github-ldap 1.3.3 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (46) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +15 -2
  3. data/CHANGELOG.md +13 -0
  4. data/Gemfile +4 -0
  5. data/README.md +15 -1
  6. data/Rakefile +1 -1
  7. data/github-ldap.gemspec +2 -2
  8. data/lib/github/ldap.rb +55 -12
  9. data/lib/github/ldap/domain.rb +6 -2
  10. data/lib/github/ldap/filter.rb +15 -7
  11. data/lib/github/ldap/group.rb +1 -1
  12. data/lib/github/ldap/instrumentation.rb +28 -0
  13. data/lib/github/ldap/membership_validators.rb +18 -0
  14. data/lib/github/ldap/membership_validators/active_directory.rb +56 -0
  15. data/lib/github/ldap/membership_validators/base.rb +37 -0
  16. data/lib/github/ldap/membership_validators/classic.rb +34 -0
  17. data/lib/github/ldap/membership_validators/recursive.rb +93 -0
  18. data/lib/github/ldap/server.rb +2 -0
  19. data/script/changelog +29 -0
  20. data/script/cibuild-apacheds +7 -0
  21. data/script/cibuild-openldap +7 -0
  22. data/script/install-openldap +44 -0
  23. data/script/package +7 -0
  24. data/script/release +16 -0
  25. data/test/domain_test.rb +71 -89
  26. data/test/filter_test.rb +12 -1
  27. data/test/fixtures/common/seed.ldif +369 -0
  28. data/test/fixtures/openldap/memberof.ldif +33 -0
  29. data/test/fixtures/openldap/slapd.conf.ldif +67 -0
  30. data/test/fixtures/posixGroup.schema.ldif +34 -8
  31. data/test/group_test.rb +19 -25
  32. data/test/ldap_test.rb +28 -21
  33. data/test/membership_validators/active_directory_test.rb +68 -0
  34. data/test/membership_validators/classic_test.rb +51 -0
  35. data/test/membership_validators/recursive_test.rb +56 -0
  36. data/test/membership_validators_test.rb +46 -0
  37. data/test/posix_group_test.rb +25 -28
  38. data/test/support/vm/openldap/.gitignore +1 -0
  39. data/test/support/vm/openldap/README.md +32 -0
  40. data/test/support/vm/openldap/Vagrantfile +35 -0
  41. data/test/test_helper.rb +72 -10
  42. metadata +52 -27
  43. data/test/fixtures/github-with-looped-subgroups.ldif +0 -82
  44. data/test/fixtures/github-with-missing-entries.ldif +0 -85
  45. data/test/fixtures/github-with-posixGroups.ldif +0 -50
  46. data/test/fixtures/github-with-subgroups.ldif +0 -146
data/test/filter_test.rb CHANGED
@@ -20,7 +20,8 @@ class FilterTest < Minitest::Test
20
20
  @subject = Subject.new(@ldap)
21
21
  @me = 'uid=calavera,dc=github,dc=com'
22
22
  @uid = "calavera"
23
- @entry = Entry.new(@me, @uid)
23
+ @entry = Net::LDAP::Entry.new(@me)
24
+ @entry[:uid] = @uid
24
25
  end
25
26
 
26
27
  def test_member_present
@@ -32,6 +33,11 @@ class FilterTest < Minitest::Test
32
33
  @subject.member_filter(@entry).to_s
33
34
  end
34
35
 
36
+ def test_member_equal_with_string
37
+ assert_equal "(|(member=#{@me})(uniqueMember=#{@me}))",
38
+ @subject.member_filter(@entry.dn).to_s
39
+ end
40
+
35
41
  def test_posix_member_without_uid
36
42
  @entry.uid = nil
37
43
  assert_nil @subject.posix_member_filter(@entry, @ldap.uid)
@@ -42,6 +48,11 @@ class FilterTest < Minitest::Test
42
48
  @subject.posix_member_filter(@entry, @ldap.uid).to_s
43
49
  end
44
