[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3532) test006-acls: warning: cannot assess the validity of the ACL scope within backend naming context

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#3532) test006-acls: warning: cannot assess the validity of the ACL scope within backend naming context
From: h.b.furuseth@usit.uio.no
Date: Sat, 17 Sep 2005 22:29:54 GMT

Pierangelo Masarati writes:
> I'd reverse the comment.  If one puts an ACL that scopes outside the
> database, one for some reason may be led to think that the ACL applies
> to data outside the database as well.  For example, people may put
> ACLs scoping the rootDSE into the first database block, because that's
> how things used to work in slapd.

OK, it's good to warn that the semantics of slapd.conf has changed,
but this warning _doesn't_ mention that the semantics has changed.

Sounds to me like these warning should be replaced with a single message
if there are such access directives in the first database, saying

  Warning: OpenLDAP 2.3 no longer applies "access" directives in the
  first database to the root DSE and cn=subschema

-- 
Hallvard

Prev by Date: Re: (ITS#3704) slapd: socket problem using gcc elf-64
Next by Date: Re: OpenLDAP port to strict POSIX 1003.1-2001 hosts (ITS#2667)
Index(es):
- Chronological
- Thread