|
|
c55e75 |
From faf60bc7b1cb727482a17de9a2483998763978c0 Mon Sep 17 00:00:00 2001
|
|
|
c2e930 |
From: Dominic Cleal <dcleal@redhat.com>
|
|
|
c2e930 |
Date: Fri, 12 Jun 2015 11:14:32 +0100
|
|
|
c2e930 |
Subject: [PATCH] Slapd: revert Slapd module to 1.1.0-compatible, add Slapd_140
|
|
|
c2e930 |
|
|
|
c2e930 |
In order to keep the default sshd config lens compatible with 1.1.0,
|
|
|
c2e930 |
the lens from 1.4.0 has been kept in the Slapd_140 module and is not
|
|
|
c2e930 |
loaded by default. Use aug_transform, augtool --transform etc. to use
|
|
|
c2e930 |
it instead of Slapd.
|
|
|
c2e930 |
---
|
|
|
c2e930 |
lenses/slapd.aug | 18 ++---
|
|
|
c2e930 |
lenses/slapd_140.aug | 158 ++++++++++++++++++++++++++++++++++++++++
|
|
|
c2e930 |
lenses/tests/test_slapd.aug | 55 ++++----------
|
|
|
c2e930 |
lenses/tests/test_slapd_140.aug | 94 ++++++++++++++++++++++++
|
|
|
c2e930 |
tests/Makefile.am | 1 +
|
|
|
c2e930 |
5 files changed, 273 insertions(+), 53 deletions(-)
|
|
|
c2e930 |
create mode 100644 lenses/slapd_140.aug
|
|
|
c2e930 |
create mode 100644 lenses/tests/test_slapd_140.aug
|
|
|
c2e930 |
|
|
|
c2e930 |
diff --git a/lenses/slapd.aug b/lenses/slapd.aug
|
|
|
c55e75 |
index e1195655..afe074b1 100644
|
|
|
c2e930 |
--- a/lenses/slapd.aug
|
|
|
c2e930 |
+++ b/lenses/slapd.aug
|
|
|
c2e930 |
@@ -18,6 +18,7 @@ let sep = del /[ \t\n]+/ " "
|
|
|
c2e930 |
|
|
|
c2e930 |
let sto_to_eol = store /([^ \t\n].*[^ \t\n]|[^ \t\n])/
|
|
|
c2e930 |
let sto_to_spc = store /[^\\# \t\n]+/
|
|
|
c2e930 |
+let sto_to_by = store (/[^\\# \t\n]+/ - "by")
|
|
|
c2e930 |
|
|
|
c2e930 |
let comment = Util.comment
|
|
|
c2e930 |
let empty = Util.empty
|
|
|
c2e930 |
@@ -27,14 +28,12 @@ let empty = Util.empty
|
|
|
c2e930 |
*************************************************************************)
|
|
|
c2e930 |
|
|
|
c2e930 |
let access_re = "access to"
|
|
|
c2e930 |
-let control_re = "stop" | "continue" | "break"
|
|
|
c2e930 |
-let what = [ spc . label "access"
|
|
|
c2e930 |
- . store (/[^\\# \t\n]+/ - ("by" | control_re)) ]
|
|
|
c2e930 |
+let who = [ spc . label "who" . sto_to_spc ]
|
|
|
c2e930 |
+let what = [ spc . label "what" . sto_to_spc ]
|
|
|
c2e930 |
|
|
|
c2e930 |
(* TODO: parse the control field, see man slapd.access (5) *)
|
|
|
c2e930 |
-let control = [ spc . label "control" . store control_re ]
|
|
|
c2e930 |
-let by = [ sep . key "by" . spc . sto_to_spc
|
|
|
c2e930 |
- . what? . control? ]
|
|
|
c2e930 |
+let control = [ spc . label "control" . sto_to_by ]
|
|
|
c2e930 |
+let by = [ sep . key "by". who . what. control? ]
|
|
|
c2e930 |
|
|
|
c2e930 |
let access = [ key access_re . spc. sto_to_spc . by+ . eol ]
|
|
|
c2e930 |
|
|
|
c2e930 |
@@ -134,21 +133,18 @@ let database_re = "suffix"
|
|
|
c2e930 |
| "restrict"
|
|
|
c2e930 |
| "rootdn"
|
|
|
c2e930 |
| "rootpw"
|
|
|
c2e930 |
+ | "suffix"
|
|
|
c2e930 |
| "subordinate"
|
|
|
c2e930 |
| "syncrepl rid"
|
|
|
c2e930 |
| "updatedn"
|
|
|
c2e930 |
| "updateref"
|
|
|
c2e930 |
| database_hdb
|
|
|
c2e930 |
|
|
|
c2e930 |
-let database_entry =
|
|
|
c2e930 |
- let val = Quote.double_opt
|
|
|
c2e930 |