50
 
51
+ def test_posix_member_equal_string
52
+ assert_equal "(memberUid=#{@uid})",
53
+ @subject.posix_member_filter(@uid).to_s
54
+ end
55
+
45
56
  def test_groups_reduced
46
57
  assert_equal "(|(cn=Enterprise)(cn=People))",
47
58
  @subject.group_filter(%w(Enterprise People)).to_s
@@ -0,0 +1,369 @@
1
+ dn: ou=People,dc=github,dc=com
2
+ objectClass: top
3
+ objectClass: organizationalUnit
4
+ ou: People
5
+
6
+ dn: ou=Groups,dc=github,dc=com
7
+ objectClass: top
8
+ objectClass: organizationalUnit
9
+ ou: Groups
10
+
11
+ # Directory Superuser
12
+ dn: uid=admin,dc=github,dc=com
13
+ uid: admin
14
+ cn: system administrator
15
+ sn: administrator
16
+ objectClass: top
17
+ objectClass: person
18
+ objectClass: organizationalPerson
19
+ objectClass: inetOrgPerson
20
+ displayName: Directory Superuser
21
+ userPassword: passworD1
22
+
23
+ # Users 1-10
24
+
25
+ dn: uid=user1,ou=People,dc=github,dc=com
26
+ uid: user1
27
+ cn: user1
28
+ sn: user1
29
+ objectClass: top
30
+ objectClass: person
31
+ objectClass: organizationalPerson
32
+ objectClass: inetOrgPerson
33
+ userPassword: passworD1
34
+ mail: user1@github.com
35
+
36
+ dn: uid=user2,ou=People,dc=github,dc=com
37
+ uid: user2
38
+ cn: user2
39
+ sn: user2
40
+ objectClass: top
41
+ objectClass: person
42
+ objectClass: organizationalPerson
43
+ objectClass: inetOrgPerson
44
+ userPassword: passworD1
45
+ mail: user2@github.com
46
+
47
+ dn: uid=user3,ou=People,dc=github,dc=com
48
+ uid: user3
49
+ cn: user3
50
+ sn: user3
51
+ objectClass: top
52
+ objectClass: person
53
+ objectClass: organizationalPerson
54
+ objectClass: inetOrgPerson
55
+ userPassword: passworD1
56
+ mail: user3@github.com
57
+
58
+ dn: uid=user4,ou=People,dc=github,dc=com
59
+ uid: user4
60
+ cn: user4
61
+ sn: user4
62
+ objectClass: top
63
+ objectClass: person
64
+ objectClass: organizationalPerson
65
+ objectClass: inetOrgPerson
66
+ userPassword: passworD1
67
+ mail: user4@github.com
68
+
69
+ dn: uid=user5,ou=People,dc=github,dc=com
70
+ uid: user5
71
+ cn: user5
72
+ sn: user5
73
+ objectClass: top
74
+ objectClass: person
75
+ objectClass: organizationalPerson
76
+ objectClass: inetOrgPerson
77
+ userPassword: passworD1
78
+ mail: user5@github.com
79
+
80
+ dn: uid=user6,ou=People,dc=github,dc=com
81
+ uid: user6
82
+ cn: user6
83
+ sn: user6
84
+ objectClass: top
85
+ objectClass: person
86
+ objectClass: organizationalPerson
87
+ objectClass: inetOrgPerson
88
+ userPassword: passworD1
89
+ mail: user6@github.com
90
+
91
+ dn: uid=user7,ou=People,dc=github,dc=com
92
+ uid: user7
93
+ cn: user7
94
+ sn: user7
95
+ objectClass: top
96
+ objectClass: person
97
+ objectClass: organizationalPerson
98
+ objectClass: inetOrgPerson
99
+ userPassword: passworD1
100
+ mail: user7@github.com
101
+
102
+ dn: uid=user8,ou=People,dc=github,dc=com
103
+ uid: user8
104
+ cn: user8
105
+ sn: user8
106
+ objectClass: top
107
+ objectClass: person
108
+ objectClass: organizationalPerson
109
+ objectClass: inetOrgPerson
110
+ userPassword: passworD1
111
+ mail: user8@github.com
112
+
113
+ dn: uid=user9,ou=People,dc=github,dc=com
114
+ uid: user9
115
+ cn: user9
116
+ sn: user9
117
+ objectClass: top
118
+ objectClass: person
119
+ objectClass: organizationalPerson
120
+ objectClass: inetOrgPerson
121
+ userPassword: passworD1
122
+ mail: user9@github.com
123
+
124
+ dn: uid=user10,ou=People,dc=github,dc=com
125
+ uid: user10
126
+ cn: user10
127
+ sn: user10
128
+ objectClass: top
129
+ objectClass: person
130
+ objectClass: organizationalPerson
131
+ objectClass: inetOrgPerson
132
+ userPassword: passworD1
133
+ mail: user10@github.com
134
+
135
+ # Emailless User
136
+
137
+ dn: uid=emailless-user1,ou=People,dc=github,dc=com
138
+ uid: emailless-user1
139
+ cn: emailless-user1
140
+ sn: emailless-user1
141
+ objectClass: top
142
+ objectClass: person
143
+ objectClass: organizationalPerson
144
+ objectClass: inetOrgPerson
145
+ userPassword: passworD1
146
+
147
+ # Groupless User
148
+
149
+ dn: uid=groupless-user1,ou=People,dc=github,dc=com
150
+ uid: groupless-user1
151
+ cn: groupless-user1
152
+ sn: groupless-user1
153
+ objectClass: top
154
+ objectClass: person
155
+ objectClass: organizationalPerson
156
+ objectClass: inetOrgPerson
157
+ userPassword: passworD1
158
+
159
+ # Admin User
160
+
161
+ dn: uid=admin1,ou=People,dc=github,dc=com
162
+ uid: admin1
163
+ cn: admin1
164
+ sn: admin1
165
+ objectClass: top
166
+ objectClass: person
167
+ objectClass: organizationalPerson
168
+ objectClass: inetOrgPerson
169
+ userPassword: passworD1
170
+ mail: admin1@github.com
171
+
172
+ # Groups
173
+
174
+ dn: cn=ghe-users,ou=Groups,dc=github,dc=com
175
+ cn: ghe-users
176
+ objectClass: groupOfNames
177
+ member: uid=user1,ou=People,dc=github,dc=com
178
+ member: uid=emailless-user1,ou=People,dc=github,dc=com
179
+
180
+ dn: cn=all-users,ou=Groups,dc=github,dc=com
181
+ cn: all-users
182
+ objectClass: groupOfNames
183
+ member: cn=ghe-users,ou=Groups,dc=github,dc=com
184
+ member: uid=user1,ou=People,dc=github,dc=com
185
+ member: uid=user2,ou=People,dc=github,dc=com
186
+ member: uid=user3,ou=People,dc=github,dc=com
187
+ member: uid=user4,ou=People,dc=github,dc=com
188
+ member: uid=user5,ou=People,dc=github,dc=com
189
+ member: uid=user6,ou=People,dc=github,dc=com
190
+ member: uid=user7,ou=People,dc=github,dc=com
191
+ member: uid=user8,ou=People,dc=github,dc=com
192
+ member: uid=user9,ou=People,dc=github,dc=com
193
+ member: uid=user10,ou=People,dc=github,dc=com
194
+ member: uid=emailless-user1,ou=People,dc=github,dc=com
195
+
196
+ dn: cn=ghe-admins,ou=Groups,dc=github,dc=com
197
+ cn: ghe-admins
198
+ objectClass: groupOfNames
199
+ member: uid=admin1,ou=People,dc=github,dc=com
200
+
201
+ dn: cn=all-admins,ou=Groups,dc=github,dc=com
202
+ cn: all-admins
203
+ objectClass: groupOfNames
204
+ member: cn=ghe-admins,ou=Groups,dc=github,dc=com
205
+ member: uid=admin1,ou=People,dc=github,dc=com
206
+
207
+ dn: cn=n-member-group10,ou=Groups,dc=github,dc=com
208
+ cn: n-member-group10
209
+ objectClass: groupOfNames
210
+ member: uid=user1,ou=People,dc=github,dc=com
211
+ member: uid=user2,ou=People,dc=github,dc=com
212
+ member: uid=user3,ou=People,dc=github,dc=com
213
+ member: uid=user4,ou=People,dc=github,dc=com
214
+ member: uid=user5,ou=People,dc=github,dc=com
215
+ member: uid=user6,ou=People,dc=github,dc=com
216
+ member: uid=user7,ou=People,dc=github,dc=com
217
+ member: uid=user8,ou=People,dc=github,dc=com
218
+ member: uid=user9,ou=People,dc=github,dc=com
219
+ member: uid=user10,ou=People,dc=github,dc=com
220
+
221
+ dn: cn=nested-group1,ou=Groups,dc=github,dc=com
222
+ cn: nested-group1
223
+ objectClass: groupOfNames
224
+ member: uid=user1,ou=People,dc=github,dc=com
225
+ member: uid=user2,ou=People,dc=github,dc=com
226
+ member: uid=user3,ou=People,dc=github,dc=com
227
+ member: uid=user4,ou=People,dc=github,dc=com
228
+ member: uid=user5,ou=People,dc=github,dc=com
229
+ member: uid=user6,ou=People,dc=github,dc=com
230
+ member: uid=user7,ou=People,dc=github,dc=com
231
+ member: uid=user8,ou=People,dc=github,dc=com
232
+ member: uid=user9,ou=People,dc=github,dc=com
233
+ member: uid=user10,ou=People,dc=github,dc=com
234
+
235
+ dn: cn=nested-groups,ou=Groups,dc=github,dc=com
236
+ cn: nested-groups
237
+ objectClass: groupOfNames
238
+ member: cn=nested-group1,ou=Groups,dc=github,dc=com
239
+
240
+ dn: cn=n-member-nested-group1,ou=Groups,dc=github,dc=com
241
+ cn: n-member-nested-group1
242
+ objectClass: groupOfNames
243
+ member: cn=nested-group1,ou=Groups,dc=github,dc=com
244
+
245
+ dn: cn=deeply-nested-group0.0.0,ou=Groups,dc=github,dc=com
246
+ cn: deeply-nested-group0.0.0
247
+ objectClass: groupOfNames
248
+ member: uid=user1,ou=People,dc=github,dc=com
249
+ member: uid=user2,ou=People,dc=github,dc=com
250
+ member: uid=user3,ou=People,dc=github,dc=com
251
+ member: uid=user4,ou=People,dc=github,dc=com
252
+ member: uid=user5,ou=People,dc=github,dc=com
253
+
254
+ dn: cn=deeply-nested-group0.0.1,ou=Groups,dc=github,dc=com
255
+ cn: deeply-nested-group0.0.1
256
+ objectClass: groupOfNames
257
+ member: uid=user6,ou=People,dc=github,dc=com
258
+ member: uid=user7,ou=People,dc=github,dc=com
259
+ member: uid=user8,ou=People,dc=github,dc=com
260
+ member: uid=user9,ou=People,dc=github,dc=com
261
+ member: uid=user10,ou=People,dc=github,dc=com
262
+
263
+ dn: cn=deeply-nested-group0.0,ou=Groups,dc=github,dc=com
264
+ cn: deeply-nested-group0.0
265
+ objectClass: groupOfNames
266
+ member: cn=deeply-nested-group0.0.0,ou=Groups,dc=github,dc=com
267
+ member: cn=deeply-nested-group0.0.1,ou=Groups,dc=github,dc=com
268
+
269
+ dn: cn=deeply-nested-group0,ou=Groups,dc=github,dc=com
270
+ cn: deeply-nested-group0
271
+ objectClass: groupOfNames
272
+ member: cn=deeply-nested-group0.0,ou=Groups,dc=github,dc=com
273
+
274
+ dn: cn=deeply-nested-groups,ou=Groups,dc=github,dc=com
275
+ cn: deeply-nested-groups
276
+ objectClass: groupOfNames
277
+ member: cn=deeply-nested-group0,ou=Groups,dc=github,dc=com
278
+
279
+ dn: cn=n-depth-nested-group1,ou=Groups,dc=github,dc=com
280
+ cn: n-depth-nested-group1
281
+ objectClass: groupOfNames
282
+ member: cn=nested-group1,ou=Groups,dc=github,dc=com
283
+
284
+ dn: cn=n-depth-nested-group2,ou=Groups,dc=github,dc=com
285
+ cn: n-depth-nested-group2
286
+ objectClass: groupOfNames
287
