From owner-freebsd-current@FreeBSD.ORG Tue Jul 11 07:24:26 2006 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CFE0B16A4DA for ; Tue, 11 Jul 2006 07:24:26 +0000 (UTC) (envelope-from bushman@rsu.ru) Received: from mail.r61.net (mail.r61.net [195.208.245.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id EEE8743D53 for ; Tue, 11 Jul 2006 07:24:25 +0000 (GMT) (envelope-from bushman@rsu.ru) Received: from carrera ([82.179.80.25]) (authenticated bits=0) by mail.r61.net (8.13.7/8.13.6) with ESMTP id k6B7OGqI029077 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Tue, 11 Jul 2006 11:24:19 +0400 (MSD) (envelope-from bushman@rsu.ru) Message-ID: <004e01c6a4bb$07714060$0800a8c0@carrera> From: "Michael Bushkov" To: "Brooks Davis" , References: <44AD2569.9070007@rsu.ru> <44AD4D27.3060109@FreeBSD.org> <20060707015458.GC500@odin.ac.hmc.edu> <20060710224854.GC47557@dragon.NUXI.org> <20060711020031.GB3507@odin.ac.hmc.edu> Date: Tue, 11 Jul 2006 11:24:05 +0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on asterix.r61.net X-Virus-Status: Clean Cc: Subject: Re: nss_ldap and openldap importing X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Jul 2006 07:24:26 -0000 Brooks Davis wrote: On Mon, Jul 10, 2006 at 03:48:54PM -0700, David O'Brien wrote: > > On Thu, Jul 06, 2006 at 06:54:58PM -0700, Brooks Davis wrote: > > > On Thu, Jul 06, 2006 at 10:49:27AM -0700, Doug Barton wrote: > > ..snip.. > > Why can't this live in ports? In none of my environments do I need LDAP > > support. I cannot imagine most of our users need LDAP support either. > > Also, openldap-2.3.24 appears to be 19MB of files. Just what are we > > talking about importing? I assume just the 3MB of the library > > directory? > > My life would be a heck of a lot simpler if LDAP support were included > in the base. At the moment I'm using NIS in several situations where > it just doesn't cut it any more. IMO we need (as a minimum) a modern > network directory service client in the base. While a majority of > FreeBSD users may not need LDAP in the base, I would suspect that a > majority of machines would benefit from it. A much greater portion of > machines would probably benefit from and LDAP client then benefit from a > number of the servers in the base system such as BIND (not a criticism > of having BIND in the base). > -- Brooks I fully agree - IMO when you have a large network, that uses LDAP, having nss_ldap in the base can be beneficial. And more - if we have our own implementation of nss_ldap, we can support not only RFC 2307 and RFC 2307bis LDAP schemas, but have one more schema variant, that will be more FreeBSD-specific (i.e. support pw_class for struct passwd, for example). As this discussion lasts, I'm turning more and more towards rewriting nss_ldap from scratch (both to solve BSD-licensing problem and to add support for tuned schema). I'm currently checking if there won't be any Summer Of Code administrative issues (I didn't mention nss_ldap rewriting from scratch in my initial project proposal), but I don't think that they'll appear. I guess, I'll start working on implementation in 1-2 days -- Michael