@@ -160,6 +160,7 @@ AC_SUBST([root_sbindir])
AC_CONFIG_FILES([Makefile
contrib/Makefile
contrib/init/Makefile
+ contrib/openldap/Makefile
doc/Makefile
doc/ldap/Makefile
doc/man/Makefile
@@ -23,7 +23,7 @@
## http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
##
-SUBDIRS = init
+SUBDIRS = init openldap
CLEANFILES = cscope.in.out cscope.out cscope.po.out *~
DISTCLEANFILES = Makefile.in
new file mode 100644
@@ -0,0 +1,29 @@
+##
+## @file contrib/openldap/Makefile.am
+## @brief Process this file with automake to produce contrib/Makefile.in
+##
+
+##
+## Copyright 2012 Oracle. All rights reserved.
+##
+## This file is part of fedfs-utils.
+##
+## fedfs-utils is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License version 2.0 as
+## published by the Free Software Foundation.
+##
+## fedfs-utils is distributed in the hope that it will be useful, but
+## WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License version 2.0 for more details.
+##
+## You should have received a copy of the GNU General Public License
+## version 2.0 along with fedfs-utils. If not, see:
+##
+## http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
+##
+
+EXTRA_DIST = add-fedfs-schema
+
+CLEANFILES = cscope.in.out cscope.out cscope.po.out *~
+DISTCLEANFILES = Makefile.in
new file mode 100755
@@ -0,0 +1,50 @@
+#!/bin/bash
+#
+# @file contrib/openldap/add-fedfs-entry
+# @brief Add an "o=fedfs" entry
+#
+# Copyright 2012 Oracle. All rights reserved.
+#
+# This file is part of fedfs-utils.
+#
+# fedfs-utils is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2.0 as
+# published by the Free Software Foundation.
+#
+# fedfs-utils is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License version 2.0 for more details.
+#
+# You should have received a copy of the GNU General Public License
+# version 2.0 along with fedfs-utils. If not, see:
+#
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
+#
+
+LDAPMODIFY=`which ldapmodify`
+if [[ $? != 0 ]];
+then
+ echo "ldapmodify command not found on this system"
+ exit 1
+fi
+LDAPSEARCH=`which ldapsearch`
+if [[ $? != 0 ]];
+then
+ echo "ldapsearch command not found on this system"
+ exit 1
+fi
+
+if [[ $# -lt 2 ]];
+then
+ echo "add-fedfs-entry <LDAP server's hostname> <LDAP server's admin DN>"
+ echo " "
+ echo "Add an 'o=fedfs' entry to an LDAP server."
+ exit 1
+fi
+
+${LDAPMODIFY} -a -x -W -h $1 -D $2 <<EOF
+dn: o=fedfs
+objectClass: organization
+o: fedfs
+EOF
new file mode 100755
@@ -0,0 +1,303 @@
+#!/bin/bash
+#
+# @file contrib/openldap/add-fedfs-schema
+# @brief Add the FedFS schema to an OpenLDAP server via OLConfig
+#
+# Copyright 2012 Oracle. All rights reserved.
+#
+# This file is part of fedfs-utils.
+#
+# fedfs-utils is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2.0 as
+# published by the Free Software Foundation.
+#
+# fedfs-utils is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License version 2.0 for more details.
+#
+# You should have received a copy of the GNU General Public License
+# version 2.0 along with fedfs-utils. If not, see:
+#
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
+#
+
+#
+# Updating this script should be necessary only when the FedFS
+# schema changes. The FedFS schema LDIF below is formed by
+# copying and editing doc/ldap/fedfs-schema.ldif
+#
+# 1. add the "dn", "objectClass", and "cn" lines below
+# 2. :%s/attributeTypes:/olcAttributeTypes:/g
+# 3. :%s/objectClasses:/olcObjectClasses:/g
+# 4. optionally remove any lines that begin with "#"
+#
+# Then add the result to this script as a "here" document
+#
+
+LDAPMODIFY=`which ldapmodify`
+if [[ $? != 0 ]];
+then
+ echo "ldapmodify command not found on this system"
+ exit 1
+fi
+LDAPSEARCH=`which ldapsearch`
+if [[ $? != 0 ]];
+then
+ echo "ldapsearch command not found on this system"
+ exit 1
+fi
+
+if [[ $# -lt 2 ]];
+then
+ echo "add-fedfs-schema <LDAP server's hostname> <LDAP server's admin DN>"
+ echo " "
+ echo "Add the FedFS schema to an OpenLDAP server via its OLConfig"
+ echo "administrative interface."
