FreeBSD: How git and OpenLDAP server can collide via openldap24-(sasl-)client

I’ve have been doing some progress on my journey with bare FreeBSD, the BSDNow.tv tutorials are good and provide reasonable defaults to get started quickly. I quicklygot both a poudriere package builder inside a VM of my workstation and ezjail up and running on a small homeserver with an Atom CPU (that is quite not that quick a building). I actually wanted some extra switches enabled in my self-built packages not present in the binaries frome from pkg.freebsd.org.

One jail would become a testbed for OpenLDAP I configured poudriere to build net/openldap24-server (default, except with SASL as enabled in i.e. Debian)  and since I like and use: devel/git (default). When I wanted to install git AND the OpenLDAP package in this jail, pkg  ended ith an obscure message telling me that files in openldap24-client conflicted with openldap24-sasl-client. Following the dependencies I tried to find the cause of the dependency conflict:

  • devel/git depends on  ftp/curl (default)
  • ftp/curl was (non-standard) configured to support LDAP and LDAPS since I want to play with LDAP:
    • That is what caused a dependency on openldap24-client for git.
    • Most other packages will do so once LDAP/LDAPS support is enabled (i.e. php5) – not on openldap-sasl-client.
  • net/openldap24-server with SASL results
    • in a package called openldap24-sasl-server (not openldap24-server!)
    • in a dependency of the server package depending on openldap24-sasl-client
  • Both openldap24-sasl-client got built and openldap24-client were almost identical (beyond SASL-support) and thus they conflict since they provide the same thing

I wanted SASL support but also git and curl. For whatever reason to fix this was to change make.conf as follows:

WANT_OPENLDAP_SASL=yes

Using poudriere and a build jail called 10amd64, this was in: /usr/local/etc/poudriere.d/10amd64-make.conf.  Afterwards I (preferred to) completely rebuild all  package to make sure all package would take that switch (with -c):

poudriere -f /path/to/list-of-pkgs -j 10amd64 -c

Afterwards on the destined ldap server  both git and openldap-(sasl)-server now depended on openldap-sasl-client and could be installed alongside:

 # pkg install git openldap-sasl-server
Updating repository catalogue
The following 19 packages will be installed:

        [...]
        Installing cyrus-sasl: 2.1.26_3 [1Labs]
        Installing openldap-sasl-client: 2.4.38 [1Labs]
        Installing curl: 7.33.0_1 [1Labs]
        Installing openldap-sasl-server: 2.4.38 [1Labs]
        Installing git: 1.8.4.3 [1Labs]

The installation will require 279 MB more space

20 MB to be downloaded

Proceed with installing packages [y/N]:y

Unfortunately I wasn’t able to quickly find a reliable source why that switch has to be placed or is more closely explained. It can be found in a couple of packages, likely someon with more thorough FreeBSD experience would be able to bring a correct cause. It thoug causes packages with LDAP dependency to move their dependency from the normal to the sasl-enabled OpenLDAP client. At least, once I found about WANT_OPENLDAP_SASL, finding others who had this issue wasn’t difficult at all, i.e.

Leave a Reply

December 9, 2013

Posted In: Uncategorized

Tags: , , ,

Leave a Comment