[email protected] wrote: > Full_Name: Akram Ben Aissi > Version: 1.1.10 > OS: Linux > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (77.154.204.242) > > > Hi, > > We want to run OpenLDAP in containers without root privilege, nor root user > id. > Actually, we start it with user uid=100000009, gid=0 > And we do proper chgrp 0 and chmod 0770 on require directories. > > Because of this: > https://github.com/winlibs/openldap/blob/master/servers/slapd/user.c#L158 > > we have that: > Could not set real user id to 100000009 > > It would be better to check that setuid is required only if asked user is > different from actual user. > > Does it make sense ?
No. Just start slapd without specifying a userID. Closing this ITS. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
