Opened 15 years ago

Closed 14 years ago

Last modified 12 years ago

#8202 closed enhancement (duplicate)

Update openldap to run slapd as ldap user

Reported by: unit12@… Owned by: macports-tickets@…
Priority: Normal Milestone:
Component: ports Version:
Keywords: Cc: markd@…
Port:

Description

The current openldap port runs slapd as root. This slightly surprised me since I'd just installed mysql and postgres, which each have their own users and groups.

For consistency and security, it might be better to run slapd as the ldap user that is created during install.

The changes would be:

  • Update etc/rc.d/slapd.sh to provide the -u and -g flags.
  • Set permissions on etc/openldap/slapd.conf to be accessible by ldap user
  • Create var/run/openldap directory, owned by ldap user, to store databases
  • Update default slapd.conf to store pid and args files in var/run/openldap, since var/run isn't writable by the ldap user.

Change History (5)

comment:1 Changed 14 years ago by kballard (Lily Ballard)

Milestone: Available Ports

comment:2 Changed 14 years ago by pipping@…

Milestone: Available PortsPort Updates

comment:3 Changed 14 years ago by markd@…

Cc: markd@… added
Resolution: duplicate
Status: newclosed

Fix attached to #11659. Closing this as duplicate.

comment:4 Changed 14 years ago by nox@…

Milestone: Port UpdatesPort Enhancements
Priority: ExpectedNormal
Version: 1.2

comment:5 Changed 12 years ago by (none)

Milestone: Port Enhancements

Milestone Port Enhancements deleted

Note: See TracTickets for help on using tickets.