|
As of version 2.4.27, I believe back-sql supports dynamic
configuration, so there's no need to switch to slapd.conf see http://www.openldap.org/software/release/changes.html : OpenLDAP 2.4.27 Release (2011/11/24)Added slapd-sql dynamic config support Le 17/01/2013 07:11, Ori Bani a écrit : All, Trying to switch to slapd.conf instead of dynamic configuration in order to test the back-sql backend I ran into a problem with SELinux that I do not understand. The startup fails with the error: /etc/openldap/slapd.conf: line 27: invalid path: Permission denied Disabling SELinux fixes the problem, however I'm not sure what is going on. The line in question is naturally the "directory" that points in this case to /var/lib/ldap. That directory is a hand-made clone of the original one that was there which was moved (renamed) out of the way. Here is what I did: mv /etc/openldap/slapd.d /etc/openldap/slapd.d.BAK mv /var/lib/ldap /var/lib/ldap.BAK mkdir /var/lib/ldap chown ldap:ldap /var/lib/ldap chmod 700 /var/lib/ldap create a simple /etc/openldap/slapd.conf The ownership and permissions on ldap and ldap.BAK directories are identical. OpenLDAP works fine if I disable SELinux. What is SELinux doing here? |