Changements d'ACLs pour les replicas

Python/etc/ldap/templatedir/cn=config/olcDatabase={1}bdb.ldif

@@ -12,33 +12,31 @@ rid = str(int(rid[rid.rfind(".")+1:])+255)
 @objectClass: olcBdbConfig
 @olcDatabase: {1}bdb
 @olcSuffix: dc=crans,dc=org
-@olcAccess: {0}to attrs=userPassword  by dn.regex="cn=replica,dc=crans,dc=org" 
+@olcAccess: {0}to *  by dn.exact="cn=replica,dc=crans,dc=org" write  by dn.exac
-@ write  by dn.regex="cn=dovecot,dc=crans,dc=org" read  by anonymous auth  by s
+@ t="cn=readonly,dc=crans,dc=org" read  by sockname.regex="ldapi" read  by self
-@ elf write  by * none
+@  read  by * +0 break
-@olcAccess: {1}to dn.base=""  by * read
+@olcAccess: {1}to attrs=userPassword  by dn.exact="cn=dovecot,dc=crans,dc=org" 
-@olcAccess: {2}to dn.regex="^(a|c)id=[0-9]+,ou=data,dc=crans,dc=org$$"  attrs=m
+@ read  by anonymous auth  by self write  by * none
+@olcAccess: {2}to dn.base=""  by * read
+@olcAccess: {3}to dn.regex="^(a|c)id=[0-9]+,ou=data,dc=crans,dc=org$$"  attrs=m
 @ ailAlias,canonicalAlias,uid,mail,entry,objectClass,contourneGreylist,rewriteM
-@ ailHeaders,shadowExpire  by dn.regex="cn=postfix,dc=crans,dc=org" read  by * 
+@ ailHeaders,shadowExpire  by dn.exact="cn=postfix,dc=crans,dc=org" read  by * 
 @ +0 break
-@olcAccess: {3}to dn.regex="^(a|c)id=[0-9]+,ou=data,dc=crans,dc=org$$"  attrs=u
-@ id,entry,objectClass,shadowExpire  by dn.regex="cn=intranet,dc=crans,dc=org" 
-@ read  by * +0 break
 @olcAccess: {4}to dn.regex="^(a|c)id=[0-9]+,ou=data,dc=crans,dc=org$$"  attrs=u
+@ id,entry,objectClass,shadowExpire  by dn.exact="cn=intranet,dc=crans,dc=org" 
+@ read  by * +0 break
+@olcAccess: {5}to dn.regex="^(a|c)id=[0-9]+,ou=data,dc=crans,dc=org$$"  attrs=u
 @ id,homeDirectory,uidNumber,gidNumber,userPassword,objectClass,entry,shadowExp
-@ ire  by dn.regex="cn=dovecot,dc=crans,dc=org" read  by * +0 break
+@ ire  by dn.exact="cn=dovecot,dc=crans,dc=org" read  by * +0 break
-@olcAccess: {5}to *  by group/labeledURIObject/labeledURI.exact="cn=adm,ou=grou
+@olcAccess: {6}to *  by group/labeledURIObject/labeledURI.exact="cn=adm,ou=grou
 @ p,dc=crans,dc=org" write  by group/labeledURIObject/labeledURI.exact="cn=resp
 @ bats,ou=group,dc=crans,dc=org" read  by * +0 break
-@olcAccess: {6}to dn.regex="^(a|c)id=[0-9]+,ou=data,dc=crans,dc=org$$"  attrs=u
+@olcAccess: {7}to dn.regex="^(a|c)id=[0-9]+,ou=data,dc=crans,dc=org$$"  attrs=u
 @ id,homeDirectory,uidNumber,gidNumber,gecos,objectClass,entry  by anonymous re
 @ ad  by * +0 break
-@olcAccess: {7}to dn.base="ou=data,dc=crans,dc=org"  by anonymous search  by dn
+@olcAccess: {8}to dn.base="ou=data,dc=crans,dc=org"  by anonymous search  by dn
 @ .regex="cn=(postfix|intranet|dovecot),dc=crans,dc=org" search  by * +0 break
-@olcAccess: {8}to dn.subtree="ou=group,dc=crans,dc=org"  by anonymous read  by 
+@olcAccess: {9}to dn.subtree="ou=group,dc=crans,dc=org"  by anonymous read
-@ * +0 break
-@olcAccess: {9}to *  by dn.regex="cn=admin,dc=crans,dc=org" write  by dn.regex=
-@ "cn=replica,dc=crans,dc=org" write  by sockname.regex="ldapi" read  by dn.reg
-@ ex="cn=readonly,dc=crans,dc=org" read  by self read  by * none
 @olcAddContentAcl: FALSE
 @olcLastMod: TRUE
 @olcMaxDerefDepth: 15