[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Inserting ACLs in CN=config



Christian Marg wrote:
Hello.

Howard Chu wrote:
Christian Marg wrote:
from reading the AdminGuide and a quick search through the FAQ-o-Matic I
couldn't gather how I'd insert a new ACL between the existing rules 2
and 3...
Reread section 5.3.6 of the Admin Guide. This has been documented for
more than a year.

I took my time to read that section, for a third time. And no, it doesn't answer my question. It does document how to change the second rule - not how to insert a "2.5th" rule.

So it seems like I have to do an LDAPsearch to gather all the olcAccess
values, insert a new one between two of them, prepend the weight-numbers
to them and put them in an LDIF to replace the whole attribute. How
inconvenient.

No. You're right that would be inconvenient, and nobody would want that.

I guess we need to copy more of the examples from http://www.highlandsun.com/hyc/drafts/draft-chu-ldap-xordered-xx.html

If you have an attribute with the values
	olcaccess: {0}foo
	olcaccess: {1}bar

and you want to insert a new value, just prepend the number of where you want the new value to go. The others will be pushed down automatically.

add: olcaccess:
olcaccess: {1}blah

result:
	olcaccess: {0}foo
	olcaccess: {1}blah
	olcaccess: {2}bar

--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP     http://www.openldap.org/project/