[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Debian style cn=config
Hi,
while looking what debian generates in their cn=config for Debian Jessie I found following acl on the frontend database:
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
olcAccess: {1}to dn.exact="" by * read
olcAccess: {2}to dn.base="cn=Subschema" by * read
olcSizeLimit: 500
I somehow fail to grasp the relevance of granting manage access to the frontend database.
Is it just me or is this is acl just mindless pasting.
Apart from that debian jessie is now on openldap 2.4.40 thoug still built agains gnutls.
Greetings
Christian
--
Christian Kratzer CK Software GmbH
Email: ck@cksoft.de Wildberger Weg 24/2
Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden
Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart
Mobile: +49 171 1947 843 Geschaeftsfuehrer: Christian Kratzer
Web: http://www.cksoft.de/