>>> Michael Ströder <[email protected]> schrieb am 09.08.2019 um 08:00 in Nachricht <[email protected]>: > On 8/9/19 1:47 AM, Quanah Gibson-Mount wrote: >> --On Wednesday, August 7, 2019 8:08 AM -0400 David Magda >> <[email protected]> wrote: >> I.e., 'providing' a build of OpenLDAP has a number of complexities. > > Full ack. > > It's really hard to decide what is needed in a package. > > Linux distributions tend to enable all features to please everybody. But > for highly secured systems it is mandatory to disable unneeded > functionality. E.g. I'm maintaining the full-featured builds for > openSUSE but personally I'm using stripped down builds without all > deprecated backends. > > Also Linux distros implement pseudo config management in there packages > which trys to create a default config. Mostly this defeats serious > deployments using a decent config management. I saw production systems > break after a "yum update" or "apt-get upgrade" because of overzealous > package post installation tasks.
Yes, we also run an installation on SLES that the SLES configuration tool (yast) cannot handle any more... > >>>> 2015 had a lot of serious bugs in its release, the releases were rushed, >>>> and the result of rushing was bad. I don't think 2015 is a "good" >>>> example of how things should be done. >>> >>> That is an argument for timed releases. >> >> I fail to see how that's the case. > > Me too. Especially because timed releases can also lead to some kind of > rush before the release date. > >> What I see is that we need to: >> a) Ensure we have CI/CD >> and >> b) Better/expanded test cases & databases to validate against >> and >> c) more participation from the community in testing/validating new >> features and code fixes. > > Again, full ack here. > > Ciao, Michael.
