FYI: CR 6766826 already exists for this issue and the fix
is in the process of being tested at the moment.
The default slapd.conf file (and corresponding manifest tweek)
will place slapd.pid in /var/run vs /var/run/openldap
where it should have been originally. The manifest (and slapd)
already properly handle the 389/636 reserved port issue using
the -u and -g options.
Doug.
On 01/25/10 10:49 AM, Brandon Hume wrote:
On Mon, 2010-01-25 at 09:12 -0500, Kent Watsen wrote:
Oh, and I should add that the manually-created /var/run/openldap
directory, per the bug's remediation, is removed after every reboot -
something more is needed to keep the directory from disappearing...
/var/run is a tempfs filesystem, and it'll get destroyed after every
reboot. It'll have to be re-created every time.
Also, it's not surprising that OpenLDAP can't start properly when
starting with only "openldap" run credentials... it won't be able to
open ports 389 and 636, which are root-only ports.
I *believe* you can set up something which allows an ordinary user to
bind those ports, but I haven't had need to do it myself and thus I
don't know the procedure.
Regardless, I think you'd need to either change the /var/run/openldap
directory to something like /var/openldap, or instead of running slapd
directly out of SMF, use an init script to launch it, and
create /var/run/openldap if it doesn't already exist. That's the way we
do it here.
It looks like SUNWopenldap was packaged incorrectly. It might be
worthwhile to file some bugs, if this is a core package.
_______________________________________________
opensolaris-discuss mailing list
[email protected]
_______________________________________________
opensolaris-discuss mailing list
[email protected]
