ENV {} and rlm_ldap.so
Alan DeKok
aland at deployingradius.com
Fri May 21 23:15:28 CEST 2021
On May 21, 2021, at 5:07 PM, Michael Ströder via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> If I set
>
> ENV {
>
> LDAPNOINIT = '1'
>
> }
>
> in radiusd.conf will this env var be set before libldap gets loaded via
> rlm_ldap.so and initialized?
Yes.
The server loads the configuration files, and then immediately sets ENV variables. This is done before *anything* else.
> Background:
> Setting LDAPNOINIT to any value will prevent OpenLDAP's libldap to read
> any default settings from a system-wide ldap.conf (see man page
> ldap.conf(5)). This ensures that only LDAP settings in the FreeRADIUS
> config will be used.
>
> Of course I can also set this in the systemd unit. But for those not
> using systemd this would even be a nice better default.
I very much agree.
Alan DeKok.
More information about the Freeradius-Users
mailing list