[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: back-config

To: openldap-devel@OpenLDAP.org
Subject: Re: back-config
From: Ralf Haferkamp <rhafer@suse.de>
Date: Wed, 2 Mar 2005 10:57:36 +0100
Content-disposition: inline
In-reply-to: <42254ADB.9060005@symas.com>
References: <42254ADB.9060005@symas.com>
User-agent: KMail/1.7.1

On Wednesday 02 March 2005 06:10, Howard Chu wrote:
> Now that I've got all of the frontend and back-bdb config keywords
> implemented (read-only) I'd appreciate some feedback on the schema
> etc. before moving ahead to doing the write operations.
It's great to see this feature getting implemented. One thing I was 
missing during a quick test is the "index" directive for back-bdb. But 
maybe that just not implemented right now. 

One thing I currently don't quite understand in the purpose of the 
olcIncludeFiles Objects. Is it planned to have the contents of include 
file available in the future as well? Or is it just to have the 
possibility to add/delete the includes? As long as one has only schema 
definitions in includes files this might be enough, but some people 
like to have other stuff there (e.g. to have the access rules in a 
separate file).

> Having gone thru all of this config stuff, a lot of other ideas came
> to mind:
>
> slurpd replica configuration should probably have both an included
> and excluded attrs list, like syncrepl does. It would greatly
> simplify the exclusion processing in repl.c. Also, deleting the
> an_oc_exclude flag from the AttributeName structure would simplify
> things too.
>
> I wonder if replication (syncrepl and slurpd) directives should be in
> their own objects, subordinate to the database object.
Yes, and IMO the same applies for the access control directives. I think 
that would make it more clearly laid out.
E.g. having "cn=access,olcDatabase={1}bdb,cn=config" for database 
specific ACLs and either "cn=access,olcDatabase={0}frontend,cn=config"
or "cn=access,cn=config" for global ACLs.

Hmm, I just recognized that at the moment global ACLs show up in both 
Objects (cn=config, and olcDatabase={0}frontend,cn=config). I guess 
this isn't wanted?

> I find writing schemas unbearable without using OID macros. It would
> be nice to use them more overtly, using unqualified names (e.g.,
> DirectoryString instead of my current OMsDirectoryString).
>
> Some of the back-config retrieval functions will no-op if they're in
> their default values, but many of them just return a value, default
> or not. The goal was to to return only as much text as would have
> been in the slapd.conf file originally, but more consistency would
> probably be better here.

-- 
Ralf Haferkamp
SUSE LINUX Products GmbH, Maxfeldstrasse 5, D-90409 Nuernberg
T: +49-911-74053-0
F: +49-911-74053575 - Ralf.Haferkamp@suse.com

Follow-Ups:
- Re: back-config
  - From: Howard Chu <hyc@symas.com>
- Re: back-config
  - From: Howard Chu <hyc@symas.com>

References:
- back-config
  - From: Howard Chu <hyc@symas.com>

Prev by Date: back-config
Next by Date: Re: back-config
Index(es):
- Chronological
- Thread