OpenLDAP 2.5 packaging status

Ryan Tandy ryan at nardis.ca
Sun May 30 19:06:31 BST 2021 

OpenLDAP 2.5.4 should be arriving in experimental soon. This first 
upload is mostly about the library transition. I have not started 
working on slapd upgrades yet. You are welcome to try out the slapd 
package, but please don't report bugs about upgrades.

Ubuntu have committed to include 2.5 in their 21.10 release, in 
preparation for 22.04 LTS. Sergio from Canonical is working on the 
library transition, fixing rdeps' FTBFS and running tests. Thank you 
Sergio!

These are the major upgrade issues that need to be handled:

- older installs still running the bdb, hdb, or shell backends: need to 
  convert bdb/hdb to mdb on upgrade, don't know what to do with shell. 
  Migration to mdb needs some heuristics to guess an appropriate 
  mapsize.

- installs with the ppolicy schema loaded: it is now compiled into the 
  ppolicy module instead of being a configured schema, so the old schema 
  needs to be removed from the config on upgrade, otherwise the 
  compiled-in and configured schemas could conflict 

- installs with contrib modules active (e.g. smbk5pwd): I need to figure 
  out the package relationships to get the correct ordering; what we 
  need dpkg to do is:
  1. slapd.preinst (export the config and data)
  2. unpack slapd and slapd-contrib
  3. slapd.postinst (re-import the config and data)
  Right now slapd-contrib can be unpacked first, but the module ABI is 
  not compatible, so unpacking slapd-contrib first breaks slapcat, so 
  slapd.preinst fails.

- all of the above need to handle classic slapd.conf config as well as 
  the modern cn=config.

We probably also want an "escape hatch" so that admins can bypass 
automatic migration and any associated failures, just get the new 
binaries installed, and sort out their config by hand.

Systemd service file and DEP5 copyright are still on my radar as 
projects, but the upgrade issues listed above are higher priority.

The RFH (#512360) remains open. I'm still looking for someone to take 
over the package or join as co-maintainer. Note, please don't just apply 
directly to join the salsa team, but contribute some discussions or 
patches first, so that I can get to know you.

thanks,
Ryan

More information about the Pkg-openldap-devel mailing list