From: Ondřej Kuzník <ondra@mistotebe.net>
Date: Mon, 17 Mar 2025 10:58:31 +0000 (+0000)
Subject: Add missing olcFrontendConfig to example
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=602c79428704d4c9d8b452fa8d8d97a36c6a9fd9;p=thirdparty%2Fopenldap.git

Add missing olcFrontendConfig to example
---

diff --git a/doc/guide/admin/slapdconf2.sdf b/doc/guide/admin/slapdconf2.sdf
index 0d73c59967..233b5a9bf8 100644
--- a/doc/guide/admin/slapdconf2.sdf
+++ b/doc/guide/admin/slapdconf2.sdf
@@ -1045,102 +1045,103 @@ to all the other databases.
 E: 15.    # global database parameters
 E: 16.    dn: olcDatabase=frontend,cn=config
 E: 17.    objectClass: olcDatabaseConfig
-E: 18.    olcDatabase: frontend
-E: 19.    olcAccess: to * by * read
-E: 20.
+E: 18.    objectClass: olcFrontendConfig
+E: 19.    olcDatabase: frontend
+E: 20.    olcAccess: to * by * read
+E: 21.
 
 Line 15 is a comment. Lines 16-18 identify this entry as the global
-database entry. Line 19 is a global access control. It applies to all
+database entry. Line 20 is a global access control. It applies to all
 entries (after any applicable database-specific access controls).
-Line 20 is a blank line.
+Line 21 is a blank line.
 
 The next entry defines the config backend.
 
-E: 21.    # set a rootpw for the config database so we can bind.
-E: 22.    # deny access to everyone else.
-E: 23.    dn: olcDatabase=config,cn=config
-E: 24.    objectClass: olcDatabaseConfig
-E: 25.    olcDatabase: config
-E: 26.    olcRootPW: {SSHA}XKYnrjvGT3wZFQrDD5040US592LxsdLy
-E: 27.    olcAccess: to * by * none
-E: 28.
-
-Lines 21-22 are comments. Lines 23-25 identify this entry as the config
-database entry. Line 26 defines the {{super-user}} password for this
-database. (The DN defaults to {{"cn=config"}}.) Line 27 denies all access
+E: 22.    # set a rootpw for the config database so we can bind.
+E: 23.    # deny access to everyone else.
+E: 24.    dn: olcDatabase=config,cn=config
+E: 25.    objectClass: olcDatabaseConfig
+E: 26.    olcDatabase: config
+E: 27.    olcRootPW: {SSHA}XKYnrjvGT3wZFQrDD5040US592LxsdLy
+E: 28.    olcAccess: to * by * none
+E: 29.
+
+Lines 22-23 are comments. Lines 24-26 identify this entry as the config
+database entry. Line 27 defines the {{super-user}} password for this
+database. (The DN defaults to {{"cn=config"}}.) Line 28 denies all access
 to this database, so only the super-user will be able to access it. (This
 is already the default access on the config database. It is just listed
 here for illustration, and to reiterate that unless a means to authenticate
 as the super-user is explicitly configured, the config database will be
 inaccessible.)
 
-Line 28 is a blank line.
+Line 29 is a blank line.
 
 The next entry defines an MDB backend that will handle queries for things
 in the "dc=example,dc=com" portion of the tree. Indices are to be maintained
 for several attributes, and the {{EX:userPassword}} attribute is to be
 protected from unauthorized access.
 
