Rudder's LDAP server configuration does not allow to query the monitor DB
Since we added strict ACLs in the LDAP server configuration for Rudder, it is no longer possible to query the cn=monitor backend, that provides useful statistics about the database usage and queries, in particular cache usage for the BDB/HDB backend.
This is because the ACLs do not allow any access except for the strict minimum, but the root DN for the main database bypasses ACLs so that has never been a problem. Since cn=monitor is actually a different database, the root DN from the main database doesn't have that bypass.
We need to add in an ACL to allow this.
#2 Updated by Jonathan CLARKE almost 2 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Jonathan CLARKE to Benoît PECCATTE
- Pull Request set to https://github.com/Normation/rudder-packages/pull/1151
#3 Updated by Jonathan CLARKE almost 2 years ago
- Status changed from Pending technical review to Pending release
- % Done changed from 0 to 100
Applied in changeset rudder-packages|bc859677c24657901015aff4eb1166d47910327a.
#4 Updated by Vincent MEMBRÉ almost 2 years ago
- Status changed from Pending release to Released