[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ITS#98 'user' patch for BSD systems
On Fri, Mar 12, 1999 at 05:59:23PM -0800, Kurt D. Zeilenga wrote:
> The uid/gid/root changes may also only be feasible with a subset of
> the backends (ie: ldbm/bdb2). For example, back-passwd requires
> privledged access to the system password file. back-perl and pack-tcl
> also have special requirements.
As far as the back-passwd, most systems can work around it with
"-u nobody -g shadow" and could be mentioned in the README as a
workaround. This atleast still leaves some level of system protection.
back-{perl,tcl} should not have any different requirements for privildges
than the database backends, slapd will simply need 'rw' access to
the data they are serving (since the perl/tcl scripts are loaded into
memory upon startup, they wont run as subprocesses)
--
----- -- - -------- --------- ---- ------- ----- - - --- --------
Ben Collins <b.m.collins@larc.nasa.gov> Debian GNU/Linux
OpenLDAP Core - bcollins@openldap.org bcollins@debian.org
UnixGroup Admin - Jordan Systems The Choice of the GNU Generation
------ -- ----- - - ------- ------- -- ---- - -------- - --- ---- - --