X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap.git;a=blobdiff_plain;f=userdir-ldap.schema;h=b919a63682ccf9a5c2d69c8b73d1fd46f55339b2;hp=32e679f3f8aa1b6731a294aa829bf4ffcd48d5c4;hb=HEAD;hpb=1422818798485844a564098732d296500ac4d7d5

diff --git a/userdir-ldap.schema b/userdir-ldap.schema
index 32e679f..b919a63 100644
--- a/userdir-ldap.schema
+++ b/userdir-ldap.schema
@@ -1,7 +1,12 @@
 # Revision history:
 #
-# XXX [PP]
-#   - Now version controlled in db.d.o bzr repository - 2007-12-25
+#   - [PP] Now version controlled in db.d.o git repository, also see debian/changelog - 2009
+#   - [PP] Now version controlled in db.d.o bzr repository - 2007-12-25
+#
+# long time ago:
+#   - [HE] Add 'purpose', 'physicalHost' to debianServer - 2007-12-25
+#   - [zobel] Add 'VoIP' - 2008-05-10
+#   - [luk] Add 'subGroup' to group - 2008-11-22
 #
 # 0.7 [RM]
 #   - Add 'gender' and 'birthDate' to debianDeveloper
@@ -93,6 +98,21 @@
 #   .30 - gender
 #   .31 - birthdate
 #   .32 - mailDisableMessage
+#   .33 - purpose
+#   .34 - physicalHost
+#   .35 - VoIP
+#   .36 - sudoPassword
+#   .37 - subGroup
+#   .38 - mailContentInspectionAction
+#   .39 - allowedGroups
+#   .40 - exportOptions
+#   .41 - sshdistAuthKeysHost
+#   .42 - dnsTTL
+#   .43 - webPassword
+#   .44 - rtcPassword
+#   .45 - rebootPolicy
+#   .46 - totpSeed
+#   .47 - sshfpHostname
 #
 # .3 - experimental LDAP objectClasses
 #   .1 - debianDeveloper
@@ -112,6 +132,9 @@
 #   .11 - DNS RBL
 #   .12 - RHS RBL
 #   .13 - whitelist
+#   .14 - bATVToken
+#   .15 - mailDefaultOptions
+#   .16 - mailPreserveSuffixSeparator
 
 # Public attribute types
 attributetype ( 1.3.6.1.4.1.9586.100.4.2.1 
@@ -311,12 +334,12 @@ attributetype ( 1.3.6.1.4.1.9586.100.4.2.29
 	SUBSTR caseExactIA5SubstringsMatch
 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
 
-attributetype ( 1.3.6.1.4.1.9586.100.4.2.30
-	NAME 'gender'
-	DESC 'ISO 5218 representation of human gender'
-	EQUALITY integerMatch
-	SINGLE-VALUE
-	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27{1} )
+#attributetype ( 1.3.6.1.4.1.9586.100.4.2.30
+#	NAME 'gender'
+#	DESC 'ISO 5218 representation of human gender'
+#	EQUALITY integerMatch
+#	SINGLE-VALUE
+#	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27{1} )
 
 attributetype ( 1.3.6.1.4.1.9586.100.4.2.31
 	NAME 'birthDate'
@@ -332,21 +355,67 @@ attributetype ( 1.3.6.1.4.1.9586.100.4.2.32
 	SUBSTR caseIgnoreIA5SubstringsMatch
 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
 
-# Public object classes
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.33
+	NAME 'purpose'
+	DESC 'purposes of this server'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
-objectclass ( 1.3.6.1.4.1.9586.100.4.1.1
-	NAME 'debianAccount'
-	DESC 'Abstraction of an account with POSIX attributes and UTF8 support'
-	SUP top AUXILIARY
-	MUST ( cn $ uid $ uidNumber $ gidNumber )
-	MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage ) )
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.34
+	NAME 'physicalHost'
+	DESC 'FQDN of the physical host of this virtual server'
+	EQUALITY caseIgnoreIA5Match
+	SUBSTR caseIgnoreIA5SubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
 
-objectclass ( 1.3.6.1.4.1.9586.100.4.1.2
-	NAME 'debianGroup'
-	SUP top STRUCTURAL
-	DESC 'attributes used for Debian groups'
-	MUST ( gid $ gidNumber )
-	MAY ( description ) )
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.35
+	NAME 'VoIP'
+	DESC 'VoIP URL to communicate with that person'
+	EQUALITY caseIgnoreIA5Match
+	SUBSTR caseIgnoreIA5SubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.36
+	NAME 'sudoPassword'
+	DESC 'sudo password'
+	EQUALITY octetStringMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.37
+	NAME 'subGroup'
+	DESC 'name of other group for which membership implied by memberschip to this group'
+	EQUALITY caseIgnoreIA5Match
+	SUBSTR caseIgnoreIA5SubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+# more attributes below
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.39
+	NAME 'allowedGroups'
+	DESC 'Groups that have access to a host'
+	EQUALITY caseExactIA5Match
+	SUBSTR caseExactIA5SubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.40
+	NAME 'exportOptions'
+	DESC 'export options for servers'
+	EQUALITY caseIgnoreIA5Match
+	SUBSTR caseIgnoreIA5SubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.43
+	NAME 'webPassword'
+	DESC 'web password for SSO'
+	EQUALITY octetStringMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.44
+	NAME 'rtcPassword'
+	DESC 'rtc password for SIP/XMPP'
+	EQUALITY octetStringMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
 
 # Experimental attribute types
 
@@ -434,6 +503,79 @@ attributetype ( 1.3.6.1.4.1.9586.100.4.4.13
 	SUBSTR caseIgnoreIA5SubstringsMatch
 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
 
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.14
+	NAME 'bATVToken'
+	DESC 'Token for BATV'
+        EQUALITY caseExactMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.15
+	NAME 'mailDefaultOptions'
+	DESC 'Whether or not to use a default set of anti-spam options'
+	EQUALITY booleanMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.16
+	NAME 'mailPreserveSuffixSeparator'
+	DESC 'suffix serparator'
+	EQUALITY caseIgnoreIA5Match
+	SUBSTR caseIgnoreIA5SubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1} )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.38
+	NAME 'mailContentInspectionAction'
+	DESC 'what to do on content inspection hits'
+	EQUALITY caseIgnoreIA5Match
+	SUBSTR caseIgnoreIA5SubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.41
+	NAME ( 'sshdistAuthKeysHost' )
+	DESC 'Additional hosts/addresess from which to accept ssh connections to the ud-ldap distribution host (db.DOMAIN)'
+	SUP ipHostNumber )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.42
+	NAME 'dnsTTL'
+	DESC 'DNS Time To Live value'
+	EQUALITY caseIgnoreIA5Match
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.45
+	NAME 'rebootPolicy'
+	DESC 'which procedure to use for rebooting this host'
+	EQUALITY caseIgnoreIA5Match
+	SUBSTR caseIgnoreIA5SubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.4.46
+	NAME 'totpSeed'
+	DESC 'Seed for TOTP authentication'
+	EQUALITY octetStringMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.47
+	NAME 'sshfpHostname'
+	DESC 'Additional FQDN of the server on which to publish SSHFP records'
+	EQUALITY caseIgnoreIA5Match
+	SUBSTR caseIgnoreIA5SubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+# Public object classes
+
+objectclass ( 1.3.6.1.4.1.9586.100.4.1.1
+	NAME 'debianAccount'
+	DESC 'Abstraction of an account with POSIX attributes and UTF8 support'
+	SUP top AUXILIARY
+	MUST ( cn $ uid $ uidNumber $ gidNumber )
+	MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage $ sudoPassword $ webPassword $ rtcPassword $ totpSeed ) )
+
+objectclass ( 1.3.6.1.4.1.9586.100.4.1.2
+	NAME 'debianGroup'
+	SUP top STRUCTURAL
+	DESC 'attributes used for Debian groups'
+	MUST ( gid $ gidNumber )
+	MAY ( cn $ description $ subGroup $ accountStatus ) )
+
 # Experimental objectclasses:
 
 objectclass ( 1.3.6.1.4.1.9586.100.4.3.1
@@ -446,8 +588,9 @@ objectclass ( 1.3.6.1.4.1.9586.100.4.3.1
 	      dnsZoneEntry $ emailForward $ icqUin $ ircNick $
 	      jabberJID $ keyFingerPrint $ latitude $ longitude $ mn $
 	      onVacation $ privateSub $ sshRSAAuthKey $ supplementaryGid $
-	      access $ gender $ birthDate $ mailCallout $ mailGreylisting $
-              mailRBL $ mailRHSBL $ mailWhitelist
+	      access $ birthDate $ mailCallout $ mailGreylisting $
+              mailRBL $ mailRHSBL $ mailWhitelist $ VoIP $ mailContentInspectionAction $
+              bATVToken $ mailDefaultOptions $ mailPreserveSuffixSeparator
 	) )
 
 objectclass ( 1.3.6.1.4.1.9586.100.4.3.2
@@ -457,7 +600,9 @@ objectclass ( 1.3.6.1.4.1.9586.100.4.3.2
 	MUST ( host $ hostname )
 	MAY ( c $ access $ admin $ architecture $ bandwidth $ description $ disk $
 	      distribution $ l $ machine $ memory $ sponsor $
-	      sponsor-admin $ sshRSAHostKey $ status
+	      sponsor-admin $ status $ physicalHost $ ipHostNumber $ dnsTTL $
+	      sshRSAHostKey $ purpose $ allowedGroups $ exportOptions $ MXRecord $
+	      sshdistAuthKeysHost $ rebootPolicy $ sshfpHostname
 	) )
 
 objectclass ( 1.3.6.1.4.1.9586.100.4.3.3
@@ -466,5 +611,6 @@ objectclass ( 1.3.6.1.4.1.9586.100.4.3.3
 	SUP account STRUCTURAL
 	MAY ( emailForward $ supplementaryGid $ allowedHost $ labeledURI $
 	      mailCallout $ mailGreylisting $ mailRBL $ mailRHSBL $
-	      mailWhitelist
+	      mailWhitelist $ dnsZoneEntry $ mailContentInspectionAction $
+              bATVToken $ mailDefaultOptions $ sshRSAAuthKey $ mailPreserveSuffixSeparator
 	) )