[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Access Control development and cn=config

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: Access Control development and cn=config
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Mon, 24 Mar 2003 12:42:39 +0100
Cc: openldap-devel@OpenLDAP.org
In-reply-to: <5.2.0.9.0.20030323104418.01a39008@127.0.0.1>
References: <5.2.0.9.0.20030323104418.01a39008@127.0.0.1>

Kurt D. Zeilenga writes:
> Anyways, it would be interesting to pursue a slapd.conf(5)-less
> slapd(8).   Initially the server would start up without no
> configuration, listening only on ldapi:// and running with
> access controls allowing only the owner of slapd(8) process
> to read/write to the directory (use ldapi:// SASL/EXTERNAL for
> authentication).

I think this requires quite a reorganization: You must start the config
backend before the '-u' option is processed, otherwise Unix slapd can't
open other sockets < 1024.  OTOH, I do hope you still start the other
backeds _after_ '-u' is processed.

-- 
Hallvard

Follow-Ups:
- Re: Access Control development and cn=config
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Access Control development and cn=config
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: SLAP_NVALUES
Next by Date: load backend modules automatically
Index(es):
- Chronological
- Thread