Commit 7841f4f5 authored by Pierangelo Masarati's avatar Pierangelo Masarati
Browse files

complete merging of dyngroup into dynlist; add back-config support

parent 976d6b4b
......@@ -35,41 +35,45 @@ or to the frontend, if used before any database instantiation; see
for details.
.LP
These
This
.B slapd.conf
configuration options apply to the dynlist overlay. They must appear
after the
configuration option is define for the dynlist overlay. It may have multiple
occurrences, and it must appear after the
.B overlay
directive.
.TP
.B dynlist-oc <objectClass>
The name of the objectClass that triggers the dynamic expansion of the
data. This statement is required.
.TP
.B dynlist-ad <attributeName>
The name of the attributeDescription that holds the LDAP URI values that
will expand; if none is present, no expansion occurs. If the intersection
of the attributes requested by the search operation (or the asserted attribute
for compares) and the attributes listed in the URI is empty, no expansion
occurs for that specific URI. This statement is required.
.TP
.B dynlist-member-ad <attributeName>
The name of the attributeDescription that will list the DN of the entries
resulting from the internal search. This statement is optional and, if
present, changes the behavior of the overlay into that of a dynamic group.
The <attrs> portion of the URI must be absent, and the DNs of all the entries
resulting from the expansion of the URI are listed as values of this
attribute.
Compares to
.B dynlist-member-ad
attributes of entries with
.B dynlist-oc
.B dynlist-attrset <group-oc> <URL-ad> [<member-ad>]
The value
.B <group-oc>
is the name of the objectClass that triggers the dynamic expansion of the
data.
The value
.B <URL-ad>
is the name of the attributeDescription that cointains the URI that is
expanded by the overlay; if none is present, no expansion occurs.
If the intersection of the attributes requested by the search operation
(or the asserted attribute for compares) and the attributes listed
in the URI is empty, no expansion occurs for that specific URI.
It must be a subtype of \fIlabeledURI\fP.
The value
.B <member-ad>
is optional; if present, the overlay behaves as a dynamic group: this
attribute will list the DN of the entries resulting from the internal search.
In this case, the <attrs> portion of the URI must be absent, and the DNs
of all the entries resulting from the expansion of the URI are listed
as values of this attribute.
Compares that assert the value of the
.B <member-ad>
attribute of entries with
.B <group-oc>
objectClass apply as if the DN of the entries resulting from the expansion
of the URI were present in the
.B dynlist-oc
.B <group-oc>
entry as values of the
.B dynlist-member-ad
attributeType.
.B <member-ad>
attribute.
.LP
The dynlist overlay may be used with any backend, but it is mainly
intended for use with local storage backends.
......@@ -90,8 +94,7 @@ entry; first of all, make sure that slapd.conf contains the directives:
# ...
overlay dynlist
dynlist-oc groupOfURLs
dynlist-ad memberURL
dynlist-attrset groupOfURLs memberURL
.fi
.LP
and that slapd loads dynlist.la, if compiled as a run-time module;
......@@ -107,6 +110,22 @@ then add to the database an entry like
If no <attrs> are provided in the URI, all (non-operational) attributes are
collected.
This example implements the dynamic group feature on the
.B member
attribute:
.LP
.nf
include /path/to/dyngroup.schema
# ...
database <database>
# ...
overlay dynlist
dynlist-attrset groupOfURLs memberURL member
.fi
.LP
.SH FILES
.TP
......@@ -115,6 +134,10 @@ default slapd configuration file
.SH SEE ALSO
.BR slapd.conf (5),
.BR slapd (8).
The
.BR slapo-dynlist (5)
overlay supports dynamic configuration via
.BR back-config .
.SH ACKNOWLEDGEMENTS
.P
This module was written in 2004 by Pierangelo Masarati for SysNet s.n.c.
......@@ -1350,7 +1350,7 @@ loopit:
} else {
rc = LDAP_NO_SUCH_ATTRIBUTE;
}
if (e != target ) {
if ( e != target ) {
be_entry_release_r( op, e );
}
} else {
......
......@@ -40,8 +40,6 @@
static struct berval config_rdn = BER_BVC("cn=config");
static struct berval schema_rdn = BER_BVC("cn=schema");
#define SLAP_X_ORDERED_FMT "{%d}"
#ifdef SLAPD_MODULES
typedef struct modpath_s {
struct modpath_s *mp_next;
......@@ -186,10 +184,11 @@ static OidRec OidMacros[] = {
{ "OLcfgDbOc", "OLcfgOc:2" },
{ "OLcfgOvOc", "OLcfgOc:3" },
{ "OMsyn", "1.3.6.1.4.1.1466.115.121.1" },
{ "OMsInteger", "OMsyn:27" },
{ "OMsBoolean", "OMsyn:7" },
{ "OMsDN", "OMsyn:12" },
{ "OMsDirectoryString", "OMsyn:15" },
{ "OMsInteger", "OMsyn:27" },
{ "OMsOID", "OMsyn:38" },
{ "OMsOctetString", "OMsyn:40" },
{ NULL, NULL }
};
......@@ -213,6 +212,8 @@ static OidRec OidMacros[] = {
* OLcfgOv{Oc|At}:5 -> valsort
* (FIXME: separate arc for contribware?)
