On 8/12/2011 5:24 p.m., Eugene M. Zheganin wrote:
> Hi.
>
> On 07.12.2011 17:44, Amos Jeffries wrote:
>> Minor bug, the bracketed () message is wrong about the state. It is
>> actually still waiting for the lookup to complete.
>>
>> What you should find is that some unknown time later (helper response
>> delay, maybe up to 50-100 milliseconds?) you get another mention of
>> testing checklist 0x802797a18. That will have a second allow/skip
>> action response to this test followed by any continuing steps the ACL
>> lookups may have done.
>>
> Okay. You were of course right, I did found that ACL finally matched.
> So may be this post isn't at all about the subject. I remember thet in
> 2.6 there was an explicit message about the reason of allowing or
> disallowing a request, it sounded like 'The request of Foo/Bar was
> <allowed|denied> because it matched the <ACL name>'. It looks like in
> 3.x there's no such explicit message, is it ? May be there's a similar
> message, so can you please point to it, so I can debug further ?
This is displayed at: debug_options 85,2
NP: the "allowed/denied" has changed to a number in the more recent 3.x
versions to debug the
allow/deny/dunno/auth-required/auth-failed/auth-missing/auth-expired-but-okay
states and other extensions to the ACL system.
Amos
Received on Thu Dec 08 2011 - 05:02:22 MST
This archive was generated by hypermail 2.2.0 : Thu Dec 08 2011 - 12:00:02 MST