[Fedora-directory-users] Re: Fedora-directory-users Digest, Vol 7, Issue 15
Richard Megginson
rmeggins at redhat.com
Wed Dec 7 15:01:37 UTC 2005
Kevin M. Goess wrote:
>On Tuesday 06 December 2005 01:33 pm,
>fedora-directory-users-request at redhat.com wrote:
>
>
>>This is a permissions problem. Did you use the same user for the
>>directory server as for the admin server?
>>
>>
>
>Nope, I used ldap for the directory server, which seems to work fine, and was
>trying to use 'ldapas' for the admin server.
>
>
Right now you have to use the same user for both the directory server
and the admin server.
>
>
>>What's in the file /tmp/file2dDMoZ?
>>
>>
>
>$ ls -lF /tmp/file2dDMoZ
>-rw-r--r-- 1 root root 0 Dec 6 13:12 /tmp/file2dDMoZ
>
>An empty file, owned by root.
>
>
>
>
>>What is the output of
>>ls -l admin-serv/config
>>?
>>
>>
>
>$ ls -al admin-serv/config/
>total 60
>drwxr-xr-x 2 ldapas ldapas 4096 2005-12-06 16:59 .
>drwxr-xr-x 6 ldapas ldapas 4096 2005-12-06 16:59 ..
>-rw------- 1 ldapas root 347 2005-12-06 16:59 adm.conf
>-rw------- 1 ldapas ldapas 39 2005-12-06 16:59 admpw
>-rw------- 1 ldapas root 3537 2005-12-06 16:59 admserv.conf
>-rw------- 1 ldapas root 3722 2005-12-06 16:59 console.conf
>-rw------- 1 ldapas root 26608 2005-12-06 16:59 httpd.conf
>-rw------- 1 ldapas root 4573 2005-12-06 16:59 nss.conf
>
>
Hmm - that looks correct. If ldapas is the uid of the admin server,
then it should be able to create the file local.conf in that directory.
>
>
>
>>>On a side note, is there any reason not to use the standard redhat
>>>"ldap" user
>>>instead of "nobody" for the default suggested slapd user?
>>>
>>>
>>You should be able to use "ldap".
>>
>>
>>
>>>My impression was
>>>that "nobody" should not own any files on the filesystem.
>>>
>>>
>
>Then would this be the place to suggest making the suggested default "ldap"
>intead of "nobody"? I know at least one sysadmin who would be saved the
>trouble of pulling out his hair in handfuls when he saw important system
>files owned by the "nobody" user.
>
>
We will be addressing this in the next major release.
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20051207/6be7fd0d/attachment.bin>
More information about the Fedora-directory-users
mailing list