[Pkg-openldap-devel] [openldap] 18/29: r1564 at pulsar: torsten | 2005-03-26 01:48:50 +0100 * debian/README.Debian: Add some notes about DB_CONFIG and how to run slapd under a different uid/gid.
Timo Aaltonen
tjaalton-guest at alioth.debian.org
Thu Oct 10 05:34:51 UTC 2013
This is an automated email from the git hooks/post-receive script.
tjaalton-guest pushed a commit to annotated tag 2.2.23-0.pre6
in repository openldap.
commit 1e65e1f42b6852ad245f4f0321b067aaaaedbf16
Author: Torsten Landschoff <torsten at debian.org>
Date: Sat Mar 26 00:58:28 2005 +0000
r1564 at pulsar: torsten | 2005-03-26 01:48:50 +0100
* debian/README.Debian: Add some notes about DB_CONFIG and how to run
slapd under a different uid/gid.
---
debian/changelog | 2 ++
debian/slapd.README.Debian | 37 +++++++++++++++++++++++++++++++++++++
2 files changed, 39 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index d857885..8f62a83 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -28,6 +28,8 @@ openldap2.2 (2.2.23-0.pre6) experimental; urgency=low
Carlo Contavalli <ccontavalli at commedia.it>:
* debian/slapd.init: Print command line if starting a daemon failed.
* debian/slapd.postinst: Handle hdb backend just as if it was bdb.
+ * debian/README.Debian: Add some notes about DB_CONFIG and how to run
+ slapd under a different uid/gid.
--
diff --git a/debian/slapd.README.Debian b/debian/slapd.README.Debian
index 2aaab6f..eed77ff 100644
--- a/debian/slapd.README.Debian
+++ b/debian/slapd.README.Debian
@@ -1,6 +1,43 @@
Notes about Debian's slapd package
----------------------------------
+++ Using BDB/HDB backends
+
+ slapd BDB and HDB backends rely on libdb to store data on your
+ disks. libdb uses a configuration file to tune database
+ specific parameters. This file is called DB_CONFIG, and should
+ be created in each directory containing one of your ldap
+ databases, usually /var/lib/ldap. With libdb4.2 and previous
+ versions, and thus with slapd 2.1, it is _VERY IMPORTANT_ to
+ correctly setup a DB_CONFIG file.
+ It is not just a matter of performance: depending on the
+ version of slapd and libdb being used, your slapd may just
+ hang and stop answering queries. To correctly setup your
+ DB_CONFIG file, please refer to:
+ http://www.openldap.org/faq/data/cache/1075.html
+
+++ Running slapd under a different uid/gid
+
+ In order to run slapd under a different uid/gid, you
+ need to:
+ - create the user/group for slapd/slurpd -- usually:
+ adduser --system --group ldap
+ - stop slapd -- /etc/init.d/slapd stop
+ - tell slapd to run under a different uid:
+ - edit /etc/default/slapd
+ - set SLAPD_USER, SLAPD_GROUP
+ (ie, SLAPD_USER="ldap", SLAPD_GROUP="ldap")
+ - tell linux slapd can access all database files -- usually:
+ chown -R ldap.ldap /var/lib/ldap
+ - tell linux slapd can access configuration files -- usually:
+ chgrp ldap /etc/ldap/slapd.conf
+ chmod 0640 /etc/ldap/slapd.conf
+ - start slapd -- /etc/init.d/slapd start
+
+ Once you have done so, if you are using a bdb o hdb backend,
+ always remember to execute the chown after running utilities
+ such as db4.x_recover or db4.x_checkpoint.
+
++ When upgrading from OpenLDAP 2.0
Starting with OpenLDAP 2.1, backend modules are compiled as dynamically
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-openldap/openldap.git
More information about the Pkg-openldap-devel
mailing list