+ member: cn=n-depth-nested-group1,ou=Groups,dc=github,dc=com
288
+
289
+ dn: cn=n-depth-nested-group3,ou=Groups,dc=github,dc=com
290
+ cn: n-depth-nested-group3
291
+ objectClass: groupOfNames
292
+ member: cn=n-depth-nested-group2,ou=Groups,dc=github,dc=com
293
+
294
+ dn: cn=n-depth-nested-group4,ou=Groups,dc=github,dc=com
295
+ cn: n-depth-nested-group4
296
+ objectClass: groupOfNames
297
+ member: cn=n-depth-nested-group3,ou=Groups,dc=github,dc=com
298
+
299
+ dn: cn=n-depth-nested-group5,ou=Groups,dc=github,dc=com
300
+ cn: n-depth-nested-group5
301
+ objectClass: groupOfNames
302
+ member: cn=n-depth-nested-group4,ou=Groups,dc=github,dc=com
303
+
304
+ dn: cn=n-depth-nested-group6,ou=Groups,dc=github,dc=com
305
+ cn: n-depth-nested-group6
306
+ objectClass: groupOfNames
307
+ member: cn=n-depth-nested-group5,ou=Groups,dc=github,dc=com
308
+
309
+ dn: cn=n-depth-nested-group7,ou=Groups,dc=github,dc=com
310
+ cn: n-depth-nested-group7
311
+ objectClass: groupOfNames
312
+ member: cn=n-depth-nested-group6,ou=Groups,dc=github,dc=com
313
+
314
+ dn: cn=n-depth-nested-group8,ou=Groups,dc=github,dc=com
315
+ cn: n-depth-nested-group8
316
+ objectClass: groupOfNames
317
+ member: cn=n-depth-nested-group7,ou=Groups,dc=github,dc=com
318
+
319
+ dn: cn=n-depth-nested-group9,ou=Groups,dc=github,dc=com
320
+ cn: n-depth-nested-group9
321
+ objectClass: groupOfNames
322
+ member: cn=n-depth-nested-group8,ou=Groups,dc=github,dc=com
323
+
324
+ dn: cn=head-group,ou=Groups,dc=github,dc=com
325
+ cn: head-group
326
+ objectClass: groupOfNames
327
+ member: cn=tail-group,ou=Groups,dc=github,dc=com
328
+ member: uid=user1,ou=People,dc=github,dc=com
329
+ member: uid=user2,ou=People,dc=github,dc=com
330
+ member: uid=user3,ou=People,dc=github,dc=com
331
+ member: uid=user4,ou=People,dc=github,dc=com
332
+ member: uid=user5,ou=People,dc=github,dc=com
333
+
334
+ dn: cn=tail-group,ou=Groups,dc=github,dc=com
335
+ cn: tail-group
336
+ objectClass: groupOfNames
337
+ member: cn=head-group,ou=Groups,dc=github,dc=com
338
+ member: uid=user6,ou=People,dc=github,dc=com
339
+ member: uid=user7,ou=People,dc=github,dc=com
340
+ member: uid=user8,ou=People,dc=github,dc=com
341
+ member: uid=user9,ou=People,dc=github,dc=com
342
+ member: uid=user10,ou=People,dc=github,dc=com
343
+
344
+ dn: cn=recursively-nested-groups,ou=Groups,dc=github,dc=com
345
+ cn: recursively-nested-groups
346
+ objectClass: groupOfNames
347
+ member: cn=head-group,ou=Groups,dc=github,dc=com
348
+ member: cn=tail-group,ou=Groups,dc=github,dc=com
349
+
350
+ # posixGroup
351
+
352
+ dn: cn=posix-group1,ou=Groups,dc=github,dc=com
353
+ cn: posix-group1
354
+ objectClass: posixGroup
355
+ gidNumber: 1001
356
+ memberUid: user1
357
+ memberUid: user2
358
+ memberUid: user3
359
+ memberUid: user4
360
+ memberUid: user5
361
+
362
+ # missing members
363
+
364
+ dn: cn=missing-users,ou=Groups,dc=github,dc=com
365
+ cn: missing-users
366
+ objectClass: groupOfNames
367
+ member: uid=user1,ou=People,dc=github,dc=com
368
+ member: uid=user2,ou=People,dc=github,dc=com
369
+ member: uid=nonexistent-user,ou=People,dc=github,dc=com
@@ -0,0 +1,33 @@
1
+ dn: cn=module,cn=config
2
+ cn: module
3
+ objectClass: olcModuleList
4
+ objectClass: top
5
+ olcModulePath: /usr/lib/ldap
6
+ olcModuleLoad: memberof.la
7
+
8
+ dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config
9
+ objectClass: olcConfig
10
+ objectClass: olcMemberOf
11
+ objectClass: olcOverlayConfig
12
+ objectClass: top
13
+ olcOverlay: memberof
14
+ olcMemberOfDangling: ignore
15
+ olcMemberOfRefInt: TRUE
16
+ olcMemberOfGroupOC: groupOfNames
17
+ olcMemberOfMemberAD: member
18
+ olcMemberOfMemberOfAD: memberOf
19
+
20
+ dn: cn=module,cn=config
21
+ cn: module
22
+ objectclass: olcModuleList
23
+ objectclass: top
24
+ olcmoduleload: refint.la
25
+ olcmodulepath: /usr/lib/ldap
26
+
27
+ dn: olcOverlay={1}refint,olcDatabase={1}hdb,cn=config
28
+ objectClass: olcConfig
29
+ objectClass: olcOverlayConfig
30
+ objectClass: olcRefintConfig
31
+ objectClass: top
32
+ olcOverlay: {1}refint
33
+ olcRefintAttribute: memberof member manager owner
@@ -0,0 +1,67 @@
1
+ dn: cn=config
2
+ objectClass: olcGlobal
3
+ cn: config
4
+ olcPidFile: /var/run/slapd/slapd.pid
5
+ olcArgsFile: /var/run/slapd/slapd.args
6
+ olcLogLevel: none
7
+ olcToolThreads: 1
8
+
9
+ dn: olcDatabase={-1}frontend,cn=config
10
+ objectClass: olcDatabaseConfig
11
+ objectClass: olcFrontendConfig
12
+ olcDatabase: {-1}frontend
13
+ olcSizeLimit: 500
14
+ olcAccess: {0}to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
15
+ olcAccess: {1}to dn.exact="" by * read
16
+ olcAccess: {2}to dn.base="cn=Subschema" by * read
17
+
18
+ dn: olcDatabase=config,cn=config
19
+ objectClass: olcDatabaseConfig
20
+ olcDatabase: config
21
+ olcAccess: to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
22
+
23
+ dn: cn=schema,cn=config
24
+ objectClass: olcSchemaConfig
25
+ cn: schema
26
+
27
+ include: file:///etc/ldap/schema/core.ldif
28
+ include: file:///etc/ldap/schema/cosine.ldif
29
+ include: file:///etc/ldap/schema/nis.ldif
30
+ include: file:///etc/ldap/schema/inetorgperson.ldif
31
+
32
+ dn: cn=module{0},cn=config
33
+ objectClass: olcModuleList
34
+ cn: module{0}
35
+ olcModulePath: /usr/lib/ldap
36
+ olcModuleLoad: back_hdb
37
+
38
+ dn: olcBackend=hdb,cn=config
39
+ objectClass: olcBackendConfig
40
+ olcBackend: hdb
41
+
42
+ dn: olcDatabase=hdb,cn=config
43
+ objectClass: olcDatabaseConfig
44
+ objectClass: olcHdbConfig
45
+ olcDatabase: hdb
46
+ olcDbCheckpoint: 512 30
47
+ olcDbConfig: set_cachesize 1 0 0
48
+ olcDbConfig: set_lk_max_objects 1500
49
+ olcDbConfig: set_lk_max_locks 1500
50
+ olcDbConfig: set_lk_max_lockers 1500
51
+ olcLastMod: TRUE
52
+ olcSuffix: dc=github,dc=com
53
+ olcDbDirectory: /var/lib/ldap
54
+ olcRootDN: cn=admin,dc=github,dc=com
55
+ # admin's password: "passworD1"
56
+ olcRootPW: {SHA}LFSkM9eegU6j3PeGG7UuHrT/KZM=
57
+ olcDbIndex: objectClass eq
58
+ olcAccess: to attrs=userPassword,shadowLastChange
59
+ by self write
60
+ by anonymous auth
61
+ by dn="cn=admin,dc=github,dc=com" write
62
+ by * none
63
+ olcAccess: to dn.base="" by * read
64
+ olcAccess: to *
65
+ by self write
66
+ by dn="cn=admin,dc=github,dc=com" write
67
+ by * read