# lemonldap-ng.ini must be readable by www-data but not by other (db passwords
# can be set here
non-standard-file-perm etc/lemonldap-ng/lemonldap-ng.ini 0640 != 0644

# If file storage is used for configuration, DB passwords can be stored here
# so this directory must not be readable by all
non-standard-dir-perm var/lib/lemonldap-ng/conf/ 0750 != 0755

# If file storage is used for configuration, later configuration files will be
# in 0640 mode. So the first is adjusted so
non-standard-file-perm var/lib/lemonldap-ng/conf/lmConf-1.json 0640 != 0644

# If file storage is used for sessions, user passord may be stored in this
# directory, so it must not be readable by all but must be writable by www-data
non-standard-dir-perm var/lib/lemonldap-ng/cache/ 0770 != 0755
non-standard-dir-perm var/lib/lemonldap-ng/sessions/ 0770 != 0755
non-standard-dir-perm var/lib/lemonldap-ng/sessions/lock/ 0770 != 0755
non-standard-dir-perm var/lib/lemonldap-ng/psessions/ 0770 != 0755
non-standard-dir-perm var/lib/lemonldap-ng/psessions/lock/ 0770 != 0755
