phamm-ldap 0.5.18-3.1 / etc / ldap / phamm.acl

This file is indexed.

/etc/ldap/phamm.acl is in phamm-ldap 0.5.18-3.1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
# acl specific for phamm

#  Copyright (c) 2005 Alessandro De Zorzi, Mirko Grava
#  				<phamm@rhx.it> http://phamm.rhx.it/
#
#  Permission is granted to copy, distribute and/or modify this document
#  under the terms of the GNU Free Documentation License, Version 1.2
#  or any later version published by the Free Software Foundation;
#  A copy of the license in DOCS.LICENSE file.
#
# account must edit his password, spam level, forward, vacation, his name
# postmaster with editAccounts=FALSE do the same thing for his domain
# postmaster with editAccounts=TRUE can add account/alias and edit also amavisBypassVirusChecks, quota and smtpAuth
# vadmin could do the same as postmaster with editAccounts=TRUE for some domains
# IMPORTANT
# this file was tested to be used on Debian Lenny with slapd 2.4.7-5
# Please remember that the rootdn is cn=admin,dc=example,dc=tld
#
access to dn.regex=".+,vd=([^,]+),o=hosting,dc=example,dc=tld$" attrs=userPassword
	by dn="cn=admin,dc=example,dc=tld" write
        by self write
        by anonymous auth
        by dn.exact,expand="cn=postmaster,vd=$1,o=hosting,dc=example,dc=tld" write
        by set.expand="user/vd & [$1]" write

access to dn.regex=".+,vd=([^,]+),o=hosting,dc=example,dc=tld$" attrs=amavisBypassVirusChecks,quota,smtpAuth,accountActive
	by dn="cn=admin,dc=example,dc=tld" write
        by self read
        by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read 
        by set.expand="user/editAccounts & [TRUE]" write
        by dn.exact,expand="cn=postmaster,vd=$1,o=hosting,dc=example,dc=tld" read
        by set.expand="user/vd & [$1]" write

access to dn.regex=".+,vd=([^,]+),o=hosting,dc=example,dc=tld$" attrs=cn,sn,uid,forwardActive,vacationActive,vacationInfo,vacationStart,vacationEnd,vacationForward,amavisSpamTagLevel,amavisSpamTag2Level,amavisSpamKillLevel
	by dn="cn=admin,dc=example,dc=tld" write
        by self write
        by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read 
        by dn.exact,expand="cn=postmaster,vd=$1,o=hosting,dc=example,dc=tld" write
        by set.expand="user/vd & [$1]" write

access to dn.regex="^.*,vd=([^,]+),o=hosting,dc=example,dc=tld$" attrs=editAccounts
	by dn="cn=admin,dc=example,dc=tld" write
        by self read
        by set.expand="user/editAccounts & [TRUE]" write
        by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read 
        by * none

access to dn.regex=".+,vd=([^,]+),o=hosting,dc=example,dc=tld$" attrs=objectClass,entry
	by dn="cn=admin,dc=example,dc=tld" write
        by self write
        by anonymous read
        by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read
        by set.expand="user/editAccounts & [TRUE]" write
        by dn.exact,expand="cn=postmaster,vd=$1,o=hosting,dc=example,dc=tld" read

access to dn.regex=".+,vd=([^,]+),o=hosting,dc=example,dc=tld$" attrs=amavisBypassSpamChecks,accountActive,delete
	by dn="cn=admin,dc=example,dc=tld" write
        by self read
        by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read 
        by dn.exact,expand="cn=postmaster,vd=$1,o=hosting,dc=example,dc=tld" write
        by set.expand="user/vd & [$1]" write

access to dn.regex=".+,vd=([^,]+),o=hosting,dc=example,dc=tld$" attrs=otherPath
	by dn="cn=admin,dc=example,dc=tld" write
        by anonymous read
        by self read
        by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read 
        by dn.exact,expand="cn=postmaster,vd=$1,o=hosting,dc=example,dc=tld" read
        by set.expand="user/vd & [$1]" write

access to dn.regex=".+,vd=([^,]+),o=hosting,dc=example,dc=tld$" attrs=createMaildir,vdHome,mailbox,otherTransport
	by dn="cn=admin,dc=example,dc=tld" write
        by self read
        by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read 
        by set.expand="user/vd & [$1]" read

access to dn.regex="^(.+,)?vd=([^,]+),o=hosting,dc=example,dc=tld$" attrs=vd
	by dn="cn=admin,dc=example,dc=tld" write
        by self write
        by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read 
        by dn.exact,expand="cn=postmaster,vd=$2,o=hosting,dc=example,dc=tld" write
        by set.expand="user/vd & [$2]" write

access to dn.regex="^(.+,)?vd=([^,]+),o=hosting,dc=example,dc=tld$"
	by dn="cn=admin,dc=example,dc=tld" write
        by self write
        by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read 
        by set.expand="user/editAccounts & [FALSE]" read
        by dn.exact,expand="cn=postmaster,vd=$2,o=hosting,dc=example,dc=tld" write
        by set.expand="user/vd & [$2]" write

access to dn.regex=".+,o=hosting,dc=example,dc=tld$"
	by dn="cn=admin,dc=example,dc=tld" write
        by self write
        by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read 
        by anonymous auth
	
access to dn.regex=".+,dc=tld$"
        by dn="cn=admin,dc=example,dc=tld" write
        by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read 
        by anonymous auth
		
access to dn.regex=".+,ou=admin,dc=example,dc=tld$" attrs=userPassword
	by dn="cn=admin,dc=example,dc=tld" write
        by self write
        by anonymous auth

access to dn.regex=".+,ou=admin,dc=example,dc=tld$" attrs=vd
	by dn="cn=admin,dc=example,dc=tld" write
        by self read

access to dn.regex="ou=admin,dc=example,dc=tld$"
	by dn="cn=admin,dc=example,dc=tld" write
        by self read

APT Browse - Built by Thomas Orozco.