Re: root-only configuration

Hallvard B Furuseth Tue, 17 Feb 2009 09:04:35 -0800

Carl Johnstone writes:
>Peter Mogensen wrote:
>> Is it in anyway possible to set up cn=config, so only root on the host
>> can make changes?
> 
> You probably want a peername ACL.


Or authz-regexp.

authz-regexp
        ^gidNumber=[0-9]*[+]uidNumber=0,cn=peercred,cn=external,cn=auth$
        cn=admin
database config
rootdn cn=admin

(The [] is because + is a special regexp character and I never remember
how many backslashes I need for quoting in slapd.conf.)

-- 
Hallvard

Re: root-only configuration

Reply via email to