Full_Name: Nalin Dahyabhai Version: 1.2.10 OS: Linux 2.2.14 URL: http://people.redhat.com/nalin/patches/openldap-1.2.9-ldapuser.patch Submission from: (NULL) (207.175.42.207) We were contacted Monday afternoon by kos@bastard.net with a suggested patch for running OpenLDAP as a non-root user while also allowing specifying the gid and IP address to bind to. An alternative implementation is available at the referenced URL. We're looking at running slapd as a non-root user by default for the next release, and this may be how we end up doing that.
changed state Open to Feedback moved from Incoming to Software Enhancements
Nalin, After review and discussion, we have decided not to commit the provided patch at this time. We choose to categorize the patch as a feature enhancment. We have no plans for extending OpenLDAP 1.2. Our OpenLDAP 2.0 development codes already contains such functionality, however with a different mechanism. We prefer not to support two such mechanisms and believe the current devel approach is more than adequate. This can be debated (again) on devel mailing list. See also: http://www.openldap.org/cgi-bin/wilma_glimpse/openldap-devel?query=gid http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=98 Please note that we do appreciate your efforts to improve OpenLDAP. Kurt At 10:07 PM 4/26/00 GMT, nalin@redhat.com wrote: >Full_Name: Nalin Dahyabhai >Version: 1.2.10 >OS: Linux 2.2.14 >URL: http://people.redhat.com/nalin/patches/openldap-1.2.9-ldapuser.patch >Submission from: (NULL) (207.175.42.207) > > >We were contacted Monday afternoon by kos@bastard.net with a suggested patch >for running OpenLDAP as a non-root user while also allowing specifying the >gid and IP address to bind to. An alternative implementation is available at >the referenced URL. We're looking at running slapd as a non-root user by >default for the next release, and this may be how we end up doing that. > > >
On Wed, May 03, 2000 at 01:46:59PM +0200, Kurt D. Zeilenga wrote: > After review and discussion, we have decided not to commit the > provided patch at this time. > > We choose to categorize the patch as a feature enhancment. > We have no plans for extending OpenLDAP 1.2. > > Our OpenLDAP 2.0 development codes already contains such > functionality, however with a different mechanism. We prefer > not to support two such mechanisms and believe the current devel > approach is more than adequate. This can be debated (again) > on devel mailing list. There's no need to debate; I agree. We've been meaning to look at the CVS tree to look at packaging issues; this just gives me a reason to do it sooner. I assume backporting that specific functionality is alright? Nalin
changed notes changed state Feedback to Closed
Devel code provide this functionality, 1.2 is feature frozen