519 – Running slapd as a non-root user.

Issue 519 - Running slapd as a non-root user.

Summary: Running slapd as a non-root user.

Status:	VERIFIED FIXED

Alias:	None

Product:	OpenLDAP
Classification:	Unclassified
Component:	slapd (show other issues)
Version:	unspecified
Hardware:	All All

Importance:	--- normal
Target Milestone:	---
Assignee:	OpenLDAP project

URL:
Keywords:

Depends on:
Blocks:

Reported:	2000-04-26 22:07 UTC by nalin@redhat.com
Modified:	2014-08-01 21:07 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description nalin@redhat.com 2000-04-26 22:07:15 UTC

Full_Name: Nalin Dahyabhai
Version: 1.2.10
OS: Linux 2.2.14
URL: http://people.redhat.com/nalin/patches/openldap-1.2.9-ldapuser.patch
Submission from: (NULL) (207.175.42.207)


We were contacted Monday afternoon by kos@bastard.net with a suggested patch
for running OpenLDAP as a non-root user while also allowing specifying the
gid and IP address to bind to.  An alternative implementation is available at
the referenced URL.  We're looking at running slapd as a non-root user by
default for the next release, and this may be how we end up doing that.

Comment 1 Kurt Zeilenga 2000-05-03 08:07:03 UTC

changed state Open to Feedback
moved from Incoming to Software Enhancements

Comment 2 Kurt Zeilenga 2000-05-03 11:46:59 UTC

Nalin,

After review and discussion, we have decided not to commit the
provided patch at this time.

We choose to categorize the patch as a feature enhancment.
We have no plans for extending OpenLDAP 1.2.

Our OpenLDAP 2.0 development codes already contains such
functionality, however with a different mechanism.  We prefer
not to support two such mechanisms and believe the current devel
approach is more than adequate.  This can be debated (again)
on devel mailing list.

See also:
  http://www.openldap.org/cgi-bin/wilma_glimpse/openldap-devel?query=gid
  http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=98

Please note that we do appreciate your efforts to improve
OpenLDAP.

Kurt

At 10:07 PM 4/26/00 GMT, nalin@redhat.com wrote:
>Full_Name: Nalin Dahyabhai
>Version: 1.2.10
>OS: Linux 2.2.14
>URL: http://people.redhat.com/nalin/patches/openldap-1.2.9-ldapuser.patch
>Submission from: (NULL) (207.175.42.207)
>
>
>We were contacted Monday afternoon by kos@bastard.net with a suggested patch
>for running OpenLDAP as a non-root user while also allowing specifying the
>gid and IP address to bind to.  An alternative implementation is available at
>the referenced URL.  We're looking at running slapd as a non-root user by
>default for the next release, and this may be how we end up doing that.
>
>
>

Comment 3 nalin@redhat.com 2000-05-03 12:48:14 UTC

On Wed, May 03, 2000 at 01:46:59PM +0200, Kurt D. Zeilenga wrote:
> After review and discussion, we have decided not to commit the
> provided patch at this time.
> 
> We choose to categorize the patch as a feature enhancment.
> We have no plans for extending OpenLDAP 1.2.
> 
> Our OpenLDAP 2.0 development codes already contains such
> functionality, however with a different mechanism.  We prefer
> not to support two such mechanisms and believe the current devel
> approach is more than adequate.  This can be debated (again)
> on devel mailing list.

There's no need to debate; I agree.  We've been meaning to look at the
CVS tree to look at packaging issues; this just gives me a reason to do
it sooner.  I assume backporting that specific functionality is alright?

Nalin

Comment 4 Kurt Zeilenga 2000-05-04 04:03:23 UTC

changed notes
changed state Feedback to Closed

Comment 5 OpenLDAP project 2014-08-01 21:07:01 UTC

Devel code provide this functionality,
1.2 is feature frozen