diff options
Diffstat (limited to 'install/updates/40-replication.update')
| -rw-r--r-- | install/updates/40-replication.update | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/install/updates/40-replication.update b/install/updates/40-replication.update new file mode 100644 index 00000000..f9e0496b --- /dev/null +++ b/install/updates/40-replication.update @@ -0,0 +1,4 @@ +# Let a delegated user put the database into read-only mode when deleting +# an agreement. +dn: cn=userRoot,cn=ldbm database,cn=plugins,cn=config +add:aci: '(targetattr=nsslapd-readonly)(version 3.0; acl "Allow marking the database readonly"; allow (write) groupdn = "ldap:///cn=Remove Replication Agreements,cn=permissions,cn=pbac,$SUFFIX";)' |