[Pkg-openldap-devel] Bug#594714: Bug#594714: slapd upgrade may fail on unset SLAPD_CONF

Steve Langasek vorlon at debian.org
Sun Sep 12 06:03:17 UTC 2010 

On Mon, Sep 06, 2010 at 11:31:48PM +0200, Matthijs Möhlmann wrote:
> On 09/06/2010 09:38 PM, Steve Langasek wrote:
> > The commit comment is:

> >  * Fix the upgrade procedure with the new slapd.defaults file.

> > Matthijs, I can't understand your intention here.  I'm sure that the last
> > bit of the diff is wrong - we should *always* have a default fallback value
> > for SLAPD_CONF, not just in the file-based case - but I don't understand the
> > purpose of the first part of the diff.  In what case is it necessary to
> > override an already-set SLAPD_CONF variable on configure, and why does this
> > not also apply to other conditions besides "postinst configure"?

> > Without understanding that, I'm not sure what the right way is to clean this
> > up.

> Before 2.4.23-3 an empty value of SLAPD_CONF causes /etc/ldap/slapd.conf
> automatically be chosen by the slapd process. After 2.4.23-3 we have a
> sed one liner that automatically sets the SLAPD_CONF in the defaults
> file. By *not* setting the SLAPD_CONF at that point people were able to
> use /etc/ldap/slapd.conf as configuration style after version 2.4.23-3.

Ok; I don't think it's reasonable to override the default behavior by
*un*setting the variable.  We should have sensible default behavior even
with a completely empty /etc/default/slapd; and by "sensible" I mean "use
slapd.d if present since it's preferred upstream, and if not present, fall
back to slapd.conf".

> For fixing this bug: are we going to support the *legacy* format in any
> way? If the answer is no, then the last part of that commit should be
> reverted.

Well, cf. my latest comment on bug #593965; I would be ok with not
supporting the legacy format at all.  But, if we *do* support it, the way it
should be supported is *not* by treating an unset $SLAPD_CONF as equivalent
to /etc/ldap/slapd.conf.

> PS: I'm sorry for the delay in responding, I had some busy days at work.

No need to apologize to me at least, I only get time to work on this on the
weekends... :)

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek at ubuntu.com                                     vorlon at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 828 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20100911/a3ee385f/attachment.pgp>

More information about the Pkg-openldap-devel mailing list