maybe chmod 0640 'config-archive/etc/openldap/slapd.conf'
maybe chmod 0644 'config-archive/etc/openldap/slapd.conf,v'
maybe chmod 0644 'config-archive/etc/openldap/slapd.conf.default,v'
-maybe chmod 0644 'config-archive/etc/openldap/slapd.conf.dist'
-maybe chmod 0640 'config-archive/etc/openldap/slapd.conf.dist.new'
+maybe chmod 0640 'config-archive/etc/openldap/slapd.conf.dist'
maybe chmod 0755 'config-archive/etc/pam.d'
maybe chmod 0644 'config-archive/etc/pam.d/atd,v'
maybe chmod 0644 'config-archive/etc/pam.d/chgpasswd,v'
maybe chmod 0644 'openldap/schema/sudo.schema'
maybe chgrp 'ldap' 'openldap/slapd.conf'
maybe chmod 0640 'openldap/slapd.conf'
-maybe chmod 0600 'openldap/slapd.conf.default'
+maybe chgrp 'ldap' 'openldap/slapd.conf.default'
+maybe chmod 0640 'openldap/slapd.conf.default'
maybe chmod 0600 'openldap/slapd.ldif'
maybe chmod 0600 'openldap/slapd.ldif.default'
maybe chmod 0755 'openldap/ssl'
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
-pidfile /var/run/openldap/slapd.pid
-argsfile /var/run/openldap/slapd.args
+pidfile /run/openldap/slapd.pid
+argsfile /run/openldap/slapd.args
# Load dynamic backend modules:
# modulepath /usr/lib64/openldap/openldap
# moduleload back_null.so
# moduleload back_monitor.so
# moduleload back_meta.so
+# moduleload back_mdb.so
# moduleload back_ldap.so
# moduleload back_dnssrv.so
+++ /dev/null
-#
-# See slapd.conf(5) for details on configuration options.
-# This file should NOT be world readable.
-#
-include /etc/openldap/schema/core.schema
-
-# Define global ACLs to disable default read access.
-
-# Do not enable referrals until AFTER you have a working directory
-# service AND an understanding of referrals.
-#referral ldap://root.openldap.org
-
-pidfile /var/run/openldap/slapd.pid
-argsfile /var/run/openldap/slapd.args
-
-# Load dynamic backend modules:
-# modulepath /usr/lib64/openldap/openldap
-# moduleload back_sql.so
-# moduleload back_sock.so
-# moduleload back_shell.so
-# moduleload back_relay.so
-# moduleload back_perl.so
-# moduleload back_passwd.so
-# moduleload back_null.so
-# moduleload back_monitor.so
-# moduleload back_meta.so
-# moduleload back_ldap.so
-# moduleload back_dnssrv.so
-
-# Sample security restrictions
-# Require integrity protection (prevent hijacking)
-# Require 112-bit (3DES or better) encryption for updates
-# Require 63-bit encryption for simple bind
-# security ssf=1 update_ssf=112 simple_bind=64
-
-# Sample access control policy:
-# Root DSE: allow anyone to read it
-# Subschema (sub)entry DSE: allow anyone to read it
-# Other DSEs:
-# Allow self write access
-# Allow authenticated users read access
-# Allow anonymous users to authenticate
-# Directives needed to implement policy:
-# access to dn.base="" by * read
-# access to dn.base="cn=Subschema" by * read
-# access to *
-# by self write
-# by users read
-# by anonymous auth
-#
-# if no access controls are present, the default policy
-# allows anyone and everyone to read anything but restricts
-# updates to rootdn. (e.g., "access to * by * read")
-#
-# rootdn can always read and write EVERYTHING!
-
-#######################################################################
-# BDB database definitions
-#######################################################################
-
-database hdb
-suffix "dc=my-domain,dc=com"
-# <kbyte> <min>
-checkpoint 32 30
-rootdn "cn=Manager,dc=my-domain,dc=com"
-# Cleartext passwords, especially for the rootdn, should
-# be avoid. See slappasswd(8) and slapd.conf(5) for details.
-# Use of strong authentication encouraged.
-rootpw secret
-# The database directory MUST exist prior to running slapd AND
-# should only be accessible by the slapd and slap tools.
-# Mode 700 recommended.
-directory /var/lib/openldap-data
-# Indices to maintain
-index objectClass eq
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
-pidfile /var/run/openldap/slapd.pid
-argsfile /var/run/openldap/slapd.args
+pidfile /run/openldap/slapd.pid
+argsfile /run/openldap/slapd.args
loglevel config ACL stats stats2
# moduleload back_null.so
# moduleload back_monitor.so
# moduleload back_meta.so
+# moduleload back_mdb.so
# moduleload back_ldap.so
# moduleload back_dnssrv.so
projects / config / helga / etc.git / commitdiff