Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
ingo Voss
OpenLDAP
Commits
c1b415ce
Commit
c1b415ce
authored
Jun 14, 2005
by
Kurt Zeilenga
Browse files
Sync with HEAD
parent
da94927a
Changes
6
Hide whitespace changes
Inline
Side-by-side
doc/guide/admin/slapdconf2.sdf
View file @
c1b415ce
...
...
@@ -775,7 +775,8 @@ and the {{TERM:HDB}} database.
They are used in an olcDatabase entry in addition to the generic
database directives defined above. For a complete reference
of BDB/HDB configuration directives, see {{slapd-bdb}}(5). BDB and
HDB database entries must have the {{EX:olcBdbConfig}} objectClass.
HDB database entries must have the {{EX:olcBdbConfig}} objectClass in
addition to the {{EX:olcDatabaseConfig}} class.
H4: olcDbDirectory: <directory>
...
...
@@ -1447,38 +1448,39 @@ protected from unauthorized access.
E: 21. # BDB definition for example.com
E: 22. dn: olcDatabase=bdb,cn=config
E: 23. objectClass: olcDatabaseConfig
E: 24. olcDatabase: bdb
E: 25. olcSuffix: "dc=example,dc=com"
E: 26. olcDbDirectory: /usr/local/var/openldap-data
E: 27. olcRootDN: "cn=Manager,dc=example,dc=com"
E: 28. olcRootPW: secret
E: 29. olcDbIndex: uid pres,eq
E: 30. olcDbIndex: cn,sn,uid pres,eq,approx,sub
E: 31. olcDbIndex: objectClass eq
E: 32. olcAccess: to attr=userPassword
E: 33. by self write
E: 34. by anonymous auth
E: 35. by dn.base="cn=Admin,dc=example,dc=com" write
E: 36. by * none
E: 37. olcAccess: to *
E: 38. by self write
E: 39. by dn.base="cn=Admin,dc=example,dc=com" write
E: 40. by * read
E: 41.
Line 21 is a comment. Lines 22-24 identify this entry as a BDB database
configuration entry. Line 25 specifies the DN suffix
for queries to pass to this database. Line 26 specifies the directory
E: 24. objectClass: olcBdbConfig
E: 25. olcDatabase: bdb
E: 26. olcSuffix: "dc=example,dc=com"
E: 27. olcDbDirectory: /usr/local/var/openldap-data
E: 28. olcRootDN: "cn=Manager,dc=example,dc=com"
E: 29. olcRootPW: secret
E: 30. olcDbIndex: uid pres,eq
E: 31. olcDbIndex: cn,sn,uid pres,eq,approx,sub
E: 32. olcDbIndex: objectClass eq
E: 33. olcAccess: to attr=userPassword
E: 34. by self write
E: 35. by anonymous auth
E: 36. by dn.base="cn=Admin,dc=example,dc=com" write
E: 37. by * none
E: 38. olcAccess: to *
E: 39. by self write
E: 40. by dn.base="cn=Admin,dc=example,dc=com" write
E: 41. by * read
E: 42.
Line 21 is a comment. Lines 22-25 identify this entry as a BDB database
configuration entry. Line 26 specifies the DN suffix
for queries to pass to this database. Line 27 specifies the directory
in which the database files will live.
Lines 2
7
and 2
8
identify the database {{super-user}} entry and associated
Lines 2
8
and 2
9
identify the database {{super-user}} entry and associated
password. This entry is not subject to access control or size or
time limit restrictions.
Lines
29
through 3
1
indicate the indices to maintain for various
Lines
30
through 3
2
indicate the indices to maintain for various
attributes.
Lines 3
2
through 4
0
specify access control for entries in this
Lines 3
3
through 4
1
specify access control for entries in this
database. As this is the first database, the controls also apply
to entries not held in any database (such as the Root DSE). For
all applicable entries, the {{EX:userPassword}} attribute is writable
...
...
@@ -1487,20 +1489,21 @@ authentication/authorization purposes, but is otherwise not readable.
All other attributes are writable by the entry and the "admin"
entry, but may be read by all users (authenticated or not).
Line 4
1
is a blank line, indicating the end of this entry.
Line 4
2
is a blank line, indicating the end of this entry.
The next section of the example configuration file defines another
BDB database. This one handles queries involving the
{{EX:dc=example,dc=net}} subtree but is managed by the same entity
as the first database. Note that without line 5
0
, the read access
as the first database. Note that without line 5
1
, the read access
would be allowed due to the global access rule at line 19.
E: 42. # BDB definition for example.net
E: 43. dn: olcDatabase=bdb,cn=config
E: 44. objectClass: olcDatabaseConfig
E: 45. olcDatabase: bdb
E: 46. olcSuffix: "dc=example,dc=net"
E: 47. olcDbDirectory: /usr/local/var/openldap-data-net
E: 48. olcRootDN: "cn=Manager,dc=example,dc=com"
E: 49. olcDbIndex: objectClass eq
E: 50. olcAccess: to * by users read
E: 45. objectClass: olcBdbConfig
E: 46. olcDatabase: bdb
E: 47. olcSuffix: "dc=example,dc=net"
E: 48. olcDbDirectory: /usr/local/var/openldap-data-net
E: 49. olcRootDN: "cn=Manager,dc=example,dc=com"
E: 50. olcDbIndex: objectClass eq
E: 51. olcAccess: to * by users read
servers/slapd/back-bdb/dn2id.c
View file @
c1b415ce
...
...
@@ -595,7 +595,7 @@ hdb_dn2id_delete(
/* Delete our ID from the parent's list */
rc
=
cursor
->
c_get
(
cursor
,
&
key
,
&
data
,
DB_GET_BOTH_RANGE
);
if
(
rc
==
0
)
{
if
(
dlen
[
1
]
==
d
->
nrdnlen
[
1
]
&&
dlen
[
0
]
!
=
d
->
nrdnlen
[
0
]
&&
if
(
dlen
[
1
]
==
d
->
nrdnlen
[
1
]
&&
dlen
[
0
]
=
=
d
->
nrdnlen
[
0
]
&&
!
strcmp
(
d
->
nrdn
,
BEI
(
e
)
->
bei_nrdn
.
bv_val
))
rc
=
cursor
->
c_del
(
cursor
,
0
);
else
...
...
servers/slapd/backend.c
View file @
c1b415ce
...
...
@@ -392,49 +392,54 @@ int backend_shutdown( Backend *be )
return
0
;
}
void
backend_destroy_one
(
BackendDB
*
bd
)
{
LDAP_STAILQ_REMOVE
(
&
backendDB
,
bd
,
slap_backend_db
,
be_next
);
if
(
bd
->
be_syncinfo
)
{
syncinfo_free
(
bd
->
be_syncinfo
);
}
if
(
bd
->
be_pending_csn_list
)
{
struct
slap_csn_entry
*
csne
;
csne
=
LDAP_TAILQ_FIRST
(
bd
->
be_pending_csn_list
);
while
(
csne
)
{
struct
slap_csn_entry
*
tmp_csne
=
csne
;
LDAP_TAILQ_REMOVE
(
bd
->
be_pending_csn_list
,
csne
,
ce_csn_link
);
ch_free
(
csne
->
ce_csn
.
bv_val
);
csne
=
LDAP_TAILQ_NEXT
(
csne
,
ce_csn_link
);
ch_free
(
tmp_csne
);
}
}
if
(
bd
->
bd_info
->
bi_db_destroy
)
{
bd
->
bd_info
->
bi_db_destroy
(
bd
);
}
ber_bvarray_free
(
bd
->
be_suffix
);
ber_bvarray_free
(
bd
->
be_nsuffix
);
if
(
!
BER_BVISNULL
(
&
bd
->
be_rootdn
)
)
{
free
(
bd
->
be_rootdn
.
bv_val
);
}
if
(
!
BER_BVISNULL
(
&
bd
->
be_rootndn
)
)
{
free
(
bd
->
be_rootndn
.
bv_val
);
}
if
(
!
BER_BVISNULL
(
&
bd
->
be_rootpw
)
)
{
free
(
bd
->
be_rootpw
.
bv_val
);
}
acl_destroy
(
bd
->
be_acl
,
frontendDB
->
be_acl
);
free
(
bd
);
}
int
backend_destroy
(
void
)
{
int
i
;
BackendDB
*
bd
;
BackendInfo
*
bi
;
struct
slap_csn_entry
*
csne
;
/* destroy each backend database */
while
((
bd
=
LDAP_STAILQ_FIRST
(
&
backendDB
)))
{
LDAP_STAILQ_REMOVE_HEAD
(
&
backendDB
,
be_next
);
if
(
bd
->
be_syncinfo
)
{
syncinfo_free
(
bd
->
be_syncinfo
);
}
if
(
bd
->
be_pending_csn_list
)
{
csne
=
LDAP_TAILQ_FIRST
(
bd
->
be_pending_csn_list
);
while
(
csne
)
{
struct
slap_csn_entry
*
tmp_csne
=
csne
;
LDAP_TAILQ_REMOVE
(
bd
->
be_pending_csn_list
,
csne
,
ce_csn_link
);
ch_free
(
csne
->
ce_csn
.
bv_val
);
csne
=
LDAP_TAILQ_NEXT
(
csne
,
ce_csn_link
);
ch_free
(
tmp_csne
);
}
}
if
(
bd
->
bd_info
->
bi_db_destroy
)
{
bd
->
bd_info
->
bi_db_destroy
(
bd
);
}
ber_bvarray_free
(
bd
->
be_suffix
);
ber_bvarray_free
(
bd
->
be_nsuffix
);
if
(
!
BER_BVISNULL
(
&
bd
->
be_rootdn
)
)
{
free
(
bd
->
be_rootdn
.
bv_val
);
}
if
(
!
BER_BVISNULL
(
&
bd
->
be_rootndn
)
)
{
free
(
bd
->
be_rootndn
.
bv_val
);
}
if
(
!
BER_BVISNULL
(
&
bd
->
be_rootpw
)
)
{
free
(
bd
->
be_rootpw
.
bv_val
);
}
acl_destroy
(
bd
->
be_acl
,
frontendDB
->
be_acl
);
free
(
bd
);
backend_destroy_one
(
bd
);
}
/* destroy each backend type */
...
...
servers/slapd/backover.c
View file @
c1b415ce
...
...
@@ -659,6 +659,27 @@ overlay_register_control( BackendDB *be, const char *oid )
return
rc
;
}
void
overlay_destroy_one
(
BackendDB
*
be
,
slap_overinst
*
on
)
{
slap_overinfo
*
oi
=
on
->
on_info
;
slap_overinst
**
oidx
;
for
(
oidx
=
&
oi
->
oi_list
;
*
oidx
;
oidx
=
&
(
*
oidx
)
->
on_next
)
{
if
(
*
oidx
==
on
)
{
*
oidx
=
on
->
on_next
;
if
(
on
->
on_bi
.
bi_db_destroy
)
{
BackendInfo
*
bi_orig
=
be
->
bd_info
;
be
->
bd_info
=
(
BackendInfo
*
)
on
;
on
->
on_bi
.
bi_db_destroy
(
be
);
be
->
bd_info
=
bi_orig
;
}
free
(
on
);
break
;
}
}
}
/* add an overlay to a particular backend. */
int
overlay_config
(
BackendDB
*
be
,
const
char
*
ov
)
...
...
servers/slapd/bconfig.c
View file @
c1b415ce
...
...
@@ -3169,6 +3169,10 @@ ok:
Debug
(
LDAP_DEBUG_ANY
,
"%s: %s (%s)!
\n
"
,
ca
->
log
,
ca
->
msg
,
ca
->
argv
[
1
]
);
rc
=
LDAP_OTHER
;
if
(
colst
[
0
]
->
co_type
==
Cft_Database
)
backend_destroy_one
(
ca
->
be
);
else
overlay_destroy_one
(
ca
->
be
,
(
slap_overinst
*
)
ca
->
bi
);
goto
leave
;
}
}
...
...
servers/slapd/proto-slap.h
View file @
c1b415ce
...
...
@@ -258,6 +258,7 @@ LDAP_SLAPD_F (int) backend_startup_one LDAP_P((Backend *be));
LDAP_SLAPD_F
(
int
)
backend_sync
LDAP_P
((
Backend
*
be
));
LDAP_SLAPD_F
(
int
)
backend_shutdown
LDAP_P
((
Backend
*
be
));
LDAP_SLAPD_F
(
int
)
backend_destroy
LDAP_P
((
void
));
LDAP_SLAPD_F
(
void
)
backend_destroy_one
LDAP_P
((
BackendDB
*
bd
));
LDAP_SLAPD_F
(
BackendInfo
*
)
backend_info
LDAP_P
((
const
char
*
type
));
LDAP_SLAPD_F
(
BackendDB
*
)
backend_db_init
LDAP_P
((
const
char
*
type
));
...
...
@@ -348,6 +349,9 @@ LDAP_SLAPD_F (int) glue_sub_init( void );
LDAP_SLAPD_F
(
int
)
overlay_register
LDAP_P
((
slap_overinst
*
on
));
LDAP_SLAPD_F
(
int
)
overlay_config
LDAP_P
((
BackendDB
*
be
,
const
char
*
ov
));
LDAP_SLAPD_F
(
void
)
overlay_destroy_one
LDAP_P
((
BackendDB
*
be
,
slap_overinst
*
on
));
LDAP_SLAPD_F
(
slap_overinst
*
)
overlay_next
LDAP_P
((
slap_overinst
*
on
));
LDAP_SLAPD_F
(
slap_overinst
*
)
overlay_find
LDAP_P
((
const
char
*
name
));
LDAP_SLAPD_F
(
int
)
overlay_is_over
LDAP_P
((
BackendDB
*
be
));
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment