nss_ldap and openldap importing

Brooks Davis brooks at one-eyed-alien.net
Tue Jul 11 02:00:44 UTC 2006 

On Mon, Jul 10, 2006 at 03:48:54PM -0700, David O'Brien wrote:
> On Thu, Jul 06, 2006 at 06:54:58PM -0700, Brooks Davis wrote:
> > On Thu, Jul 06, 2006 at 10:49:27AM -0700, Doug Barton wrote:
> ..snip..
> > > > nss_ldap itself uses LGPL. As we use nss_ldap only as dynamic library,
> > > > which is used in the "larger work" (which FreeBSD is), it can be also
> > > > included into the source tree. So, we can import nss_ldap, by directly
> > > > importing (with some specific changes, though) it and OpenLDAP into the
> > > > source tree, can we? Just want to be sure that I understand licensing
> > > > situation correctly.
> > > 
> > > My understanding is that we are generally trying to avoid importing any new
> > > code that has any sort of GPL license. That would certainly be my (personal)
> > > preference in any case.
> > 
> > Unless we have someone crediably committed to rewritting nss_ldap I
> > think this is a good place to make an exception.  We can always remove
> > it later if an implementation exists, but we could really use better
> > integration with ldap.
> 
> Why can't this live in ports?  In none of my environments do I need LDAP
> support.  I cannot imagine most of our users need LDAP support either.
> Also, openldap-2.3.24 appears to be 19MB of files.  Just what are we
> talking about importing?  I assume just the 3MB of the library directory?

My life would be a heck of a lot simpler if LDAP support were included
in the base.  At the moment I'm using NIS in several situations where
it just doesn't cut it any more.  IMO we need (as a minimum) a modern
network directory service client in the base.  While a majority of
FreeBSD users may not need LDAP in the base, I would suspect that a
majority of machines would benefit from it.  A much greater portion of
machines would probably benefit from and LDAP client then benefit from a
number of the servers in the base system such as BIND (not a criticism
of having BIND in the base).

-- Brooks

-- 
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20060711/bb7e8aeb/attachment.pgp

More information about the freebsd-current mailing list