[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Wishes for set ACLs

To: Pierangelo Masarati <ando@sys-net.it>
Subject: Re: Wishes for set ACLs
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Thu, 17 Mar 2005 12:30:35 -0800
Cc: openldap-devel@OpenLDAP.org
In-reply-to: <4239D9D4.2030607@sys-net.it>
References: <hbf.20050317w1pw@bombur.uio.no> <6.2.1.2.0.20050317080103.05ad3480@mail.openldap.org> <4239D9D4.2030607@sys-net.it>

At 11:26 AM 3/17/2005, Pierangelo Masarati wrote:
>access to dn.exact="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
>   by set="[ldap:///dc=example,dc=com??sub?(uid=bjorn)]/uid & this/uid" read
>   by * auth
>
>which directly issues an internal search, in principle might incur in a deadlock, but it doesn't. 

Try that with directory modifications.

The operation thread grabs a write lock on the entry for
the modify operation, then spins off an internal search for
the set evaluation, which causes the thread to try to grab a
read lock on the entry.  As its using two different locker ids,
the thread is prone to self deadlock.

Kurt

Follow-Ups:
- Re: Wishes for set ACLs
  - From: Howard Chu <hyc@symas.com>

References:
- Wishes for set ACLs
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: Wishes for set ACLs
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: Wishes for set ACLs
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: Re: Wishes for set ACLs
Next by Date: Re: Wishes for set ACLs
Index(es):
- Chronological
- Thread