mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-21 03:10:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

Moved lists of backends and overlays to their own manpages

Browse Source
This commit is contained in:
Howard Chu 2006-12-20 04:58:33 +00:00
parent 4483e79906
commit d6c4e2a833
4 changed files with 312 additions and 415 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

230
doc/man/man5/slapd-config.5
View File

@ -1803,19 +1803,18 @@ to the obsolete \fIchangelog\fP format. If the
parameter is omitted or set to "default" then the log parameters are
ignored.
.RE
.\".TP
.\".B updatedn <dn>
.\"This option is only applicable in a slave
.\"database updated using
.\".BR slurpd(8).
.\"It specifies the DN permitted to update (subject to access controls)
.\"the replica (typically, this is the DN
.\".BR slurpd (8)
.\"binds to update the replica). Generally, this DN
.\".I should not
.\"be the same as the
.\".B rootdn
.\"used at the master.
.TP
.B olcUpdateDN: <dn>
This option is only applicable in a slave
database.
It specifies the DN permitted to update (subject to access controls)
the replica (typically, this is the DN
.BR slurpd (8)
binds to update the replica). Generally, this DN
.I should not
be the same as the
.B rootdn
used at the master.
.TP
.B olcUpdateRef: <url>
Specify the referral to pass back when
@ -1825,83 +1824,9 @@ If multiple values are specified, each url is provided.
.SH DATABASE-SPECIFIC OPTIONS
Each database may allow specific configuration options; they are
documented separately in the backends' manual pages.
.SH BACKENDS
The following backends can be compiled into slapd.
They are documented in the
.BR slapd-<backend> (5)
manual pages.
.TP
.B bdb
This is the recommended primary backend for a normal slapd database.
It takes care to configure it properly.
It uses the transactional database interface of the Sleepycat Berkeley
DB (BDB) package to store data.
.TP
.B config
This backend is used to manage the configuration of slapd run-time.
.TP
.B dnssrv
This backend is experimental.
It serves up referrals based upon SRV resource records held in the
Domain Name System.
.TP
.B hdb
This is a variant of the BDB backend that uses a hierarchical database
layout which supports subtree renames.
.TP
.B ldap
This backend acts as a proxy to forward incoming requests to another
LDAP server.
.TP
.B ldif
This database uses the filesystem to build the tree structure
of the database, using plain ascii files to store data.
Its usage should be limited to very simple databases, where performance
is not a requirement.
.TP
.B meta
This backend performs basic LDAP proxying with respect to a set of
remote LDAP servers. It is an enhancement of the ldap backend.
.TP
.B monitor
This backend provides information about the running status of the slapd
daemon.
.TP
.B null
Operations in this backend succeed but do nothing.
.TP
.B passwd
This backend is provided for demonstration purposes only.
It serves up user account information from the system
.BR passwd (5)
file.
.TP
.B perl
This backend embeds a
.BR perl (1)
interpreter into slapd.
It runs Perl subroutines to implement LDAP operations.
.TP
.B relay
This backend is experimental.
It redirects LDAP operations to another database
in the same server, based on the naming context of the request.
Its use requires the
.B rwm
overlay (see
.BR slapo-rwm (5)
for details) to rewrite the naming context of the request.
It is primarily intended to implement virtual views on databases
that actually store data.
.TP
.B shell
This backend executes external programs to implement LDAP operations.
It is primarily intended to be used in prototypes.
.TP
.B sql
This backend is experimental.
It services LDAP requests from an SQL database.
documented separately in the backends' manual pages. See the
.BR slapd.backends (5)
manual page for an overview of available backends.
.SH OVERLAYS
An overlay is a piece of
code that intercepts database operations in order to extend or change
@ -1917,97 +1842,9 @@ and the entry must have the olcOverlayConfig objectClass. Normally the
config engine generates the "{x}" index in the RDN automatically, so
it can be omitted when initially loading these entries.
The following overlays can be compiled into slapd.
They are documented in the
.BR slapo-<overlay> (5)
manual pages.
.TP
.B accesslog
Access Logging.
This overlay can record accesses to a given backend database on another
database.
.TP
.B auditlog
Audit Logging.
This overlay records changes on a given backend database to an LDIF log
file.
By default it is not built.
.TP
.B chain
Chaining.
This overlay allows automatic referral chasing when a referral would
have been returned, either when configured by the server or when
requested by the client.
.TP
.B denyop
Deny Operation.
This overlay allows selected operations to be denied, similar to the
\fBolcRestrict\fP option.
.TP
.B dyngroup
Dynamic Group.
This is a demo overlay which extends the Compare operation to detect
members of a dynamic group.
It has no effect on any other operations.
.TP
.B dynlist
Dynamic List.
This overlay allows expansion of dynamic groups and more.
.TP
.B lastmod
Last Modification.
This overlay maintains a service entry in the database with the DN,
modification type, modifiersName and modifyTimestamp of the last write
operation performed on that database.
.TP
.B pcache
Proxycache.
This overlay allows caching of LDAP search requests in a local database.
It is most often used with the ldap or meta backends.
.TP
.B ppolicy
Password Policy.
This overlay provides a variety of password control mechanisms,
e.g. password aging, password reuse and duplication control, mandatory
password resets, etc.
.TP
.B refint
Referential Integrity.
This overlay can be used with a backend database such as
.BR slapd-bdb (5)
to maintain the cohesiveness of a schema which utilizes reference
attributes.
.TP
.B retcode
Return Code.
This overlay is useful to test the behavior of clients when
server-generated erroneous and/or unusual responses occur.
.TP
.B rwm
Rewrite/remap.
This overlay is experimental.
It performs basic DN/data rewrite and
objectClass/attributeType mapping.
.TP
.B syncprov
Syncrepl Provider.
This overlay implements the provider-side support for
.B syncrepl
replication, including persistent search functionality.
.TP
.B translucent
Translucent Proxy.
This overlay can be used with a backend database such as
.BR slapd-bdb (5)
to create a "translucent proxy".
Content of entries retrieved from a remote LDAP server can be partially
overridden by the database.
.TP
.B unique
Attribute Uniqueness.
This overlay can be used with a backend database such as
.BR slapd-bdb (5)
to enforce the uniqueness of some or all attributes within a subtree.
See the
.BR slapd.overlays (5)
manual page for an overview of available overlays.
.SH EXAMPLES
.LP
Here is a short example of a configuration in LDIF suitable for use with
@ -2104,20 +1941,10 @@ default slapd configuration directory
.SH SEE ALSO
.BR ldap (3),
.BR ldif (5),
.BR slapd\-bdb (5),
.BR slapd\-dnssrv (5),
.BR slapd\-hdb (5),
.BR slapd\-ldap (5),
.BR slapd\-ldif (5),
.BR slapd\-meta (5),
.BR slapd\-monitor (5),
.BR slapd\-null (5),
.BR slapd\-passwd (5),
.BR slapd\-perl (5),
.BR slapd\-relay (5),
.BR slapd\-shell (5),
.BR slapd\-sql (5),
.BR slapd.access (5),
.BR slapd.backends (5),
.BR slapd.conf (5),
.BR slapd.overlays (5),
.BR slapd.plugin (5),
.BR slapd.replog (5),
.BR slapd (8),
@ -2130,21 +1957,6 @@ default slapd configuration directory
.BR slappasswd (8),
.BR slaptest (8),
.BR slurpd (8).
Known overlays are documented in
.BR slapo\-accesslog (5),
.BR slapo\-auditlog (5),
.BR slapo\-chain (5),
.BR slapo\-dynlist (5),
.BR slapo\-lastmod (5),
.BR slapo\-pcache (5),
.BR slapo\-ppolicy (5),
.BR slapo\-refint (5),
.BR slapo\-retcode (5),
.BR slapo\-rwm (5),
.BR slapo\-syncprov (5),
.BR slapo\-translucent (5),
.BR slapo\-unique (5).
