On Tue, Oct 01, 2013 at 12:20:48PM -0700, Quanah Gibson-Mount wrote: > --On Tuesday, October 01, 2013 12:12 PM -0700 Don Armstrong > <d...@debian.org> wrote:
> >If you don't have any useful responses to this bug (for example, linking > >to an ITS where this particular issue has been fixed or discussed), or > >want to help fixing or maintaining the openldap packages in Debian, > >please refrain from responding. > I guess our definitions of "useful" differ. I'm offering advice > that will allow the end user to have a working server. That, to me, > is useful. > >The maintainers of distribution packages in distributions like Debian do > >intend for them to be used in production use, and openldap is no > >exception. Otherwise, we wouldn't bother making the packages in the > >first place. > Funny. I suggest you read the FAQ I linked to. It was written for > a reason *by* one of the Debian maintainers of the OpenLDAP package. > And I also linked to the changelog, which lists all the variety of > fixes to OpenLDAP since 2.4.31 was released 1.5 years ago. > If Debian could keep a current build available to its users, then > maybe I wouldn't have to constantly advise people not to use the > Debian package. But as it stands, what Debian provides is not usable > for a production service, and it should be avoided at all cost. Ten years of experience with this package shows me that there is no reason to expect the new versions upstream recommends to be any less buggy than the old ones you constantly slag Debian in our own BTS for shipping. Maybe if there was some evidence of OpenLDAP getting less buggy over time, there would be reason to agree with this assessment. As it is, all the package's history shows is that there is no shortage of critical bugs in any version of the software. It is the height of absurdity to suggest that every other historical version of slapd has had serious bugs, but *this* version, which is brand new and has had no burn-in in which to even discover bugs, is bug-free. That bugs being reported in the Debian version of the package are known bugs is no evidence at all that the current upstream version is better suited to production use. As for that FAQ, Russ is entitled to his opinion about the best way to deploy an OpenLDAP server, as are you. But Russ is no longer a comaintainer of this package in Debian, and it is patently *false* to say that the distribution packages are not *meant* to be used for production services. That upstream has yet to deliver a reasonably bug-free version of the software that users can rely on for any extended period of time is no reflection on the intent of the Debian packagers. Your persistent badmouthing of Debian, its package maintainers, and its processes in our own bug tracker is absolutely uncalled for. If you aren't actually interested in helping Debian improve its packages, then just go away. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slanga...@ubuntu.com vor...@debian.org
signature.asc
Description: Digital signature
