Re: Re: pam_ldap + nscd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Sun, 2007-10-07 at 12:23 +0200, Felix Schwarz wrote:
> Steve Rigler schrieb:
> > It has a lot to do with user root if you use rootbinddn in
> > "/etc/ldap.conf" and put the password into "/etc/ldap.secret" which
> > should only be readable by root.
> 
> You are right but I even set the permissions on ldap.secret to 0644 to be sure 
> that there are no acl problems. I expected that nscd would use rootbinddn if 
> ldap.secret was readable for the user "nscd".
> 
> fs
> 
> PS: This was on a test machine, I won't ever make ldap.secret world readable in 
> a production environment.
----
Why would nscd need to bind on it's own to ldap? Perhaps it's because I
don't normally use nscd but I can't see any reason for it to do so.
Either a user or service binds to LDAP with it's own credentials or it
fails and nscd shouldn't need it's own set of credentials. Perhaps
someone can tech me something here.

Craig

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux