[Nix-dev] [PATCH] LDAP non-anonymous bind
Rickard Nilsson
rickard.nilsson at telia.com
Sun Oct 2 10:12:14 CEST 2011
Hi,
Den 2011-09-30 12:50:33 skrev Nicolas Pierron
<nicolas.b.pierron at gmail.com>:
> Hi,
>
> On Thu, Sep 29, 2011 at 23:15, Rickard Nilsson
> <rickard.nilsson at telia.com> wrote:
>> I finally got around fixing the LDAP patch according to your
>> suggestions.
>
> Great.
>
>> The password is now stored in a separate file, which is read from the
>> activation script. I also cleaned up the options definitions a bit.
>> Would
>> you care to look at it again?
>
> No problem.
>
> I look at your solution, storing the password in a file is the good
> way to proceed.
>
> 1/ I checked that sed copy the content of the symbolic link before
> creating a new file at the same location. This is important otherwise
> you could have modified the content of the nix-store which is a good
> thing to do.
>
> I still have a doubt about updates, could you check that the ldap
> configuration is well updated when changing any option? Because your
> configuration file is no longer a symlink to /etc/static.
I hadn't thought about the symlink thing. I have rewritten the patch not
to use sed anymore, and I have checked that updates are handled correctly.
> 2/ your activation script has no dependencies. Have a look at
> /var/run/current-system/activate to check which one is important, I
> guess you may need "etc" and may be "users" such as
>
> modules/services/misc/nix-daemon.nix: system.activationScripts.nix
> = stringAfter [ "etc" "users" ]
> modules/services/misc/nix-daemon.nix- ''
> modules/services/misc/nix-daemon.nix- # Set up Nix.
>
> Setting this is to get snippet order correctly. The activation is run
> just after the stage1. Thus almost nothing is setup yet.
I've added 'stringAfter [ "etc" ]' now.
> These should not be hard modification, and I would be please to merge
> your patch after that ;)
Great! I've attached the modified patch.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ldap.nix.diff
Type: application/octet-stream
Size: 2216 bytes
Desc: not available
Url : http://lists.science.uu.nl/pipermail/nix-dev/attachments/20111002/285dc01f/attachment.obj
More information about the nix-dev
mailing list