From debbugs-submit-bounces@debbugs.gnu.org Fri Dec 17 10:06:09 2021 Received: (at submit) by debbugs.gnu.org; 17 Dec 2021 15:06:09 +0000 Received: from localhost ([127.0.0.1]:40386 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myEoA-0006sm-Qb for submit@debbugs.gnu.org; Fri, 17 Dec 2021 10:06:09 -0500 Received: from lists.gnu.org ([209.51.188.17]:39818) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myDmW-0004ai-7x for submit@debbugs.gnu.org; Fri, 17 Dec 2021 09:00:20 -0500 Received: from eggs.gnu.org ([209.51.188.92]:57058) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1myDmV-0008Ul-Se for guix-patches@gnu.org; Fri, 17 Dec 2021 09:00:19 -0500 Received: from smtp1.univ-nantes.fr ([193.52.82.18]:36142 helo=smtp-prv.univ-nantes.fr) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1myDmR-0002Dl-Ps for guix-patches@gnu.org; Fri, 17 Dec 2021 09:00:19 -0500 Received: from localhost (localhost [127.0.0.1]) by smtp-prv.univ-nantes.fr (Postfix) with ESMTP id 9B8B6B6F0F for ; Fri, 17 Dec 2021 14:52:46 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1639749166; bh=mR4He1a2ABNjJwuqwPz7Ql9GQXQXbz9zH0OC5fLwGX4=; h=Date:From:To:Subject:From; b=nzIlpUpjpkgO23qJm0XcvHCZLkwTOo2p0WntS45b1CMyB3uHhs9OgmysvXzfGn+sR PiX8haEgbmM/+C8jrN/VFpJvS2cxi1TYopy+BUMNJUJQggIoybnzVi19b5w9x43W4t Kw3ByOkQq8wIXWYt7c2iZUm9GRxTrEuvdIbE48y5tlnVMmBBQk9VI0NII8oLEFx35R yA+8N4CMGQra5fsyjKdkXzhGkxmIrqsek6UtlWEc8R/xKrJM5lUiT024nsYYViYnbL c6Rk7rKW2uFfe+v/g+vGbXx57/VgBCfXIuQ/rzKxFwrXsoaOnUkNh3/dwDD0OdqrYs fWgAzhMRaA2mg== X-Virus-Scanned: Debian amavisd-new at smtp2 Received: from smtp-prv.univ-nantes.fr ([127.0.0.1]) by localhost (smtp1.u12.univ-nantes.prive [127.0.0.1]) (amavisd-new, port 10024) with LMTP id FN6nO0VcAbwS for ; Fri, 17 Dec 2021 14:52:46 +0100 (CET) Received: from webmail.univ-nantes.fr (webmail1-loi.cprv.univ-nantes.prive [172.26.0.62]) by smtp-prv.univ-nantes.fr (Postfix) with ESMTP id 792CBB6F0E for ; Fri, 17 Dec 2021 14:52:46 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1639749166; bh=mR4He1a2ABNjJwuqwPz7Ql9GQXQXbz9zH0OC5fLwGX4=; h=Date:From:To:Subject:From; b=nzIlpUpjpkgO23qJm0XcvHCZLkwTOo2p0WntS45b1CMyB3uHhs9OgmysvXzfGn+sR PiX8haEgbmM/+C8jrN/VFpJvS2cxi1TYopy+BUMNJUJQggIoybnzVi19b5w9x43W4t Kw3ByOkQq8wIXWYt7c2iZUm9GRxTrEuvdIbE48y5tlnVMmBBQk9VI0NII8oLEFx35R yA+8N4CMGQra5fsyjKdkXzhGkxmIrqsek6UtlWEc8R/xKrJM5lUiT024nsYYViYnbL c6Rk7rKW2uFfe+v/g+vGbXx57/VgBCfXIuQ/rzKxFwrXsoaOnUkNh3/dwDD0OdqrYs fWgAzhMRaA2mg== MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Fri, 17 Dec 2021 14:52:46 +0100 From: Jean-Francois GUILLAUME To: guix-patches@gnu.org Subject: [PATCH] updating openldap and adding service definition Organization: UFR MEDECINE/FED 4203 SFR SANTE Message-ID: X-Sender: Jean-Francois.Guillaume@univ-nantes.fr User-Agent: Roundcube Webmail/1.1.2 Received-SPF: pass client-ip=193.52.82.18; envelope-from=Jean-Francois.Guillaume@univ-nantes.fr; helo=smtp-prv.univ-nantes.fr X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.7 (-) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Fri, 17 Dec 2021 10:06:05 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.7 (--) * gnu/packages/openldap.scm (openldap): Update to 2.6.0, adding 2.5.7, 2.5.8, 2.5.9 * gnu/services/openldap.scm (openldap): Adding slapd service --- gnu/packages/openldap.scm | 148 ++++++++++++++++++++++++++++++++++++++ gnu/services/openldap.scm | 87 ++++++++++++++++++++++ 2 files changed, 235 insertions(+) create mode 100644 gnu/services/openldap.scm diff --git a/gnu/packages/openldap.scm b/gnu/packages/openldap.scm index b0ce899696..61f99dea7a 100644 --- a/gnu/packages/openldap.scm +++ b/gnu/packages/openldap.scm @@ -60,6 +60,154 @@ #:use-module (guix build-system python)) (define-public openldap + (package + (name "openldap") + (version "2.6.0") + (source (origin + (method url-fetch) + (uri (list + (string-append "https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-" version ".tgz") + (string-append "http://repository.linagora.org/OpenLDAP/openldap-release/openldap-" version ".tgz") + (string-append "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/openldap-release/openldap-" version ".tgz") + )) + (sha256 ( base32 "0kqswk8pxgnlibh0kz6py3a2x3yh9pfk6pyr2nx9lgjpmh75h75p" )) + ) + ) + (build-system gnu-build-system) + (inputs `( + ("argon2", argon2) + ("cyrus-sasl", cyrus-sasl) + ("libevent", libevent) + ("libgcrypt", libgcrypt) + ("libltdl", libltdl) + ("lz4", lz4) + ("openssl", openssl) + ("perl", perl) + ("snappy", snappy) + ("unixodbc", unixodbc) + ("wiredtiger", wiredtiger) + ("zlib", zlib) + )) + (native-inputs `( + ("bdb", bdb) + ("groff", groff) + ("libtool", libtool) + ("pkg-config", pkg-config) + )) + (arguments `( + ; this is needed because the make check does not work inside guix + #:tests? #f + #:configure-flags '( + "--enable-debug" + "--enable-dynamic" + "--enable-syslog" + "--enable-ipv6" + "--enable-local" + "--enable-slapd" + "--enable-dynacl" + "--enable-aci" + "--enable-cleartext" + "--enable-crypt" + "--enable-spasswd" + "--enable-modules" + "--enable-rlookups" + "--enable-slapi" + "--enable-backends=mod" + "--enable-overlays=mod" + "--enable-argon2" + "--enable-balancer" + "--disable-static" + "--enable-shared" + "--with-tls=openssl" + "--disable-static" + ,@(if (%current-target-system) + '("--with-yielding_select=yes" "ac_cv_func_memcmp_working=yes") + '() + ) + ) + #:make-flags '("STRIP=") + #:parallel-build? #t + #:phases (modify-phases %standard-phases + (add-before 'build 'make-depend + (lambda* (#:key input #:allow-other-keys) + (invoke "make" "depend") + ) + ) + ,@(if (%current-target-system) + '( + (add-before 'make-depend 'fix-cross-gcc + (lambda* (#:key target #:allow-other-keys) + (setenv "CC" (string-append target "-gcc")) + #t + ) + ) + ) + '() + ) + ) + )) + (synopsis "Implementation of the Lightweight Directory Access Protocol") + (description "OpenLDAP is a free implementation of the Lightweight Directory Access Protocol.") + (license openldap2.8) + (home-page "https://www.openldap.org/") + ) +) + +(define-public openldap-2.5.9 + (package + (inherit openldap) + (name "openldap") + (version "2.5.9") + (source (origin + (method url-fetch) + (uri (list + (string-append "https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-" version ".tgz") + (string-append "http://repository.linagora.org/OpenLDAP/openldap-release/openldap-" version ".tgz") + (string-append "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/openldap-release/openldap-" version ".tgz") + )) + (sha256 ( base32 "17pvwrj27jybbmjqpv0p7kd2qa4i6jnp134lz7cxa0sqrbs153n0" )) + ) + ) + ) +) + +(define-public openldap-2.5.8 + (package + (inherit openldap) + (name "openldap") + (version "2.5.8") + (source (origin + (method url-fetch) + (uri (list + (string-append "https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-" version ".tgz") + (string-append "http://repository.linagora.org/OpenLDAP/openldap-release/openldap-" version ".tgz") + (string-append "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/openldap-release/openldap-" version ".tgz") + )) + (sha256 ( base32 "1p3jck2kh7rsz6mkrqaailaf9ky050hn72wph52dw0j2nb1s2vin" )) + ) + ) + ) +) + +(define-public openldap-2.5.7 + (package + (inherit openldap) + (name "openldap") + (version "2.5.7") + (source (origin + (method url-fetch) + (uri (list + (string-append "https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-" version ".tgz") + (string-append "http://repository.linagora.org/OpenLDAP/openldap-release/openldap-" version ".tgz") + (string-append "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/openldap-release/openldap-" version ".tgz") + )) + (sha256 ( base32 "1ayr76sa5hjwldqzis5v71sbp88hd3hysc00gw1raqn33c05g5za" )) + ) + ) + ) +) + +(define-public openldap-2.4.57 (package (name "openldap") (version "2.4.57") diff --git a/gnu/services/openldap.scm b/gnu/services/openldap.scm new file mode 100644 index 0000000000..0fd329d611 --- /dev/null +++ b/gnu/services/openldap.scm @@ -0,0 +1,87 @@ +(define-module (gnu services openldap) + #:use-module (gnu packages openldap) + #:use-module (gnu services) + #:use-module (gnu services shepherd) + #:use-module (guix) + #:use-module (guix records) + #:use-module (ice-9 match) + #: export ( + openldap-configuration + openldap-configuration? + openldap-shepherd-service + openldap-service-type + ) +) + +(define-record-type* + openldap-configuration make-openldap-configuration + openldap-configuration? + (openldap openldap-configuration-openldap + (default openldap) + ) + (uri openldap-configuration-uri + (default "ldapi:// ldap://") + ) + (logflags openldap-configuration-logflags + (default "0") + ) + (pid-file openldap-configuration-pid-file + (default "/var/run/openldap/slapd.pid") + ) + (config-file openldap-configuration-config-file + (default (file-append openldap "/etc/openldap/slapd.conf")) + ) + (log-file openldap-configuration-log-file + (default "/var/log/slapd.log") + ) +) + +(define openldap-shepherd-service + (match-lambda + (($ openldap uri logflags pid-file config-file log-file) + (list + (shepherd-service + (provision '(slapd) ) + (documentation "Run openldap.") + (requirement '(user-processes)) + (respawn? #t) + (start #~(make-forkexec-constructor + (list + #$(file-append openldap "/libexec/slapd") + "-h" #$uri + "-d" #$logflags + "-f" #$config-file + ) + #:pid-file #$pid-file + #:log-file #$log-file + )) + (stop #~(make-kill-destructor)) + ) + ) + ) + ) +) + + +(define %openldap-activation + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (mkdir-p "/var/run/openldap") + (mkdir-p "/var/lib/ldap") + #t + ) + ) +) + +(define openldap-service-type + (service-type (name 'slapd) + (extensions + (list + (service-extension shepherd-root-service-type openldap-shepherd-service) + (service-extension activation-service-type (const %openldap-activation)) + ) + ) + (description "Run @uref{https://www.openldap.org, Openldap} community developped LDAP software.") + ) +) -- 2.30.2 From debbugs-submit-bounces@debbugs.gnu.org Fri Dec 17 17:39:24 2021 Received: (at 52578) by debbugs.gnu.org; 17 Dec 2021 22:39:24 +0000 Received: from localhost ([127.0.0.1]:40818 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myLsq-0002z1-9Q for submit@debbugs.gnu.org; Fri, 17 Dec 2021 17:39:24 -0500 Received: from baptiste.telenet-ops.be ([195.130.132.51]:49812) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myLso-0002yr-KH for 52578@debbugs.gnu.org; Fri, 17 Dec 2021 17:39:23 -0500 Received: from ptr-bvsjgyhxw7psv60dyze.18120a2.ip6.access.telenet.be ([IPv6:2a02:1811:8c09:9d00:3c5f:2eff:feb0:ba5a]) by baptiste.telenet-ops.be with bizsmtp id XafL2600F4UW6Th01afLyu; Fri, 17 Dec 2021 23:39:21 +0100 Message-ID: <48af7ae3214ca223d7b57c0fd5a72c13a9fcbd85.camel@telenet.be> Subject: [PATCH] updating openldap and adding service definition From: