Re: openldap 2.2.23 packaged with Debian Sarge

[Aaron Richton <richton@nbcs.rutgers.edu>]

> specific pitfalls of running their packaged version.  Are there
> reliability issues?  Database integrity issues?  Performance issues?

The answer with 2.2.23 would have to be "Yes".

Look at what was fixed in 2.2 before it was marked obsolete:

http://www.openldap.org/devel/cvsweb.cgi/~checkout~/Attic/CHANGES?rev=1.5.6.262&hideattic=1&sortbydate=0

Things are more concrete with descriptions, of course. Let me offer some
personal stories:

Reliability? I personally ran into a crash on a search, ITS#3688. I
assume you allow searches on your LDAP server. If any of your users issue
the command I did, the 2.2 server may well seg fault. You see #3688 in the
CHANGES link was fixed in 2.2.26.

Database integrity? I personally ran into ITS#3764. The "readonly" tools,
like slapcat, didn't have a signal handler. Perhaps you use slapcat to
back up your database? If it fails for some reason, your database gets a
dangling lock. You see #3764 in the CHANGES link was fixed in 2.2.27.

Performance? I've used the Quick Tools ("-q") of 2.3 to bring the time it
takes to put a new slave server online -- including OS and database
population -- to within half an hour. This wasn't possible in previous
versions, not even with bdb logging disabled.


2.2.23 was good software in its time. Really, I think 2.2 reached maturity
somewhere near 2.2.21, and 2.2.23 was more than usable. But we're talking
about a year and a half ago in a very active open source product. There's
been so much accomplished since then. In the case of
performance/usability/functionality enhancements, it's a shame for the
admin and the user to not have some of the new features. In the case of
the reliability/integrity/memory management/threading issues, it's purely
playing with matches.