masarati@aero.polimi.it wrote:
By the way, I'm beginning to look at converting back-meta to dynamic config. Did you ever make any start at this?
No, please go ahead. I'm sorry the need to use nested entries is too complex for me to deal with based on my current (lack of) time.
OK. The basic framework is in place now, Add and Emit appear to work. I haven't done Delete yet. If you have any suggestions for sanity-checking the current code, that would be helpful. Much of it is copy/pasted from slapd-ldap and slapo-rwm.
I see a few puzzling inconsistencies, like the existence of acl-passwd and acl-authcDN keywords that don't actually have any functional code behind them. I would guess they should have been replaced with acl-bind but there's no implementation of that anywhere either.
Also wondering if the idassert-passthru from back-ldap ought to be added here.
The manpage is quite out of date, it still says to look at slapd-ldap(5) for the mapping/rewrite docs, but that text was dropped and moved to slapo-rwm(5).
-
Howard Chu