Maxime Devos To: 52578@debbugs.gnu.org Date: Fri, 17 Dec 2021 22:39:20 +0000 Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.38.3-1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r21; t=1639780761; bh=F+XcxPqmbXPjPBw1MvPHx7V7BFUp8qOVada1X2zhRl4=; h=Subject:From:To:Date; b=ECJ4rWDIfV0SSLizZt/IF+nlZcgrClMqTXLB9dWLhXR0gxiOZfhBEj6ZoG6AjekB6 0hgV7pHOAxKGq3N5ZXiCgla7SqT1dXzupdrDiOmDf6Y4WHH7EOvKAkAAD1VczCU3u5 OnLROaLu5MnI+U/ZtS1sV6SEXhRUGXY9V8VukCqZJ4giGW1u+9ZK2o6JxRIVgCVc8A 7tEKnVvCgDbrs8vW0WPvJz7pKdiCNGhK5uQMvBbvy5roj2VyZMbVfS9z7MD22gEefk qDZsKNTyc3TVAdmX+H/7AFjHB2YevXO14QDnmp6ezbfXEqGdbytL57KvEReAnInAu0 yBFP9xCCBuvrg== X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 52578 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) Hi, >+ "--disable-static" >+ "--enable-shared" >+ "--with-tls=openssl" >+ "--disable-static" A single "--disable-static" should be suficient. > + ,@(if (%current-target-system) > + '("--with-yielding_select=yes" "ac_cv_func_memcmp_working=yes") > + '() > + ) is this speculation on what's necessary for cross-compilation, or has it been determined these flags are necessary? >+ #:make-flags '("STRIP=") Why? >+ #:parallel-build? #t This is the default, no need to mention it. > + ,@(if (%current-target-system) > + '( > + (add-before 'make-depend 'fix-cross-gcc > + (lambda* (#:key target #:allow-other-keys) > + (setenv "CC" (string-append target "-gcc")) > + #t > + ) > + ) > + ) > + '() You can use ,(cc-for-target) here. Also, CC can be set in #:make-flags. > + (synopsis "Implementation of the Lightweight Directory Access Protocol") > + (description "OpenLDAP is a free implementation of the Lightweight Directory Access Protocol.") That's a very terse description --- is it a server, a client application, programming APIs for communicating with a server, or all of these? Also, no need to mention it's free, everything in Guix is free. > +(define-public openldap-2.5.9 > + (package > + (inherit openldap) What's the reason for defining multiple versions of openldap? Usually, it is only necessary to keep the latest version of a package (with some rare exceptions). >+(define-module (gnu services openldap) A copyright + license header is missing, and this file needs to be added to Makefile.am (or local.mk, I'm not sure about the details). >+ #:use-module (gnu packages openldap) >+ #:use-module (gnu services) >+ #:use-module (gnu services shepherd) >+ #:use-module (guix) >+ #:use-module (guix records) >+ #:use-module (ice-9 match) >+ #: export ( This seems unlikely to compile, what's the space doing here? Something I'm missing here, is some documentation. As it is, this openldap service isn't documented anywhere, so nobody would figure out it even exists, unless they search in the source code. > + (shepherd-service [...]) As-is, this service would be run as root, which is very suboptimal from a security perspective. Consider running it as a separate user & group, and if feasible in a container (the latter is optional but would be great). > + (pid-file openldap-configuration-pid-file > + (default "/var/run/openldap/slapd.pid")) > + (log-file openldap-configuration-log-file > + (default "/var/log/slapd.log")) I don't see the point in making this customisable. Why would anyone want to change the log locations or location of the pid file? Unless there's some compelling reason otherwise, I'd prefer to keep complexity down by not making this configurable. > + (config-file openldap-configuration-config-file > + (default (file-append openldap "/etc/openldap/slapd.conf")) > + ) Allowing writing the configuration with configuration records would be preferred (with an 'extra-content'-style escape hatch, because it would probably be infeasible to support every single configuration option of openldap, but some basic options like ‘which network port to bind to’ should be configurable in Scheme). > + (requirement '(user-processes)) This service probably requires a network interface, so loopback might be required. Also, why is user-processes included? I know many services include it, but it doesn't appear to be documented anywhere when user- processes must be added to 'requirement'. >+ openldap-configuration >+ openldap-configuration? >+ openldap-shepherd-service >+ openldap-service-type >+ ) These parentheses are lonely, consider moving the parenthese to right after openldap-service-type, to keep the style consistent in Guix. Greetings, Maxime. From debbugs-submit-bounces@debbugs.gnu.org Fri Dec 17 17:46:36 2021 Received: (at 52578) by debbugs.gnu.org; 17 Dec 2021 22:46:36 +0000 Received: from localhost ([127.0.0.1]:40823 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myLzo-0003B9-6g for submit@debbugs.gnu.org; Fri, 17 Dec 2021 17:46:36 -0500 Received: from xavier.telenet-ops.be ([195.130.132.52]:57360) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myLzm-0003Az-L5 for 52578@debbugs.gnu.org; Fri, 17 Dec 2021 17:46:35 -0500 Received: from ptr-bvsjgyhxw7psv60dyze.18120a2.ip6.access.telenet.be ([IPv6:2a02:1811:8c09:9d00:3c5f:2eff:feb0:ba5a]) by xavier.telenet-ops.be with bizsmtp id XamY260124UW6Th01amZjq; Fri, 17 Dec 2021 23:46:33 +0100 Message-ID: Subject: Re: [PATCH] updating openldap and adding service definition From: Maxime Devos To: 52578@debbugs.gnu.org Date: Fri, 17 Dec 2021 22:46:30 +0000 Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.38.3-1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r21; t=1639781193; bh=3zT2vvdIZ5xxbeTqjE1OjnHXAUmLtkU6cvHmb+ChQnw=; h=Subject:From:To:Date; b=KKL0mFnWC91n0kLtBvaEqJiwRZHV/KPI27tR2U6RWgs3xBSIzFM58LKCZZ4rI/tlE nJkX4BitkIZSShHQPF+wJvYd+lhEMXXYGQBRRU7S6H95YY7yo1CrR7ESPfVxS/BpEv VKkBFp+gtqzf7Jd0uozlH08vawCiRT/7RbO5goJHCMNieyEF6UjwUi/iTMCrStJgkh RnWG017HUNDc9zW5haXIP71RrmtZCAZiA1rT59MYTNS3UAyhGY8g9dVGzCloLAQYqP LOW1wxu3wX1jvW/UDEUtTqKSarI59+l0Xke7vbK5KusmkbOVx6Dorx/yF5cA6Nllgd bY1PRZ5MY1dqA== X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 52578 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) Hi, > + ; this is needed because the make check does not work inside guix > + #:tests? #f What do you mean with ‘does not work inside guix’? A failing test, a missing test dependency, ...? If it doesn't work, then it should be fixed if feasible -- test suites exist for a reason! And if it is a failing test, that would mean the test suite caught a bug, so in that case, the test suite is succeeding in its purpose, not failing. Greetings, Maxime From debbugs-submit-bounces@debbugs.gnu.org Sat Dec 18 05:27:10 2021 Received: (at 52578) by debbugs.gnu.org; 18 Dec 2021 10:27:10 +0000 Received: from localhost ([127.0.0.1]:41304 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myWvl-0004Zq-Tr for submit@debbugs.gnu.org; Sat, 18 Dec 2021 05:27:10 -0500 Received: from mail-wr1-f42.google.com ([209.85.221.42]:39780) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myWvi-0004ZO-Tz for 52578@debbugs.gnu.org; Sat, 18 Dec 2021 05:27:08 -0500 Received: by mail-wr1-f42.google.com with SMTP id s1so3409694wra.6 for <52578@debbugs.gnu.org>; Sat, 18 Dec 2021 02:27:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:in-reply-to:references:date:message-id:mime-version :content-transfer-encoding; bh=n2XQkFEd6HsNKm9aYfdjdsHwp8HzFzOGw/xFNiTfygo=; b=irrqQ1o3v7mjTAhtdq0dbm43eTuscFrubliC2b1uNidkt3ktaqlKsRichmyXtq8o3e mn5ZRa3llKvPXGGcadI7orMUUCjjHznLuncOdUJjbfSneBg+XqPpaRgSOaZvzQJd98mL bA+py/R0a/2XELNnhFtUnuFGFSQ1zrXn3L/OCLoRN9HEhmfmNfQbmi2ZvUyuo27//LaA sFSjwyW2At563UagzmR9d3V9N4oKTSuJ61z44LBTJA7C0V3I6TvueT+Ry8HWZlxaNnfc FMhCiCOto1WSSjRWNPsyXQjRt7TpFPWGSOHv0MDEUl1zBP7nXYDb3xBpCf+kBQRswarD o8+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:in-reply-to:references:date :message-id:mime-version:content-transfer-encoding; bh=n2XQkFEd6HsNKm9aYfdjdsHwp8HzFzOGw/xFNiTfygo=; b=FuCdwmEfctnTVtsnQlbfsRRR7YQ4M9cKzvKTpE9OKFjPmtaSUABPhyoLMaYTqzzeHI Pf/imoDhIRcZYFOfvvSDTIckQW9vOH6MhcqZXsbx+p86xW2qpNz7RBhqxRRL1cnynbW4 21zAkjtvd95evs17A7nWOcjRw/K9tgegzoew4Q+9BTFFGXoOFor3WlEXkgVswTPXG715 21hrt3zPxDUCMAKqm6/VECD7/zMwbpIf0F2ReeeWGZ46/LSzFHAdIZmkiXPhO0WhS4xK Epx7B9bm5BALnlO2Dkq1l1mnDa8BVDrQQ6gQLjudMtEQ+bL1wgkBs/G+XdTNvTc2K4vH hY8A== X-Gm-Message-State: AOAM531MDWMsmlJGbP4FTnCkhWxeh4zD4WO58OqEwZDCBXsrNY9YBZgR 7U1uiAYptUT7u1Rnm6Vez+LWTFAc4mw= X-Google-Smtp-Source: ABdhPJxmtvQYf4IS9KoI2dqX4h4XCbaKaW4sMelXarIw2tEGB4ul2W3d/BB6CGK9AG0wX5odHEOiPQ== X-Received: by 2002:adf:ec09:: with SMTP id x9mr5831443wrn.111.1639823220868; Sat, 18 Dec 2021 02:27:00 -0800 (PST) Received: from lili ([2a01:e0a:59b:9120:65d2:2476:f637:db1e]) by smtp.gmail.com with ESMTPSA id r5sm5511575wrj.4.2021.12.18.02.27.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 18 Dec 2021 02:27:00 -0800 (PST) From: zimoun To: Jean-Francois GUILLAUME , 52578@debbugs.gnu.org Subject: Re: [bug#52578] [PATCH] updating openldap and adding service definition In-Reply-To: References: Date: Sat, 18 Dec 2021 11:22:05 +0100 Message-ID: <86ee6aqkky.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 52578 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi Jean-Fran=C3=A7ois, Nice to see you here. :-) Various comments for improving the submission. On Fri, 17 Dec 2021 at 14:52, Jean-Francois GUILLAUME wrote: > * gnu/packages/openldap.scm (openldap): Update to 2.6.0, adding 2.5.7,=20 > 2.5.8, 2.5.9 > * gnu/services/openldap.scm (openldap): Adding slapd service I would split: one commit for adding a big openldap and another for adding the service. WDYT? (I have not looked yet to the service.) > (define-public openldap > + (package > + (name "openldap") > + (version "2.6.0") > + (source (origin > + (method url-fetch) > + (uri (list > + (string-append=20 > "https://www.openldap.org/software/download/OpenLDAP/openldap-release/ope= nldap-"=20 > version ".tgz") Why the mirror list had been removed? > + (string-append=20 > "http://repository.linagora.org/OpenLDAP/openldap-release/openldap-"=20 > version ".tgz") This is new, right? > + (string-append=20 > "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/openldap-release/openldap-"=20 > version ".tgz") As it is currently and already done in gnu/packages/openldap.scm, to ease the reading, this long string could be slip as, --8<---------------cut here---------------start------------->8--- (string-append "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/" "openldap-release/openldap-" version ".tgz"))) --8<---------------cut here---------------end--------------->8--- (See below for details if many variants are required.) > + (inputs `( > + ("argon2", argon2) > + ("cyrus-sasl", cyrus-sasl) > + ("libevent", libevent) > + ("libgcrypt", libgcrypt) > + ("libltdl", libltdl) > + ("lz4", lz4) > + ("openssl", openssl) > + ("perl", perl) > + ("snappy", snappy) > + ("unixodbc", unixodbc) > + ("wiredtiger", wiredtiger) > + ("zlib", zlib) > + )) > + (native-inputs `( > + ("bdb", bdb) > + ("groff", groff) > + ("libtool", libtool) > + ("pkg-config", pkg-config) > + )) Currently, openldap@2.4.57 is built using (reformatted by me to ease the comparison): --8<---------------cut here---------------start------------->8--- (inputs (list bdb-5.3=20 cyrus-sasl=20 gnutls=20 libgcrypt=20 zlib)) (native-inputs (list libtool=20 groff=20 bdb-5.3)) --8<---------------cut here---------------end--------------->8--- Aside the new style vs the old style which is a detail, are these lists expanded because the version bump or because more OpenLDAP is built using more features? > + (arguments `( > + ; this is needed because the make check does not work inside guix > + #:tests? #f It was already off, but I do not understand the new comment. Well, maybe this commentary is not necessary. > + #:configure-flags '( > + "--enable-debug" > + "--enable-dynamic" > + "--enable-syslog" > + "--enable-ipv6" > + "--enable-local" > + "--enable-slapd" > + "--enable-dynacl" > + "--enable-aci" > + "--enable-cleartext" > + "--enable-crypt" > + "--enable-spasswd" > + "--enable-modules" > + "--enable-rlookups" > + "--enable-slapi" > + "--enable-backends=3Dmod" > + "--enable-overlays=3Dmod" > + "--enable-argon2" > + "--enable-balancer" > + "--disable-static" > + "--enable-shared" > + "--with-tls=3Dopenssl" > + "--disable-static" This is a lot more. :-) Therefore, the question is: is it better=20 - to have only one BIG openldap package? - or to have one minimal openldap and a bigger variant? Well, =E2=80=9Cguix refresh -l openldap=E2=80=9D answers for us. ;-) I propose to keep openldap@2.4.57 minimal, as it currently is, and use =E2=80=99inherit=E2=80=99 to build BIG =E2=80=99openldap@2.6.0.=E2=80=99 an= d variants. > + ,@(if (%current-target-system) > + '("--with-yielding_select=3Dyes"=20 > "ac_cv_func_memcmp_working=3Dyes") > + '() > + ) > + ) > + #:make-flags '("STRIP=3D") > + #:parallel-build? #t This is not necessary because it is the default. > + #:phases (modify-phases %standard-phases > + (add-before 'build 'make-depend > + (lambda* (#:key input #:allow-other-keys) > + (invoke "make" "depend") > + ) > + ) > + ,@(if (%current-target-system) > + '( > + (add-before 'make-depend 'fix-cross-gcc > + (lambda* (#:key target #:allow-other-keys) > + (setenv "CC" (string-append target "-gcc")) > + #t > + ) > + ) > + ) > + '() > + ) > + ) > + )) A minor comment, usually, we do: --8<---------------cut here---------------start------------->8--- ,@(if (%current-target-system) '((add-before 'make-depend 'fix-cross-gcc (lambda* (#:key target #:allow-other-keys) (setenv "CC" (string-append target "-gcc")) #t))) '())))) --8<---------------cut here---------------end--------------->8--- instead of all these closing parens, each on one line. Using =E2=80=99inherit=E2=80=99, this is even probably not required. :-) > +(define-public openldap-2.5.9 > + (package > + (inherit openldap) > + (name "openldap") > + (version "2.5.9") > + (source (origin > + (method url-fetch) > + (uri (list > + (string-append=20 > "https://www.openldap.org/software/download/OpenLDAP/openldap-release/ope= nldap-"=20 > version ".tgz") > + (string-append=20 > "http://repository.linagora.org/OpenLDAP/openldap-release/openldap-"=20 > version ".tgz") > + (string-append=20 > "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/openldap-release/openldap-"=20 > version ".tgz") > + )) > + (sha256 ( base32=20 > "17pvwrj27jybbmjqpv0p7kd2qa4i6jnp134lz7cxa0sqrbs153n0" )) > + ) Do you need all these variants? If yes, it could be nice to have, instead of copy/paste all, something like: --8<---------------cut here---------------start------------->8--- (define (openldap-uris version) (let ((openldap-release "OpenLDAP/openldap-release/") (openldap-version.tgz (string-append "openldap-" version ".tgz"))) (map (lambda (url) (string-append url openldap-release openldap-version.tgz)) (list "https://www.openldap.org/software/download/" "http://repository.linagora.org/" "ftp://ftp.dti.ad.jp/pub/net/")))) (define-public openldap-2.5.8 (package (inherit openldap) (name "openldap") (version "2.5.8") (source (origin (method url-fetch) (uri (openldap-uris version)) (sha256 (base32 "1p3jck2kh7rsz6mkrqaailaf9ky050hn72wph52dw0j2nb1s2vin"))))) [=E2=80=A6] --8<---------------cut here---------------end--------------->8--- (Untested though. :-))) Cheers, simon From debbugs-submit-bounces@debbugs.gnu.org Sat Dec 18 06:00:09 2021 Received: (at 52578) by debbugs.gnu.org; 18 Dec 2021 11:00:09 +0000 Received: from localhost ([127.0.0.1]:41347 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myXRg-0005Qs-T1 for submit@debbugs.gnu.org; Sat, 18 Dec 2021 06:00:09 -0500 Received: from mail-wm1-f43.google.com ([209.85.128.43]:36817) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myXRe-0005Os-9a for 52578@debbugs.gnu.org; Sat, 18 Dec 2021 06:00:06 -0500 Received: by mail-wm1-f43.google.com with SMTP id y83-20020a1c7d56000000b003456dfe7c5cso4841776wmc.1 for <52578@debbugs.gnu.org>; Sat, 18 Dec 2021 03:00:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:in-reply-to:references:date:message-id:mime-version :content-transfer-encoding; bh=tddXBLRpfLolditLwLdDdt4I+Ir3en3EwEcc2OcEdgM=; b=RiaR2bRa/wCMBsHoQSqjuYDHeAzsfEUy3lOVQzxJiqza6VaLqntpHWsHvbv0eaMI2B HaIOzm+fVmEeZ0EVI5wTJcLWfRJSQpfk5tULarhq8LVqV9vhdYmiFYolhqD0Xv6zx0ms 0ZA+agux9F9740+0srtdM9/r2Xs0zdGCgnVchDuKYYWKHRV9W7NtYAauIQNi+Dkuvi4i +P1xUaN69rDoXn+Is8byJIyx37RW1ZJJTMj2Lt4VMHCyUy6c3WW0NygZcm6gYe5KN1uc qa2Yj+HoWyTHMKuFf21cGH3Ep3tuv425OgQwPv2z1EdkLEbrZj2dgsrAiCaWdemr1Aqm DKKg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:in-reply-to:references:date :message-id:mime-version:content-transfer-encoding; bh=tddXBLRpfLolditLwLdDdt4I+Ir3en3EwEcc2OcEdgM=; b=CwBwobO9PeltxbWgwsJu6+0eEojMH4p7bT2WgIR/k0siak+B9xtZyqmT8d7SktqrBl 79OBofUofYxybRyarnNXc57Bzp5rrXyf+OxLUTwnAi18qCIzSJwrMcRHJ0lrbO+G1cSl fcX1SnL9ewBJEzo5bkbk35R4sDO/ZXssPDOxVYJpSS1nDz7WGv7WUp/z6CHTvzj2afZQ pCyUKKcEWMk946InAEBPxYkvf381We6ylARDHKAkw1A5OHKbu6nMdytVyxDnuxZuisgG vxF4YLgtIzc6pCJIXZPqMLCRtYMaoubydnEoQcuh25uPQbCP0M3V8OcA/+L9aaIWOQqv rSQA== X-Gm-Message-State: AOAM533f9EyYOk1cprjC0+CaA2k0EYdmdAEQ77X15kwtFWJoWepROc1v rRFKMeG8YYu0KLylvI1nEsaNIfhOdXk= X-Google-Smtp-Source: ABdhPJwezkWQxwSNIAckt90d94pAZ15NYx3R/eXDFpcds3rD3xi2YEXUBg6UjxyLCLk36io8315Drw== X-Received: by 2002:a05:600c:3489:: with SMTP id a9mr13311737wmq.53.1639825200488; Sat, 18 Dec 2021 03:00:00 -0800 (PST) Received: from lili ([2a01:e0a:59b:9120:65d2:2476:f637:db1e]) by smtp.gmail.com with ESMTPSA id y3sm7609317wrq.12.2021.12.18.02.59.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 18 Dec 2021 03:00:00 -0800 (PST) From: zimoun To: Maxime Devos , 52578@debbugs.gnu.org Subject: Re: [bug#52578] [PATCH] updating openldap and adding service definition In-Reply-To: <48af7ae3214ca223d7b57c0fd5a72c13a9fcbd85.camel@telenet.be> References: <48af7ae3214ca223d7b57c0fd5a72c13a9fcbd85.camel@telenet.be> Date: Sat, 18 Dec 2021 11:53:43 +0100 Message-ID: <868rwiqj48.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 52578 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi Maxime, The package =E2=80=99openldap=E2=80=99 already exists and some of your comm= ents ask about the existing recipe. :-) I think Jean-Fran=C3=A7ois just copy/pasted the current recipe and expand it for their own requirements: having the service they need, IIUC. On Fri, 17 Dec 2021 at 22:39, Maxime Devos wrote: >> + ,@(if (%current-target-system) >> + '("--with-yielding_select=3Dyes" > "ac_cv_func_memcmp_working=3Dyes") >> + '() >> + ) > > is this speculation on what's necessary for cross-compilation, or has > it been determined these flags are necessary? This bits had been added by Mathieu 1c8b1870a60de12f6c19d809522f5d836221513= 1. >>+ #:make-flags '("STRIP=3D") > > Why? This one too. >> + ,@(if (%current-target-system) >> + '( >> + (add-before 'make-depend 'fix-cross-gcc >> + (lambda* (#:key target #:allow-other-keys) >> + (setenv "CC" (string-append target "-gcc")) >> + #t >> + ) >> + ) >> + ) >> + '() > > You can use ,(cc-for-target) here. Also, CC can be set in #:make-flags. Again this one. >> + (synopsis "Implementation of the Lightweight Directory Access > Protocol") >> + (description "OpenLDAP is a free implementation of the > Lightweight Directory Access Protocol.") > > That's a very terse description --- is it a server, a client > application, programming APIs for communicating with a server, or all > of these? Also, no need to mention it's free, everything in Guix is > free. This description is from 2013, 2a75d4e664e802d3a3e2ed6455c63f32541559c8. ;-) Your comments about the package itself make sense but I am not convinced that they are related to the first Jean-Fran=C3=A7ois submission. :-) Cheers, simon From debbugs-submit-bounces@debbugs.gnu.org Sat Dec 18 12:21:33 2021 Received: (at 52578) by debbugs.gnu.org; 18 Dec 2021 17:21:33 +0000 Received: from localhost ([127.0.0.1]:43731 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mydOm-0005RP-5K for submit@debbugs.gnu.org; Sat, 18 Dec 2021 12:21:32 -0500 Received: from smtp2.univ-nantes.fr ([193.52.82.19]:44230 helo=smtp-prv.univ-nantes.fr) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myX6G-0004px-Jf for 52578@debbugs.gnu.org; Sat, 18 Dec 2021 05:38:06 -0500 Received: from localhost (localhost [127.0.0.1]) by smtp-prv.univ-nantes.fr (Postfix) with ESMTP id 0BB3D85D7FD for <52578@debbugs.gnu.org>; Sat, 18 Dec 2021 11:37:59 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1639823879; bh=7rCaEdg/bvyg3VBArvhTz3IW1YVHQxtXIfRZym9jwJg=; h=Date:From:To:Subject:From; b=Rp7pLk62UjA8gSX4kZuzTHIXklblDa/GMh9QNP24f2SjUUPoKksnEIcnblN2LpM+Z s/XGQprcdiUmMQvsAb+RgUrtx++hoxxh3hzbgBl0pD95vv4oYnXcMEDK0t4OJOQn8m sSiX4DyMUaTtHdATlDItegcSPr8lhzYFoGTd+gBnVo+6Ne2ixFsLkQqJI3jgUWeevm qlSNxn+gZoD+C2y5jtFAeKkRPzk/DxZwzHnN/lqfbZaxNjdFokKBw1SDJSnQybL8Fr ClZXfiyKSntZGY+XzTjx4aa2qwJvfwohgEC1Tkd1iMxrulXPSCNE/+nhhLTVGISEfW XjWJu0ikyedkg== X-Virus-Scanned: Debian amavisd-new at smtp2.univ-nantes.fr Received: from smtp-prv.univ-nantes.fr ([127.0.0.1]) by localhost (smtp2.u12.univ-nantes.prive [127.0.0.1]) (amavisd-new, port 10024) with LMTP id w6KeKulzjmwP for <52578@debbugs.gnu.org>; Sat, 18 Dec 2021 11:37:58 +0100 (CET) Received: from webmail.univ-nantes.fr (webmail2-lmb.cprv.univ-nantes.prive [172.26.0.61]) by smtp-prv.univ-nantes.fr (Postfix) with ESMTP id D9D3985C717 for <52578@debbugs.gnu.org>; Sat, 18 Dec 2021 11:37:58 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1639823878; bh=7rCaEdg/bvyg3VBArvhTz3IW1YVHQxtXIfRZym9jwJg=; h=Date:From:To:Subject:From; b=pY3NWqmxDNuWMqvNUkDaxhDHwMp26DLAed9viUARoBm30VpfEnI1QyD/s8/B0ocrJ hhjw8bREhTQ2JYSBkDS03TN7Ok4mux52DvuE9j9W+QUKCD6H6JE4M4rlLp6DhhEpD7 fZGQ6G3tOes08vtmYIIAd9GCuuBcK5PrI8UoEdzJnkm8a6kvGRPBA0jUINrwo5ZZMz rj/uF8hBoeN8fTcw7R+z6zd7mxWfnPLWV/TpQJ+9wvg70j9jmngAWEZjLBVcz7qOn4 