Securing-Optimizing-RH-Linux-1_2_320
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca
© Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ®
320
The strip command would discard all symbols from the object files. This means that our
binaries files will be smaller in size. This will improve a bit the performance hit to the program
since they will be fewer lines to read by the system when itll execute the binary.
Cleanup after work
[root@deep /]# cd /var/tmp
[root@deep tmp]# rm -rf ldap openldap-version.tgz
The rm command will remove all the source files we have used to compile and install
OpenLDAP. It will also remove the OpenLDAP compressed archive from the /var/tmp directory.
Configurations
All software we describe in this book has a specific directory and subdirectory in a tar
compressed archive named floppy.tgz containing file configurations for the specific program. If
you get this archive file, you wouldnt be obliged to reproduce the different configuration files
bellow manually or cut and past them to create your configuration files. Whatever your decide to
copy manually or get the files made to your convenience from the archive compressed files, it will
be to your responsibility to modify, adjust for your needs and place the files related to OpenLDAP
software to their appropriated places on your server machine, like show bellow. The server
configuration files archive to download is located at the following Internet address:
http://pages.infinit.net/lotus1/opendocs/floppy.tgz
·
To run OpenLDAP server, the following files are require and must be create or copied to
their appropriated directories on your server.
Copy the slapd.conf file in the /etc/openldap/ directory.
Copy the ldap script file in the /etc/rc.d/init.d/ directory.
You can obtain configuration files listed bellow on our floppy.tgz archive. Copy the following files
from the decompressed floppy.tgz archive to their appropriated places or copy and paste them
directly from this book to the concerned file.
Configuration of the /etc/ldap/slapd.conf file
The /etc/openldap/slapd.conf file is the main configuration file for the stand-alone LDAP
daemon. Options like: permission, password, database type, database location and so on can be
configured on this file and will apply to slapd daemon as a whole. In the example bellow we
configure the slap.conf file for an LDBM backend database.
Edit the slapd.conf file (vi /etc/openldap/slapd.conf) and add/adjust the following information:
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include
/etc/openldap/slapd.at.conf
include
/etc/openldap/slapd.oc.conf
schemacheck
off
#referral
ldap://ldap.itd.umich.edu
pidfile
/var/run/slapd.pid
argsfile
/var/run/slapd.args
#######################################################################
# ldbm database definitions
#######################################################################