Comment 4 for bug 632051
Revision history for this message
| Mike Bernson (mike-mlb) wrote Re: slapd dist-upgrade chown: invalid argument: `' | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
batch@work-isp:~$ sudo sh -c "ls -l /etc/ldap/
ls: cannot access /etc/ldap/
batch@work-isp:~$ sudo sh -c "grep olcSuffix: /etc/ldap/
grep: /etc/ldap/
batch@work-isp:~$ sudo sh -c "grep olcDbDirectory: /etc/ldap/
grep: /etc/ldap/
batch@work-isp:~$ ls /etc/ldap
data ldap.conf ldap.doc sasl2 schema slapd.conf
batch@work-isp:~$ ls -R /etc/ldap
/etc/ldap:
data ldap.conf ldap.doc sasl2 schema slapd.conf
/etc/ldap/data:
aa data.ldif.try1 data.ldif.try3 intervivaz.ldif
data.ldif data.ldif.try2 data.ldif.try4 reload
/etc/ldap/sasl2:
/etc/ldap/schema:
amavis.schema core.schema inetorgperson.
authldap.schema cosine.ldif java.schema openldap.ldif
authldap.
collective.schema duaconf.schema misc.schema pmi.schema
corba.schema dyngroup.schema nadf.schema ppolicy.schema
core.ldif inetorgperson.ldif nis.ldif README
ldap.conf:
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example,dc=com
#URI ldap://
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
slapd.conf:
include /etc/ldap/
##include /etc/ldap/
##include /etc/ldap/
include /etc/ldap/
##include /etc/ldap/
##include /etc/ldap/
include /etc/ldap/
##include /etc/ldap/
#include /etc/ldap/
include /etc/ldap/
##include /etc/ldap/
##include /etc/ldap/
##include /etc/ldap/
#include /usr/local/
#include /usr/local/
#include /usr/local/
include /etc/ldap/
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile /var/run/
# List of arguments that were passed to the server
argsfile /var/run/
# Read slapd.conf(5) for possible values
#loglevel none
#loglevel filter stats
loglevel stats
#loglevel 32767
# Where the dynamically loaded modules are stored
modulepath /usr/lib/ldap
moduleload back_hdb
moduleload syncprov
# The maximum number of entries that is returned for a search operation
sizelimit 5000
# The tool-threads parameter sets the actual amount of cpu's that is used
# for indexing.
tool-threads 1
# specific Backend Directives for hdb:
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
database hdb
suffix "dc="domain"
rootdn "cn=admin,
rootpw "{SSHA}<some text for a password>"
directory "/var/lib/ldap"
#add to indexes to the below list
#/etc/init.d/slapd stop
#slapindex -f /etc/ldap/
#cd /var/lib/ldap; chown openldap:openldap *
#/etc/init.d/slapd start
index objectClass,
index uid eq
index uidNumber eq
index gidNumber eq
dbconfig set_cachesize 0 2097152 0
dbconfig set_lk_max_objects 1500
dbconfig set_lk_max_locks 1500
dbconfig set_lk_max_lockers 1500
lastmod on
# 1) user confirm this is their record
# 2) pam to validate a password for this dn
# 3) pam to change a password for this dn
#we do a start <-> end match so this is for xxx.ltcd.com style
access to dn.regex=
attrs=
by anonymous auth
by dn.exact=
by dn.exact,
by self write
by * none
#this is start <-> end need for those xxxx.com style
access to dn.regex=
attrs=
by anonymous auth
by dn.exact=
by dn.exact,
by self write
by * none
#this is start <-> end need for those xxxx.com style
access to dn.regex=
attrs=
by anonymous auth
by dn.exact=
by dn.exact,
by self write
by * none
# Ensure read access to the base for things like
# supportedSASLMe
# have problems with SASL not knowing what
# mechanisms are available and the like.
# Note that this is covered by the 'access to *'
# ACL below too but if you change that as people
# are wont to do you'll still need this if you
# want SASL (and possible other things) to work
# happily.
access to dn.base="" by * read
# The admin dn has full write access, everyone else
# can read everything.
# by anonymous auth
# by users read
# by self write
# user after logged in do not bind to get uid and lose login name
access to *
by * read