[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL



Hi,

I have a question about the ACL, here's the log of a connexion by user
AdminContacts (he is not the superuser) to the database


daemon: socket() failed errno=97 (Address family not supported by
protocol)
bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19,
2002)
Global ACL: access to attrs=userPassword
        by dn.base=cn=admincontacts,ou=contacts,dc=e-qual,dc=fr
write(=wrscx)
        by anonymous auth(=x)
        by self write(=wrscx)
        by * none(=n)

Global ACL: access to dn.subtree=ou=contacts,dc=e-qual,dc=fr
        by dn.base=cn=admincontacts,ou=contacts,dc=e-qual,dc=fr
write(=wrscx)
        by * none(=n)

Global ACL: access to *
        by self write(=wrscx)
        by users read(=rscx)
        by anonymous read(=rscx)

bdb_db_init: Initializing BDB database
slapd starting


1   => access_allowed: auth access to
"cn=AdminContacts,ou=Contacts,dc=e-qual,dc=fr" "userPassword" requested
2   => acl_get: [1] check attr userPassword
3   <= acl_get: [1] acl cn=AdminContacts,ou=Contacts,dc=e-qual,dc=fr
attr: userPassword
4   => acl_mask: access to entry
"cn=AdminContacts,ou=Contacts,dc=e-qual,dc=fr", attr "userPassword"
requested
5   => acl_mask: to all values by "", (=n)
6   <= check a_dn_pat: cn=admincontacts,ou=contacts,dc=e-qual,dc=fr
7   <= check a_dn_pat: anonymous
8   <= acl_mask: [2] applying auth(=x) (stop)
9   <= acl_mask: [2] mask: auth(=x)
10  => access_allowed: auth access granted by auth(=x)


My question is simple : 
	can someone could me explain the meaning of the lines 1 to 10
(and if possible the [1] and [2])?

I think understand but I would want a confirmation

Thanks for the answer


Philippe