RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1663063 - Add perl-LDAP package
Summary: Add perl-LDAP package
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: perl-LDAP
Version: 8.2
Hardware: All
OS: Linux
unspecified
high
Target Milestone: rc
: 8.2
Assignee: Petr Pisar
QA Contact: RHEL CS Apps Subsystem QE
Lenka Špačková
URL:
Whiteboard:
Depends On: 1746898 1751068 1760231
Blocks: 1701002
TreeView+ depends on / blocked
 
Reported: 2019-01-03 00:50 UTC by Quanah Gibson-Mount
Modified: 2023-09-07 19:36 UTC (History)
17 users (show)

Fixed In Version: perl-LDAP-0.66-7.el8
Doc Type: Enhancement
Doc Text:
.New packages: `perl-LDAP` and `perl-Convert-ASN1` This update adds the `perl-LDAP` and `Perl-Convert-ASN1` packages to RHEL 8. The `perl-LDAP` package provides an LDAP client for the Perl language. `perl-LDAP` requires the `perl-Convert-ASN1` package, which encodes and decodes Abstract Syntax Notation One (ASN.1) data structures using Basic Encoding Rules (BER) and Distinguished Encoding Rules (DER).
Clone Of:
: 1746898 (view as bug list)
Environment:
Last Closed: 2020-04-28 15:29:41 UTC
Type: Enhancement
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1734183 1 None None None 2023-09-07 20:26:17 UTC
Red Hat Issue Tracker RHELPLAN-14488 0 None None None 2021-08-27 22:30:47 UTC
Red Hat Product Errata RHEA-2020:1575 0 None None None 2020-04-28 15:29:50 UTC

Internal Links: 1748057

Description Quanah Gibson-Mount 2019-01-03 00:50:55 UTC
Description of problem:

The standard Perl method of accessing any LDAP server (Net::LDAP) was previously available from RedHat as the perl-LDAP package.  However starting with RHEL8, this package has been removed with no explanation.

This seems particularly odd given that it is *the* reference implementation for perl access to LDAP and there are hundreds if not thousands of utilities that have been developed over the years utilizing Net::LDAP and its related modules.



How reproducible:

100%

Steps to Reproduce:
1. Install RHEL8 beta
2. Search for the perl-LDAP package


Actual results:
Not found

Expected results:
Found

Comment 1 Quanah Gibson-Mount 2019-01-03 01:07:03 UTC
Particularly odd given that both php-ldap and python3-ldap are available... this is analogous to those packages, except for Perl.

Comment 2 Petr Pisar 2019-01-03 13:22:50 UTC
It's quite normal that packages are removed between major RHEL versions. Removal of perl-LDAP is documented in Release Notes <https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8-beta/html-single/8.0_beta_release_notes/index#removed_packages>.

If you need perl-LDAP for you business, please contact Red Hat support.

Comment 3 Quanah Gibson-Mount 2019-01-03 14:08:09 UTC
The question was why, which is *not* in the release notes.  Again, this is a basic *fundamental* package for utilizing LDAP via Perl.

Comment 4 Rich Megginson 2019-01-03 14:41:20 UTC
changing bug access to Public

Comment 5 Rich Megginson 2019-01-03 14:42:00 UTC
Is there a perl LDAP api library provided with RHEL8?

Comment 6 Quanah Gibson-Mount 2019-01-03 14:58:43 UTC
(In reply to Rich Megginson from comment #5)
> Is there a perl LDAP api library provided with RHEL8?

The only one I could find is the Mozilla C SDK one, which is not really equivalent.

Comment 7 Petr Pisar 2019-01-03 15:30:09 UTC
There is no other than perl-Mozilla-LDAP.

Comment 8 Quanah Gibson-Mount 2019-01-03 15:49:35 UTC
(In reply to Petr Pisar from comment #7)
> There is no other than perl-Mozilla-LDAP.

Again, not even remotely equivalent.

Comment 9 Quanah Gibson-Mount 2019-01-10 16:05:47 UTC
This is a serious bug and needs review from someone.  Removing Net::LDAP, which again is the reference implementation for accessing LDAP via perl, is problematic and does not line up with other languages which continue to have solid LDAP support (i.e., python and php as noted above).

The perl-Mozilla-LDAP module in no way is a suitable replacement for Net::LDAP as it lacks numerous features available via Net::LDAP.  Examples include but are not limited to RFC4533 support.


