Bug 208076
| Summary: | userattr="parent[1].<attribute>#LDAPURL" does not work | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Retired] 389 | Reporter: | François Beretti <francois.beretti> | ||||||||
| Component: | Security - Access Control (ACL) | Assignee: | Noriko Hosoi <nhosoi> | ||||||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> | ||||||||
| Severity: | medium | Docs Contact: | |||||||||
| Priority: | medium | ||||||||||
| Version: | 1.0.2 | CC: | benl, jgalipea, nkinder, rmeggins | ||||||||
| Target Milestone: | --- | ||||||||||
| Target Release: | --- | ||||||||||
| Hardware: | i386 | ||||||||||
| OS: | Linux | ||||||||||
| Whiteboard: | |||||||||||
| Fixed In Version: | 8.1 | Doc Type: | Bug Fix | ||||||||
| Doc Text: | Story Points: | --- | |||||||||
| Clone Of: | Environment: | ||||||||||
| Last Closed: | 2009-04-29 22:59:24 UTC | Type: | --- | ||||||||
| Regression: | --- | Mount Type: | --- | ||||||||
| Documentation: | --- | CRM: | |||||||||
| Verified Versions: | Category: | --- | |||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||
| Embargoed: | |||||||||||
| Bug Depends On: | |||||||||||
| Bug Blocks: | 152373, 249650, 493682 | ||||||||||
| Attachments: |
|
||||||||||
|
Description
François Beretti
2006-09-26 09:55:55 UTC
Created attachment 329865 [details]
cvs diff
File: ldapserver/ldap/servers/plugins/acl/acllas.c Description: It turned out userattr="parent[1].<attribute>#LDAPURL" was not implemented. The attached diff attachment (id=329865) implements the functionality. Created attachment 329867 [details]
test ldif file (userattr_ldapurl.ldif)
How to verify the bug:
1) import the attached ldif file (userattr_ldapurl.ldif) and start the server
2) run the following commands.
$ ldapsearch -1 -D "cn=Ancestor,ou=Inheritance,dc=example,dc=com" -w Ancestor -b "ou=Inheritance,dc=example,dc=com" "(objectclass=organizationalunit)" dn
dn: ou=Inheritance,dc=example,dc=com
dn: ou=Ancestors,ou=Inheritance,dc=example,dc=com
dn: ou=Grandparents,ou=Ancestors,ou=Inheritance,dc=example,dc=com
dn: ou=Parents,ou=Grandparents,ou=Ancestors,ou=Inheritance,dc=example,dc=com
dn: ou=Children,ou=Parents,ou=Grandparents,ou=Ancestors,ou=Inheritance,dc=exam
ple,dc=com
(it returns the level 0,1,2,3,4)
$ ldapsearch -1 -D "cn=Grandparent,ou=Inheritance,dc=example,dc=com" -w Grandparent -b "ou=Inheritance,dc=example,dc=com" "(objectclass=organizationalunit)" dn
$ ldapsearch -1 -D "cn=Parent,ou=Inheritance,dc=example,dc=com" -w Parent -b "ou=Inheritance,dc=example,dc=com" "(objectclass=organizationalunit)" dn
dn: ou=Inheritance,dc=example,dc=com
dn: ou=Parents,ou=Grandparents,ou=Ancestors,ou=Inheritance,dc=example,dc=com
(both return the level 0 and 3)
$ ldapsearch -1 -D "cn=Child,ou=Inheritance,dc=example,dc=com" -w Child -b "ou=Inheritance,dc=example,dc=com" "(objectclass=organizationalunit)" dn
dn: ou=Ancestors,ou=Inheritance,dc=example,dc=com
(it returns the level 1)
$ ldapsearch -1 -D "cn=Grandson,ou=Inheritance,dc=example,dc=com" -w Grandson -b "ou=Inheritance,dc=example,dc=com" "(objectclass=organizationalunit)" dn
dn: ou=Inheritance,dc=example,dc=com
(it returns level 0 -- just the target entry)
Created attachment 329879 [details]
cvs commit message
Reviewed by Rich (Thank you!!)
Checked in into CVS HEAD.
All searches are returning levels 0,1,2,3,4 - please advice. (In reply to comment #6) > All searches are returning levels 0,1,2,3,4 - please advice. Hi Jenny, could you attach your test ldif (it's okay if it's the same as the one I attached in the comment #4) and your test command-lines and the results? Thanks! --noriko Fix Verified: RHEL5 DS 8.1 [root@dhcp-100-2-17 jenny]# ldapsearch -1 -D "cn=Ancestor,ou=Inheritance,dc=bos,dc=redhat,dc=com" -w Ancestor -b "ou=Inheritance,dc=bos,dc=redhat,dc=com" "(objectclass=organizationalunit)" dn dn: ou=Inheritance,dc=bos,dc=redhat,dc=com dn: ou=Ancestors,ou=Inheritance,dc=bos,dc=redhat,dc=com dn: ou=Grandparents,ou=Ancestors,ou=Inheritance,dc=bos,dc=redhat,dc=com dn: ou=Parents,ou=Grandparents,ou=Ancestors,ou=Inheritance,dc=bos,dc=redhat,dc =com dn: ou=Children,ou=Parents,ou=Grandparents,ou=Ancestors,ou=Inheritance,dc=bos, dc=redhat,dc=com [root@dhcp-100-2-17 jenny]# ldapsearch -1 -D "cn=Grandparent,ou=Inheritance,dc=bos,dc=redhat,dc=com" -w Grandparent -b "ou=Inheritance,dc=bos,dc=redhat,dc=com" "(objectclass=organizationalunit)" dn dn: ou=Inheritance,dc=bos,dc=redhat,dc=com dn: ou=Parents,ou=Grandparents,ou=Ancestors,ou=Inheritance,dc=bos,dc=redhat,dc =com [root@dhcp-100-2-17 jenny]# ldapsearch -1 -D "cn=Parent,ou=Inheritance,dc=bos,dc=redhat,dc=com" -w Parent -b "ou=Inheritance,dc=bos,dc=redhat,dc=com" "(objectclass=organizationalunit)" dn dn: ou=Inheritance,dc=bos,dc=redhat,dc=com dn: ou=Parents,ou=Grandparents,ou=Ancestors,ou=Inheritance,dc=bos,dc=redhat,dc =com [root@dhcp-100-2-17 jenny]# ldapsearch -1 -D "cn=Child,ou=Inheritance,dc=bos,dc=redhat,dc=com" -w Child -b "ou=Inheritance,dc=bos,dc=redhat,dc=com" "(objectclass=organizationalunit)" dn dn: ou=Ancestors,ou=Inheritance,dc=bos,dc=redhat,dc=com [root@dhcp-100-2-17 jenny]# ldapsearch -1 -D "cn=Grandson,ou=Inheritance,dc=bos,dc=redhat,dc=com" -w Grandson -b "ou=Inheritance,dc=bos,dc=redhat,dc=com" "(objectclass=organizationalunit)" dn dn: ou=Inheritance,dc=bos,dc=redhat,dc=com An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2009-0455.html |