.LP
"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
.SH ACKNOWLEDGEMENTS

139
doc/man/man5/slapd.backends.5 Normal file
View File

@ -0,0 +1,139 @@
.TH SLAPD.BACKENDS 5 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" Copyright 2006 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.\" $OpenLDAP$
.SH NAME
slapd.backends \- backends for slapd, the stand-alone LDAP daemon
.SH DESCRIPTION
The
.BR slapd (8)
daemon can use a variety of different backends for serving LDAP requests.
Backends may be compiled statically into slapd, or when module support
is enabled, they may be dynamically loaded. Multiple instances of a
backend can be configured, to serve separate databases from the same
slapd server.
Configuration options for each backend are documented separately in the
corresponding
.BR slapd-<backend> (5)
manual pages.
.TP
.B bdb
This is the recommended primary backend for a normal slapd database.
It takes care to configure it properly.
It uses the transactional database interface of the Sleepycat Berkeley
DB (BDB) package to store data.
.TP
.B config
This backend is used to manage the configuration of slapd at run-time.
Unlike other backends, only a single instance of the
.B config
backend may be defined. It also instantiates itself automatically,
so it is always present even if not explicitly defined in the
.BR slapd.conf (5)
file.
.TP
.B dnssrv
This backend is experimental.
It serves up referrals based upon SRV resource records held in the
Domain Name System.
.TP
.B hdb
This is a variant of the
.B bdb
backend that uses a hierarchical database
layout. This layout stores entry DNs more efficiently than the
.B bdb
backend,
using less space and requiring less work to create, delete, and rename
entries. It is also one of the few backends to support subtree renames.
.TP
.B ldap
This backend acts as a proxy to forward incoming requests to another
LDAP server.
.TP
.B ldif
This database uses the filesystem to build the tree structure
of the database, using plain ascii files to store data.
Its usage should be limited to very simple databases, where performance
is not a requirement. This backend also supports subtree renames.
.TP
.B meta
This backend performs basic LDAP proxying with respect to a set of
remote LDAP servers. It is an enhancement of the
.B ldap
backend.
.TP
.B monitor
This backend provides information about the running status of the slapd
daemon. Only a single instance of the
.B monitor
backend may be defined.
.TP
.B null
Operations in this backend succeed but do nothing.
.TP
.B passwd
This backend is provided for demonstration purposes only.
It serves up user account information from the system
.BR passwd (5)
file.
.TP
.B perl
This backend embeds a
.BR perl (1)
interpreter into slapd.
It runs Perl subroutines to implement LDAP operations.
.TP
.B relay
This backend is experimental.
It redirects LDAP operations to another database
in the same server, based on the naming context of the request.
Its use requires the
.B rwm
overlay (see
.BR slapo-rwm (5)
for details) to rewrite the naming context of the request.
It is primarily intended to implement virtual views on databases
that actually store data.
.TP
.B shell
This backend executes external programs to implement LDAP operations.
It is primarily intended to be used in prototypes.
.TP
.B sql
This backend is experimental.
It services LDAP requests from an SQL database.
.SH FILES
.TP
ETCDIR/slapd.conf
default slapd configuration file
.TP
ETCDIR/slapd.d
default slapd configuration directory
.SH SEE ALSO
.BR ldap (3),
.BR slapd\-bdb (5),
.BR slapd\-config (5),
.BR slapd\-dnssrv (5),
.BR slapd\-hdb (5),
.BR slapd\-ldap (5),
.BR slapd\-ldif (5),
.BR slapd\-meta (5),
.BR slapd\-monitor (5),
.BR slapd\-null (5),
.BR slapd\-passwd (5),
.BR slapd\-perl (5),
.BR slapd\-relay (5),
.BR slapd\-shell (5),
.BR slapd\-sql (5),
.BR slapd.conf (5),
.BR slapd.overlays (5),
.BR slapd (8).
