[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#4719) Support for running slapadd/slapindex as a user
--On Tuesday, October 24, 2006 6:52 PM +0000 Kurt@OpenLDAP.org wrote:
> At 11:48 AM 10/24/2006, ando@sys-net.it wrote:
>> quanah@stanford.edu wrote:
>>> It would be nice if you could pass -u and -g options to run as another
>>> user/group so that on systems where OpenLDAP is running as another user
>>> or group, the files created by slapadd & slapindex have the correct
>>> ownerships (rather than root, for example).
>>>
>> OK for slapadd; for slapindex and other tools, what about using
>> user/group info from the file(s) itself?
>
> Why not just use su(1)? the only reason slapd(8) has -u/-g options
> is because it changes root after some initialization.
Because some people are brain dead, and because other people set up
application accounts that don't actually have a shell. It also makes
things more consistent behavior wise. I personally don't have this issue
because I run openldap as root anyway, but I've seen list traffic about
this on more than one occasion, and am seeing people hit it on the debian
openldap list as well.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html