
Howard Chu wrote:
> updates asynchronous. For clients that re-read, the update must be fully
> synchronous, and this poses a problem (ITS#3671, losing connectivity to
> a consumer will hang the provider).
Another directory product is queueing the requests when connectivity to
the replica is broken
Quanah Gibson-Mount wrote:
>
> --On Tuesday, December 20, 2005 11:20 AM +0800 Yingbo Qiu
> <[EMAIL PROTECTED]> wrote:
>
>> If the slapd was killed by SIGKILL(9), bdb database will be
>> autorecovered at startup, I can read recovery message from 'slapd -d
>> 5'
>
> You may with to upgrade to 2.3.
Quanah Gibson-Mount wrote:
>
> --On Tuesday, December 20, 2005 9:23 AM +0100 Michael Ströder
> <[EMAIL PROTECTED]> wrote:
>
>> I think the stable tag should be moved away from 2.3.11 to 2.3.13 since
>> 2.3.13 seems to be much more stable and people should b
Ralf Haferkamp wrote:
>
> Btw, while we are at it. For easy bootstrapping of back-config we
> could add an implicit sasl-regexp that maps
> "gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" to
> "cn=config". This would allow root to configure slapd through ldapi.
> I just played around a li
On 2:09:04 pm 2006-02-21 Ralf Haferkamp <[EMAIL PROTECTED]> wrote:
> On Friday 17 February 2006 18:48, Michael Ströder wrote:
> > Ralf Haferkamp wrote:
> > > Btw, while we are at it. For easy bootstrapping of back-config we
> > > could add an implicit sasl-reg
Kurt D. Zeilenga wrote:
> At 06:19 AM 3/1/2006, Luke Howard wrote:
>
>>Apologies if this has been brought up before.
>>
>>I think it might be useful to always escape non-printable characters:
>
> I think it's better to have minimal escaping on the wire as
> DNs strings are (too) often presented b
Howard Chu wrote:
> revisiting this thread from February, providing a default authz-regexp
> mapping for Unix root to the cn=config rootDN when slapd is started with
> no config file and no config dir, and is listening on ldapi://.
>
> That's a lot of extra work for no gain. Just run slapadd with
Gavin Henry wrote:
>
> We're updating some LDAP code in another peice of software, how do we find
> out what replaces these functions:
>
> ldap_get_values
> ldap_value_free
> ldap_search_s
> ldap_unbind_s
> ldap_init
> ldap_simple_bind_s
> ldap_unbind
>
> I can see the #if LDAP_DEPRECATED in lda
HI!
Is the cancel operation already supported in RE23?
It seems so (playing around with it with python-ldap).
But supportedFeatures in root DSE does not contain 1.3.6.1.1.8.
RFC 3909 states:
Servers SHOULD indicate their support for this extended operation by
providing 1.3.6.1.1.8 as a va
HI!
If slapd.conf contains
authz-policy none
should proxied authorization (2.16.840.1.113730.3.4.18) be advertised in
'supportedControl' of rootDSE? IMHO it shouldn't appear.
Ciao, Michael.
Howard,
(Cc:-ed openldap-devel@OpenLDAP.org in opposite to our off-line
conversation).
Howard Chu wrote:
> I'm wondering if it's worth the effort
> to rewrite the client's LDIF parser as I did for slapadd -q.
As I said I cannot test on the machine where I did the original tests.
But I tried to t
Quanah Gibson-Mount wrote:
>
>
> --On Thursday, December 07, 2006 2:27 PM -0800 "Kurt D. Zeilenga"
> <[EMAIL PROTECTED]> wrote:
>
>> [moved to devel]
>>
>> Well, from a data model perspective, the attributes seems to
>> belong to directory system agent, not user applications. Their
>> values do
Pierangelo Masarati wrote:
>
> Correct, the SLAP_EXOP_HIDE should now be removed from re23, since the
> cancel operation is supported and now published as RFC 3909.
1.3.6.1.1.8 is still not visible in rootDSE of 2.3.31.
Should I file an ITS?
Ciao, Michael.
Howard Chu wrote:
>
> The other fix I'm leaning toward is making slap_mods_check honor the
> no_schema_check flag, and use slap_bv2undef_ad for unrecognized
> attributes in that case. Another option is to pass slap_mods_check a
> flag that tells it to simply drop unrecognized attributes in these
>
Pierangelo Masarati wrote:
> Michael Ströder wrote:
>
>> Maybe related to this the build of current HEAD fails:
>>
>> cc -g -O4 -march=pentium4 -I../../include -I. -I./slapi -I.
>> -I../../include -I/opt/bdb-4.5/include -I/opt/sasl/include
>> -I/opt/hei
On 2:00:38 am 2007-01-10 "Kurt D. Zeilenga" <[EMAIL PROTECTED]> wrote:
> At 11:50 AM 1/6/2007, Hallvard B Furuseth wrote:
> > I've had it with explaining that the suffix is the root of the
> > database which is not the rootdn which is not the Unix user "root".
> > Any hope of renaming rootdn and ro
Hallvard B Furuseth wrote:
>
>>Almost anything short of
>>"rootdnThatAppliesOnlyToThisBackendAndNotToAnythingElseInYourOS" is
>>going to require a bit of interpretation in the documentation, and it's
>>intuitively obvious (if not always properly understood) that slapd
>>configuration configures sl
Hallvard B Furuseth wrote:
> Michael Ströder writes:
>
>>On 2:00:38 am 2007-01-10 "Kurt D. Zeilenga" <[EMAIL PROTECTED]> wrote:
>>
>>>At 11:50 AM 1/6/2007, Hallvard B Furuseth wrote:
>>>
>>>>I've had it with explaining that the
Howard Chu wrote:
> Eric Irrgang wrote:
>> Since
>> 1) the behavior is different
>> 2) the slapd.conf to cn=config conversion sucks in the relevant
>> information anyway
>> and
>> 3) use of includes is inappropriate under cn=config
>> is it maybe time for the slap* tools stop creating cn=Includes?
Hallvard B Furuseth wrote:
>
> If it's no longer needed - what has changed? I thought it was invented
> because the existing scheme of '{hash method}' in userPassword broke the
> LDAP standard. Which it still does.
Simply no-one cares.
BTW: IIRC RFC 3112 also lacks a definition of charset enco
Howard Chu wrote:
> Possible alternatives:
> 1) only update modifyTimeStamp in response to actual Modify (and
> MoDDN) requests from a client. (thus, not for any internally generated
> updates.)
For auditing purposes I'd prefer this. All modifications *excluding*
things done by overlays (e.g. sl
Kurt Zeilenga wrote:
>
> In general, any change to the DIT object should result in a update of
> modifyTimestamp. This is necessary for synchronization*
> purposes.
Got the message.
> Regarding refint. One should view these updates as coming from a user
> application embedded in the DSA, not
Pierangelo Masarati wrote:
> I'm playing with certification authorities and so, and I came across
> certificate lists. Currently, the certificate list syntax
> 1.3.6.1.4.1.1466.115.121.1.9 is validated by sequenceValidate, which
> simply checks if the value starts with a LBER_SEQUENCE tag. After
Pierangelo Masarati wrote:
> Hallvard B Furuseth wrote:
>> [EMAIL PROTECTED] writes:
>>> Tag: OPENLDAP_REL_ENG_2_3
>>> entry.c 1.129.2.13 -> 1.129.2.14
>>> import fix to ITS#5071
>> This (/* require ';binary' when appropriate (ITS#5071) */) is a
>> functionality change which can prevent
Quanah Gibson-Mount wrote:
>
> but I think that dropping support for 4.2 is the right way to go.
+1 (since the developers are not willing to support it anyway)
Ciao, Michael.