"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
.SH ACKNOWLEDGEMENTS
.B OpenLDAP
is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
.B OpenLDAP
is derived from University of Michigan LDAP 3.3 Release.

215
doc/man/man5/slapd.conf.5
View File

@ -1342,7 +1342,9 @@ code that intercepts database operations in order to extend or change
them. Overlays are pushed onto
a stack over the database, and so they will execute in the reverse
of the order in which they were configured and the database itself
will receive control last of all.
will receive control last of all. See the
.BR slapd.overlays (5)
manual page for an overview of the available overlays.
.TP
.B readonly on | off
This option puts the database into "read-only" mode. Any attempts to
@ -1731,182 +1733,9 @@ If specified multiple times, each url is provided.
.SH DATABASE-SPECIFIC OPTIONS
Each database may allow specific configuration options; they are
documented separately in the backends' manual pages.
.SH BACKENDS
The following backends can be compiled into slapd.
They are documented in the
.BR slapd-<backend> (5)
manual pages.
.TP
.B bdb
This is the recommended primary backend for a normal slapd database.
It takes care to configure it properly.
It uses the transactional database interface of the Sleepycat Berkeley
DB (BDB) package to store data.
.TP
.B config
This backend is used to manage the configuration of slapd run-time.
.TP
.B dnssrv
This backend is experimental.
It serves up referrals based upon SRV resource records held in the
Domain Name System.
.TP
.B hdb
This is a variant of the BDB backend that uses a hierarchical database
layout which supports subtree renames.
.TP
.B ldap
This backend acts as a proxy to forward incoming requests to another
LDAP server.
.TP
.B ldbm
This is an easy-to-configure but obsolete database backend. It
does not offer the data durability features of the BDB and HDB
backends and hence is deprecated in favor of these robust backends.
LDBM uses lightweight non-transactional DB interfaces,
such as those providing by GDBM or Berkeley DB, to store data.
.TP
.B ldif
This database uses the filesystem to build the tree structure
of the database, using plain ascii files to store data.
Its usage should be limited to very simple databases, where performance
is not a requirement.
.TP
.B meta
This backend performs basic LDAP proxying with respect to a set of
remote LDAP servers. It is an enhancement of the ldap backend.
.TP
.B monitor
This backend provides information about the running status of the slapd
daemon.
.TP
.B null
Operations in this backend succeed but do nothing.
.TP
.B passwd
This backend is provided for demonstration purposes only.
It serves up user account information from the system
.BR passwd (5)
file.
.TP
.B perl
This backend embeds a
.BR perl (1)
interpreter into slapd.
It runs Perl subroutines to implement LDAP operations.
.TP
.B relay
This backend is experimental.
It redirects LDAP operations to another database
in the same server, based on the naming context of the request.
Its use requires the
.B rwm
overlay (see
.BR slapo-rwm (5)
for details) to rewrite the naming context of the request.
It is primarily intended to implement virtual views on databases
that actually store data.
.TP
.B shell
This backend executes external programs to implement LDAP operations.
It is primarily intended to be used in prototypes.
.TP
.B sql
This backend is experimental.
It services LDAP requests from an SQL database.
.SH OVERLAYS
The following overlays can be compiled into slapd.
They are documented in the
.BR slapo-<overlay> (5)
manual pages.
.TP
.B accesslog
Access Logging.
This overlay can record accesses to a given backend database on another
database.
.TP
.B auditlog
Audit Logging.
This overlay records changes on a given backend database to an LDIF log
file.
By default it is not built.
.TP
.B chain
Chaining.
This overlay allows automatic referral chasing when a referral would
have been returned, either when configured by the server or when
requested by the client.
.TP
.B denyop
Deny Operation.
