Comment 3 for bug 218899
Revision history for this message
| Philipp Kaluza (pixelpapst) wrote Re: upgrade to hardy: user openldap is not added to group sasl | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
I can confirm this. While this setup doesn't seem too common, it's certainly a valid and supported one.
This needs to be adressed on the slapd side, so reassigning this.
The suggested fix (adduser openldap sasl) is quite simple, won't cause any regressions, but does give the slapd process some more priviledges.
However, giving daemons access to /etc/sasldb2 is what the "sasl" group is _for_, after all.
An alternative might be to force use of saslauthd, provide an configuration upgrade path, test thoroughly,and document that direct access to sasldb2 is no longer supported,
I'd really recommend the former, though. :)