[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Getting around the single-threaded syncrepl model?



Quanah Gibson-Mount wrote:
> All write ops (add/mod/rename/delete etc) get stored in the accesslog db.
> Fallback only occurs when the change has been expired out of the accesslog
> db.

One of the caveats with delta-syncrepl is that partial replication based on
ACLs gets much more complicated.

In case of OATH-LDAP I don't want to replicate attribute 'oathSecret' to
read-only consumers because it's of no use there anyway.  So I have separate
groups for providers and all replicas applying different ACLs to them.

Defining ACLs for distinct values in accesslog's 'reqMod' attribute is not
impossible but more complex.  Especially I expect it's not tested with
delta-syncrepl at all so far.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature