[Pkg-openldap-devel] OpenLDAP packaging going forward

Steve Langasek vorlon at debian.org
Tue Jul 10 07:02:27 UTC 2007 

Hi Russ,

Thanks for all your work on getting openldap 2.3.35 ready.  Nice to see the
number of patches we're carrying go down!

It's now possible to drop the -lpthread patch, because Debian gcc has been
fixed on mips now to do the sensible thing with -pthread when building
shared libs.  So I figured this would be a good time to circle around and
see what else we might be able to knock off the list.

Most of your suggestions/changes seem pretty obvious to me, so I'll only
comment on those few that might warrant further discussion.

On Wed, May 23, 2007 at 11:37:55AM -0700, Russ Allbery wrote:
> add-autogen-sh
> use-lpthreads

>     The -lpthreads patch should be discussed upstream to see if we can
>     make this not a Debian-specific patch.  We added it because mipsel
>     didn't like -pthreads (is this still the case?).  Upstream may be
>     preferring -pthreads over -lpthreads for other reasons.  I'd really
>     rather not carry this around, since it's the only reason why we're
>     running Autoconf and friends at build time.  If we could get rid of
>     it, we could drop add-autogen-sh.

Discussed elsewhere, these patches are not suitable for inclusion upstream;
since they're no longer needed for mips*, I've dropped them from svn.

> ntlm-ldap_h-hack
> ntlm_c

>     Upstream dropped this code long ago.  Can we just do the same thing?
>     I don't think it makes a lot of sense for Debian to try to maintain it
>     separately.

Which code is it that upstream dropped?  The only mention of this code in
the changelog says that it originates with ximian-connector.  Is it no
longer needed for that use case?  Should we be concerned about providing a
transition path to users if we drop this patch now?

> libldap-makefile_in

>     Part of this is the NTLM stuff.  The rest is linking the libraries
>     with the pthread library, which should be fed upstream.

Yes, agreed.

> index-files-created-as-root

>     This is Debian-specific in its current form, since it always warns if
>     slapindex is running as root.  Ideally, this would figure out if slapd
>     is running as a non-root user and then only warn if that's the case
>     and slapindex is running as a different user.  For right now, we
>     should carry this patch as-is but suggest upstream the better fix.

Right... someone have time to work on this? :)

> read-config-before-dropping-privileges

>     I'm not sure the history of this patch, but my guess is that the
>     config file may contain private information and this makes the
>     permissions easier to handle?  The changelog is not informative.
>     Should be fed upstream if it's really useful.

Yes, the config file can contain, e.g., passwords to use when replicating
via slurpd.  I think this was discussed on the list at one point; evidently
not in the BTS, since there's no bug number in the changelog.

I think this should be fed upstream, yes.

> sasl-default-path

>     Should be fed upstream, as this looks generally useful.

Also agreed.

> Following what I've done with other packages, I'm going to start
> annotating these patches with bug numbers (Debian and upstream) where
> available and renaming the ones that are Debian-specific and not suitable
> for feeding upstream to start with debian-.  (I assume no one has
> objections to that.)  However, I'll start by updating to 2.3.35.

No objections whatsoever.

Cheers,
-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon at debian.org                                   http://www.debian.org/

More information about the Pkg-openldap-devel mailing list