Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 302310 - Inclusion of rfc2307bis to net-nds/openldap
Summary: Inclusion of rfc2307bis to net-nds/openldap
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Server (show other bugs)
Hardware: All Linux
: High enhancement (vote)
Assignee: Gentoo LDAP project
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-01-26 14:26 UTC by Eric Thibodeau
Modified: 2017-07-06 17:20 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Eric Thibodeau 2010-01-26 14:26:47 UTC 
The groupOfNames objectclass is becoming more and more required for proper authorization (ie: Joomal LDAP plugins assume an MSAD, which trickles down to the memberOf and member attributes existing).

Unfortunately, the groupOfNames lacks the required posixGroup provided attributes for proper interaction in...a POSIX environment. The rfc2307bis.schema changes posixGroup from STRUCTURAL to AUXILIARY, giving us the ability to use both objectclass for a given group.

nss_ldap has support for using rfc2307bis, so providing the schema shouldn't trigger a chain of bugs either.

From simonrvn on #ldap, I was givent the following link to the schema http://simonraven.kisikew.org/src/ldap/rfc2307bis.schema ...I was unable to find a more 'authoritative' source...


Reproducible: Always
Comment 1 Eric Thibodeau 2010-01-26 14:51:21 UTC 
I forgot to mention that the RFC2307bis.schema (obviously) supersedes the nis.schema (being RFC2307)... But people using these should already know this ;)
Comment 2 Eric Thibodeau 2010-01-26 15:52:24 UTC 
...sigh...ok, so the schema linked above needs the two first entries commented out for the same reason they are commented out in nis.schema; uidNumber and gidNumber are 'builtin' attributes.
Comment 3 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2012-02-12 21:12:04 UTC 
Added in 2.4.28-r1.
Comment 4 Bjarke Istrup Pedersen (RETIRED) gentoo-dev 2012-03-22 20:26:49 UTC 
Reopening, it seems simonraven.kisikew.org has gone offline (no more DNS record).

Got any other sources?
Comment 5 Sebastian Southen 2012-04-28 09:39:48 UTC 
The authoritative source is (currently) sections 3 and 4 of http://tools.ietf.org/html/draft-howard-rfc2307bis-02
Comment 6 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2012-05-25 22:22:29 UTC 
Ok, I extracted it manually and included in 2.4.31.