Re: Re: automount

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

There has been a lot of confusion around this issue (mostly on my part). I think one of the problems is that rfc2307 support from OS vendors is now deprecated in favor of rfc2307bis http://www.ietf.org/internet-drafts/draft-howard-rfc2307bis-01.txt, which is still in Internet Draft phase (and is due to expire very quickly). A new draft is being worked on with the goal of generating a new RFC. The bis draft has one problem with it, in that it requires the use of the authPassword attribute (defined in RFC 3112 http://www.ietf.org/rfc/rfc3112.txt). FDS does not support this (and neither does OpenLDAP AFAICT). I have attached a file called 10rfc2307bis.ldif. This is the schema from the 2307bis I-D in FDS schema format.
The preferred way to map the automount information is to use the automount attributes and objectclasses in the RFC 2307bis draft schema. The problem is that I don't know all of the vendor support. So far I've been unable to find out what RHEL3 and RHEL4 support. I've been told that Solaris has support for the bis schema.
If you like, you can replace the 10rfc2307.ldif schema supplied with FDS with the attached file, and see what happens. 

Vsevolod (Simon) Ilyushchenko wrote:


Hi,

I've just ran into the issue described here:
http://www.ldapguru.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=1478&forum=24
The problem is that both Fedora and Solaris would like to use object class named "automount" for automount entries, but they define it differently. The solution suggested above is to modify the relevant object classes so that they contain the superset of the attributes for both platforms.
You (Rich) and others say that there should be a transition to nisObject/nisMap structure, but I still don't know where Fedora stands in this regard. 

Thanks,
Simon

Rich Megginson wrote on 07/13/2005 03:51 PM:
OK, I'll reconfigure my entries. Does Fedora automounter understand the netgroups structure? 



I'm trying to find out some information about this.




dn: cn=schema
attributetypes: ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'An integer uniquely identifying a user in an administrative domain' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.1 NAME 'gidNumber' DESC 'An integer uniquely identifying a group in an administrative domain' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; the common name' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory' DESC 'The absolute path to the home directory' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.4 NAME 'loginShell' DESC 'The path to the login shell' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.6 NAME 'shadowMin' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.7 NAME 'shadowMax' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.12 NAME 'memberUid' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
attributetypes: ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
attributetypes: ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple' DESC 'Netgroup triple' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
attributetypes: ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort' DESC 'Service port number' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol' DESC 'Service protocol name' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 
attributetypes: ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber' DESC 'IP protocol number' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber' DESC 'ONC RPC number' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber' DESC 'IPv4 addresses as a dotted decimal omitting leading zeros or IPv6 addresses as defined in RFC2373' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) 
attributetypes: ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber' DESC 'IP network omitting leading zeros, eg. 192.168' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber' DESC 'IP netmask omitting leading zeros, eg. 255.255.255.0' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.22 NAME 'macAddress' DESC 'MAC address in maximal, colon separated hex notation, eg. 00:00:92:90:ee:e2' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) 
attributetypes: ( 1.3.6.1.1.1.1.23 NAME 'bootParameter' DESC 'rpc.bootparamd parameter' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) 
attributetypes: ( 1.3.6.1.1.1.1.24 NAME 'bootFile' DESC 'Boot image name' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) 
attributetypes: ( 1.3.6.1.1.1.1.26 NAME 'nisMapName' DESC 'Name of a generic NIS map' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{64} ) 
attributetypes: ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry' DESC 'A generic NIS entry' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.28 NAME 'nisPublicKey' DESC 'NIS public key' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.29 NAME 'nisSecretKey' DESC 'NIS secret key' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.30 NAME 'nisDomain' DESC 'NIS domain' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) 
attributetypes: ( 1.3.6.1.1.1.1.31 NAME 'automountMapName' DESC 'automount Map Name' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.32 NAME 'automountKey' DESC 'Automount Key value' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) 
attributetypes: ( 1.3.6.1.1.1.1.33 NAME 'automountInformation' DESC 'Automount information' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) 
objectclasses: ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' SUP top AUXILIARY DESC 'Abstraction of an account with POSIX attributes' MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ description ) ) 
objectclasses: ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount' SUP top AUXILIARY DESC 'Additional attributes for shadow passwords' MUST uid MAY ( userPassword $ description $ shadowLastChange $ shadowMin $ shadowMax $ shadowWarning $ shadowInactive $ shadowExpire $ shadowFlag ) ) 
objectclasses: ( 1.3.6.1.1.1.2.2 NAME 'posixGroup' SUP top AUXILIARY DESC 'Abstraction of a group of accounts' MUST gidNumber MAY ( userPassword $ memberUid $ description ) ) 
objectclasses: ( 1.3.6.1.1.1.2.3 NAME 'ipService' SUP top STRUCTURAL DESC 'Abstraction an Internet Protocol service. Maps an IP port and protocol (such as tcp or udp) to one or more names; the distinguished value of the cn attribute denotes the service's canonical name' MUST ( cn $ ipServicePort $ ipServiceProtocol ) MAY description ) 
objectclasses: ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol' SUP top STRUCTURAL DESC 'Abstraction of an IP protocol. Maps a protocol number to one or more names. The distinguished value of the cn attribute denotes the protocol canonical name' MUST ( cn $ ipProtocolNumber ) MAY description ) 
objectclasses: ( 1.3.6.1.1.1.2.5 NAME 'oncRpc' SUP top STRUCTURAL DESC 'Abstraction of an Open Network Computing (ONC) [RFC1057] Remote Procedure Call (RPC) binding. This class maps an ONC RPC number to a name. The distinguished value of the cn attribute denotes the RPC service canonical name' MUST ( cn $ oncRpcNumber ) MAY description ) 
objectclasses: ( 1.3.6.1.1.1.2.6 NAME 'ipHost' SUP top AUXILIARY DESC 'Abstraction of a host, an IP device. The distinguished value of the cn attribute denotes the host's canonical name. Device SHOULD be used as a structural class' MUST ( cn $ ipHostNumber ) MAY ( userPassword $ l $ description $ manager ) ) 
objectclasses: ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork' SUP top STRUCTURAL DESC 'Abstraction of a network. The distinguished value of the cn attribute denotes the network canonical name' MUST ipNetworkNumber MAY ( cn $ ipNetmaskNumber $ l $ description $ manager ) ) 
objectclasses: ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup' SUP top STRUCTURAL DESC 'Abstraction of a netgroup. May refer to other netgroups' MUST cn MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) ) 
objectclasses: ( 1.3.6.1.1.1.2.9 NAME 'nisMap' SUP top STRUCTURAL DESC 'A generic abstraction of a NIS map' MUST nisMapName MAY description ) 
objectclasses: ( 1.3.6.1.1.1.2.10 NAME 'nisObject' SUP top STRUCTURAL DESC 'An entry in a NIS map' MUST ( cn $ nisMapEntry $ nisMapName ) MAY description ) 
objectclasses: ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device' SUP top AUXILIARY DESC 'A device with a MAC address; device SHOULD be used as a structural class' MAY macAddress ) 
objectclasses: ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice' SUP top AUXILIARY DESC 'A device with boot parameters; device SHOULD be used as a structural class' MAY ( bootFile $ bootParameter ) ) 
objectclasses: ( 1.3.6.1.1.1.2.14 NAME 'nisKeyObject' SUP top AUXILIARY DESC 'An object with a public and secret key' MUST ( cn $ nisPublicKey $ nisSecretKey ) MAY ( uidNumber $ description ) ) 
objectclasses: ( 1.3.6.1.1.1.2.15 NAME 'nisDomainObject' SUP top AUXILIARY DESC 'Associates a NIS domain with a naming context' MUST nisDomain ) 
objectclasses: ( 1.3.6.1.1.1.2.16 NAME 'automountMap' SUP top STRUCTURAL MUST ( automountMapName ) MAY description ) 
objectclasses: ( 1.3.6.1.1.1.2.17 NAME 'automount' SUP top STRUCTURAL DESC 'Automount information' MUST ( automountKey $ automountInformation ) MAY description )

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux