Full_Name: Hallvard B Furuseth Version: HEAD OS: URL: Submission from: (NULL) (129.240.6.233) Submitted by: hallvard
back-ldif deadlocks on Modify access control in test006-acls (modified to support back-ldif). It tries to lock li_rdwr for both write (for the modify) and read (reading entries for access control) at the same time.
However the manpage says The LDIF backend does not honor any of the access control semantics described in slapd.access(5).
Only read (=r) access to the entry pseudo-attribute and to the other attribute values of the entries returned by the search operation is honored, which is performed by the frontend.
Should the manpage be updated (and maybe more acl calls be added), or should the acl call be removed?
Assuming the acl call should be there, one simple fix could be to introduce a 'li_wlock' mutex, lock it early on LDAP update operations, and delay locking li_rdwr until the operation is about to update the database. That can also get rid of the entry2str_mutex abuse. I've written a patch and it works, but something broke test045. Will look again later, if we are to keep the acl call(s).