Subject: Re: pkg/31959 (make databases/openldap run as non-root)
To: None <joerg@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org,>
From: Adrian Portelli <adrianp@stindustries.net>
List: pkgsrc-bugs
Date: 03/18/2006 13:25:01
The following reply was made to PR pkg/31959; it has been noted by GNATS.

From: Adrian Portelli <adrianp@stindustries.net>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: pkg/31959 (make databases/openldap run as non-root)
Date: Sat, 18 Mar 2006 13:21:24 +0000

 Hi,
 
 Just a few quick point for anyone that decides to address this PR:
 
 OpenLDAP's slapd (at least in openldap-2.3.11nb1) also supports the use
 of -g to specify a group to run as.  If we are going to create the ldap
 group (as the patch does) we should change the line in slapd.sh to:
 
 command_args="-u @LDAP_USER@ -g @LDAP_GROUP@"
 
 In addition to this:
 
 FILES_SUBST+=		LDAP_GROUP=${LDAP_GROUP}
 
 would probably be needed as well.
 
 Also OpenLDAP's slurpd (at least in openldap-2.3.11) does not support -u
 or -g.
 
 adrian.