182794Sobrien 282794Sobrien 382794Sobrien 482794Sobrien 582794Sobrien 682794Sobrien 782794SobrienINTERNET-DRAFT Leif Johansson 882794SobrienIntented Category: Experimental Stockholm University 982794Sobrien 1082794Sobrien 1182794Sobrien 1282794Sobrien A directory (X.500 and LDAPv3) schema for Berkely automounter 1382794Sobrien 1482794Sobrien 1582794Sobrien1. Status of this Memo 1682794Sobrien 1782794Sobrien This memo describes a directory (LDAP or X.500) schema for storing amd (Berkely- 1882794Sobrien style automounter) mount info maps. The schema is currently beeing supported by 1982794Sobrien the (beta version of the) am-utils version 6 package [AMUTILS]. 2082794Sobrien 2182794Sobrien2. Overview and Rationale 2282794Sobrien 2382794Sobrien Directory services such as X.500 [X500] or LDAP [RFC2251] are a natural choice of 2482794Sobrien repository for amd mount map databases. All Object Identifiers in this document 2582794Sobrien are prefixed by amdSchema-id to be assigned later. The relation between this 2682794Sobrien schema and the automount schema elements in [HOWARD] are mostly superficial. The 2782794Sobrien model for the elements in [HOWARD] was the SUN automounter which has quite a 2882794Sobrien different syntax for mount maps. Furthermore the intended usage of this schema 2982794Sobrien differs from that of [HOWARD] in many respects. 3082794Sobrien 3182794Sobrien3. DSA requirements 3282794Sobrien 3382794Sobrien Directory servers implementing this schema SHOULD maintain the modifyTimestamp 3482794Sobrien operational attribute. If not the amdMapCacheTtl attribute SHOULD be set to 0 3582794Sobrien indicating to clients that caching of map entries SHOULD be turned off. Clients 3682794Sobrien wishing to use the amdMap schema MAY use the modifyTimestamp information to set 3782794Sobrien the ttl for internal caching schemes. A value of 0 for the amdMapCacheTtl must 3882794Sobrien result in clients turning off any local caching. 3982794Sobrien 4082794Sobrien4. Syntax definitions 4182794Sobrien 4282794Sobrien The following attribute syntax is defined in this document: 4382794Sobrien 4482794Sobrien amdlocationlist 4582794Sobrien 4682794Sobrien This syntax represents a amd map value. This is the syntax expressed in BNF using 4782794Sobrien definitions from [RFC2252]: 4882794Sobrien 4982794Sobrien amdlocationlist = amdlocationselection | 5082794Sobrien amdlocationlist whsp "||" whsp amdlocationselection 5182794Sobrien 5282794Sobrien amdlocationselection = amdlocation | 5382794Sobrien amdlocationselection whsp amdlocation 5482794Sobrien 5582794Sobrien 5682794Sobrien 5782794Sobrien 5882794SobrienJohansson [Page 1] 5982794Sobrien 6082794Sobrien 6182794Sobrien 6282794Sobrien 6382794Sobrien 6482794SobrienInternet draft Berkeley AMD LDAP Schema 30 March 1998 6582794Sobrien 6682794Sobrien 6782794Sobrien amdlocation = amdlocationinfo | 6882794Sobrien "-" amdlocationinfo | 6982794Sobrien "-" 7082794Sobrien 7182794Sobrien amdlocationinfo = seloropt | 7282794Sobrien amdlocationinfo ";" seloropt | 7382794Sobrien ";" 7482794Sobrien 7582794Sobrien seloropt = seletion | 7682794Sobrien optass 7782794Sobrien 7882794Sobrien selection = keystring "==" printablestring 7982794Sobrien keystring "!=" printablestring 8082794Sobrien 8182794Sobrien optass = keystring 8282794Sobrien 8382794Sobrien X.500 servers or LDAPv3 servers (supporting the binary attribute option) may use 8482794Sobrien the following syntax definition: 8582794Sobrien 8682794Sobrien AmdLocationList ::= SEQUENCE OF { 8782794Sobrien SEQUENCE OF { 8882794Sobrien location AmdLocation 8982794Sobrien } 9082794Sobrien } 9182794Sobrien 9282794Sobrien AmdLocation ::= SET OF { 9382794Sobrien CHOICE { 9482794Sobrien location [0] AmdLocationInfo 9582794Sobrien notlocation [1] AmdLocationInfo 9682794Sobrien not [2] NULL 9782794Sobrien } 9882794Sobrien } 9982794Sobrien 10082794Sobrien AmdLocationInfo ::= SET OF { 10182794Sobrien CHOICE { 10282794Sobrien selection [0] AmdSelection 10382794Sobrien option [1] AmdOption 10482794Sobrien } 10582794Sobrien } 10682794Sobrien 10782794Sobrien AmdSelection ::= CHOICE { 10882794Sobrien eq [0] AttributeAndValue 10982794Sobrien ne [1] AttributeAndValue 11082794Sobrien } 11182794Sobrien 11282794Sobrien AmdOption ::= AttributeAndValue 11382794Sobrien AttributeAndValue ::= SEQUENCE { 11482794Sobrien attribute IA5String 11582794Sobrien 11682794Sobrien 11782794Sobrien 11882794SobrienJohansson [Page 2] 11982794Sobrien 12082794Sobrien 12182794Sobrien 12282794Sobrien 12382794Sobrien 12482794SobrienInternet draft Berkeley AMD LDAP Schema 30 March 1998 12582794Sobrien 12682794Sobrien 12782794Sobrien value IA5String 12882794Sobrien } 12982794Sobrien 13082794Sobrien5. Attribute types 13182794Sobrien 13282794Sobrien The following attribute types are defined in this document: 13382794Sobrien 13482794Sobrien amdMapName 13582794Sobrien amdMapCacheTtl 13682794Sobrien amdMapEntry 13782794Sobrien amdMapEntryKey 13882794Sobrien amdMapEntryValue 13982794Sobrien 14082794Sobrien amdSchema-a OBJECT IDENTIFIER ::= { amdSchema-id 1 } 14182794Sobrien 14282794Sobrien amdMapName ATTRIBUTE ::= { 14382794Sobrien WITH SYNTAX IA5String 14482794Sobrien EQUALITY MATCHING RULE caseIgoreExactMatch 14582794Sobrien --ID { amdSchema-a 1 } 14682794Sobrien DESCRIPTION 14782794Sobrien "This attribute is the symbolic and in the naming 14882794Sobrien context unique name of an amd map. This corresponds 14982794Sobrien in the case of a flat file database to the name of 15082794Sobrien the file or the mount-point of the map." 15182794Sobrien } 15282794Sobrien 15382794Sobrien 15482794Sobrien amdMapCacheTtl 15582794Sobrien ATTRIBUTE ::= { 15682794Sobrien WITH SYNTAX Integer 15782794Sobrien EQUALITY MATCHING RULE integerExactMatch 15882794Sobrien --ID { amdSchema-a 2 } 15982794Sobrien SINGLE VALUED 16082794Sobrien DESCRIPTION 16182794Sobrien "The maximum time-to-live for the entries in this 16282794Sobrien map. After this many milliseconds the map has to 16382794Sobrien be cleared from local caches and reloaded. A value 16482794Sobrien of 0 disables caching." 16582794Sobrien } 16682794Sobrien 16782794Sobrien amdMapEntry 16882794Sobrien ATTRIBUTE ::= { 16982794Sobrien WITH SYNTAX DistinguishedName 17082794Sobrien EQUALITY MATHCING RULE dNCaseIgnoreExactMatch 17182794Sobrien --ID { amdSchema-a 3 } 17282794Sobrien DESCRIPTION 17382794Sobrien "A multivalued attribute listing the distinguished 17482794Sobrien names of the amdMapEntries making up this amdMap 17582794Sobrien 17682794Sobrien 17782794Sobrien 17882794SobrienJohansson [Page 3] 17982794Sobrien 18082794Sobrien 18182794Sobrien 18282794Sobrien 18382794Sobrien 18482794SobrienInternet draft Berkeley AMD LDAP Schema 30 March 1998 18582794Sobrien 18682794Sobrien 18782794Sobrien object." 18882794Sobrien } 18982794Sobrien 19082794Sobrien amdMapEntryKey ::= { 19182794Sobrien ATTRIBUTE ::= { 19282794Sobrien WITH SYNTAX IA5String 19382794Sobrien EQUALITY MATCHING RULE stringExactMatch 19482794Sobrien --ID { amdSchema-a 4 } 19582794Sobrien SINGLE VALUED 19682794Sobrien DESCRIPTION 19782794Sobrien "The value of this attribute is usually the name of 19882794Sobrien a mountpoint for this amdMapEntry." 19982794Sobrien } 20082794Sobrien 20182794Sobrien amdMapEntryValue ::= { 20282794Sobrien ATTRIBUTE ::= { 20382794Sobrien WITH SYNTAX AmdLocationList 20482794Sobrien --ID { amdSchema-a 5 } 20582794Sobrien DESCRIPTION 20682794Sobrien "This is the actual mount information for the amdMapEntry 20782794Sobrien using the syntax described above." 20882794Sobrien } 20982794Sobrien 21082794Sobrien amdMapEntryKey ::= { 21182794Sobrien ATTRIBUTE ::= { 21282794Sobrien WITH SYNTAX IA5String 21382794Sobrien EQUALITY MATCHING RULE stringExactMatch 21482794Sobrien --ID { amdSchema-a 4 } 21582794Sobrien SINGLE VALUED 21682794Sobrien DESCRIPTION 21782794Sobrien "The value of this attribute is usually the name of 21882794Sobrien a mountpoint for this amdMapEntry." 21982794Sobrien } 22082794Sobrien 22182794Sobrien amdMapEntryValue ::= { 22282794Sobrien ATTRIBUTE ::= { 22382794Sobrien WITH SYNTAX AmdLocationList 22482794Sobrien --ID { amdSchema-a 5 } 22582794Sobrien DESCRIPTION 22682794Sobrien "This is the actual mount information for the amdMapEntry 22782794Sobrien using the syntax described above." 