1 Dec
2014
1 Dec
'14
3 a.m.
Hi,
while looking what debian generates in their cn=config for Debian Jessie I found following acl on the frontend database:
dn: olcDatabase={-1}frontend,cn=config objectClass: olcDatabaseConfig objectClass: olcFrontendConfig olcDatabase: {-1}frontend olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break olcAccess: {1}to dn.exact="" by * read olcAccess: {2}to dn.base="cn=Subschema" by * read olcSizeLimit: 500
I somehow fail to grasp the relevance of granting manage access to the frontend database.
Is it just me or is this is acl just mindless pasting.
Apart from that debian jessie is now on openldap 2.4.40 thoug still built agains gnutls.
Greetings Christian
--
Christian Kratzer CK Software GmbH
Email: ck@cksoft.de Wildberger Weg 24/2
Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden
Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart
Mobile: +49 171 1947 843 Geschaeftsfuehrer: Christian Kratzer
Web: http://www.cksoft.de/