{"id":371,"date":"2013-12-09T14:20:58","date_gmt":"2013-12-09T13:20:58","guid":{"rendered":"http:\/\/www.simweb.ch\/blog\/?p=371"},"modified":"2013-12-09T14:24:26","modified_gmt":"2013-12-09T13:24:26","slug":"openldap24-client-and-openldap24-sasl-client-conflict-how-git-co-may-interfere-with-the-openldap-server","status":"publish","type":"post","link":"https:\/\/www.simweb.ch\/blog\/2013\/12\/openldap24-client-and-openldap24-sasl-client-conflict-how-git-co-may-interfere-with-the-openldap-server\/","title":{"rendered":"FreeBSD: How git and OpenLDAP server can collide via openldap24-(sasl-)client"},"content":{"rendered":"<p>I've have been doing some progress on my journey with bare FreeBSD, the <a href=\"http:\/\/www.bsdnow.tv\/tutorials\">BSDNow.tv tutorial<\/a>s are good and provide reasonable defaults to get started quickly.\u00a0I quicklygot both a <a href=\"https:\/\/fossil.etoilebsd.net\/poudriere\/\">poudriere <\/a>package builder inside a VM of my workstation and ezjail up and running on a small homeserver with an Atom CPU (that is quite not that quick a building). I actually wanted some extra switches enabled in my self-built packages\u00a0not present in the binaries frome from pkg.freebsd.org.<\/p>\n<p>One jail would become a testbed for OpenLDAP I configured poudriere to build net\/openldap24-server (default, except with SASL as enabled in i.e. Debian) \u00a0and since I like and use: devel\/git (default). When I wanted to install git AND the OpenLDAP package in this jail, pkg \u00a0ended ith an obscure message telling me that files in openldap24-client conflicted with openldap24-sasl-client.\u00a0Following the dependencies I tried to find the cause of the dependency conflict:<\/p>\n<ul>\n<li>devel\/git depends on \u00a0ftp\/curl (default)<\/li>\n<li>ftp\/curl was (non-standard) configured to support LDAP and LDAPS since I want to play with LDAP:\n<ul>\n<li>That is what caused a dependency on openldap24-client for git.<\/li>\n<li>Most other packages will do so once LDAP\/LDAPS support is enabled (i.e. php5) - not on openldap-sasl-client.<\/li>\n<\/ul>\n<\/li>\n<li>net\/openldap24-server with SASL results\n<ul>\n<li>in a package called openldap24-sasl-server (not openldap24-server!)<\/li>\n<li>in a dependency of the server package depending on openldap24-sasl-client<\/li>\n<\/ul>\n<\/li>\n<li>Both openldap24-sasl-client got built and openldap24-client were almost identical (beyond SASL-support) and thus they conflict since they provide the same thing<\/li>\n<\/ul>\n<p>I wanted SASL support but also git and curl. For whatever reason to fix this was to change make.conf as follows:<\/p>\n<pre>WANT_OPENLDAP_SASL=yes<\/pre>\n<p>Using poudriere and a build jail called 10amd64, this was in: \/usr\/local\/etc\/poudriere.d\/10amd64-make.conf. \u00a0Afterwards I (preferred to) completely rebuild all \u00a0package to make sure all package would take that switch (with -c):<\/p>\n<pre class=\"brush: actionscript3; gutter: true; first-line: 1\">poudriere -f \/path\/to\/list-of-pkgs -j 10amd64 -c<\/pre>\n<p>Afterwards on the destined ldap server \u00a0both git and openldap-(sasl)-server now depended on openldap-sasl-client and could be installed alongside:<\/p>\n<pre class=\"brush: actionscript3; gutter: true; first-line: 1\"> # pkg install git openldap-sasl-server\r\nUpdating repository catalogue\r\nThe following 19 packages will be installed:\r\n\r\n        [...]\r\n        Installing cyrus-sasl: 2.1.26_3 [1Labs]\r\n        Installing openldap-sasl-client: 2.4.38 [1Labs]\r\n        Installing curl: 7.33.0_1 [1Labs]\r\n        Installing openldap-sasl-server: 2.4.38 [1Labs]\r\n        Installing git: 1.8.4.3 [1Labs]\r\n\r\nThe installation will require 279 MB more space\r\n\r\n20 MB to be downloaded\r\n\r\nProceed with installing packages [y\/N]:y<\/pre>\n<p>Unfortunately I wasn't able to quickly find a reliable source why that switch has to be placed or is more closely explained. It can be found in a couple of packages, likely someon with more thorough FreeBSD experience would be able to bring a correct cause. It thoug causes packages with LDAP dependency to move their dependency from the normal to the sasl-enabled OpenLDAP client. At least, once I found about WANT_OPENLDAP_SASL, finding others who had this issue wasn't difficult at all, i.e.<\/p>\n<ul>\n<li><a href=\"http:\/\/monkey.org\/freebsd\/archive\/freebsd-questions\/200812\/msg00055.html\">http:\/\/monkey.org\/freebsd\/archive\/freebsd-questions\/200812\/msg00055.html<\/a><\/li>\n<li><a href=\"http:\/\/lists.freebsd.org\/pipermail\/freebsd-ports\/2008-July\/049808.html\">http:\/\/lists.freebsd.org\/pipermail\/freebsd-ports\/2008-July\/049808.html<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>I&#8217;ve have been doing some progress on my journey with bare FreeBSD, the BSDNow.tv tutorials are good and provide reasonable defaults to get started quickly.\u00a0I quicklygot both a poudriere package builder inside a VM of my workstation and ezjail up and running on a small homeserver with an Atom CPU (that is quite not that &#8230; <a class=\"moretag\" href=\"https:\/\/www.simweb.ch\/blog\/2013\/12\/openldap24-client-and-openldap24-sasl-client-conflict-how-git-co-may-interfere-with-the-openldap-server\/\">more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[1],"tags":[36,41,40,42],"class_list":["post-371","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-freebsd","tag-openldap","tag-pkgng","tag-sasl"],"_links":{"self":[{"href":"https:\/\/www.simweb.ch\/blog\/wp-json\/wp\/v2\/posts\/371","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.simweb.ch\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.simweb.ch\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.simweb.ch\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.simweb.ch\/blog\/wp-json\/wp\/v2\/comments?post=371"}],"version-history":[{"count":0,"href":"https:\/\/www.simweb.ch\/blog\/wp-json\/wp\/v2\/posts\/371\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.simweb.ch\/blog\/wp-json\/wp\/v2\/media?parent=371"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.simweb.ch\/blog\/wp-json\/wp\/v2\/categories?post=371"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.simweb.ch\/blog\/wp-json\/wp\/v2\/tags?post=371"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}