Additionally, I would note that the Mozilla LDAP C SDK for Perl is abandonware while Net::LDAP continues to be developed (See https://wiki.mozilla.org/LDAP_C_SDK#Latest_News_-_10.2F13.2F2017) and the Mozilla::LDAP module hasn't had an update since 1999 (https://metacpan.org/release/perldap).

Comment 10 Clément OUDOT 2019-01-10 16:57:18 UTC
Hello,

perl-LDAP is needed by a lot of applications running on RHEL, like LemonLDAP::NG (https://www.lemonldap-ng.org) or LTB Nagios Plugins (https://ltb-project.org/documentation#monitoring).

Will this module be available in EPEL?

Comment 11 Rich Megginson 2019-01-10 17:03:30 UTC
(In reply to Quanah Gibson-Mount from comment #9)
> This is a serious bug and needs review from someone.  Removing Net::LDAP,
> which again is the reference implementation for accessing LDAP via perl, is
> problematic and does not line up with other languages which continue to have
> solid LDAP support (i.e., python and php as noted above).
> 
> The perl-Mozilla-LDAP module in no way is a suitable replacement for
> Net::LDAP as it lacks numerous features available via Net::LDAP.  Examples
> include but are not limited to RFC4533 support.

Not only that, but even if it is possible to use perl-Mozilla-LDAP, the syntax of perl-Mozilla-LDAP is significantly different than Net::LDAP - it will require a significant rewrite of code that uses Net::LDAP to use perl-Mozilla-LDAP instead.

> Additionally, I would note that the Mozilla LDAP C SDK for Perl is
> abandonware while Net::LDAP continues to be developed (See
> https://wiki.mozilla.org/LDAP_C_SDK#Latest_News_-_10.2F13.2F2017) and the
> Mozilla::LDAP module hasn't had an update since 1999
> (https://metacpan.org/release/perldap).

+1 - perl-Mozilla-LDAP hasn't been actively developed for over a decade or more

Comment 12 Rich Megginson 2019-01-10 17:05:02 UTC
(In reply to Clément OUDOT from comment #10)
> Hello,
> 
> perl-LDAP is needed by a lot of applications running on RHEL, like
> LemonLDAP::NG (https://www.lemonldap-ng.org) or LTB Nagios Plugins
> (https://ltb-project.org/documentation#monitoring).
> 
> Will this module be available in EPEL?

Please file a separate request to have it added to EPEL - not sure how that happens but see https://fedoraproject.org/wiki/EPEL

Comment 13 Clément OUDOT 2019-01-10 17:16:56 UTC
> Please file a separate request to have it added to EPEL - not sure how that happens but see https://fedoraproject.org/wiki/EPEL

I'll do it if this bug is closed without correction, which would be a very bad news.

Note that we are using Bugzilla, a Perl software, to discuss about this issue. I'm pretty sure Bugzilla is using perl-LDAP, it means we could not use Bugzilla on RHEL 8...

Comment 14 Rich Megginson 2019-01-10 18:00:25 UTC
(In reply to Clément OUDOT from comment #13)
> > Please file a separate request to have it added to EPEL - not sure how that happens but see https://fedoraproject.org/wiki/EPEL
> 
> I'll do it if this bug is closed without correction, which would be a very
> bad news.

I think that if perl-LDAP is not in RHEL 8 at this late stage, it will be more difficult to get it back into RHEL 8, than to add it to EPEL - and the longer you wait before starting the EPEL process, the longer you will have to wait until you get a working perl-LDAP . . .

> 
> Note that we are using Bugzilla, a Perl software, to discuss about this
> issue. I'm pretty sure Bugzilla is using perl-LDAP, it means we could not
> use Bugzilla on RHEL 8...

Sure.  There are a lot of packages that you have mentioned, and others, that use perl-LDAP, that would be able to use perl-LDAP from EPEL.

Comment 15 Clément OUDOT 2019-01-11 11:05:01 UTC
> I think that if perl-LDAP is not in RHEL 8 at this late stage, it will be more difficult to get it back into RHEL 8, than to add it to EPEL - and the longer you wait before starting the EPEL process, the longer you will have to wait until you get a working perl-LDAP

Or you can consider there is a mistake/bug and try to fix this, we indeed have no explanation for this choice, which has a lot of impacts.

> Sure.  There are a lot of packages that you have mentioned, and others, that use perl-LDAP, that would be able to use perl-LDAP from EPEL.

Does this mean that you will need to run your own infra (Bugzilla) on other systems that RedHat if EPEL don't package perl-LDAP?

