[Pkg-openldap-devel] Bug#614569: Bug#614569: RFS: Bug#614569: slapd fails to dump/reload partial replica -- NMU sponsor needed

Luca Bruno lucab at debian.org
Thu Dec 4 10:13:03 UTC 2014 

On Wednesday 03 December 2014 18:21:08 Ryan Tandy wrote:
> On Wed, Dec 03, 2014 at 11:40:24PM +0100, Ferenc Wagner wrote:
> >I got pre-approval on #771962: the upload will be unblocked, provided
> >it's in unstable by Monday the 8th of December.  People with upload
> >rights, if you can spare a minute please review the above change and
> >consider sponsoring the upload!  Actually, review is welcome from
> >anybody. :)
> 
> Thanks very much for working on this, and the debdiff looks fine (but I
> haven't actually built or tested it). I hope you can find a sponsor in
> time. Luca, are you reading?

I was following the discussion, and I have to say that I am not too 
comfortable in uploading this NMU at this point of the release cycle.
So NACK on my side.

My main concerns are:
 * I am not sure that I grok all the implications of that. I suspect that
   most of our (overly) complex pre/postinst scripts makes some assumption on
   schema/db consistency, at least implicitly.
 * We are changing the default behavior to fix a single-case situation, by
   removing a safety check. Mmmh...
 * This bug has been open since some time, never marked as RC, put on
   low-priority by the maintainer and upstream discouraged dropping the "-s".
 * This is not even the proper solution, just a quick-hack patch.

Moreover, I don't consider myself an LDAP expert, but I have some comments on 
the issue:
 * I would say that requiring/checking schema integrity across upgrade is a
   good general measure, and we should NOT work around that. Fail early, fail
   loudly.
 * IIRC disabling schemachecking is heavily discouraged. We don't offer that
   option in debconf. I assume the admin are really aware of the setup, and
   know its quirk.
 * Workarounds for the specific corner case exists, but maybe are a bit
   undocumented.

So my alternative suggestion is: let's make it explicit that we value schema 
integrity, and we rely on it across upgrades; let's put a point in the release 
notes to document how to workaround this partial replica scenario; let's try 
to address this better in the next point release.

Cheers, Luca

-- 
 .''`.  ** Debian GNU/Linux **  | Luca Bruno (kaeso)
: :'  :   The Universal O.S.    | lucab (AT) debian.org
`. `'`                          | GPG Key ID: 0x4F3BBEBF
  `-     http://www.debian.org 	| Debian GNU/Linux Developer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20141204/bf1d733a/attachment-0003.sig>

More information about the Pkg-openldap-devel mailing list