From patchwork Tue Sep 25 15:39:54 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Chuck Lever <chuck.lever@oracle.com>
X-Patchwork-Id: 186839
Return-Path: <fedfs-utils-devel-bounces@oss.oracle.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "acsinet15.oracle.com",
	Issuer "VeriSign Class 3 International Server CA - G3" (not
	verified)) by ozlabs.org (Postfix) with ESMTPS id 6723B2C0092
	for <incoming@patchwork.ozlabs.org>;
	Wed, 26 Sep 2012 01:40:22 +1000 (EST)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237])
	by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2)
	with ESMTP id q8PFeHgf024988
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);
	Tue, 25 Sep 2012 15:40:17 GMT
Received: from oss.oracle.com (oss-external.oracle.com [137.254.96.51])
	by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id
	q8PFeEJA016362
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Tue, 25 Sep 2012 15:40:15 GMT
Received: from localhost ([127.0.0.1] helo=oss.oracle.com)
	by oss.oracle.com with esmtp (Exim 4.63)
	(envelope-from <fedfs-utils-devel-bounces@oss.oracle.com>)
	id 1TGXF8-0000Df-HO; Tue, 25 Sep 2012 08:40:14 -0700
Received: from acsinet22.oracle.com ([141.146.126.238])
	by oss.oracle.com with esmtp (Exim 4.63)
	(envelope-from <chucklever@gmail.com>) id 1TGXEu-0000DF-Mx
	for fedfs-utils-devel@oss.oracle.com; Tue, 25 Sep 2012 08:40:00 -0700
Received: from acsinet13.oracle.com (acsinet13.oracle.com [141.146.126.235])
	by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id
	q8PFe0FZ021653
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
	for <fedfs-utils-devel@oss.oracle.com>; Tue, 25 Sep 2012 15:40:00 GMT
Received: from mail-ie0-f171.google.com (mail-ie0-f171.google.com
	[209.85.223.171])
	by acsinet13.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with
	ESMTP id q8PFdxRw027682
	(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=OK)
	for <fedfs-utils-devel@oss.oracle.com>; Tue, 25 Sep 2012 15:39:59 GMT
Received: by iecs9 with SMTP id s9so10291280iec.2
	for <fedfs-utils-devel@oss.oracle.com>;
	Tue, 25 Sep 2012 08:39:58 -0700 (PDT)
Received: by 10.43.133.196 with SMTP id hz4mr12403269icc.52.1348587598824;
	Tue, 25 Sep 2012 08:39:58 -0700 (PDT)
Received: from degas.1015granger.net
	(adsl-99-26-161-222.dsl.sfldmi.sbcglobal.net. [99.26.161.222])
	by mx.google.com with ESMTPS id
	aa4sm8261636igc.15.2012.09.25.08.39.55
	(version=TLSv1/SSLv3 cipher=OTHER);
	Tue, 25 Sep 2012 08:39:56 -0700 (PDT)
From: Chuck Lever <chuck.lever@oracle.com>
To: fedfs-utils-devel@oss.oracle.com
Date: Tue, 25 Sep 2012 11:39:54 -0400
Message-ID: <20120925153527.23879.35420.stgit@degas.1015granger.net>
User-Agent: StGIT/0.14.3
MIME-Version: 1.0
X-Flow-Control-Info: class=Default reputation=ipRepBelow100 ip=209.85.223.171
	ct-class=R5 ct-vol1=0 ct-vol2=8 ct-vol3=8 ct-risk=55
	ct-spam1=90 ct-spam2=9 ct-bulk=6 rcpts=1 size=13815
X-MM-CT-Classification: not spam
X-MM-CT-RefID: str=0001.0A090209.5061D050.001B,ss=1,re=-2.300,fgs=0
Subject: [fedfs-utils] [PATCH] contrib: Add tools to help configure
	OpenLDAP-based NSDB
X-BeenThere: fedfs-utils-devel@oss.oracle.com
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: fedfs-utils Developers <fedfs-utils-devel@oss.oracle.com>
List-Id: fedfs-utils Developers <fedfs-utils-devel.oss.oracle.com>
List-Unsubscribe: <https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel>,
	<mailto:fedfs-utils-devel-request@oss.oracle.com?subject=unsubscribe>
List-Archive: <http://oss.oracle.com/pipermail/fedfs-utils-devel>
List-Post: <mailto:fedfs-utils-devel@oss.oracle.com>
List-Help: <mailto:fedfs-utils-devel-request@oss.oracle.com?subject=help>
List-Subscribe: <https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel>,
	<mailto:fedfs-utils-devel-request@oss.oracle.com?subject=subscribe>
Sender: fedfs-utils-devel-bounces@oss.oracle.com
Errors-To: fedfs-utils-devel-bounces@oss.oracle.com
X-Source-IP: acsinet21.oracle.com [141.146.126.237]

Setting up an NSDB takes a bunch of detailed steps.  To encourage
adoption of FedFS (or at least broaden our base of testers), we want
to make NSDB set up easier to do.  One of the challenges is that each
LDAP server implementation requires different administrative tools
and procedures.

Thus, for each LDAP server implementation, we can add tools that
set up the FedFS schema, create root suffixes, and so on.  Of course
some server implementations will not succumb to this approach, as
they will still require manual set up on the servers themselves.  We
can but try.

As a first step, create a landing place for server-specific tools,
and introduce a sample tool to add the FedFS schema to an OpenLDAP
server.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---

This is just an RFC prototype.

I'm still debating whether we would be better off with a C tool
here.  It would be harder to write, but it could automate more
of this process (like the changes to the raw schema LDIF) and
wouldn't depend on having the ldap-tools installed.


 configure.ac                      |    1 
 contrib/Makefile.am               |    2 
 contrib/openldap/Makefile.am      |   29 ++++
 contrib/openldap/add-fedfs-entry  |   50 ++++++
 contrib/openldap/add-fedfs-schema |  303 +++++++++++++++++++++++++++++++++++++
 5 files changed, 384 insertions(+), 1 deletions(-)
 create mode 100644 contrib/openldap/Makefile.am
 create mode 100755 contrib/openldap/add-fedfs-entry
 create mode 100755 contrib/openldap/add-fedfs-schema

diff --git a/configure.ac b/configure.ac
index 31634cb..cebdae3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -160,6 +160,7 @@ AC_SUBST([root_sbindir])
 AC_CONFIG_FILES([Makefile
                  contrib/Makefile
                  contrib/init/Makefile
+                 contrib/openldap/Makefile
                  doc/Makefile
                  doc/ldap/Makefile
                  doc/man/Makefile
diff --git a/contrib/Makefile.am b/contrib/Makefile.am
index ee19f6b..3982781 100644
--- a/contrib/Makefile.am
+++ b/contrib/Makefile.am
@@ -23,7 +23,7 @@
 ##	http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
 ##
 
-SUBDIRS			= init
+SUBDIRS			= init openldap
 
 CLEANFILES		= cscope.in.out cscope.out cscope.po.out *~
 DISTCLEANFILES		= Makefile.in
diff --git a/contrib/openldap/Makefile.am b/contrib/openldap/Makefile.am
new file mode 100644
index 0000000..25f8988
--- /dev/null
+++ b/contrib/openldap/Makefile.am
@@ -0,0 +1,29 @@
+##
+## @file contrib/openldap/Makefile.am
+## @brief Process this file with automake to produce contrib/Makefile.in
+##
+
+##
+## Copyright 2012 Oracle.  All rights reserved.
+##
+## This file is part of fedfs-utils.
+##
+## fedfs-utils is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License version 2.0 as
+## published by the Free Software Foundation.
+##
+## fedfs-utils is distributed in the hope that it will be useful, but
+## WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+## GNU General Public License version 2.0 for more details.
+##
+## You should have received a copy of the GNU General Public License
+## version 2.0 along with fedfs-utils.  If not, see:
+##
+##	http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
+##
+
+EXTRA_DIST		= add-fedfs-schema
+
+CLEANFILES		= cscope.in.out cscope.out cscope.po.out *~
+DISTCLEANFILES		= Makefile.in
diff --git a/contrib/openldap/add-fedfs-entry b/contrib/openldap/add-fedfs-entry
new file mode 100755
index 0000000..82de095
--- /dev/null
+++ b/contrib/openldap/add-fedfs-entry
@@ -0,0 +1,50 @@
+#!/bin/bash
+#
+# @file contrib/openldap/add-fedfs-entry
+# @brief Add an "o=fedfs" entry
+#
+# Copyright 2012 Oracle.  All rights reserved.
+#
+# This file is part of fedfs-utils.
+#
+# fedfs-utils is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2.0 as
+# published by the Free Software Foundation.
+#
+# fedfs-utils is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License version 2.0 for more details.
+#
+# You should have received a copy of the GNU General Public License
+# version 2.0 along with fedfs-utils.  If not, see:
+#
+#	http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
+#
+
+LDAPMODIFY=`which ldapmodify`
+if [[ $? != 0 ]];
+then
+  echo "ldapmodify command not found on this system"
+  exit 1
+fi
+LDAPSEARCH=`which ldapsearch`
+if [[ $? != 0 ]];
+then
+  echo "ldapsearch command not found on this system"
+  exit 1
+fi
+
+if [[ $# -lt 2 ]];
+then
+  echo "add-fedfs-entry <LDAP server's hostname> <LDAP server's admin DN>"
+  echo " "
+  echo "Add an 'o=fedfs' entry to an LDAP server."
+  exit 1
+fi
+
+${LDAPMODIFY} -a -x -W -h $1 -D $2 <<EOF
+dn: o=fedfs
+objectClass: organization
+o: fedfs
+EOF
diff --git a/contrib/openldap/add-fedfs-schema b/contrib/openldap/add-fedfs-schema
new file mode 100755
index 0000000..7cc38b5
--- /dev/null
+++ b/contrib/openldap/add-fedfs-schema
@@ -0,0 +1,303 @@
+#!/bin/bash
+#
+# @file contrib/openldap/add-fedfs-schema
+# @brief Add the FedFS schema to an OpenLDAP server via OLConfig
+#
+# Copyright 2012 Oracle.  All rights reserved.
+#
+# This file is part of fedfs-utils.
+#
+# fedfs-utils is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2.0 as
+# published by the Free Software Foundation.
+#
+# fedfs-utils is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License version 2.0 for more details.
+#
+# You should have received a copy of the GNU General Public License
+# version 2.0 along with fedfs-utils.  If not, see:
+#
+#	http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
+#
+
+#
+# Updating this script should be necessary only when the FedFS
+# schema changes.  The FedFS schema LDIF below is formed by
+# copying and editing doc/ldap/fedfs-schema.ldif
+#
+#   1.  add the "dn", "objectClass", and "cn" lines below
+#   2.  :%s/attributeTypes:/olcAttributeTypes:/g
+#   3.  :%s/objectClasses:/olcObjectClasses:/g
+#   4.  optionally remove any lines that begin with "#"
+#
+# Then add the result to this script as a "here" document
+#
+
+LDAPMODIFY=`which ldapmodify`
+if [[ $? != 0 ]];
+then
+  echo "ldapmodify command not found on this system"
+  exit 1
+fi
+LDAPSEARCH=`which ldapsearch`
+if [[ $? != 0 ]];
+then
+  echo "ldapsearch command not found on this system"
+  exit 1
+fi
+
+if [[ $# -lt 2 ]];
+then
+  echo "add-fedfs-schema <LDAP server's hostname> <LDAP server's admin DN>"
+  echo " "
+  echo "Add the FedFS schema to an OpenLDAP server via its OLConfig"
+  echo "administrative interface."
+  exit 1
+fi
+
+#
+# Insurance: Make certain we are talking to something that groks OLConfig
+#
+${LDAPSEARCH} > /dev/null -x -W -h $1 -D $2 -b cn=config "(objectClass=olcGlobal)"
+if [[ $? != 0 ]];
+then
+  echo $1 "does not look like an OpenLDAP server"
+  exit 1
+fi
+
+${LDAPMODIFY} -a -x -W -h $1 -D $2 <<EOF
+dn: cn=fedfs,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: fedfs
+olcObjectClasses: (
+ 1.3.6.1.4.1.31103.1.1001 
+ NAME 'fedfsNsdbContainerInfo' 
+ DESC 'Describes NCE location' 
+ SUP top 
+ AUXILIARY 
+ MUST ( fedfsNceDN ) 
+ MAY ( fedfsAnnotation $ fedfsDescr ) 
+ )
+olcObjectClasses: (
+ 1.3.6.1.4.1.31103.1.1002 
+ NAME 'fedfsFsn' 
+ DESC 'Represents a fileset' 
+ SUP top 
+ STRUCTURAL 
+ MUST ( fedfsFsnUuid $ fedfsFsnTTL ) 
+ MAY ( fedfsAnnotation $ fedfsDescr ) 
+ )
+olcObjectClasses: (
+ 1.3.6.1.4.1.31103.1.1003 
+ NAME 'fedfsFsl' 
+ DESC 'A physical location of a fileset' 
+ SUP top 
+ ABSTRACT 
+ MUST ( fedfsFslUuid $ fedfsFsnUuid ) 
+ MAY ( fedfsAnnotation $ fedfsDescr ) 
+ )
+olcObjectClasses: (
+ 1.3.6.1.4.1.31103.1.1004 
+ NAME 'fedfsNfsFsl' 
+ DESC 'An NFS location of a fileset' 
+ SUP fedfsFsl 
+ STRUCTURAL 
+ MUST ( fedfsNfsURI $ fedfsNfsCurrency $ fedfsNfsGenFlagWritable $ fedfsNfsGenFlagGoing $ fedfsNfsGenFlagSplit $ fedfsNfsTransFlagRdma $ fedfsNfsClassSimul $ fedfsNfsClassHandle $ fedfsNfsClassFileid $ fedfsNfsClassWritever $ fedfsNfsClassChange $ fedfsNfsClassReaddir $ fedfsNfsReadRank $ fedfsNfsReadOrder $ fedfsNfsWriteRank $ fedfsNfsWriteOrder $ fedfsNfsVarSub $ fedfsNfsValidFor ) 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.1 
+ NAME 'fedfsUuid' 
+ DESC 'A UUID used by NSDB' 
+ EQUALITY uuidMatch 
+ ORDERING uuidOrderingMatch 
+ SYNTAX 1.3.6.1.1.16.1 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.4 
+ NAME 'fedfsFsnUuid' 
+ DESC 'The FSN UUID component of an FSN' 
+ SUP fedfsUuid 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.11 
+ NAME 'fedfsFsnTTL' 
+ DESC 'Time to live of an FSN tree' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.14 
+ NAME 'fedfsNceDN' 
+ DESC 'NCE Distinguished Name' 
+ EQUALITY distinguishedNameMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.8 
+ NAME 'fedfsFslUuid' 
+ DESC 'UUID of an FSL' 
+ SUP fedfsUuid 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.12 
+ NAME 'fedfsAnnotation' 
+ DESC 'Annotation of an object' 
+ SUP name 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.13 
+ NAME 'fedfsDescr' 
+ DESC 'Description of an object' 
+ SUP name 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.120 
+ NAME 'fedfsNfsURI' 
+ DESC 'Location of fileset' 
+ SUP labeledURI 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.103 
+ NAME 'fedfsNfsCurrency' 
+ DESC 'up-to-date measure of the data' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.104 
+ NAME 'fedfsNfsGenFlagWritable' 
+ DESC 'Indicates if the filesystem is writable' 
+ EQUALITY booleanMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.105 
+ NAME 'fedfsNfsGenFlagGoing' 
+ DESC 'Indicates if the filesystem is going' 
+ EQUALITY booleanMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.106 
+ NAME 'fedfsNfsGenFlagSplit' 
+ DESC 'Indicates if there are multiple filesystems' 
+ EQUALITY booleanMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.107 
+ NAME 'fedfsNfsTransFlagRdma' 
+ DESC 'Indicates if the transport supports RDMA' 
+ EQUALITY booleanMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.108 
+ NAME 'fedfsNfsClassSimul' 
+ DESC 'The simultaneous-use class of the filesystem' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.109 
+ NAME 'fedfsNfsClassHandle' 
+ DESC 'The handle class of the filesystem' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.110 
+ NAME 'fedfsNfsClassFileid' 
+ DESC 'The fileid class of the filesystem' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.111 
+ NAME 'fedfsNfsClassWritever' 
+ DESC 'The write-verifier class of the filesystem' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.112 
+ NAME 'fedfsNfsClassChange' 
+ DESC 'The change class of the filesystem' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.113 
+ NAME 'fedfsNfsClassReaddir' 
+ DESC 'The readdir class of the filesystem' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.114 
+ NAME 'fedfsNfsReadRank' 
+ DESC 'The read rank of the filesystem' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.115 
+ NAME 'fedfsNfsReadOrder' 
+ DESC 'The read order of the filesystem' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.116 
+ NAME 'fedfsNfsWriteRank' 
+ DESC 'The write rank of the filesystem' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.117 
+ NAME 'fedfsNfsWriteOrder' 
+ DESC 'The write order of the filesystem' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.118 
+ NAME 'fedfsNfsVarSub' 
+ DESC 'Indicates if variable substitution is present' 
+ EQUALITY booleanMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 
+ SINGLE-VALUE 
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.19 
+ NAME 'fedfsNfsValidFor' 
+ DESC 'Valid for time' 
+ EQUALITY integerMatch 
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 
+ SINGLE-VALUE 
+ )
+EOF