From fb2be1908b91ed7913d25ec6cc375a52f1d69ff8 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Wed, 2 Feb 2011 22:32:01 +0000
Subject: [PATCH] ITS#6822

---
 CHANGES                 | 1 +
 servers/slapd/bconfig.c | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index 2e948c1b46..d5d4dcc00b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -45,6 +45,7 @@ OpenLDAP 2.4.24 Engineering
 	Fixed slapd SlapReply usage (ITS#6758)
 	Fixed slapd acl parsing overflow (ITS#6611)
 	Fixed slapd acl when resuming parsing (ITS#6804)
+	Fixed slapd default config acls with overlays (ITS#6822)
 	Fixed slapd assert control (ITS#5862)
 	Fixed slapd assertions and debugging (ITS#6759)
 	Fixed slapd config leak with olcDbDirectory (ITS#6634)
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index 3e6bd36a04..5f8ae10625 100644
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -6495,8 +6495,8 @@ config_back_db_open( BackendDB *be, ConfigReply *cr )
 	/* If we have no explicitly configured ACLs, don't just use
 	 * the global ACLs. Explicitly deny access to everything.
 	 */
-	if ( !be->be_acl ) {
-		parse_acl(be, "config_back_db_open", 0, 6, (char **)defacl, 0 );
+	if ( !be->bd_self->be_acl ) {
+		parse_acl(be->bd_self, "config_back_db_open", 0, 6, (char **)defacl, 0 );
 	}
 
 	thrctx = ldap_pvt_thread_pool_context();
-- 
2.39.5