[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Patch adding command line TLS support to the ldap utilities
- To: Michael Ströder <michael@stroeder.com>, openldap-devel@openldap.org
- Subject: Re: Patch adding command line TLS support to the ldap utilities
- From: Quanah Gibson-Mount <quanah@symas.com>
- Date: Tue, 31 Jan 2017 09:20:52 -0800
- Content-disposition: inline
- In-reply-to: <WM!f568b1d654c3a2162b5eb65780cf6d3387e84a9256a320f7ec041bb992fbd5c654f83fa9ec1d751f29c7d02d4feb64df!@mailstronghold-1.zmailcloud.com>
- References: <DBC88A13E0A9BD0571544FA0@[192.168.1.30]> <1993c820-9428-d18c-9ee2-5ab1b7704ff9@stroeder.com> <WM!5a0cd2824b27aad5ff701b7e13e9b3c71b8867a044086af18fefaf48ba5af04f3baa58c010a2713672fc75de1516976c!@mailstronghold-3.zmailcloud.com> <83E3C376F092AB5BA90CF4C5@[192.168.1.30]> <03264f9e-1783-d047-a3c2-edbee1e14df2@stroeder.com> <WM!f568b1d654c3a2162b5eb65780cf6d3387e84a9256a320f7ec041bb992fbd5c654f83fa9ec1d751f29c7d02d4feb64df!@mailstronghold-1.zmailcloud.com>
--On Tuesday, January 31, 2017 5:07 PM +0100 Michael Ströder
<michael@stroeder.com> wrote:
Hmm, up to now I thought setting LDAP_TLS_CACERT and friends overrides
whatever is set in ldap.conf or .ldaprc.
Variables do override, however, I have no clue as to *what* things may be
set somewhere. If I were to unset LDAPNOINIT, any test is subject to
anything I don't specifically override that the user, system admin, etc,
may have set.
And I also thought LDAPNOINIT disables all defaults from config files.
It disables everything (config files, environment variables, etc).
Thus the following files and variables are read, in order:
variable $LDAPNOINIT, and if that is not set:
system file /usr/local/etc/openldap/ldap.conf,
user files $HOME/ldaprc, $HOME/.ldaprc, ./ldaprc,
system file $LDAPCONF,
user files $HOME/$LDAPRC, $HOME/.$LDAPRC, ./$LDAPRC,
variables $LDAP<uppercase option name>.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>