[Date Prev][Date Next] [Chronological] [Thread] [Top]

(Re: ITS#4305) BDB-recovery generates bdb cache files with wrong ownership

> If i set "slaptestflags=-u" at location 1, the problem is solved.
> slapcat no longer opens the database running as user root.

Well, "slaptestflags=-u" might not do what you'd want there. "-u" to
slaptest means "dry run"; you're losing the (debatably valuable) config
check before start.

But none of the slap tools are designed with "run as alternate user"
option. This is because they have no reason for privs in the first place
and as such should never be started with privs if you intend to enforce an
alternate uid environment. You're probably better off with that script
intelligently using su(1) or similar if you are currently root and want to
run a slap tool.