At Wed, 18 Jun 2008 12:20:10 +0200 (CEST), Arthur de Jong wrote: > > One question you should consider is: why do you need this information? > [...] > > I agree with your point in general and think there are better ways to > do access control. > > nss-ldapd is an NSS module that does lookups in an LDAP database. The NSS > module does not do the lookup itself (this causes a lot of headaches) but > offloads it to a deamon (nslcd). Most NSS calls should be no problem but > shadow calls pose an exception to that. The server (nslcd) will only > return shadow information if it can determine that the caller runs as > root. > > So I would like to keep one socket for all requests and not mess with > permissions of sockets.
Sounds broken. Good luck. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
