GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  ZCONF::BACKENDS::LDAP (3)

.ds Aq ’

NAME

ZConf::backends::ldap - This provides LDAP backend for ZConf.

CONTENTS

VERSION

Version 0.1.0

METHODS

    new



        my $zconf=ZConf->(\%args);



This initiates the ZConf object. If it can’t be initiated, a value of undef is returned. The hash can contain various initization options.

When it is run for the first time, it creates a filesystem only config file.

args hash

sys

This turns system mode on. And sets it to the specified system name.

This is incompatible with the file option.

self

This is the copy of the ZConf object intiating it.

zconf

This is the variables found in the ~/.config/zconf.zml.



    my $backend=ZConf::backends::ldap->new( \%args );
    if($zconf->{error}){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }



    config2dn

This method converts the config name into part of a DN string. IT is largely only for internal use and is used by the LDAP backend.



        my $partialDN = $zconf->config2dn("foo/bar");
    if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }



    configExists

This method methods exactly the same as configExists, but for the LDAP backend.

No config name checking is done to verify if it is a legit name or not as that is done in configExists. The same is true for calling errorBlank.



    $zconf->configExistsLDAP("foo/bar")
        if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
        }



    createConfig

This methods just like createConfig, but is for the LDAP backend. This is not really meant for external use. The config name passed is not checked to see if it is legit or not.



    $zconf->createConfigLDAP("foo/bar")
        if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
        };



    delConfig

This removes a config. Any sub configs will need to removes first. If any are present, this method will error.



    #removes foo/bar
    $zconf->delConfig(foo/bar);
    if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }



    delSet

This deletes a specified set, for the LDAP backend.

Two arguements are required. The first one is the name of the config and the and the second is the name of the set.



    $zconf->delSet("foo/bar", "someset");
    if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }



    getAvailableSets

This is exactly the same as getAvailableSets, but for the file back end. For the most part it is not intended to be called directly.



        my @sets = $zconf->getAvailableSetsLDAP("foo/bar");
        if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
        }



    getConfigRevision

This fetches the revision for the speified config using the LDAP backend.

A return of undef means that the config has no sets created for it yet or it has not been read yet by 2.0.0 or newer.



    my $revision=$zconf->getConfigRevision(some/config);
    if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }
    if(!defined($revision)){
        print "This config has had no sets added since being created or is from a old version of ZConf.\n";
    }



    getSubConfigs

This gets any sub configs for a config. "" can be used to get a list of configs under the root.

One arguement is accepted and that is the config to look under.



    #lets assume foo/bar exists, this would return
    my @subConfigs=$zconf->getSubConfigs("foo");
    if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }



    isConfigLocked

This checks if a config is locked or not for the LDAP backend.

One arguement is required and it is the name of the config.

The returned value is a boolean value.



    my $locked=$zconf->isConfigLockedLDAP(some/config);
    if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }
    if($locked){
        print "The config is locked\n";
    }



    LDAPconnect

This generates a Net::LDAP object based on the LDAP backend.



    my $ldap=$zconf->LDAPconnect();
    if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }



    LDAPgetConfMessage

Gets a Net::LDAP::Message object that was created doing a search for the config with the scope set to base.



    #gets it for foo/bar
    my $mesg=$zconf->LDAPgetConfMessage(foo/bar);
    #gets it using $ldap for the connection
    my $mesg=$zconf->LDAPgetConfMessage(foo/bar, $ldap);
    if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }



    LDAPgetConfMessageOne

Gets a Net::LDAP::Message object that was created doing a search for the config with the scope set to one.



    #gets it for foo/bar
    my $mesg=$zconf->LDAPgetConfMessageOne(foo/bar);
    #gets it using $ldap for the connection
    my $mesg=$zconf->LDAPgetConfMessageOne(foo/bar, $ldap);
    if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }



    LDAPgetConfEntry

Gets a Net::LDAP::Message object that was created doing a search for the config with the scope set to base.

It returns undef if it is not found.



    #gets it for foo/bar
    my $entry=$zconf->LDAPgetConfEntry(foo/bar);
    #gets it using $ldap for the connection
    my $entry=$zconf->LDAPgetConfEntry(foo/bar, $ldap);
    if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }



    read

readFile methods just like read, but is mainly intended for internal use only. This reads the config from the LDAP backend.

hash args

config

The config to load.

override

This specifies if override should be ran not.

If this is not specified, it defaults to 1, true.

set

The set for that config to load.



    $zconf->readLDAP({config=>"foo/bar"})
        if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
        }



    readChooser

This methods just like readChooser, but methods on the LDAP backend and only really intended for internal use.



        my $chooser = $zconf->readChooserLDAP("foo/bar");
        if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
        }



    setExists

This checks if the specified set exists.

Two arguements are required. The first arguement is the name of the config. The second arguement is the name of the set. If no set is specified, the default set is used. This is done by calling ’defaultSetExists’.



    my $return=$zconf->setExists("foo/bar", "fubar");
    if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }else{
        if($return){
            print "It exists.\n";
        }
    }



    setLockConfig

This unlocks or logs a config for the LDAP backend.

