[lfs-patches] r3179 - trunk/openldap

bdubbs at higgs.linuxfromscratch.org bdubbs at higgs.linuxfromscratch.org
Thu Mar 26 14:17:36 PDT 2015


Author: bdubbs
Date: Thu Mar 26 14:17:36 2015
New Revision: 3179

Log:
Update changes to slapd.conf in patch

Modified:
   trunk/openldap/openldap-2.4.40-consolidated-1.patch

Modified: trunk/openldap/openldap-2.4.40-consolidated-1.patch
==============================================================================
--- trunk/openldap/openldap-2.4.40-consolidated-1.patch	Thu Mar 26 13:44:03 2015	(r3178)
+++ trunk/openldap/openldap-2.4.40-consolidated-1.patch	Thu Mar 26 14:17:36 2015	(r3179)
@@ -289,56 +289,103 @@
  
 diff -Naur openldap-2.4.40.orig/servers/slapd/slapd.conf openldap-2.4.40/servers/slapd/slapd.conf
 --- openldap-2.4.40.orig/servers/slapd/slapd.conf	2014-09-18 20:48:49.000000000 -0500
-+++ openldap-2.4.40/servers/slapd/slapd.conf	2015-03-26 15:36:59.639463969 -0500
-@@ -10,14 +10,12 @@
++++ openldap-2.4.40/servers/slapd/slapd.conf	2015-03-26 16:12:59.380911754 -0500
+@@ -2,43 +2,41 @@
+ # See slapd.conf(5) for details on configuration options.
+ # This file should NOT be world readable.
+ #
+-include		%SYSCONFDIR%/schema/core.schema
++include %SYSCONFDIR%/schema/core.schema
+ 
+ # Define global ACLs to disable default read access.
+ 
+ # Do not enable referrals until AFTER you have a working directory
  # service AND an understanding of referrals.
- #referral	ldap://root.openldap.org
+-#referral	ldap://root.openldap.org
++#referral   ldap://root.openldap.org
  
 -pidfile		%LOCALSTATEDIR%/run/slapd.pid
 -argsfile	%LOCALSTATEDIR%/run/slapd.args
-+pidfile		%LOCALSTATEDIR%/run/openldap/slapd.pid
-+argsfile	%LOCALSTATEDIR%/run/openldap/slapd.args
++pidfile  %LOCALSTATEDIR%/run/openldap/slapd.pid
++argsfile %LOCALSTATEDIR%/run/openldap/slapd.args
  
  # Load dynamic backend modules:
 -# modulepath	%MODULEDIR%
 -# moduleload	back_bdb.la
 -# moduleload	back_hdb.la
 -# moduleload	back_ldap.la
-+modulepath	%MODULEDIR%
-+#moduleload	back_bdb
++modulepath %MODULEDIR%
++#moduleload back_bdb
  
  # Sample security restrictions
- #	Require integrity protection (prevent hijacking)
+-#	Require integrity protection (prevent hijacking)
+-#	Require 112-bit (3DES or better) encryption for updates
+-#	Require 63-bit encryption for simple bind
++#  Require integrity protection (prevent hijacking)
++#  Require 112-bit (3DES or better) encryption for updates
++#  Require 63-bit encryption for simple bind
+ # security ssf=1 update_ssf=112 simple_bind=64
+ 
+ # Sample access control policy:
+-#	Root DSE: allow anyone to read it
+-#	Subschema (sub)entry DSE: allow anyone to read it
+-#	Other DSEs:
+-#		Allow self write access
+-#		Allow authenticated users read access
+-#		Allow anonymous users to authenticate
+-#	Directives needed to implement policy:
++#  Root DSE: allow anyone to read it
++#  Subschema (sub)entry DSE: allow anyone to read it
++#  Other DSEs:
++#     Allow self write access
++#     Allow authenticated users read access
++#     Allow anonymous users to authenticate
++#  Directives needed to implement policy:
+ # access to dn.base="" by * read
+ # access to dn.base="cn=Subschema" by * read
+ # access to *
+-#	by self write
+-#	by users read
+-#	by anonymous auth
++#  by self write
++#  by users read
++#  by anonymous auth
+ #
+ # if no access controls are present, the default policy
+ # allows anyone and everyone to read anything but restricts
 @@ -46,20 +44,26 @@
  #
  # rootdn can always read and write EVERYTHING!
  
-+# Specific Backend Directives for bdb:
-+backend         bdb
++# Specific Backend Directives for mdb:
++backend mdb
 +
  #######################################################################
  # BDB database definitions
  #######################################################################
  
- database	bdb
- suffix		"dc=my-domain,dc=com"
+-database	bdb
+-suffix		"dc=my-domain,dc=com"
 -rootdn		"cn=Manager,dc=my-domain,dc=com"
-+#rootdn		"cn=Manager,dc=my-domain,dc=com"
++database mdb
++suffix   "dc=my-domain,dc=com"
++#rootdn   "cn=Manager,dc=my-domain,dc=com"
 +
  # Cleartext passwords, especially for the rootdn, should
  # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
  # Use of strong authentication encouraged.
 -rootpw		secret
-+#rootpw		secret
++#rootpw     secret
 +
  # The database directory MUST exist prior to running slapd AND 
  # should only be accessible by the slapd and slap tools.
  # Mode 700 recommended.
 -directory	%LOCALSTATEDIR%/openldap-data
-+directory	%LOCALSTATEDIR%/lib/openldap
++directory %LOCALSTATEDIR%/lib/openldap
 +
  # Indices to maintain
- index	objectClass	eq
+-index	objectClass	eq
++index objectClass eq
 diff -Naur openldap-2.4.40.orig/servers/slapd/slapi/Makefile.in openldap-2.4.40/servers/slapd/slapi/Makefile.in
 --- openldap-2.4.40.orig/servers/slapd/slapi/Makefile.in	2014-09-18 20:48:49.000000000 -0500
 +++ openldap-2.4.40/servers/slapd/slapi/Makefile.in	2015-03-26 15:36:59.639463969 -0500


More information about the patches mailing list