[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7758) slapcat exports entire databases when given a non-existent base

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#7758) slapcat exports entire databases when given a non-existent base
From: quanah@zimbra.com
Date: Thu, 5 Dec 2013 02:58:59 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

--On Wednesday, December 04, 2013 6:52 PM -0800 Howard Chu <hyc@symas.com> 
wrote:

> quanah@OpenLDAP.org wrote:
>> Full_Name: Quanah Gibson-Mount
>> Version: 2.4.35
>> OS: Linux 2.6
>> URL: ftp://ftp.openldap.org/incoming/
>> Submission from: (NULL) (75.111.58.125)
>>
>>
>> If the root of the primary database is "", and you try and export a base
>> that doesn't exist via slapcat, the entire database is exported (i.e.,
>> it acts like you specified "" as the base):
>
> Works as designed. -b selects the backend that matches the DN you
> provided. A backend with suffix "" matches anything that nothing more
> specific matched. If you wanted to filter down to a specific branch, you
> should have used -s. Closing this ITS.

There is no backend matching cn=accesslog.  There is only "" and 
"cn=monitor" on this particular server.  The goal here was not to export a 
subtree, it was something trying to export the delta-syncrepl accesslog on 
a server that didn't have one.  That should result in an error, not match 
the primary db rooted at "".  I certainly wouldn't expect -n 3 to default 
to -n 1 if -n 3 doesn't exist.  Neither should -b "cn=accesslog" default to 
-b "".  Those clearly do not match.

--Quanah


--

Quanah Gibson-Mount
Architect - Server
Zimbra, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration

Prev by Date: Re: (ITS#7758) slapcat exports entire databases when given a non-existent base
Next by Date: Re: (ITS#7758) slapcat exports entire databases when given a non-existent base
Index(es):
- Chronological
- Thread