-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/21/2011 04:11 AM, [email protected] wrote: > [email protected] wrote: >> After a conversation with Howard, I have modified the patches so that >> the overlay check for the ManageDsaIt control instead. That control >> should be set for each operation coming from replication. The patches >> are here: >> ftp://ftp.openldap.org/incoming/ondrej-kuznik-20101202-unique_bypass_v2.tgz >> >> Is there anything else that comes to mind? > > I'm not sure it merits a config keyword. We already have instances where > administrators are implicitly allowed to bypass rules that restrict normal > users, and replication is obviously a system-level operation, not user level. >
Rereading the discussions makes me agree with you. I have prepared a patch without the config keyword and modified the slapo-unique manpage accordingly. ftp://ftp.openldap.org/incoming/ondrej-kuznik-20110506-unique_bypass_v3.tgz Again the IPR notice: The attached modifications to OpenLDAP Software are subject to the following notice: Copyright 2010 Acision Redistribution and use in source and binary forms, with or without modification, are permitted only as authorized by the OpenLDAP Public License. - -- Ondrej Kuznik -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3D6ZkACgkQ9GWxeeH+cXtv7ACgl+6zPsyecGdWxjEnDL2CPDDp 2HoAoJ3D1XcuAJ1d+L/kwLLBltbo/ifo =RyJh -----END PGP SIGNATURE----- This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
