On 04/07/2014 05:00 PM, Simo Sorce wrote:
On Mon, 2014-04-07 at 16:43 +0200, Martin Kosek wrote:
On 04/03/2014 01:34 PM, Petr Viktorin wrote:
This adds anonymous read access to containers, as discussed in this thread:
Additionally access is granted for $SUFFIX itself with targetfilter
"(objectclass=domain)", and attributes objectclass, dc, info, nisDomain,
These are raw ACIs, not permission-based ones.
Starting a new sub-thread to differential from the LDIF/update file fixes.
I tested the new ACI and it worked ok for me (is a prerequisite for easy
testing of the subsequent ACI patches). I assume you plan to handle cn=etc tree
in other patch.
ACK from me in that case (not pushing right now to let Simo raise any concerns
he may have).
Thanks, pushed to master: 0e659983a6454370021a748d7534cad9febd6cc1
I do not have any concern on the ACI itself, I only mused about ldif
+update vs update only, sorry if I gave the worng impression.
Freeipa-devel mailing list