182794Sobrien.pl 10.0i
282794Sobrien.po 0
382794Sobrien.ll 8.5i
482794Sobrien.lt 8.5i
582794Sobrien.nr LL 8.5i
682794Sobrien.nr LT 8.5i
782794Sobrien.ds LF Johansson
882794Sobrien.ds RF [Page %]
982794Sobrien.ds CF
1082794Sobrien.ds LH Internet draft
1182794Sobrien.ds RH 30 March 1998
1282794Sobrien.ds CH Berkeley AMD LDAP Schema
1382794Sobrien.hy 0
1482794Sobrien.ad l
1582794Sobrien.in 0
1682794SobrienINTERNET-DRAFT                                                         Leif Johansson
1782794SobrienIntented Category: Experimental                                  Stockholm University
1882794Sobrien
1982794Sobrien
2082794Sobrien
2182794Sobrien.ce
2282794SobrienA directory (X.500 and LDAPv3) schema for Berkely automounter
2382794Sobrien
2482794Sobrien
2582794Sobrien.ti 0
2682794Sobrien1. Status of this Memo
2782794Sobrien
2882794Sobrien.fi
2982794Sobrien.in 3
3082794SobrienThis memo describes a directory (LDAP or X.500) schema for storing
31174294Sobrienamd (Berkely-style automounter) mount info maps. The schema is currently
32174294Sobrienbeeing supported by the (beta version of the) am-utils version 6 package
33174294Sobrien[AMUTILS].
3482794Sobrien
3582794Sobrien.ti 0
3682794Sobrien2. Overview and Rationale
3782794Sobrien
3882794SobrienDirectory services such as X.500 [X500] or LDAP [RFC2251] are a natural
39174294Sobrienchoice of repository for amd mount map databases. All Object Identifiers
40174294Sobrienin this document are prefixed by amdSchema-id to be assigned later. The
41174294Sobrienrelation between this schema and the automount schema elements in [HOWARD]
4282794Sobrienare mostly superficial. The model for the elements in [HOWARD] was the SUN
43174294Sobrienautomounter which has quite a different syntax for mount maps. Furthermore
44174294Sobrienthe intended usage of this schema differs from that of [HOWARD] in many
4582794Sobrienrespects.
4682794Sobrien
4782794Sobrien.ti 0
4882794Sobrien3. DSA requirements
4982794Sobrien
50174294SobrienDirectory servers implementing this schema SHOULD maintain the
51174294SobrienmodifyTimestamp operational attribute. If not the amdMapCacheTtl
5282794Sobrienattribute SHOULD be set to 0 indicating to clients that caching of
53174294Sobrienmap entries SHOULD be turned off. Clients wishing to use the amdMap
54174294Sobrienschema MAY use the modifyTimestamp information to set the ttl for
55174294Sobrieninternal caching schemes. A value of 0 for the amdMapCacheTtl must
5682794Sobrienresult in clients turning off any local caching.
5782794Sobrien
5882794Sobrien.ti 0
5982794Sobrien4. Syntax definitions
6082794Sobrien
6182794SobrienThe following attribute syntax is defined in this document:
6282794Sobrien
6382794Sobrien     amdlocationlist
6482794Sobrien
6582794SobrienThis syntax represents a amd map value. This is the syntax expressed
6682794Sobrienin BNF using definitions from [RFC2252]:
6782794Sobrien
6882794Sobrien     amdlocationlist      = amdlocationselection |
6982794Sobrien                            amdlocationlist whsp "||" whsp amdlocationselection
7082794Sobrien
7182794Sobrien     amdlocationselection = amdlocation |
7282794Sobrien                            amdlocationselection whsp amdlocation
73174294Sobrien
7482794Sobrien     amdlocation          = amdlocationinfo |
7582794Sobrien                            "-" amdlocationinfo |
7682794Sobrien                            "-"
77174294Sobrien
7882794Sobrien     amdlocationinfo      = seloropt |
7982794Sobrien                            amdlocationinfo ";" seloropt |
8082794Sobrien                            ";"
8182794Sobrien
8282794Sobrien     seloropt             = seletion |
8382794Sobrien                            optass
8482794Sobrien
8582794Sobrien     selection            = keystring "==" printablestring
8682794Sobrien                            keystring "!=" printablestring
8782794Sobrien
8882794Sobrien     optass               = keystring \":=\" printablestring
8982794Sobrien
90174294SobrienX.500 servers or LDAPv3 servers (supporting the binary attribute
9182794Sobrienoption) may use the following syntax definition:
9282794Sobrien
9382794Sobrien     AmdLocationList ::= SEQUENCE OF {
9482794Sobrien                            SEQUENCE OF {
9582794Sobrien                               location     AmdLocation
9682794Sobrien                            }
9782794Sobrien                         }
9882794Sobrien
9982794Sobrien     AmdLocation     ::= SET OF {
10082794Sobrien                            CHOICE {
10182794Sobrien                               location     [0] AmdLocationInfo
10282794Sobrien                               notlocation  [1] AmdLocationInfo
10382794Sobrien                               not          [2] NULL
10482794Sobrien                            }
10582794Sobrien                         }
106174294Sobrien
10782794Sobrien     AmdLocationInfo ::= SET OF {
10882794Sobrien                            CHOICE {
10982794Sobrien                               selection    [0] AmdSelection
11082794Sobrien                               option       [1] AmdOption
11182794Sobrien                            }
11282794Sobrien                         }
113174294Sobrien
11482794Sobrien     AmdSelection    ::= CHOICE {
11582794Sobrien                            eq     [0] AttributeAndValue
11682794Sobrien                            ne     [1] AttributeAndValue
11782794Sobrien                         }
11882794Sobrien
11982794Sobrien     AmdOption       ::= AttributeAndValue
120174294Sobrien
12182794Sobrien     AttributeAndValue ::= SEQUENCE {
12282794Sobrien                              attribute     IA5String
12382794Sobrien                              value         IA5String
12482794Sobrien                           }
12582794Sobrien
12682794Sobrien.ti 0
12782794Sobrien5. Attribute types
12882794Sobrien
12982794SobrienThe following attribute types are defined in this document:
130174294Sobrien
13182794Sobrien     amdMapName
13282794Sobrien     amdMapCacheTtl
13382794Sobrien     amdMapEntry
13482794Sobrien     amdMapEntryKey
13582794Sobrien     amdMapEntryValue
13682794Sobrien
13782794Sobrien     amdSchema-a OBJECT IDENTIFIER ::= { amdSchema-id 1 }
13882794Sobrien
139174294Sobrien     amdMapName
14082794Sobrien	ATTRIBUTE ::= {
14182794Sobrien           WITH SYNTAX              IA5String
14282794Sobrien           EQUALITY MATCHING RULE   caseIgoreExactMatch
14382794Sobrien           --ID                     { amdSchema-a 1 }
144174294Sobrien           DESCRIPTION
14582794Sobrien            "This attribute is the symbolic and in the naming
14682794Sobrien             context unique name of an amd map. This corresponds
14782794Sobrien             in the case of a flat file database to the name of
14882794Sobrien             the file or the mount-point of the map."
14982794Sobrien        }
15082794Sobrien
151174294Sobrien
152174294Sobrien     amdMapCacheTtl
153174294Sobrien        ATTRIBUTE ::= {
15482794Sobrien           WITH SYNTAX              Integer
15582794Sobrien           EQUALITY MATCHING RULE   integerExactMatch
15682794Sobrien           --ID                     { amdSchema-a 2 }
15782794Sobrien           SINGLE VALUED
15882794Sobrien           DESCRIPTION
15982794Sobrien            "The maximum time-to-live for the entries in this
16082794Sobrien             map. After this many milliseconds the map has to
16182794Sobrien             be cleared from local caches and reloaded. A value
16282794Sobrien             of 0 disables caching."
16382794Sobrien        }
16482794Sobrien
16582794Sobrien     amdMapEntry
16682794Sobrien        ATTRIBUTE ::= {
16782794Sobrien           WITH SYNTAX              DistinguishedName
16882794Sobrien           EQUALITY MATHCING RULE   dNCaseIgnoreExactMatch
16982794Sobrien           --ID                     { amdSchema-a 3 }
17082794Sobrien           DESCRIPTION
17182794Sobrien            "A multivalued attribute listing the distinguished
17282794Sobrien             names of the amdMapEntries making up this amdMap
17382794Sobrien             object."
17482794Sobrien        }
17582794Sobrien
17682794Sobrien     amdMapEntryKey ::= {
17782794Sobrien        ATTRIBUTE ::= {
17882794Sobrien           WITH SYNTAX              IA5String
17982794Sobrien           EQUALITY MATCHING RULE   stringExactMatch
18082794Sobrien           --ID                     { amdSchema-a 4 }
18182794Sobrien           SINGLE VALUED
18282794Sobrien           DESCRIPTION
18382794Sobrien            "The value of this attribute is usually the name of
18482794Sobrien             a mountpoint for this amdMapEntry."
18582794Sobrien        }
18682794Sobrien
18782794Sobrien     amdMapEntryValue ::= {
18882794Sobrien        ATTRIBUTE ::= {
18982794Sobrien           WITH SYNTAX              AmdLocationList
19082794Sobrien           --ID                     { amdSchema-a 5 }
19182794Sobrien           DESCRIPTION
19282794Sobrien            "This is the actual mount information for the amdMapEntry
19382794Sobrien             using the syntax described above."
19482794Sobrien        }
19582794Sobrien
19682794Sobrien     amdMapEntryKey ::= {
19782794Sobrien        ATTRIBUTE ::= {
19882794Sobrien           WITH SYNTAX              IA5String
19982794Sobrien           EQUALITY MATCHING RULE   stringExactMatch
20082794Sobrien           --ID                     { amdSchema-a 4 }
20182794Sobrien           SINGLE VALUED
20282794Sobrien           DESCRIPTION
20382794Sobrien            "The value of this attribute is usually the name of
20482794Sobrien             a mountpoint for this amdMapEntry."
