[Date Prev][Date Next] [Chronological] [Thread] [Top]

patch: bind address config, non-root user/group (ITS#534)

Full_Name: Kostas Evangelinos
Version: 1.2.9
OS: solaris, linux
URL: ftp://ftp.openldap.org/incoming/kostas-evangelinos-20000514.patch
Submission from: (NULL) (

The current (as of May 2000) stable release, 1.2.9, does not support changing
the effective user id of the running slapd process. Since users like me might
like to have slapd start up bound to 389 and switch to a non-root user, this 
patch might be useful.

Also, all of my applications using LDAP don't need the LDAP port bound to 
anything other than localhost. To control the ip address slapd will bind to,
this patch facilitates a new config file option.

To summarize, the following options are added in slapd.conf:

. uid, gid: Real and effective uid of slapd after startup
. bind_port: Port to bind to. The command line option overrides this. If none
  specified, it will use LDAP_PORT (389).
. bind_address: The IP address to bind() to.

I'm aware 1.2.10 is out, but I chose 1.2.9 since it is flagged as stable.

Be warned that after applying this patch you will need to chown your database
files as they will have to be readable by the user you choose to run slapd as.