[Pkg-openldap-devel] Bug#725153: Bug#725153: Bug#725153: Bug#725153: openldap, nss, and gnutls
Timo Aaltonen
tjaalton at debian.org
Fri Apr 8 17:41:01 UTC 2016
03.04.2016, 12:32, Timo Aaltonen kirjoitti:
> 20.05.2015, 20:43, Ryan Tandy kirjoitti:
>> Hi dkg,
>>
>> On Wed, May 20, 2015 at 12:58:08PM -0400, Daniel Kahn Gillmor wrote:
>>> If the work to switch openldap to NSS is strictly because of licensing
>>> concerns that have been resolved since the bug was opened, please
>>> reconsider the switch.
>>
>> I don't think anyone intends to switch the default libldap or slapd to
>> nss. I personally would argue against causing that kind of upgrade pain.
>> There's still a possibility of providing an alternate libldap built with
>> nss, but that would take some work, and it sounds like freeipa upstream
>> are moving away from needing it anyway. So this bug will probably just
>> go away eventually.
>
> Another thing is that folks using just 389ds can't replicate it (LP:
> #1564179) because of the same reason.. so having a libldap built against
> nss would still be useful for some.
It is done! Or at least available for review:
http://anonscm.debian.org/cgit/users/tjaalton/openldap.git/commit/?h=nss2
389-ds-base builds fine against it, but I haven't tested multimaster or
"traditional" freeipa replication with it yet.
I'd like to get this in Ubuntu 16.04 as a backup plan if the remaining
dependencies for freeipa 4.3.1 can't make it in time, so if you have
time to review the packaging within the next few days (!) that would be
awesome.
--
t
More information about the Pkg-openldap-devel
mailing list