<quote who="Steven Pritchard"> > I posted this to bugzilla a while back... > > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=148972 > > Can anyone think of a reason why it would be bad for openldap to > include a script to do a nightly slapcat dump to a file? > > If not, I included the script, logrotate entry, and spec patch in that > bugzilla ticket, so if someone @redhat could look at it, I'd > appreciate it greatly. :-) I think that this a good idea and it's good that the script shuts down the ldap server, as you can only do a slapcat on a running server, if it's a bdb/hdb backend. IMHO, I think that this backup decision should ultimately be left up to the admin, as it's a security risk having the whole ldap tree in plain text, even though it's owned be root. Gavin.
