Logged in as guest
Viewing Incoming/6035 Full headers
Major security issue: yes no
Notes: Notification:
Date: Thu, 26 Mar 2009 03:33:37 +0000 From: dgbaley27@verizon.net To: openldap-its@OpenLDAP.org Subject: slapd requires restart after modifying olcAuthzRegexp
Full_Name: Matthew Monaco Version: 2.4.11 OS: GNU/Linux 2.6.27-7 (Ubuntu 8.10 Server JeOS) URL: Submission from: (NULL) (96.242.209.249) After modifying existing olcAuthzRegexp and/or adding/removing additional olcAuthzRegexp from cn=config, I needed to restart slapd for the changes to take effect. I'm not sure if it matters but I was using ldapvi to do the modification. I can however, confirm that the changes immediately appeared in various other ldap browsers (such as Apache Directory Studio).
Date: Thu, 26 Mar 2009 09:13:13 -0700 From: hyc@symas.com To: dgbaley27@verizon.net Cc: openldap-its@openldap.org Subject: Re: (ITS#6035) slapd requires restart after modifying olcAuthzRegexp
This is a known limitation in authz regexp support. There are no plans to change this any time soon. On Thu, Mar 26, 2009 at 03:33:37AM +0000, dgbaley27@verizon.net wrote: > Full_Name: Matthew Monaco > Version: 2.4.11 > OS: GNU/Linux 2.6.27-7 (Ubuntu 8.10 Server JeOS) > URL: > Submission from: (NULL) (96.242.209.249) > > > After modifying existing olcAuthzRegexp and/or adding/removing additional > olcAuthzRegexp from cn=config, I needed to restart slapd for the changes to take > effect. > > I'm not sure if it matters but I was using ldapvi to do the modification. > > I can however, confirm that the changes immediately appeared in various other > ldap browsers (such as Apache Directory Studio).
Date: Thu, 26 Mar 2009 13:20:45 -0700 From: Quanah Gibson-Mount <quanah@zimbra.com> To: hyc@symas.com, openldap-its@openldap.org Subject: Re: (ITS#6035) slapd requires restart after modifying olcAuthzRegexp
--On Thursday, March 26, 2009 4:14 PM +0000 hyc@symas.com wrote: > This is a known limitation in authz regexp support. There are no plans > to change this any time soon. Where's this limitation documented? What other parameters in the config backend have the same flaw? We've certainly fixed this for a number of other things. I don't even see authz-regexp/olcAuthzRegexp mentioned in chapters 5 or 6 in the admin guide, and the man pages don't note this limitation. --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
Date: Thu, 26 Mar 2009 21:27:32 +0100 From: Pierangelo Masarati <ando@sys-net.it> To: quanah@zimbra.com CC: openldap-its@openldap.org Subject: Re: (ITS#6035) slapd requires restart after modifying olcAuthzRegexp
quanah@zimbra.com wrote: > --On Thursday, March 26, 2009 4:14 PM +0000 hyc@symas.com wrote: > >> This is a known limitation in authz regexp support. There are no plans >> to change this any time soon. > > Where's this limitation documented? What other parameters in the config > backend have the same flaw? We've certainly fixed this for a number of > other things. Indeed, it has been finally, although rather inelegantly, fixed in slapo-rwm(5), AFAIR. p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------
______________ © Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org
