Hello,
I’m working on the acl on my ldap, and I have found a rule that puzzle me on it’s last statement :
by * +0 break
Well as 0 means no access what does +0 mean ? On my opinion it does nothing and the statement is equivalent to :
by * break
Am I correct or do I miss something ?
f.g.
— Frédéric Goudal Ingénieur Système, DSI Bordeaux-INP +33 556 84 23 11
On Fri, Jan 10, 2025 at 05:23:24PM +0100, Frédéric Goudal wrote:
I’m working on the acl on my ldap, and I have found a rule that puzzle me on it’s last statement :
by * +0 break
Well as 0 means no access what does +0 mean ? On my opinion it does nothing and the statement is equivalent to :
by * break
Am I correct or do I miss something ?
Hi Frédéric, yes, they should be equivalent - the person/software that created them probably wanted to avoid access being set back to "none" here or just wanted to be a little more explicit about the same.
Regards,
Hello,
Thanks for your answer. I’m not an acl guru and it’s on our main directory setup, so I prefer to be sure before cleaning my acls.
f.g.
Le 13 janv. 2025 à 13:05, Ondřej Kuzník ondra@mistotebe.net a écrit :
On Fri, Jan 10, 2025 at 05:23:24PM +0100, Frédéric Goudal wrote:
I’m working on the acl on my ldap, and I have found a rule that puzzle me on it’s last statement :
by * +0 break
Well as 0 means no access what does +0 mean ? On my opinion it does nothing and the statement is equivalent to :
by * break
Am I correct or do I miss something ?
Hi Frédéric, yes, they should be equivalent - the person/software that created them probably wanted to avoid access being set back to "none" here or just wanted to be a little more explicit about the same.
Regards,
-- Ondřej Kuzník Senior Software Engineer Symas Corporation http://www.symas.com Packaged, certified, and supported LDAP solutions powered by OpenLDAP
— Frédéric Goudal Ingénieur Système, DSI Bordeaux-INP +33 556 84 23 11
openldap-technical@openldap.org
-
Frédéric Goudal -
Ondřej Kuzník