Bug 177731

Summary: Set access rules not working in OpenLDAP 2.2.13
Product: Red Hat Enterprise Linux 4 Reporter: Mickaël Guessant <mguessan>
Component: openldapAssignee: Jan Safranek <jsafrane>
Status: CLOSED ERRATA QA Contact: Jay Turner <jturner>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.0CC: srevivo
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: RHBA-2007-0739 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-11-15 16:03:54 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Description Flags
Backport set rules to OpenLDAP 2.2.13
New spec file for ACL set patch none

Description Mickaël Guessant 2006-01-13 16:14:07 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8) Gecko/20051111 Firefox/1.5

Description of problem:
Set based access rules are not working with current OpenLDAP version packaged in RHEL4 (2.2.13-4), they are simply ignored.

For example, the following rule does not work :
access to dn.regex="[^,]+,ou=functions,(.+),dc=root$"
  by set="user/fullAccess & [TRUE]" read

This bug was fixed in the official OpenLDAP 2.2.16 release, 
in the servers/slapd/sets.c file, see :

I backported this patch in OpenLDAP 2.2.13 and rebuilt the RPM. We checked
that this new RPM actually fixes the issue.

See attached file for exact patch content.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

Additional info:

Comment 1 Mickaël Guessant 2006-01-13 16:15:34 UTC
Created attachment 123167 [details]
Backport set rules to OpenLDAP 2.2.13

Comment 2 Mickaël Guessant 2006-01-13 16:18:03 UTC
Created attachment 123168 [details]
New spec file for ACL set patch

Comment 3 RHEL Product and Program Management 2007-05-30 08:24:14 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update

Comment 9 errata-xmlrpc 2007-11-15 16:03:54 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.