Add -s warning

[openldap] / doc / man / man5 / slapd.access.5

diff --git a/doc/man/man5/slapd.access.5 b/doc/man/man5/slapd.access.5
index 7413ee6e07a602817152dbe664d7b0a3a0be8ddf..c01748d8f53b90d749e926effb9cc5e81875a676 100644 (file)
--- a/doc/man/man5/slapd.access.5
+++ b/doc/man/man5/slapd.access.5
@@ -1,5 +1,5 @@
 .TH SLAPD.ACCESS 5 "RELEASEDATE" "OpenLDAP LDVERSION"
-.\" Copyright 1998-2005 The OpenLDAP Foundation All Rights Reserved.
+.\" Copyright 1998-2006 The OpenLDAP Foundation All Rights Reserved.
 .\" Copying restrictions apply.  See COPYRIGHT/LICENSE.
 .SH NAME
 slapd.access \- access configuration for slapd, the stand-alone LDAP daemon
@@ -254,8 +254,7 @@ It can have the forms
        tls_ssf=<n>
        sasl_ssf=<n>
 
-       aci[=<attrname>]
-       dynacl/name[.<dynstyle>][=<pattern>]
+       dynacl/<name>[/<options>][.<dynstyle>][=<pattern>]
 .fi
 .LP
 with
@@ -270,6 +269,7 @@ with
        <domainstyle>={exact|regex|sub(tree)}
        <setstyle>={exact|regex}
        <modifier>={expand}
+       <name>=aci              <pattern>=<attrname>]
 .fi
 .LP
 They may be specified in combination.
@@ -620,20 +620,7 @@ The statement
 is undocumented yet.
 .LP
 The statement
-.B aci[=<attrname>]
-means that the access control is determined by the values in the
-.B attrname
-of the entry itself.
-The optional
-.B <attrname>
-indicates what attributeType holds the ACI information in the entry.
-By default, the 
-.B OpenLDAPaci
-operational attribute is used.
-ACIs are experimental; they must be enabled at compile time.
-.LP
-The statement
-.B dynacl/<name>[.<dynstyle>][=<pattern>]
+.B dynacl/<name>[/<options>][.<dynstyle>][=<pattern>]
 means that access checking is delegated to the admin-defined method
 indicated by
 .BR <name> ,
@@ -641,17 +628,25 @@ which can be registered at run-time by means of the
 .B moduleload
 statement.
 The fields
+.BR <options> ,
 .B <dynstyle>
 and
 .B <pattern>
 are optional, and are directly passed to the registered parsing routine.
 Dynacl is experimental; it must be enabled at compile time.
-If dynacl and ACIs are both enabled, ACIs are cast into the dynacl scheme,
-where 
-.B <name>=aci
-and, optionally,
-.BR <patten>=<attrname> .
-However, the original ACI syntax is preserved for backward compatibility.
+.LP
+The statement
+.B dynacl/aci[=<attrname>]
+means that the access control is determined by the values in the
+.B attrname
+of the entry itself.
+The optional
+.B <attrname>
+indicates what attributeType holds the ACI information in the entry.
+By default, the 
+.B OpenLDAPaci
+operational attribute is used.
+ACIs are experimental; they must be enabled at compile time.
 .LP
 The statements
 .BR ssf=<n> ,