On Friday 21 September 2007 06:07:47 Howard Chu wrote:
Emmanuel Dreyfus wrote:
Aaron Richton email@example.com wrote:
This is a concrete case of improvement: "slapd should not be silent on EACCES (or others)."
Well, it's not silent: it sends an error to the logs.
Not if you run it in the foreground, e.g. -d config, or -d none.
The oddity here is that there are two functionalities blent into the same program: the LDAP server and the slapd.conf to slapd.d converter. Moreover, it seems the latter cannot be used without launching the former.
Use slaptest instead.
except that slaptest doesn't have a "run as another user" flag, and -u is already taken :-(.
At present, it seems that if you want to do the conversion while slapd is running, and for a slapd that runs as non-root, something like this is the best option:
# slapd -u ldap -g ldap -d none -h ldap://localhost:391/ -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d
As then -The configuration will be converted -slapd won't start up -you will see any relevant errors -all the files will be owned by the ldap user/group -if it succeeds, a restart of slapd is all that is necessary to continue