From 611d182907c3c567f9000c4e0dc00da95e2d64f6 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Sun, 26 Jan 2020 18:59:28 +0100 Subject: Add anyread to admins in example acl because don't be ridiculous --- main.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/main.go b/main.go index 7876915..6516724 100644 --- a/main.go +++ b/main.go @@ -57,10 +57,10 @@ func main() { "*,dc=gobottin,dc=eu::read:*:* !userpassword", // Anybody can read and modify anything from their own entry "*::read modify:SELF:*", - // The admin can add, modify, delete anything - "cn=admin,dc=gobottin,dc=eu::add modify delete:*:*", - // Members of the admin group can add, modify, delete anything - "*:cn=admin,ou=groups,dc=gobottin,dc=eu:add modify delete:*:*", + // The admin can read, add, modify, delete anything + "cn=admin,dc=gobottin,dc=eu::read add modify delete:*:*", + // Members of the admin group can read, add, modify, delete anything + "*:cn=admin,ou=groups,dc=gobottin,dc=eu:read add modify delete:*:*", } acl, err := ParseACL(aclStr) if err != nil { -- cgit v1.2.3