On Mon, Apr 03, 2006 at 01:27:00AM -0400, David Zeuthen wrote: > I wish that people working on the server bits (e.g. Apache, Postfix) > would take a similar stance and only make their software read > settings from LDAP (or whatever) for the site-wide case. This always seems like a nice simple idea in theory. The reality is that you'd have to put so much complexity in to deal with stuff like working out what to do during a restart if the LDAP server suddenly stops responding (at the point where you have already thrown away the old config). You also have to come up with (and hard-code!) some LDAP schema; and have it extensible to third-party modules (i.e. generic enough that it's just untyped key-value pairs again). And how do you configure the LDAP connection: TLS, auth, etc? Just relying on the system-wide defaults doesn't cut it for 99% of apps so why would it here? And why only support an LDAP backend? Why not also an SQL database, or a WebDAV repository? So the reality is that rather than add all that complexity to 50 different daemons, it's better to go and write one single tool which can create flat file configurations from LDAP databases, or SQL databases, or whatever, and can know how to restart the daemons as necessary, and can apply a consistent LDAP schema across the board, etc. joe -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
