[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ACL that makes me crazy
> 'llo there :-D
>
> I've a tree like:
>
> ou=login,o=linkas,c=it # This is where I store users
> ou=info,o=linkas,c=it # This is where I store data
>
> user "myself" should access: ou=1,ou=info,o=linkas,c=it
> user "himself" should access: ou=2,ou=info,o=linkas,c=it
> user "herself" should access: ou=3,ou=info,o=linkas,c=it
>
> I want each user be owner of its own tree but I don't want each other
> see other's contents
>
> # This should deny access to anyone, but hey!, keep on reading
> #
Remove this entirely
> access to dn.children="ou=info,o=linkas,c=it"
> by users read continue
> by * none
> #
> # This should allow each user to have access on its own branch
> #
add by * none to each of these
> access to dn.subtree="ou=1,ou=info,o=linkas,c=it"
> by dn.base="uid=myself,ou=login,o=linkas,c=it" write
by * none
> access to dn.subtree="ou=2,ou=info,o=linkas,c=it"
> by dn.base="uid=himself,ou=login,o=linkas,c=it" write
by * none
> access to dn.subtree="ou=3,ou=info,o=linkas,c=it"
> by dn.base="uid=herself,ou=login,o=linkas,c=it" write
by * none
>
>
See what that does for you.