- setup framework for monitoring of back-bdb/back-hdb stuff in their

[openldap] / servers / slapd / backend.c

diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c
index f054e506779869b28d4dff99642f0e24174e7102..2e6d1fb1ee0b7b43d10fdd3e4a7a2394f0cde6f5 100644 (file)
--- a/servers/slapd/backend.c
+++ b/servers/slapd/backend.c
@@ -248,6 +248,8 @@ int backend_startup(Backend *be)
                                return rc;
                        }
                }
+               /* append global access controls */
+               acl_append( &be->be_acl, frontendDB->be_acl, -1 );
 
                return backend_startup_one( be );
        }
@@ -592,7 +594,7 @@ select_backend(
        Backend         *be, *b2 = NULL;
 
        LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
-               if ( be->be_nsuffix == NULL ) {
+               if ( be->be_nsuffix == NULL || SLAP_DBHIDDEN( be )) {
                        continue;
                }
 
@@ -687,7 +689,10 @@ be_slurp_update( Operation *op )
 int
 be_shadow_update( Operation *op )
 {
-       return ( SLAP_SYNC_SHADOW( op->o_bd ) ||
+       /* This assumes that all internal ops (connid == -1) on a syncrepl
+        * database are syncrepl operations.
+        */
+       return (( SLAP_SYNC_SHADOW( op->o_bd ) && op->o_connid == -1 ) ||
                ( SLAP_SHADOW( op->o_bd ) && be_isupdate_dn( op->o_bd, &op->o_ndn ) ) );
 }
 
@@ -864,10 +869,9 @@ backend_check_controls(
                }
        }
 
-       /* temporarily removed */
-#if 0
+#if 0 /* temporarily removed */
        /* check should be generalized */
-       if( get_manageDIT(op) && !be_isroot(op)) {
+       if( get_relax(op) && !be_isroot(op)) {
                rs->sr_text = "requires manager authorization";
                rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
        }