purge old logs

[mirror/userdir-ldap.git] / userdir-ldap-slapd.conf.in

diff --git a/userdir-ldap-slapd.conf.in b/userdir-ldap-slapd.conf.in
index 0669580..64759e4 100644 (file)
--- a/userdir-ldap-slapd.conf.in
+++ b/userdir-ldap-slapd.conf.in
@@ -12,6 +12,7 @@ overlay accesslog
 logdb cn=log
 logops writes
 logold (objectclass=top)
+logpurge 90+00:00 1+00:00
 
 moduleload      constraint
 overlay constraint
@@ -47,7 +48,7 @@ access to filter="(!(supplementaryGid=adm))" attrs=keyFingerPrint
        by * break
 
 # allow users write access to an explicit subset of their fields
-access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist,mailContentInspectionAction,mailDefaultOptions,facsimileTelephoneNumber,telephoneNumber,postalAddress,postalCode,loginShell,onVacation,privateSub,latitude,longitude,VoIP,userPassword,sudoPassword,bATVToken
+access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist,mailContentInspectionAction,mailDefaultOptions,facsimileTelephoneNumber,telephoneNumber,postalAddress,postalCode,loginShell,onVacation,privateSub,latitude,longitude,VoIP,userPassword,sudoPassword,webPassword,bATVToken
        by self write
        by * break
 
@@ -57,7 +58,7 @@ access to attrs=c,l,loginShell,ircNick,labeledURI,icqUIN,jabberJID,onVacation,bi
 ##
 
 # allow authn/z by anyone
-access to attrs=userPassword,sudoPassword,bATVToken
+access to attrs=userPassword,sudoPassword,webPassword,bATVToken
        by * compare
 
 # readable only by self