500 lines
7.7 KiB
HTML
500 lines
7.7 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
|
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Command Line Options</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
|
|
REL="HOME"
|
|
TITLE="LDAP Linux HOWTO"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Running the LDAP Server"
|
|
HREF="runningldap.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Running the LDAP Server"
|
|
HREF="runningldap.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Starting the LDAP Server"
|
|
HREF="startingldap.html"></HEAD
|
|
><BODY
|
|
CLASS="section"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
SUMMARY="Header navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>LDAP Linux HOWTO</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="runningldap.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 4. Running the LDAP Server</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="startingldap.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="section"
|
|
><H1
|
|
CLASS="section"
|
|
><A
|
|
NAME="CommandOptions"
|
|
></A
|
|
>4.1. Command Line Options</H1
|
|
><P
|
|
><EM
|
|
>Slapd</EM
|
|
> supports a number of command-line options as detailed
|
|
in the manual page. This section details a few commonly used options:</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><FONT
|
|
COLOR="#000000"
|
|
><PRE
|
|
CLASS="screen"
|
|
>-f <filename></PRE
|
|
></FONT
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
>This option specifies an alternate configuration file for slapd. The default is
|
|
normally /usr/local/etc/openldap/slapd.conf.</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><FONT
|
|
COLOR="#000000"
|
|
><PRE
|
|
CLASS="screen"
|
|
>-h <URLs></PRE
|
|
></FONT
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
>This option specifies alternative listener configurations. The default is
|
|
ldap:/// which implies LDAP over TCP on all interfaces on the default LDAP port
|
|
389. You can specify specific host-port pairs or other protocol schemes
|
|
(such as ldaps:// or ldapi://). For example, -h "ldaps:// ldap://127.0.0.1:667"
|
|
will create two listeners: one for LDAP over SSL on all interfaces on the
|
|
default LDAP/SSL port 636, and one for LDAP over TCP on the localhost
|
|
(loopback) interface on port 667. Hosts may be specified using IPv4
|
|
dotted-decimal form or using host names. Port values must be numeric.</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><FONT
|
|
COLOR="#000000"
|
|
><PRE
|
|
CLASS="screen"
|
|
>-n <service-name></PRE
|
|
></FONT
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
>This option specifies the service name used for logging and other purposes.
|
|
The default service name is slapd.</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><FONT
|
|
COLOR="#000000"
|
|
><PRE
|
|
CLASS="screen"
|
|
>-l <syslog-local-user></PRE
|
|
></FONT
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
>This option specifies the local user for the syslog(8) facility. Values can be
|
|
LOCAL0, LOCAL1, LOCAL2, ..., and LOCAL7. The default is LOCAL4. This option
|
|
may not be supported on all systems. See the <A
|
|
HREF="logs.html"
|
|
>Section 6.5</A
|
|
> for more details.</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><FONT
|
|
COLOR="#000000"
|
|
><PRE
|
|
CLASS="screen"
|
|
>-u user -g group</PRE
|
|
></FONT
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
>These options specify the user and group, respectively, to run slapd as. user can be
|
|
either a user name or uid. group can be either a group name or gid.</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><FONT
|
|
COLOR="#000000"
|
|
><PRE
|
|
CLASS="screen"
|
|
>-r directory</PRE
|
|
></FONT
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
>This option specifies a run-time directory. slapd will chroot(2) to this
|
|
directory after opening listeners but before reading any configuration files
|
|
or initializing any backends.</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><FONT
|
|
COLOR="#000000"
|
|
><PRE
|
|
CLASS="screen"
|
|
>-d <level> | ?</PRE
|
|
></FONT
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
>This option sets the slapd debug level to <level>. When level is a `?'
|
|
character, the various debugging levels are printed and slapd exits, regardless
|
|
of any other options you give it. Current debugging levels are:</P
|
|
><P
|
|
><DIV
|
|
CLASS="table"
|
|
><A
|
|
NAME="AEN611"
|
|
></A
|
|
><P
|
|
><B
|
|
>Table 4-1. Debugging Levels</B
|
|
></P
|
|
><TABLE
|
|
BORDER="1"
|
|
CLASS="CALSTABLE"
|
|
><THEAD
|
|
><TR
|
|
><TH
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>Level</TH
|
|
><TH
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>Description</TH
|
|
></TR
|
|
></THEAD
|
|
><TBODY
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>-1</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>enable all debugging</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>0</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>no debugging</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>1</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>trace function calls</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>2</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>debug packet handling</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>4</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>heavy trace debugging</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>8</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>connection management </TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>16</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>print out packets sent and received </TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>32</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>search filter processing </TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>64</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>configuration file processing</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>128</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>access control list processing</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>256</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>stats log connections/operations/results</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>512</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>stats log entries sent </TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>1024</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>print communication with shell backends </TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>2048</TD
|
|
><TD
|
|
WIDTH="0"
|
|
ALIGN="LEFT"
|
|
VALIGN="MIDDLE"
|
|
>print entry parsing debugging </TD
|
|
></TR
|
|
></TBODY
|
|
></TABLE
|
|
></DIV
|
|
></P
|
|
><P
|
|
>You may enable multiple levels by specifying the debug option once for each
|
|
desired level. Or, since debugging levels are additive, you can do the math
|
|
yourself. That is, if you want to trace function calls and watch the config
|
|
file being processed, you could set level to the sum of those two levels (in
|
|
this case, -d 65). Or, you can let slapd do the math, (e.g. -d 1 -d 64).
|
|
Consult <ldap.h> for more details.</P
|
|
><P
|
|
><B
|
|
CLASS="command"
|
|
>Note:</B
|
|
> slapd must have been compiled with -DLDAP_DEBUG defined for
|
|
any debugging information beyond the two stats levels to be available. </P
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
SUMMARY="Footer navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="runningldap.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
ACCESSKEY="H"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="startingldap.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Running the LDAP Server</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="runningldap.html"
|
|
ACCESSKEY="U"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Starting the LDAP Server</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |