openldap

mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00

History

Quanah Gibson-Mount 1df85d3427 Happy New Year!		2017-01-03 12:36:47 -08:00
..
gssacl.c	Add GSS naming extensions ACL plugin	2011-05-09 13:55:40 +02:00
Makefile	ITS#7782 tweak contrib/slapd-modules/**/Makefile	2014-12-16 19:52:44 +00:00
posixgroup.c	Happy New Year!	2017-01-03 12:36:47 -08:00
README.gssacl	ITS#7308 contrib/slapd-modules: Add missing Makefiles	2012-06-26 06:30:26 -07:00
README.posixgroup	Happy New Year!	2017-01-03 12:36:47 -08:00

README.posixgroup

This directory contains native slapd plugins that implement access rules.

posixgroup.c contains a simple example that implements access control
based on posixGroup membership, loosely inspired by ITS#3849.  It should
be made clear that this access control policy does not reflect any
standard track model of handling access control, and should be 
essentially viewed as an illustration of the use of the dynamic 
extension of access control within slapd.

To use the acl-posixgroup plugin, add:

moduleload acl-posixgroup.so

to your slapd configuration file; it requires "nis.schema" to be loaded.
It is configured using

access to <what>
	by dynacl/posixGroup[.{exact,expand}]=<dnpat> {<level>|<priv(s)}

The default is "exact"; in case of "expand", "<dnpat>" results from
the expansion of submatches in the "<what>" portion.  "<level>|<priv(s)>"
describe the level of privilege this rule can assume.

Use Makefile to compile this plugin or use a command line similar to:

gcc -shared -I../../../include -I../../../servers/slapd -Wall -g \
	-o acl-posixgroup.so posixgroup.c

---
Copyright 2005-2017 The OpenLDAP Foundation. All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted only as authorized by the OpenLDAP
Public License.