[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Red Hat Implementation

To: OpenLDAP Software <openldap-software@OpenLDAP.org>
Subject: Re: Red Hat Implementation
From: Jim Krebs <jim@totallinux.com.br>
Date: Tue, 02 Dec 2003 17:01:08 -0200
In-reply-to: <20031202175134.GC32654@conectiva.com.br>
References: <1070384821.4242.23.camel@bart.totaldata.inet> <20031202172114.GB32654@conectiva.com.br> <1070386738.4242.29.camel@bart.totaldata.inet> <20031202175134.GC32654@conectiva.com.br>

I found out that it's better to use "s" flags on both user and group
permissions. As you mentioned, if I run slapd as root, it will create
the database files as root, thus making it unaccessible to the ldap
user. This solved most of my problems.

On Tue, 2003-12-02 at 15:51, Andreas wrote:
> On Tue, Dec 02, 2003 at 03:38:58PM -0200, Jim Krebs wrote:
> > Should I change the DB files ownership to ldap/ldap?, instead of more
> > open file access permissions?
> 
> Here with Conectiva Linux I use 0700 ldap.ldap for the database directory and
> 0600 ldap.ldap for its files. You should check how redhat's openldap is run
> (perhaps it uses another user).
>

References:
- Red Hat Implementation
  - From: Jim Krebs <jim@totallinux.com.br>
- Re: Red Hat Implementation
  - From: Andreas <andreas@conectiva.com.br>

Prev by Date: Re: Initial Import fails at first entry (c=de) on a new Suse 9.0 inst allation
Next by Date: openldap 2.1.22 / Fedora Core 1 problem
Index(es):
- Chronological
- Thread