7 INTERNET-DRAFT Leif Johansson
8 Intented Category: Experimental Stockholm University
12 A directory (X.500 and LDAPv3) schema for Berkely automounter
15 1. Status of this Memo
17 This memo describes a directory (LDAP or X.500) schema for storing amd (Berkely-
18 style automounter) mount info maps. The schema is currently beeing supported by
19 the (beta version of the) am-utils version 6 package [AMUTILS].
21 2. Overview and Rationale
23 Directory services such as X.500 [X500] or LDAP [RFC2251] are a natural choice of
24 repository for amd mount map databases. All Object Identifiers in this document
25 are prefixed by amdSchema-id to be assigned later. The relation between this
26 schema and the automount schema elements in [HOWARD] are mostly superficial. The
27 model for the elements in [HOWARD] was the SUN automounter which has quite a
28 different syntax for mount maps. Furthermore the intended usage of this schema
29 differs from that of [HOWARD] in many respects.
33 Directory servers implementing this schema SHOULD maintain the modifyTimestamp
34 operational attribute. If not the amdMapCacheTtl attribute SHOULD be set to 0
35 indicating to clients that caching of map entries SHOULD be turned off. Clients
36 wishing to use the amdMap schema MAY use the modifyTimestamp information to set
37 the ttl for internal caching schemes. A value of 0 for the amdMapCacheTtl must
38 result in clients turning off any local caching.
42 The following attribute syntax is defined in this document:
46 This syntax represents a amd map value. This is the syntax expressed in BNF using
47 definitions from [RFC2252]:
49 amdlocationlist = amdlocationselection |
50 amdlocationlist whsp "||" whsp amdlocationselection
52 amdlocationselection = amdlocation |
53 amdlocationselection whsp amdlocation
64 Internet draft Berkeley AMD LDAP Schema 30 March 1998
67 amdlocation = amdlocationinfo |
71 amdlocationinfo = seloropt |
72 amdlocationinfo ";" seloropt |
78 selection = keystring "==" printablestring
79 keystring "!=" printablestring
83 X.500 servers or LDAPv3 servers (supporting the binary attribute option) may use
84 the following syntax definition:
86 AmdLocationList ::= SEQUENCE OF {
92 AmdLocation ::= SET OF {
94 location [0] AmdLocationInfo
95 notlocation [1] AmdLocationInfo
100 AmdLocationInfo ::= SET OF {
102 selection [0] AmdSelection
107 AmdSelection ::= CHOICE {
108 eq [0] AttributeAndValue
109 ne [1] AttributeAndValue
112 AmdOption ::= AttributeAndValue
113 AttributeAndValue ::= SEQUENCE {
124 Internet draft Berkeley AMD LDAP Schema 30 March 1998
132 The following attribute types are defined in this document:
140 amdSchema-a OBJECT IDENTIFIER ::= { amdSchema-id 1 }
142 amdMapName ATTRIBUTE ::= {
143 WITH SYNTAX IA5String
144 EQUALITY MATCHING RULE caseIgoreExactMatch
145 --ID { amdSchema-a 1 }
147 "This attribute is the symbolic and in the naming
148 context unique name of an amd map. This corresponds
149 in the case of a flat file database to the name of
150 the file or the mount-point of the map."
157 EQUALITY MATCHING RULE integerExactMatch
158 --ID { amdSchema-a 2 }
161 "The maximum time-to-live for the entries in this
162 map. After this many milliseconds the map has to
163 be cleared from local caches and reloaded. A value
164 of 0 disables caching."
169 WITH SYNTAX DistinguishedName
170 EQUALITY MATHCING RULE dNCaseIgnoreExactMatch
171 --ID { amdSchema-a 3 }
173 "A multivalued attribute listing the distinguished
174 names of the amdMapEntries making up this amdMap
184 Internet draft Berkeley AMD LDAP Schema 30 March 1998
192 WITH SYNTAX IA5String
193 EQUALITY MATCHING RULE stringExactMatch
194 --ID { amdSchema-a 4 }
197 "The value of this attribute is usually the name of
198 a mountpoint for this amdMapEntry."
201 amdMapEntryValue ::= {
203 WITH SYNTAX AmdLocationList
204 --ID { amdSchema-a 5 }
206 "This is the actual mount information for the amdMapEntry
207 using the syntax described above."
212 WITH SYNTAX IA5String
213 EQUALITY MATCHING RULE stringExactMatch
214 --ID { amdSchema-a 4 }
217 "The value of this attribute is usually the name of
218 a mountpoint for this amdMapEntry."
221 amdMapEntryValue ::= {
223 WITH SYNTAX AmdLocationList
224 --ID { amdSchema-a 5 }
226 "This is the actual mount information for the amdMapEntry
227 using the syntax described above."
232 The following object classes are defined in this document:
244 Internet draft Berkeley AMD LDAP Schema 30 March 1998
251 amdSchema-oc ::= { amdSchema-id 2 }
253 amdMap OBJECT-CLASS ::= {
256 --ID { amdSchema-oc 1 }
257 MAY CONTAIN { amdMapCacheTtl , cn }
258 MUST CONTAIN { amdMapName , amdMapEntry }
261 amdMapEntry OBJECT-CLASS ::= {
264 --ID { amdSchema-oc 2 }
270 { cn } DESCRIPTION "An entry of this
271 object class describes mount information relative to a
272 certain amdMap entry"
279 8. Security Considerations
281 Due to the security problems posed by NFS care should be taken not to advertise
282 exported filesystems. Therefore it is often desirable to limit access to entries
283 carrying amd mount map information to those systems to which the corresponding
284 filesystems have been exported.
289 am-utils homepage: http://shekel.cs.columbia.edu/~erez/am-utils.html
292 M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access
293 Protocol (v3)", RFC 2251, December 1997.
304 Internet draft Berkeley AMD LDAP Schema 30 March 1998
308 M. Wahl, A. Coulbeck, T. Howes, S. Kille, "Lightweight Directory
309 Access Protocol (v3): Attribute Syntax Definitions", RFC 2252,
313 M. Wahl, S. Kille, T. Howes, "Lightweight Directory Access
314 Protocol (v3): UTF-8 String Representation of Distinguished
315 Names", RFC 2253, December 1997.
318 Luke Howard, "An Approach for Using LDAP as a Network
319 Information Service", draft-howard-nis-schema-??.txt, Internet
323 ITU something or other.
331 Department of Mathematics
336 Email: leifj@matematik.su.se
projects / FreeBSD / releng / 9.2.git / blob