Code review comment for ~ahasenack/ubuntu/+source/openldap:groovy-openldap-2.4.50-merge-and-delta-drop

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

More comments. This time, ">" are mine:

On Tue, May 12, 2020 at 02:32:18PM -0300, Andreas Hasenack wrote:
>We should be able to rely on the symbols file to handle upgrades, no?
>Or do you mean in terms of debian policy the soname must change?

The symbols file tracks when new interfaces were added, but when
changing or removing already exported ones, the SONAME must change.

>Scripting with the cn=config backend is tough. And just removing nssov
>for the sake of having slapd start up fine would hide the change

Yeah. I was thinking more along the lines of failing the upgrade in
preinst if nssov is enabled, rather than get into a state where recovery
requires manual changes in /etc/ldap/slapd.d.

But the number of users affected is honestly going to be single-digit or
zero, so a release note is probably about all the effort it's worth.

>The nss overlay requires "the client-side stuf library from
>nss-pam-ldapd", which we only have in universe since precise, and I
>would like to standardize on sssd as much as possible.

ACK, recommending sssd makes sense for sure.

« Back to merge proposal