Re: ldapd: add bsd.schema?

Fri, 18 May 2018 03:12:25 -0700 

On Fri, May 18, 2018 at 10:42:43AM +0200, Reyk Floeter wrote:
> So, OK?
> 

As sthen@ pointed out, I had shadowPassword in both MUST and MAY.
(The reason is that I intended to move it from MUST to MAY, but forgot
to remove the MUST).  userPassword in nis.schema is also MAY, so it
must not be MUST but it must be MAY.  A user also may not have a cn so
remove it from MUST as well.

s/MUST/MAY/ I get an OK?

Index: etc/examples/ldapd.conf
===================================================================
RCS file: /cvs/src/etc/examples/ldapd.conf,v
retrieving revision 1.1
diff -u -p -u -p -r1.1 ldapd.conf
--- etc/examples/ldapd.conf     11 Jul 2014 21:20:10 -0000      1.1
+++ etc/examples/ldapd.conf     18 May 2018 10:09:45 -0000
@@ -3,6 +3,7 @@
 schema "/etc/ldap/core.schema"
 schema "/etc/ldap/inetorgperson.schema"
 schema "/etc/ldap/nis.schema"
+schema "/etc/ldap/bsd.schema"
 
 listen on lo0
 listen on "/var/run/ldapi"
Index: usr.sbin/ldapd/Makefile
===================================================================
RCS file: /cvs/src/usr.sbin/ldapd/Makefile,v
retrieving revision 1.15
diff -u -p -u -p -r1.15 Makefile
--- usr.sbin/ldapd/Makefile     20 Jan 2017 11:55:08 -0000      1.15
+++ usr.sbin/ldapd/Makefile     18 May 2018 10:09:45 -0000
@@ -17,7 +17,8 @@ CFLAGS+=      -Wshadow -Wpointer-arith -Wcast
 CFLAGS+=       -Wsign-compare
 CLEANFILES+=   y.tab.h parse.c
 
-SCHEMA_FILES=  core.schema \
+SCHEMA_FILES=  bsd.schema \
+               core.schema \
                inetorgperson.schema \
                nis.schema
 
Index: usr.sbin/ldapd/schema/bsd.schema
===================================================================
RCS file: usr.sbin/ldapd/schema/bsd.schema
diff -N usr.sbin/ldapd/schema/bsd.schema
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ usr.sbin/ldapd/schema/bsd.schema    18 May 2018 10:09:45 -0000
@@ -0,0 +1,17 @@
+attributetype ( 1.3.6.1.4.1.30155.115.2 NAME 'shadowPassword'
+       DESC 'POSIX hashed password'
+       EQUALITY caseExactIA5Match
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype ( 1.3.6.1.4.1.30155.115.3 NAME 'sshPublicKey'
+       DESC 'SSH public key'
+       EQUALITY caseExactIA5Match
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+objectclass ( 1.3.6.1.4.1.30155.115.1 NAME 'bsdAccount'
+       SUP top
+       AUXILIARY
+       DESC 'Abstraction of an account with OpenBSD attributes'
+       MUST ( uid )
+       MAY ( shadowPassword $ shadowExpire $ modifyTimestamp $ userClass $
+               sshPublicKey ))

Reply via email to