[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#3849) support for posixGroup use in ACLs
Full_Name: Jason Townsend
Version: 2.2.19, HEAD
OS: 10.4.1
URL: http://www.opendarwin.org/~jtownsend/patches/posixgroupacl/servers-slapd.patch
Submission from: (NULL) (24.7.116.24)
It can be useful to use a posixGroup in the RFC 2407 style from an access
directive when running on a Unix platform that uses shortnames to determine
group membership. For example:
access to attr=apple-user-picture
by self write
by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
by group/posixGroup/memberUid="cn=admin,cn=groups,dc=example,dc=com" write
by * read
I've prepared a patch against HEAD which allows this to work. This was ported
from a change against OpenLDAP 2.2.19.
http://www.opendarwin.org/~jtownsend/patches/posixgroupacl/servers-slapd.patch