6bpkw3RKQ8vwAi93I0V6WudtrXUvg+PpDyvoq6i62PAtSNHOK3jkf4LrcYqg9kzhxr +vewkgxHP4bHQ== MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable Date: Sat, 18 Dec 2021 11:37:58 +0100 From: Jean-Francois GUILLAUME To: 52578@debbugs.gnu.org Subject: [PATCH] updating openldap and adding service definition Organization: UFR MEDECINE/FED 4203 SFR SANTE Message-ID: <272054126ba496f811756b19fc5e77fa@imap.univ-nantes.prive> X-Sender: Jean-Francois.Guillaume@univ-nantes.fr User-Agent: Roundcube Webmail/1.1.2 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 52578 X-Mailman-Approved-At: Sat, 18 Dec 2021 12:21:31 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hi, > A single "--disable-static" should be suficient. Indeed, copy-paste from our local repository went wrong. > is this speculation on what's necessary for cross-compilation, or has=20 > it been determined these flags are necessary? These were necessary with the old autoconf in <=3D 2.5 realeases. It's=20 mostly a leftover from the older definition already in guix. > Why? Stripping was sometime leading to crash of the build on my side. > This is the default, no need to mention it. True, leftover from when i needed the build to be monothread to see=20 where it failed. > You can use ,(cc-for-target) here. Also, CC can be set in #:make-flags. Ok, i will look into it. > That's a very terse description --- is it a server, a client=20 > application, programming APIs for communicating with a server, or all=20 > of these? Also, no need to mention it's free, everything in Guix is=20 > free. I'll be honest, it's a copy-paste from the already defined package. I'll=20 update it to be more meaningfull. > What's the reason for defining multiple versions of openldap? Usually,=20 > it is only necessary to keep the latest version of a package (with some= =20 > rare exceptions). This is mostly another case of copy-paste from our local repository went=20 wrong. > A copyright + license header is missing, and this file needs to be=20 > added to Makefile.am (or local.mk, I'm not sure about the details). Ok, i will look into it. > This seems unlikely to compile, what's the space doing here? Well, we use this in our local guix infrastructure and it doesn't=20 complain, nor does our building of ldap server vms with guix system=20 build. > Something I'm missing here, is some documentation. As it is, this=20 > openldap service isn't documented anywhere, so nobody would figure out=20 > it even exists, unless they search in the source code. True, forgot about this, my bad. Could you please point me to an example=20 ? > As-is, this service would be run as root, which is very suboptimal from= =20 > a security perspective. Consider running it as a separate user & group,= =20 > and if feasible in a container (the latter is optional but would be=20 > great). True, i'll try to get it work with it's own user and group. > I don't see the point in making this customisable. Why would anyone=20 > want to change the log locations or location of the pid file? Unless=20 > there's some compelling reason otherwise, I'd prefer to keep complexity= =20 > down by not making this configurable. This allow us to run multiple instance of this service on the same=20 machine (granted you also change the storage directory slapd.conf). > Allowing writing the configuration with configuration records would be=20 > preferred (with an 'extra-content'-style escape hatch, because it would= =20 > probably be infeasible to support every single configuration option of=20 > openldap, but some basic options like =E2=80=98which network port to bind= =20 > to=E2=80=99 should be configurable in Scheme). Well this is beyond my current abilities. > This service probably requires a network interface, so loopback might=20 > be required. Also, why is user-processes included? I know many services= =20 > include it, but it doesn't appear to be documented anywhere when=20 > user-processes must be added to 'requirement'. True. From my understanding, when you reach user-processes you're in the=20 late stage of booting your system and everything network-wise should be=20 available. > These parentheses are lonely, consider moving the parenthese to right=20 > after openldap-service-type, to keep the style consistent in Guix. Leftovers from our local repo, we rely a bit to much on indentation to=20 help us have a better view of where blocks start and stop. > What do you mean with =E2=80=98does not work inside guix=E2=80=99? For some strange reasons, when the tests are run by guix build they do=20 not properly clean after each steps and ends up failing. If you do the=20 same inside a guix environment test work properly. And i think some=20 tests need some kinds of network connection but that could be on another=20 package. Sorry for the messy patch. Best, --=20 Cordialement, Jean-Fran=C3=A7ois GUILLAUME Plateforme Bioinformatique BiRD T=C3=A9l. : +33 (0)2 28 08 00 57 www.pf-bird.univ-nantes.fr Inserm UMR 1087/CNRS UMR 6291 IRS-UN - 8 quai Moncousu - BP 70721 44007 Nantes Cedex 1 From debbugs-submit-bounces@debbugs.gnu.org Sat Dec 18 12:21:33 2021 Received: (at 52578) by debbugs.gnu.org; 18 Dec 2021 17:21:33 +0000 Received: from localhost ([127.0.0.1]:43733 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mydOm-0005RS-VH for submit@debbugs.gnu.org; Sat, 18 Dec 2021 12:21:33 -0500 Received: from smtp1.univ-nantes.fr ([193.52.82.18]:38736 helo=smtp-prv.univ-nantes.fr) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myXHa-00059K-94 for 52578@debbugs.gnu.org; Sat, 18 Dec 2021 05:49:43 -0500 Received: from localhost (localhost [127.0.0.1]) by smtp-prv.univ-nantes.fr (Postfix) with ESMTP id 19217734D8 for <52578@debbugs.gnu.org>; Sat, 18 Dec 2021 11:49:41 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1639824581; bh=xdlFwznEMXuvDDSSG51btOUJo2C28dYlYf2Ug0rDofQ=; h=Date:From:To:Subject:In-Reply-To:References:From; b=D6Nekz3Xeek8+BQ3PPt8L6+KkD//mfcUBHv53geHGDU/Vp78+sQVDRO5FBgyez5Uv YJ2WS3TGlkNoJ7ITx+b472WQT6nR5+KDvDeR2KhEeoZVTNtcFWI/8wDbnSK4TulVLB 1Yu9HoDrIKnjRjehDJvEh41W2nOix+E1GYQTORHlSgemNSxq2lPcqsJMne6I3OUevR g+XtSCjMr8cp3njAphiJsF7efR/EkQ2nK0fGh9atNWoYe9rCOvDnancqe0FJPD7WBU bDsHs8zRtlNSy5HAAlpSf+Slby2HGUbpP5epyoU07h4Ad6t3Xp3KD3mBs/ATtQCwh9 vZOjAAfClmdGg== X-Virus-Scanned: Debian amavisd-new at smtp2 Received: from smtp-prv.univ-nantes.fr ([127.0.0.1]) by localhost (smtp1.u12.univ-nantes.prive [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 40R2oOyiU6g4 for <52578@debbugs.gnu.org>; Sat, 18 Dec 2021 11:49:41 +0100 (CET) Received: from webmail.univ-nantes.fr (webmail1-loi.cprv.univ-nantes.prive [172.26.0.62]) by smtp-prv.univ-nantes.fr (Postfix) with ESMTP id EAF1B33F37 for <52578@debbugs.gnu.org>; Sat, 18 Dec 2021 11:49:40 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1639824580; bh=xdlFwznEMXuvDDSSG51btOUJo2C28dYlYf2Ug0rDofQ=; h=Date:From:To:Subject:In-Reply-To:References:From; b=lt+91w4xuER4NkR5JYL/zAsnwbB1hp6pXZLSEZ3+4xzP9HQKnVf2DnWYrFJXJ8p2R xlVl0i+Oi31wFHCPXiyqYh2gE0dQ2yDA50s9E02tvUXUUW/81q2i7qeEYXamyuu70C /CTXgZWVyiCJPFxrdLozxtDHRVyVzn0y5noQBm9w1vYozHux6l58IzEZ8l57T6L0iH IWDm9ybPoaocKixV4cL6GUe8JXz7n8xVZ71Y99sb4+1ZdUIBDT2rJxrn1zwkkxSN/h kkhlwa67V5++nBkmtBVJixUA94FSF4R+mLG4mY+SWP9xKGagGdjlpcSDnUYtX0buh6 Pxtkp7umQ/mlQ== MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable Date: Sat, 18 Dec 2021 11:49:40 +0100 From: Jean-Francois GUILLAUME To: 52578 <52578@debbugs.gnu.org> Subject: Re: [bug#52578] [PATCH] updating openldap and adding service definition Organization: UFR MEDECINE/FED 4203 SFR SANTE In-Reply-To: <272054126ba496f811756b19fc5e77fa@imap.univ-nantes.prive> References: <272054126ba496f811756b19fc5e77fa@imap.univ-nantes.prive> Message-ID: <08c0697fe0be36391d845c521315355e@imap.univ-nantes.prive> X-Sender: Jean-Francois.Guillaume@univ-nantes.fr User-Agent: Roundcube Webmail/1.1.2 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 52578 X-Mailman-Approved-At: Sat, 18 Dec 2021 12:21:31 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hi Maxime, > A single "--disable-static" should be suficient. Indeed, copy-paste from our local repository went wrong. > is this speculation on what's necessary for cross-compilation, or has=20 > it been determined these flags are necessary? These were necessary with the old autoconf in <=3D 2.5 realeases. It's=20 mostly a leftover from the older definition already in guix. > Why? Stripping was sometime leading to crash of the build on my side. > This is the default, no need to mention it. True, leftover from when i needed the build to be monothread to see=20 where it failed. > You can use ,(cc-for-target) here. Also, CC can be set in #:make-flags. Ok, i will look into it. > That's a very terse description --- is it a server, a client=20 > application, programming APIs for communicating with a server, or all=20 > of these? Also, no need to mention it's free, everything in Guix is=20 > free. I'll be honest, it's a copy-paste from the already defined package. I'll=20 update it to be more meaningfull. > What's the reason for defining multiple versions of openldap? Usually,=20 > it is only necessary to keep the latest version of a package (with some= =20 > rare exceptions). This is mostly another case of copy-paste from our local repository went=20 wrong. > A copyright + license header is missing, and this file needs to be=20 > added to Makefile.am (or local.mk, I'm not sure about the details). Ok, i will look into it. > This seems unlikely to compile, what's the space doing here? Well, we use this in our local guix infrastructure and it doesn't=20 complain, nor does our building of ldap server vms with guix system=20 build. > Something I'm missing here, is some documentation. As it is, this=20 > openldap service isn't documented anywhere, so nobody would figure out=20 > it even exists, unless they search in the source code. True, forgot about this, my bad. Could you please point me to an example=20 ? > As-is, this service would be run as root, which is very suboptimal from= =20 > a security perspective. Consider running it as a separate user & group,= =20 > and if feasible in a container (the latter is optional but would be=20 > great). True, i'll try to get it work with it's own user and group. > I don't see the point in making this customisable. Why would anyone=20 > want to change the log locations or location of the pid file? Unless=20 > there's some compelling reason otherwise, I'd prefer to keep complexity= =20 > down by not making this configurable. This allow us to run multiple instance of this service on the same=20 machine (granted you also change the storage directory slapd.conf). > Allowing writing the configuration with configuration records would be=20 > preferred (with an 'extra-content'-style escape hatch, because it would= =20 > probably be infeasible to support every single