| blob | 77ff4ba1cb2bb2109f42dc57a1b175d6c6569273 |
1 .pl 10.0i
2 .po 0
3 .ll 8.5i
4 .lt 8.5i
5 .nr LL 8.5i
6 .nr LT 8.5i
7 .ds LF Johansson
8 .ds RF [Page %]
9 .ds CF
10 .ds LH Internet draft
11 .ds RH 30 March 1998
12 .ds CH Berkeley AMD LDAP Schema
13 .hy 0
14 .ad l
15 .in 0
16 INTERNET-DRAFT Leif Johansson
17 Intented Category: Experimental Stockholm University
21 .ce
22 A directory (X.500 and LDAPv3) schema for Berkely automounter
25 .ti 0
26 1. Status of this Memo
28 .fi
29 .in 3
30 This memo describes a directory (LDAP or X.500) schema for storing
31 amd (Berkely-style automounter) mount info maps. The schema is currently
32 beeing supported by the (beta version of the) am-utils version 6 package
33 [AMUTILS].
35 .ti 0
36 2. Overview and Rationale
38 Directory services such as X.500 [X500] or LDAP [RFC2251] are a natural
39 choice of repository for amd mount map databases. All Object Identifiers
40 in this document are prefixed by amdSchema-id to be assigned later. The
41 relation between this schema and the automount schema elements in [HOWARD]
42 are mostly superficial. The model for the elements in [HOWARD] was the SUN
43 automounter which has quite a different syntax for mount maps. Furthermore
44 the intended usage of this schema differs from that of [HOWARD] in many
45 respects.
47 .ti 0
48 3. DSA requirements
50 Directory servers implementing this schema SHOULD maintain the
51 modifyTimestamp operational attribute. If not the amdMapCacheTtl
52 attribute SHOULD be set to 0 indicating to clients that caching of
53 map entries SHOULD be turned off. Clients wishing to use the amdMap
54 schema MAY use the modifyTimestamp information to set the ttl for
55 internal caching schemes. A value of 0 for the amdMapCacheTtl must
56 result in clients turning off any local caching.
58 .ti 0
59 4. Syntax definitions
61 The following attribute syntax is defined in this document:
63 amdlocationlist
65 This syntax represents a amd map value. This is the syntax expressed
66 in BNF using definitions from [RFC2252]:
68 amdlocationlist = amdlocationselection |
69 amdlocationlist whsp "||" whsp amdlocationselection
71 amdlocationselection = amdlocation |
72 amdlocationselection whsp amdlocation
74 amdlocation = amdlocationinfo |
75 "-" amdlocationinfo |
76 "-"
78 amdlocationinfo = seloropt |
79 amdlocationinfo ";" seloropt |
80 ";"
82 seloropt = seletion |
83 optass
85 selection = keystring "==" printablestring
86 keystring "!=" printablestring
88 optass = keystring \":=\" printablestring
90 X.500 servers or LDAPv3 servers (supporting the binary attribute
91 option) may use the following syntax definition:
93 AmdLocationList ::= SEQUENCE OF {
94 SEQUENCE OF {
95 location AmdLocation
96 }
97 }
99 AmdLocation ::= SET OF {
100 CHOICE {
101 location [0] AmdLocationInfo
102 notlocation [1] AmdLocationInfo
103 not [2] NULL
104 }
105 }
107 AmdLocationInfo ::= SET OF {
108 CHOICE {
109 selection [0] AmdSelection
110 option [1] AmdOption
111 }
112 }
114 AmdSelection ::= CHOICE {
115 eq [0] AttributeAndValue
116 ne [1] AttributeAndValue
117 }
119 AmdOption ::= AttributeAndValue
121 AttributeAndValue ::= SEQUENCE {
122 attribute IA5String
123 value IA5String
124 }
126 .ti 0
127 5. Attribute types
129 The following attribute types are defined in this document:
131 amdMapName
132 amdMapCacheTtl
133 amdMapEntry
134 amdMapEntryKey
135 amdMapEntryValue
137 amdSchema-a OBJECT IDENTIFIER ::= { amdSchema-id 1 }
139 amdMapName
140 ATTRIBUTE ::= {
141 WITH SYNTAX IA5String
142 EQUALITY MATCHING RULE caseIgoreExactMatch
143 --ID { amdSchema-a 1 }
144 DESCRIPTION
145 "This attribute is the symbolic and in the naming
146 context unique name of an amd map. This corresponds
147 in the case of a flat file database to the name of
148 the file or the mount-point of the map."
