[arch-dev-public] Moving openldap to core repo
snowmaniscool at gmail.com
Sat Jul 16 07:30:12 EDT 2011
On Sat, Jul 16, 2011 at 6:03 AM, Tom Gundersen <teg at jklm.no> wrote:
> On Sat, Jul 16, 2011 at 11:40 AM, Eric Bélanger <snowmaniscool at gmail.com> wrote:
>> On Sat, Jul 16, 2011 at 4:09 AM, Jan de Groot <jan at jgc.homeip.net> wrote:
>>> On Fri, 2011-07-15 at 20:48 -0400, Eric Bélanger wrote:
>>>> Sure. I just did it in my WIP PKGBUILD to not forget.
>>>> As no-one seems to know about the db moving part, I'm leaning into
>>>> keeping --localstatedir=/var/lib/openldap. I'll wait for a day or two
>>>> in case someone wants to pipe in, unless you want me to go forward to
>>>> get the new openladp package done for the tcp_wrappers removal.
>>> What db-moving part exactly? Doesn't the current package install the
>>> database in /var/lib/openldap, and isn't that the logical place for it?
>> The current package use the --localstatedir=/var/lib/openldap
>> configure option. That does 2 things:
>> - it creates a /var/lib/openldap/openldap-data/ directory where the db is stored
>> - it creates a /var/lib/openldap/run/ directory where the unix ldapi
>> socket will be located
>> Although this is a reasonnable location for the db, you said in a
>> comment on FS#21051 that /var/lib/openldap/run/ is a weird location
>> and that /var/run would be better. If we want to change the location
>> of the ldapi socket to /var/run, we'll need to use
>> --localstatedir=/var as configure option. However, this will also
>> change the expected location of the db to /var/openldap-data/ hence
>> the db moving business.
>> I guess it all boils down wether the weirdness of having the socket
>> /var/lib/openldap/run/ is important enough to worth the hassle of the
>> db moving.
> My two cents:
> It is indeed weird to have /var/lib/openldap/run, but I think it would
> be weirder to have a /var/openldap-data (as far as I know packages
> shouldn't really put stuff directly under var).
FTR, /var/openldap-data would be a directory so the stuff won't be
directly in /var, e.g.:
$ sudo ls /var/lib/openldap/openldap-data/
alock __db.001 __db.002 __db.003 DB_CONFIG.example dn2id.bdb
Only DB_CONFIG.example was installed by pacman. The rest is what needs
to be moved and what I've been referring to as the db in this thread.
There might be more files on systems which actually use openldap. I
only started/stopped the daemon with default config.
> I suggest keeping this as it is, unless there is a way to only move
> the run dir. In which case it should be moved to /run (rather than
We can't move the run dir without moving the db. Having /run as run
dir would imply having the db in /openldap-data which is wierd.
> About libexec:
> libexecdir is usually meant to contain programs that should only be
> run by other programs, and not by the user. So in principle it is
> wrong to symlink from /usr/sbin to /usr/lib/. Maybe this is an
> upstream bug?
They install a bunch of symlinks in /usr/sbin which call the slapd
binary in the libexecdir. Here's the $pkgdir for the new package:
$ ls -l pkg/openldap/usr/sbin/
lrwxrwxrwx 1 eric users 12 Jul 10 05:46 slapacl -> ../lib/slapd
lrwxrwxrwx 1 eric users 12 Jul 10 05:46 slapadd -> ../lib/slapd
lrwxrwxrwx 1 eric users 12 Jul 10 05:46 slapauth -> ../lib/slapd
lrwxrwxrwx 1 eric users 12 Jul 10 05:46 slapcat -> ../lib/slapd
lrwxrwxrwx 1 eric users 12 Jul 10 05:47 slapd -> ../lib/slapd
lrwxrwxrwx 1 eric users 12 Jul 10 05:46 slapdn -> ../lib/slapd
lrwxrwxrwx 1 eric users 12 Jul 10 05:46 slapindex -> ../lib/slapd
lrwxrwxrwx 1 eric users 12 Jul 10 05:46 slappasswd -> ../lib/slapd
lrwxrwxrwx 1 eric users 12 Jul 10 05:46 slapschema -> ../lib/slapd
lrwxrwxrwx 1 eric users 12 Jul 10 05:46 slaptest -> ../lib/slapd
The only symlink I added was the slapd one. The rest were installed
automatically, so I assume it's intended by upstream. I don't know
why they do it this way. Maybe it's done so slapd can find the modules
which gets installed in $libexecdir/openldap/
More information about the arch-dev-public