[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3819) Strange slapd.conf diagnostic after authz-regexp

Hallvard B Furuseth wrote:
> Aha.  That solved a small mystery for me, once I looked at it
> in cn=config:
> The root DSE no longer uses ACLs from the first database.
> it Only uses the global ACLs and the 'database frontend' ACLs,
> because the supposedly global ACLs end up in frontendDB.
Yes. This was discussed recently
but I don't think any course of action was decided.
> Also, rootdn/rootpw was also applied from the first database, but
> those are now taken from frontendDB and I can't get rootdn/rootpw
> from frontendDB to work.

Well, rootpw makes no sense for the frontendDB. The question about 
rootdn is still open.
> Howard Chu writes:
>> At the time it occurs, the current backend is the frontendDB.  (...)
>> This probably should be straightened out, but at the moment it seems
>> harmless and we have other things to worry about.
>>> authz-regexp cn=x cn=y
>>> foobar
>>> gets this message from slaptest -d 64:
>>> unknown directive <foobar> inside backend database definition (ignored).
>>> (...)

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support