Subject: Re: pkg/31959 (make databases/openldap run as non-root)
To: None <joerg@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org,>
From: Adrian Portelli <adrianp@stindustries.net>
List: pkgsrc-bugs
Date: 03/18/2006 13:25:01
The following reply was made to PR pkg/31959; it has been noted by GNATS.
From: Adrian Portelli <adrianp@stindustries.net>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/31959 (make databases/openldap run as non-root)
Date: Sat, 18 Mar 2006 13:21:24 +0000
Hi,
Just a few quick point for anyone that decides to address this PR:
OpenLDAP's slapd (at least in openldap-2.3.11nb1) also supports the use
of -g to specify a group to run as. If we are going to create the ldap
group (as the patch does) we should change the line in slapd.sh to:
command_args="-u @LDAP_USER@ -g @LDAP_GROUP@"
In addition to this:
FILES_SUBST+= LDAP_GROUP=${LDAP_GROUP}
would probably be needed as well.
Also OpenLDAP's slurpd (at least in openldap-2.3.11) does not support -u
or -g.
adrian.