[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: cn=config example

To: richton@nbcs.rutgers.edu (Aaron Richton)
Subject: Re: cn=config example
From: manu@netbsd.org (Emmanuel Dreyfus)
Date: Fri, 21 Sep 2007 05:55:41 +0200
Cc: Howard Chu <hyc@symas.com>, Derek Yarnell <derek@umiacs.umd.edu>, OpenLDAP Software List <openldap-software@openldap.org>, Gavin Henry <ghenry@openldap.org>
In-reply-to: <Pine.SOC.4.64.0709201708440.10659@toolbox.rutgers.edu>
User-agent: MacSOUP/2.7 (unregistered for 244 days)

Aaron Richton <richton@nbcs.rutgers.edu> wrote:

> This is a concrete case of improvement: "slapd should not be silent on
> EACCES (or others)."

Well, it's not silent: it sends an error to the logs.

The oddity here is that there are two functionalities blent into the
same program: the LDAP server and the slapd.conf to slapd.d converter.
Moreover, it seems the latter cannot be used without launching the
former. 

The choice for that is obvious: the config parser is in slapd, so slapd
is used for conversion. But it has drawbacks, since when one want to
perform the conversion, slapd will usually be already running. So you
have to use -h so that you don't fail because the address is already in
use, you have to use -u to run as the usual slapd UID so that you don't
fail on reading the certificates, and so on. I'm not sure how this could
be quickly explained in slapd(8)

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org

Follow-Ups:
- Re: cn=config example
  - From: Howard Chu <hyc@symas.com>

References:
- Re: cn=config example
  - From: Aaron Richton <richton@nbcs.rutgers.edu>

Prev by Date: Re: Documentation request
Next by Date: Re: cn=config example
Index(es):
- Chronological
- Thread