On 27/04/11 17:48 +0200, Frank Meisschaert wrote:
On 04/27/11 15:30, Dan White wrote:
Using the SASL_CONF_PATH environment variable to use different sasl
parameters (by using different directories containing a slapd.conf file)
for different slapd instances does not work. Same problem
for the SASL_PATH environment variable.
With regards to SASL_CONF_PATH, see sasl_getconfpath_t(3):
sasl_getconfpath_t is used if the application wishes to use a
different location for the SASL configuration files. If this
callback is not used SASL will either use the location in the
environment variable SASL_CONF_PATH (provided we are not SUID or
SGID) or /etc/sasl2 by default.
Debian slapd includes a patch which defines a SASL_CB_GETCONFPATH
callback, which would render SASL_CONF_PATH unused. It appears to set the
location to '/usr/lib/sasl2'.
Which makes it impossible to run different sasl configurations in
different instances on the same host using a different sasl
configuration path as is possible with upstream openldap. I know I
could use a chroot environment but imho the callback added in debian
should somehow have some of the path flexibility as available in
upstream.
After a closer look at the Debian patch, it actually configures the
location to be:
/etc/ldap/sasl2:/usr/lib/sasl2
I don't know of a clean way around this problem (other than removing the
patch and compiling a local version).
I suppose one approach would be to submit a feature request to slapd
upstream to make the path configurable.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
