Opened 4 years ago
Closed 4 years ago
#60583 closed enhancement (fixed)
gnupg2 @2.2.20_0: Make +openldap variant non-default
| Reported by: | michi-zuri (Michael Paul Killian) | Owned by: | roederja |
|---|---|---|---|
| Priority: | Low | Milestone: | |
| Component: | ports | Version: | 2.6.2 |
| Keywords: | Cc: | Ionic (Mihai Moldovan) | |
| Port: | gnupg2 |
Description
When I installed duplicity on my macOS 10.13 system I encountered the following warning message that led me down a rabbit hole:
Warning: couldn't find file '/opt/local/var/run/openldap-data/.turd_openldap' for port 'openldap'. Please deactivate and reactivate the port to fix this issue.
I managed to disable the warning by creating an empty .turd_openldap file with readable permissions, but it left me wondering why gnupg2 needs openldap by default at all? Is it actually used by anything if the user does not manually configure openldap?
I went ahead and reinstalled gnupg2 with the -openldap variant, since I am not intending to do any configuration for openldap myself. Could anyone confirm though that openldap is only used if configured, or am I missing out on some magic behind the curtains now?
If my assumptions are correct, I would propose to make openldap an opt-in variant of gnupg2, rather than opt-out.
Change History (4)
comment:1 Changed 4 years ago by ryandesign (Ryan Carsten Schmidt)
| Cc: | Ionic added |
|---|---|
| Owner: | set to roederja |
| Status: | new → assigned |
| Summary: | gnupg2 @2.2.20_0 → gnupg2 @2.2.20_0: Make +openldap variant non-default |
comment:2 Changed 4 years ago by Ionic (Mihai Moldovan)
Uh, I totally missed that, but generally I don't see a huge benefit to depending upon openldap for GPG.
I've never needed it on my Linux-based systems, but then again I've never used LDAP to begin with.
To be fair, the problem discussed in this PR seems to stem from the openldap port *and* a non-standard installation, so I can see why Jan was reluctant to change anything in the gnupg port. If the openldap port breaks, that one should be fixed.
But, as said, I also don't see a huge benefit in having the OpenLDAP-integration within gnupg. If this taints redistribution, even worse.
Variants are definitely a two-sided sword. They are both powerful, but also too powerful (well, that's really a shortcoming of Portfiles being TCL scripts), but any non-standard variant will also make people have to build software on their machines instead of using pre-built packages, mostly due to combinatorial explosion. I.e., for n variants, there are 2n possible combinations, which would be crazy to build.
I'd be in favor of making the OpenLDAP-integration fully optional.
comment:3 Changed 4 years ago by neverpanic (Clemens Lang)
comment:4 Changed 4 years ago by neverpanic (Clemens Lang)
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Replying to michi-zuri:
I can't explain why the .turd_openldap file was missing for you. It should have been there. Its presence just makes sure that MacPorts doesn't consider the directory empty and delete it. Deactivating and reactivating the port as suggested by the warning should have brought the file back.
There is extensive prior discussion on this matter in the pull request that changed the openldap dependency from mandatory to a variant:
https://github.com/macports/macports-ports/pull/2625
Many argued that they did not need openldap support in gnupg2 and that it should be moved to a variant and that the variant should not be enabled by default. This would have the additional advantage that the gnupg2 port would become distributable. One of the maintainers of the port argued against the creation of the variant at all but eventually accepted the variant if it was enabled by default. The other maintainer did not comment.