From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 26334 invoked by uid 1002); 27 Jun 2003 15:21:05 -0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 24283 invoked from network); 27 Jun 2003 15:21:04 -0000 Date: Fri, 27 Jun 2003 17:21:02 +0200 From: c.wegener@itcampus.de To: gentoo-dev@gentoo.org Message-ID: <20030627152102.GC1717@pbook.polysynx.foo> Mail-Followup-To: gentoo-dev@gentoo.org References: <200306250000.00937.tclark@telia.com> <3EFC3735.6040501@ineoconcepts.com> <1056718703.8875.56.camel@tree.rogi.biz> <200306270758.42517.zack@tehunlose.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200306270758.42517.zack@tehunlose.com> User-Agent: Mutt/1.5.4i Subject: Re: [gentoo-dev] Directory services (was Re: [gentoo-dev] maybe it is time to put portage queries into a database.) X-Archives-Salt: 51f9b193-14f6-4dbc-8eb1-c4ec9192b83c X-Archives-Hash: efdbb0ae5085be5c0d739c10a620832e On Fri, Jun 27, 2003 at 07:58:39AM -0700, Zack Gilburd wrote: Content-Description: signed data > On Friday 27 June 2003 05:58 am, Rigo Ketelings wrote: > > Op vr 27-06-2003, om 14:23 schreef Eric Sammer: > > > Just to add something to my last email about portage and database / > > > directory services... > > > > > > While talking to my wife this morning (a sysadmin and security > > > professional and fellow gentoo user) about this situation, we realized > > > something else about portage in openldap. This would (or could, > > > depending on implementation) severely limit the rsync bottle neck by > > > allowing for a hierarchy of directory servers to be replicated from by > > > users. > > > > I REALLY like this idea.. > > I /tried/ using LDAP as my authentication for pam a while back, in hopes of > having a nice, network-wide, roaming profile. However, such hopes were > quickly shattered once I got authentication going even locally. My login > attempts would take /quite/ a while and it was very inefficient. I would > rather see a MySQL database. > As directory services are optimized for read performance, there are disadvantages for write access to a directory service. But compared to the amount of user needing read access to a directory service the number of write access updates should REALLY small. I think your bad experience with LDAP as authentication service may have to do with misconfiguration or lack of optimization. > > > With clever use of referals and replication, you could > > > effectively remove the rsync issues of bandwidth and the > > > "stop-syncing-so-often-it's-rude" problem. Updates to portage would be > > > propagated down the line when commited moving a smaller (but steady) > > > stream of traffic rather than unpredictable bursts (note: that's an > > > assumption). This would eliminate the need for 'emerge sync' (in theory). > > > > > > Again, this is all very academic as the data to back up these ideas is > > > out of the public eye (thankfully). Maybe just food for thought... > > > > > > Thanks to all devs for all the great work. > > > > Yup, can't say that enough too ;)... > > Granted I am incorrect about my assertions above, I would like to see this > *work* in a real-world situation before I say, "Yea, sure, let's give LDAP a > try..." christoph -- ^*^ -- gentoo-dev@gentoo.org mailing list