[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ACL and ObjectClass
Hi,
In the slapd.access(5) manpage there's a text that says
'The statement attrs=<attrlist> selects the attributes the access
control rule applies to. It is a comma-separated list of attribute
types, plus the special names entry, indicating access to the entry
itself, and children, indicating access to the entry's children.
ObjectClass names may also be specified in this list, which will affect
all the attributes that are required and/or allowed by that objectClass.
Actually, names in <attrlist> that are prefixed by @ are
directly treated as objectClass names. A name prefixed by ! is also
treated as an objectClass, but in this case the access rule affects the
attributes that are not required nor allowed by that objectClass'.
this means if i have an ACL like:
access to attrs=!posixAccount
by * read
Only the attributes required and/or allowed by objectClass posixAccount
would be readed by anyone, right?
I tried this but it not work.
--
<+====================================================+>
.~. Gessy Caetano da Silva Júnior
/ v \ Laboratório de Computação Científica
/( )\ LCC/CENAPAD Tel: 3499-5389
^^-^^ Universidade Federal de Minas Gerais
GNU/Linux
<+====================================================+>