-E: 29.    # MDB definition for example.com
-E: 30.    dn: olcDatabase=mdb,cn=config
-E: 31.    objectClass: olcDatabaseConfig
-E: 32.    objectClass: olcMdbConfig
-E: 33.    olcDatabase: mdb
-E: 34.    olcSuffix: dc=example,dc=com
-E: 35.    olcDbDirectory: /usr/local/var/openldap-data
-E: 36.    olcRootDN: cn=Manager,dc=example,dc=com
-E: 37.    olcRootPW: secret
-E: 38.    olcDbIndex: uid pres,eq
-E: 39.    olcDbIndex: cn,sn pres,eq,approx,sub
-E: 40.    olcDbIndex: objectClass eq
-E: 41.    olcAccess: to attrs=userPassword
-E: 42.      by self write
-E: 43.      by anonymous auth
-E: 44.      by dn.base="cn=Admin,dc=example,dc=com" write
-E: 45.      by * none
-E: 46.    olcAccess: to *
-E: 47.      by self write
-E: 48.      by dn.base="cn=Admin,dc=example,dc=com" write
-E: 49.      by * read
-E: 50.
-
-Line 29 is a comment. Lines 30-33 identify this entry as a MDB database
-configuration entry.  Line 34 specifies the DN suffix
-for queries to pass to this database. Line 35 specifies the directory
+E: 30.    # MDB definition for example.com
+E: 31.    dn: olcDatabase=mdb,cn=config
+E: 32.    objectClass: olcDatabaseConfig
+E: 33.    objectClass: olcMdbConfig
+E: 34.    olcDatabase: mdb
+E: 35.    olcSuffix: dc=example,dc=com
+E: 36.    olcDbDirectory: /usr/local/var/openldap-data
+E: 37.    olcRootDN: cn=Manager,dc=example,dc=com
+E: 38.    olcRootPW: secret
+E: 39.    olcDbIndex: uid pres,eq
+E: 40.    olcDbIndex: cn,sn pres,eq,approx,sub
+E: 41.    olcDbIndex: objectClass eq
+E: 42.    olcAccess: to attrs=userPassword
+E: 43.      by self write
+E: 44.      by anonymous auth
+E: 45.      by dn.base="cn=Admin,dc=example,dc=com" write
+E: 46.      by * none
+E: 47.    olcAccess: to *
+E: 48.      by self write
+E: 49.      by dn.base="cn=Admin,dc=example,dc=com" write
+E: 50.      by * read
+E: 51.
+
+Line 30 is a comment. Lines 31-34 identify this entry as a MDB database
+configuration entry.  Line 35 specifies the DN suffix
+for queries to pass to this database. Line 36 specifies the directory
 in which the database files will live.
 
-Lines 36 and 37 identify the database {{super-user}} entry and associated
+Lines 37 and 38 identify the database {{super-user}} entry and associated
 password. This entry is not subject to access control or size or
 time limit restrictions.
 
-Lines 38 through 40 indicate the indices to maintain for various
+Lines 39 through 41 indicate the indices to maintain for various
 attributes.
 
-Lines 41 through 49 specify access control for entries in this
+Lines 42 through 50 specify access control for entries in this
 database. For all applicable entries, the {{EX:userPassword}} attribute is writable
 by the entry itself and by the "admin" entry.  It may be used for
 authentication/authorization purposes, but is otherwise not readable.
 All other attributes are writable by the entry and the "admin"
 entry, but may be read by all users (authenticated or not).
 
-Line 50 is a blank line, indicating the end of this entry.
+Line 51 is a blank line, indicating the end of this entry.
 
 The next entry defines another
 MDB database. This one handles queries involving the
 {{EX:dc=example,dc=net}} subtree but is managed by the same entity
-as the first database.  Note that without line 60, the read access
-would be allowed due to the global access rule at line 19.
-
-E: 51.    # MDB definition for example.net
-E: 52.    dn: olcDatabase=mdb,cn=config
-E: 53.    objectClass: olcDatabaseConfig
-E: 54.    objectClass: olcMdbConfig
-E: 55.    olcDatabase: mdb
-E: 56.    olcSuffix: dc=example,dc=net
-E: 57.    olcDbDirectory: /usr/local/var/openldap-data-net
-E: 58.    olcRootDN: cn=Manager,dc=example,dc=com
-E: 59.    olcDbIndex: objectClass eq
-E: 60.    olcAccess: to * by users read
+as the first database.  Note that without line 61, the read access
+would be allowed due to the global access rule at line 20.
+
+E: 52.    # MDB definition for example.net
+E: 53.    dn: olcDatabase=mdb,cn=config
+E: 54.    objectClass: olcDatabaseConfig
+E: 55.    objectClass: olcMdbConfig
+E: 56.    olcDatabase: mdb
+E: 57.    olcSuffix: dc=example,dc=net
+E: 58.    olcDbDirectory: /usr/local/var/openldap-data-net
+E: 59.    olcRootDN: cn=Manager,dc=example,dc=com
+E: 60.    olcDbIndex: objectClass eq
+E: 61.    olcAccess: to * by users read
 
 
 H2: Converting old style {{slapd.conf}}(5) file to {{cn=config}} format