Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[enh] Bind OpenLDAP socket on localhost #706



None yet
2 participants
Copy link

commented Apr 11, 2019

The problem

OpenLDAP service open its socket on every network interfaces. This is not usefull as services are only connected to localhost.


Change default OpenLDAP configuration to only bind on localhost.

PR Status

How to test

This command

lsof -i :389 | grep LISTEN

should display binding on localhost only

slapd    3559 openldap    8u  IPv4 34292432      0t0  TCP localhost:ldap (LISTEN)
slapd    3559 openldap    9u  IPv6 34292433      0t0  TCP localhost:ldap (LISTEN)


  • Principle agreement 0/2 :
  • Quick review 0/1 :
  • Simple test 0/1 :
  • Deep review 0/1 :

@alexAubin alexAubin added this to the 3.6.x milestone Apr 12, 2019

Copy link

left a comment



This comment has been minimized.

Copy link

commented Apr 16, 2019

To be discussed tho, but there's a advanced use case where people are interested in having access to the LDAP database from an external server ... So one could imagine having a global setting to enable / disable the exposure of LDAP on the outside. But imho that's okay to merge as is... Advanced users can still edit this file if they want to (though that increases the tweaking cost)


This comment has been minimized.

Copy link

commented Apr 22, 2019

Planning to merge in a few days

@alexAubin alexAubin merged commit 923a929 into YunoHost:stretch-unstable Apr 25, 2019

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.