Hi Andreas, On 05.08.21 08:38, Andreas Vögele wrote:
This change in OpenLDAP 2.5 is scary as it affects most users who run slapd:
"Due to database format changes between OpenLDAP 2.4 and OpenLDAP 2.5 it is mandatory for existing slapd-mdb(5) databases to be exported via an OpenLDAP 2.4 slapcat prior to upgrade. They must then be reloaded via an OpenLDAP 2.5 slapadd after the binaries are updated."
I think that OpenLDAP 2.4 cannot be replaced by version 2.5. There have to be packages for both versions. At least a statically linked slapcat from version 2.4 has to be provided.
Good point, but I'm not sure what the solution is. To widen the question a bit: What do we do in Tumbleweed generally in a case where an update requires manual intervention from the user? (In this case *before* the update is actually performed.) 1. Somehow notify the user before doing the update, and giving them a choice to not do the upgrade and e.g. pin the old version. 2. Buy us time by providing two versions of the same software. (I'd note that this solution isn't sustainable long-term, so we'll need to have the discussion about "what then" one way or the other.) 3. Try to come up with a automatic migration solution downstream (in this case, dump the db and try to re-import it). 4. Simply do the upgrade and assume users will somehow deal with it (e.g. under the assumption that "this is Tumbleweed"). I personally would go for option (1) (but I don't know how we can implement that, I'm looking for input on the packaging side here). Providing an automatic migration downstream seems risky, and solution (2) is only deferring the problem until OpenLDAP 2.4 runs out of support. I agree with you Andreas that what we have right now (4) isn't a good user experience and something I'd like to avoid if possible. Philipp