Two arguements are taken. The first is a the config name, required, and the second is if it should be locked or unlocked



    #lock some/config
    $zconf->setLockConfigLDAP(some/config, 1);
    if($zconf->{error}){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }

    #unlock some/config
    $zconf->setLockConfigLDAP(some/config, 0);
    if($zconf->{error}){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }

    #unlock some/config
    $zconf->setLockConfigLDAP(some/config);
    if($zconf->{error}){
                warn(error: .$zconf->error.":".$zconf->errorString);
    }



    writeChooser

This method is a internal method and largely meant to only be called writeChooser, which it methods the same as. It works on the LDAP backend.



    $zconf->writeChooserLDAP("foo/bar", $chooserString)
        if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
        }



    writeSetFromHash

This takes a hash and writes it to a config for the file backend. It takes two arguements, both of which are hashes.

The first hash contains

The second hash is the hash to be written to the config.

    args hash

config

The config to write it to.

This is required.

set

This is the set name to use.

If not defined, the one will be choosen.

revision

This is the revision string to use.

This is primarily meant for internal usage and is suggested that you don’t touch this unless you really know what you are doing.



    $zconf->writeSetFromHashLDAP({config=>"foo/bar"}, \%hash);
        if($zconf->error){
                warn(error: .$zconf->error.":".$zconf->errorString);
        }



    writeSetFromLoadedConfig

This method writes a loaded config to a to a set, for the LDAP backend.

One arguement is required.

    args hash

config

The config to write it to.

This is required.

set

This is the set name to use.

If not defined, the one will be choosen.

revision

This is the revision string to use.

This is primarily meant for internal usage and is suggested that you don’t touch this unless you really know what you are doing.



    $zconf->writeSetFromLoadedConfigLDAP({config=>"foo/bar"});
        if(defined($zconf->error)){
                warn(error: .$zconf->error.":".$zconf->errorString);
        }



    writeSetFromZML

This writes a config set from a ZML object.

One arguement is required.

    args hash

config

The config to write it to.

This is required.

set

This is the set name to use.

If not defined, the one will be choosen.

zml

This is the ZML object to use.

revision

This is the revision string to use.

This is primarily meant for internal usage and is suggested that you don’t touch this unless you really know what you are doing.



    $zconf->writeSetFromZML({config=>"foo/bar", zml=>$zml});
        if(defined($zconf->error)){
                warn(error: .$zconf->error.":".$zconf->errorString);
        }



ERROR HANDLING/CODES

This module uses Error::Helper for error handling. Below are the error codes returned by the error method.

    1

config name contains ,

    2

config name contains /.

    3

config name contains //

    4

config name contains ../

    5

config name contains /..

    6

config name contains ^./

    7

config name ends in /

    8

config name starts with /

    9

could not sync to file

    10

config name contains a \n

    11

LDAP entry already exists

    12

config does not exist

    13

Expected LDAP DN not found

    14

ZML dump failed.

    15

ZML object not passed.

    16

Unable to create some of the required DN entries.

    18

No variable name specified.

    19

config key starts with a ’ ’

    20

LDAP entry has no sets

    21

set not found for config

    22

LDAPmakepathSimple failed

    23

skilling variable as it is not a legit name

    24

set is not defined

    25

Config is undefined.

    26

Config not loaded.

    27

Set name is not a legit name.

    28

ZML->parse error.

    29

Could not unlink the unlink the set.

    30

The sets exist for the specified config.

    31

Did not find a matching set.

    32

Unable to choose a set.

    33

Unable to remove the config as it has sub configs.

    34

LDAP connection error

    35

Can’t use system mode and file together.

    36

Could not create ’/var/db/zconf’. This is a permanent error.

    37

Could not create ’/var/db/zconf/<sys name>’. This is a permanent error.

    38

Sys name matched /\//.

    39

Sys name matched /\./.

    40

No chooser string specified.

    41

No comment specified.

    42

No meta specified.

    43

Failed to open the revision file for the set.

    44

Failed to open or unlink lock file.

    45

Config is locked.

    46

LDAP entry update failed.

    47

No ZConf object passed.

    48

No zconf.zml var hash passed.

ERROR CHECKING

This can be done by checking $zconf->{error} to see if it is defined. If it is defined, The number it contains is the corresponding error code. A description of the error can also be found in $zconf->{errorString}, which is set to "" when there is no error.

zconf.zml

The default is ’xdf_config_home/zconf.zml’, which is generally ’~/.config/zconf.zml’. See perldoc ZML for more information on the file format. The keys are listed below.

    zconf.zml LDAP backend keys

backend

This should be set to ’ldap’ to use this backend.

LDAPprofileChooser

This is a chooser string that chooses what LDAP profile to use. If this is not present, ’default’ will be used for the profile.

ldap/<profile>/bind

This is the DN to bind to the server as.

ldap/<profile>/cafile

When verifying the server’s certificate, either set capath to the pathname of the directory containing CA certificates, or set cafile to the filename containing the certificate of the CA who signed the server’s certificate. These certificates must all be in PEM format.

ldap/<profile>/capath

The directory in ’capath’ must contain certificates named using the hash value of the certificates’ subject names. To generate these names, use OpenSSL like this in Unix:



    ln -s cacert.pem `openssl x509 -hash -noout < cacert.pem`.0



(assuming that the certificate of the CA is in cacert.pem.)

ldap/<profile>/checkcrl

If capath has been configured, then it will also be searched for certificate revocation lists (CRLs) when verifying the server’s certificate. The CRLs’ names must follow the form hash.rnum where hash is the hash over the issuer’s DN and num is a number starting with 0.

ldap/<profile>/clientcert

This client cert to use.

ldap/<profile>/clientkey

The client key to use.

Encrypted keys are not currently supported at this time.

ldap/<profile>/homeDN

This is the home DN of the user in question. The user needs be able to write to it. ZConf will attempt to create ’ou=zconf,ou=.config,$homeDN’ for operating out of.

ldap/<profile>/host

This is the server to use for LDAP connections.

ldap/<profile>/password

This is the password to use for when connecting to the server.

ldap/<profile>/passwordfile

Read the password from this file. If both this and password is set, then this will write over it.

ldap/<profile>/starttls

This is if it should use starttls or not. It defaults to undefined, ’false’.

ldap/<profile>/SSLciphers

This is a list of ciphers to accept. The string is in the standard OpenSSL format. The default value is ’ALL’.

ldap/<profile>/SSLversion

This is the SSL versions accepted.

’sslv2’, ’sslv3’, ’sslv2/3’, or ’tlsv1’ are the possible values. The default is ’tlsv1’.

ldap/<profile>/TLSverify

The verify mode for TLS. The default is ’none’.

ZConf LDAP Schema



    # 1.3.6.1.4.1.26481 Zane C. Bowers
    #  .2 ldap
    #   .7 zconf
    #    .0 zconfData
    #    .1 zconfChooser
    #    .2 zconfSet
    #    .3 zconfRev
    #    .4 zconfLock
   
    attributeType ( 1.3.6.1.4.1.26481.2.7.0
            NAME zconfData
        DESC Data attribute for a zconf entry.
            SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
            EQUALITY caseExactMatch
        )
   
    attributeType ( 1.3.6.1.4.1.26481.2.7.1
        NAME zconfChooser
        DESC Chooser attribute for a zconf entry.
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        EQUALITY caseExactMatch
        )
   
    attributeType ( 1.3.6.1.4.1.26481.2.7.2
        NAME zconfSet
        DESC A zconf set name available in a entry.
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        EQUALITY caseExactMatch
        )
   
    attributeType ( 1.3.6.1.4.1.26481.2.7.3
        NAME zconfRev
        DESC The revision number for a ZConf config. Bumped with each update.
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        EQUALITY caseExactMatch
        )
   
    attributeType ( 1.3.6.1.4.1.26481.2.7.4
        NAME zconfLock
        DESC If this is present, this config is locked.
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        EQUALITY caseExactMatch
        )
   
    objectclass ( 1.3.6.1.4.1.26481.2.7
        NAME zconf
        DESC A zconf entry.
        MAY ( cn $ zconfData $ zconfChooser $ zconfSet $ zconfRev $ zconfLock )
        )



SYSTEM MODE

This is for deamons or the like. This will read ’/var/db/zconf/$sys/zconf.zml’ for it’s options and store the file backend stuff in ’/var/db/zconf/$sys/’.

It will create ’/var/db/zconf’ or the sys directory, but not ’/var/db’.

UTILITIES

There are several scripts installed with this module. Please see the perldocs for the utilities listed below.



    zcchooser-edit
    zcchooser-get
    zcchooser-run
    zcchooser-set
    zccreate
    zcget
    zcls
    zcrm
    zcset
    zcvdel
    zcvls



AUTHOR

Zane C. Bowers-Hadley, <vvelox at vvelox.net>

BUGS

Please report any bugs or feature requests to bug-zconf at rt.cpan.org, or through the web interface at <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=ZConf>. I will be notified, and then you’ll automatically be notified of progress on your bug as I make changes.

SUPPORT

You can find documentation for this module with the perldoc command.



    perldoc ZConf



You can also look for information at:
o RT: CPAN’s request tracker

<http://rt.cpan.org/NoAuth/Bugs.html?Dist=ZConf>

o AnnoCPAN: Annotated CPAN documentation

<http://annocpan.org/dist/ZConf>

o CPAN Ratings

<http://cpanratings.perl.org/d/ZConf>

o Search CPAN

<http://search.cpan.org/dist/ZConf>

o Subversion Repository

<http://eesdp.org/svnweb/index.cgi/pubsvn/browse/Perl/ZConf>

ACKNOWLEDGEMENTS

COPYRIGHT & LICENSE

Copyright 2011 Zane C. Bowers-Hadley, all rights reserved.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 ZCONF::BACKENDS::LDAP (3) 2012-05-25

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.