[SASL] Prise en compte de shadowExpire + [LDAP] Idem niveau ACL

Cfg/etc/saslauthd.conf/saslauthd.conf

@@ -1,5 +1,5 @@
 ldap_servers: ldap://ldap.adm.crans.org
 ldap_bind_dn: cn=postfix,dc=crans,dc=org
 ldap_password: f34842fd04aa7f58bc45bb
-ldap_filter: (&(objectClass=posixAccount)(uid=%u))
+ldap_filter: (&(objectClass=posixAccount)(uid=%u)(!(shadowExpire=0)))
 ldap_search_base: ou=data,dc=crans,dc=org

Python/etc/ldap/templatedir/cn=config/olcDatabase={1}bdb.ldif

@@ -18,13 +18,14 @@ rid = str(int(rid[rid.rfind(".")+1:])+255)
 @olcAccess: {1}to dn.base=""  by * read
 @olcAccess: {2}to dn.regex="^(a|c)id=[0-9]+,ou=data,dc=crans,dc=org$$"  attrs=m
 @ ailAlias,canonicalAlias,uid,mail,entry,objectClass,contourneGreylist,rewriteM
-@ ailHeaders  by dn.regex="cn=postfix,dc=crans,dc=org" read  by * +0 break
+@ ailHeaders,shadowExpire  by dn.regex="cn=postfix,dc=crans,dc=org" read  by * 
+@ +0 break
 @olcAccess: {3}to dn.regex="^(a|c)id=[0-9]+,ou=data,dc=crans,dc=org$$"  attrs=u
-@ id,entry,objectClass  by dn.regex="cn=intranet,dc=crans,dc=org" read  by * +0
+@ id,entry,objectClass,shadowExpire  by dn.regex="cn=intranet,dc=crans,dc=org" 
-@  break
+@ read  by * +0 break
 @olcAccess: {4}to dn.regex="^(a|c)id=[0-9]+,ou=data,dc=crans,dc=org$$"  attrs=u
-@ id,homeDirectory,uidNumber,gidNumber,userPassword,objectClass,entry  by dn.re
+@ id,homeDirectory,uidNumber,gidNumber,userPassword,objectClass,entry,shadowExp
-@ gex="cn=dovecot,dc=crans,dc=org" read  by * +0 break
+@ ire  by dn.regex="cn=dovecot,dc=crans,dc=org" read  by * +0 break
 @olcAccess: {5}to *  by group/labeledURIObject/labeledURI.exact="cn=adm,ou=grou
 @ p,dc=crans,dc=org" write  by group/labeledURIObject/labeledURI.exact="cn=resp
 @ bats,ou=group,dc=crans,dc=org" read  by * +0 break