[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6641) Syncrepl failure with 'overlay unique'
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/21/2011 04:11 AM, hyc@symas.com wrote:
> ondrej.kuznik@acision.com wrote:
>> After a conversation with Howard, I have modified the patches so that
>> the overlay check for the ManageDsaIt control instead. That control
>> should be set for each operation coming from replication. The patches
>> are here:
>> ftp://ftp.openldap.org/incoming/ondrej-kuznik-20101202-unique_bypass_v2.tgz
>>
>> Is there anything else that comes to mind?
>
> I'm not sure it merits a config keyword. We already have instances where
> administrators are implicitly allowed to bypass rules that restrict normal
> users, and replication is obviously a system-level operation, not user level.
>
Rereading the discussions makes me agree with you. I have prepared a
patch without the config keyword and modified the slapo-unique manpage
accordingly.
ftp://ftp.openldap.org/incoming/ondrej-kuznik-20110506-unique_bypass_v3.tgz
Again the IPR notice:
The attached modifications to OpenLDAP Software are subject to the
following notice:
Copyright 2010 Acision
Redistribution and use in source and binary forms, with or without
modification, are permitted only as authorized by the OpenLDAP Public
License.
- --
Ondrej Kuznik
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk3D6ZkACgkQ9GWxeeH+cXtv7ACgl+6zPsyecGdWxjEnDL2CPDDp
2HoAoJ3D1XcuAJ1d+L/kwLLBltbo/ifo
=RyJh
-----END PGP SIGNATURE-----
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.