From: "Dmitry V. Levin" <ldv@alt-linux.org>
To: devel@altlinux.ru
Subject: Re: [devel] Fw: Re: CHROOT with OpenLDAP
Date: Tue, 19 Feb 2002 10:46:17 +0300
Message-ID: <20020219074617.GD27155@ldv.office.alt-linux.org> (raw)
In-Reply-To: <20020219094757.4f754220.vserge@menatepspb.msk.ru>
[-- Attachment #1: Type: text/plain, Size: 1336 bytes --]
On Tue, Feb 19, 2002 at 09:47:57AM +0300, Volkov Serge wrote:
> Дима как ты смотришь на такую реализацию для работы утилит
>
> Ниже ответ Координатора проекта OpenLDAP.
>
> Я предложил использовать еще один файл, а курт предлагает внешним утилитам делать chroot и работать в нем
> как ты считаешь имеет смысл такая реализация
А всегда ли эти утилиты запускаются рутом?
Надо иметь в виду, что chroot(2) - это привилегированный вызов.
> At 04:19 AM 2002-02-18, Volkov Serge wrote:
> >I think we may add new option SLAPD_CHROOT_DEFAULT_CONFIG = /etc/openldap/slapd-chroot.conf with absalutpath to schemas and bases without option about ACl and TLS.
>
> If anything, the tools could be modified to accept a
> command line flag to chroot(3) after opening files
> specified on the command line. Currently though, you
Это разумно в любом случае.
> can just execute the tool using chroot(1) w/ appropriate
> paths to files (as found in the new root).
Regards,
Dmitry
+-------------------------------------------------------------------------+
Dmitry V. Levin mailto://ldv@alt-linux.org
ALT Linux Team http://www.altlinux.com/
Fandra Project http://www.fandra.org/
+-------------------------------------------------------------------------+
UNIX is user friendly. It's just very selective about who its friends are.
[-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]
next prev parent reply other threads:[~2002-02-19 7:46 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-02-19 6:47 Volkov Serge
2002-02-19 7:46 ` Dmitry V. Levin [this message]
2002-02-19 8:31 ` Volkov Serge
2002-02-19 9:02 ` Dmitry V. Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20020219074617.GD27155@ldv.office.alt-linux.org \
--to=ldv@alt-linux.org \
--cc=devel@altlinux.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Team development discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/devel/0 devel/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 devel devel/ http://lore.altlinux.org/devel \
devel@altlinux.org devel@altlinux.ru devel@lists.altlinux.org devel@lists.altlinux.ru devel@linux.iplabs.ru mandrake-russian@linuxteam.iplabs.ru sisyphus@linuxteam.iplabs.ru
public-inbox-index devel
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.devel
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git