We have a customer at SUSE who wishes to implement a non-standard configuration in which the running gid is not the primary gid of the uid that the server runs as. Currently this trips up most of our setup tools.

Rather than support dropping to an alternate gid in the server, it is simpler to allow systemd to pre-configure our user and group at start up. This needs a small number of changes.

• dscreate needs to correctly setup file ownships for dse.ldif and friends rather than relying on the server having root access and changing the perms itself
• That our unit file needs to enable the CAP_NET_BIND privilege so that the service can bind to ports lower than 1024 without being root
• That the server needs to not attempt to change it's uid/gid if we are already running as that user/gid.