Univention Bugzilla – Bug 55159
Diagnostic module complains about univention-fetchmail ACLs
Last modified: 2022-09-13 17:50:18 CEST
access to attrs=univentionFetchmailPasswd by group/univentionGroup/uniqueMember="cn=Domain Admins,cn=groups,dc=my_domain,dc=intranet" write by set="user/univentionService & [Fetchmail]" write by dn.base="cn=admin,dc=my_domain,dc=intranet" write by * +0 stop results in 62615877 /etc/ldap/slapd.conf: line 175: rootdn is always granted unlimited privileges. The second but last line is the culprit and superfluous: by dn.base="cn=admin,dc=my_domain,dc=intranet" write This error message is also shown by the diagnostics module for the LDAP ACL. We can simply remove the corresponding line.
See also: https://help.univention.com/t/after-upgrade-to-ucs-5-0-2-system-diagnostic-gives-me-warning-validating-the-ldap-configuration-and-schema-files/20321/12
univention-fetchmail (13.0.1-4) 01563e7349fb | Bug #55159: remove unnecessary LDAP ACL for cn=admin which always have all access rights
OK: fixed for new installations ~OK: we can't touch the joinscript version, so it doesn't apply for upgrades but can be achieved manually via: univention-run-join-scripts --run-scripts --force 92univention-fetchmail-schema OK: `univention-run-diagnostic-checks -t 62_check_slapschema` doesn't show a warning anymore OK: YAML
<https://errata.software-univention.de/#/?erratum=5.0x421>