* OLcfgOv{Oc|At}:6 -> smbk5pwd
* OLcfgOv{Oc|At}:7 -> distproc
* OLcfgOv{Oc|At}:8 -> dynlist
*/
/* alphabetical ordering */
......@@ -1175,7 +1176,7 @@ config_generic(ConfigArgs *c) {
break;
case CFG_ACL:
if ( parse_acl(c->be, c->fname, c->lineno, c->argc, c->argv, c->valx) ) {
if ( parse_acl(c->be, c->fname, c->lineno, c->argc, c->argv, c->valx ) ) {
return 1;
}
break;
......
......@@ -181,4 +181,6 @@ int config_shadow( ConfigArgs *c, int flag );
#define config_check_userland(last) \
assert( ( ( (last) - 1 ) & ARGS_USERLAND ) == ( (last) - 1 ) );
#define SLAP_X_ORDERED_FMT "{%d}"
#endif /* CONFIG_H */
This diff is collapsed.
......@@ -61,6 +61,13 @@ memberURL: ldap:///ou=People,dc=example,dc=com?cn,mail?sub?(objectClass=person
# Testing list compare...
TRUE
# Testing list compare (should return FALSE)...
FALSE
# Testing list compare (should return UNDEFINED)...
Compare Result: No such attribute (16)
UNDEFINED
# Testing list compare with manageDSAit...
FALSE
......@@ -114,6 +121,9 @@ memberURL: ldap:///ou=People,dc=example,dc=com??sub?(objectClass=person)
# Testing list compare...
TRUE
# Testing list compare (should return FALSE)...
FALSE
# Testing list compare with manageDSAit...
FALSE
......@@ -50,6 +50,4 @@ rootpw secret
#ldbm#index cn,sn,uid pres,eq,sub
overlay dynlist
dynlist-oc groupOfURLs
dynlist-ad memberURL
### DO NOT ADD ANY DIRECTIVE BELOW THIS; TEST APPENDS STUFF ###
......@@ -31,8 +31,10 @@ if test $RC != 0 ; then
exit $RC
fi
echo "Running slapindex to index slapd database..."
. $CONFFILTER $BACKEND $MONITORDB < $DYNLISTCONF > $CONF1
echo "dynlist-attrset groupOfURLs memberURL" >> $CONF1
echo "Running slapindex to index slapd database..."
$SLAPINDEX -f $CONF1
RC=$?
if test $RC != 0 ; then
......@@ -151,8 +153,36 @@ case $RC in
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
echo "Testing list compare (should return FALSE)..."
echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
"cn=Dynamic List,$LISTDN" "cn:FALSE" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)"
;;
6)
echo "ldapcompare returned TRUE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
......@@ -161,6 +191,37 @@ case $RC in
esac
echo "" >> $SEARCHOUT
echo "Testing list compare (should return UNDEFINED)..."
echo "# Testing list compare (should return UNDEFINED)..." >> $SEARCHOUT
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
"cn=Dynamic List,$LISTDN" "dc:UNDEFINED" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
6)
echo "ldapcompare returned TRUE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
16|32)
echo "ldapcompare returned UNDEFINED ($RC)"
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)"
;;
esac
echo "" >> $SEARCHOUT
echo "Testing list compare with manageDSAit..."
echo "# Testing list compare with manageDSAit..." >> $SEARCHOUT
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 -MM \
......@@ -179,7 +240,7 @@ case $RC in
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
......@@ -194,7 +255,8 @@ kill -HUP $KILLPIDS
wait $KILLPIDS
echo "Reconfiguring slapd..."
echo "dynlist-member-ad member" >> $CONF1
. $CONFFILTER $BACKEND $MONITORDB < $DYNLISTCONF > $CONF1
echo "dynlist-attrset groupOfURLs memberURL member" >> $CONF1
echo "==========================================================" >> $LOG1
......@@ -303,8 +365,36 @@ case $RC in
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "" >> $SEARCHOUT
echo "Testing list compare (should return FALSE)..."
echo "# Testing list compare (should return FALSE)..." >> $SEARCHOUT
$LDAPCOMPARE -h $LOCALHOST -p $PORT1 \
"cn=Dynamic List of Members,$LISTDN" "member:cn=Foo Bar" \
>> $SEARCHOUT 2>&1
RC=$?
case $RC in
5)
echo "ldapcompare returned FALSE ($RC)"
;;
6)
echo "ldapcompare returned TRUE ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
......@@ -331,7 +421,7 @@ case $RC in
0)
echo "ldapcompare returned success ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
exit -1
;;
*)
echo "ldapcompare failed ($RC)!"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment