1This directory contains native slapd plugins that implement access rules. 2 3posixgroup.c contains a simple example that implements access control 4based on posixGroup membership, loosely inspired by ITS#3849. It should 5be made clear that this access control policy does not reflect any 6standard track model of handling access control, and should be 7essentially viewed as an illustration of the use of the dynamic 8extension of access control within slapd. 9 10To use the acl-posixgroup plugin, add: 11 12moduleload acl-posixgroup.so 13 14to your slapd configuration file; it requires "nis.schema" to be loaded. 15It is configured using 16 17access to <what> 18 by dynacl/posixGroup[.{exact,expand}]=<dnpat> {<level>|<priv(s)} 19 20The default is "exact"; in case of "expand", "<dnpat>" results from 21the expansion of submatches in the "<what>" portion. "<level>|<priv(s)>" 22describe the level of privilege this rule can assume. 23 24No Makefile is provided. Use a command line similar to: 25 26gcc -shared -I../../../include -I../../../servers/slapd -Wall -g \ 27 -o acl-posixgroup.so posixgroup.c 28 29to compile the posixGroup ACL plugin. 30 31--- 32Copyright 2005-2010 The OpenLDAP Foundation. All rights reserved. 33 34Redistribution and use in source and binary forms, with or without 35modification, are permitted only as authorized by the OpenLDAP 36Public License. 37 38