Re: minor diff for ldapd.conf.5

2016-10-17 Thread Jeremie Courreges-Anglas 
Rob Pierce  writes:

> Fix a couple of grammar mistakes, remove a redundant word, and add a FILES
> reference for the /etc/ldap/certs directory.

Committed, thanks.  I adjusted the FILES entries so that ldapd.conf is
still listed first, and so that the description of /etc/ldap/certs is
more generic (one can put TLS certs out of /etc/ldap/certs).

The description for `listen on' could be improved, based on this
(looking at the code):
- if no certificate name is provided, the interface name is used
  instead
- if the certificate name is not absolute, the cert & key files are
  looked up from /etc/ldap/certs
- the cert file is retrieved by appending .crt to the certificate name,
  the key file by appending .key

Right now the description is a bit unclear.  What happens if the
certificate name isn't an absolute name?  If anyone wants to reword it
in a nice way, be my guest.

-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

minor diff for ldapd.conf.5

2016-10-16 Thread Rob Pierce 
Fix a couple of grammar mistakes, remove a redundant word, and add a FILES
reference for the /etc/ldap/certs directory.

Rob

Index: ldapd.conf.5
===
RCS file: /cvs/src/usr.sbin/ldapd/ldapd.conf.5,v
retrieving revision 1.19
diff -u -p -r1.19 ldapd.conf.5
--- ldapd.conf.511 Jun 2014 18:00:40 -  1.19
+++ ldapd.conf.517 Oct 2016 00:43:43 -
@@ -108,7 +108,7 @@ the interface name with a .crt extension
 .Pa /etc/ldap/certs/fxp0.crt .
 .Pp
 If the certificate name is an absolute path, a .crt and .key extension
-is appended to form the certificate path and key path respectively.
+are appended to form the certificate path and key path respectively.
 .Pp
 Only secured connections accept plain text password authentication.
 Connections using TLS or unix domain sockets are always considered secured.
@@ -125,7 +125,7 @@ This option can be given multiple times,
 considered equal.
 Clients may choose to follow any of the referral URLs.
 .Pp
-The URL format has the following format:
+The URL has the following format:
 .Bd -literal -offset indent
 ldap://ldap.example.com
 ldaps://ldap.example.com:3890
@@ -148,7 +148,7 @@ below.
 .Sh NAMESPACES
 A namespace is a subtree of the global X.500 DIT (Directory Information Tree),
 also known as a naming context.
-All entries' distinguished names (DN) has the same suffix, which is used to
+All entries' distinguished names (DN) have the same suffix, which is used to
 identify the namespace.
 The suffix should consist of the domain components, in reverse order, of your
 domain name, as recommended by RFC 2247.
@@ -322,6 +322,8 @@ This would define MyOidAttributes as a s
 .El
 .Sh FILES
 .Bl -tag -width "/etc/ldap/ldapd.confXXX" -compact
+.It Pa /etc/ldap/certs/
+The directory where LDAP certificates are kept.
 .It Pa /etc/ldapd.conf
 Default
 .Xr ldapd 8