[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Access Control development and cn=config

To: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Subject: Re: Access Control development and cn=config
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Mon, 24 Mar 2003 06:19:50 -0800
Cc: openldap-devel@OpenLDAP.org
In-reply-to: <HBF.20030324ixsm@bombur.uio.no>
References: <5.2.0.9.0.20030323104418.01a39008@127.0.0.1> <5.2.0.9.0.20030323104418.01a39008@127.0.0.1>

At 03:42 AM 3/24/2003, Hallvard B Furuseth wrote:
>Kurt D. Zeilenga writes:
>> Anyways, it would be interesting to pursue a slapd.conf(5)-less
>> slapd(8).   Initially the server would start up without no
>> configuration, listening only on ldapi:// and running with
>> access controls allowing only the owner of slapd(8) process
>> to read/write to the directory (use ldapi:// SASL/EXTERNAL for
>> authentication).
>
>I think this requires quite a reorganization: You must start the config
>backend before the '-u' option is processed, otherwise Unix slapd can't
>open other sockets < 1024.  OTOH, I do hope you still start the other
>backeds _after_ '-u' is processed.

One could, as we do today, configure the listeners on the
command line.

Kurt

References:
- Access Control development and cn=config
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: Access Control development and cn=config
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: RE: Access Control development and cn=config
Next by Date: RE: Access Control development and cn=config
Index(es):
- Chronological
- Thread