[Nix-dev] [PATCH] LDAP non-anonymous bind
Nicolas Pierron
nicolas.b.pierron at gmail.com
Sun Oct 2 15:25:02 CEST 2011
On Sun, Oct 2, 2011 at 10:12, Rickard Nilsson <rickard.nilsson at telia.com> wrote:
> Hi,
>
> Den 2011-09-30 12:50:33 skrev Nicolas Pierron <nicolas.b.pierron at gmail.com>:
>
>> Hi,
>>
>> On Thu, Sep 29, 2011 at 23:15, Rickard Nilsson
>> <rickard.nilsson at telia.com> wrote:
>>>
>>> I finally got around fixing the LDAP patch according to your suggestions.
>>
>> Great.
>>
>>> The password is now stored in a separate file, which is read from the
>>> activation script. I also cleaned up the options definitions a bit. Would
>>> you care to look at it again?
>>
>> No problem.
>>
>> I look at your solution, storing the password in a file is the good
>> way to proceed.
>>
>> 1/ I checked that sed copy the content of the symbolic link before
>> creating a new file at the same location. This is important otherwise
>> you could have modified the content of the nix-store which is a good
>> thing to do.
>>
>> I still have a doubt about updates, could you check that the ldap
>> configuration is well updated when changing any option? Because your
>> configuration file is no longer a symlink to /etc/static.
>
> I hadn't thought about the symlink thing. I have rewritten the patch not to
> use sed anymore, and I have checked that updates are handled correctly.
>
>
>> 2/ your activation script has no dependencies. Have a look at
>> /var/run/current-system/activate to check which one is important, I
>> guess you may need "etc" and may be "users" such as
>>
>> modules/services/misc/nix-daemon.nix: system.activationScripts.nix
>> = stringAfter [ "etc" "users" ]
>> modules/services/misc/nix-daemon.nix- ''
>> modules/services/misc/nix-daemon.nix- # Set up Nix.
>>
>> Setting this is to get snippet order correctly. The activation is run
>> just after the stage1. Thus almost nothing is setup yet.
>
> I've added 'stringAfter [ "etc" ]' now.
>
>
>> These should not be hard modification, and I would be please to merge
>> your patch after that ;)
>
> Great! I've attached the modified patch.
I committed your patch at revision r29563.
Thanks.
--
Nicolas Pierron
http://www.linkedin.com/in/nicolasbpierron - http://nbp.name/
More information about the nix-dev
mailing list