[Pkg-freeipa-devel] freeipa-server backport to Jessie?
Timo Aaltonen
tjaalton at debian.org
Wed Apr 15 13:18:50 UTC 2015
On 15.04.2015 16:00, Holger Levsen wrote:
> Hi Timo,
>
> On Dienstag, 14. April 2015, Timo Aaltonen wrote:
>>>> Server backport isn't too useful before replicas work, and that needs
>>>> libldap built against nss. Until that you're limited to single-server
>>>> setups.
>
> uhm.
>
>> No, dogtag, bind-dyndb-ldap and freeipa itself should be all that's
>> needed, if you're ok with the single-server limitation.
>
> we that working here...
>
>> Patching openldap to build libldap-nss-2.4-2 (or such) isn't trivial, as
>> the nss build would need patches of it's own (or lots of ifdefs)
>
> which component needs openlda? freeipa uses the 389ds ldap service so I'm a
> bit surprised by this...
ldaps:// access uses libldap + gnutls on Debian, but libldap + moznss on
Fedora world, and the latter is what Freeipa expects when setting up
replicas.
>> I think a CentOS install would be the best bet for now.
>
> I'd be glad to work on overcoming this...
http://www.freeipa.org/page/V4/Replica_Promotion
Simo Sorce on #freeipa is glad to help you get going ;) The GSSAPI part
could be finished earlier than the rest of the replica install rewrite.
but this all has an "optimistic" release goal of 4.2, so later this year
maybe.
--
t
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-freeipa-devel/attachments/20150415/4809e5ef/attachment.sig>
More information about the Pkg-freeipa-devel
mailing list