slapd: add openssh public key schema

2019-11-28 22:40:51 +01:00 · 2019-11-28 22:40:51 +01:00 · ef9e4352d3
commit ef9e4352d3
parent b35cb013d6
3 changed files with 25 additions and 3 deletions
--- a/roles/slapd/files/schema/openssh-lpk.schema
+++ b/roles/slapd/files/schema/openssh-lpk.schema
@ -0,0 +1,20 @@
+#
+# LDAP Public Key Patch schema for use with openssh-ldappubkey
+# Author: Eric AUGE <eau@phear.org>
+#
+# Based on the proposal of : Mark Ruijter
+#
+
+
+# octetString SYNTAX
+attributetype ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey'
+	DESC 'OpenSSH Public key'
+	EQUALITY octetStringMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+# printableString SYNTAX yes|no
+objectclass ( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY
+	DESC 'OpenSSH LPK objectclass'
+	MUST uid
+	MAY sshPublicKey
+	)
--- a/roles/slapd/tasks/main.yml
+++ b/roles/slapd/tasks/main.yml
@ -14,9 +14,10 @@
 - name: Copy schema definitons
  copy: src={{ item }} dest=/etc/ldap/{{ item }}
  with_items:
+  - schema/kitchen.schema
+  - schema/openssh-lpk.schema
  - schema/radius.schema
  - schema/samba.schema
-  - schema/kitchen.schema
  notify: Restart slapd

 - name: Configure slapd (init script)
--- a/roles/slapd/templates/slapd.conf.j2
+++ b/roles/slapd/templates/slapd.conf.j2
@ -11,10 +11,11 @@ include		/etc/ldap/schema/core.schema
 include		/etc/ldap/schema/cosine.schema
 include		/etc/ldap/schema/inetorgperson.schema
 include		/etc/ldap/schema/kitchen.schema
-include		/etc/ldap/schema/nis.schema
 include		/etc/ldap/schema/misc.schema
-include		/etc/ldap/schema/samba.schema
+include		/etc/ldap/schema/nis.schema
+include		/etc/ldap/schema/openssh-lpk.schema
 include		/etc/ldap/schema/radius.schema
+include		/etc/ldap/schema/samba.schema


 #######################################################################