The following reply was made to PR pkg/31959; it has been noted by GNATS.

From: Geert Hendrickx <ghen@telenet.be>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: pkg/31959 (make databases/openldap run as non-root)
Date: Sat, 18 Mar 2006 16:04:28 +0100

 On Sat, Mar 18, 2006 at 01:25:01PM +0000, Adrian Portelli wrote:
 >  OpenLDAP's slapd (at least in openldap-2.3.11nb1) also supports the use
 >  of -g to specify a group to run as.  If we are going to create the ldap
 >  group (as the patch does) we should change the line in slapd.sh to:
 >  
 >  command_args="-u @LDAP_USER@ -g @LDAP_GROUP@"
 
 The -u ${USER} option also runs it as the ${USER}'s primary group by
 default.  -g ${GROUP} is only useful if you want to run it under a
 different group.  
 
 >  Also OpenLDAP's slurpd (at least in openldap-2.3.11) does not support -u
 >  or -g.
 
 Oh, sorry, didn't notice that (I don't run slurpd).  
 
 	Geert