+ } else {
+ if ( isroot == -1 ) {
+ isroot = be_isroot( op->o_bd, &op->o_ndn );
+ }
+
+ np_dn = NULL;
+
+ /* no parent, modrdn entry directly under root */
+ if ( ! isroot ) {
+ if ( be_issuffix( op->o_bd, (struct berval *)&slap_empty_bv )
+ || be_isupdate( op->o_bd, &op->o_ndn ) ) {
+ np = (Entry *)&slap_entry_root;
+
+ /* check parent for "children" acl */
+ rs->sr_err = access_allowed( op, np,
+ children, NULL, ACL_WRITE, NULL );
+
+ np = NULL;
+
+ if ( ! rs->sr_err ) {
+ switch( opinfo.boi_err ) {
+ case DB_LOCK_DEADLOCK:
+ case DB_LOCK_NOTGRANTED:
+ goto retry;
+ }
+
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+#ifdef NEW_LOGGING
+ LDAP_LOG ( OPERATION, ERR,
+ "==>bdb_modrdn: no access to superior\n", 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "no access to new superior\n",
+ 0, 0, 0 );
+#endif
+ rs->sr_text = "no write access to new superior's children";
+ goto return_results;
+ }
+
+#ifdef NEW_LOGGING
+ LDAP_LOG ( OPERATION, DETAIL1,
+ "bdb_modrdn: wr to children entry \"\" OK\n", 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "bdb_modrdn: wr to children of entry \"\" OK\n",
+ 0, 0, 0 );
+#endif
+
+ } else {
+#ifdef NEW_LOGGING
+ LDAP_LOG ( OPERATION, ERR,
+ "bdb_modrdn: new superior=\"\", not root & \"\" "
+ "is not suffix\n", 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "bdb_modrdn: new superior=\"\", not root "
+ "& \"\" is not suffix\n",
+ 0, 0, 0);
+#endif
+ rs->sr_text = "no write access to new superior's children";
+ rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
+ goto return_results;
+ }
+ }