From owner-freebsd-current@FreeBSD.ORG Thu Aug 24 14:44:35 2006 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 30FA816A4DD; Thu, 24 Aug 2006 14:44:35 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from sccmmhc92.asp.att.net (sccmmhc92.asp.att.net [204.127.203.212]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8FD9943D46; Thu, 24 Aug 2006 14:44:34 +0000 (GMT) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net ([12.207.12.9]) by sccmmhc92.asp.att.net (sccmmhc92) with ESMTP id <20060824144432m92002u0sle>; Thu, 24 Aug 2006 14:44:33 +0000 Received: from lor.one-eyed-alien.net (localhost [127.0.0.1]) by lor.one-eyed-alien.net (8.13.6/8.13.6) with ESMTP id k7OEiVRE036306; Thu, 24 Aug 2006 09:44:31 -0500 (CDT) (envelope-from brooks@lor.one-eyed-alien.net) Received: (from brooks@localhost) by lor.one-eyed-alien.net (8.13.6/8.13.6/Submit) id k7OEiUE3036305; Thu, 24 Aug 2006 09:44:30 -0500 (CDT) (envelope-from brooks) Date: Thu, 24 Aug 2006 09:44:29 -0500 From: Brooks Davis To: Michael Bushkov Message-ID: <20060824144429.GB35200@lor.one-eyed-alien.net> References: <44E9582C.2010400@rsu.ru> <44ECBB7D.4090905@FreeBSD.org> <002e01c6c744$97bc9560$9800a8c0@carrera> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="aM3YZ0Iwxop3KEKx" Content-Disposition: inline In-Reply-To: <002e01c6c744$97bc9560$9800a8c0@carrera> User-Agent: Mutt/1.5.11 Cc: Doug Barton , freebsd-current@freebsd.org Subject: Re: [HEADS UP]: OpenLDAP+nss_ldap+nss_modules separated patch and more (SoC) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Aug 2006 14:44:35 -0000 --aM3YZ0Iwxop3KEKx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 24, 2006 at 10:13:41AM +0400, Michael Bushkov wrote: > Doug Barton wrote: > >Michael Bushkov wrote: > >Here is where (once again) we have a difference of opinion. I still=20 > >believe > >strongly that the nss_ldap part of your work should be a port, with a > >dependency on the openldap in ports. I've stated my reasoning on this in= =20 > >the > >previous thread, so I won't rehash it here unless someone asks. I would= =20 > >like > >to point out though that I feel the numerous problems raised in this=20 > >thread > >give even more weight to the request that I, and others made not to have= =20 > >it > >incorporated into the base. > > > >This in no way is meant to indicate that your work has no value, or is > >somehow "less valuable" than work that is actually in the base. It is=20 > >simply > >a realistic reflection of the fact that this facility will be needed by a > >small percentage of FreeBSD users, and the difficulties (costs) outweigh= =20 > >the > >corresponding benefit. > > > >A compromise position, if it can be made to work, would be to import your > >original work on the nss_ldap module, but have it use openldap from ports > >rather than having to import openldap. >=20 > Well, maybe more compromise solution will be to have OpenLDAP and nss_lda= p=20 > in the base, but to have them turned off by default, so the user would ne= ed=20 > to specify WITH_LDAP and WITH_NSS_LDAP in the make.conf to build them.=20 > More, if the user don't want to have OpenLDAP built with the base, but=20 > wants nss_ldap there, he'd have the ability to link nss_ldap against the= =20 > ports. And we should also have rewritten nss_ldap in ports (call it=20 > nss_ldap_bsd, for example). IMHO, It's quite a flexible scheme that shoul= d=20 > satisfy most number of users. My main concern with such solution is: will= =20 > it affect the capability of installing OpenLDAP and nss_ldap out of the b= ox? I really think we need it on the install CD which realisticly means it needs to build by default. We could potentially pack it up like kerberos in the install process, but I'm not sure that's really necessicary. -- Brooks --aM3YZ0Iwxop3KEKx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFE7btNXY6L6fI4GtQRAuOVAJ0clLN19RDlb7sY44sB/ETcBtBWSQCgwXft O5DLcQayQjUN2SOhOHwzE3s= =dPE7 -----END PGP SIGNATURE----- --aM3YZ0Iwxop3KEKx--