Re: ACL for sync reader

On 3/6/21 1:41 PM, Frédéric Goudal wrote: Sorry for nit-picking: 'break' is not about assigning access rights (privileges or levels). 'stop', 'break' and 'continue' simply control the flow of ACL processing. The same privileges could be altered by several ACLs processed and 'break' is needed for passing control flow to the next ACL. See section 'THE <CONTROL> FIELD' of slapd.access(5) for details. As an example you could also take a look at Æ-DIR's replication ACLs: https://gitlab.com/ae-dir/ansible-ae-dir-server/-/blob/master/templates/s... In this setup 'ae-providers' is the group of all writeable provider replicas and 'ae-replicas' is the group of all provider *and* read-only consumer replicas. Ciao, Michael.