149 }
152 amdMapCacheTtl
153 ATTRIBUTE ::= {
154 WITH SYNTAX Integer
155 EQUALITY MATCHING RULE integerExactMatch
156 --ID { amdSchema-a 2 }
157 SINGLE VALUED
158 DESCRIPTION
159 "The maximum time-to-live for the entries in this
160 map. After this many milliseconds the map has to
161 be cleared from local caches and reloaded. A value
162 of 0 disables caching."
163 }
165 amdMapEntry
166 ATTRIBUTE ::= {
167 WITH SYNTAX DistinguishedName
168 EQUALITY MATHCING RULE dNCaseIgnoreExactMatch
169 --ID { amdSchema-a 3 }
170 DESCRIPTION
171 "A multivalued attribute listing the distinguished
172 names of the amdMapEntries making up this amdMap
173 object."
174 }
176 amdMapEntryKey ::= {
177 ATTRIBUTE ::= {
178 WITH SYNTAX IA5String
179 EQUALITY MATCHING RULE stringExactMatch
180 --ID { amdSchema-a 4 }
181 SINGLE VALUED
182 DESCRIPTION
183 "The value of this attribute is usually the name of
184 a mountpoint for this amdMapEntry."
185 }
187 amdMapEntryValue ::= {
188 ATTRIBUTE ::= {
189 WITH SYNTAX AmdLocationList
190 --ID { amdSchema-a 5 }
191 DESCRIPTION
192 "This is the actual mount information for the amdMapEntry
193 using the syntax described above."
194 }
196 amdMapEntryKey ::= {
197 ATTRIBUTE ::= {
198 WITH SYNTAX IA5String
199 EQUALITY MATCHING RULE stringExactMatch
200 --ID { amdSchema-a 4 }
201 SINGLE VALUED
202 DESCRIPTION
203 "The value of this attribute is usually the name of
204 a mountpoint for this amdMapEntry."
205 }
207 amdMapEntryValue ::= {
208 ATTRIBUTE ::= {
209 WITH SYNTAX AmdLocationList
210 --ID { amdSchema-a 5 }
211 DESCRIPTION
212 "This is the actual mount information for the amdMapEntry
213 using the syntax described above."
214 }
216 .ti 0
217 6. Object classes
219 The following object classes are defined in this document:
221 amdMap
222 amdMapEntry
224 defined as follows:
226 amdSchema-oc ::= { amdSchema-id 2 }
228 amdMap OBJECT-CLASS ::= {
229 SUBCLASS OF { top }
230 KIND auxiliary
231 --ID { amdSchema-oc 1 }
232 MAY CONTAIN { amdMapCacheTtl , cn }
233 MUST CONTAIN { amdMapName , amdMapEntry }
234 }
236 amdMapEntry OBJECT-CLASS ::= {
237 SUBCLASS OF { top }
238 KIND structural
239 --ID { amdSchema-oc 2 }
240 MUST CONTAIN {
241 amdMapName ,
242 amdEntryKey ,
243 amdEntryValue ,
244 }
245 MAY CONTAIN { cn }
246 DESCRIPTION
247 "An entry of this object class describes mount
248 information relative to a certain amdMap entry"
249 }
251 .ti 0
252 7. Examples
256 .ti 0
257 8. Security Considerations
259 Due to the security problems posed by NFS care should be taken not to
260 advertise exported filesystems. Therefore it is often desirable to limit
261 access to entries carrying amd mount map information to those systems
262 to which the corresponding filesystems have been exported.
264 .ti 0
265 9. References
267 [AMUTILS]
268 am-utils homepage: http://shekel.cs.columbia.edu/~erez/am-utils.html
270 [RFC2251]
271 M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access
272 Protocol (v3)", RFC 2251, December 1997.
274 [RFC2252]
275 M. Wahl, A. Coulbeck, T. Howes, S. Kille, "Lightweight Directory
276 Access Protocol (v3): Attribute Syntax Definitions", RFC 2252,
277 December 1997.
279 [RFC2253]
280 M. Wahl, S. Kille, T. Howes, "Lightweight Directory Access
281 Protocol (v3): UTF-8 String Representation of Distinguished
282 Names", RFC 2253, December 1997.
284 [HOWARD]
285 Luke Howard, "An Approach for Using LDAP as a Network
286 Information Service", draft-howard-nis-schema-??.txt, Internet
287 draft.
289 [X500]
290 ITU something or other.
292 .in 3
295 .ti 0
296 Author's Address
298 .nf
300 Leif Johansson
301 Department of Mathematics
302 Stockholm University
303 S-106 91 Stockholm
304 SWEDEN
306 Email: leifj AT matematik.su.se