Gavin Henry wrote:
>
> Should we change the outputed PDF to be called:
>
> OpenLDAP-Admin-Guide.pdf
Yes.
> or are you really happy with just:
>
> guide.pdf
No.
> Do we need to do for htmldoc:
>
> --size a4
>
> Or do we want to stick with Letter?
>
> You can change this prior to pr
Hallvard B Furuseth wrote:
> Kari Mattsson writes:
>> I've had some success by creating hybrid paper size of A4 width
>> (210 mm), and Letter height (some inches). That is, take the
>> smaller values of both. That way the printers (atleast some)
>> seem to be happier. Most new p
Pierangelo Masarati wrote:
> inspection/maintenance: the cache database can be directly accessed via
> LDAP by adding a specific control to each LDAP request; a specific
> extended operation allows to consistently remove cached entries and entire
> cached queries.
Where are the control and the ext
t for informational
purpose without enforcing them. Same function like rootDSE in
slapd.conf.
Opinions?
Ciao, Michael.
--
Michael Ströder
E-Mail: [EMAIL PROTECTED]
http://www.stroeder.com
the two attributes defined in the LDAP URL as option
value,text tuple (in that order).
But I'd really like to see the constraints being defined in subschema
subentry instead of slapd.conf.
Ciao, Michael.
--
Michael Ströder
E-Mail: [EMAIL PROTECTED]
http://www.stroeder.com
--
Kurt Zeilenga wrote:
>
> On Sep 10, 2007, at 3:13 PM, Michael Ströder wrote:
>
>> Discussed this very briefly with Howard at LDAPcon 2007 based on an idea
>> of Steve:
>>
>> Support for dITStructureRules and nameForms is still in OpenLDAP's TODO.
>
Gavin Henry wrote:
>
>> Gavin Henry wrote:
>>> Hi all,
>>>
>>> Why don't we have any 45XX rfcs in doc/rfc/ ?
>> Because they didn't exist when RE23 was written, and we don't claim to
>> conform
>> to them in RE23.
>
> Ah, ok. The obvious answer. Thanks.
Hmm, maybe I don't fully understand the co
Hope it's ok to take this to openldap-devel.
Kurt Zeilenga wrote:
> ITS#4787: requests change in "stable" release naming. More discussion
> needed. (I oppose making this change for various reasons).
What are these "various reasons"?
Ciao, Michael.
slapadd seems a reasonable migration action anyway.
Ciao, Michael.
--
Michael Ströder
E-Mail: [EMAIL PROTECTED]
http://www.stroeder.com
Gavin Henry wrote:
> Thought I'd start the thread.
Gavin, do you really think it's already time for this?
I'd rather be curious to know what items in doc/devel/todo will be done
in 2.4. Personally I'd like to see (optional) support for DIT structure
rules and name forms. But I'm not a C programme
Howard Chu wrote:
> Michael Ströder wrote:
>
>> IIRC in some former days database format changed frequently even within
>> a media release series (don't remember which one). IMO migration from
>> 2.3.x to 2.4.7+ is a significant update with lots of changes.
>>
Howard Chu wrote:
>
> OK, I guess it's fine to make it the default. However, because I think
> we still want the key size to be tunable, I'm going to keep the config
> keyword.
> [..]
> In this case, all you'd need is to run "slapindex -qt" to recreate the
> relevant indices.
Any implications wit
Ralf Haferkamp wrote:
>
> On the other hand we could even let the runtime indexer task recreate the
> indexes on the fly when such an old index is discovered. ;-)
>From an operational perspective I'm always a bit scared of things
automagically happening during run-time (or even during startup).
Marc Boorshtein wrote:
> I wanted to get an opinion from the other java ldap projects. Should
> the toString() method of a class that represents a DN return null or
> an empty string? I would think an empty string but JLDAP returns
> null. Anyone have an opinion on the matter?
I'm not a Java pr
Emmanuel Lecharny wrote:
> Hallvard B Furuseth wrote:
>> Michael Ströder writes:
>>
>>> It really depends on what you want to express. Note that "" represents
>>> the rootDSE or root naming context. So "" would reference something
>>>
Howard Chu wrote:
>
> On the whole it doesn't seem like new syntaxes pop up in LDAP specs very
> often. Some may say this is because they're not really needed. I believe
> they've been sorely needed, and people have just avoided them because
> they required too much work to properly support in exi
Howard Chu wrote:
>
> Thanks. Yes, hdb is slightly different but not as far as test008 is
> concerned. I had a problem in test020 which showed a regression that's
> been there ever since 2.3 was released, but that was also fixed with the
> last round of checkins. (hdb had a race that could allow m
Howard Chu wrote:
> Michael Ströder wrote:
>> Howard Chu wrote:
>>> Thanks. Yes, hdb is slightly different but not as far as test008 is
>>> concerned. I had a problem in test020 which showed a regression that's
>>> been there ever since 2.3 was released,
HI!
following up on this because some older schema files reference
'countryName' (and worked with RE23).
Howard Chu wrote:
I'm puzzled why RFC4519 drops the 'countryName' alias for this type
from the RFC2256 definition.
Me too...
How to deal with that (except changing the schema files of o
Michael Ströder wrote:
following up on this because some older schema files reference
'countryName' (and worked with RE23).
Howard Chu wrote:
I'm puzzled why RFC4519 drops the 'countryName' alias for this type
from the RFC2256 definition.
Me too...
It was also n
HI!
When migrating data extracted from a 2.3.39 server via slapcat into a
RE24 server I had two issues:
1. Option -q of slapadd resulted in a seg fault.
2. I had to remove the entryCSN attributes from the LDIF data. Probably
this is somewhat related to the 2.3-2.4 replication issue.
Ciao,
Quanah Gibson-Mount wrote:
--On December 13, 2007 1:41:50 AM +0100 Michael Ströder
<[EMAIL PROTECTED]> wrote:
When migrating data extracted from a 2.3.39 server via slapcat into a
RE24 server I had two issues:
1. Option -q of slapadd resulted in a seg fault.
2. I had to remo
Andrew Bartlett wrote:
When I add invalid member to a group, OpenLDAP returns
LDAP_CONSTRAINT_VIOLATION ,
but AD returns error 32, LDAP_NO_SUCH_OBJECT for this situation.
Hmm, this is a result of a modify operation for which an additional
constraint is enforced. So I think the error code retur
HI!
Any chance to have slapo-constraint from HEAD to be released with 2.4.8?
I'd like to make use of uri type. I'll bang on slapo-constraint HEAD in
the mean-time.
Ciao, Michael.
Howard Chu wrote:
Michael Ströder wrote:
Any chance to have slapo-constraint from HEAD to be released with 2.4.8?
I'd like to make use of uri type. I'll bang on slapo-constraint HEAD in
the mean-time.
Care to write a test script for it? That would be helpful...
I'll giv
Hallvard B Furuseth wrote:
Indeed. For most of my tasks, my editor is the best API I've got.
Or it would be if the task allowed it.
In recent version of web2ldap you can switch the input form when
adding/modifying entries from HTML template to raw table to LDIF
multi-line text field without
Hallvard B Furuseth wrote:
Assertion controls in the generated LDIF, to check that the config entry
being updated indeed matches the entry we read from cn=config and
edited.
BTW: web2ldap implements delta-modification. The entry is re-read right
before the delta of the current entry and the u
Howard Chu wrote:
Tools that make certain commonplace tasks easier are certainly a good
thing. But when the tools get in the way, (e.g., FedoraDS where there
are even more bug reports about getting their admin server running than
for their actual directory server), the whole effort is just poin
Ralf Haferkamp wrote:
On the other hand we have
quite some customers demanding for tools to manage OpenLDAP, that's why I
came here to find ways to improve that situation in a way that others could
benefit from it as well.
