[Date Prev][Date Next] [Chronological] [Thread] [Top]

patch: bind address config, non-root user/group (ITS#534)

To: openldap-its@OpenLDAP.org
Subject: patch: bind address config, non-root user/group (ITS#534)
From: kos@bastard.net
Date: Mon, 15 May 2000 00:50:43 GMT

Full_Name: Kostas Evangelinos
Version: 1.2.9
OS: solaris, linux
URL: ftp://ftp.openldap.org/incoming/kostas-evangelinos-20000514.patch
Submission from: (NULL) (38.27.133.192)


The current (as of May 2000) stable release, 1.2.9, does not support changing
the effective user id of the running slapd process. Since users like me might
like to have slapd start up bound to 389 and switch to a non-root user, this 
patch might be useful.

Also, all of my applications using LDAP don't need the LDAP port bound to 
anything other than localhost. To control the ip address slapd will bind to,
this patch facilitates a new config file option.

To summarize, the following options are added in slapd.conf:

. uid, gid: Real and effective uid of slapd after startup
. bind_port: Port to bind to. The command line option overrides this. If none
  specified, it will use LDAP_PORT (389).
. bind_address: The IP address to bind() to.

I'm aware 1.2.10 is out, but I chose 1.2.9 since it is flagged as stable.

Be warned that after applying this patch you will need to chown your database
files as they will have to be readable by the user you choose to run slapd as.

Thanks,
Kos

Prev by Date: Bug reading length field in ber_next_read (io.c) (ITS#533)
Next by Date: Re: patch: bind address config, non-root user/group (ITS#534)
Index(es):
- Chronological
- Thread