Due to legacy constraints the default protocol.bynumber and
protocol.byname do not produce the alias feature we have:Notice the above legacy ypcat protcols.bynumber is not showing description Attribute in the third column, rather, it is the alias. ypmatch can find an entry in protocols.byname using the name or the alias.ypcat protocols.byname ip 0 IP 0 icmp 1 ICMP 1 igmp 2 IGMP 2 ggp 3 GGP 3 tcp 6 TCP 6 pup 12 PUP 12 udp 17 UDP 17 IPv6 41 ipv6 41 IPv6-Route 43 ipv6-route 43 IPv6-Frag 44 ipv6-frag 44 IPv6-ICMP 58 ipv6-icmp 58 IPv6-NoNxt 59 ipv6-nonxt 59ypcat protocols.bynumber ip 0 IP icmp 1 ICMP igmp 2 IGMP ggp 3 GGP tcp 6 TCP pup 12 PUP udp 17 UDP IPv6 41 ipv6 IPv6-Route 43 ipv6-route IPv6-Frag 44 ipv6-frag IPv6-ICMP 58 ipv6-icmp IPv6-NoNxt 59 ipv6-nonxt ypmatch 0 protocols.bynumber ip 0 IP ypmatch ip protocols.byname ip 0 IP ypmatch IP protocols.byname ip 0 IP The document format-specifiers.txt says It seemed like a %collect in nis-keys-format was just what I needed.* nis-keys-format (required if nis-key-format is not set, multivalued) A format specifier which the plugin will use to convert the contents of the directory server entry into a set of keys for the NIS map. The resulting NIS map will include a key for each value to which the _expression_ evaluates. This can be used to allow for an arbitrary number of NIS map entries to be created for a given directory server entry. The syntax of format specifiers is described in "format-specifiers.txt". Using this schema in /etc/dirsv/<instance>/99user.ldif I created directory entries that had both a name and an alias. With these NIS map LDIFs addeddn: cn=schema objectClass: top objectClass: ldapSubentry objectClass: subschema cn: schema objectClasses: ( 1.3.6.1.4.1.35157.1.1.3 NAME 'umipProtocol' DESC 'User defined LDAP objectclass' SUP top STRUCTURAL MUST ( cn $ umipProtocolName $ umipProtocolNumber ) MAY ( description $ umipProtocolAlias ) X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.35157.1.1.1.13 NAME 'umipProtocolName' DESC 'IP protocol name - custom' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 EQUALITY caseExactIA5Match X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.35157.1.1.1.14 NAME 'umipProtocolNumber' DESC 'IP protocol number - custom' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 EQUALITY integerMatch X-ORIGIN 'user defined' ) attributeTypes: ( 1.3.6.1.4.1.35157.1.1.1.15 NAME 'umipProtocolAlias' DESC 'IP protocol alias name' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 EQUALITY caseExactIA5Match X-ORIGIN 'user defined' )
ypcat produces the desired output. ypmatch doesn't work at all.For reference, here is the ypcat output of the two maps:ypmatch ip protocols.byname Can't match key ip in map protocols.byname. Reason: No such key in map ypmatch IP protocols.byname Can't match key IP in map protocols.byname. Reason: No such key in map Shouldn't the %collect cause to two NIS entries to be created for each directory entry? It seems to on the ypcat but I don't understand why the ypmatch would fail.ypcat protocols.byname IPv6-NoNxt 59 ipv6-nonxt IPv6-ICMP 58 ipv6-icmp IPv6-Frag 44 ipv6-frag IPv6-Route 43 ipv6-route IPv6 41 ipv6 udp 17 UDP pup 12 PUP tcp 6 TCP ggp 3 GGP igmp 2 IGMP icmp 1 ICMP ip 0 IP ypcat protocols.bynumber IPv6-NoNxt 59 ipv6-nonxt IPv6-ICMP 58 ipv6-icmp IPv6-Frag 44 ipv6-frag IPv6-Route 43 ipv6-route IPv6 41 ipv6 udp 17 UDP pup 12 PUP tcp 6 TCP ggp 3 GGP igmp 2 IGMP icmp 1 ICMP ip 0 IP Thanks, Daryl -- -- Daryl Fonseca-Holt IST/Technology Services/Unix Server Team University of Manitoba 204.480.1079 |
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