+ exit 1
+fi
+
+#
+# Insurance: Make certain we are talking to something that groks OLConfig
+#
+${LDAPSEARCH} > /dev/null -x -W -h $1 -D $2 -b cn=config "(objectClass=olcGlobal)"
+if [[ $? != 0 ]];
+then
+ echo $1 "does not look like an OpenLDAP server"
+ exit 1
+fi
+
+${LDAPMODIFY} -a -x -W -h $1 -D $2 <<EOF
+dn: cn=fedfs,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: fedfs
+olcObjectClasses: (
+ 1.3.6.1.4.1.31103.1.1001
+ NAME 'fedfsNsdbContainerInfo'
+ DESC 'Describes NCE location'
+ SUP top
+ AUXILIARY
+ MUST ( fedfsNceDN )
+ MAY ( fedfsAnnotation $ fedfsDescr )
+ )
+olcObjectClasses: (
+ 1.3.6.1.4.1.31103.1.1002
+ NAME 'fedfsFsn'
+ DESC 'Represents a fileset'
+ SUP top
+ STRUCTURAL
+ MUST ( fedfsFsnUuid $ fedfsFsnTTL )
+ MAY ( fedfsAnnotation $ fedfsDescr )
+ )
+olcObjectClasses: (
+ 1.3.6.1.4.1.31103.1.1003
+ NAME 'fedfsFsl'
+ DESC 'A physical location of a fileset'
+ SUP top
+ ABSTRACT
+ MUST ( fedfsFslUuid $ fedfsFsnUuid )
+ MAY ( fedfsAnnotation $ fedfsDescr )
+ )
+olcObjectClasses: (
+ 1.3.6.1.4.1.31103.1.1004
+ NAME 'fedfsNfsFsl'
+ DESC 'An NFS location of a fileset'
+ SUP fedfsFsl
+ STRUCTURAL
+ MUST ( fedfsNfsURI $ fedfsNfsCurrency $ fedfsNfsGenFlagWritable $ fedfsNfsGenFlagGoing $ fedfsNfsGenFlagSplit $ fedfsNfsTransFlagRdma $ fedfsNfsClassSimul $ fedfsNfsClassHandle $ fedfsNfsClassFileid $ fedfsNfsClassWritever $ fedfsNfsClassChange $ fedfsNfsClassReaddir $ fedfsNfsReadRank $ fedfsNfsReadOrder $ fedfsNfsWriteRank $ fedfsNfsWriteOrder $ fedfsNfsVarSub $ fedfsNfsValidFor )
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.1
+ NAME 'fedfsUuid'
+ DESC 'A UUID used by NSDB'
+ EQUALITY uuidMatch
+ ORDERING uuidOrderingMatch
+ SYNTAX 1.3.6.1.1.16.1
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.4
+ NAME 'fedfsFsnUuid'
+ DESC 'The FSN UUID component of an FSN'
+ SUP fedfsUuid
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.11
+ NAME 'fedfsFsnTTL'
+ DESC 'Time to live of an FSN tree'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.14
+ NAME 'fedfsNceDN'
+ DESC 'NCE Distinguished Name'
+ EQUALITY distinguishedNameMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.8
+ NAME 'fedfsFslUuid'
+ DESC 'UUID of an FSL'
+ SUP fedfsUuid
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.12
+ NAME 'fedfsAnnotation'
+ DESC 'Annotation of an object'
+ SUP name
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.13
+ NAME 'fedfsDescr'
+ DESC 'Description of an object'
+ SUP name
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.120
+ NAME 'fedfsNfsURI'
+ DESC 'Location of fileset'
+ SUP labeledURI
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.103
+ NAME 'fedfsNfsCurrency'
+ DESC 'up-to-date measure of the data'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.104
+ NAME 'fedfsNfsGenFlagWritable'
+ DESC 'Indicates if the filesystem is writable'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.105
+ NAME 'fedfsNfsGenFlagGoing'
+ DESC 'Indicates if the filesystem is going'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.106
+ NAME 'fedfsNfsGenFlagSplit'
+ DESC 'Indicates if there are multiple filesystems'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.107
+ NAME 'fedfsNfsTransFlagRdma'
+ DESC 'Indicates if the transport supports RDMA'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.108
+ NAME 'fedfsNfsClassSimul'
+ DESC 'The simultaneous-use class of the filesystem'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.109
+ NAME 'fedfsNfsClassHandle'
+ DESC 'The handle class of the filesystem'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.110
+ NAME 'fedfsNfsClassFileid'
+ DESC 'The fileid class of the filesystem'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.111
+ NAME 'fedfsNfsClassWritever'
+ DESC 'The write-verifier class of the filesystem'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.112
+ NAME 'fedfsNfsClassChange'
+ DESC 'The change class of the filesystem'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.113
+ NAME 'fedfsNfsClassReaddir'
+ DESC 'The readdir class of the filesystem'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.114
+ NAME 'fedfsNfsReadRank'
+ DESC 'The read rank of the filesystem'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.115
+ NAME 'fedfsNfsReadOrder'
+ DESC 'The read order of the filesystem'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.116
+ NAME 'fedfsNfsWriteRank'
+ DESC 'The write rank of the filesystem'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.117
+ NAME 'fedfsNfsWriteOrder'
+ DESC 'The write order of the filesystem'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.118
+ NAME 'fedfsNfsVarSub'
+ DESC 'Indicates if variable substitution is present'
+ EQUALITY booleanMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
+ SINGLE-VALUE
+ )
+olcAttributeTypes: (
+ 1.3.6.1.4.1.31103.1.19
+ NAME 'fedfsNfsValidFor'
+ DESC 'Valid for time'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ SINGLE-VALUE
+ )
+EOF
Setting up an NSDB takes a bunch of detailed steps. To encourage adoption of FedFS (or at least broaden our base of testers), we want to make NSDB set up easier to do. One of the challenges is that each LDAP server implementation requires different administrative tools and procedures. Thus, for each LDAP server implementation, we can add tools that set up the FedFS schema, create root suffixes, and so on. Of course some server implementations will not succumb to this approach, as they will still require manual set up on the servers themselves. We can but try. As a first step, create a landing place for server-specific tools, and introduce a sample tool to add the FedFS schema to an OpenLDAP server. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> --- This is just an RFC prototype. I'm still debating whether we would be better off with a C tool here. It would be harder to write, but it could automate more of this process (like the changes to the raw schema LDIF) and wouldn't depend on having the ldap-tools installed. configure.ac | 1 contrib/Makefile.am | 2 contrib/openldap/Makefile.am | 29 ++++ contrib/openldap/add-fedfs-entry | 50 ++++++ contrib/openldap/add-fedfs-schema | 303 +++++++++++++++++++++++++++++++++++++ 5 files changed, 384 insertions(+), 1 deletions(-) create mode 100644 contrib/openldap/Makefile.am create mode 100755 contrib/openldap/add-fedfs-entry create mode 100755 contrib/openldap/add-fedfs-schema