- in Build.key_value_line database_re Sep.space val
|
|
|
c2e930 |
-
|
|
|
c2e930 |
let database = [ key "database"
|
|
|
c2e930 |
. spc
|
|
|
c2e930 |
. sto_to_eol
|
|
|
c2e930 |
. eol
|
|
|
c2e930 |
- . (comment|empty|database_entry|access)* ]
|
|
|
c2e930 |
+ . (comment|empty|Build.key_ws_value database_re|access)* ]
|
|
|
c2e930 |
|
|
|
c2e930 |
(************************************************************************
|
|
|
c2e930 |
* LENS
|
|
|
c2e930 |
diff --git a/lenses/slapd_140.aug b/lenses/slapd_140.aug
|
|
|
c2e930 |
new file mode 100644
|
|
|
c55e75 |
index 00000000..8d1cd074
|
|
|
c2e930 |
--- /dev/null
|
|
|
c2e930 |
+++ b/lenses/slapd_140.aug
|
|
|
c2e930 |
@@ -0,0 +1,158 @@
|
|
|
c2e930 |
+(* Slapd module for Augeas
|
|
|
c2e930 |
+ This module is compatible with Augeas 1.4.0, but is not loaded by default.
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+ Author: Free Ekanayaka <free@64studio.com>
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+ Reference: man slapd.conf(5), man slapd.access (5)
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+*)
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+module Slapd_140 =
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(************************************************************************
|
|
|
c2e930 |
+ * USEFUL PRIMITIVES
|
|
|
c2e930 |
+ *************************************************************************)
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+let eol = Util.eol
|
|
|
c2e930 |
+let spc = Util.del_ws_spc
|
|
|
c2e930 |
+let sep = del /[ \t\n]+/ " "
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+let sto_to_eol = store /([^ \t\n].*[^ \t\n]|[^ \t\n])/
|
|
|
c2e930 |
+let sto_to_spc = store /[^\\# \t\n]+/
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+let comment = Util.comment
|
|
|
c2e930 |
+let empty = Util.empty
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(************************************************************************
|
|
|
c2e930 |
+ * ACCESS TO
|
|
|
c2e930 |
+ *************************************************************************)
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+let access_re = "access to"
|
|
|
c2e930 |
+let control_re = "stop" | "continue" | "break"
|
|
|
c2e930 |
+let what = [ spc . label "access"
|
|
|
c2e930 |
+ . store (/[^\\# \t\n]+/ - ("by" | control_re)) ]
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(* TODO: parse the control field, see man slapd.access (5) *)
|
|
|
c2e930 |
+let control = [ spc . label "control" . store control_re ]
|
|
|
c2e930 |
+let by = [ sep . key "by" . spc . sto_to_spc
|
|
|
c2e930 |
+ . what? . control? ]
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+let access = [ key access_re . spc. sto_to_spc . by+ . eol ]
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(************************************************************************
|
|
|
c2e930 |
+ * GLOBAL
|
|
|
c2e930 |
+ *************************************************************************)
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(* TODO: parse special field separately, see man slapd.conf (5) *)
|
|
|
c2e930 |
+let global_re = "allow"
|
|
|
c2e930 |
+ | "argsfile"
|
|
|
c2e930 |
+ | "attributeoptions"
|
|
|
c2e930 |
+ | "attributetype"
|
|
|
c2e930 |
+ | "authz-policy"
|
|
|
c2e930 |
+ | "ldap"
|
|
|
c2e930 |
+ | "dn"
|
|
|
c2e930 |
+ | "concurrency"
|
|
|
c2e930 |
+ | "cron_max_pending"
|
|
|
c2e930 |
+ | "conn_max_pending_auth"
|
|
|
c2e930 |
+ | "defaultsearchbase"
|
|
|
c2e930 |
+ | "disallow"
|
|
|
c2e930 |
+ | "ditcontentrule"
|
|
|
c2e930 |
+ | "gentlehup"
|
|
|
c2e930 |
+ | "idletimeout"
|
|
|
c2e930 |
+ | "include"
|
|
|
c2e930 |
+ | "index_substr_if_minlen"
|
|
|
c2e930 |
+ | "index_substr_if_maxlen"
|
|
|
c2e930 |
+ | "index_substr_any_len"
|
|
|
c2e930 |
+ | "index_substr_any_step"
|
|
|
c2e930 |
+ | "localSSF"
|
|
|
c2e930 |
+ | "loglevel"
|
|
|
c2e930 |
+ | "moduleload"
|
|
|
c2e930 |
+ | "modulepath"
|
|
|
c2e930 |
+ | "objectclass"
|
|
|
c2e930 |
+ | "objectidentifier"
|
|
|
c2e930 |
+ | "password-hash"
|
|
|
c2e930 |
+ | "password-crypt-salt-format"
|
|
|
c2e930 |
+ | "pidfile"
|
|
|
c2e930 |
+ | "referral"
|
|
|
c2e930 |
+ | "replica-argsfile"
|
|
|
c2e930 |
+ | "replica-pidfile"
|
|
|
c2e930 |
+ | "replicationinterval"
|
|
|
c2e930 |
+ | "require"
|
|
|
c2e930 |
+ | "reverse-lookup"
|
|
|
c2e930 |
+ | "rootDSE"
|
|
|
c2e930 |
+ | "sasl-host "
|
|
|
c2e930 |
+ | "sasl-realm"
|
|
|
c2e930 |
+ | "sasl-secprops"
|
|
|
c2e930 |
+ | "schemadn"
|
|
|
c2e930 |
+ | "security"
|
|
|
c2e930 |
+ | "sizelimit"
|
|
|
c2e930 |
+ | "sockbuf_max_incoming "
|
|
|
c2e930 |
+ | "sockbuf_max_incoming_auth"
|
|
|
c2e930 |
+ | "threads"
|
|
|
c2e930 |
+ | "timelimit time"
|
|
|
c2e930 |
+ | "tool-threads"
|
|
|
c2e930 |
+ | "TLSCipherSuite"
|
|
|
c2e930 |
+ | "TLSCACertificateFile"
|
|
|
c2e930 |
+ | "TLSCACertificatePath"
|
|
|
c2e930 |
+ | "TLSCertificateFile"
|
|
|
c2e930 |
+ | "TLSCertificateKeyFile"
|
|
|
c2e930 |
+ | "TLSDHParamFile"
|
|
|
c2e930 |
+ | "TLSRandFile"
|
|
|
c2e930 |
+ | "TLSVerifyClient"
|
|
|
c2e930 |
+ | "TLSCRLCheck"
|
|
|
c2e930 |
+ | "backend"
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+let global = Build.key_ws_value global_re
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(************************************************************************
|
|
|
c2e930 |
+ * DATABASE
|
|
|
c2e930 |
+ *************************************************************************)
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(* TODO: support all types of database backend *)
|
|
|
c2e930 |
+let database_hdb = "cachesize"
|
|
|
c2e930 |
+ | "cachefree"
|
|
|
c2e930 |
+ | "checkpoint"
|
|
|
c2e930 |
+ | "dbconfig"
|
|
|
c2e930 |
+ | "dbnosync"
|
|
|
c2e930 |
+ | "directory"
|
|
|
c2e930 |
+ | "dirtyread"
|
|
|
c2e930 |
+ | "idlcachesize"
|
|
|
c2e930 |
+ | "index"
|
|
|
c2e930 |
+ | "linearindex"
|
|
|
c2e930 |
+ | "lockdetect"
|
|
|
c2e930 |
+ | "mode"
|
|
|
c2e930 |
+ | "searchstack"
|
|
|
c2e930 |
+ | "shm_key"
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+let database_re = "suffix"
|
|
|
c2e930 |
+ | "lastmod"
|
|
|
c2e930 |
+ | "limits"
|
|
|
c2e930 |
+ | "maxderefdepth"
|
|
|
c2e930 |
+ | "overlay"
|
|
|
c2e930 |
+ | "readonly"
|
|
|
c2e930 |
+ | "replica uri"
|
|
|
c2e930 |
+ | "replogfile"
|
|
|
c2e930 |
+ | "restrict"
|
|
|
c2e930 |
+ | "rootdn"
|
|
|
c2e930 |
+ | "rootpw"
|
|
|
c2e930 |
+ | "subordinate"
|
|
|
c2e930 |
+ | "syncrepl rid"
|
|
|
c2e930 |
+ | "updatedn"
|
|
|
c2e930 |
+ | "updateref"
|
|
|
c2e930 |
+ | database_hdb
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+let database_entry =
|
|
|
c2e930 |
+ let val = Quote.double_opt
|
|
|
c2e930 |
+ in Build.key_value_line database_re Sep.space val
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+let database = [ key "database"
|
|
|
c2e930 |
+ . spc
|
|
|
c2e930 |
+ . sto_to_eol
|
|
|
c2e930 |
+ . eol
|
|
|
c2e930 |
+ . (comment|empty|database_entry|access)* ]
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(************************************************************************
|
|
|
c2e930 |
+ * LENS
|
|
|
c2e930 |
+ *************************************************************************)
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+let lns = (comment|empty|global|access)* . (database)*
|
|
|
c2e930 |
diff --git a/lenses/tests/test_slapd.aug b/lenses/tests/test_slapd.aug
|
|
|
c55e75 |
index a4bbb4e9..e477342a 100644
|
|
|
c2e930 |
--- a/lenses/tests/test_slapd.aug
|
|
|
c2e930 |
+++ b/lenses/tests/test_slapd.aug
|
|
|
c2e930 |
@@ -48,47 +48,18 @@ test Slapd.lns get conf =
|
|
|
c2e930 |
{ "database" = "hdb"
|
|
|
c2e930 |
{}
|
|
|
c2e930 |
{ "#comment" = "The base of your directory in database #1" }
|
|
|
c2e930 |
- { "suffix" = "dc=nodomain" }
|
|
|
c2e930 |
+ { "suffix" = "\"dc=nodomain\"" }
|
|
|
c2e930 |
{}
|
|
|
c2e930 |
{ "access to" = "attrs=userPassword,shadowLastChange"
|
|
|
c2e930 |
- { "by" = "dn=\"cn=admin,dc=nodomain\""
|
|
|
c2e930 |
- { "access" = "write" } }
|
|
|
c2e930 |
- { "by" = "anonymous"
|
|
|
c2e930 |
- { "access" = "auth" } }
|
|
|
c2e930 |
- { "by" = "self"
|
|
|
c2e930 |
- { "access" = "write" } }
|
|
|
c2e930 |
- { "by" = "*"
|
|
|
c2e930 |
- { "access" = "none" } } } }
|
|
|
c2e930 |
-
|
|
|
c2e930 |
-(* Test: Slapd.lns
|
|
|
c2e930 |
- Full access test with who/access/control *)
|
|
|
c2e930 |
-test Slapd.lns get "access to dn.subtree=\"dc=example,dc=com\"
|
|
|
c2e930 |
- by self write stop\n" =
|
|
|
c2e930 |
- { "access to" = "dn.subtree=\"dc=example,dc=com\""
|
|
|
c2e930 |
- { "by" = "self"
|
|
|
c2e930 |
- { "access" = "write" }
|
|
|
c2e930 |
- { "control" = "stop" } } }
|
|
|
c2e930 |
-
|
|
|
c2e930 |
-(* Test: Slapd.lns
|
|
|
c2e930 |
- access test with who *)
|
|
|
c2e930 |
-test Slapd.lns get "access to dn.subtree=\"dc=example,dc=com\"
|
|
|
c2e930 |
- by self\n" =
|
|
|
c2e930 |
- { "access to" = "dn.subtree=\"dc=example,dc=com\""
|
|
|
c2e930 |
- { "by" = "self" } }
|
|
|
c2e930 |
-
|
|
|
c2e930 |
-(* Test: Slapd.lns
|
|
|
c2e930 |
- access test with who/access *)
|
|
|
c2e930 |
-test Slapd.lns get "access to dn.subtree=\"dc=example,dc=com\"
|
|
|
c2e930 |
- by self write\n" =
|
|
|
c2e930 |
- { "access to" = "dn.subtree=\"dc=example,dc=com\""
|
|
|
c2e930 |
- { "by" = "self"
|
|
|
c2e930 |
- { "access" = "write" } } }
|
|
|
c2e930 |
-
|
|
|
c2e930 |
-(* Test: Slapd.lns
|
|
|
c2e930 |
- access test with who/control *)
|
|
|
c2e930 |
-test Slapd.lns get "access to dn.subtree=\"dc=example,dc=com\"
|
|
|
c2e930 |
- by self stop\n" =
|
|
|
c2e930 |
- { "access to" = "dn.subtree=\"dc=example,dc=com\""
|
|
|
c2e930 |
- { "by" = "self"
|
|
|
c2e930 |
- { "control" = "stop" } } }
|
|
|
c2e930 |
-
|
|
|
c2e930 |
+ { "by"
|
|
|
c2e930 |
+ { "who" = "dn=\"cn=admin,dc=nodomain\"" }
|
|
|
c2e930 |
+ { "what" = "write" } }
|
|
|
c2e930 |
+ { "by"
|
|
|
c2e930 |
+ { "who" = "anonymous" }
|
|
|
c2e930 |
+ { "what" = "auth" } }
|
|
|
c2e930 |
+ { "by"
|
|
|
c2e930 |
+ { "who" = "self" }
|
|
|
c2e930 |
+ { "what" = "write" } }
|
|
|
c2e930 |
+ { "by"
|
|
|
c2e930 |
+ { "who" = "*" }
|
|
|
c2e930 |
+ { "what" = "none" } } } }
|
|
|
c2e930 |
diff --git a/lenses/tests/test_slapd_140.aug b/lenses/tests/test_slapd_140.aug
|
|
|
c2e930 |
new file mode 100644
|
|
|
c55e75 |
index 00000000..0118f030
|
|
|
c2e930 |
--- /dev/null
|
|
|
c2e930 |
+++ b/lenses/tests/test_slapd_140.aug
|
|
|
c2e930 |
@@ -0,0 +1,94 @@
|
|
|
c2e930 |
+module Test_slapd_140 =
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+let conf = "# This is the main slapd configuration file. See slapd.conf(5) for more
|
|
|
c2e930 |
+# info on the configuration options.
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+#######################################################################
|
|
|
c2e930 |
+# Global Directives:
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+# Features to permit
|
|
|
c2e930 |
+#allow bind_v2
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+# Schema and objectClass definitions
|
|
|
c2e930 |
+include /etc/ldap/schema/core.schema
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+#######################################################################
|
|
|
c2e930 |
+# Specific Directives for database #1, of type hdb:
|
|
|
c2e930 |
+# Database specific directives apply to this databasse until another
|
|
|
c2e930 |
+# 'database' directive occurs
|
|
|
c2e930 |
+database hdb
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+# The base of your directory in database #1
|
|
|
c2e930 |
+suffix \"dc=nodomain\"
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+access to attrs=userPassword,shadowLastChange
|
|
|
c2e930 |
+ by dn=\"cn=admin,dc=nodomain\" write
|
|
|
c2e930 |
+ by anonymous auth
|
|
|
c2e930 |
+ by self write
|
|
|
c2e930 |
+ by * none
|
|
|
c2e930 |
+"
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+test Slapd_140.lns get conf =
|
|
|
c2e930 |
+ { "#comment" = "This is the main slapd configuration file. See slapd.conf(5) for more" }
|
|
|
c2e930 |
+ { "#comment" = "info on the configuration options." }
|
|
|
c2e930 |
+ {}
|
|
|
c2e930 |
+ { "#comment" = "######################################################################" }
|
|
|
c2e930 |
+ { "#comment" = "Global Directives:"}
|
|
|
c2e930 |
+ {}
|
|
|
c2e930 |
+ { "#comment" = "Features to permit" }
|
|
|
c2e930 |
+ { "#comment" = "allow bind_v2" }
|
|
|
c2e930 |
+ {}
|
|
|
c2e930 |
+ { "#comment" = "Schema and objectClass definitions" }
|
|
|
