[Date Prev][Date Next]
Re: cn=config example
On Friday 21 September 2007 06:07:47 Howard Chu wrote:
> Emmanuel Dreyfus wrote:
> > Aaron Richton <email@example.com> wrote:
> >> This is a concrete case of improvement: "slapd should not be silent on
> >> EACCES (or others)."
> > Well, it's not silent: it sends an error to the logs.
Not if you run it in the foreground, e.g. -d config, or -d none.
> > The oddity here is that there are two functionalities blent into the
> > same program: the LDAP server and the slapd.conf to slapd.d converter.
> > Moreover, it seems the latter cannot be used without launching the
> > former.
> Use slaptest instead.
except that slaptest doesn't have a "run as another user" flag, and -u is
already taken :-(.
At present, it seems that if you want to do the conversion while slapd is
running, and for a slapd that runs as non-root, something like this is the
# slapd -u ldap -g ldap -d none -h
ldap://localhost:391/ -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
-The configuration will be converted
-slapd won't start up
-you will see any relevant errors
-all the files will be owned by the ldap user/group
-if it succeeds, a restart of slapd is all that is necessary to continue