slapo-lastmod — Last Modification overlay
ETCDIR/slapd.conf
The lastmod
overlay creates a service entry rooted at the suffix of the
database it's stacked onto, which holds the DN, the
modification type, the modifiersName and the modifyTimestamp
of the last write operation performed on that database. The
lastmod overlay cannot be used when the "lastmod" feature is
disabled, i.e. "lastmod off" is used.
All operations targeted at the DN of the lastmod entry are
rejected, except reads, i.e. searches with base
scope. Regular
operations are ignored, unless they result in writing; then,
in case of success, the lastmod entry is updated accordingly,
if possible.
These slapd.conf
configuration options apply to the lastmod overlay. They must
appear after the overlay
directive.
Specify the value of the RDN used for the service
entry. By default Lastmod
is used.
Specify whether the overlay must be enabled or not
at startup. By default, the overlay is enabled;
however, by changing the boolean value of the attribute
lastmodEnabled
, one can
affect the status of the overlay. This is useful, for
instance, to inhibit the overlay from keeping track of
large bulk loads or deletions.
The lastmod
overlay depends on the lastmod
objectClass. The
definition of that class is as follows:
( 1.3.6.1.4.1.4203.666.3.13 " NAME 'lastmod' DESC 'OpenLDAP per-database last modification monitoring' STRUCTURAL SUP top MUST ( cn $ lastmodDN $ lastmodType ) MAY ( description $ seeAlso ) )
Each one of the sections below details the meaning and use
of a particular attribute of this lastmod
objectClass. Most of
the attributes that are specific to the lastmod objectClass
are operational, since they can logically be altered only by
the DSA. The most notable exception is the lastmodEnabled
attributeType,
which can be altered via protocol to change the status of the
overlay.
lastmodEnabled
This attribute contains a boolean flag that determines the status of the overlay. It can be altered via protocol by issuing a modify operation that replaces the value of the attribute.
( 1.3.6.1.4.1.4203.666.1.30 NAME 'lastmodEnabled' DESC 'Lastmod overlay state' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 EQUALITY booleanMatch SINGLE-VALUE )
Each one of the sections below details the meaning and use
of a particular attribute of this lastmod
objectClass. Most of
the attributes that are specific to the lastmod objectClass
are operational, since they can logically be altered only by
the DSA.
lastmodDN
This attribute contains the distinguished name of the entry that was last modified within the naming context of a database.
( 1.3.6.1.4.1.4203.666.1.28 NAME 'lastmodDN' DESC 'DN of last modification' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION USAGE directoryOperation )
lastmodType
This attribute contains the type of the modification that
occurred to the last modified entry. Legal values are
add
, delete
, exop
, modify
, modrdn
and unknown
. The latter should
only be used as a fall-thru in case of unhandled request
types that are considered equivalent to a write
operation.
( 1.3.6.1.4.1.4203.666.1.29 NAME 'lastmodType' DESC 'Type of last modification' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseIgnoreMatch SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation )
database bdb suffix dc=example,dc=com ... overlay lastmod lastmod-rdnvalue "Last Modification"
It is unclear whether this overlay can safely interoperate with other overlays. If the underlying backend does not implement entry_get/entry_release handlers, modrdn update can become tricky. The code needs some cleanup and more consistent error handling. So far, the OIDs for the schema haven't been assigned yet.
This module was written in 2004 by Pierangelo Masarati in fulfillment of requirements from SysNet s.n.c.; this man page has been copied from slapo-ppolicy(5), and most of the overlays ever written are copied from Howard Chu's first overlays.
OpenLDAP
is
developed and maintained by The OpenLDAP Project
(http://www.openldap.org/). OpenLDAP
is derived from
University of Michigan LDAP 3.3 Release.