On Mon, 2007-02-26 at 14:50 -0800, Pete Rowley wrote:
Andrew Bartlett wrote:
> On Mon, 2007-02-26 at 11:10 -0800, Pete Rowley wrote:
>
>> Andrew Bartlett wrote:
>>
>>> On Fri, 2007-02-23 at 14:28 -0800, Pete Rowley wrote:
>>>
>>>
>>>> Andrew Bartlett wrote:
>>>>
>>>>
>>>>> Slightly adjunct to this, i need a way to prevent the DS from
binding to
>>>>> anything except the unix domain socket (for security). ie, no IPv4
>>>>> ports.
>>>>>
>>>>>
>>>>>
>>>> You _should_ be able to do this by specifying port 0
>>>>
>>>>
>>> Nope, doesn't work (at least for ds_newisnt.pl).
>>>
>>>
>>>
>> How does it fail? Logs?
>>
>
> Sorry, I know better than to be like that. ds_newinst.pl thinks that
> the required parameter (ServerPort) isn't specified when it is set to 0.
>
>
Ah ok, try setting it to 0 via ldap then do a server restart - lets see
if at least the server is behaving.
It doesn't seem to work:
Editing dse.ldif manually to set a 0 port, I now get:
(console)
[27/Feb/2007:12:08:19 +1100] - Information: Non-Secure Port Disabled,
server only contactable via secure port
Server failed to start !!! Please check errors log for problems
(logs)
[27/Feb/2007:12:08:19 +1100] - Information: Non-Secure Port Disabled,
server only contactable via secure port
[27/Feb/2007:12:08:20 +1100] - Fedora-Directory/1.1.0a2 B2007.055.926
starting up
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team
http://samba.org
Samba Developer, Red Hat Inc.
http://redhat.com