Steve Langasek <[EMAIL PROTECTED]> writes: > On Fri, Jul 13, 2007 at 07:18:17AM +0200, Adrian von Bidder wrote:
>> Hmmm. With slapd, for example, it's certainly possible where one >> scenario (slapd uses SQL database) directly contradicts another >> scenario (startup of SQL database uses auth info which is provided by >> slapd). >> Not sure how a packager should deal with this. (slapd being used only >> as an example. Other scenarios for other services are certainly >> possible.) > Well, the OpenLDAP maintainers are likely to deal with this by declaring > that a SQL server that needs to read auth info out of LDAP for startup > is not supported, and the admin is on their own for making this work. > All Debian system accounts should be stored in the nss_files backend, > where adduser will put them by default. If your system accounts are in > LDAP, you're making your system deliberately fragile, and I see no > reason for Debian to make that easier to do. Note that we've had to deal with this problem previously in the OpenLDAP package. I think the most recent example was a DNS server that required the directory be available, when the directory wanted to look things up in DNS. Most of these sorts of problems are best resolved by making one or the other service more robust in the face of such resources not being available at startup. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
