I have been asked to update OpenLDAP to the latest stable version. I am using CentOS 4.2 and have OpenLDAP 2.2.13 installed. I can install from source if I have to, but I would rather stay with rpm packages if possible. I found an rpm from Fedora Core Development on RPMFIND. Will this one work with Centos, or should I grab the source rpm and rebuild it? Bowie
On Wed, Nov 30, 2005 at 11:05:48AM -0500, Bowie Bailey enlightened us:> I have been asked to update OpenLDAP to the latest stable version. I am > using CentOS 4.2 and have OpenLDAP 2.2.13 installed. I can install from > source if I have to, but I would rather stay with rpm packages if possible. > > I found an rpm from Fedora Core Development on RPMFIND. Will this one work > with Centos, or should I grab the source rpm and rebuild it? >Rebuild from src.rpm. -- Matt Hyclak Department of Mathematics Department of Social Work Ohio University (740) 593-1263
From: Matt Hyclak [mailto:hyclak at math.ohiou.edu]> > On Wed, Nov 30, 2005 at 11:05:48AM -0500, Bowie Bailey enlightened us: > > > > I found an rpm from Fedora Core Development on RPMFIND. Will this onework> > with Centos, or should I grab the source rpm and rebuild it? > > Rebuild from src.rpm.Ok, tried that... $ rpmbuild --rebuild openldap-2.3.11-3.src.rpm Installing openldap-2.3.11-3.src.rpm error: Failed build dependencies: bind-libbind-devel is needed by openldap-2.3.11-3.x86_64 libtool-ltdl-devel is needed by openldap-2.3.11-3.x86_64 # yum install bind-libbind-devel libtool-ltdl-devel Setting up Install Process Setting up repositories update 100% |=========================| 951 B 00:00 base 100% |=========================| 1.1 kB 00:00 addons 100% |=========================| 951 B 00:00 extras 100% |=========================| 1.1 kB 00:00 Reading repository metadata in from local files Parsing package install arguments No Match for argument: bind-libbind-devel No Match for argument: libtool-ltdl-devel Nothing to do Where do I find these two? Do they have different names with CentOS, or do I have to get them from elsewhere? Thanks, Bowie
From: Johnny Hughes [mailto:mailing-lists at hughesjr.com]> On Wed, 2005-11-30 at 11:28 -0500, Matt Hyclak wrote: > > On Wed, Nov 30, 2005 at 11:16:08AM -0500, Bowie Bailey enlightened us: > > > From: Matt Hyclak [mailto:hyclak at math.ohiou.edu] > > > > > > > > On Wed, Nov 30, 2005 at 11:05:48AM -0500, Bowie Bailey enlightenedus:> > > > > > > > > > I found an rpm from Fedora Core Development on RPMFIND. Will thisone work> > > > > with Centos, or should I grab the source rpm and rebuild it? > > > > > > > > Rebuild from src.rpm. > > > > > > Ok, tried that... > > > > > > $ rpmbuild --rebuild openldap-2.3.11-3.src.rpm > > > Installing openldap-2.3.11-3.src.rpm > > > error: Failed build dependencies: > > > bind-libbind-devel is needed by openldap-2.3.11-3.x86_64 > > > libtool-ltdl-devel is needed by openldap-2.3.11-3.x86_64 > > > > > > Where do I find these two? Do they have different names with CentOS, > > > or do I have to get them from elsewhere? > > > > > > Thanks, > > > Bowie > > > > You'll probably have to get them from the FC Development repository aswell.> > You're probably looking at the bind and libtool srpms, if I had toguess.> > If you're lucky, those two won't depend on too much else, otherwiseyou'll> > spiral quickly into dependency hell. > > > > > What is the purpose of the LDAP upgrade ... if it is security you are > worried about ... those get in there. > > See this: > http://www.redhat.com/advice/speaks_backport.html > > When you start changing major components, you greatly reduce the > stability of CentOS for yourself ... and you ruin the system > interoperability.The purpose is extra features. Mainly, we are having problems with reliability. Twice now, when the system has crashed, the database was corrupted. The scary thing is that both times the database was completely idle when this happened. Version 2.3 fixes a problem with the database checkpoint command and also allows for an automatic database recover on startup. Hopefully, this will at least allow us to recover more easily in the case of a crash. We are also looking at updating Berkely DB to see if that would help. Bowie
From: Craig White [mailto:craigwhite at azapple.com]> On Wed, 2005-11-30 at 12:53 -0600, Johnny Hughes wrote: > > > > What is the purpose of the LDAP upgrade ... if it is security you are > > worried about ... those get in there. > > > > See this: > > http://www.redhat.com/advice/speaks_backport.html > > > > When you start changing major components, you greatly reduce the > > stability of CentOS for yourself ... and you ruin the system > > interoperability. > ---- > I pretty much agree with that last statement - and could never > conceive of getting an rpm of openldap/servers/client from Fedora > and rebuilding it on RHEL/CentOS without it being really really > tough to build and not breaking anything. > > I think the general consensus on openldap message base is to build > everything in /usr/local from source, which in my case, I built db4 > (4.2.52+patches), kerberos, cyrus-sasl, openssl and then finally > openldap - all from source and it wasn't nearly as hard as I feared > and left RHEL stuff alone and didn't break anything. The information > that I used to do this all came from Quanah's web pages at > Stanford... > http://www.stanford.edu/services/directory/openldap/I'm looking at doing that. I was just trying to stay with RPMs if possible so that I don't run in to dependency issues later when I try to install an RPM that requires openldap.> Perhaps a less painful method might be to use Buchan Milne's rpm's > which would do much the same and though they seem to be created for > Mandriva, apparently can build/install on RHEL (sorry, I don't have > a URL for this but you can either post to openldap list or search > their archives).Not a bad idea. Anyone tried this on CentOS4?> Lastly, perhaps the least painful method of all is the pretty much > turnkey packages available from symas... <http://www.symas.com>Interesting. I may look into this.> Now, generally Red Hat back port works well enough but if you are > going to make RHEL/CentOS the base of a large directory service... > 2.0.7-20 (CentOS3) and 2.2.13-4 (CentOS4) simply don't cut it for a > number of reasons. I stick with them on most of my installations > because the number of users and the extent of the demands that I put > upon ldap are pretty minimal but if you are going to have a > substantial investment in time/energy in ldap, > fahgettibouddit...install current.That's about what we determined.> Recognize that 2.2.30 (I believe) is still the latest categorized > 'stable' - 2.3.11 (and I think it is now up to 2.3.12) is discussed > and sometimes casually referred to as 'stable' - I don't think that > it has 'officially' been designated so.Actually, 2.3.11 is stable as of 10/18. Bowie