diff options
Diffstat (limited to 'ldap/test-user-acl.sh')
-rwxr-xr-x | ldap/test-user-acl.sh | 34 |
1 files changed, 17 insertions, 17 deletions
diff --git a/ldap/test-user-acl.sh b/ldap/test-user-acl.sh index 3e53b48..221415c 100755 --- a/ldap/test-user-acl.sh +++ b/ldap/test-user-acl.sh @@ -1027,110 +1027,110 @@ done | grep -Ev '^(objectClass|creatorsName)=' | isOK '=0$' entry SUFFIX="${SUFFIXS}" echo -echo "Service SMTP" +echo "Service Postfix" msg "Have =0 access on non-active or pending entries" for X in ${DOMAINS} ${USERS} ${ALIASES} ${LISTS} ${LISTSC}; do search -s base -b "${X},${SUFFIXV}" "(|(fripostIsStatusActive=TRUE)(fripostPendingToken=*))" | grep -q '^dn: ' && \ - checkACL "cn=SMTP" "${D}" + checkACL "cn=Postfix" "${D}" done | isOK '=0$' entry [ $? -eq 0 ] || exit $? msg "Can read and search the domain attributes it needs" for D in ${DOMAINS}; do search -s base -b "${D},${SUFFIXV}" "(|(fripostIsStatusActive=FALSE)(fripostPendingToken=*))" | grep -q '^dn: ' || \ - checkACL "cn=SMTP" "${D}" entry fvd fripostOptionalMaildrop + checkACL "cn=Postfix" "${D}" entry fvd fripostOptionalMaildrop done | isOK '=rsd$' entry [ $? -eq 0 ] || exit $? msg "Can search the domain attributes it needs" for D in ${DOMAINS}; do search -s base -b "${D},${SUFFIXV}" "(|(fripostIsStatusActive=FALSE)(fripostPendingToken=*))" | grep -q '^dn: ' || \ - checkACL "cn=SMTP" "${D}" objectClass + checkACL "cn=Postfix" "${D}" objectClass done | isOK '=s$' objectClass [ $? -eq 0 ] || exit $? msg "Have =0 access on other domain attributes" for D in ${DOMAINS}; do - checkACL "cn=SMTP" "${D}" children ${OPERATTRS} fripostCanAddAlias fripostCanAddList fripostOwner fripostPostmaster description fripostPendingToken fripostIsStatusActive + checkACL "cn=Postfix" "${D}" children ${OPERATTRS} fripostCanAddAlias fripostCanAddList fripostOwner fripostPostmaster description fripostPendingToken fripostIsStatusActive done | isOK '=0$' children [ $? -eq 0 ] || exit $? msg "Can read and search the user attributes it needs" for U in ${USERS}; do search -s base -b "${U},${SUFFIXV}" "(fripostIsStatusActive=FALSE)" | grep -q '^dn: ' || \ - checkACL "cn=SMTP" "${U}" entry fvu fripostOptionalMaildrop + checkACL "cn=Postfix" "${U}" entry fvu fripostOptionalMaildrop done | isOK '=rsd$' entry [ $? -eq 0 ] || exit $? msg "Can search the user attributes it needs" for U in ${USERS}; do search -s base -b "${U},${SUFFIXV}" "(fripostIsStatusActive=FALSE)" | grep -q '^dn: ' || \ - checkACL "cn=SMTP" "${U}" objectClass + checkACL "cn=Postfix" "${U}" objectClass done | isOK '=s$' objectClass [ $? -eq 0 ] || exit $? msg "Have =0 access on other user attributes" for U in ${USERS}; do - checkACL "cn=SMTP" "${U}" children ${OPERATTRS} userPassword fripostUserQuota description fripostIsStatusActive + checkACL "cn=Postfix" "${U}" children ${OPERATTRS} userPassword fripostUserQuota description fripostIsStatusActive done | isOK '=0$' children [ $? -eq 0 ] || exit $? msg "Can read and search the alias attributes it needs" for A in ${ALIASES}; do search -s base -b "${A},${SUFFIXV}" "(fripostIsStatusActive=FALSE)" | grep -q '^dn: ' || \ - checkACL "cn=SMTP" "${A}" entry fva fripostMaildrop + checkACL "cn=Postfix" "${A}" entry fva fripostMaildrop done | isOK '=rsd$' entry [ $? -eq 0 ] || exit $? msg "Can search the alias attributes it needs" for A in ${ALIASES}; do search -s base -b "${A},${SUFFIXV}" "(fripostIsStatusActive=FALSE)" | grep -q '^dn: ' || \ - checkACL "cn=SMTP" "${A}" objectClass + checkACL "cn=Postfix" "${A}" objectClass done | isOK '=s$' objectClass [ $? -eq 0 ] || exit $? msg "Have =0 access on other alias attributes" for A in ${ALIASES}; do - checkACL "cn=SMTP" "${A}" children ${OPERATTRS} fripostOwner description fripostIsStatusActive + checkACL "cn=Postfix" "${A}" children ${OPERATTRS} fripostOwner description fripostIsStatusActive done | isOK '=0$' children [ $? -eq 0 ] || exit $? msg "Can read and search the list attributes it needs" for L in ${LISTS}; do search -s base -b "${L},${SUFFIXV}" "(|(fripostIsStatusActive=FALSE)(fripostPendingToken=*))" | grep -q '^dn: ' || \ - checkACL "cn=SMTP" "${L}" entry fvl fripostLocalAlias + checkACL "cn=Postfix" "${L}" entry fvl fripostLocalAlias done | isOK '=rsd$' entry [ $? -eq 0 ] || exit $? msg "Can search the list attributes it needs" for L in ${LISTS}; do search -s base -b "${L},${SUFFIXV}" "(|(fripostIsStatusActive=FALSE)(fripostPendingToken=*))" | grep -q '^dn: ' || \ - checkACL "cn=SMTP" "${L}" objectClass + checkACL "cn=Postfix" "${L}" objectClass done | isOK '=s$' objectClass [ $? -eq 0 ] || exit $? msg "Have =0 access on other list attributes" for L in ${LISTS}; do - checkACL "cn=SMTP" "${L}" children ${OPERATTRS} fripostListManager fripostOwner description fripostIsStatusActive fripostPendingToken + checkACL "cn=Postfix" "${L}" children ${OPERATTRS} fripostListManager fripostOwner description fripostIsStatusActive fripostPendingToken done | isOK '=0$' children [ $? -eq 0 ] || exit $? msg "Can read and search the list command attributes it needs" for LC in ${LISTSC}; do - checkACL "cn=SMTP" "${LC}" entry fvlc fripostLocalAlias + checkACL "cn=Postfix" "${LC}" entry fvlc fripostLocalAlias done | isOK '=rsd$' entry [ $? -eq 0 ] || exit $? msg "Can search the list command attributes it needs" for LC in ${LISTSC}; do - checkACL "cn=SMTP" "${LC}" objectClass + checkACL "cn=Postfix" "${LC}" objectClass done | isOK '=s$' objectClass [ $? -eq 0 ] || exit $? msg "Have =0 access on other list command attributes" for LC in ${LISTSC}; do - checkACL "cn=SMTP" "${LC}" children ${OPERATTRS} + checkACL "cn=Postfix" "${LC}" children ${OPERATTRS} done | isOK '=0$' children [ $? -eq 0 ] || exit $? |