This overlay allows selected operations to be denied, similar to the
\fBrestrict\fP option.
.TP
.B dyngroup
Dynamic Group.
This is a demo overlay which extends the Compare operation to detect
members of a dynamic group.
It has no effect on any other operations.
.TP
.B dynlist
Dynamic List.
This overlay allows expansion of dynamic groups and more.
.TP
.B lastmod
Last Modification.
This overlay maintains a service entry in the database with the DN,
modification type, modifiersName and modifyTimestamp of the last write
operation performed on that database.
.TP
.B pcache
Proxycache.
This overlay allows caching of LDAP search requests in a local database.
It is most often used with the ldap or meta backends.
.TP
.B ppolicy
Password Policy.
This overlay provides a variety of password control mechanisms,
e.g. password aging, password reuse and duplication control, mandatory
password resets, etc.
.TP
.B refint
Referential Integrity.
This overlay can be used with a backend database such as
.BR slapd-bdb (5)
to maintain the cohesiveness of a schema which utilizes reference
attributes.
.TP
.B retcode
Return Code.
This overlay is useful to test the behavior of clients when
server-generated erroneous and/or unusual responses occur.
.TP
.B rwm
Rewrite/remap.
This overlay is experimental.
It performs basic DN/data rewrite and
objectClass/attributeType mapping.
.TP
.B syncprov
Syncrepl Provider.
This overlay implements the provider-side support for
.B syncrepl
replication, including persistent search functionality.
.TP
.B translucent
Translucent Proxy.
This overlay can be used with a backend database such as
.BR slapd-bdb (5)
to create a "translucent proxy".
Content of entries retrieved from a remote LDAP server can be partially
overridden by the database.
.TP
.B unique
Attribute Uniqueness.
This overlay can be used with a backend database such as
.BR slapd-bdb (5)
to enforce the uniqueness of some or all attributes within a subtree.
documented separately in the backends' manual pages. See the
.BR slapd.backends (5)
manual page for an overview of available backends.
.SH EXAMPLES
.LP
Here is a short example of a configuration file:
@ -1955,21 +1784,10 @@ ETCDIR/slapd.conf
default slapd configuration file
.SH SEE ALSO
.BR ldap (3),
.BR slapd\-bdb (5),
.BR slapd\-dnssrv (5),
.BR slapd\-hdb (5),
.BR slapd\-ldap (5),
.BR slapd\-ldbm (5),
.BR slapd\-ldif (5),
.BR slapd\-meta (5),
.BR slapd\-monitor (5),
.BR slapd\-null (5),
.BR slapd\-passwd (5),
.BR slapd\-perl (5),
.BR slapd\-relay (5),
.BR slapd\-shell (5),
.BR slapd\-sql (5),
.BR slapd\-config (5),
.BR slapd.access (5),
.BR slapd.backends (5),
.BR slapd.overlays (5),
.BR slapd.plugin (5),
.BR slapd.replog (5),
.BR slapd (8),
@ -1982,21 +1800,6 @@ default slapd configuration file
.BR slappasswd (8),
.BR slaptest (8),
.BR slurpd (8).
Known overlays are documented in
.BR slapo\-accesslog (5),
.BR slapo\-auditlog (5),
.BR slapo\-chain (5),
.BR slapo\-dynlist (5),
.BR slapo\-lastmod (5),
.BR slapo\-pcache (5),
.BR slapo\-ppolicy (5),
.BR slapo\-refint (5),
.BR slapo\-retcode (5),
.BR slapo\-rwm (5),
.BR slapo\-syncprov (5),
.BR slapo\-translucent (5),
.BR slapo\-unique (5).
.LP
"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
.SH ACKNOWLEDGEMENTS

143
doc/man/man5/slapd.overlays.5 Normal file
View File

@ -0,0 +1,143 @@
.TH SLAPD.OVERLAYS 5 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" Copyright 2006 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.\" $OpenLDAP$
.SH NAME
slapd.overlays \- overlays for slapd, the stand-alone LDAP daemon
.SH DESCRIPTION
The
.BR slapd (8)
daemon can use a variety of different overlays to alter or extend
the normal behavior of a database backend.
Overlays may be compiled statically into slapd, or when module support
is enabled, they may be dynamically loaded. Most of the overlays
are only allowed to be configured on individual databases, but some
may also be configured globally.
Configuration options for each overlay are documented separately in the
corresponding
.BR slapo-<overlay> (5)
manual pages.
.TP
.B accesslog
Access Logging.
This overlay can record accesses to a given backend database on another
database.
.TP
.B auditlog
Audit Logging.
This overlay records changes on a given backend database to an LDIF log
file.
By default it is not built.
.TP
.B chain
Chaining.
This overlay allows automatic referral chasing when a referral would
have been returned, either when configured by the server or when
requested by the client.
.TP
.B denyop
Deny Operation.
This overlay allows selected operations to be denied, similar to the
\fBrestrict\fP option.
.TP
.B dyngroup
Dynamic Group.
This is a demo overlay which extends the Compare operation to detect
members of a dynamic group.
It has no effect on any other operations.
.TP
.B dynlist
Dynamic List.
This overlay allows expansion of dynamic groups and more.
.TP
.B lastmod
Last Modification.
This overlay maintains a service entry in the database with the DN,
modification type, modifiersName and modifyTimestamp of the last write
operation performed on that database.
.TP
.B pcache
Proxycache.
This overlay allows caching of LDAP search requests in a local database.
It is most often used with the
.BR slapd-ldap (5)
or
.BR slapd-meta (5)
backends.
.TP
.B ppolicy
Password Policy.
This overlay provides a variety of password control mechanisms,
e.g. password aging, password reuse and duplication control, mandatory
password resets, etc.
.TP
.B refint
Referential Integrity.
This overlay can be used with a backend database such as
.BR slapd-bdb (5)
to maintain the cohesiveness of a schema which utilizes reference
attributes.
.TP
.B retcode
Return Code.
This overlay is useful to test the behavior of clients when
server-generated erroneous and/or unusual responses occur.
.TP
.B rwm
Rewrite/remap.
This overlay is experimental.
It performs basic DN/data rewrite and
objectClass/attributeType mapping.
.TP
.B syncprov
Syncrepl Provider.
This overlay implements the provider-side support for
.B syncrepl
replication, including persistent search functionality.
.TP
.B translucent
Translucent Proxy.
This overlay can be used with a backend database such as
.BR slapd-bdb (5)
to create a "translucent proxy".
Content of entries retrieved from a remote LDAP server can be partially
overridden by the database.
.TP
.B unique
Attribute Uniqueness.
This overlay can be used with a backend database such as
.BR slapd-bdb (5)
to enforce the uniqueness of some or all attributes within a subtree.
.SH FILES
.TP
ETCDIR/slapd.conf
default slapd configuration file
.TP
ETCDIR/slapd.d
default slapd configuration directory
.SH SEE ALSO
.BR ldap (3),
.BR slapo\-accesslog (5),
.BR slapo\-auditlog (5),
.BR slapo\-chain (5),
.BR slapo\-dynlist (5),
.BR slapo\-lastmod (5),
.BR slapo\-pcache (5),
.BR slapo\-ppolicy (5),
.BR slapo\-refint (5),
.BR slapo\-retcode (5),
.BR slapo\-rwm (5),
.BR slapo\-syncprov (5),
.BR slapo\-translucent (5),
.BR slapo\-unique (5).
.BR slapd\-config (5),
.BR slapd.conf (5),
.BR slapd.backends (5),
.BR slapd (8).
"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
.SH ACKNOWLEDGEMENTS
.B OpenLDAP
is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
.B OpenLDAP
is derived from University of Michigan LDAP 3.3 Release.