[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL's again...

To: openldap-software@OpenLDAP.org
Subject: ACL's again...
From: Raj Mathur <raju@sgi.com>
Date: Fri, 24 Dec 1999 22:50:38 +0530 (IST)

Hi,

I have this weird problem, where I add an ACL and the server goes into
a hang (or atleast a sleep) whenever it tries to process a record
which matches that ACL.  In my slapd.conf given below, slapd (1.2.7)
freezes whenever it reaches a record which matches the
``ou=emailUser'' ACL.  It seems to process records matching the other
ACL's just fine.

(BTW, tips on improving this slapd.conf would be appreciated).  The
system is the RedHat OpenLDAP RPM installed on a more-or-less standard 
RedHat Linux 6.1 system.

include /etc/openldap/slapd.at.conf
include /etc/openldap/slapd.oc.conf
# schemacheck on
# referral ldap://ldap.itd.umich.edu

# ldbm definition for the U-M database
database ldbm
cachesize 4
suffix		"O=SGI, C=IN"
suffix		"dc=linux-delhi,dc=org"
directory	/var/tmp/ldap
rootdn		"CN=Manager, DC=linux-delhi, DC=org"
rootpw		secret
defaultaccess	read
lastmod		on
#
# ACL's for VishwaKarma
#
access to dn="domainName=(.*),ou=virtualDomain,dc=linux-delhi,dc=org"
	by self write
	by domain=localhost read
	by * none
access to dn="hostName=.*+domainName=(.*),ou=virtualHost,dc=linux-delhi,dc=org"
	by self write
	by dn="domainName=$0,ou=virtualDomain,dc=linux-delhi,dc=org" write
	by domain=localhost read
	by * none
access to dn="userID=.*+hostName=(.*)+domainName=(.*),ou=emailUser,dc=linux-delhi,dc=org"
	by self write
	by dn="hostName=$1+domainName=$2,ou=virtualHost,dc=linux-delhi,dc=org" write
	by dn="domainName=$2,ou=virtualDomain,dc=linux-delhi,dc=org" write
	by domain=localhost read
	by * none
access to *
	by * read

Regards,

-- Raju

Follow-Ups:
- ACL's again...
  - From: Raj Mathur <raju@sgi.com>

Prev by Date: More ACL's (check bind, etc)
Next by Date: ACL's again...
Index(es):
- Chronological
- Thread