[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap logging setup as a non-root user

On Thu, 7 Jan 2010, Konstantinos Tripolitis wrote:

I have already tried editing syslog.conf with local4.* and restarting
syslogd. This works fine, but requires root access and I am interested in
enabling ldap logging as a non-root user.

Well, to configure, yes; but typically not to actually use...try as a normal user:

$ logger -t IMightBeSlapd -p local4.error AndImWritingALogWithNoPrivileges

I get:

Jan  7 11:21:20 psx IMightBeSlapd: AndImWritingALogWithNoPrivileges

If you don't see something like that, you need to work on your syslog configuration (admittedly as root).

I added the following in my slapd.conf and restarted slapd (I had already
created the slapd.log file before restarting slapd):

#define the logfile
logfile /home/myuser/local/openldap/slapd.log

#define the level of detail in the logs
loglevel 256

However this configuration does not seem to work.

logfile is valid, but it just mirrors what goes to stderr (which is not necessarily the same as what would go to syslog). IMO you'd be better off going through syslog, but you were probably trying to get something along the lines of:

$ slapd -d 256 > logfile 2>&1 &

(note that I'm using bash there, you may need to adjust for your shell.) The final "&" is because -d command line option causes no-fork (see slapd(8) man page).