Commit 8de4949f authored by Дилян Палаузов's avatar Дилян Палаузов
Browse files

Initial writing about chroot mode

parent 5c6e69d8
......@@ -251,7 +251,12 @@ used as a security mechanism, it should be used in conjunction with
.B \-u
.B \-g
options. The chroot directory must contain the Cyrus SASL plugins, the
TLS certificates, dev/urandom. For Kerberos V: the keytab and the /var/tmp
directory, unless the value of the variable KRB5RCACHEDIR is changed.
For systemd service with type=notify the file /run/systemd/notify within
the chroot must be bind-mounted to /run/systemd/notify outside chroot.
The file can be mounted on ExecStartPre= and unmounted in ExecStartPost=.
.BI \-u \ user
.B slapd
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment