1
0
mirror of https://github.com/postgres/postgres.git synced 2025-10-25 13:17:41 +03:00

tests: Prevent syslog activity by slapd, take 2

Unfortunately it turns out that the logfile-only option added in b9f8d1cbad
is only available in openldap starting in 2.6.

Luckily the option to control the log level (loglevel/-s) have been around for
much longer. As it turns out loglevel/-s only control what goes into syslog,
not what ends up in the file specified with 'logfile' and stderr.

While we currently are specifying 'logfile', nothing ends up in it, as the
option only controls debug messages, and we didn't set a debug level. The
debug level can only be configured on the commandline and also prevents
forking. That'd require larger changes, so this commit doesn't tackle that
issue.

Specify the syslog level when starting slapd using -s, as that allows to
prevent all syslog messages if one uses '0' instead of 'none', while loglevel
doesn't prevent the first message.

Discussion: https://postgr.es/m/20230311233708.3yjdbjkly2q4gq2j@awork3.anarazel.de
Backpatch: 11-
This commit is contained in:
Andres Freund
2023-03-16 23:03:31 -07:00
parent 371e3daaa5
commit ce29cea17f

View File

@@ -90,7 +90,6 @@ include $ldap_schema_dir/inetorgperson.schema
pidfile $slapd_pidfile pidfile $slapd_pidfile
logfile $slapd_logfile logfile $slapd_logfile
logfile-only on
access to * access to *
by * read by * read
@@ -126,7 +125,8 @@ system_or_bail "openssl", "x509", "-req", "-in", "$slapd_certs/server.csr",
"-CA", "$slapd_certs/ca.crt", "-CAkey", "$slapd_certs/ca.key", "-CA", "$slapd_certs/ca.crt", "-CAkey", "$slapd_certs/ca.key",
"-CAcreateserial", "-out", "$slapd_certs/server.crt"; "-CAcreateserial", "-out", "$slapd_certs/server.crt";
system_or_bail $slapd, '-f', $slapd_conf, '-h', "$ldap_url $ldaps_url"; # -s0 prevents log messages ending up in syslog
system_or_bail $slapd, '-f', $slapd_conf,'-s0', '-h', "$ldap_url $ldaps_url";
END END
{ {