[EMAIL PROTECTED] wrote: > Full_Name: Rein Tollevik > Version: CVS head > OS: linux, solaris > URL: > Submission from: (NULL) (84.215.36.97) > Submitted by: rein > > > syncrepl_updateCookie() doesn't initialize mod.sml_flags, which means that the > contextCSN modification is done with a random value. Which again can cause > the > modify to fail if syncrepl is used on a subordinate DB with another rootdn > than > what the glue DB has.
As documented, glued DBs must all have the same rootDN. Any other configuration is a user error. > syncprov_checkpoint() has a similar problem, it initializes mod.sml_flags to > 0. > When a checkpoint occur the modify operation is run with the privileges of > what > might be in op->o_ndn. Checkpoint when the database is closed always works > though, as op->o_ndn is always set to the rootdn when that is done. > I'll commit a fix that sets mod.sml_flags to SLAP_MOD_INTERNAL shortly, so > that > access control rules are bypassed. > > Rein Tollevik > Basefarm AS -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
