[Fedora-directory-users] Request For Comment: fedora-ds-utils project
Chris St. Pierre
stpierre at NebrWesleyan.edu
Mon Mar 3 17:12:45 UTC 2008
My quest to find a copy of mmr.pl last week led me to ask on IRC:
[08:51] stpierre has anyone tried pulling together a collection of
some of the scripts that support fds -- mmr.pl, ol-schema-migrate.pl,
setupssl2.sh, etc. -- and packaging them as, say, fedora-ds-utils?
The answer was "no," so I've decided to take this project on. In
order to make the fedora-ds-utils package as valuable as possible (and
to aid my eventual request for inclusion in Fedora), I'll be enforcing
some fairly strict standards for the scripts included in the
package. Please read and comment on the standards listed below; once a
reasonable comment period has passed (probably a week or two), I'll
start redacting the various scripts to conform to the standards and,
finally, release the package.
Additionally, please nominate any scripts you feel should be included
in the package. In addition to mmr.pl, ol-schema-migrate.pl, and
setupssl2.sh, I will be including a tool for working with indexes that
I wrote but never released.
STANDARDS:
Program aiming for inclusion in fedora-ds-utils must meet the
following standards:
1. The program must implement the following flags, where appropriate:
-b searchbase Search in or operate on specified base
-D binddn Bind DN
-h host LDAP server
-H URI LDAP Uniform Resource Indentifier(s)
-n instancename Fedora DS instance
-p port Port on LDAP server
-s scope Search scope
--restart Restart Fedora DS without prompting
-v Run in verbose mode (diagnostics to standard output)
-w passwd Bind password (for simple authentication)
-W Prompt for bind password
-y file Read password from file
-Z Start TLS
-ZZ Start TLS and require successful TLS response
If the program does not need a given input, it doesn't need to
implement the corresponding flag. For instance, if the program
does not connect to an LDAP server, it obviously doesn't need to
implement the -h/-H flags.
Defaults for the -b, -D, -h/-H, and -p flags should be determined
first by looking in /etc/openldap/ldap.conf for the following
attributes:
-b: BASE
-D: BINDDN
-h: HOST
-H: URI
-p: PORT
If those attributes are not set, then those options should default
as follows:
-b: no default
-D: cn=directory manager
-h: localhost
-H: ldap://localhost
-p: 389
Additionally, the -n flag should default to
'slapd-<shorthostname>', where '<shorthostname>' is the short
hostname of the box as returned by `hostname -s`.
If the program requires two or more of any item -- for instance,
ds-mmrtool connects to two Fedora DS servers to negotiate
multimaster agreements -- then it may ask for those items in any
reasonably intuitive manner, and needn't have defaults as specified
above.
2. The program must include 'ds' as the first element in the name; for
instance:
- ds-mmrtool
- ds-schema-migrate
- ds-setup-ssl
3. The name of the program must not include a suffix denoting the
language the program is written in (.sh, .pl, .py, etc.)
4. The program must ONLY produce output a) on errors; or b) with the -v
flag. In the event of successful operation, no output should be
produced at all.
5. The program must be capable of running completely unattended.
6. The program must not restart Fedora DS unbidden. If the program
must restart Fedora DS, it may either a) prompt the user running
the program; or b) provide a --restart command-line flag.
7. All dependencies of the program must be available as RPMs in the
current release of Fedora Linux
8. In order to minimize dependencies, the program must be written in
one of the following languages:
- Perl <= 5.8
- Python <= 2.4
- POSIX-compliant Bourne Shell
- C/C++ or any other common compiled language
9. Programs that have some value but do not yet conform to the
standards may be included in the contrib/ directory of the
fedora-ds-utils package.
Thanks for your input!
Chris St. Pierre
Unix Systems Administrator
Nebraska Wesleyan University
More information about the Fedora-directory-users
mailing list