c2e930 |
+ { "include" = "/etc/ldap/schema/core.schema" }
|
|
|
c2e930 |
+ {}
|
|
|
c2e930 |
+ { "#comment" = "######################################################################" }
|
|
|
c2e930 |
+ { "#comment" = "Specific Directives for database #1, of type hdb:" }
|
|
|
c2e930 |
+ { "#comment" = "Database specific directives apply to this databasse until another" }
|
|
|
c2e930 |
+ { "#comment" = "'database' directive occurs" }
|
|
|
c2e930 |
+ { "database" = "hdb"
|
|
|
c2e930 |
+ {}
|
|
|
c2e930 |
+ { "#comment" = "The base of your directory in database #1" }
|
|
|
c2e930 |
+ { "suffix" = "dc=nodomain" }
|
|
|
c2e930 |
+ {}
|
|
|
c2e930 |
+ { "access to" = "attrs=userPassword,shadowLastChange"
|
|
|
c2e930 |
+ { "by" = "dn=\"cn=admin,dc=nodomain\""
|
|
|
c2e930 |
+ { "access" = "write" } }
|
|
|
c2e930 |
+ { "by" = "anonymous"
|
|
|
c2e930 |
+ { "access" = "auth" } }
|
|
|
c2e930 |
+ { "by" = "self"
|
|
|
c2e930 |
+ { "access" = "write" } }
|
|
|
c2e930 |
+ { "by" = "*"
|
|
|
c2e930 |
+ { "access" = "none" } } } }
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(* Test: Slapd_140.lns
|
|
|
c2e930 |
+ Full access test with who/access/control *)
|
|
|
c2e930 |
+test Slapd_140.lns get "access to dn.subtree=\"dc=example,dc=com\"
|
|
|
c2e930 |
+ by self write stop\n" =
|
|
|
c2e930 |
+ { "access to" = "dn.subtree=\"dc=example,dc=com\""
|
|
|
c2e930 |
+ { "by" = "self"
|
|
|
c2e930 |
+ { "access" = "write" }
|
|
|
c2e930 |
+ { "control" = "stop" } } }
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(* Test: Slapd_140.lns
|
|
|
c2e930 |
+ access test with who *)
|
|
|
c2e930 |
+test Slapd_140.lns get "access to dn.subtree=\"dc=example,dc=com\"
|
|
|
c2e930 |
+ by self\n" =
|
|
|
c2e930 |
+ { "access to" = "dn.subtree=\"dc=example,dc=com\""
|
|
|
c2e930 |
+ { "by" = "self" } }
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(* Test: Slapd_140.lns
|
|
|
c2e930 |
+ access test with who/access *)
|
|
|
c2e930 |
+test Slapd_140.lns get "access to dn.subtree=\"dc=example,dc=com\"
|
|
|
c2e930 |
+ by self write\n" =
|
|
|
c2e930 |
+ { "access to" = "dn.subtree=\"dc=example,dc=com\""
|
|
|
c2e930 |
+ { "by" = "self"
|
|
|
c2e930 |
+ { "access" = "write" } } }
|
|
|
c2e930 |
+
|
|
|
c2e930 |
+(* Test: Slapd_140.lns
|
|
|
c2e930 |
+ access test with who/control *)
|
|
|
c2e930 |
+test Slapd_140.lns get "access to dn.subtree=\"dc=example,dc=com\"
|
|
|
c2e930 |
+ by self stop\n" =
|
|
|
c2e930 |
+ { "access to" = "dn.subtree=\"dc=example,dc=com\""
|
|
|
c2e930 |
+ { "by" = "self"
|
|
|
c2e930 |
+ { "control" = "stop" } } }
|
|
|
c2e930 |
+
|
|
|
c2e930 |
diff --git a/tests/Makefile.am b/tests/Makefile.am
|
|
|
c55e75 |
index 315cac9c..65d8993e 100644
|
|
|
c2e930 |
--- a/tests/Makefile.am
|
|
|
c2e930 |
+++ b/tests/Makefile.am
|
|
|
c2e930 |
@@ -182,6 +182,7 @@ lens_tests = \
|
|
|
c2e930 |
lens-simplevars.sh \
|
|
|
c2e930 |
lens-sip_conf.sh \
|
|
|
c2e930 |
lens-slapd.sh \
|
|
|
c2e930 |
+ lens-slapd_140.sh \
|
|
|
c2e930 |
lens-smbusers.sh \
|
|
|
c2e930 |
lens-solaris_system.sh \
|
|
|
c2e930 |
lens-soma.sh \
|
|
|
c55e75 |
--
|
|
|
c55e75 |
2.13.5
|
|
|
c55e75 |
|