Subject: Re: pkg/31959 (make databases/openldap run as non-root)
To: None <joerg@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org,>
From: Geert Hendrickx <ghen@telenet.be>
List: pkgsrc-bugs
Date: 03/18/2006 15:05:02
The following reply was made to PR pkg/31959; it has been noted by GNATS.
From: Geert Hendrickx <ghen@telenet.be>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: pkg/31959 (make databases/openldap run as non-root)
Date: Sat, 18 Mar 2006 16:04:28 +0100
On Sat, Mar 18, 2006 at 01:25:01PM +0000, Adrian Portelli wrote:
> OpenLDAP's slapd (at least in openldap-2.3.11nb1) also supports the use
> of -g to specify a group to run as. If we are going to create the ldap
> group (as the patch does) we should change the line in slapd.sh to:
>
> command_args="-u @LDAP_USER@ -g @LDAP_GROUP@"
The -u ${USER} option also runs it as the ${USER}'s primary group by
default. -g ${GROUP} is only useful if you want to run it under a
different group.
> Also OpenLDAP's slurpd (at least in openldap-2.3.11) does not support -u
> or -g.
Oh, sorry, didn't notice that (I don't run slurpd).
Geert