[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ACL
Hi,
I have a question about the ACL, here's the log of a connexion by user
AdminContacts (he is not the superuser) to the database
daemon: socket() failed errno=97 (Address family not supported by
protocol)
bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19,
2002)
Global ACL: access to attrs=userPassword
by dn.base=cn=admincontacts,ou=contacts,dc=e-qual,dc=fr
write(=wrscx)
by anonymous auth(=x)
by self write(=wrscx)
by * none(=n)
Global ACL: access to dn.subtree=ou=contacts,dc=e-qual,dc=fr
by dn.base=cn=admincontacts,ou=contacts,dc=e-qual,dc=fr
write(=wrscx)
by * none(=n)
Global ACL: access to *
by self write(=wrscx)
by users read(=rscx)
by anonymous read(=rscx)
bdb_db_init: Initializing BDB database
slapd starting
1 => access_allowed: auth access to
"cn=AdminContacts,ou=Contacts,dc=e-qual,dc=fr" "userPassword" requested
2 => acl_get: [1] check attr userPassword
3 <= acl_get: [1] acl cn=AdminContacts,ou=Contacts,dc=e-qual,dc=fr
attr: userPassword
4 => acl_mask: access to entry
"cn=AdminContacts,ou=Contacts,dc=e-qual,dc=fr", attr "userPassword"
requested
5 => acl_mask: to all values by "", (=n)
6 <= check a_dn_pat: cn=admincontacts,ou=contacts,dc=e-qual,dc=fr
7 <= check a_dn_pat: anonymous
8 <= acl_mask: [2] applying auth(=x) (stop)
9 <= acl_mask: [2] mask: auth(=x)
10 => access_allowed: auth access granted by auth(=x)
My question is simple :
can someone could me explain the meaning of the lines 1 to 10
(and if possible the [1] and [2])?
I think understand but I would want a confirmation
Thanks for the answer
Philippe
- Follow-Ups:
- Re: ACL
- From: Joshua Bernstein <bjosh@engr.arizona.edu>