[Date Prev][Date Next] [Chronological] [Thread] [Top]

Access Control Lists



Hiya,

 

I’m having a heck of a time trying to get my ACL’s to work properly.

 

My goal is to be logged in as “root” and then “id tc” (tc is my personal user). 

 

Here is my ACL’s:

 

access to attr=userPassword

   by self write

   by anonymous auth

   by * none

 

access to *

   by self write

   by users read

   by * none

 

With this ACL if I type in “id tc” then I get back:

 

ksh# id tc

id: tc: No such user

 

If I change the last line from “by * none” to “by * read” then it appears to work:

 

access to attr=userPassword

   by self write

   by anonymous auth

   by * none

 

access to *

   by self write

   by users read

   by * read

 

ksh# id tc

uid=500(tc) gid=100(users) groups=100(users),101(pcusers),500(cvs),3000(guests),4000(ftpguest),5000(database),6000(webadmin),7000(java)

 

It looks to me like the “by users read” portion isn’t working properly but I don’t know why (unless it’s a bug).  I’m running openldap 2.2.13-2.

 

Thanks

Thomas

 


--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.296 / Virus Database: 265.5.0 - Release Date: 12/9/2004

No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.296 / Virus Database: 265.5.0 - Release Date: 12/9/2004