[Date Prev][Date Next]
Re: set ACL specification/syntax
--On Friday, March 06, 2009 4:04 PM -0500 Andrew Cobaugh
On Fri, Mar 6, 2009 at 3:57 PM, Quanah Gibson-Mount <firstname.lastname@example.org>
--On Friday, March 06, 2009 3:46 PM -0500 Andrew Cobaugh
I think the set clause should at least be based on something like,
set="this/cn & user/uid" but with extra stuff in there to require a
colon and one or more characters only.
Add a second cn value to the entry that matches the uid. ÂThat way
this/cn would match. Âcn is multivalued afterall. ;)
Hmm, not sure that would work, as there are already entries like that
(everyone gets a group that matches their uid, which becomes their
primary posix group).
Let me try it and see if it breaks anything...
Please keep replies on the list.
If you set the cn value on every group they are supposed to be able to
write to, then they'll be able to write to any of those groups. I.e.,
"this/cn" is the group entry in question. I'm assuming you want them to be
able to write to any group they have control of. If you don't, then simply
remove the cn=uid value from the group.
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration