[Fedora-directory-users] Re: Fedora-directory-users Digest, Vol 7, Issue 15

Richard Megginson rmeggins at redhat.com
Wed Dec 7 15:01:37 UTC 2005 

Kevin M. Goess wrote:

>On Tuesday 06 December 2005 01:33 pm, 
>fedora-directory-users-request at redhat.com wrote:
>  
>
>>This is a permissions problem.  Did you use the same user for the
>>directory server as for the admin server?
>>    
>>
>
>Nope, I used ldap for the directory server, which seems to work fine, and was 
>trying to use 'ldapas' for the admin server.
>  
>
Right now you have to use the same user for both the directory server 
and the admin server.

>  
>
>>What's in the file /tmp/file2dDMoZ?
>>    
>>
>
>$ ls -lF /tmp/file2dDMoZ
>-rw-r--r--  1 root root 0 Dec  6 13:12 /tmp/file2dDMoZ
>
>An empty file, owned by root. 
>
>
>  
>
>>What is the output of
>>ls -l admin-serv/config
>>?
>>    
>>
>
>$ ls -al admin-serv/config/
>total 60
>drwxr-xr-x  2 ldapas ldapas  4096 2005-12-06 16:59 .
>drwxr-xr-x  6 ldapas ldapas  4096 2005-12-06 16:59 ..
>-rw-------  1 ldapas root     347 2005-12-06 16:59 adm.conf
>-rw-------  1 ldapas ldapas    39 2005-12-06 16:59 admpw
>-rw-------  1 ldapas root    3537 2005-12-06 16:59 admserv.conf
>-rw-------  1 ldapas root    3722 2005-12-06 16:59 console.conf
>-rw-------  1 ldapas root   26608 2005-12-06 16:59 httpd.conf
>-rw-------  1 ldapas root    4573 2005-12-06 16:59 nss.conf
>  
>
Hmm - that looks correct.  If ldapas is the uid of the admin server, 
then it should be able to create the file local.conf in that directory.

>
>  
>
>>>On a side note, is there any reason not to use the standard redhat 
>>>"ldap" user  
>>>instead of "nobody" for the default suggested slapd user?
>>>      
>>>
>>You should be able to use "ldap".
>>
>>    
>>
>>>My impression was 
>>>that "nobody" should not own any files on the filesystem.
>>>      
>>>
>
>Then would this be the place to suggest making the suggested default "ldap" 
>intead of "nobody"?  I know at least one sysadmin who would be saved the 
>trouble of pulling out his hair in handfuls when he saw important system 
>files owned by the "nobody" user.
>  
>
We will be addressing this in the next major release.

>
>  
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20051207/6be7fd0d/attachment.bin>

More information about the Fedora-directory-users mailing list