From Fedora Project Wiki

(Change submitted to FESCo)
 
(4 intermediate revisions by 3 users not shown)
Line 18: Line 18:


== Current status ==
== Current status ==
[[Category:ChangeReadyForFesco]]
[[Category:ChangeAcceptedF35]]
<!-- When your change proposal page is completed and ready for review and announcement -->
<!-- When your change proposal page is completed and ready for review and announcement -->
<!-- remove Category:ChangePageIncomplete and change it to Category:ChangeReadyForWrangler -->
<!-- remove Category:ChangePageIncomplete and change it to Category:ChangeReadyForWrangler -->
Line 37: Line 37:
-->
-->
* FESCo issue: [https://pagure.io/fesco/issue/2596 #2596]
* FESCo issue: [https://pagure.io/fesco/issue/2596 #2596]
* Tracker bug: <will be assigned by the Wrangler>
* Tracker bug: [https://bugzilla.redhat.com/show_bug.cgi?id=1952926 #1952926]
* Release notes tracker: <will be assigned by the Wrangler>
* Release notes tracker: [https://pagure.io/fedora-docs/release-notes/issue/688 #688]


== Detailed Description ==
== Detailed Description ==
Line 147: Line 147:


<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
* 389-ds-base
* 389-ds-base-libs
* argus
* argus-clients
* autofs
* cyrus-imapd
* cyrus-sasl
* ekiga
* exim
* gvnc
* inn
* isync
* kdebase3-pim-ioslaves
* kdepim-runtime-libs
* kdepimlibs
* kf5-kimap
* kf5-kldap
* kf5-ksmtp
* kf5-libksieve
* libetpan
* libmemcached-libs
* libpurple
* librdkafka
* libvirt-daemon
* lua-cyrussasl
* mail-notification
* memcached
* mongo-c-driver-libs
* mozldap
* mutt
* myproxy-libs
* nmh
* openldap
* openldap-clients
* openldap-servers
* pcp-libs
* perl-Cyrus
* php-ldap
* php-pecl-memcached
* postfix
* ptlib
* python3-qpid-proton
* python3-subversion
* qca-cyrus-sasl
* qca-qt5-cyrus-sasl
* qemu-system*
* qpid-proton-c
* sendmail
* spice-glib
* spice-server
* squid
* sssd-ad
* subversion-libs
* subversion-ruby
* znc


The owners of the packages are recommended to create a sasldb base using the new version of cyrus-sasl and check that auth works normally for them. Also it would be useful to check that a migration tool works well for the existing base


== Contingency Plan ==
== Contingency Plan ==
* Contingency mechanism: Revert the shipped configuration
* Contingency mechanism: Revert the shipped configuration
<!-- When is the last time the contingency mechanism can be put in place?  This will typically be the beta freeze. -->
<!-- When is the last time the contingency mechanism can be put in place?  This will typically be the beta freeze. -->
* Contingency deadline: Beta freeze
* Contingency deadline: F35 branch date (2021-08-10)
<!-- Does finishing this feature block the release, or can we ship with the feature in incomplete state? -->
<!-- Does finishing this feature block the release, or can we ship with the feature in incomplete state? -->
* Blocks release? Yes <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
* Blocks release? Yes <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->


== Documentation ==
== Documentation ==
Line 181: Line 236:


The syntax of the migration tool is
The syntax of the migration tool is
bdb2current <sasldb path> <new_path>
cyrusbdb2current <sasldb path> <new_path>


Please check whether your packages use the sasldb plugin and provide a relevant migration guideline.
Please check whether your packages use the sasldb plugin and provide a relevant migration guideline.

Latest revision as of 14:57, 3 May 2021

Switching Cyrus Sasl from BerkeleyDB to GDBM

Summary

cyrus-sasl package was built with libdb requirement, now it is replaced by gdbm.

Owner


Current status

Detailed Description

This change switches the default backend Key-Value DB used by sasldb plugin from BerkeleyDB to GDBM and provides a migration tool for automatic conversion from old to new format.

Feedback

Benefit to Fedora

According to more restrictive libdb licence policy exists effort to remove libdb's dependencies. cyrus-sasl package can now be built without libdb requirement.


Scope

  • Proposal owners:
  • Other developers:

The owners of the packages depending on cyrus-sasl sasldb plugin should provide the documentation about the migration procedure.

  • Release engineering: [1]
  • Policies and guidelines: not needed for this Change
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with Objectives:

Upgrade/compatibility impact

The migration script should be used to upgrade the particular databases used by specific applications via sasldb plugin


How To Test

  • Install the new version of the cyrus-sasl.
  • Use the migration tool bdb2current provided by the package to migrate your sasldb file
  • update the configuration file to point on the new sasldb file
  • restart the application if necessary
  • Check that auth is still working


User Experience

Dependencies

A lot of application use cyrus-sasl sasldb plugins. Their maintainers were notified via email and some of them have responded.

  • 389-ds-base
  • 389-ds-base-libs
  • argus
  • argus-clients
  • autofs
  • cyrus-imapd
  • cyrus-sasl
  • ekiga
  • exim
  • gvnc
  • inn
  • isync
  • kdebase3-pim-ioslaves
  • kdepim-runtime-libs
  • kdepimlibs
  • kf5-kimap
  • kf5-kldap
  • kf5-ksmtp
  • kf5-libksieve
  • libetpan
  • libmemcached-libs
  • libpurple
  • librdkafka
  • libvirt-daemon
  • lua-cyrussasl
  • mail-notification
  • memcached
  • mongo-c-driver-libs
  • mozldap
  • mutt
  • myproxy-libs
  • nmh
  • openldap
  • openldap-clients
  • openldap-servers
  • pcp-libs
  • perl-Cyrus
  • php-ldap
  • php-pecl-memcached
  • postfix
  • ptlib
  • python3-qpid-proton
  • python3-subversion
  • qca-cyrus-sasl
  • qca-qt5-cyrus-sasl
  • qemu-system*
  • qpid-proton-c
  • sendmail
  • spice-glib
  • spice-server
  • squid
  • sssd-ad
  • subversion-libs
  • subversion-ruby
  • znc

The owners of the packages are recommended to create a sasldb base using the new version of cyrus-sasl and check that auth works normally for them. Also it would be useful to check that a migration tool works well for the existing base

Contingency Plan

  • Contingency mechanism: Revert the shipped configuration
  • Contingency deadline: F35 branch date (2021-08-10)
  • Blocks release? Yes

Documentation

Here is the notification sent to known developers of the depending packages:

New version of the cyrus-sasl is planned to use the gdbm database for the sasldb plugins.

I've implemented the patch (https://src.fedoraproject.org/rpms/cyrus-sasl/pull-request/3#request_diff) changing the default DB and implementing the migration tool to make the switching from BerkeleyDB to GDBM seamless.

I kindly ask you to check the information in the following spreadsheet: https://docs.google.com/spreadsheets/d/1z5eTSm3rtlKtEKPCxhI_wE861Xzg8kbvINWixSwQmLg/edit?usp=sharing:

whether your package is affected by the proposed change whether the migration tool is suitable for your purposes

and let me know or mark the results in the table

Release Notes

a new version of the cyrus-sasl package is landing in rawhide.

This version changes the database used to store saslauthdb data. This is part of the move to deprecate use of Berkley DB. The new package will use GDBM instead.

We provided a tool to perform migrations for database should that be needed by a package:

The syntax of the migration tool is cyrusbdb2current <sasldb path> <new_path>

Please check whether your packages use the sasldb plugin and provide a relevant migration guideline.