Delta-syncrepl doc updates

2025-01-06 10:46:21 +08:00 · 2005-10-18 03:25:57 +00:00 · 2005-10-18 03:25:57 +00:00 · fc2affed6c
commit fc2affed6c
parent cddae240b9
3 changed files with 105 additions and 17 deletions
--- a/doc/man/man5/slapd.conf.5
+++ b/doc/man/man5/slapd.conf.5
@ -1464,6 +1464,9 @@ in order to work over all of the glued databases. E.g.
 .B [credentials=<passwd>]
 .B [realm=<realm>]
 .B [secprops=<properties>]
+.B [logbase=<base DN>]
+.B [logfilter=<filter str>]
+.B [syncdata=default|accesslog|changelog]
 .RS
 Specify the current database as a replica which is kept up-to-date with the 
 master content by establishing the current
@ -1568,6 +1571,22 @@ keyword above) for a SASL bind can be set with the
 option. A non default SASL realm can be set with the
 .B realm 
 option.
+
+Rather than replicating whole entries, the consumer can query logs of
+data modifications. This mode of operation is referred to as \fIdelta
+syncrepl\fP. In addition to the above parameters, the
+.B logbase
+and
+.B logfilter
+parameters must be set appropriately for the log that will be used. The
+.B syncdata
+parameter must be set to either "accesslog" if the log conforms to the
+.BR slapo-accesslog (5)
+log format, or "changelog" if the log conforms
+to the obsolete \fIchangelog\fP format. If the
+.B syncdata
+parameter is omitted or set to "default" then the log parameters are
+ignored.
 .RE
 .TP
 .B updatedn <dn>
--- a/doc/man/man5/slapo-accesslog.5
+++ b/doc/man/man5/slapo-accesslog.5
@ -74,6 +74,12 @@ log database that supports ordered indexing on generalizedTime attributes,
 specifying an eq index on the
 .B reqStart
 attribute will greatly benefit the performance of the purge operation.
+.TP
+.B logsuccess TRUE | FALSE
+If set to TRUE then log records will only be generated for successful
+requests, i.e., requests that produce a result code of 0 (LDAP_SUCCESS).
+If FALSE, log records are generated for all requests whether they
+succeed or not. The default is FALSE.

 .SH EXAMPLES
 .LP
@ -116,7 +122,7 @@ class is as follows:
    SUP top STRUCTURAL
    MUST ( reqStart $ reqType $ reqSession )
    MAY ( reqDN $ reqAuthzID $ reqControls $ reqRespControls $
-        reqEnd $ reqResult $ reqMessage ) )
+        reqEnd $ reqResult $ reqMessage $ reqReferral ) )
 .RE
 .P
 Note that all of the OIDs used in the logging schema currently reside
@ -179,6 +185,11 @@ accompanied by a text error message which will be recorded in the
 .B reqMessage
 attribute.

+The
+.B reqReferral
+attribute carries any referrals that were returned with the result of the
+request.
+
 Operation-specific classes are defined with additional attributes to carry
 all of the relevant parameters associated with the operation:

@ -210,7 +221,7 @@ The
 .B Add
 class inherits from the
 .B auditWriteObject
-class. The Add and Modify classes are essentially the same. The
+class. The Add and Modify classes are very similar. The
 .B reqMod
 attribute carries all of the attributes of the original entry being added.
 (Or in the case of a Modify operation, all of the modifications being
@ -234,12 +245,15 @@ have the '+' designator.
    NAME 'auditBind'
    DESC 'Bind operation'
    SUP auditObject STRUCTURAL
-    MUST reqMethod )
+    MUST ( reqVersion $ reqMethod ) )
 .RE
 .P
 The
 .B Bind
-class just adds the
+class includes the
+.B reqVersion
+attribute which contains the LDAP protocol version specified in the Bind
+as well as the
 .B reqMethod
 attribute which contains the Bind Method used in the Bind. This will be
 the string
@ -268,19 +282,49 @@ attribute carries the Attribute Value Assertion used in the compare request.
 .LP
 .RS 4
 (  1.3.6.1.4.1.4203.666.11.5.2.8
-    NAME 'auditModify'
-    DESC 'Modify operation'
+    NAME 'auditDelete'
+    DESC 'Delete operation'
    SUP auditWriteObject STRUCTURAL
-    MUST reqMod )
+    MAY reqOld )
 .RE
 .P
 The
-.B Modify
-operation has already been described.
+.B Delete
+operation needs no further parameters. However, the
+.B reqOld
+attribute may optionally be used to record the contents of the entry prior
+to its deletion. The values are formatted as
+.RS
+.RS
+.PD 0
+.TP
+attribute: value
+.RE
+.PD
+This option is not yet implemented.

 .LP
 .RS 4
 (  1.3.6.1.4.1.4203.666.11.5.2.9
+    NAME 'auditModify'
+    DESC 'Modify operation'
+    SUP auditWriteObject STRUCTURAL
+    MAY reqOld MUST reqMod )
+.RE
+.P
+The
+.B Modify
+operation contains a description of modifications in the
+.B reqMod
+attribute, which was already described above in the Add operation. It may
+optionally contain the previous contents of any modified attributes in the
+.B reqOld
+attribute, using the same format as described above for the Delete operation.
+This option is not yet implemented.
+
+.LP
+.RS 4
+(  1.3.6.1.4.1.4203.666.11.5.2.10
    NAME 'auditModRDN'
    DESC 'ModRDN operation'
    SUP auditWriteObject STRUCTURAL
@ -307,11 +351,11 @@ the new parent.

 .LP
 .RS 4
-(  1.3.6.1.4.1.4203.666.11.5.2.10
+(  1.3.6.1.4.1.4203.666.11.5.2.11
    NAME 'auditSearch'
    DESC 'Search operation'
    SUP auditReadObject STRUCTURAL
-    MUST ( reqScope $ reqAttrsOnly )
+    MUST ( reqScope $ reqDerefAliases $ reqAttrsOnly )
    MAY ( reqFilter $ reqAttr $ reqEntries $ reqSizeLimit $
          reqTimeLimit ) )
 .RE
@ -320,12 +364,22 @@ For the
 .B Search
 class the
 .B reqScope
-attribute contains the scope of the original search request, i.e.
+attribute contains the scope of the original search request, using the
+values specified for the LDAP URL format. I.e.
 .BR base ,
-.BR onelevel ,
-.BR subtree ,
+.BR one ,
+.BR sub ,
 or
-.BR subordinate .
+.BR subord .
+The
+.B reqDerefAliases
+attribute is one of
+.BR never ,
+.BR finding ,
+.BR searching ,
+or
+.BR always ,
+denoting how aliases will be processed during the search.
 The
 .B reqAttrsOnly
 attribute is a Boolean value showing
@ -352,7 +406,7 @@ attributes indicate what limits were requested on the search operation.

 .LP
 .RS 4
-(  1.3.6.1.4.1.4203.666.11.5.2.11
+(  1.3.6.1.4.1.4203.666.11.5.2.12
    NAME 'auditExtended'
    DESC 'Extended operation'
    SUP auditObject STRUCTURAL
--- a/doc/man/man5/slapo-syncprov.5
+++ b/doc/man/man5/slapo-syncprov.5
@ -52,10 +52,25 @@ specifies the number of operations that are recorded in the log. All write
 operations (except Adds) are recorded in the log.
 When using the session log, it is helpful to set an eq index on the
 entryUUID attribute in the underlying database.
+.TP
+.B syncprov-nopresent TRUE | FALSE
+Specify that the Present phase of refreshing should be skipped. This value
+should only be set TRUE for a syncprov instance on top of a log database
+(such as one managed by the accesslog overlay).
+The default is FALSE.
+.TP
+.B syncprov-reloadhint TRUE | FALSE
+Specify that the overlay should honor the reloadHint flag in the Syncrepl
+Control. In OpenLDAP releases 2.3.11 and earlier the Syncrepl consumer did
+not properly set this flag, so the overlay must ignore it. This option
+should be set TRUE when working with newer releases that properly support
+this flag. It must be set TRUE when using the accesslog overlay for
+delta-based Syncrepl support.  The default is FALSE.
 .SH FILES
 .TP
 ETCDIR/slapd.conf
 default slapd configuration file
 .SH SEE ALSO
-.BR slapd.conf (5).
+.BR slapd.conf (5),
+.BR slapo-accesslog (5).
 OpenLDAP Administrator's Guide.