1This directory contains native slapd plugins that implement access rules. 2 3posixgroup.c contains a simple example that implements access control 4based on posixGroup membership, loosely inspired by ITS#3849. It should 5be made clear that this access control policy does not reflect any 6standard track model of handling access control, and should be 7essentially viewed as an illustration of the use of the dynamic 8extension of access control within slapd. 9 10To use the acl-posixgroup plugin, add: 11 12moduleload acl-posixgroup.so 13 14to your slapd configuration file; it requires "nis.schema" to be loaded. 15It is configured using 16 17access to <what> 18 by dynacl/posixGroup[.{exact,expand}]=<dnpat> {<level>|<priv(s)} 19 20The default is "exact"; in case of "expand", "<dnpat>" results from 21the expansion of submatches in the "<what>" portion. "<level>|<priv(s)>" 22describe the level of privilege this rule can assume. 23 24Use Makefile to compile this plugin or use a command line similar to: 25 26gcc -shared -I../../../include -I../../../servers/slapd -Wall -g \ 27 -o acl-posixgroup.so posixgroup.c 28 29--- 30Copyright 2005-2021 The OpenLDAP Foundation. All rights reserved. 31 32Redistribution and use in source and binary forms, with or without 33modification, are permitted only as authorized by the OpenLDAP 34Public License. 35 36