22882794Sobrien } 22982794Sobrien 23082794Sobrien6. Object classes 23182794Sobrien 23282794Sobrien The following object classes are defined in this document: 23382794Sobrien 23482794Sobrien amdMap 23582794Sobrien 23682794Sobrien 23782794Sobrien 23882794SobrienJohansson [Page 4] 23982794Sobrien 24082794Sobrien 24182794Sobrien 24282794Sobrien 24382794Sobrien 24482794SobrienInternet draft Berkeley AMD LDAP Schema 30 March 1998 24582794Sobrien 24682794Sobrien 24782794Sobrien amdMapEntry 24882794Sobrien 24982794Sobrien defined as follows: 25082794Sobrien 25182794Sobrien amdSchema-oc ::= { amdSchema-id 2 } 25282794Sobrien 25382794Sobrien amdMap OBJECT-CLASS ::= { 25482794Sobrien SUBCLASS OF { top } 25582794Sobrien KIND auxiliary 25682794Sobrien --ID { amdSchema-oc 1 } 25782794Sobrien MAY CONTAIN { amdMapCacheTtl , cn } 25882794Sobrien MUST CONTAIN { amdMapName , amdMapEntry } 25982794Sobrien } 26082794Sobrien 26182794Sobrien amdMapEntry OBJECT-CLASS ::= { 26282794Sobrien SUBCLASS OF { top } 26382794Sobrien KIND structural 26482794Sobrien --ID { amdSchema-oc 2 } 26582794Sobrien MUST CONTAIN { 26682794Sobrien amdMapName , 26782794Sobrien amdEntryKey , 26882794Sobrien amdEntryValue , 26982794Sobrien } MAY CONTAIN 27082794Sobrien { cn } DESCRIPTION "An entry of this 27182794Sobrien object class describes mount information relative to a 27282794Sobrien certain amdMap entry" 27382794Sobrien } 27482794Sobrien 27582794Sobrien7. Examples 27682794Sobrien 27782794Sobrien 27882794Sobrien 27982794Sobrien8. Security Considerations 28082794Sobrien 28182794Sobrien Due to the security problems posed by NFS care should be taken not to advertise 28282794Sobrien exported filesystems. Therefore it is often desirable to limit access to entries 28382794Sobrien carrying amd mount map information to those systems to which the corresponding 28482794Sobrien filesystems have been exported. 28582794Sobrien 28682794Sobrien9. References 28782794Sobrien 28882794Sobrien [AMUTILS] 28982794Sobrien am-utils homepage: http://shekel.cs.columbia.edu/~erez/am-utils.html 29082794Sobrien 29182794Sobrien [RFC2251] 29282794Sobrien M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access 29382794Sobrien Protocol (v3)", RFC 2251, December 1997. 29482794Sobrien 29582794Sobrien 29682794Sobrien 29782794Sobrien 29882794SobrienJohansson [Page 5] 29982794Sobrien 30082794Sobrien 30182794Sobrien 30282794Sobrien 30382794Sobrien 30482794SobrienInternet draft Berkeley AMD LDAP Schema 30 March 1998 30582794Sobrien 30682794Sobrien 30782794Sobrien [RFC2252] 30882794Sobrien M. Wahl, A. Coulbeck, T. Howes, S. Kille, "Lightweight Directory 30982794Sobrien Access Protocol (v3): Attribute Syntax Definitions", RFC 2252, 31082794Sobrien December 1997. 31182794Sobrien 31282794Sobrien [RFC2253] 31382794Sobrien M. Wahl, S. Kille, T. Howes, "Lightweight Directory Access 31482794Sobrien Protocol (v3): UTF-8 String Representation of Distinguished 31582794Sobrien Names", RFC 2253, December 1997. 31682794Sobrien 31782794Sobrien [HOWARD] 31882794Sobrien Luke Howard, "An Approach for Using LDAP as a Network 31982794Sobrien Information Service", draft-howard-nis-schema-??.txt, Internet 32082794Sobrien draft. 32182794Sobrien 32282794Sobrien [X500] 32382794Sobrien ITU something or other. 32482794Sobrien 32582794Sobrien 32682794Sobrien 32782794SobrienAuthor's Address 32882794Sobrien 32982794Sobrien 33082794Sobrien Leif Johansson 33182794Sobrien Department of Mathematics 33282794Sobrien Stockholm University 33382794Sobrien S-106 91 Stockholm 33482794Sobrien SWEDEN 33582794Sobrien 336310490Scy Email: leifj AT matematik.su.se 33782794Sobrien 33882794Sobrien 33982794Sobrien 34082794Sobrien 34182794Sobrien 34282794Sobrien 34382794Sobrien 34482794Sobrien 34582794Sobrien 34682794Sobrien 34782794Sobrien 34882794Sobrien 34982794Sobrien 35082794Sobrien 35182794Sobrien 35282794Sobrien 35382794Sobrien 35482794Sobrien 35582794Sobrien 35682794Sobrien 35782794Sobrien 35882794SobrienJohansson [Page 6] 35982794Sobrien 36082794Sobrien 361