configuration option of=20 > openldap, but some basic options like =E2=80=98which network port to bind= =20 > to=E2=80=99 should be configurable in Scheme). Well this is beyond my current abilities. > This service probably requires a network interface, so loopback might=20 > be required. Also, why is user-processes included? I know many services= =20 > include it, but it doesn't appear to be documented anywhere when=20 > user-processes must be added to 'requirement'. True. From my understanding, when you reach user-processes you're in the=20 late stage of booting your system and everything network-wise should be=20 available. > These parentheses are lonely, consider moving the parenthese to right=20 > after openldap-service-type, to keep the style consistent in Guix. Leftovers from our local repo, we rely a bit to much on indentation to=20 help us have a better view of where blocks start and stop. > What do you mean with =E2=80=98does not work inside guix=E2=80=99? For some strange reasons, when the tests are run by guix build they do=20 not properly clean after each steps and ends up failing. If you do the=20 same inside a guix environment test work properly. And i think some=20 tests need some kinds of network connection but that could be on another=20 package. Sorry for the messy patch. Best, --- Cordialement, Jean-Fran=C3=A7ois GUILLAUME Plateforme Bioinformatique BiRD T=C3=A9l. : +33 (0)2 28 08 00 57 www.pf-bird.univ-nantes.fr Inserm UMR 1087/CNRS UMR 6291 IRS-UN - 8 quai Moncousu - BP 70721 44007 Nantes Cedex 1 From debbugs-submit-bounces@debbugs.gnu.org Sat Dec 18 12:21:34 2021 Received: (at 52578) by debbugs.gnu.org; 18 Dec 2021 17:21:34 +0000 Received: from localhost ([127.0.0.1]:43735 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mydOn-0005Ra-Dw for submit@debbugs.gnu.org; Sat, 18 Dec 2021 12:21:34 -0500 Received: from smtp2.univ-nantes.fr ([193.52.82.19]:45722 helo=smtp-prv.univ-nantes.fr) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1myXb4-0005ef-VE for 52578@debbugs.gnu.org; Sat, 18 Dec 2021 06:09:52 -0500 Received: from localhost (localhost [127.0.0.1]) by smtp-prv.univ-nantes.fr (Postfix) with ESMTP id 80A2E8B9512; Sat, 18 Dec 2021 12:09:49 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1639825789; bh=Fj/dpu2XKl/8u5PFfMFcRhbAiuzgvskTePyT/mELv80=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=NIuS3zx3XuKuAkLw5s6gxYXYsLZYoMJ+WcwY6O8/xVgPHGy2GZgIGvFu3Sng0eSMo 4dNvw2IQshx2s5/96aaEQH6M4+U9YY4kYUTE6ho7LVoqnzEXnk9QZKwAUQuDOcmull BI9gY/ZPPCDJGDHf7ot01etUNX3qduSMt0RUIBoDjtCeivZeXEMGZf9MQGha6JuBNq g0medk9NQ/miyncQgJBVWh8lfKR++LQ/pek4+ts4VQBhCKFbsNoqEmj/zGJMiinq9a jL8NMoouWKrFPmgEpnC0m1PeWfuXI/cM6JE/uWV8lKQZwg8iPSQ4LgqRlOKUBJ2D9R d5QA7IEAp0WNg== X-Virus-Scanned: Debian amavisd-new at smtp2.univ-nantes.fr Received: from smtp-prv.univ-nantes.fr ([127.0.0.1]) by localhost (smtp2.u12.univ-nantes.prive [127.0.0.1]) (amavisd-new, port 10024) with LMTP id MolyeA-9XGEu; Sat, 18 Dec 2021 12:09:49 +0100 (CET) Received: from webmail.univ-nantes.fr (webmail2-lmb.cprv.univ-nantes.prive [172.26.0.61]) by smtp-prv.univ-nantes.fr (Postfix) with ESMTP id 5AA1684540F; Sat, 18 Dec 2021 12:09:49 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1639825789; bh=Fj/dpu2XKl/8u5PFfMFcRhbAiuzgvskTePyT/mELv80=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=NIuS3zx3XuKuAkLw5s6gxYXYsLZYoMJ+WcwY6O8/xVgPHGy2GZgIGvFu3Sng0eSMo 4dNvw2IQshx2s5/96aaEQH6M4+U9YY4kYUTE6ho7LVoqnzEXnk9QZKwAUQuDOcmull BI9gY/ZPPCDJGDHf7ot01etUNX3qduSMt0RUIBoDjtCeivZeXEMGZf9MQGha6JuBNq g0medk9NQ/miyncQgJBVWh8lfKR++LQ/pek4+ts4VQBhCKFbsNoqEmj/zGJMiinq9a jL8NMoouWKrFPmgEpnC0m1PeWfuXI/cM6JE/uWV8lKQZwg8iPSQ4LgqRlOKUBJ2D9R d5QA7IEAp0WNg== MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable Date: Sat, 18 Dec 2021 12:09:49 +0100 From: Jean-Francois GUILLAUME To: zimoun Subject: Re: [bug#52578] [PATCH] updating openldap and adding service definition Organization: UFR MEDECINE/FED 4203 SFR SANTE In-Reply-To: <86ee6aqkky.fsf@gmail.com> References: <86ee6aqkky.fsf@gmail.com> Message-ID: X-Sender: Jean-Francois.Guillaume@univ-nantes.fr User-Agent: Roundcube Webmail/1.1.2 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 52578 X-Mailman-Approved-At: Sat, 18 Dec 2021 12:21:31 -0500 Cc: 52578@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hi Simon, > Nice to see you here. :-) Thanks :) > Various comments for improving the submission. Angain, thank you. I'll glady take on these as i've other packages to=20 contribute. > I would split: one commit for adding a big openldap and another for > adding the service. WDYT? >=20 > (I have not looked yet to the service.) As you wish, i must admit i was kind of lazy and wanted to provide=20 everything in one go. >=20 > Why the mirror list had been removed? >=20 > [...] >=20 > This is new, right? >=20 It's still using a mirror list, i've tried to select a few on each=20 region of th e world on openldap's download page. > As it is currently and already done in gnu/packages/openldap.scm, to > ease the reading, this long string could be slip as, >=20 > --8<---------------cut here---------------start------------->8--- > (string-append > "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/" > "openldap-release/openldap-" version ".tgz"))) > --8<---------------cut here---------------end--------------->8--- >=20 > (See below for details if many variants are required.) >=20 Well, i found it more easy to read on one line but it's true that i use=20 a wide terminal. I can change it, no problems. >=20 >> + (inputs `( >> + ("argon2", argon2) >> + ("cyrus-sasl", cyrus-sasl) >> + ("libevent", libevent) >> + ("libgcrypt", libgcrypt) >> + ("libltdl", libltdl) >> + ("lz4", lz4) >> + ("openssl", openssl) >> + ("perl", perl) >> + ("snappy", snappy) >> + ("unixodbc", unixodbc) >> + ("wiredtiger", wiredtiger) >> + ("zlib", zlib) >> + )) >> + (native-inputs `( >> + ("bdb", bdb) >> + ("groff", groff) >> + ("libtool", libtool) >> + ("pkg-config", pkg-config) >> + )) >=20 > Currently, openldap@2.4.57 is built using (reformatted by me to ease=20 > the > comparison): >=20 > --8<---------------cut here---------------start------------->8--- > (inputs (list bdb-5.3 > cyrus-sasl > gnutls > libgcrypt > zlib)) > (native-inputs (list libtool > groff > bdb-5.3)) > --8<---------------cut here---------------end--------------->8--- >=20 > Aside the new style vs the old style which is a detail, are these lists > expanded because the version bump or because more OpenLDAP is built > using more features? >=20 With his definition you can now run a fully featured openldap server. We=20 were missing quite a few features when using the 2.4.57 version (which=20 is nearly only the client tools). >=20 >> + (arguments `( >> + ; this is needed because the make check does not work inside=20 >> guix >> + #:tests? #f >=20 > It was already off, but I do not understand the new comment. Well, > maybe this commentary is not necessary. >=20 My bad, leftovers from our local repo. For some strange reasons, when=20 the tests are run by guix build they do not properly clean after each=20 steps and ends up failing. If you do the same inside a guix environment=20 they work properly. And i think some tests need some kinds of network=20 connection but that could be on another package. >=20 >> + #:configure-flags '( >> + "--enable-debug" >> + "--enable-dynamic" >> + "--enable-syslog" >> + "--enable-ipv6" >> + "--enable-local" >> + "--enable-slapd" >> + "--enable-dynacl" >> + "--enable-aci" >> + "--enable-cleartext" >> + "--enable-crypt" >> + "--enable-spasswd" >> + "--enable-modules" >> + "--enable-rlookups" >> + "--enable-slapi" >> + "--enable-backends=3Dmod" >> + "--enable-overlays=3Dmod" >> + "--enable-argon2" >> + "--enable-balancer" >> + "--disable-static" >> + "--enable-shared" >> + "--with-tls=3Dopenssl" >> + "--disable-static" >=20 > This is a lot more. :-) [...] Indeed, need quite a lot to get a fully featured server. > [...] Therefore, the question is: is it better >=20 > - to have only one BIG openldap package? > - or to have one minimal openldap and a bigger variant? >=20 > Well, =E2=80=9Cguix refresh -l openldap=E2=80=9D answers for us. ;-) >=20 > I propose to keep openldap@2.4.57 minimal, as it currently is, and use > =E2=80=99inherit=E2=80=99 to build BIG =E2=80=99openldap@2.6.0.=E2=80=99 = and variants. >=20 As you wish either work for me. I can also do a "-minimal" version with=20 only what is needed to get a client version and a "-full" version to get=20 a fully featured server. >=20 >> + ,@(if (%current-target-system) >> + '("--with-yielding_select=3Dyes" >> "ac_cv_func_memcmp_working=3Dyes") >> + '() >> + ) >> + ) >> + #:make-flags '("STRIP=3D") >> + #:parallel-build? #t >=20 > This is not necessary because it is the default. >=20 OK. >=20 >> + #:phases (modify-phases %standard-phases >> + (add-before 'build 'make-depend >> + (lambda* (#:key input #:allow-other-keys) >> + (invoke "make" "depend") >> + ) >> + ) >> + ,@(if (%current-target-system) >> + '( >> + (add-before 'make-depend 'fix-cross-gcc >> + (lambda* (#:key target #:allow-other-keys) >> + (setenv "CC" (string-append target "-gcc")) >> + #t >> + ) >> + ) >> + ) >> + '() >> + ) >> + ) >> + )) >=20 > A minor comment, usually, we do: >=20 > --8<---------------cut here---------------start------------->8--- > ,@(if (%current-target-system) > '((add-before 'make-depend 'fix-cross-gcc > (lambda* (#:key target #:allow-other-keys) > (setenv "CC" (string-append target "-gcc")) > #t))) > '())))) > --8<---------------cut here---------------end--------------->8--- >=20 > instead of all these closing parens, each on one line. >=20 > Using =E2=80=99inherit=E2=80=99, this is even probably not required. :-) >=20 Leftovers from our local repo, we rely a bit to much on indentation to=20 help us have a better view of where blocks start and stop. >=20 >> +(define-public openldap-2.5.9 >> + (package >> + (inherit openldap) >> + (name "openldap") >> + (version "2.5.9") >> + (source (origin >> + (method url-fetch) >> + (uri (list >> + (string-append >> "https://www.openldap.org/software/download/OpenLDAP/openldap-release/op= enldap-" >> version ".tgz") >> + (string-append >> "http://repository.linagora.org/OpenLDAP/openldap-release/openldap-" >> version ".tgz") >> + (string-append >> "ftp://ftp.dti.ad.jp/pub/net/OpenLDAP/openldap-release/openldap-" >> version ".tgz") >> + )) >> + (sha256 ( base32 >> "17pvwrj27jybbmjqpv0p7kd2qa4i6jnp134lz7cxa0sqrbs153n0" )) >> + ) >=20 > Do you need all these variants? If yes, it could be nice to have, > instead of copy/paste all, something like: >=20 > --8<---------------cut here---------------start------------->8--- > (define (openldap-uris version) > (let ((openldap-release "OpenLDAP/openldap-release/") > (openldap-version.tgz > (string-append "openldap-" version ".tgz"))) > (map (lambda (url) > (string-append url openldap-release openldap-version.tgz)) > (list "https://www.openldap.org/software/download/" > "http://repository.linagora.org/" > "ftp://ftp.dti.ad.jp/pub/net/")))) >=20 > (define-public openldap-2.5.8 > (package > (inherit openldap) > (name "openldap") > (version "2.5.8") > (source (origin > (method url-fetch) > (uri (openldap-uris version)) > (sha256 > (base32=20 > "1p3jck2kh7rsz6mkrqaailaf9ky050hn72wph52dw0j2nb1s2vin"))))) >=20 > [=E2=80=A6] > --8<---------------cut here---------------end--------------->8--- >=20 > (Untested though. :-))) >=20 This is mostly another case of copy-paste from our local repository went=20 wrong. Initially i intended to provide only the latests versions for 2.6.x and=20 2.5.x and keeping 2.4.57 from compatibility reasons. While doing the definitions, i was wondering how i could provide only=20 the hash and the version, guess i'll try your solution :) Best, --- Cordialement, Jean-Fran=C3=A7ois GUILLAUME Plateforme Bioinformatique BiRD T=C3=A9l. : +33 (0)2 28 08 00 57 www.pf-bird.univ-nantes.fr Inserm UMR 1087/CNRS UMR 6291 IRS-UN - 8 quai Moncousu - BP 70721 44007 Nantes Cedex 1 From debbugs-submit-bounces@debbugs.gnu.org Fri Mar 25 11:35:01 2022 Received: (at 52578) by debbugs.gnu.org; 25 Mar 2022 15:35:01 +0000 Received: from localhost ([127.0.0.1]:52210 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nXlxt-0001ET-AM for submit@debbugs.gnu.org; Fri, 25 Mar 2022 11:35:01 -0400 Received: from mail-wr1-f52.google.com ([209.85.221.52]:40686) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nXlxr-0001EB-W8 for 52578@debbugs.gnu.org; Fri, 25 Mar 2022 11:35:00 -0400 Received: by mail-wr1-f52.google.com with SMTP id d7so11377770wrb.7 for <52578@debbugs.gnu.org>; Fri, 25 Mar 2022 08:34:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=ckFW+jBDZWWP7hkzBbJZBnFGzc5ckAbYcsaMhQ6Zevs=; b=nFTEjZWYIJnT8zfFB/XXA523hcE6Sczbh5I96AEwxJ91jS8gmzuMEJP2mX4wFg0bzz /0YRA7zPqj+8BVfxcbEjHXUkc4D6Z8rQX/aOYVUsTHUmUk/L4D3C/p0U5DeBG2IXcv14 6MRvMgOh9xqsFO7jj9evXzUvwBxT+j901ALt1HkYC1ZShMwbqwSrLNdWkbQ5OajTezIM mQrCRb7AFHwY5Ux6L9paKN6esMkeYZ6MPaWWZwQ8tWO98/jwCoaUhZ9XEGnlY4RJAtHt 4LaO7EAMOynBCKTgGMdAjUWcBzukT4sNOc3nEZe9B+G/xxlQGtdg9RXXwg/oUFUPTsIt i8TQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=ckFW+jBDZWWP7hkzBbJZBnFGzc5ckAbYcsaMhQ6Zevs=; b=r1Z/xQupQB6cVrkpiP5CWn1iuRACkwEHcxtZnvNOCI5cGv92nlNzv2aZp5QO3Jtj8C sZMYb6OphdWPMyy8GYQwWYC6hRbbR6t4ziVR3/H47C80tiYs2FOL8oNc4EivhgeR9dyk nK3bMyaNrDvrvflXn/I9P5dxsFNe2oLD6MfoS/Vz3V/IPql45Gt/+ntXXcRhtqtr8sHG tujHW/sb6ICUPLeJoOFEObGSCeHUHhKCsaDDsoRFwaLO7AEd/ToZGYTJVIPAvrpmO802 ErvOSSvNxBMTKb/7sWseo1GFPOR60ihtmlwh9uBIIyX0rjymqK5LhaVdDZixjKu98UkT CVSw== X-Gm-Message-State: AOAM530/TJqtcwEdbe10QVqVflA4k19fGeHu+b0F7wlrrLqa4j+DUlAL a14vCGfAIi4iO5M4cIfFSRXg5lSQ5NA= X-Google-Smtp-Source: ABdhPJx5M2reqksr7J5P4iCkWu5IBvcRoh9/bQXDoZdE39jqKBvyEVPtHess1tbA0g+dXplVKV5MyA== X-Received: by 2002:adf:df01:0:b0:203:d6f0:794b with SMTP id y1-20020adfdf01000000b00203d6f0794bmr9308512wrl.394.1648222494026; Fri, 25 Mar 2022 08:34:54 -0700 (PDT) Received: from localhost.localdomain ([193.48.40.241]) by smtp.gmail.com with ESMTPSA id q16-20020adfea10000000b00203e0735791sm5360350wrm.39.2022.03.25.08.34.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 25 Mar 2022 08:34:53 -0700 (PDT) From: zimoun To: 52578@debbugs.gnu.org Subject: [PATCH v2 0/2] OpenLDAP service Date: Fri, 25 Mar 2022 16:34:39 +0100 Message-Id: <20220325153439.1478493-1-zimon.toutoune@gmail.com> X-Mailer: git-send-email 2.34.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 52578 Cc: jean-francois.guillaume@univ-nantes.fr, zimoun X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi, Sorry for the delay. Well, I am not convinced that the package 'openldap-for-services' is really required and perhaps the tweak of openldap-2.6 is enough. Moreover, do you need openssl instead of gnutls? I would be in favor to keep gnutls as the base package and if you absolutely need openssl, write a variant; along the proposed modify-inputs. About the old versions of openldap, I am going to send you a recipe for your own channel. I am not convinced that maintain such old variants makes sense at the Guix level. About the service, it still misses some documentation for the manual. And 'tests' would also be very welcome. :-) Note that gnu/tests/ldap.scm already some tests. Maybe this file could be updated with the new service. WDYT? Cheers, simon Jean-François Guillaume (1): DRAFT services: Add openldap service. zimoun (1): DRAFT gnu: Add openldap-for-services. gnu/packages/openldap.scm | 47 ++++++++++++++++++++++ gnu/services/openldap.scm | 84 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 131 insertions(+) create mode 100644 gnu/services/openldap.scm base-commit: f76898be6ded531e459f106549886afbdc426a78 -- 2.34.0 From debbugs-submit-bounces@debbugs.gnu.org Fri Mar 25 11:35:27 2022 Received: (at 52578) by debbugs.gnu.org; 25 Mar 2022 15:35:27 +0000 Received: from localhost ([127.0.0.1]:52216 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nXlyI-0001Fp-LW for submit@debbugs.gnu.org; Fri, 25 Mar 2022 11:35:26 -0400 Received: from mail-wm1-f45.google.com ([209.85.128.45]:54969) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nXlyH-0001FW-4r for 52578@debbugs.gnu.org; Fri, 25 Mar 2022 11:35:25 -0400 Received: by mail-wm1-f45.google.com with SMTP id r64so4657534wmr.4 for <52578@debbugs.gnu.org>; Fri, 25 Mar 2022 08:35:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=/BE5ZHl3S+tEFA/XklRHpWWnozpakZ1UFovO5VJfVe0=; b=CRHlRqqXeq4M4JD5oEGqbOFy1kp4Z7uybCbturHfkAn5z+FqQ4ivrmJTYSUtnERq4F +WYes1QvQZLa4oPJbtZmRsf/hL3OrBMLYegw/Pepos61RXO+w0ZoTg2oMzfXs61kxf8N hfSsKjIaUDBxIKuWNEeCmxTqOBIYiNSA6BZ3VoNd9Bk12V3EoOXuiOKZjC7/TX67iEHI zb26D1IDt52wNT2RR1AhjoZvSlx2VGcF8Ka1+W/pHsKVywLKuqljlF7oY9Jt6OoFljmr gtbcyMSq+s9xgaPz0ypdUUgccd5gFfVeas/UUMc3jpFoU+VUFUB+d326q/uWCDk8WjPB lz1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=/BE5ZHl3S+tEFA/XklRHpWWnozpakZ1UFovO5VJfVe0=; b=0i1GC7ItKeJ+emvkzhJusZ4l8H+gvYmPWHeaHxpZbeYrONkJKbNGfBmdW/7/NUD4Za g2v5yobSe3Be9ZT29r9E5maUE3zSTnPy2FMiraB/IqqQt54Hk7YxFbp+6hbSBCQQnCHI LMmTeRnZb6gSKSLHnNJLGbDgCrEsTyFluKRgjICmWrZPw0H8TpU5gX8USxdsWN55kMRc MjyJtcrVeG0kPZDfPgL2/SoM2wb0uxRTSwPQE61QQEjOJ2Q3FiwRIgPTn3KzUu5Ng8Y2 /QIACWof+2KMTsU2Tuo9rvRuOiQxXV8/YMybCdSsRUhjOdgrm9jLIx1MrFP8upYbdn47 wxUg== X-Gm-Message-State: AOAM53029Cgh5PrG0HEudMCBJOKa+UTOK6W4ZftF8nVlS9OLq0l56Rmq z9i6C6OqaHXVPHr5cib9/3e/HUG56Us= X-Google-Smtp-Source: ABdhPJwzlPDRME/iLNHwqvJJroZyjqb77d2dlZaC1h6dr4C914MqCEQCQ1N126QRYEk1JYjlf6rY+w== X-Received: by 2002:a05:600c:49a9:b0:38c:987d:d692 with SMTP id h41-20020a05600c49a900b0038c987dd692mr10711344wmp.166.1648222519265; Fri, 25 Mar 2022 08:35:19 -0700 (PDT) Received: from localhost.localdomain ([193.48.40.241]) by smtp.gmail.com with ESMTPSA id w5-20020a5d5445000000b00203f8c96bcesm5189244wrv.49.2022.03.25.08.35.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 25 Mar 2022 08:35:18 -0700 (PDT) From: zimoun To: 52578@debbugs.gnu.org Subject: [PATCH v2 1/2] DRAFT gnu: Add openldap-for-services. Date: Fri, 25 Mar 2022 16:35:16 +0100 Message-Id: <20220325153517.1478717-1-zimon.toutoune@gmail.com> X-Mailer: git-send-email 2.34.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 52578 Cc: jean-francois.guillaume@univ-nantes.fr, zimoun X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * gnu/packages/openldap.scm (openldap-for-services): New variable. Co-Authored-By: Jean-François Guillaume . --- gnu/packages/openldap.scm | 47 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/gnu/packages/openldap.scm b/gnu/packages/openldap.scm index c8a47e45d5..8374386807 100644 --- a/gnu/packages/openldap.scm +++ b/gnu/packages/openldap.scm @@ -9,6 +9,8 @@ ;;; Copyright © 2020 Efraim Flashner ;;; Copyright © 2021 Maxim Cournoyer ;;; Copyright © 2022 Marius Bakke +;;; Copyright © 2022 Jean-François Guillaume +;;; Copyright © 2022 Simon Tournier ;;; ;;; This file is part of GNU Guix. ;;; @@ -30,6 +32,7 @@ (define-module (gnu packages openldap) #:use-module (gnu packages check) #:use-module (gnu packages compression) #:use-module (gnu packages cyrus-sasl) + #:use-module (gnu packages databases) #:use-module (gnu packages dbm) #:use-module (gnu packages documentation) #:use-module (gnu packages gettext) @@ -164,6 +167,50 @@ (define-public openldap-2.6 (lambda (port) (format port "INPUT ( libldap.so )~%"))))))))))) +(define-public openldap-for-services + ;; TODO: Update in the next rebuild cycle + (let* ((openldap-minimal openldap-2.6)) + (package + (inherit openldap-minimal) + (name (string-append (package-name openldap-minimal) "-for-services")) + (arguments + (substitute-keyword-arguments (package-arguments openldap-minimal) + ((#:configure-flags flags) + `(append (list + "--enable-aci" + "--enable-argon2" + "--enable-backends=mod" + "--enable-balancer" + "--enable-cleartext" + "--enable-crypt" + "--enable-debug" + "--enable-dynacl" + "--enable-modules" + "--enable-ipv6" + "--enable-local" + "--enable-overlays=mod" + "--enable-rlookups" + "--enable-shared" + "--enable-slapd" + "--enable-slapi" + "--enable-spasswd" + "--enable-syslog" + "--with-tls=openssl") + ,flags)))) + (inputs (modify-inputs (package-inputs openldap-minimal) + (delete "gnutls") + (append argon2 + libevent + libltdl + lz4 + openssl + perl + snappy + unixodbc + wiredtiger))) + (native-inputs (modify-inputs (package-native-inputs openldap-minimal) + (append pkg-config)))))) + (define-public nss-pam-ldapd (package (name "nss-pam-ldapd") -- 2.34.0 From debbugs-submit-bounces@debbugs.gnu.org Fri Mar 25 11:35:27 2022 Received: (at 52578) by debbugs.gnu.org; 25 Mar 2022 15:35:27 +0000 Received: from localhost ([127.0.0.1]:52218 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nXlyI-0001Fs-Vp for submit@debbugs.gnu.org; Fri, 25 Mar 2022 11:35:27 -0400 Received: from mail-wr1-f50.google.com ([209.85.221.50]:39531) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nXlyH-0001FY-IZ for 52578@debbugs.gnu.org; Fri, 25 Mar 2022 11:35:26 -0400 Received: by mail-wr1-f50.google.com with SMTP id j18so11375419wrd.6 for <52578@debbugs.gnu.org>; Fri, 25 Mar 2022 08:35:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=KnfZ8OfGFc5Se4GzR4vfCgmJ3nill7kzCqLJa4gRUYI=; b=AJsjgA9eZCK3MZwg3Isu5F0m5+53gJttjD2Pp3Lgq7mm6cfmEbb8iK7I+pXMV0l+Zo DFi+Nofh4aCG0PPJdLveZDOVoRNIhwigu2oc85DVA4hNZJ2wvovfLGMBUPS8+bw03/RO R1utKBptY7oSn8sFK9WpQ1ITl0+JUZCN+HVdOzsa44LIHD4l0ha3FfxR7YCmH+xdxy90 I7NXzrgZ/4fqXTcGes9teFrRvYrHth3+WJBGjxQ5W0cfGvuiSmKogcNG6NyLpicYJaRA 6L5+aocjyNuEWXFDwg2C7p+ozWp4uRpnYKRURYVJZN30OLJNTua6xXF39SiJlhrtCWYq ai4w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=KnfZ8OfGFc5Se4GzR4vfCgmJ3nill7kzCqLJa4gRUYI=; b=TZIBu6VDpk/ha6kjGf9U3bizpMC7gTDOJi67m9qdJTyqIdkbsKeBdreg52sbWhOHbT dCNXEM5XILQd9IZw/DsB9FJi7RLMyUQqXuWy82uMZV8j6zhywXiHQPPbXkPPM1IyZa5Y MyfrJ0ZpeJQvuaNntwfzGyPuz2ocYCPfQ+lqz5gnRJjBuug9pHNsLdMSJrDTHYiRZc5R lB2q/QbcCR4obxqIPDME5d3vaaEQUwPSLOsWjBv9M5sfeo5W1ZkNYy4staShxC5rbDh1 p7EFXduQbkfnJVTzHMCetSiyNg/L00khM0bf4GI9dSr680MR3sy5cOINAiv3Yjt4HaEQ 3ohg== X-Gm-Message-State: AOAM533cKN4aTdOq6i9KuHTWtWLVxoaoupJwxENXldilzRmZYqbGlcqa pB6hLUzaWjayf+oJegqVXl0BFCUE0E8= X-Google-Smtp-Source: ABdhPJxOsehjLr5HUS5Qh6SgAbpE8eTRvDrowDw6RYhmrb54VPuUrHQyNskO1GjhyL+8VaHdPqZSXg== X-Received: by 2002:a05:6000:1541:b0:204:1a56:e159 with SMTP id 1-20020a056000154100b002041a56e159mr9395588wry.469.1648222519806; Fri, 25 Mar 2022 08:35:19 -0700 (PDT) Received: from localhost.localdomain ([193.48.40.241]) by smtp.gmail.com with ESMTPSA id w5-20020a5d5445000000b00203f8c96bcesm5189244wrv.49.2022.03.25.08.35.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 25 Mar 2022 08:35:19 -0700 (PDT) From: zimoun To: 52578@debbugs.gnu.org Subject: [PATCH v2 2/2] DRAFT services: Add openldap service. Date: Fri, 25 Mar 2022 16:35:17 +0100 Message-Id: <20220325153517.1478717-2-zimon.toutoune@gmail.com> X-Mailer: git-send-email 2.34.0 In-Reply-To: <20220325153517.1478717-1-zimon.toutoune@gmail.com> References: <20220325153517.1478717-1-zimon.toutoune@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 52578 Cc: jean-francois.guillaume@univ-nantes.fr X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) From: Jean-François Guillaume * gnu/services/openlda.scm (): New record. (openldap-shepherd-service): New procedure. (%openldap-activation, openldap-service-type): New variable. --- gnu/services/openldap.scm | 84 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100644 gnu/services/openldap.scm diff --git a/gnu/services/openldap.scm b/gnu/services/openldap.scm new file mode 100644 index 0000000000..dc5ae3fa8f --- /dev/null +++ b/gnu/services/openldap.scm @@ -0,0 +1,84 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2022 Jean-François Guillaume +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu services openldap) + #:use-module (gnu packages openldap) + #:use-module (gnu services) + #:use-module (gnu services shepherd) + #:use-module (guix) + #:use-module (guix records) + #:use-module (ice-9 match) + #:export (openldap-configuration + openldap-configuration? + openldap-service-type + + )) + +(define-record-type* + openldap-configuration make-openldap-configuration + openldap-configuration? + (openldap openldap-configuration-openldap + (default openldap)) + (uri openldap-configuration-uri + (default "ldapi:// ldap://")) + (logflags openldap-configuration-logflags + (default "0")) + (pid-file openldap-configuration-pid-file + (default "/var/run/openldap/slapd.pid")) + (config-file openldap-configuration-config-file + (default (file-append openldap "/etc/openldap/slapd.conf"))) + (log-file openldap-configuration-log-file + (default "/var/log/slapd.log"))) + +(define openldap-shepherd-service + (match-lambda + (($ openldap uri logflags pid-file config-file log-file) + (list + (shepherd-service + (provision '(slapd) ) + (documentation "Run OpenLDAP.") + (requirement '(user-processes)) + (respawn? #t) + (start #~(make-forkexec-constructor + (list + #$(file-append openldap "/libexec/slapd") + "-h" #$uri + "-d" #$logflags + "-f" #$config-file) + #:pid-file #$pid-file + #:log-file #$log-file)) + (stop #~(make-kill-destructor))))))) + +(define %openldap-activation + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (mkdir-p "/var/run/openldap") + (mkdir-p "/var/lib/ldap") + #t))) + +(define openldap-service-type + (service-type (name 'slapd) + (extensions + (list + (service-extension shepherd-root-service-type + openldap-shepherd-service) + (service-extension activation-service-type + (const %openldap-activation)))) + (description + "Run @uref{https://www.openldap.org, OpenLDAP}."))) -- 2.34.0 From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 28 04:38:38 2022 Received: (at 52578) by debbugs.gnu.org; 28 Mar 2022 08:38:38 +0000 Received: from localhost ([127.0.0.1]:57276 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nYkta-0006On-DH for submit@debbugs.gnu.org; Mon, 28 Mar 2022 04:38:38 -0400 Received: from smtp1.univ-nantes.fr ([193.52.82.18]:54756 helo=smtp-prv.univ-nantes.fr) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nYktY-0006Of-QN for 52578@debbugs.gnu.org; Mon, 28 Mar 2022 04:38:37 -0400 Received: from localhost (localhost [127.0.0.1]) by smtp-prv.univ-nantes.fr (Postfix) with ESMTP id 49F6B2410E; Mon, 28 Mar 2022 10:38:35 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1648456715; bh=Yt/GLNIhzEllqfbmsZePlkXhuEN2VIcVHIpbf7wp7/U=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=bLyScBogUTvWvlQsGH5bP1bO75xLu7AZfQTgkj8mzRovkyrbPc8uvVQB+eVzHgZu4 HRfbqEILW107MfXWHBppYKY/r8vRwNHpKXGQUigsyoQyLHT4MAKMZyUgSCTCMjkVYT Y9HEbA7gM3KECAKE3jDdUx2wpmlZ4lMMbLSto5H89i941i1C67TNzlGm+MAk7M9Bal TgxyW0F5oxFp/Xu4Fr2ZWnAq2wzZr3RLXQ1Fa+tHRhxy5l5Js3fkS46FUp8FNiZvRE 9SLnvKnF2sntdzqE2QJrbI+/JCJIXU5oL8gzZatl1YzXKyB/6c1Z21Zo0hH8zr/yvC slga1Ds0rj3fQ== X-Virus-Scanned: Debian amavisd-new at smtp2 Received: from smtp-prv.univ-nantes.fr ([127.0.0.1]) by localhost (smtp1.u12.univ-nantes.prive [127.0.0.1]) (amavisd-new, port 10024) with LMTP id uAvyHmWvkkt1; Mon, 28 Mar 2022 10:38:35 +0200 (CEST) Received: from webmail.univ-nantes.fr (webmail1-cha.cprv.univ-nantes.prive [172.26.0.63]) by smtp-prv.univ-nantes.fr (Postfix) with ESMTP id 2362823111; Mon, 28 Mar 2022 10:38:35 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1648456715; bh=Yt/GLNIhzEllqfbmsZePlkXhuEN2VIcVHIpbf7wp7/U=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=bLyScBogUTvWvlQsGH5bP1bO75xLu7AZfQTgkj8mzRovkyrbPc8uvVQB+eVzHgZu4 HRfbqEILW107MfXWHBppYKY/r8vRwNHpKXGQUigsyoQyLHT4MAKMZyUgSCTCMjkVYT Y9HEbA7gM3KECAKE3jDdUx2wpmlZ4lMMbLSto5H89i941i1C67TNzlGm+MAk7M9Bal TgxyW0F5oxFp/Xu4Fr2ZWnAq2wzZr3RLXQ1Fa+tHRhxy5l5Js3fkS46FUp8FNiZvRE 9SLnvKnF2sntdzqE2QJrbI+/JCJIXU5oL8gzZatl1YzXKyB/6c1Z21Zo0hH8zr/yvC slga1Ds0rj3fQ== MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable Date: Mon, 28 Mar 2022 10:38:35 +0200 From: Jean-Francois GUILLAUME To: zimoun Subject: Re: [PATCH v2 0/2] OpenLDAP service Organization: UFR MEDECINE/UMS BIOCORE In-Reply-To: <20220325153439.1478493-1-zimon.toutoune@gmail.com> References: <20220325153439.1478493-1-zimon.toutoune@gmail.com> Message-ID: X-Sender: Jean-Francois.Guillaume@univ-nantes.fr User-Agent: Roundcube Webmail/1.1.2 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 52578 Cc: 52578@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hello, > Sorry for the delay. No worries, I must admit that I didn't have much time on hand to correct=20 things on my side. > Well, I am not convinced that the package 'openldap-for-services' is=20 > really > required and perhaps the tweak of openldap-2.6 is enough. It's only required if you have the need for a fully featured server like=20 we do (we use this definition in our openldap cluster infrastructure). Given enough time, we will provides a stable repository and artifacts=20 for our definitions. > Moreover, do you need openssl instead of gnutls? Nope, I just took the d=C3=A9finition of the RHEL package and moved it into= =20 a guix format. > About the old versions of openldap, I am going to send you a recipe for= =20 > your > own channel. I am not convinced that maintain such old variants makes=20 > sense > at the Guix level. I think we still have this old version because it's the version provided=20 in .deb anb .rpm distributions. > About the service, it still misses some documentation for the manual. Yep, I still need to take the time to check how to do it. > And 'tests' would also be very welcome. :-) > Note that gnu/tests/ldap.scm already some tests. Maybe this file could= =20 > be > updated with the new service. From what I see, what is already present gnu/tests/ldap.scm should be=20 sufficient. --- Cordialement, Jean-Fran=C3=A7ois GUILLAUME Plateforme Bioinformatique BiRD T=C3=A9l. : +33 (0)2 28 08 00 57 www.pf-bird.univ-nantes.fr Inserm UMR 1087/CNRS UMR 6291 IRS-UN - 8 quai Moncousu - BP 70721 44007 Nantes Cedex 1 From debbugs-submit-bounces@debbugs.gnu.org Thu May 16 17:08:40 2024 Received: (at 52578) by debbugs.gnu.org; 16 May 2024 21:08:40 +0000 Received: from localhost ([127.0.0.1]:51021 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s7iL9-000498-Nf for submit@debbugs.gnu.org; Thu, 16 May 2024 17:08:40 -0400 Received: from mail3-relais-sop.national.inria.fr ([192.134.164.104]:51426) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s7iL5-00048t-Vc for 52578@debbugs.gnu.org; Thu, 16 May 2024 17:08:38 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=inria.fr; s=dc; h=from:to:cc:subject:in-reply-to:references:date: message-id:mime-version:content-transfer-encoding; bh=zc4m0P4VfwtU1FGrI2wLjKXCCVOhjrsGHjO2uwMtfxA=; b=fM1nOYA5BVG/okp2bYLAuxwhc/GuYv09zrSs5LkfdlIjOfSOZ4ncFLJk wmIyRSmGD8D91BI+XZysL3zxvdlJuJwZPRifN/Y+/Var/CdiGeWWJcXJf MZNlTTP7xsVRnh2w0enWbUtz13vKM7IPKFMavyhYTPHa1aUXdVqDsr03Q o=; Authentication-Results: mail3-relais-sop.national.inria.fr; dkim=none (message not signed) header.i=none; spf=SoftFail smtp.mailfrom=ludovic.courtes@inria.fr; dmarc=fail (p=none dis=none) d=inria.fr X-IronPort-AV: E=Sophos;i="6.08,165,1712613600"; d="scan'208";a="87263083" Received: from 91-160-117-201.subs.proxad.net (HELO ribbon) ([91.160.117.201]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 May 2024 23:08:27 +0200 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Jean-Francois GUILLAUME Subject: Re: [bug#52578] [PATCH v2 0/2] OpenLDAP service In-Reply-To: (Jean-Francois GUILLAUME's message of "Mon, 28 Mar 2022 10:38:35 +0200") References: <20220325153439.1478493-1-zimon.toutoune@gmail.com> Date: Thu, 16 May 2024 23:08:26 +0200 Message-ID: <874jax8nxx.