From evanc@cello.synapse.net Thu Nov 13 14:56:09 1997 Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id OAA25112 for ; Thu, 13 Nov 1997 14:56:08 -0500 Received: from cello.synapse.net by MIT.EDU with SMTP id AA19593; Thu, 13 Nov 97 14:55:55 EST Received: (qmail 12291 invoked by uid 1001); 13 Nov 1997 19:47:37 -0000 Message-Id: <19971113194736.12290.qmail@cello.synapse.net> Date: 13 Nov 1997 19:47:36 -0000 From: evanc@synapse.net To: krb5-bugs@MIT.EDU Cc: evanc@synapse.net Subject: db2 really old X-Send-Pr-Version: 3.99 >Number: 498 >Category: krb5-build >Synopsis: update db2 release >Confidential: no >Severity: non-critical >Priority: high >Responsible: tlyu >State: open >Class: change-request >Submitter-Id: unknown >Arrival-Date: Thu Nov 13 14:57:01 EST 1997 >Last-Modified: Thu Nov 13 17:25:01 EST 1997 >Originator: Evan Champion >Organization: >Release: krb5-1.0.2 >Environment: System: FreeBSD cello.synapse.net 3.0-CURRENT FreeBSD 3.0-CURRENT #0: Tue Nov 11 00:36:42 EST 1997 evanc@cello.synapse.net:/usr/src/sys/compile/CELLO i386 >Description: Quote from the db2 readme: This is version 2.0-ALPHA of the Berkeley DB code. THIS IS A PRELIMINARY RELEASE. This does not exactly inspire confidence in something that is supposed to be my central authentication service. >How-To-Repeat: >Fix: Please upgrade to the latest db2 distribution. Currently, it is 2.3.12, available from: Even better, I'd prefer it if you just removed the db2 distribution from krb5, and require the user to provide it (ie: just link against -ldb). Since you don't release fixes very often, I think that is the best way to handle the problem. >Audit-Trail: From: Ken Hornstein To: evanc@synapse.net Cc: krb5-bugs@MIT.EDU Subject: Re: krb5-build/498: db2 really old Date: Thu, 13 Nov 1997 15:55:22 -0500 > Quote from the db2 readme: > > This is version 2.0-ALPHA of the Berkeley DB code. > THIS IS A PRELIMINARY RELEASE. > > This does not exactly inspire confidence in something that is > supposed to be my central authentication service. This comes up on the mailing list now and again ... the Berkeley DB code that comes with Kerberos has a number of fixes applied to it. > Even better, I'd prefer it if you just removed the db2 distribution > from krb5, and require the user to provide it (ie: just link against > -ldb). Since you don't release fixes very often, I think that is > the best way to handle the problem. Actually ... I disagree rather strongly. Tracking external software is a _huge_ nightmare, in terms of software releases. At least the version of DB that comes with Kerberos is known to work with it. --Ken From: Evan Champion To: Ken Hornstein Cc: krb5-bugs@MIT.EDU Subject: Re: krb5-build/498: db2 really old Date: Thu, 13 Nov 1997 17:24:04 -0500 (EST) On Thu, 13 Nov 1997, Ken Hornstein wrote: > This comes up on the mailing list now and again ... the Berkeley DB code > that comes with Kerberos has a number of fixes applied to it. I looked at the changelog and they aren't keeping up with the Sleepycat distribution. The last change is November 11, 1996... According to the Sleepycat website, that is probably somewhere before version 2.0.0 was even released (the patches to 2.0.0 are dated April, 1997.) > Actually ... I disagree rather strongly. Tracking external software is > a _huge_ nightmare, in terms of software releases. At least the > version of DB that comes with Kerberos is known to work with it. But it's alright that it doesn't come with its own tcl? If MIT was prepared to keep it up-to-date, then it wouldn't bother me, but they don't even try. Compiling db2 is trivial, and as long as MIT tells you where to get it in their install docs, I don't see what the problem is. I mean, we already have to get at least gnu make and tcl, and possibly m4 as well, so I don't see this as an enormous burden. Evan >Unformatted: