| blob | 33a9187b7684bdf815f4e8283b9c7424af6d5107 |
7 INTERNET-DRAFT Leif Johansson
8 Intented Category: Experimental Stockholm University
12 A directory (X.500 and LDAPv3) schema for Berkely automounter
15 1. Status of this Memo
17 This memo describes a directory (LDAP or X.500) schema for storing amd (Berkely-
18 style automounter) mount info maps. The schema is currently beeing supported by
19 the (beta version of the) am-utils version 6 package [AMUTILS].
21 2. Overview and Rationale
23 Directory services such as X.500 [X500] or LDAP [RFC2251] are a natural choice of
24 repository for amd mount map databases. All Object Identifiers in this document
25 are prefixed by amdSchema-id to be assigned later. The relation between this
26 schema and the automount schema elements in [HOWARD] are mostly superficial. The
27 model for the elements in [HOWARD] was the SUN automounter which has quite a
28 different syntax for mount maps. Furthermore the intended usage of this schema
29 differs from that of [HOWARD] in many respects.
31 3. DSA requirements
33 Directory servers implementing this schema SHOULD maintain the modifyTimestamp
34 operational attribute. If not the amdMapCacheTtl attribute SHOULD be set to 0
35 indicating to clients that caching of map entries SHOULD be turned off. Clients
36 wishing to use the amdMap schema MAY use the modifyTimestamp information to set
37 the ttl for internal caching schemes. A value of 0 for the amdMapCacheTtl must
38 result in clients turning off any local caching.
40 4. Syntax definitions
42 The following attribute syntax is defined in this document:
44 amdlocationlist
46 This syntax represents a amd map value. This is the syntax expressed in BNF using
47 definitions from [RFC2252]:
49 amdlocationlist = amdlocationselection |
50 amdlocationlist whsp "||" whsp amdlocationselection
52 amdlocationselection = amdlocation |
53 amdlocationselection whsp amdlocation
58 Johansson [Page 1]
64 Internet draft Berkeley AMD LDAP Schema 30 March 1998
67 amdlocation = amdlocationinfo |
68 "-" amdlocationinfo |
69 "-"
71 amdlocationinfo = seloropt |
72 amdlocationinfo ";" seloropt |
73 ";"
75 seloropt = seletion |
76 optass
78 selection = keystring "==" printablestring
79 keystring "!=" printablestring
81 optass = keystring
83 X.500 servers or LDAPv3 servers (supporting the binary attribute option) may use
84 the following syntax definition:
86 AmdLocationList ::= SEQUENCE OF {
87 SEQUENCE OF {
88 location AmdLocation
89 }
90 }
92 AmdLocation ::= SET OF {
93 CHOICE {
94 location [0] AmdLocationInfo
95 notlocation [1] AmdLocationInfo
96 not [2] NULL
97 }
98 }
100 AmdLocationInfo ::= SET OF {
101 CHOICE {
102 selection [0] AmdSelection
103 option [1] AmdOption
104 }
105 }
107 AmdSelection ::= CHOICE {
108 eq [0] AttributeAndValue
109 ne [1] AttributeAndValue
110 }
112 AmdOption ::= AttributeAndValue
113 AttributeAndValue ::= SEQUENCE {
114 attribute IA5String
118 Johansson [Page 2]
124 Internet draft Berkeley AMD LDAP Schema 30 March 1998
127 value IA5String
128 }
130 5. Attribute types
132 The following attribute types are defined in this document:
134 amdMapName
135 amdMapCacheTtl
136 amdMapEntry
137 amdMapEntryKey
138 amdMapEntryValue
140 amdSchema-a OBJECT IDENTIFIER ::= { amdSchema-id 1 }
142 amdMapName ATTRIBUTE ::= {
143 WITH SYNTAX IA5String
144 EQUALITY MATCHING RULE caseIgoreExactMatch
145 --ID { amdSchema-a 1 }
146 DESCRIPTION
147 "This attribute is the symbolic and in the naming
148 context unique name of an amd map. This corresponds
149 in the case of a flat file database to the name of
150 the file or the mount-point of the map."
151 }
154 amdMapCacheTtl
155 ATTRIBUTE ::= {
156 WITH SYNTAX Integer
157 EQUALITY MATCHING RULE integerExactMatch
158 --ID { amdSchema-a 2 }
159 SINGLE VALUED
160 DESCRIPTION
161 "The maximum time-to-live for the entries in this
162 map. After this many milliseconds the map has to
163 be cleared from local caches and reloaded. A value
164 of 0 disables caching."
165 }
167 amdMapEntry
168 ATTRIBUTE ::= {
169 WITH SYNTAX DistinguishedName
170 EQUALITY MATHCING RULE dNCaseIgnoreExactMatch
171 --ID { amdSchema-a 3 }
172 DESCRIPTION
173 "A multivalued attribute listing the distinguished
174 names of the amdMapEntries making up this amdMap
178 Johansson [Page 3]
184 Internet draft Berkeley AMD LDAP Schema 30 March 1998
187 object."
188 }
190 amdMapEntryKey ::= {
191 ATTRIBUTE ::= {
192 WITH SYNTAX IA5String
193 EQUALITY MATCHING RULE stringExactMatch
194 --ID { amdSchema-a 4 }
195 SINGLE VALUED
196 DESCRIPTION
197 "The value of this attribute is usually the name of
198 a mountpoint for this amdMapEntry."
199 }
201 amdMapEntryValue ::= {
202 ATTRIBUTE ::= {
203 WITH SYNTAX AmdLocationList
204 --ID { amdSchema-a 5 }
205 DESCRIPTION
206 "This is the actual mount information for the amdMapEntry
207 using the syntax described above."
208 }
210 amdMapEntryKey ::= {
211 ATTRIBUTE ::= {
212 WITH SYNTAX IA5String
213 EQUALITY MATCHING RULE stringExactMatch
214 --ID { amdSchema-a 4 }
215 SINGLE VALUED
216 DESCRIPTION
217 "The value of this attribute is usually the name of
218 a mountpoint for this amdMapEntry."
219 }
221 amdMapEntryValue ::= {
222 ATTRIBUTE ::= {
223 WITH SYNTAX AmdLocationList
224 --ID { amdSchema-a 5 }
225 DESCRIPTION
226 "This is the actual mount information for the amdMapEntry
227 using the syntax described above."
228 }
230 6. Object classes
232 The following object classes are defined in this document:
234 amdMap
238 Johansson [Page 4]
244 Internet draft Berkeley AMD LDAP Schema 30 March 1998
247 amdMapEntry
249 defined as follows:
251 amdSchema-oc ::= { amdSchema-id 2 }
253 amdMap OBJECT-CLASS ::= {
254 SUBCLASS OF { top }
255 KIND auxiliary
256 --ID { amdSchema-oc 1 }
257 MAY CONTAIN { amdMapCacheTtl , cn }
258 MUST CONTAIN { amdMapName , amdMapEntry }
259 }
261 amdMapEntry OBJECT-CLASS ::= {
262 SUBCLASS OF { top }
263 KIND structural
264 --ID { amdSchema-oc 2 }
265 MUST CONTAIN {
266 amdMapName ,
267 amdEntryKey ,
268 amdEntryValue ,
269 } MAY CONTAIN
270 { cn } DESCRIPTION "An entry of this
271 object class describes mount information relative to a
272 certain amdMap entry"
273 }
275 7. Examples
279 8. Security Considerations
281 Due to the security problems posed by NFS care should be taken not to advertise
282 exported filesystems. Therefore it is often desirable to limit access to entries
283 carrying amd mount map information to those systems to which the corresponding
284 filesystems have been exported.
286 9. References
288 [AMUTILS]
289 am-utils homepage: http://shekel.cs.columbia.edu/~erez/am-utils.html
291 [RFC2251]
292 M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access
293 Protocol (v3)", RFC 2251, December 1997.
298 Johansson [Page 5]
304 Internet draft Berkeley AMD LDAP Schema 30 March 1998
307 [RFC2252]
308 M. Wahl, A. Coulbeck, T. Howes, S. Kille, "Lightweight Directory
309 Access Protocol (v3): Attribute Syntax Definitions", RFC 2252,
310 December 1997.
312 [RFC2253]
313 M. Wahl, S. Kille, T. Howes, "Lightweight Directory Access
314 Protocol (v3): UTF-8 String Representation of Distinguished
315 Names", RFC 2253, December 1997.
317 [HOWARD]
318 Luke Howard, "An Approach for Using LDAP as a Network
319 Information Service", draft-howard-nis-schema-??.txt, Internet
320 draft.
322 [X500]
323 ITU something or other.
327 Author's Address
330 Leif Johansson
331 Department of Mathematics
332 Stockholm University
333 S-106 91 Stockholm
334 SWEDEN
336 Email: leifj AT matematik.su.se
358 Johansson [Page 6]