slapo-lastmod

Langue: en

Autres versions - même langue

Version: 2007/08/20 (mandriva - 22/10/07)

Section: 5 (Format de fichier)

Sommaire

NAME

slapo-lastmod - Last Modification overlay

SYNOPSIS

/etc/openldap/slapd.conf

DESCRIPTION

The lastmod overlay creates a service entry rooted at the suffix of the database it's stacked onto, which holds the DN, the modification type, the modifiersName and the modifyTimestamp of the last write operation performed on that database. The lastmod overlay cannot be used when the "lastmod" feature is disabled, i.e. "lastmod off" is used.

All operations targeted at the DN of the lastmod entry are rejected, except reads, i.e. searches with base scope. Regular operations are ignored, unless they result in writing; then, in case of success, the lastmod entry is updated accordingly, if possible.

CONFIGURATION

These slapd.conf configuration options apply to the lastmod overlay. They must appear after the overlay directive.
lastmod-rdnvalue <RDN value>
Specify the value of the RDN used for the service entry. By default Lastmod is used.
lastmod-enabled {yes|no}
Specify whether the overlay must be enabled or not at startup. By default, the overlay is enabled; however, by changing the boolean value of the attribute lastmodEnabled, one can affect the status of the overlay. This is useful, for instance, to inhibit the overlay from keeping track of large bulk loads or deletions.

OBJECT CLASS

The lastmod overlay depends on the lastmod objectClass. The definition of that class is as follows:
( 1.3.6.1.4.1.4203.666.3.13 "
    NAME 'lastmod'
    DESC 'OpenLDAP per-database last modification monitoring'
    STRUCTURAL
    SUP top
    MUST ( cn $ lastmodDN $ lastmodType )
    MAY ( description $ seeAlso ) )

ATTRIBUTES

Each one of the sections below details the meaning and use of a particular attribute of this lastmod objectClass. Most of the attributes that are specific to the lastmod objectClass are operational, since they can logically be altered only by the DSA. The most notable exception is the lastmodEnabled attributeType, which can be altered via protocol to change the status of the overlay.

lastmodEnabled

This attribute contains a boolean flag that determines the status of the overlay. It can be altered via protocol by issuing a modify operation that replaces the value of the attribute.

( 1.3.6.1.4.1.4203.666.1.30
   NAME 'lastmodEnabled'
   DESC 'Lastmod overlay state'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
   EQUALITY booleanMatch
   SINGLE-VALUE )

OPERATIONAL ATTRIBUTES

Each one of the sections below details the meaning and use of a particular attribute of this lastmod objectClass. Most of the attributes that are specific to the lastmod objectClass are operational, since they can logically be altered only by the DSA.

lastmodDN

This attribute contains the distinguished name of the entry that was last modified within the naming context of a database.

( 1.3.6.1.4.1.4203.666.1.28
   NAME 'lastmodDN'
   DESC 'DN of last modification'
   EQUALITY distinguishedNameMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
   NO-USER-MODIFICATION
   USAGE directoryOperation )

lastmodType

This attribute contains the type of the modification that occurred to the last modified entry. Legal values are add, delete, exop, modify, modrdn and unknown. The latter should only be used as a fall-thru in case of unhandled request types that are considered equivalent to a write operation.

( 1.3.6.1.4.1.4203.666.1.29
   NAME 'lastmodType'
   DESC 'Type of last modification'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
   EQUALITY caseIgnoreMatch
   SINGLE-VALUE
   NO-USER-MODIFICATION
   USAGE directoryOperation )

EXAMPLES

 database    bdb
 suffix      dc=example,dc=com
 ...
 overlay     lastmod
 lastmod-rdnvalue "Last Modification"

SEE ALSO

ldap(3), slapd.conf(5),

"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)

BUGS

It is unclear whether this overlay can safely interoperate with other overlays. If the underlying backend does not implement entry_get/entry_release handlers, modrdn update can become tricky. The code needs some cleanup and more consistent error handling. So far, the OIDs for the schema haven't been assigned yet.

ACKNOWLEDGEMENTS

This module was written in 2004 by Pierangelo Masarati in fulfillment of requirements from SysNet s.n.c.; this man page has been copied from slapo-ppolicy(5), and most of the overlays ever written are copied from Howard Chu's first overlays.

OpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). OpenLDAP is derived from University of Michigan LDAP 3.3 Release.