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 52578 Cc: 52578@debbugs.gnu.org, zimoun X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hello, Damn, it=E2=80=99s been two years already since you submitted these OpenLDAP patches. =F0=9F=98=B1 You probably had problems with the NSS plugins to get LDAP user/group lookups working. I have good news: probably fixes that. (Besides, we should finally schedule some time to finish the reviewing effort of these patches that Simon started.) Ludo=E2=80=99. From debbugs-submit-bounces@debbugs.gnu.org Tue May 21 04:11:41 2024 Received: (at 52578) by debbugs.gnu.org; 21 May 2024 08:11:41 +0000 Received: from localhost ([127.0.0.1]:47774 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s9Kay-0004us-RG for submit@debbugs.gnu.org; Tue, 21 May 2024 04:11:41 -0400 Received: from mail-lj1-f171.google.com ([209.85.208.171]:38107) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s9Kaw-0004ui-2C for 52578@debbugs.gnu.org; Tue, 21 May 2024 04:11:40 -0400 Received: by mail-lj1-f171.google.com with SMTP id 38308e7fff4ca-2e22dd47706so1950621fa.0 for <52578@debbugs.gnu.org>; Tue, 21 May 2024 01:11:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1716279026; x=1716883826; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id :reply-to; bh=JZQ1L5FmTXYQ/2nj2xCbV4jVzxRLtoOg2JDJxXwak2Q=; b=IPTeMf1ZDMpsQbibFcJseIEMHKbINaq/ld+rbeH8nObdMY9e3KqDipAPMlChVMjqSg a3817Z3AqGHljlzkBcA8JnBiFfevi82CPPOIhvWr07kHzBAMqBEeldMMatD5F6SyoDT9 sjnTGIFhvWGhycnYvIKmMH/TI6jZ/8rp1N0yu+7QGy3pYQ6AerUhCXTxhrYpnylMe6WP C8+vA3TqW6xO8u2RlpAJlLOisl463KMopB9PNpcyA16VAH1gyD3PcFGbXsT3BZJok6oh mjG7He5tCZAADLFYRMDjlR6uVmBi0Yq4IBSSD8FHirAqiPOzf0cC6vAc3NU5qfZDaRFn zp9g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716279026; x=1716883826; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JZQ1L5FmTXYQ/2nj2xCbV4jVzxRLtoOg2JDJxXwak2Q=; b=SSCQhKR64X7VbmfhgxxFeThLOCKGd9BPTXaZdN7IqtZs5BIfX8faMDm7A+a/jBrlWa DWxC7frl/N8aU7oyf3TcCZjaMv8V1ch2YADmaxOUPMWBdDBK204dIKgJPEVAJuJVs6zt Up8vH4/a2GA9MbcRxaVEK69WOZOOUrGCgs0SyHufadWm6iWSFhaO0gV2rdeZCxhY9Gp2 4xEtG0ZvC2j3NuB6zJOOyuqFv51RF3kjS6U1aGnRydU8RJYLAKDSukb71wzQC2OnSfXL N1cqG6doeSzfEBJg3YkRJjAXsHQOeND2hzrwFMfwOnDygpRf8d98slpO5mgH00cg4My/ Igkg== X-Gm-Message-State: AOJu0YyxfbGw6clf7WVaxNnzKtpn2+8OgZJJpYoWs0CtnTOK5mazzGD6 0CU7TPKOm9FMjv1v0f3oGlezx/GIcmcAhNdjsDgJviogwvhmlAIS0v1s9Q== X-Google-Smtp-Source: AGHT+IHTKZ1kZs/68OVvYkkHJxzslaR8GTHMjhYGaLOw99cFGDD4PJU6AfW+unnwkU32D5L0g/fGnA== X-Received: by 2002:a2e:9094:0:b0:2df:4bad:cb7f with SMTP id 38308e7fff4ca-2e51fd4b333mr192232931fa.2.1716279026506; Tue, 21 May 2024 01:10:26 -0700 (PDT) Received: from lili ([2a01:e0a:59b:9120:ecaa:5daa:f999:f7e8]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-354cece0054sm1340540f8f.102.2024.05.21.01.10.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 May 2024 01:10:26 -0700 (PDT) From: Simon Tournier To: Ludovic =?utf-8?Q?Court=C3=A8s?= , Jean-Francois GUILLAUME Subject: Re: [bug#52578] [PATCH v2 0/2] OpenLDAP service In-Reply-To: <874jax8nxx.fsf@gnu.org> References: <20220325153439.1478493-1-zimon.toutoune@gmail.com> <874jax8nxx.fsf@gnu.org> Date: Fri, 17 May 2024 14:04:57 +0200 Message-ID: <87v83cprti.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 52578 Cc: 52578@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi, On jeu., 16 mai 2024 at 23:08, Ludovic Court=C3=A8s wrote: > (Besides, we should finally schedule some time to finish the reviewing > effort of these patches that Simon started.) Sorry, I have never felt confident about the service part. Yeah, it definitively needs some love. :-) Cheers, simon From debbugs-submit-bounces@debbugs.gnu.org Wed May 22 06:18:38 2024 Received: (at 52578) by debbugs.gnu.org; 22 May 2024 10:18:39 +0000 Received: from localhost ([127.0.0.1]:55016 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s9j3O-0000wY-DB for submit@debbugs.gnu.org; Wed, 22 May 2024 06:18:38 -0400 Received: from smtptls1-cha.cpub.univ-nantes.fr ([193.52.103.113]:59828 helo=smtp-tls.univ-nantes.fr) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s9j3J-0000wS-VM for 52578@debbugs.gnu.org; Wed, 22 May 2024 06:18:37 -0400 Received: from localhost (localhost [127.0.0.1]) by smtp-tls.univ-nantes.fr (Postfix) with ESMTP id 7A06620415; Wed, 22 May 2024 12:18:26 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1716373106; bh=3QBE35usha6cnat5Hh0jnV4OvaFZl2WBpDouGRkOQXI=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=NypSsdSFAFVN9oqRM0sBjbLdJ1syem7ZX47EN9bdS6YMtab01rAzCmJzoYXVFoFkn iQNTT+sJT2h3EwrIuVr73DCZVBUqdjddtylJQI9WDWr15znxtTwNIC/akEMC3m1dEY RQCN/uWPk7MNRynnNw2DyIL1J+b+yqJSaNl2ggQc6NOGnOnn92vNeH2fH4Cmktb4Ld 7L6PwTgOpuMGYxuSxXLvcmUo15RWxiMsvLpRJUTJH872jtdmR6C482rvDzKRWp+/DD 28G+ScZWPlEY/ybiEMdZS1tjjbUxAifb9MsUrhxt9RoAGioshNbYvx7ifwuQ8+SfwI hGf6Fl8I8Q/sA== X-Virus-Scanned: Debian amavisd-new at smtptls1-lmb.cpub.univ-nantes.fr Received: from smtp-tls.univ-nantes.fr ([127.0.0.1]) by localhost (smtptls1-cha.cpub.univ-nantes.fr [127.0.0.1]) (amavisd-new, port 10024) with LMTP id S_1SlJw_TmZz; Wed, 22 May 2024 12:18:26 +0200 (CEST) Received: from webmail.univ-nantes.fr (webmail1-lmb.cprv.univ-nantes.prive [172.26.0.230]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-tls.univ-nantes.fr (Postfix) with ESMTPSA id 3C65320224; Wed, 22 May 2024 12:18:26 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=univ-nantes.fr; s=mailv2; t=1716373106; bh=3QBE35usha6cnat5Hh0jnV4OvaFZl2WBpDouGRkOQXI=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=NypSsdSFAFVN9oqRM0sBjbLdJ1syem7ZX47EN9bdS6YMtab01rAzCmJzoYXVFoFkn iQNTT+sJT2h3EwrIuVr73DCZVBUqdjddtylJQI9WDWr15znxtTwNIC/akEMC3m1dEY RQCN/uWPk7MNRynnNw2DyIL1J+b+yqJSaNl2ggQc6NOGnOnn92vNeH2fH4Cmktb4Ld 7L6PwTgOpuMGYxuSxXLvcmUo15RWxiMsvLpRJUTJH872jtdmR6C482rvDzKRWp+/DD 28G+ScZWPlEY/ybiEMdZS1tjjbUxAifb9MsUrhxt9RoAGioshNbYvx7ifwuQ8+SfwI hGf6Fl8I8Q/sA== Received: from 2001:660:7220:389:a67e:3f00:6b3e:234c via revaccess1-loi.cpub.univ-nantes.fr ([193.52.103.62]) by webmail.univ-nantes.fr with HTTP (HTTP/1.1 POST); Wed, 22 May 2024 12:18:26 +0200 MIME-Version: 1.0 Date: Wed, 22 May 2024 12:18:26 +0200 From: Jean-Francois GUILLAUME To: =?UTF-8?Q?Ludovic_Court=C3=A8s?= Subject: Re: [bug#52578] [PATCH v2 0/2] OpenLDAP service In-Reply-To: <874jax8nxx.fsf@gnu.org> References: <20220325153439.1478493-1-zimon.toutoune@gmail.com> <874jax8nxx.fsf@gnu.org> Message-ID: <19b42dec8e36a294542a44cacaa7d593@univ-nantes.fr> X-Sender: Jean-Francois.Guillaume@univ-nantes.fr Organization: UFR MEDECINE/UMS BIOCORE Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 52578 Cc: 52578@debbugs.gnu.org, zimoun X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hello, > Damn, it=E2=80=99s been two years already since you submitted these OpenL= DAP > patches. =F0=9F=98=B1 Well, damn the time fly fast... > You probably had problems with the NSS plugins to get LDAP user/group > lookups working. I have good news: > probably fixes that. We indeed had a probl=C3=A8me with lookup, we did trace it back to the=20 libnss-ldap not in the correct path. We are doing a quick and dirty fix=20 for now using our rc-local service : > mount -o remount,rw /gnu/store > echo 'export LD_LIBRARY_PATH=3D"/run/current-system/profile/lib"' >>=20 > /run/current-system/profile/etc/profile > echo " " >> /run/current-system/profile/etc/profile > mount -o remount,ro /gnu/store Theses services indeed need some love, especially on the config file=20 part. At glicid we are building it by using split files : > (define slapd-part-1a (call-with-input-file=20 > "../common/conf/slapd-part-01-a.conf" get-string-all)) > (define openldap-modules-path (string-append "modulepath " (with-store=20 > store (package-output store glicid:openldap)) "/libexec/openldap")) > (define slapd-part-1b (call-with-input-file=20 > "../common/conf/slapd-part-01-b.conf" get-string-all)) > (define slapd-part-serverid (call-with-input-file=20 > "./conf/serverID.conf" get-string-all)) > (define slapd-part-2 (call-with-input-file=20 > "../common/conf/slapd-part-02.conf" get-string-all)) > (define slapd-part-syncrepl (call-with-input-file=20 > "./conf/syncrepl.conf" get-string-all)) > (define slapd-part-3 (call-with-input-file=20 > "../common/conf/slapd-part-03.conf" get-string-all)) > (define slapd-conf-file (plain-file "slapd-merged.conf" > (string-append slapd-part-1a > =20 > openldap-modules-path > slapd-part-1b > slapd-part-serverid > slapd-part-2 > slapd-part-syncrepl > slapd-part-3))) But it definitively need some love to have a proper config file builder=20 (way above my current guix/guile expertise). --- Cordialement, Jean-Fran=C3=A7ois GUILLAUME Ing=C3=A9nieur Syst=C3=A8mes, R=C3=A9seaux, Virtualisation Plateforme Bioinformatique BiRD, GLiCID, Nantes Universit=C3=A9, CHU Nantes= ,=20 CNRS, Inserm, BioCore, US16, SFR Bonamy, F t=C3=A9l : 02-28-08-00-57 (320057) mail: Jean-Francois.Guillaume@univ-nantes.fr B=C3=A2timent 06, IRS UN - 8 quai Moncousu - BP 70721 - 44007 Nantes Cedex 1 https://www.pf-bird.univ-nantes.fr/ https://clam.glicid.fr/ https://www.univ-nantes.fr/ From debbugs-submit-bounces@debbugs.gnu.org Thu May 23 03:13:03 2024 Received: (at 52578) by debbugs.gnu.org; 23 May 2024 07:13:03 +0000 Received: from localhost ([127.0.0.1]:58670 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sA2dK-0007j5-5h for submit@debbugs.gnu.org; Thu, 23 May 2024 03:13:03 -0400 Received: from mail2-relais-roc.national.inria.fr ([192.134.164.83]:37586) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sA2dF-0007ir-6S for 52578@debbugs.gnu.org; Thu, 23 May 2024 03:13:00 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=inria.fr; s=dc; h=from:to:cc:subject:in-reply-to:references:date: message-id:mime-version:content-transfer-encoding; bh=/R45Kgw9zY4iidZ7/4vyfnr2XgPw9DdT+f/VyW9+zEo=; b=NXKWHX6j8vUXPPmgDK3ZLOP3SZ9T8NHNGAz0zdiIAvdXpASRfAb4rv6W eWKBu5aH8F10cQG0h3mtJsFEffjUJEpcVcQ7Rg2M3EfnM6FdLbzOsMjq4 clTD9SAGQAL4go4KhxIZ8hF3GlwP3Jv92rNX4HBz5XYrvy5vGTd2z9Ajx 4=; Authentication-Results: mail2-relais-roc.national.inria.fr; dkim=none (message not signed) header.i=none; spf=SoftFail smtp.mailfrom=ludovic.courtes@inria.fr; dmarc=fail (p=none dis=none) d=inria.fr X-IronPort-AV: E=Sophos;i="6.08,181,1712613600"; d="scan'208";a="167004061" Received: from 91-160-117-201.subs.proxad.net (HELO ribbon) ([91.160.117.201]) by mail2-relais-roc.national.inria.fr with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 May 2024 09:12:44 +0200 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Jean-Francois GUILLAUME Subject: Re: [bug#52578] [PATCH v2 0/2] OpenLDAP service In-Reply-To: <19b42dec8e36a294542a44cacaa7d593@univ-nantes.fr> (Jean-Francois GUILLAUME's message of "Wed, 22 May 2024 12:18:26 +0200") References: <20220325153439.1478493-1-zimon.toutoune@gmail.com> <874jax8nxx.fsf@gnu.org> <19b42dec8e36a294542a44cacaa7d593@univ-nantes.fr> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: Quintidi 5 Prairial an 232 de la =?utf-8?Q?R=C3=A9vo?= =?utf-8?Q?lution=2C?= jour du Canard X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Thu, 23 May 2024 09:12:43 +0200 Message-ID: <87le41c87o.fsf@inria.fr> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 52578 Cc: 52578@debbugs.gnu.org, zimoun X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hi Jean-Francois, Jean-Francois GUILLAUME skribis: >> You probably had problems with the NSS plugins to get LDAP user/group >> lookups working. I have good news: >> probably fixes that. > > We indeed had a probl=C3=A8me with lookup, we did trace it back to the > libnss-ldap not in the correct path. We are doing a quick and dirty > fix for now using our rc-local service : Ah well, you=E2=80=99ll no longer need this hack. :-) > But it definitively need some love to have a proper config file > builder (way above my current guix/guile expertise). Yes, one of us should take a closer look. Thanks, Ludo=E2=80=99.