From 6ef8617b52af6e332e32cdbb6b1ac6f48d221904 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Julio=20S=C3=A1nchez=20Fern=C3=A1ndez?= Date: Tue, 18 Jul 2000 10:30:54 +0000 Subject: [PATCH] Put the complete syntax for access control, unexplained yet. --- doc/guide/admin/slapdconfig.sdf | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/doc/guide/admin/slapdconfig.sdf b/doc/guide/admin/slapdconfig.sdf index c1b3b900f4..5f3e61be44 100644 --- a/doc/guide/admin/slapdconfig.sdf +++ b/doc/guide/admin/slapdconfig.sdf @@ -72,7 +72,7 @@ arguments that should be replaced by actual text are shown in brackets <>. -H4: access to [ by ]+ +H4: access to [ by ]+ This option grants access (specified by ) to a set of entries and/or attributes (specified by ) by one or @@ -549,18 +549,30 @@ access configuration file directive. The general form of an access line is: E: ::= access to -E: [ by ]+ -E: ::= * | [ dn= ] [ filter= ] -E: [ attrs= ] -E: ::= * | self | dn= | addr= | -E: domain= | dnattr= -E: ::= [self]none | [self]compare | [self]search -E: | [self]read | [self]write +E: [ by ]+ +E: ::= * | [ dn[.]= ] [ filter= ] +E: [ attrs= ] +E: ::= regex | base | one | subtree | children +E: ::= | , +E: ::= | entry | children +E: ::= [ * | anonymous | users | self | dn[.]= ] +E: [ dnattr= ] +E: [ group[/[/][.]]= ] +E: [ peername[.]= ] [ sockname[.]= ] +E: [ domain[.]= ] [ sockurl[.]= ] +E: [ set= ] +E: [ aci= ] +E: ::= regex | exact | base | one | subtree | children +E: ::= regex | exact +E: ::= [self]{|} +E: ::= none | auth | compare | search | read | write +E: ::= {=|+|-}{w|r|s|c|x}+ +E: ::= [ stop | continue | break ] where the part selects the entries and/or attributes to which the access applies, the part specifies which entities are granted access, and the part specifies -the access granted. Multiple pairs are +the access granted. Multiple triplets are supported, allowing many entities to be granted different access to the same set of entries and attributes. -- 2.39.5