Parses /etc/nslcd.conf
Author: Jose Plana jpl@gmai l.com ana
Nslcd | Parses /etc/nslcd.conf |
Reference | This lens tries to keep as close as possible to `man 5 nslcd.conf` where possible. |
Lens Usage | |
Configuration files | This lens applies to /etc/nslcd.conf. |
Examples | The Test_Nslcd file contains various examples and tests. |
USEFUL PRIMITIVES | |
Comments and empty lines | |
eol | |
empty | |
spc | |
comma | |
comment | |
do_dquote | |
opt_list | |
Ldap related values | Values that need to be parsed. |
ldap_rdn | |
ldap_dn | |
ldap_filter | |
ldap_scope | |
map_names | |
key_name | |
CONFIGURATION ENTRIES | |
Generic definitions | |
simple_entry | The simplest configuration option a key spc value. |
simple_entry_quoted_value | Simple entry with quoted value |
key_value_line_regexp | A simple configuration option but specifying the regex for the value. |
mapped_entry | A mapped configuration as in `filter MAP option`. |
key_value_line_regexp_opt_map | A mapped configuration but the MAP value is optional as in scope [MAP] value`. |
map_entry | A map entry as in `map MAP ATTRIBUTE NEWATTRIBUTE`. |
Option definitions | |
Base entry | |
Scope entry | |
Filter entry | |
entries | All the combined entries. |
lens | |
filter |
get /files/etc/nslcd.conf/threads
set /files/etc/nslcd.conf/uri "ldaps://x.y.z"
get /files/etc/nslcd.conf/cache
set /files/etc/nslcd.conf/log "syslog debug"
set /files/etc/nslcd.conf/filter/passwd "(objectClass=posixGroup)"
set /files/etc/nslcd.conf/scope[count( * )] "subtree"
get /files/etc/nslcd.conf/scope[count( * )] "subtree"
set /files/etc/nslcd.conf/scope[host]/host "subtree"
match /files/etc/nslcd.conf/base[count( * ) = 0]
get /files/etc/nslcd.conf/base[3]
set /files/etc/nslcd.conf/base[last()+1] "dc=example,dc=com"
set /files/etc/nslcd.conf/base[self::* = "dc=example,dc=com"] "dc=test,dc=com"
set /files/etc/nslcd.conf/base[hosts]/hosts "dc=hosts,dc=example,dc=com"
set /files/etc/nslcd.conf/base[last()+1]/passwd "dc=users,dc=example,dc=com"
rm /files/etc/nslcd.conf/base/rpc
rm /files/etc/nslcd.conf/base/passwd[self::* = "dc=users,dc=example,dc=com"]
get /files/etc/nslcd.conf/map/passwd/homeDirectory
match /files/etc/nslcd.conf/map/passwd/*
set /files/etc/nslcd.conf/map/passwd/homeDirectory "\"${homeDirectory:-/home/$uid}\""
set /files/etc/nslcd.conf/map[shadow/userPassword]/shadow/userPassword "*"
rm /files/etc/nslcd.conf/map/shadow/userPassword
rm /files/etc/nslcd.conf/map/passwd/*
This lens applies to /etc/nslcd.conf. See filter.
The Test_Nslcd file contains various examples and tests.
let entries = map_entry | base_entry | scope_entry | filter_entry | simple_entry "threads" | simple_entry "uid" | simple_entry "gid" | simple_entry_opt_list_value "uri" spc | simple_entry "ldap_version" | simple_entry "binddn" | simple_entry "bindpw" | simple_entry "rootpwmoddn" | simple_entry "rootpwmodpw" | simple_entry "sasl_mech" | simple_entry "sasl_realm" | simple_entry "sasl_authcid" | simple_entry "sasl_authzid" | simple_entry "sasl_secprops" | simple_entry "sasl_canonicalize" | simple_entry "krb5_ccname" | simple_entry "deref" | simple_entry "referrals" | simple_entry "bind_timelimit" | simple_entry "timelimit" | simple_entry "idle_timelimit" | simple_entry "reconnect_sleeptime" | simple_entry "reconnect_retrytime" | simple_entry "ssl" | simple_entry "tls_reqcert" | simple_entry "tls_cacertdir" | simple_entry "tls_cacertfile" | simple_entry "tls_randfile" | simple_entry "tls_ciphers" | simple_entry "tls_cert" | simple_entry "tls_key" | simple_entry "pagesize" | simple_entry_opt_list_value "nss_initgroups_ignoreusers" comma | simple_entry "nss_min_uid" | simple_entry "nss_nested_groups" | simple_entry "nss_getgrent_skipmembers" | simple_entry "nss_disable_enumeration" | simple_entry "validnames" | simple_entry "ignorecase" | simple_entry "pam_authz_search" | simple_entry_quoted_value "pam_password_prohibit_message" | simple_entry "reconnect_invalidate" | simple_entry "cache" | simple_entry "log" | simple_entry "pam_authc_ppolicy"
All the combined entries.
