# $OpenLDAP: pkg/openldap-guide/admin/runningslapd.sdf,v 1.15.2.2 2007/01/02 21:43:43 kurt Exp $ # Copyright 1999-2007 The OpenLDAP Foundation, All Rights Reserved. # COPYING RESTRICTIONS APPLY, see COPYRIGHT. H1: Running slapd {{slapd}}(8) is designed to be run as a stand-alone server. This allows the server to take advantage of caching, manage concurrency issues with underlying databases, and conserve system resources. Running from {{inetd}}(8) is {{NOT}} an option. H2: Command-Line Options {{slapd}}(8) supports a number of command-line options as detailed in the manual page. This section details a few commonly used options. > -f This option specifies an alternate configuration file for slapd. The default is normally {{F:/usr/local/etc/openldap/slapd.conf}}. > -h This option specifies alternative listener configurations. The default is {{EX:ldap:///}} which implies LDAP over TCP on all interfaces on the default LDAP port 389. You can specify specific host-port pairs or other protocol schemes (such as ldaps:// or ldapi://). For example, {{EX:-h "ldaps:// ldap://127.0.0.1:666"}} will create two listeners: one for LDAP over SSL on all interfaces on the default LDAP/SSL port 636, and one for LDAP over TCP on the {{EX:localhost}} ({{loopback}}) interface on port 666. Hosts may be specified using IPv4 dotted-decimal form or using host names. Port values must be numeric. > -n This option specifies the service name used for logging and other purposes. The default service name is {{EX:slapd}}. > -l This option specifies the local user for the {{syslog}}(8) facility. Values can be {{EX:LOCAL0}}, {{EX:LOCAL1}}, {{EX:LOCAL2}}, ..., and {{EX:LOCAL7}}. The default is {{EX:LOCAL4}}. This option may not be supported on all systems. > -u user -g group These options specify the user and group, respectively, to run as. {{EX:user}} can be either a user name or uid. {{EX:group}} can be either a group name or gid. > -r directory This option specifies a run-time directory. slapd will {{chroot}}(2) to this directory after opening listeners but before reading any configuration files or initializing any backends. . > -d | ? This option sets the slapd debug level to . When level is a `?' character, the various debugging levels are printed and slapd exits, regardless of any other options you give it. Current debugging levels are !block table; colaligns="RL"; align=Center; \ title="Table 6.1: Debugging Levels" Level Description -1 enable all debugging 0 no debugging 1 trace function calls 2 debug packet handling 4 heavy trace debugging 8 connection management 16 print out packets sent and received 32 search filter processing 64 configuration file processing 128 access control list processing 256 stats log connections/operations/results 512 stats log entries sent 1024 print communication with shell backends 2048 print entry parsing debugging !endblock You may enable multiple levels by specifying the debug option once for each desired level. Or, since debugging levels are additive, you can do the math yourself. That is, if you want to trace function calls and watch the config file being processed, you could set level to the sum of those two levels (in this case, {{EX: -d 65}}). Or, you can let slapd do the math, (e.g. {{EX: -d 1 -d 64}}). Consult {{F: }} for more details. Note: slapd must have been compiled with {{EX:-DLDAP_DEBUG}} defined for any debugging information beyond the two stats levels to be available. H2: Starting slapd In general, slapd is run like this: > /usr/local/etc/libexec/slapd [