Re: ldappasswd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 10/12/2012 02:42 PM, upen wrote:

On Fri, Oct 12, 2012 at 3:29 PM, Rich Megginson<rmeggins@xxxxxxxxxx>  wrote:

On 10/12/2012 02:11 PM, upen wrote:

Hi,

On my system there are two ldappasswd commands. One is in /usr/bin
(provided by: openldap-clients-2.3) and another is in
/usr/lib64/mozldap/ldappasswd (provided by mozldap-tools-6.0.5) .
Could someone please help me understand why there are two? If I run
ldd against them, they are using different shared libraries.



#ldd `which ldappasswd `
         linux-vdso.so.1 =>    (0x00007fff8ddc3000)
         libldap-2.3.so.0 =>   /usr/lib64/libldap-2.3.so.0
(0x0000003356800000)
         liblber-2.3.so.0 =>   /usr/lib64/liblber-2.3.so.0
(0x0000003355800000)
         libsasl2.so.2 =>   /usr/lib64/libsasl2.so.2 (0x0000003356400000)
         libssl.so.6 =>   /lib64/libssl.so.6 (0x000000335b800000)
         libcrypto.so.6 =>   /lib64/libcrypto.so.6 (0x0000003358800000)
         libcrypt.so.1 =>   /lib64/libcrypt.so.1 (0x0000003355400000)
         libresolv.so.2 =>   /lib64/libresolv.so.2 (0x0000003355c00000)
         libc.so.6 =>   /lib64/libc.so.6 (0x0000003353400000)
         libdl.so.2 =>   /lib64/libdl.so.2 (0x0000003353800000)
         libgssapi_krb5.so.2 =>   /usr/lib64/libgssapi_krb5.so.2
(0x000000335b000000)
         libkrb5.so.3 =>   /usr/lib64/libkrb5.so.3 (0x0000003359000000)
         libcom_err.so.2 =>   /lib64/libcom_err.so.2 (0x0000003358400000)
         libk5crypto.so.3 =>   /usr/lib64/libk5crypto.so.3
(0x000000335a000000)
         libz.so.1 =>   /lib64/libz.so.1 (0x0000003354400000)
         /lib64/ld-linux-x86-64.so.2 (0x0000003353000000)
         libkrb5support.so.0 =>   /usr/lib64/libkrb5support.so.0
(0x0000003359c00000)
         libkeyutils.so.1 =>   /lib64/libkeyutils.so.1 (0x0000003359400000)
         libselinux.so.1 =>   /lib64/libselinux.so.1 (0x0000003354c00000)
         libsepol.so.1 =>   /lib64/libsepol.so.1 (0x0000003355000000)


# ldd /usr/lib64/mozldap/ldappasswd
         linux-vdso.so.1 =>    (0x00007fffc8bfd000)
         libssldap60.so =>   /usr/lib64/libssldap60.so (0x00002ad042453000)
         libprldap60.so =>   /usr/lib64/libprldap60.so (0x0000003358000000)
         libldap60.so =>   /usr/lib64/libldap60.so (0x000000335a400000)
         libldif60.so =>   /usr/lib64/libldif60.so (0x000000335b000000)
         libsvrcore.so.0 =>   /usr/lib64/libsvrcore.so.0
(0x0000003354800000)
         libssl3.so =>   /usr/lib64/libssl3.so (0x000000335a800000)
         libsmime3.so =>   /usr/lib64/libsmime3.so (0x0000003358c00000)
         libnss3.so =>   /usr/lib64/libnss3.so (0x0000003357c00000)
         libsoftokn3.so =>   /usr/lib64/libsoftokn3.so (0x00002ad042661000)
         libplds4.so =>   /usr/lib64/libplds4.so (0x0000003357800000)
         libplc4.so =>   /usr/lib64/libplc4.so (0x0000003357000000)
         libnspr4.so =>   /usr/lib64/libnspr4.so (0x0000003357400000)
         libpthread.so.0 =>   /lib64/libpthread.so.0 (0x0000003353c00000)
         libdl.so.2 =>   /lib64/libdl.so.2 (0x0000003353800000)
         libsasl2.so.2 =>   /usr/lib64/libsasl2.so.2 (0x0000003356400000)
         libresolv.so.2 =>   /lib64/libresolv.so.2 (0x0000003355c00000)
         libstdc++.so.6 =>   /usr/lib64/libstdc++.so.6 (0x0000003356800000)
         libm.so.6 =>   /lib64/libm.so.6 (0x0000003354000000)
         libgcc_s.so.1 =>   /lib64/libgcc_s.so.1 (0x0000003355800000)
         libc.so.6 =>   /lib64/libc.so.6 (0x0000003353400000)
         libnssutil3.so =>   /usr/lib64/libnssutil3.so (0x0000003356c00000)
         libz.so.1 =>   /lib64/libz.so.1 (0x0000003354400000)
         /lib64/ld-linux-x86-64.so.2 (0x0000003353000000)
         libcrypt.so.1 =>   /lib64/libcrypt.so.1 (0x0000003355400000)


When should each be used? Do these separate purposes?

The OS is RHEL 5.7. running 389-ds-1.2.1-1.


389 on RHEL5 still uses mozldap for it's C SDK.  389 also has some scripts
which depend on the mozldap versions of these commands.

However, you can use either the mozldap or the openldap command line tools
for your own use, either is fine.

Thanks Rich. Just out of curiosity,  do any of those two binaries have
any limitations? For example, one only support applications linked to
openssl libraries and other supports apps linked to MOZ NSS libraries?
On EL5 openldap tools is built with openssl, and mozldap is built with MOZ NSS.
This means that if you want to use TLS/SSL with the openldap tools, you have to provide PEM files for TLS_CACERT, TLS_CERT, TLS_KEY, etc.
If you want to use TLS/SSL with the mozldap tools, you have to provide a MOZ NSS key/cert db. 


Or, both can support all applications regardless of the security
libraries they use.
If you are planning to use the C SDK directly, then you probably want to use the openldap libraries with applications that use openssl, and mozldap with applications that use MOZ NSS. Otherwise, it doesn't really matter - on the wire, TLS/SSL is (almost) the same regardless of which implementation you're using. 




Thanks,
UG.


--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux