Changeset 117309d
- Timestamp:
- 01/29/2014 04:40:48 PM (10 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- dac0ab8
- Parents:
- c132a23e
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
general.ent
rc132a23e r117309d 1 1 <!-- $LastChangedBy$ $Date$ --> 2 2 3 <!ENTITY day "2 8"> <!-- Always 2 digits -->3 <!ENTITY day "29"> <!-- Always 2 digits --> 4 4 <!ENTITY month "01"> <!-- Always 2 digits --> 5 5 <!ENTITY year "2014"> … … 7 7 <!ENTITY copyholder "The BLFS Development Team"> 8 8 <!ENTITY version "&year;-&month;-&day;"> 9 <!ENTITY releasedate "January 2 8th, &year;">9 <!ENTITY releasedate "January 29th, &year;"> 10 10 <!ENTITY pubdate "&year;-&month;-&day;"> <!-- metadata req. by TLDP --> 11 11 <!ENTITY blfs-version "svn"> <!-- svn|[release #] --> -
server/other/openldap.xml
rc132a23e r117309d 207 207 <screen role="root"><userinput>make install && 208 208 209 chown -v -R ldap:ldap /var/lib/openldap && 210 chmod -v 0644 /var/lib/openldap/DB_CONFIG.example && 211 chmod -v 0644 /etc/openldap/{slapd.{conf,ldif},DB_CONFIG.example} && 209 chmod -v 700 /var/lib/openldap && 210 chown -v -R ldap:ldap /var/lib/openldap && 211 chmod -v 640 /etc/openldap/{slapd.{conf,ldif},DB_CONFIG.example} && 212 chown -v root:ldap /etc/openldap/{slapd.{conf,ldif},DB_CONFIG.example} && 213 install -v -dm700 -o ldap -g ldap /etc/openldap/slapd.d && 212 214 213 215 install -v -dm755 /usr/share/doc/openldap-&openldap-version; && … … 215 217 cp -vfr doc/rfc /usr/share/doc/openldap-&openldap-version; && 216 218 cp -vfr doc/guide /usr/share/doc/openldap-&openldap-version;</userinput></screen> 219 220 <para> 221 Having slapd configuration files and ldap databases in /var/lib/openldap 222 readable by anyone is a SECURITY ISSUE, especially since a file stores 223 admin password in PLAIN TEXT. That's why mode 640 and root:ldap ownership 224 were used. Owner is root, so only root can modify the file, and group is 225 ldap, so that the group which owns slapd daemon could read but not modify 226 the file in case of a security breach. 227 </para> 217 228 218 229 </sect2>
Note:
See TracChangeset
for help on using the changeset viewer.