-
Bug
-
Resolution: Won't Do
-
Undefined
-
None
-
rhel-9.4
-
None
-
No
-
Low
-
rhel-sst-idm-ds
-
ssg_idm
-
0
-
False
-
-
None
-
Red Hat Enterprise Linux
-
None
-
None
-
None
-
x86_64
-
None
What were you trying to do that didn't work?
Make slapd run as a different user (i.e. not ldap)
Please provide the package NVR for which bug is seen:
openldap-servers-2.6.6-3.el9.x86_64
How reproducible:
Every time.
Steps to reproduce
- Install openldap-servers
- Create /etc/sysconfig/slapd with content of SLAPD_USER=slapd
- Attempt to start slapd.
Expected results
slapd process to run as the slapd user
Actual results
slapd process attempts to start as ldap user still.
Additional Info
The systemd service file has hardcoded to start as the ldap user.
/usr/lib/systemd/system/slapd.service
ExecStart=/usr/sbin/slapd -u ldap -h "ldap:/// ldaps:/// ldapi:///"
If I create an override including the EnvironmentFile and replacing the ExecStart like so:
/etc/systemd/system/slapd.service.d/override.conf
[Service]
EnvironmentFile=/etc/sysconfig/slapd
ExecStart=
ExecStart=/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u $SLAPD_USER
The slapd correctly runs as the user slapd.
(Sorry I missed anything, first time reporting here!).
