From 7731832751ab9f3c6ddeb66f186d3d7fa1934a6d Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 27 Apr 2024 13:11:40 +0200 Subject: Adding upstream version 2.4.57+dfsg. Signed-off-by: Daniel Baumann --- doc/guide/admin/appendix-upgrading.sdf | 40 ++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 doc/guide/admin/appendix-upgrading.sdf (limited to 'doc/guide/admin/appendix-upgrading.sdf') diff --git a/doc/guide/admin/appendix-upgrading.sdf b/doc/guide/admin/appendix-upgrading.sdf new file mode 100644 index 0000000..774abbc --- /dev/null +++ b/doc/guide/admin/appendix-upgrading.sdf @@ -0,0 +1,40 @@ +# $OpenLDAP$ +# Copyright 2007-2021 The OpenLDAP Foundation, All Rights Reserved. +# COPYING RESTRICTIONS APPLY, see COPYRIGHT. + +H1: Upgrading from 2.3.x + +The following sections attempt to document the steps you will need to take in order +to upgrade from the latest 2.3.x OpenLDAP version. + +The normal upgrade procedure, as discussed in the {{SECT:Maintenance}} section, should +of course still be followed prior to doing any of this. + +H2: {{B:cn=config}} olc* attributes + +Quite a few {{olc*}} attributes have now become obsolete, if you see in your logs +entries like below, just remove them from the relevant ldif file. + +> olcReplicationInterval: value #0: keyword is obsolete (ignored) + +H2: ACLs: searches require privileges on the search base + +Search operations now require "search" privileges on the "entry" pseudo-attribute of the search +base. While upgrading from 2.3.x, make sure your ACLs grant such privileges to all desired search +bases. + +For example, assuming you have the following ACL: + +> access to dn.sub="ou=people,dc=example,dc=com" by * search + +Searches using a base of "dc=example,dc=com" will only be allowed if you add the following ACL: + +> access to dn.base="dc=example,dc=com" attrs=entry by * search + +Note: The {{slapd.access}}(5) man page states that this requirement was introduced +with OpenLDAP 2.3. However, it is the default behavior only since 2.4. + + + +ADD MORE HERE + -- cgit v1.2.3