On 24/05/13 23:48, Nalin Dahyabhai wrote:
On Fri, May 24, 2013 at 12:01:04PM +0200, Sigbjorn Lie wrote:
The compat module would have to be extended to support displaying selected
automount maps from one
location in a different location. I do not know the internals of the compat
plugin so what I'm
asking might be unable/hard to achieve with the compat plugin - I was referring
to it because of
it's ability to mirror one part of the ldap tree to a different part of the
The compat plugin's usually used to make a group of entries appear
somewhere else, which isn't _quite_ the same thing as making part of the
tree show up elsewhere, since the tree structure isn't preserved, but if
you don't mind "flattening" of the results when your source is split up
in the hierarchy of a subtree, that won't be a problem.
Otherwise, yeah, if that newly-created part of the tree, where the
plugin's making the fake entries appear, happens to be under a subtree
which autofs is searching for a given map's contents, then I don't see a
reason why it shouldn't work. The configuration for the compat plugin
would probably simply copy specific attributes rather than doing any
real manipulation their values, much like we do for user entries under
cn=users,cn=compat. I guess you could either "tag" entries for
inclusion in a way that they'd match the filter which the compat
plugin's configured to use when searching for source entries, or grab
all of the entries in that given source area.
Whenever you added a new automount location, you'd need to add a new
mostly-boilerplate configuration entry under "cn=Schema Compatibility,
cn=plugins, cn=config" to have that same group of entries with the same
contents show up in the new location's part of the tree, but that would
be about it.
Also, if you're not rewriting attribute values, you could probably also
ccomplish it with managed entries, since it plays in a similar area. Or
perhaps it could be done with just referrals, though that depends on the
client to follow them.
I did some testing on this. I added an entry to "cn=Schema
Compatibility, cn=plugins, cn=config", and defined the various settings
for the compat plugin. It worked as a charm, the requested automountmaps
we're mirrored. However, one glitch when I attempt to actually use it.
Setting "schema-compat-container-group" to cn=default hides all the
existing keys in automount location default. Setting it to a level below
the cn=default, and the automounter does not see the entries with the
error below. It seem like the automounter can only handle a single level
of a tree, and does not search subtrees.
"get_query_dn: lookup(ldap): failed to find query dn under search base dns"
I don't think the flatten trees does any harm, it's already flat, as
long as the container-group could be set to cn=default,cn=automount.
However it would require logic within the IPA framework to follow any
"automountinformation=-fstype=autofs auto_anothermapname" and also
create setup for the additional "auto_anothermapname" in the compat
plugin. And again the idea seem flawed when the additional maps cannot
sit under the same schema-compat-container-group.
Is there any way to have several entries in the schema compatibility
plugin to share the same level of schema-compat-container-group?
Freeipa-users mailing list