[Pkg-openldap-devel] r858 - openldap/trunk-2.3/debian

Mon Nov 12 01:45:59 UTC 2007

Author: rra
Date: 2007-11-12 01:45:59 +0000 (Mon, 12 Nov 2007)
New Revision: 858

Modified:
   openldap/trunk-2.3/debian/changelog
   openldap/trunk-2.3/debian/slapd.conf
   openldap/trunk-2.3/debian/slapd.scripts-common
Log:
* Document in the default slapd.conf that dbconfig options only generate
  the DB_CONFIG file on first slapd start and have no effect afterwards
  unless DB_CONFIG is removed.  (Closes: #442191)
* Inline the checkpoint and BerkeleyDB backend settings in the default
  slapd.conf rather than generating them dynamically in postinst.  All
  the allowable default database choices are now BerekelyDB variants and
  will probably continue to be so for the forseeable future, and this is
  easier to maintain.

Modified: openldap/trunk-2.3/debian/changelog
===================================================================

--- openldap/trunk-2.3/debian/changelog	2007-11-12 00:45:48 UTC (rev 857)
+++ openldap/trunk-2.3/debian/changelog	2007-11-12 01:45:59 UTC (rev 858)
@@ -5,8 +5,16 @@
     - CVE-2007-5708: Fix remote denial of service attack in slapo-pcache
       (the overlay for proxy caching).  (Closes: #448644)
     - Multiple additional more minor bug fixes.
+  * Document in the default slapd.conf that dbconfig options only generate
+    the DB_CONFIG file on first slapd start and have no effect afterwards
+    unless DB_CONFIG is removed.  (Closes: #442191)
+  * Inline the checkpoint and BerkeleyDB backend settings in the default
+    slapd.conf rather than generating them dynamically in postinst.  All
+    the allowable default database choices are now BerekelyDB variants and
+    will probably continue to be so for the forseeable future, and this is
+    easier to maintain.
 
- -- Russ Allbery <rra at debian.org>  Sun, 11 Nov 2007 16:41:54 -0800
+ -- Russ Allbery <rra at debian.org>  Sun, 11 Nov 2007 17:45:17 -0800
 
 openldap2.3 (2.3.38-1) unstable; urgency=low
 

Modified: openldap/trunk-2.3/debian/slapd.conf
===================================================================
--- openldap/trunk-2.3/debian/slapd.conf	2007-11-12 00:45:48 UTC (rev 857)
+++ openldap/trunk-2.3/debian/slapd.conf	2007-11-12 01:45:59 UTC (rev 858)
@@ -39,7 +39,7 @@
 # Backend specific directives apply to this backend until another
 # 'backend' directive occurs
 backend		@BACKEND@
- at CHECKPOINT@
+checkpoint 512 30
 
 #######################################################################
 # Specific Backend Directives for 'other':
@@ -63,8 +63,26 @@
 # Where the database file are physically stored for database #1
 directory       "/var/lib/ldap"
 
- at BACKENDOPTIONS@
+# The dbconfig settings are used to generate a DB_CONFIG file the first
+# time slapd starts.  They do NOT override existing an existing DB_CONFIG
+# file.  You should therefore change these settings in DB_CONFIG directly
+# or remove DB_CONFIG and restart slapd for changes to take effect.
 
+# For the Debian package we use 2MB as default but be sure to update this
+# value if you have plenty of RAM
+dbconfig set_cachesize 0 2097152 0
+
+# Sven Hartge reported that he had to set this value incredibly high
+# to get slapd running at all. See http://bugs.debian.org/303057 for more
+# information.
+
+# Number of objects that can be locked at the same time.
+dbconfig set_lk_max_objects 1500
+# Number of locks (both requested and granted)
+dbconfig set_lk_max_locks 1500
+# Number of lockers
+dbconfig set_lk_max_lockers 1500
+
 # Indexing options for database #1
 index           objectClass eq
 

Modified: openldap/trunk-2.3/debian/slapd.scripts-common
===================================================================
--- openldap/trunk-2.3/debian/slapd.scripts-common	2007-11-12 00:45:48 UTC (rev 857)
+++ openldap/trunk-2.3/debian/slapd.scripts-common	2007-11-12 01:45:59 UTC (rev 858)
@@ -665,20 +665,16 @@
 	checkpoint=""
 	conf_template="/usr/share/slapd/slapd.conf"
 
-	# Checkpoint if using the BDB backend
-	if [ "$backend" = "bdb" ] || [ "$backend" = "hdb" ]; then
-		checkpoint="checkpoint 512 30"
-    backendoptions="# For the Debian package we use 2MB as default but be sure to update this\n# value if you have plenty of RAM\ndbconfig set_cachesize 0 2097152 0\n\n# Sven Hartge reported that he had to set this value incredibly high\n# to get slapd running at all. See http:\/\/bugs.debian.org\/303057\n# for more information.\n\n# Number of objects that can be locked at the same time.\ndbconfig set_lk_max_objects 1500\n# Number of locks (both requested and granted)\ndbconfig set_lk_max_locks 1500\n# Number of lockers\ndbconfig set_lk_max_lockers 1500"
-	fi
-
+	# Note that, unlike in previous versions of this script, we just
+	# assume that our default database is some BerkeleyDB varient.
+	# Given current upstream feelings and relative performance, this
+	# appears to be a safe assumption for the forseeable future.
 	conf_new=`mktemp -q ${SLAPD_CONF}.XXXXXX`
 	echo -n "  Creating initial slapd configuration... " >&2
 	sed <"$conf_template" >"$conf_new" \
 		-e "s/@SUFFIX@/$basedn/g" \
 		-e "s/@ADMIN@/cn=admin,$basedn/g" \
-		-e "s/@CHECKPOINT@/$checkpoint/g" \
-		-e "s/@BACKEND@/$backend/g" \
-    -e "s/@BACKENDOPTIONS@/$backendoptions/g"
+		-e "s/@BACKEND@/$backend/g"
 	install_new_slapd_conf "$conf_new"
 	echo "done." >&2
 


