GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
SLAPO-HOMEDIR(5) FreeBSD File Formats Manual SLAPO-HOMEDIR(5)

slapo-homedir - Home directory provisioning overlay

/usr/local/etc/openldap/slapd.conf

The homedir overlay causes slapd(8) to notice changes involving RFC-2307bis style user-objects and make appropriate changes to the local filesystem. This can be performed on both master and replica systems, so it is possible to perform remote home directory provisioning.

Both slapd.conf and back-config style configuration is supported.

This directive adds the homedir overlay to the current database, or to the frontend, if used before any database instantiation; see slapd.conf(5) for details.
These options set the path to the skeleton account directory. (Generally, /etc/skel) Files in this directory will be copied into newly created home directories. Copying is recursive and handles symlinks and fifos, but will skip most specials.
These options configure the minimum userid to use in any home directory attempt. This is a basic safety measure to prevent accidentally using system accounts. See REPLICATION for more flexible options for selecting accounts.
These options configure a set of regular expressions to use for matching and optionally remapping incoming homeDirectory attribute values to pathnames on the local filesystem. $number expansion is supported to access values captured in parentheses.

For example, to accept any directory starting with home and use it verbatim on the local filesystem:

homedir-regexp ^(/home/[-_/a-z0-9]+)$ $1

To match the same set of directories, but create them instead under exporthome, as is popular on Solaris NFS servers:

homedir-regexp ^(/home/[-_/a-z0-9]+)$ /export$1

These options configure how deletes of posixAccount entries or their attributes are handled; valid styles are IGNORE, which does nothing, and DELETE, which immediately performs a recursive delete on the home directory, and ARCHIVE, which archives the home directory contents in a TAR file for later examination. The default is IGNORE. Use with caution. ARCHIVE requires homedir-archive-path to be set, or it functions similar to IGNORE.
These options specify the destination path for TAR files created by the ARCHIVE delete style.

The homedir overlay can operate on either master or replica systems with no changes. See slapd.conf(5) or slapd-config(5) for more information on configure syncrepl.

Partial replication (e.g. with filters) is especially useful for providing different provisioning options to different sets of users.

The following LDIF could be used to add this overlay to cn=config (adjust to suit)

dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: homedir
dn: olcOverlay=homedir,olcDatabase={1}mdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcHomedirConfig
olcOverlay: homedir
olcSkeletonPath: /etc/skel
olcMinimumUidNumber: 1000
olcHomedirRegexp: ^(/home/[-_/a-z0-9]+)$ /export/$1
olcHomedirDeleteStyle: ARCHIVE
olcHomedirArchivePath: /archive

DELETE, MOD, and MODRDN operations that remove the unix attributes when delete style is set to DELETE will recursively delete the (regex modified) home directory from the disk. Please be careful when deleting or changing values.

MOD and MODRDN will correctly respond to homeDirectory changes and perform a non-destructive rename() operation on the filesystem, but this does not correctly retry with a recursive copy when moving between filesystems.

The recursive copy/delete/chown/tar functions are not aware of ACLs, extended attributes, forks, sparse files, or hard links. Block and character device archival is non-portable, but should not be an issue in home directories, hopefully.

Copying and archiving may not support files larger than 2GiB on some architectures. Bare POSIX UStar archives cannot support internal files larger than 8GiB. The current tar generator does not attempt to resolve uid/gid into symbolic names.

No attempt is made to try to mkdir() the parent directories needed for a given home directory or archive path.

/usr/local/etc/openldap/slapd.conf
default slapd configuration file
/etc/skel (or similar)
source of new homedir files.

slapd.conf(5), slapd-config(5), slapd(8), RFC-2307, RFC-2307bis.

This module was written in 2009 by Emily Backes for Symas Corporation.

2025/05/22 OpenLDAP 2.6.10
Search for    or go to Top of page |  Section 5 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.