@@ -37,7 +37,6 @@ nsdb-delete-nsdb \- remove all FedFS info from an NSDB
.IR nsdbport ]
.RB [ \-w
.IR bindpw ]
-.RB \-e
.IR nce
.SH INTRODUCTION
RFC 5716 introduces the Federated File System (FedFS, for short).
@@ -62,29 +61,36 @@ about file sets contained in a FedFS domain name space.
.SH DESCRIPTION
The
.BR nsdb-delete-nsdb (8)
-command is part of a collection of low-level single-use programs that are
-intended for testing the NSDB protocol or for use in scripts.
+command is part of a collection of low-level single-use programs
+that is intended for testing the NSDB protocol or for use in scripts.
This command wipes part or all of an NSDB clean by
-disconnecting an NCE and removing all FedFS records under it.
+disconnecting an
+.IR "NSDB Container Entry" ,
+or NCE, and removing all FedFS records under it.
.P
-Effectively, this command first removes the NSDB container information
+This command has one positional parameter which specifies the
+fully qualified distinguished name of the NCE to be removed.
+.P
+The
+.BR nsdb-delete-nsdb (8)
+command first removes the NSDB container information
for the specified NCE to prevent FedFS-enabled clients and servers
-from accessing the FedFS records under the NCE.
+from accessing the FedFS records under that NCE.
Then, it removes all FSN and FSL records under the NCE.
-The NCE object itself is left on the server.
+The NCE object itself is left on the LDAP server.
.SH OPTIONS
.IP "\fB\-d, \-\-debug"
-Specifies that debugging messages be produced during operation.
+Enables debugging messages during operation.
.IP "\fB\-?, \-\-help"
-Prints an
+Displays
.BR nsdb-delete-nsdb (8)
-version and usage message on
-.IR stderr ,
-then exits.
+version information and a usage message on
+.IR stderr .
.IP "\fB-D, \-\-binddn=\fIbind-distinguished-name\fP"
-Specifies a distinguished name of an entity used to bind to this LDAP server.
+Specifies a distinguished name of an entity used to bind to the LDAP server
+where the NSDB resides.
If the
-.B -D
+.B \-\-binddn
option is not specified,
the value of the FEDFS_NSDB_ADMIN environment variable is consulted.
If this variable is not set,
@@ -95,35 +101,36 @@ of the server's DIT, the
.BR nsdb-delete-nsdb (8)
command fails.
.IP "\fB-e, \-\-nce=\fINSDB-container-entry-distinguished-name\fP"
-Specifies the distinguished name of the doomed NSDB container entry.
+Specifies the distinguished name of the NSDB Container Entry.
This option must be specified on the command line.
No default value is assumed or read from an environment variable.
.IP "\fB\-l, \-\-nsdbname=\fINSDB-hostname\fP"
-Specifies the hostname of the NSDB where the doomed entry resides.
+Specifies the hostname of the NSDB where the NSDB Container Entry resides.
If the
-.B -l
+.B \-\-nsdbname
option is not specified,
the value of the FEDFS_NSDB_HOST environment variable is consulted.
If the variable is not set and the
-.B -l
+.B \-\-nsdbname
option is not specified, the
.BR nsdb-delete-nsdb (8)
command fails.
.IP "\fB\-r, \-\-nsdbport=\fINSDB-port\fP"
-Specifies the IP port of the NSDB where the doomed entry resides.
+Specifies the IP port of the NSDB where the NSDB Container Entry resides.
If the
-.B -r
+.B \-\-nsdbport
option is not specified,
the value of the FEDFS_NSDB_PORT environment variable is consulted.
The default value if the variable is not set is 389.
.IP "\fB\-w, \-\-bindpw=\fIbinddn-password\fP"
-Specifies the password used for simple authentication to this LDAP server.
+Specifies the password used for simple authentication to th LDAP server
+where the NSDB resides.
