[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: test006-acl fails in HEAD

> ~/openldap/ldap/tests/>diff -uibB testrun/ldapsearch.flt testrun/ldif.flt
> --- testrun/ldapsearch.flt      2004-06-18 09:28:28.977480433 -0500
> +++ testrun/ldif.flt    2004-06-18 09:28:29.003481698 -0500
> @@ -47,6 +47,7 @@
>  member: cn=Ursula Hampster,ou=Alumni
> Association,ou=People,dc=example,dc=com
>  owner: cn=Manager,dc=example,dc=com
>  description: All Alumni Assoc Staff
> +description: added by jaj
>  cn: Alumni Assoc Staff
>  objectClass: groupOfNames

Gotit: this write is allowed by the

access to dn.exact="cn=Alumni Assoc Staff,ou=Groups,dc=example,dc=com"
    by set="[cn=Alumni Assoc Staff,ou=Groups,dc=example,dc=com]/member* &
user" write
    by * read

rule, i.e. by sets; for some reason, they might be disabled or not working
on your system.  At present, I don't see any possibility of disabling sets
at compile time, so I assume they just don't work on your system for some
reason.  Can you investigate on that?  For instance, can you provide a
full log (at least with -d 128, for acl output) of the test?

Thanks, p.

Pierangelo Masarati

    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497