[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Olc deployment vs slapd.conf based deployment
Am 22.09.2017 um 16:50 schrieb Howard Chu:
Peter wrote:
olcSchemaFile: {0}include: file://$ABS_SCHEMADIR/core.ldif
olcSchemaFile: {1}include: file://$ABS_SCHEMADIR/cosine.ldif
olcSchemaFile: {2}include: file://$ABS_SCHEMADIR/inetorgperson.ldif
That is a very nice proposal, it would sort of give us the good
things of both worlds.
It means you would not be able to edit the schema contained within
these directives over LDAP, since those elements aren't themselves
part of the cn=config DIT.
Oops, I just see that I read something different than I meant.
I meant .schema and not .ldif:
olcSchemaFile: {0}include: file://$ABS_SCHEMADIR/core.schema
olcSchemaFile: {1}include: file://$ABS_SCHEMADIR/cosine.schema
olcSchemaFile: {2}include: file://$ABS_SCHEMADIR/inetorgperson.schema
That is what I would like to have, so that people can edit schema in a
format that was standardised in LDAP without adding the complexity of
LDIF change commands.
So no, it's not the good things of both worlds.
It would make schema modification easier and better traceable and auditable.
But as it is not a lot more than a nice to have, I wont push this further.
Cheers,
Peter
IMHO schema is the only thing where cn=config makes life harder than
slapd.conf.
Being a long time lurker on this list it is fun to see that although
same subjects like config alternatives, turn up again and again, the
arguments and solution proposals at least sometimes do progress.
Cheers
Peter
Am 15.09.2017 um 20:33 schrieb Quanah Gibson-Mount:
--On Friday, September 15, 2017 12:24 PM -0700 Ryan Tandy
<ryan@nardis.ca> wrote:
There was some talk, either in IRC or on -devel, of creating a way for
cn=config to reference schema files (possibly LDIF) on disk rather
than
importing them into the config database. I think that would be an
improvement. Importing schemas into cn=config is cool - especially
if you
want to replicate the config - but I'm not sure it's a good default.
Since ordering is mandatory, it would be nice if you could just do
something like:
olcSchemaFile: {0}include: file://$ABS_SCHEMADIR/core.ldif
olcSchemaFile: {1}include: file://$ABS_SCHEMADIR/cosine.ldif
olcSchemaFile: {2}include: file://$ABS_SCHEMADIR/inetorgperson.ldif
etc. Then you could change the schema files on disk, and cn=config
would just load them in when it started. It'd certainly make the
behavior analagous to slapd.conf, and allow for easier
rollback/testing.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
--
_______________________________________________________________________
Peter Gietz (CEO)
DAASI International GmbH phone: +49 7071 407109-0
Europaplatz 3 Fax: +49 7071 407109-9
D-72072 Tübingen mail: peter.gietz@daasi.de
Germany Web: www.daasi.de
DAASI International GmbH, Tübingen
Geschäftsführer Peter Gietz, Amtsgericht Stuttgart HRB 382175
Directory Applications for Advanced Security and Information Management
_______________________________________________________________________