Bug 177731 - Set access rules not working in OpenLDAP 2.2.13
Set access rules not working in OpenLDAP 2.2.13
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: openldap (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jan Safranek
Jay Turner
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-01-13 11:14 EST by Mickaël Guessant
Modified: 2015-01-07 19:11 EST (History)
1 user (show)

See Also:
Fixed In Version: RHBA-2007-0739
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-11-15 11:03:54 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
Backport set rules to OpenLDAP 2.2.13 (772 bytes, patch)
2006-01-13 11:15 EST, Mickaël Guessant
no flags Details | Diff
New spec file for ACL set patch (46.45 KB, text/plain)
2006-01-13 11:18 EST, Mickaël Guessant
no flags Details

  None (edit)
Description Mickaël Guessant 2006-01-13 11:14:07 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8) Gecko/20051111 Firefox/1.5

Description of problem:
Set based access rules are not working with current OpenLDAP version packaged in RHEL4 (2.2.13-4), they are simply ignored.

For example, the following rule does not work :
access to dn.regex="[^,]+,ou=functions,(.+),dc=root$"
  attrs=mobile
  by set="user/fullAccess & [TRUE]" read

This bug was fixed in the official OpenLDAP 2.2.16 release, 
in the servers/slapd/sets.c file, see :
http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/sets.c.diff?r1=1.19&r2=1.20&hideattic=1&sortbydate=0&f=h

I backported this patch in OpenLDAP 2.2.13 and rebuilt the RPM. We checked
that this new RPM actually fixes the issue.

See attached file for exact patch content.




Version-Release number of selected component (if applicable):
openldap-2.2.13-4

How reproducible:
Always

Steps to Reproduce:
1.
2.
3.
  

Additional info:
Comment 1 Mickaël Guessant 2006-01-13 11:15:34 EST
Created attachment 123167 [details]
Backport set rules to OpenLDAP 2.2.13
Comment 2 Mickaël Guessant 2006-01-13 11:18:03 EST
Created attachment 123168 [details]
New spec file for ACL set patch
Comment 3 RHEL Product and Program Management 2007-05-30 04:24:14 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 9 errata-xmlrpc 2007-11-15 11:03:54 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2007-0739.html

Note You need to log in before you can comment on or make changes to this bug.