Howard Chu wrote: > [EMAIL PROTECTED] wrote: >> The global ACLs are not added to newly created backends, i.e a server >> restart >> must be done before they are included. The patch at the end should >> fix this. OK >> to commit Howard? > > My preference here would be to rip out everything that appends the > global ACLs and instead change the access_allowed checker to reference > the global ACLs directly when needed.
Agreed, that would also fix the problem that dynamic updates to the global ACLs requires a restart to be effective. I can look into this next week. To be sure I have the semantics correct, it should be to evalutate ALCs local to the backend first, then the global, until a matching entry has been found? Rein
