Bug 150340
Summary: | OID conflict in LDAP schemas shipped | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Steve Bonneville <sbonnevi> |
Component: | openldap | Assignee: | Jay Fenlason <fenlason> |
Status: | CLOSED ERRATA | QA Contact: | Jay Turner <jturner> |
Severity: | low | Docs Contact: | |
Priority: | medium | ||
Version: | 4.0 | CC: | jfeeney, srevivo, tao |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | RHBA-2006-0417 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-08-10 21:37:44 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 181409 |
Description
Steve Bonneville
2005-03-04 18:37:54 UTC
This does indeed seem to be a problem, but I'm not clear on the solution. There are 3 different automount schema "standards" nisObject/nisMap (RFC 2307 -- not a factor here) automountKey/automountInformation (RFC2307bis) and the unoffical: automount/cn/automountInformation It's this 3rd one that is in the contents of autofs.schema, and appears to be the problem. Perhaps we should just make any entries in here that match the names in RFC2307bis, match OID's as well? Changing this, however, may have implications for people that have directories loaded already. I'm not certain if reloading the data would be required if you change the OID's. As an aside, recent versions of autofs also support the RFC draft schema as well, so interoperability problems with sun should not be an issue. I opened a ticket with RH about this recently. It isn't clear what RH wants it's customers to use as an information services schema. I hope that you can provide more information as to why things were setup this way, and what the future direction is going to be. Here's my summary of the problems. Discrepancy: 1.3.6.1.1.1.1.33 is the attributetype OID for automountInformation (RFC 2307bis) 1.3.6.1.1.1.1.25 is the attributetype OID for automountInformation (autofs.schema) Conflict: 1.3.6.1.1.1.1.13 is the attributetype OID for memberNisNetgroup (RFC 2307) 1.3.6.1.1.1.1.13 is the objectclass OID for automount (autofs.schema) Registered and unique, but undocumented: 1.3.6.1.4.1.2312.4.2.2 is the object class OID for automountMap (autofs.schema) It's not clear what the LDAP powers-that-be want to use as an automount schema. The most common approach used with Linux autofs is probably the generic nisMap/nisObject method from RFC 2307, which I think Solaris 8 also supported. Now, RFC 2307 has been up for revision as an Internet-Draft for some time, and one of the things that's been in development is a specific set of object classes for automount information. There have been several iterations using slightly different OIDs over the years as the definitions of the proposed object classes have been altered. On top of that, there's a typo in the obsolete autofs.schema file shipped with openldap-servers, as this bug notes in the initial report. Despite the fact that it's still an Internet-Draft, Sun used the newer proposed schema from one of the more recent draft versions of RFC 2307bis for the automounter in the latest versions of Solaris. Therefore, supposedly the most recent versions of autofs have also been modified to understand that draft schema as well for interoperability purposes, as mentioned in comment #1. In my personal experience as a system administrator, I've only worked with the nisMap/nisObject approach in Linux, which currently works fine. This issue is on Red Hat Engineering's list of planned work items for the upcoming Red Hat Enterprise Linux 4.4 release. Engineering resources have been assigned and barring unforeseen circumstances, Red Hat intends to include this item in the 4.4 release. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2006-0417.html |