[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: cn=config example

Aaron Richton <richton@nbcs.rutgers.edu> wrote:

> This is a concrete case of improvement: "slapd should not be silent on
> EACCES (or others)."

Well, it's not silent: it sends an error to the logs.

The oddity here is that there are two functionalities blent into the
same program: the LDAP server and the slapd.conf to slapd.d converter.
Moreover, it seems the latter cannot be used without launching the

The choice for that is obvious: the config parser is in slapd, so slapd
is used for conversion. But it has drawbacks, since when one want to
perform the conversion, slapd will usually be already running. So you
have to use -h so that you don't fail because the address is already in
use, you have to use -u to run as the usual slapd UID so that you don't
fail on reading the certificates, and so on. I'm not sure how this could
be quickly explained in slapd(8)

Emmanuel Dreyfus