Commit Graph

74 Commits

Author SHA1 Message Date
Pierangelo Masarati
e5fc7845fc clarify the required access to add the suffix of a database (consequence of ITS#4552) 2006-05-20 11:12:05 +00:00
Ralf Haferkamp
4d46b8b747 Additional fix for ITS#4522. The "dn=" ist not optional. 2006-05-12 11:48:57 +00:00
Pierangelo Masarati
fbbb8a5d93 fix ITS#4522; imply "+0" when no access is given 2006-05-10 22:25:06 +00:00
Kurt Zeilenga
e1b3ad0590 (very) basic documentation of "m"anage access 2006-04-12 06:03:12 +00:00
Kurt Zeilenga
a39d48d045 LDBM is obsolete. 2006-01-13 18:28:58 +00:00
Pierangelo Masarati
a54ca7a6ce factor ACI code out of slapd; now it can only use dynacl layer 2006-01-06 17:12:35 +00:00
Kurt Zeilenga
acbb5cf689 Happy new year! 2006-01-03 23:11:52 +00:00
Pierangelo Masarati
99a6ba2e10 reflect additions to dynacl config syntax 2005-08-22 16:30:41 +00:00
Pierangelo Masarati
9ba68f902d provide a useful example 2005-07-18 17:24:07 +00:00
Pierangelo Masarati
deec44b89a fix further ITS#3830 issues; allow to specify a matching rule for non-DN match 2005-07-05 12:00:14 +00:00
Hallvard Furuseth
135672c910 Manpage typos 2005-07-04 06:57:10 +00:00
Kurt Zeilenga
3e800f20bd <limits.h> cleanup && ITS#3643 2005-04-10 19:32:14 +00:00
Pierangelo Masarati
140b33927f more to partial fulfilment of ITS#3639 2005-04-08 19:27:22 +00:00
Pierangelo Masarati
111deb128e partial fulfilment of ITS#3639; need to check other backends thoroughly 2005-04-08 18:41:13 +00:00
Pierangelo Masarati
f1698e30f5 update diagnostics and man pages 2005-04-04 12:24:50 +00:00
Pierangelo Masarati
584b21d20b initial commit of "level" styles for "dn" and "self" by clauses (ITS#3615) 2005-03-31 18:10:11 +00:00
Kurt Zeilenga
a0fa7f7901 Document partially implemented "disclose" level.
"manage" remains undocumented (and unimplemented).
2005-03-19 18:46:07 +00:00
Pierangelo Masarati
b381e1bcc8 cosmetic changes 2005-01-12 14:25:08 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Pierangelo Masarati
ca5d5c6fc7 back out previous commit 2004-11-15 22:54:17 +00:00
Pierangelo Masarati
f872ad29ba move special dn patterns to style enum; add creator special dn pattern 2004-11-15 22:21:50 +00:00
Pierangelo Masarati
1b21fba38c <CONTROL> deserves a separate section 2004-11-12 12:45:10 +00:00
Pierangelo Masarati
a9f2f12b93 clearly indicate what the default rules are 2004-10-28 17:53:46 +00:00
Kurt Zeilenga
54f6cf0b2c Clarify which kinds of regexs are used. 2004-10-17 19:32:13 +00:00
Pierangelo Masarati
c4123bb613 document submatches provided by non-regex <what> clauses 2004-10-06 23:19:53 +00:00
Kurt Zeilenga
424d673a6c Update SSF comments 2004-09-13 20:43:33 +00:00
Pierangelo Masarati
23c5f4c09f small improvements 2004-07-06 22:37:22 +00:00
Pierangelo Masarati
f64283ccae beautify and clarify <what> clause usage and defaults 2004-06-28 14:33:35 +00:00
Pierangelo Masarati
44e8ffd4fe clarify the use of regex and expand in by dn clauses 2004-06-28 10:22:48 +00:00
Pierangelo Masarati
05b60e6b1e s/to/by/ 2004-06-17 22:51:03 +00:00
Pierangelo Masarati
a0dfadceef mention new tools 2004-06-15 22:40:53 +00:00
Pierangelo Masarati
b1718c4f69 mention new tools 2004-06-15 22:39:08 +00:00
Pierangelo Masarati
71142cc7e5 mention new tools 2004-06-15 22:38:31 +00:00
Pierangelo Masarati
9c10415919 - clarify when $$ must be used in regex;
- clarify access privileges of rootdn;
- clarify that auth access is always required when performing authz-regexp,
  not only for proxyAuthz
2004-04-19 01:19:41 +00:00
Kurt Zeilenga
349c7834ce Rename config options and attribute names (for 2.3). 2004-04-16 02:29:55 +00:00
Pierangelo Masarati
006745430e allow "expand" style in peername, sockname, sockurl as well; more sanity checks 2004-03-09 19:44:14 +00:00
Pierangelo Masarati
042869366d use "expand" instead of "regex" for group ACLs that allow substring expansion, preserving backwards compatibility; add sanity checks 2004-03-09 16:33:05 +00:00
Pierangelo Masarati
f5a9f62578 clarify that's useless to give write privileges to the roodn of a database... 2004-01-14 23:11:48 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Pierangelo Masarati
8e89944abc for consistency, always allow 'onelevel' as an alias for 'one' in dnstyle 2003-12-20 15:29:05 +00:00
Kurt Zeilenga
aabcce3e58 Document +0 2003-12-19 05:06:51 +00:00
Pierangelo Masarati
ca52621c1b some notes on access required by proxyAuthz control;
note that other controls may need different access
privileges via, e.g., backend_attribute() (syncrepl?)
2003-12-18 00:27:01 +00:00
Kurt Zeilenga
c4c6a38a0b Dont mention bare oc in list. 2003-12-17 17:48:56 +00:00
Kurt Zeilenga
30a1ff596d s/+/@/ in OC attr lists 2003-12-17 17:36:41 +00:00
Pierangelo Masarati
947f41832e more clarifications on dnstyle usage 2003-12-16 11:20:59 +00:00
Pierangelo Masarati
ee34f3fb64 add to 'val[.<style>=<value>' ACLs special match styles for DN-valued attributes; add negated objectClass to attribute name lists for ACLs and partial replication 2003-12-16 00:49:10 +00:00
Kurt Zeilenga
75b9f8acdc Make a few OPERATIONAL REQUIREMENT clarifications
Clean up formating
2003-12-15 18:41:23 +00:00
Pierangelo Masarati
7444352358 describe detailed access levels required for each operation 2003-12-15 17:55:55 +00:00
Pierangelo Masarati
9620cacd34 clarify the usage of the <modifier> field in 'dn' and 'domain' clauses of <who> access directive 2003-11-01 14:14:09 +00:00
Kurt Zeilenga
f6c1163eea clarify that replacement, but not expression evaluation,
is done on the string in group.regex=string
We really should rename the style, in this case, to "replacement".
2003-10-15 08:04:25 +00:00