[Pkg-openldap-devel] Bug#432662: Bug#432662: slapd.conf group not openldap
Steve Langasek
vorlon at debian.org
Sat Aug 18 01:47:44 UTC 2007
On Wed, Jul 11, 2007 at 06:56:15PM +1000, Trent W. Buck wrote:
> Note: I've never used LDAP before, this may be a non-bug.
> Following http://wiki.debian.org/OpenLDAPSetup, I tried the following
> command (with slapd stopped):
> $ sudo slapindex
> WARNING!
> Runnig as root!
> There's a fair chance slapd will fail to start.
> Check file permissions!
> slapd runs as the user openldap, so naturally I tried
> $ sudo -u openldap slapindex
> could not open config file "/etc/ldap/slapd.conf": Permission denied (13)
> slapindex: bad configuration file!
> I check the config file:
> $ ls -l /etc/ldap/slapd.conf
> -rw------- 1 root root 4366 2007-07-11 18:37 /etc/ldap/slapd.conf
> In #ldap on irc.freenode.net, _ranger_ told me that this file should
> be
> -rw-r----- 1 root openldap 4366 2007-07-11 18:37 /etc/ldap/slapd.conf
> This wouldn't be a problem if slapd ran as root, but apparently it
> runs as the user openldap by default.
Right, this is a bug; openldap needs to take care that the slapd.conf file
is created with permissions that allow reading by the openldap user.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon at debian.org http://www.debian.org/
More information about the Pkg-openldap-devel
mailing list