20582794Sobrien        }
20682794Sobrien
20782794Sobrien     amdMapEntryValue ::= {
20882794Sobrien        ATTRIBUTE ::= {
20982794Sobrien           WITH SYNTAX              AmdLocationList
21082794Sobrien           --ID                     { amdSchema-a 5 }
21182794Sobrien           DESCRIPTION
21282794Sobrien            "This is the actual mount information for the amdMapEntry
21382794Sobrien             using the syntax described above."
21482794Sobrien        }
21582794Sobrien
216174294Sobrien.ti 0
21782794Sobrien6. Object classes
21882794Sobrien
21982794SobrienThe following object classes are defined in this document:
22082794Sobrien
22182794Sobrien          amdMap
22282794Sobrien          amdMapEntry
22382794Sobrien
22482794Sobriendefined as follows:
22582794Sobrien
22682794Sobrien          amdSchema-oc ::= { amdSchema-id 2 }
22782794Sobrien
22882794Sobrien          amdMap OBJECT-CLASS ::= {
22982794Sobrien                    SUBCLASS OF            { top }
23082794Sobrien                    KIND                   auxiliary
23182794Sobrien                    --ID                   { amdSchema-oc 1 }
23282794Sobrien                    MAY CONTAIN            { amdMapCacheTtl , cn }
23382794Sobrien                    MUST CONTAIN           { amdMapName , amdMapEntry }
23482794Sobrien                 }
23582794Sobrien
23682794Sobrien          amdMapEntry OBJECT-CLASS ::= {
23782794Sobrien                         SUBCLASS OF       { top }
23882794Sobrien                         KIND              structural
23982794Sobrien                         --ID              { amdSchema-oc 2 }
24082794Sobrien                         MUST CONTAIN      {
24182794Sobrien                                             amdMapName ,
24282794Sobrien                                             amdEntryKey ,
24382794Sobrien                                             amdEntryValue ,
24482794Sobrien                                           }
24582794Sobrien	                 MAY CONTAIN       { cn }
24682794Sobrien	                 DESCRIPTION
24782794Sobrien		          "An entry of this object class describes mount
24882794Sobrien	                   information relative to a certain amdMap entry"
24982794Sobrien                      }
25082794Sobrien
25182794Sobrien.ti 0
25282794Sobrien7. Examples
25382794Sobrien
25482794Sobrien
255174294Sobrien
25682794Sobrien.ti 0
25782794Sobrien8. Security Considerations
25882794Sobrien
25982794SobrienDue to the security problems posed by NFS care should be taken not to
260174294Sobrienadvertise exported filesystems. Therefore it is often desirable to limit
26182794Sobrienaccess to entries carrying amd mount map information to those systems
26282794Sobriento which the corresponding filesystems have been exported.
26382794Sobrien
26482794Sobrien.ti 0
26582794Sobrien9. References
26682794Sobrien
26782794Sobrien   [AMUTILS]
26882794Sobrien        am-utils homepage: http://shekel.cs.columbia.edu/~erez/am-utils.html
26982794Sobrien
27082794Sobrien   [RFC2251]
27182794Sobrien        M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access
27282794Sobrien        Protocol (v3)", RFC 2251, December 1997.
27382794Sobrien
27482794Sobrien   [RFC2252]
27582794Sobrien        M. Wahl, A. Coulbeck, T. Howes, S. Kille, "Lightweight Directory
27682794Sobrien        Access Protocol (v3): Attribute Syntax Definitions", RFC 2252,
27782794Sobrien        December 1997.
27882794Sobrien
27982794Sobrien   [RFC2253]
28082794Sobrien        M. Wahl, S. Kille, T. Howes, "Lightweight Directory Access
28182794Sobrien        Protocol (v3): UTF-8 String Representation of Distinguished
28282794Sobrien        Names", RFC 2253, December 1997.
28382794Sobrien
28482794Sobrien   [HOWARD]
285174294Sobrien        Luke Howard, "An Approach for Using LDAP as a Network
28682794Sobrien        Information Service", draft-howard-nis-schema-??.txt, Internet
28782794Sobrien        draft.
28882794Sobrien
289174294Sobrien   [X500]
29082794Sobrien        ITU something or other.
291174294Sobrien
29282794Sobrien.in 3
29382794Sobrien
29482794Sobrien
29582794Sobrien.ti 0
29682794SobrienAuthor's Address
29782794Sobrien
29882794Sobrien.nf
29982794Sobrien
30082794SobrienLeif Johansson
30182794SobrienDepartment of Mathematics
30282794SobrienStockholm University
30382794SobrienS-106 91 Stockholm
30482794Sobrien         SWEDEN
30582794Sobrien
306310490ScyEmail: leifj AT matematik.su.se
307