[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ACLs: 'and' clause in ACLs
> Fabio Spelta writes:
>> I forgot a little detail: we are using version 2.0.27 (duh).
>> We replaced peername.ip with peername, this way it's been accepted by
>> slapd. Unfortunately it doesnt work, as it even refuses to bind.
>> Replacing =rw with "write" didn't make it either.
>> Any further help appreciated.
>
> Check the manual - slapd.access(5) I think.
> IIRC you need peername.regex="^IP=\127\.\0\.0\.1:"
I think in 2.0 the default was "regex" indeed; I'm not sure about the
exact format of the string. In 2.2 the default is "exact", there's a
"IP=" prefix and a trailing ":<port>", so the match must be done expecting
a string of the form "IP=<ip>:<port>". But, I repeat, I'm not sure about
2.0. I suggest you walk thru slapd with a debugger, and see what the
c_peername field (or anything like that) is set to in the Connection
structure.
p.
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497