Ralf, at first one would have to define what "manage OpenLDAP" really
Ralf Haferkamp wrote:
For 1. I usually ask my customers how they are going to implement the
change management. After some discussion we usually end up with
text-based config managed with version control. Something simple and
handy. :-)
>
Yes, I guess that this works pretty well when you deploy
Hallvard B Furuseth wrote:
Michael Ströder writes:
Hallvard B Furuseth wrote:
Assertion controls in the generated LDIF, to check that the config entry
being updated indeed matches the entry we read from cn=config and
edited.
BTW: web2ldap implements delta-modification. The entry is re-read
HI!
Consider the following config for slapo-constraint in slapd.conf:
constraint_attribute ou uri
ldap:///o=Test Company?ou?sub?(objectClass=organizationalUnit)
With this example the constrained attribute is the same like the one
used in the LDAP URL. Now how are entries handled which are se
Howard Chu wrote:
Michael Ströder wrote:
Consider the following config for slapo-constraint in slapd.conf:
constraint_attribute ou uri
ldap:///o=Test Company?ou?sub?(objectClass=organizationalUnit)
With this example the constrained attribute is the same like the one
used in the LDAP URL
Michael Ströder wrote:
Howard Chu wrote:
Michael Ströder wrote:
Consider the following config for slapo-constraint in slapd.conf:
constraint_attribute ou uri
ldap:///o=Test Company?ou?sub?(objectClass=organizationalUnit)
With this example the constrained attribute is the same like the
Ralf Haferkamp wrote:
On Mittwoch, 16. Januar 2008, Michael Ströder wrote:
Ralf Haferkamp wrote:
For 1. I usually ask my customers how they are going to implement
the change management. After some discussion we usually end up
with text-based config managed with version control. Something
Howard Chu wrote:
Michael Ströder wrote:
Howard Chu wrote:
Michael Ströder wrote:
Consider the following config for slapo-constraint in slapd.conf:
constraint_attribute ou uri
ldap:///o=Test Company?ou?sub?(objectClass=organizationalUnit)
With this example the constrained attribute is
Ralf Haferkamp wrote:
On Dienstag, 12. Februar 2008, Michael Ströder wrote:
Hallvard B Furuseth wrote:
Michael Ströder writes:
/home/michael/src/openldap/OPENLDAP_REL_ENG_2_3/openldap/servers/s
lapd/.libs/lt-slapd:
Symbol `ldap_int_global_options' has different size in shared
o
Hallvard B Furuseth wrote:
Michael Ströder writes:
/home/michael/src/openldap/OPENLDAP_REL_ENG_2_3/openldap/servers/slapd/.libs/lt-slapd:
Symbol `ldap_int_global_options' has different size in shared object, consider
re-linking
What ./configure options? Does make distclean and rebuild
Quanah Gibson-Mount wrote:
Please test RE23 in preparation for OpenLDAP 2.3.41.
Does not work for me on openSuSE 10.3.
Starting test000-rootdse ...
running defines.sh
Starting slapd on TCP/IP port 9011...
Using ldapsearch to retrieve the root DSE...
Waiting 5 seconds for slapd to start...
Wa
Hallvard B Furuseth wrote:
Michael Ströder writes:
Might that be caused by the missing "make depend" step?
If so make distclean (which he did use) would be broken.
There are hosts which don't provide a way to do "make depend".
Any hint? Maybe something related
Howard Chu wrote:
Russ Allbery wrote:
I expect that a port to Mozilla's NSS wouldn't be
too much more difficult, although of course Howard would be the person to
ask for an estimate.
I would think there are other developers here who are familiar with
Mozilla NSS and can read the code in libld
Simon,
I know *very* little about C programming but...
