[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#3849) support for posixGroup use in ACLs

To: openldap-its@OpenLDAP.org
Subject: (ITS#3849) support for posixGroup use in ACLs
From: jtownsend@opendarwin.org
Date: Fri, 8 Jul 2005 15:30:37 GMT

Full_Name: Jason Townsend
Version: 2.2.19, HEAD
OS: 10.4.1
URL: http://www.opendarwin.org/~jtownsend/patches/posixgroupacl/servers-slapd.patch
Submission from: (NULL) (24.7.116.24)


It can be useful to use a posixGroup in the RFC 2407 style from an access
directive when running on a Unix platform that uses shortnames to determine
group membership. For example:

access to attr=apple-user-picture 
  by self write
  by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write 
  by group/posixGroup/memberUid="cn=admin,cn=groups,dc=example,dc=com" write
  by * read

I've prepared a patch against HEAD which allows this to work. This was ported
from a change against OpenLDAP 2.2.19.

http://www.opendarwin.org/~jtownsend/patches/posixgroupacl/servers-slapd.patch

Prev by Date: (ITS#3847) lots of warning fixes
Next by Date: (ITS#3850) OpenLDAP 2.2.26-sasl hang after "defferring operation: binding"
Index(es):
- Chronological
- Thread