let eol = Util.eol
let empty = Util.empty
let spc = Util.del_ws_spc
let comma = Sep.comma
let comment = Util.comment
let do_dquote = Quote.do_dquote
let opt_list = Build.opt_list
let ldap_rdn = /[A-Za-z][A-Za-z]+=[A-Za-z0-9_.-]+/
let ldap_dn = ldap_rdn . (/(,)?/ . ldap_rdn)*
let ldap_filter = /\(.*\)/
let ldap_scope = /sub(tree)?|one(level)?|base/
let map_names = /alias(es)?/ | /ether(s)?/ | /group/ | /host(s)?/ | /netgroup/ | /network(s)?/ | /passwd/ | /protocol(s)?/ | /rpc/ | /service(s)?/ | /shadow/
let key_name = /[^ #\n\t\/][^ #\n\t\/]+/
The simplest configuration option a key spc value.
let simple_entry (kw:string) = Build.key_ws_value kw
Simple entry with quoted value
let simple_entry_quoted_value (kw:string) = Build.key_value_line kw spc (do_dquote (store /.*/))
A simple configuration option but specifying the regex for the value.
let key_value_line_regexp (kw:string) (sto:regexp) = Build.key_value_line kw spc (store sto)
A mapped configuration as in `filter MAP option`.
let mapped_entry (kw:string) (sto:regexp) = [ key kw . spc . Build.key_value_line map_names spc (store sto) ]
A mapped configuration but the MAP value is optional as in scope [MAP] value`.
let key_value_line_regexp_opt_map (kw:string) (sto:regexp) = ( key_value_line_regexp kw sto | mapped_entry kw sto )
A map entry as in `map MAP ATTRIBUTE NEWATTRIBUTE`.
let map_entry = [ key "map" . spc . [ key map_names . spc . [ key key_name . spc . store Rx.no_spaces ] ] .eol ]
All the combined entries.
let entries = map_entry | base_entry | scope_entry | filter_entry | simple_entry "threads" | simple_entry "uid" | simple_entry "gid" | simple_entry_opt_list_value "uri" spc | simple_entry "ldap_version" | simple_entry "binddn" | simple_entry "bindpw" | simple_entry "rootpwmoddn" | simple_entry "rootpwmodpw" | simple_entry "sasl_mech" | simple_entry "sasl_realm" | simple_entry "sasl_authcid" | simple_entry "sasl_authzid" | simple_entry "sasl_secprops" | simple_entry "sasl_canonicalize" | simple_entry "krb5_ccname" | simple_entry "deref" | simple_entry "referrals" | simple_entry "bind_timelimit" | simple_entry "timelimit" | simple_entry "idle_timelimit" | simple_entry "reconnect_sleeptime" | simple_entry "reconnect_retrytime" | simple_entry "ssl" | simple_entry "tls_reqcert" | simple_entry "tls_cacertdir" | simple_entry "tls_cacertfile" | simple_entry "tls_randfile" | simple_entry "tls_ciphers" | simple_entry "tls_cert" | simple_entry "tls_key" | simple_entry "pagesize" | simple_entry_opt_list_value "nss_initgroups_ignoreusers" comma | simple_entry "nss_min_uid" | simple_entry "nss_nested_groups" | simple_entry "nss_getgrent_skipmembers" | simple_entry "nss_disable_enumeration" | simple_entry "validnames" | simple_entry "ignorecase" | simple_entry "pam_authz_search" | simple_entry_quoted_value "pam_password_prohibit_message" | simple_entry "reconnect_invalidate" | simple_entry "cache" | simple_entry "log" | simple_entry "pam_authc_ppolicy"