ITS#2497 value-level ACLs

2026-01-05 14:42:10 -05:00 · 2003-09-21 11:07:32 +00:00 · 2003-09-21 11:07:32 +00:00 · 14745b74d2
commit 14745b74d2
parent 0eca4fa42f
1 changed files with 7 additions and 2 deletions
--- a/doc/guide/admin/slapdconfig.sdf
+++ b/doc/guide/admin/slapdconfig.sdf
@ -631,7 +631,7 @@ access line is:
 >		[filter=<ldapfilter>] [attrs=<attrlist>]
 >	<basic-style> ::= regex | exact
 >	<scope-style> ::= base | one | subtree | children
->	<attrlist> ::= <attr> | <attr> , <attrlist>
+>	<attrlist> ::= <attr> [val[.<basic-style>]=<regex>] | <attr> , <attrlist>
 >	<attr> ::= <attrname> | entry | children
 >	<who> ::= * | [anonymous | users | self
 >			| dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>] 
@ -719,8 +719,13 @@ list of attribute names in the <what> selector:

 >	attrs=<attribute list>

+A specific value of an attribute is selected by using a single
+attribute name and also using a value selector:
+
+>	attrs=<attribute> val[.<style>]=<regex>
+
 There are two special {{pseudo}} attributes {{EX:entry}} and
-{{EX:children}}.  To read (and hence return) an target entry, the
+{{EX:children}}.  To read (and hence return) a target entry, the
 subject must have {{EX:read}} access to the target's {{entry}}
 attribute.  To add or delete an entry, the subject must have
 {{EX:write}} access to the entry's {{EX:entry}} attribute AND must