Re: openldap logging setup as a non-root user

[Aaron Richton <richton@nbcs.rutgers.edu>]

On Thu, 7 Jan 2010, Konstantinos Tripolitis wrote:

> I have already tried editing syslog.conf with local4.* and restarting
> syslogd. This works fine, but requires root access and I am interested in
> enabling ldap logging as a non-root user.

Well, to configure, yes; but typically not to actually use...try as a 
normal user:

$ logger -t IMightBeSlapd -p local4.error AndImWritingALogWithNoPrivileges

I get:

Jan  7 11:21:20 psx IMightBeSlapd: AndImWritingALogWithNoPrivileges

If you don't see something like that, you need to work on your syslog 
configuration (admittedly as root).

> I added the following in my slapd.conf and restarted slapd (I had already
> created the slapd.log file before restarting slapd):
>
> #define the logfile
> logfile /home/myuser/local/openldap/slapd.log
>
> #define the level of detail in the logs
> loglevel 256
>
> However this configuration does not seem to work.

logfile is valid, but it just mirrors what goes to stderr (which is not 
necessarily the same as what would go to syslog). IMO you'd be better off 
going through syslog, but you were probably trying to get something along 
the lines of:

$ slapd -d 256 > logfile 2>&1 &

(note that I'm using bash there, you may need to adjust for your shell.) 
The final "&" is because -d command line option causes no-fork (see 
slapd(8) man page).