[lfs-fr] r5595 - trunk/blfs/traduc/commits

myou72 at orange.fr myou72 at orange.fr
Sam 1 Fév 09:34:29 PST 2014


Author: myou72
Date: 2014-02-01 18:34:29 +0100 (Sat, 01 Feb 2014)
New Revision: 5595

Added:
   trunk/blfs/traduc/commits/r12645.txt
Log:
[BLFS-EN] r12645.txt

Added: trunk/blfs/traduc/commits/r12645.txt
===================================================================
--- trunk/blfs/traduc/commits/r12645.txt	                        (rev 0)
+++ trunk/blfs/traduc/commits/r12645.txt	2014-02-01 17:34:29 UTC (rev 5595)
@@ -0,0 +1,56 @@
+Révision 12645
+
+fichiers modifiés :
+   general.ent
+   server/other/openldap.xml
+
+Log :
+openldap-2.4.39. Fix again. Thanks Armin K.
+
+Le robot a traité 16 % du commit anglais
+Index: general.ent
+===================================================================
+--- general.ent	(révision 12644)
++++ general.ent	(révision 12645)
+@@ -1,12 +1,12 @@
+ <!-- $LastChangedBy$ $Date$ -->
+ 
++<!ENTITY day          "29">                   <!-- Always 2 digits -->
+ <!ENTITY month        "01">                   <!-- Always 2 digits -->
+ <!ENTITY year         "2014">
+ <!ENTITY copyrightdate "2001-&year;">
+
+Index: server/other/openldap.xml
+===================================================================
+--- server/other/openldap.xml	(révision 12644)
++++ server/other/openldap.xml	(révision 12645)
+@@ -206,15 +206,26 @@
+ 
+ <screen role="root"><userinput>make install &&
+ 
+-chown -v -R ldap:ldap /var/lib/openldap                           &&
+-chmod -v 0644 /var/lib/openldap/DB_CONFIG.example                 &&
+-chmod -v 0644 /etc/openldap/{slapd.{conf,ldif},DB_CONFIG.example} &&
++chmod -v 700 /var/lib/openldap                                         &&
++chown -v -R ldap:ldap /var/lib/openldap                                &&
++chmod -v 640 /etc/openldap/{slapd.{conf,ldif},DB_CONFIG.example}       &&
++chown -v root:ldap /etc/openldap/{slapd.{conf,ldif},DB_CONFIG.example} &&
++install -v -dm700 -o ldap -g ldap /etc/openldap/slapd.d                &&
+ 
+ install -v -dm755  /usr/share/doc/openldap-&openldap-version; &&
+ cp -vfr doc/drafts /usr/share/doc/openldap-&openldap-version; &&
+ cp -vfr doc/rfc    /usr/share/doc/openldap-&openldap-version; &&
+ cp -vfr doc/guide  /usr/share/doc/openldap-&openldap-version;</userinput></screen>
+ 
++    <para>
++      Having slapd configuration files and ldap databases in /var/lib/openldap
++      readable by anyone is a SECURITY ISSUE, especially since a file stores
++      admin password in PLAIN TEXT. That's why mode 640 and root:ldap ownership
++      were used. Owner is root, so only root can modify the file, and group is
++      ldap, so that the group which owns slapd daemon could read but not modify
++      the file in case of a security breach. 
++    </para>
+   </sect2>
+ 
+   <sect2 role="commands">
+




More information about the lfs-traducfr mailing list