Comment 16 Josh Boyer 2019-01-11 11:25:07 UTC
(In reply to Clément OUDOT from comment #15)
> > I think that if perl-LDAP is not in RHEL 8 at this late stage, it will be more difficult to get it back into RHEL 8, than to add it to EPEL - and the longer you wait before starting the EPEL process, the longer you will have to wait until you get a working perl-LDAP
> 
> Or you can consider there is a mistake/bug and try to fix this, we indeed
> have no explanation for this choice, which has a lot of impacts.

If you have a customer account, I would highly recommend opening a support case against the Red Hat Enterprise Linux 8 product illustrating your needs.

> > Sure.  There are a lot of packages that you have mentioned, and others, that use perl-LDAP, that would be able to use perl-LDAP from EPEL.
> 
> Does this mean that you will need to run your own infra (Bugzilla) on other
> systems that RedHat if EPEL don't package perl-LDAP?

No, it does not.  That's not a logical conclusion.  Any particular user in need of that package could package it themselves for internal use.

Comment 17 Peter Gietz 2019-01-11 13:20:51 UTC
In total agreement with Quanah, Rich, Clement, and others I think that it is a severe bug to drop a well maintained and heavily used standard library for LDAP access. By now RH is our prefered platform. Such a hurtful gap (we still do a lot of perl programming) might want us to change to another distro as preferred platform and to consult our customers to do so as well. 

What on earth could be the reason to drop perl-ldap anyway?  Is there any document on or pointer to the packaging strategy for RHEL, where one could find reasons for this?

Comment 18 Rich Megginson 2019-01-11 15:23:31 UTC
(In reply to Josh Boyer from comment #16)
> (In reply to Clément OUDOT from comment #15)
> > > I think that if perl-LDAP is not in RHEL 8 at this late stage, it will be more difficult to get it back into RHEL 8, than to add it to EPEL - and the longer you wait before starting the EPEL process, the longer you will have to wait until you get a working perl-LDAP
> > 
> > Or you can consider there is a mistake/bug and try to fix this, we indeed
> > have no explanation for this choice, which has a lot of impacts.
> 
> If you have a customer account, I would highly recommend opening a support
> case against the Red Hat Enterprise Linux 8 product illustrating your needs.

+10

> 
> > > Sure.  There are a lot of packages that you have mentioned, and others, that use perl-LDAP, that would be able to use perl-LDAP from EPEL.
> > 
> > Does this mean that you will need to run your own infra (Bugzilla) on other
> > systems that RedHat if EPEL don't package perl-LDAP?
> 
> No, it does not.  That's not a logical conclusion.  Any particular user in
> need of that package could package it themselves for internal use.

Can perl-LDAP from CPAN be used?

Comment 19 Quanah Gibson-Mount 2019-01-11 19:30:08 UTC
(In reply to Rich Megginson from comment #18)

> > No, it does not.  That's not a logical conclusion.  Any particular user in
> > need of that package could package it themselves for internal use.
> 
> Can perl-LDAP from CPAN be used?

Many organizations have prohibitions on using software that is not provided by the distribution.  So it's simply not always an option.

Comment 21 Benoit Mortier 2019-01-14 12:19:48 UTC
Hello,

we OpenSides https://www.opensides.be/ are the publisher of FusionDirectory https://www.fusiondirectory.org/ and Argonaut https://www.argonaut-project.org/ we use perl-ldap extensively in in perl framework. In Rhel 7 is as become more and more difficult to support our software on RedHat platform.

FusionDirectory is largely utilized French educational system and Research communities. so please can you consider to add back the perl-ldap libraries, there is no sense to removing them. keeping the state of RedHat 8 without OpenLDAP and perl-ldap will force suppliers as us to advise customers to stay out of Redhat.

Thank you

Comment 22 claudio@bugzillaRH 2019-01-15 14:10:27 UTC
Radiator, one of the leading RADIUS implementation and very popular in Academia and Telcos, needs perl-LDAP top be useful (LDAP is the main RADIUS backend). The main attraction of using RHEL or CentOS for Radiator are the prepackaged modules.

Comment 23 David Coutadeur 2019-01-15 15:58:46 UTC
Hello,

Similarly to other people who have posted before, I use perl-LDAP and OpenLDAP very often, for my personnal and professional usage.
I am quite amazed that this reference in the LDAP world has been removed - for no reason it seems.
Could you consider integrating it back please?

Comment 58 errata-xmlrpc 2020-04-28 15:29:41 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:1575


Note You need to log in before you can comment on or make changes to this bug.