If the
-.B -w
+.B \-\-bindpw
option is not specified,
the value of the FEDFS_NSDB_PASSWD environment variable is consulted.
If the variable is not set and the
-.B -w
+.B \-\-bindpw
option is not specified, the
.BR nsdb-delete-nsdb (8)
command asks for a password on
@@ -103,9 +103,10 @@ version and usage message on
.IR stderr ,
then exits.
.IP "\fB-D, \-\-binddn=\fIbind-distinguished-name\fP"
-Specifies a distinguished name of an entity used to bind to this LDAP server.
+Specifies a distinguished name of an entity used to bind to the LDAP server
+where the NSDB resides.
If the
-.B -D
+.B \-\-binddn
option is not specified,
the value of the FEDFS_NSDB_ADMIN environment variable is consulted.
If this variable is not set,
@@ -116,9 +117,9 @@ of the server's DIT, the
.BR nsdb-remove-nci (8)
command fails.
.IP "\fB-e, \-\-nce=\fINSDB-container-entry-distinguished-name\fP"
-Specifies the distinguished name of the doomed NSDB container entry.
+Specifies the distinguished name of the doomed NSDB Container Entry.
If the
-.B -e
+.B \-\-nce
option is not specified,
the value of the FEDFS_NSDB_NCE environment variable is consulted.
If this variable is not set,
@@ -127,31 +128,32 @@ If none of these is specified, the
.BR nsdb-remove-nci (8)
command fails.
.IP "\fB\-l, \-\-nsdbname=\fINSDB-hostname\fP"
-Specifies the hostname of the NSDB where the doomed entry resides.
+Specifies the hostname of the NSDB where the NSDB Container Entry resides.
If the
-.B -l
+.B \-\-nsdbname
option is not specified,
the value of the FEDFS_NSDB_HOST environment variable is consulted.
If the variable is not set and the
-.B -l
+.B \-\-nsdbname
option is not specified, the
.BR nsdb-remove-nci (8)
command fails.
.IP "\fB\-r, \-\-nsdbport=\fINSDB-port\fP"
-Specifies the IP port of the NSDB where the doomed entry resides.
+Specifies the IP port of the NSDB where the NSDB Container Entry resides.
If the
-.B -r
+.B \-\-nsdbport
option is not specified,
the value of the FEDFS_NSDB_PORT environment variable is consulted.
The default value if the variable is not set is 389.
.IP "\fB\-w, \-\-bindpw=\fIbinddn-password\fP"
-Specifies the password used for simple authentication to this LDAP server.
+Specifies the password used for simple authentication to the LDAP server
+where the NSDB resides
If the
-.B -w
+.B \-\-bindpw
option is not specified,
the value of the FEDFS_NSDB_PASSWD environment variable is consulted.
If the variable is not set and the
-.B -w
+.B \-\-bindpw
option is not specified, the
.BR nsdb-remove-nci (8)
command asks for a password on
@@ -246,11 +248,11 @@ Suppose you are the FedFS administrator of the
.I example.net
FedFS domain and that you want to disable the NCE
.I o=fedfs
-on the LDAP server
-.IR ldap.example.net .
+on the NSDB
+.IR nsdb.example.net .
.RS
.sp
-$ nsdb-remove-nci -l ldap.example.net -D cn=Manager -e o=fedfs
+$ nsdb-remove-nci -l nsdb.example.net -D cn=Manager -e o=fedfs
.br
Enter NSDB password:
.br
@@ -96,17 +96,17 @@ The target NCE object and the naming context object
exist before this operation can complete successfully.
.SH OPTIONS
.IP "\fB\-d, \-\-debug"
-Specifies that debugging messages be produced during operation.
+Enables debugging messages during operation.
.IP "\fB\-?, \-\-help"
-Prints an
+Displays
.BR nsdb-update-nci (8)
-version and usage message on
-.IR stderr ,
-then exits.
+version information and a usage message on
+.IR stderr .
.IP "\fB-D, \-\-binddn=\fIbind-distinguished-name\fP"
-Specifies a distinguished name of an entity used to bind to this LDAP server.
+Specifies a distinguished name of an entity used to bind to the LDAP server
+where the NSDB resides.
If the
-.B -D
+.B \-\-binddn
option is not specified,
the value of the FEDFS_NSDB_ADMIN environment variable is consulted.
If this variable is not set,
@@ -119,7 +119,7 @@ command fails.
.IP "\fB-e, \-\-nce=\fINSDB-container-entry-distinguished-name\fP"
Specifies the distinguished name of the new NSDB container entry.
If the
-.B -e
+.B \-\-nce
option is not specified,
the value of the FEDFS_NSDB_NCE environment variable is consulted.
If this variable is not set,
@@ -128,31 +128,32 @@ If none of these is specified, the
.BR nsdb-update-nci (8)
command fails.
.IP "\fB\-l, \-\-nsdbname=\fINSDB-hostname\fP"
-Specifies the hostname of the NSDB where the new NCE should reside.
+Specifies the hostname of the NSDB where the target NCE should reside.
If the
-.B -l
+.B \-\-nsdbname
option is not specified,
the value of the FEDFS_NSDB_HOST environment variable is consulted.
If the variable is not set and the
-.B -l
+.B \-\-nsdbname
option is not specified, the
.BR nsdb-update-nci (8)
command fails.
.IP "\fB\-r, \-\-nsdbport=\fINSDB-port\fP"
-Specifies the IP port of the NSDB where the new NCE should reside.
+Specifies the IP port of the NSDB where the target NCE should reside.
If the
-.B -r
+.B \-\-nsdbport
option is not specified,
the value of the FEDFS_NSDB_PORT environment variable is consulted.
The default value if the variable is not set is 389.
.IP "\fB\-w, \-\-bindpw=\fIbinddn-password\fP"
-Specifies the password used for simple authentication to this LDAP server.
+Specifies the password used for simple authentication to the LDAP server
+where the NSDB resides.
If the
-.B -w
+.B \-\-bindpw
option is not specified,
the value of the FEDFS_NSDB_PASSWD environment variable is consulted.
If the variable is not set and the
-.B -w
+.B \-\-bindpw
option is not specified, the
.BR nsdb-update-nci (8)
command asks for a password on
@@ -273,15 +274,15 @@ To see the new container information, use
.BR nsdb-nces (8).
.P
.I o=fedfs
-is a typical NCE for FedFS information on an LDAP server.
-However, suppose that instead of creating a typical NCE,
+is a typical location for an NCE on an LDAP server.
+However, suppose that instead of creating such a typical NCE,
you would prefer the entry
.I ou=fedfs,dc=example,dc=net
to contain FedFS information.
Assuming your server set-up script has already created the
.I dc=example,dc=net
naming context and root object,
-and after creating an object with the distinguished name
+and after creating a generic object with the distinguished name
.IR ou=fedfs,dc=example,dc=net ,
you might use:
.RS
@@ -297,7 +298,7 @@ NSDB container information is inserted into
.IR dc=example,dc=net ,
and the entry at
.I ou=fedfs,dc=example,dc=net
-is changed to an NCE.
+is made into an NCE.
.P
To see the new NCE, use
.BR nsdb-nces (8).
@@ -46,7 +46,7 @@
/**
* Short form command line options
*/
-static const char nsdb_delete_nsdb_opts[] = "?dD:e:l:r:w:";
+static const char nsdb_delete_nsdb_opts[] = "?dD:l:r:w:";
/**
* Long form command line options
@@ -55,7 +55,6 @@ static const struct option nsdb_delete_nsdb_longopts[] = {
{ "binddn", 1, NULL, 'D', },
{ "debug", 0, NULL, 'd', },
{ "help", 0, NULL, '?', },
- { "nce", 1, NULL, 'e', },
{ "nsdbname", 1, NULL, 'l', },
{ "nsdbport", 1, NULL, 'r', },
{ "bindpw", 1, NULL, 'w', },
@@ -72,13 +71,12 @@ nsdb_delete_nsdb_usage(const char *progname)
{
fprintf(stderr, "\n%s version " VERSION "\n", progname);
fprintf(stderr, "Usage: %s [ -d ] [ -D binddn ] [ -w bindpw ] "
- "[ -l nsdbname ] [ -r nsdbport ] -e nce\n\n",
+ "[ -l nsdbname ] [ -r nsdbport ] nce\n\n",
progname);
fprintf(stderr, "\t-?, --help Print this help\n");
fprintf(stderr, "\t-d, --debug Enable debug messages\n");
fprintf(stderr, "\t-D, --binddn Bind DN\n");
- fprintf(stderr, "\t-e, --nce DN of NSDB container entry to remove\n");
fprintf(stderr, "\t-l, --nsdbname NSDB hostname\n");
fprintf(stderr, "\t-r, --nsdbport NSDB port\n");
fprintf(stderr, "\t-w, --bindpw Bind password\n");
@@ -128,7 +126,6 @@ main(int argc, char **argv)
nsdb_env(&nsdbname, &nsdbport, &binddn, NULL, &bindpw);
- nce = NULL;
while ((arg = getopt_long(argc, argv, nsdb_delete_nsdb_opts,
nsdb_delete_nsdb_longopts, NULL)) != -1) {
switch (arg) {
@@ -138,9 +135,6 @@ main(int argc, char **argv)
case 'D':
binddn = optarg;
break;
- case 'e':
- nce = optarg;
- break;
case 'l':
nsdbname = optarg;
break;
@@ -161,12 +155,17 @@ main(int argc, char **argv)
nsdb_delete_nsdb_usage(progname);
}
}
- if (optind != argc) {
- fprintf(stderr, "Unrecognized command line argument\n");
+ if (argc == optind + 1)
+ nce = argv[optind];
+ else if (argc > optind + 1) {
+ fprintf(stderr, "Unrecognized positional parameters\n");
+ nsdb_delete_nsdb_usage(progname);
+ } else {
+ fprintf(stderr, "No NSDB Container Entry was specified\n");
nsdb_delete_nsdb_usage(progname);
}
- if (nce == NULL || nsdbname == NULL) {
- fprintf(stderr, "Missing required command line argument\n");
+ if (nsdbname == NULL) {
+ fprintf(stderr, "No NSDB hostname was specified\n");
nsdb_delete_nsdb_usage(progname);
}
@@ -184,9 +183,13 @@ main(int argc, char **argv)
nsdb_display_fedfsstatus(retval));
goto out;
}
-
if (binddn == NULL)
binddn = (char *)nsdb_default_binddn(host);
+ if (binddn == NULL) {
+ fprintf(stderr, "No NDSB bind DN was specified\n");
+ goto out_free;
+ }
+
retval = nsdb_open_nsdb(host, binddn, bindpw, &ldap_err);
switch (retval) {
case FEDFS_OK:
We're trying to keep the Solaris and Linux administrative interfaces roughly the same, to make it easy for admins to use either one without separate learning curves. Rob Thurlow mentions that Solaris user interface guidelines require that mandatory command line options must be specified as positional parameters rather than by using dash switches. The only reason I used dash switches for all the options was sheer laziness. This commit updates the NSDB client tools that are concerned with NCE records. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> --- doc/man/nsdb-delete-nsdb.8 | 53 ++++++++++++++++++++++++------------------ doc/man/nsdb-remove-nci.8 | 32 +++++++++++++------------ doc/man/nsdb-update-nci.8 | 41 +++++++++++++++++--------------- src/nsdbc/nsdb-delete-nsdb.c | 29 +++++++++++++---------- 4 files changed, 84 insertions(+), 71 deletions(-)