Simon Josefsson wrote:
I don't think it is unreasonable for a SAN related API to work with
zero-terminated strings. The typical SAN's like dNSName, rfc822Name,
and uniformResourceIdentifier are human readable strings. Most
applications w
Howard Chu wrote:
Seems like it would be a good idea to define a new option "glue-peer" or
somesuch that allows multiple peer-level DBs to be glued together.
What exactly do you mean with peer-level DBs? I didn't get what
the idea is for...
In case of duplicate entries, we'd have to track th
Howard Chu wrote:
Michael Ströder wrote:
Howard Chu wrote:
Seems like it would be a good idea to define a new option "glue-peer" or
somesuch that allows multiple peer-level DBs to be glued together.
What exactly do you mean with peer-level DBs? I didn't get what
the idea is
Howard Chu wrote:
It would probably be a small enough job to put an overlay wrapper around
back-sock (just like the chain overlay is a wrapper around back-ldap)
with some filtering/selection keywords.
That would be a very useful enhancement! I still have the plan to write a
Python back-sock
HI!
Are there any plans when to release 2.4.9? I vaguely remember some
interesting fixes and noticed that some things were already back-ported
to RE24.
Ciao, Michael.
HI!
Did anyone already take not of this?
Are parts of OpenLDAP's code affected?
[Bug c/27180] New: pointer arithmetic overflow handling broken
http://gcc.gnu.org/ml/gcc-bugs/2006-04/msg01297.html
US-CERT - Vulnerability Note VU#162289:
gcc silently discards some wraparound checks
http://www.kb.
Howard Chu wrote:
The only other issue I'd like to close out is 5383, assigning a
public OID to the config schema.
I'd really appreciate it. :-)
Ciao, Michael.
Quanah Gibson-Mount wrote:
Please test RE2.4 and let me know how things go.
Hmm, when invoking 'make test' test022-ppolicy failed. But when invoking
it directly in tests/ it works. Such things happen every now and then
with various test scripts. It seems to me that there are some
non-determ
)!
./scripts/test050-syncrepl-multimaster failed (exit 32)
make[2]: *** [hdb-yes] Erreur 32
make[2]: quittant le répertoire « /tmp/openldap/tests »
make[1]: *** [test] Erreur 2
make[1]: quittant le répertoire « /tmp/openldap/tests »
make: *** [test] Erreur 2
Regards,
Raphaël Ouazana.
--
Michael Ströder
HI!
I think this text in
http://www.openldap.org/faq/data/cache/44.html
needs some correction since recent BDB 4.6 cannot be used with OpenLDAP 2.3:
"[..] Versions 4.4, 4.5, and 4.6 are known to work with OpenLDAP 2.3 and
newer."
I don't know how to edit existing text in the FAQ-O-MATIC.
Cia
Quanah Gibson-Mount wrote:
Syncrepl was untenable with non-serialized updates (which moving to
delta-syncrepl helped with). Even in a standalone setup, I find that
serializing the update process provides faster write times (at least
with back-(bh)db) than allowing multiple update threads.
HI!
Is the demo server which was running ldap://ldap.openldap.org abandoned
forever?
Ciao, Michael.
HI!
It seems my application to run an OpenLDAP booth at http://openexpo.de/
in Germany, Karlsruhe, 25./26. May 2008 was accepted. Like requested by
them I'll sent them the OpenLDAP worm logo to be put on their web page.
Volunteers welcome to help at that booth. It's right before Linuxtag in
Quanah Gibson-Mount wrote:
Please test RE24 as it has been resync'd with head to address known issues.
'make test' ran three times without problems on openSUSE 10.3 i586.
Ciao, Michael.
Hallvard B Furuseth wrote:
Quanah Gibson-Mount writes:
I strongly prefer hyphens. In part because they are treated as word
boundaries in vi. ;)
What for? That's the advantage of underscores - an editor is more
likely to treat a single keyword as a single word...
Yupp. I'd consider this bet
1 - 100 of 513 matches
Mail list logo
