diff options
Diffstat (limited to 'contrib/amd/ldap-id.txt')
| -rw-r--r-- | contrib/amd/ldap-id.txt | 360 |
1 files changed, 360 insertions, 0 deletions
diff --git a/contrib/amd/ldap-id.txt b/contrib/amd/ldap-id.txt new file mode 100644 index 000000000000..162f66351850 --- /dev/null +++ b/contrib/amd/ldap-id.txt @@ -0,0 +1,360 @@ + + + + + + +INTERNET-DRAFT Leif Johansson +Intented Category: Experimental Stockholm University + + + + A directory (X.500 and LDAPv3) schema for Berkely automounter + + +1. Status of this Memo + + This memo describes a directory (LDAP or X.500) schema for storing amd (Berkely- + style automounter) mount info maps. The schema is currently beeing supported by + the (beta version of the) am-utils version 6 package [AMUTILS]. + +2. Overview and Rationale + + Directory services such as X.500 [X500] or LDAP [RFC2251] are a natural choice of + repository for amd mount map databases. All Object Identifiers in this document + are prefixed by amdSchema-id to be assigned later. The relation between this + schema and the automount schema elements in [HOWARD] are mostly superficial. The + model for the elements in [HOWARD] was the SUN automounter which has quite a + different syntax for mount maps. Furthermore the intended usage of this schema + differs from that of [HOWARD] in many respects. + +3. DSA requirements + + Directory servers implementing this schema SHOULD maintain the modifyTimestamp + operational attribute. If not the amdMapCacheTtl attribute SHOULD be set to 0 + indicating to clients that caching of map entries SHOULD be turned off. Clients + wishing to use the amdMap schema MAY use the modifyTimestamp information to set + the ttl for internal caching schemes. A value of 0 for the amdMapCacheTtl must + result in clients turning off any local caching. + +4. Syntax definitions + + The following attribute syntax is defined in this document: + + amdlocationlist + + This syntax represents a amd map value. This is the syntax expressed in BNF using + definitions from [RFC2252]: + + amdlocationlist = amdlocationselection | + amdlocationlist whsp "||" whsp amdlocationselection + + amdlocationselection = amdlocation | + amdlocationselection whsp amdlocation + + + + +Johansson [Page 1] + + + + + +Internet draft Berkeley AMD LDAP Schema 30 March 1998 + + + amdlocation = amdlocationinfo | + "-" amdlocationinfo | + "-" + + amdlocationinfo = seloropt | + amdlocationinfo ";" seloropt | + ";" + + seloropt = seletion | + optass + + selection = keystring "==" printablestring + keystring "!=" printablestring + + optass = keystring + + X.500 servers or LDAPv3 servers (supporting the binary attribute option) may use + the following syntax definition: + + AmdLocationList ::= SEQUENCE OF { + SEQUENCE OF { + location AmdLocation + } + } + + AmdLocation ::= SET OF { + CHOICE { + location [0] AmdLocationInfo + notlocation [1] AmdLocationInfo + not [2] NULL + } + } + + AmdLocationInfo ::= SET OF { + CHOICE { + selection [0] AmdSelection + option [1] AmdOption + } + } + + AmdSelection ::= CHOICE { + eq [0] AttributeAndValue + ne [1] AttributeAndValue + } + + AmdOption ::= AttributeAndValue + AttributeAndValue ::= SEQUENCE { + attribute IA5String + + + +Johansson [Page 2] + + + + + +Internet draft Berkeley AMD LDAP Schema 30 March 1998 + + + value IA5String + } + +5. Attribute types + + The following attribute types are defined in this document: + + amdMapName + amdMapCacheTtl + amdMapEntry + amdMapEntryKey + amdMapEntryValue + + amdSchema-a OBJECT IDENTIFIER ::= { amdSchema-id 1 } + + amdMapName ATTRIBUTE ::= { + WITH SYNTAX IA5String + EQUALITY MATCHING RULE caseIgoreExactMatch + --ID { amdSchema-a 1 } + DESCRIPTION + "This attribute is the symbolic and in the naming + context unique name of an amd map. This corresponds + in the case of a flat file database to the name of + the file or the mount-point of the map." + } + + + amdMapCacheTtl + ATTRIBUTE ::= { + WITH SYNTAX Integer + EQUALITY MATCHING RULE integerExactMatch + --ID { amdSchema-a 2 } + SINGLE VALUED + DESCRIPTION + "The maximum time-to-live for the entries in this + map. After this many milliseconds the map has to + be cleared from local caches and reloaded. A value + of 0 disables caching." + } + + amdMapEntry + ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATHCING RULE dNCaseIgnoreExactMatch + --ID { amdSchema-a 3 } + DESCRIPTION + "A multivalued attribute listing the distinguished + names of the amdMapEntries making up this amdMap + + + +Johansson [Page 3] + + + + + +Internet draft Berkeley AMD LDAP Schema 30 March 1998 + + + object." + } + + amdMapEntryKey ::= { + ATTRIBUTE ::= { + WITH SYNTAX IA5String + EQUALITY MATCHING RULE stringExactMatch + --ID { amdSchema-a 4 } + SINGLE VALUED + DESCRIPTION + "The value of this attribute is usually the name of + a mountpoint for this amdMapEntry." + } + + amdMapEntryValue ::= { + ATTRIBUTE ::= { + WITH SYNTAX AmdLocationList + --ID { amdSchema-a 5 } + DESCRIPTION + "This is the actual mount information for the amdMapEntry + using the syntax described above." + } + + amdMapEntryKey ::= { + ATTRIBUTE ::= { + WITH SYNTAX IA5String + EQUALITY MATCHING RULE stringExactMatch + --ID { amdSchema-a 4 } + SINGLE VALUED + DESCRIPTION + "The value of this attribute is usually the name of + a mountpoint for this amdMapEntry." + } + + amdMapEntryValue ::= { + ATTRIBUTE ::= { + WITH SYNTAX AmdLocationList + --ID { amdSchema-a 5 } + DESCRIPTION + "This is the actual mount information for the amdMapEntry + using the syntax described above." + } + +6. Object classes + + The following object classes are defined in this document: + + amdMap + + + +Johansson [Page 4] + + + + + +Internet draft Berkeley AMD LDAP Schema 30 March 1998 + + + amdMapEntry + + defined as follows: + + amdSchema-oc ::= { amdSchema-id 2 } + + amdMap OBJECT-CLASS ::= { + SUBCLASS OF { top } + KIND auxiliary + --ID { amdSchema-oc 1 } + MAY CONTAIN { amdMapCacheTtl , cn } + MUST CONTAIN { amdMapName , amdMapEntry } + } + + amdMapEntry OBJECT-CLASS ::= { + SUBCLASS OF { top } + KIND structural + --ID { amdSchema-oc 2 } + MUST CONTAIN { + amdMapName , + amdEntryKey , + amdEntryValue , + } MAY CONTAIN + { cn } DESCRIPTION "An entry of this + object class describes mount information relative to a + certain amdMap entry" + } + +7. Examples + + + +8. Security Considerations + + Due to the security problems posed by NFS care should be taken not to advertise + exported filesystems. Therefore it is often desirable to limit access to entries + carrying amd mount map information to those systems to which the corresponding + filesystems have been exported. + +9. References + + [AMUTILS] + am-utils homepage: http://shekel.cs.columbia.edu/~erez/am-utils.html + + [RFC2251] + M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access + Protocol (v3)", RFC 2251, December 1997. + + + + +Johansson [Page 5] + + + + + +Internet draft Berkeley AMD LDAP Schema 30 March 1998 + + + [RFC2252] + M. Wahl, A. Coulbeck, T. Howes, S. Kille, "Lightweight Directory + Access Protocol (v3): Attribute Syntax Definitions", RFC 2252, + December 1997. + + [RFC2253] + M. Wahl, S. Kille, T. Howes, "Lightweight Directory Access + Protocol (v3): UTF-8 String Representation of Distinguished + Names", RFC 2253, December 1997. + + [HOWARD] + Luke Howard, "An Approach for Using LDAP as a Network + Information Service", draft-howard-nis-schema-??.txt, Internet + draft. + + [X500] + ITU something or other. + + + +Author's Address + + + Leif Johansson + Department of Mathematics + Stockholm University + S-106 91 Stockholm + SWEDEN + + Email: leifj@matematik.su.se + + + + + + + + + + + + + + + + + + + + + +Johansson [Page 6] + + |