From 53ffa37b24f99bdf9a66757d6990daa8219868a8 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Wed, 11 Oct 2000 04:33:50 +0000 Subject: [PATCH] Import misc manual page updates --- doc/man/man3/ldap_first_attribute.3 | 13 +++++----- doc/man/man5/slapd.conf.5 | 38 ++++++++++++++--------------- doc/man/man8/slapd.8 | 4 ++- 3 files changed, 28 insertions(+), 27 deletions(-) diff --git a/doc/man/man3/ldap_first_attribute.3 b/doc/man/man3/ldap_first_attribute.3 index 52716a6ca7..124fcc4632 100644 --- a/doc/man/man3/ldap_first_attribute.3 +++ b/doc/man/man3/ldap_first_attribute.3 @@ -1,4 +1,4 @@ -.TH LDAP_FIRST_ATTRIBUTE 3 "22 September 1998" "OpenLDAP LDVERSION" +.TH LDAP_FIRST_ATTRIBUTE 3 "4 October 2000" "OpenLDAP LDVERSION" .\" $OpenLDAP$ .\" Copyright 1998-2000 The OpenLDAP Foundation All Rights Reserved. .\" Copying restrictions apply. See COPYRIGHT/LICENSE. @@ -34,11 +34,10 @@ takes an \fIentry\fP as returned by .BR ldap_first_entry (3) or .BR ldap_next_entry (3) -and returns a pointer to a per-connection buffer -containing the first attribute type in the entry. The return value -should be treated as if it is a pointer to a static area (i.e., -.BR strdup (3) -it if you want to save it). +and returns a pointer to character string +containing the first attribute description in the entry. +.B ldap_next_attribute() +returns the next attribute description in the entry. .LP It also returns, in \fIberptr\fP, a pointer to a BerElement it has allocated to keep track of its current position. This pointer should @@ -66,7 +65,7 @@ for a description of possible error codes. The .B ldap_first_attribute() routine dyanamically allocated memory that must be freed by the caller via -.BR ber_free (3). +.BR ldap_memfree (3). .SH SEE ALSO .BR ldap(3), .BR ldap_first_entry(3), diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5 index 8d92c31452..bb8b45df16 100644 --- a/doc/man/man5/slapd.conf.5 +++ b/doc/man/man5/slapd.conf.5 @@ -235,13 +235,6 @@ in place of the numeric OID in objectclass and attribute definitions. The name can also be used with a suffix of the form ":xx" in which case the value "oid.xx" will be used. .TP -.B pidfile -The ( absolute ) name of a file that will hold the -.B slapd -server's process ID ( see -.BR getpid (2) -) if started without the debugging command line option. -.TP .B password-hash The to use for userPassword generation. One of .BR {SSHA} , @@ -256,6 +249,13 @@ and The default is .BR {SSHA} . .TP +.B pidfile +The ( absolute ) name of a file that will hold the +.B slapd +server's process ID ( see +.BR getpid (2) +) if started without the debugging command line option. +.TP .B referral Specify the referral to pass back when .BR slapd (8) @@ -288,15 +288,15 @@ set conditions within a particular database). .B sasl-host Used to specify the fully qualified domain name used for SASL processing. .TP -.B sasl-realm -Used to specify Cyrus SASL realm. +.B sasl-realm +Specify SASL realm. Default is empty. .TP .B sasl-secprops Used to specify Cyrus SASL security properties. The .B none flag (without any other properities) causes the flag properites -defaults ("noanonymous,noplain") to be cleared. +default, "noanonymous,noplain", to be cleared. The .B noplain flag disables mechanisms susceptible to simple passive attacks. @@ -331,7 +331,7 @@ property specifies the maximum acceptable .I security strength factor as an integer (see minssf description). The default is INT_MAX. The -.B maxbufsize= +.B maxbufsize= property specifies the maximum security layer receive buffer size allowed. 0 disables security layers. The default is 65536. .TP @@ -389,12 +389,6 @@ Turn schema checking on or off. The default is on. Specify the maximum number of entries to return from a search operation. The default size limit is 500. .TP -.B sasl-realm -Specify SASL realm. Default is empty. -.TP -.B sasl-secprops -Cyrus SASL security properties. Default is "noanonymous,noplain". -.TP .B srvtab Specify the srvtab file in which the kerberos keys necessary for authenticating clients using kerberos can be found. This option is only @@ -503,10 +497,16 @@ or administrative limit restrictions for operations on this database. This DN may or may not be associated with an entry. An empty root DN (the default) specifies no root access is to be granted. It is recommended that the rootdn only be specified when needed (such as -when initially populating a database). +when initially populating a database). If the rootdn is within +a namingContext (suffix) of the database, a simple bind password +may also be provided using the +.B rootpw +directive. .TP .B rootpw -Specify a password (or hash of the password) for the rootdn. +Specify a password (or hash of the password) for the rootdn. If +the rootdn is not within the namingContext of the database, the +provided password is ignored. This option accepts all RFC 2307 userPassword formats known to the server (see .B password-hash diff --git a/doc/man/man8/slapd.8 b/doc/man/man8/slapd.8 index 91923b047b..251e2175e6 100644 --- a/doc/man/man8/slapd.8 +++ b/doc/man/man8/slapd.8 @@ -119,7 +119,9 @@ Ports, if specfied, must be numeric. The default ldap:// port is 389 and the default ldaps:// port is 636. .TP .BI \-r " directory" -Specifies a run-time directory. slapd will +Specifies a chroot "jail" directory. slapd will +.BR chdir (2) +then .BR chroot (2) to this directory after opening listeners but before any reading any configuration file or initializing any backend. -- 2.39.5