From owner-freebsd-current@FreeBSD.ORG Thu May 10 06:42:57 2007 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2BDC816A403 for ; Thu, 10 May 2007 06:42:57 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) by mx1.freebsd.org (Postfix) with ESMTP id AC03913C468 for ; Thu, 10 May 2007 06:42:56 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from inchoate.gsoft.com.au (inchoate.gsoft.com.au [203.31.81.61]) (authenticated bits=0) by cain.gsoft.com.au (8.13.8/8.13.8) with ESMTP id l4A6gVrF063983 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 10 May 2007 16:12:32 +0930 (CST) (envelope-from doconnor@gsoft.com.au) From: "Daniel O'Connor" To: freebsd-current@freebsd.org Date: Thu, 10 May 2007 16:12:12 +0930 User-Agent: KMail/1.9.5 References: <803684.68923.qm@web54309.mail.yahoo.com> <4642852B.2050804@delphij.net> In-Reply-To: <4642852B.2050804@delphij.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2407306.U824bSDQqi"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200705101612.24127.doconnor@gsoft.com.au> X-Spam-Score: -3.977 () ALL_TRUSTED,BAYES_00 X-Scanned-By: MIMEDefang 2.58 on 203.31.81.10 Cc: Patrick Dung , LI Xin , Kris Kennaway Subject: Re: import nss_ldap, openldap in base? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 May 2007 06:42:57 -0000 --nextPart2407306.U824bSDQqi Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Thursday 10 May 2007 12:06, LI Xin wrote: > Patrick Dung wrote: > > Personally I think that LDAP support out of the box is good (e.g > > other OS already has LDAP support out of the box, get more users to > > use it). > > > > We already have programs like bsnmp, pam_radius, Kerberos and OPIE > > integrated/comes with the base OS. Is Openldap(client library, not > > server), nss_ldap/pam_ldap support in base OS worth more attention? > > I think that importing the whole OpenLDAP client into base system > as-is is useful, but that might be painful, because the development > pace of OpenLDAP is fast and people do want bugfixes, etc. from newer > OpenLDAP releases, so we should work carefully to avoid conflict > between base OpenLDAP and port OpenLDAP. So I think we may want what > we did for libbsdxml (expat) if we really wanted to import the stuff > into base system. IMO if pam_ldap is on the first disk of a CD it counts as "out of the=20 box". From a user perspective it is right there and available if they=20 want to use it. You could claim that pam_winbind should be imported too since I bet it's=20 used in more installations than pam_ldap. As you can probably guess I am more inclined to remove things than keep=20 them in.. :) =2D-=20 Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --nextPart2407306.U824bSDQqi Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQBGQr7Q5ZPcIHs/zowRAp4LAJ98C4w4zVT3v+D8cz94qi3USlg5FwCfXffL ox+ZeXAL7fMca27FyV9Ym8k= =ylbR -----END PGP SIGNATURE----- --nextPart2407306.U824bSDQqi--