| 1 |
I've been working on the project on and off for over a month but the |
| 2 |
work path is converging. What I have done for the moment: |
| 3 |
|
| 4 |
- Successful catalyst build of a liveCD (entirely built with gcc 4.3 as |
| 5 |
an added bonus, which is useful for compiling OpenMP-able code in an HPc |
| 6 |
context) |
| 7 |
- Gorg installed with Gentoo xml checkout for documentation |
| 8 |
- VMWare environment for devving the ebuilds and testing the |
| 9 |
auto-configuration stuff |
| 10 |
|
| 11 |
Yesterdy we confirmed that we will be using OpenLDAP as the |
| 12 |
authentication mechanism which implies the following: |
| 13 |
- have to pre-populate the openldap DB |
| 14 |
- have to pre-configure nss_ldap and pam_ldap |
| 15 |
- have to provide for proper user admin tools |
| 16 |
** I've been using luma as a GUI front end for user management but I |
| 17 |
personaly find it...uhm..sketchy. If anyone has suggestions on and |
| 18 |
interface to mange users under LDAP I'm opened to suggestions (note that |
| 19 |
I am also looking into app-admin/diradm for the CLI management aspect) |
| 20 |
|
| 21 |
I have yet to finalize how the auto-configuration of the ldap backend |
| 22 |
will be performed (script? pkg_config? spearate meta-ebuild?). I'll be |
| 23 |
providing a simple ldiff to pre-populate the DB with the basic tree |
| 24 |
which would look something like this: |
| 25 |
|
| 26 |
dn: ou=gentoo,dc=cluster,dc=local |
| 27 |
ou: gentoo |
| 28 |
objectClass: top |
| 29 |
objectClass: organizationalUnit |
| 30 |
description : gentoo |
| 31 |
|
| 32 |
dn: ou=Group,ou=gentoo,dc=cluster,dc=local |
| 33 |
ou: Group |
| 34 |
objectClass: top |
| 35 |
objectClass: organizationalUnit |
| 36 |
description : Group defined under gentoo |
| 37 |
|
| 38 |
dn: ou=People,ou=gentoo,dc=cluster,dc=local |
| 39 |
ou: People |
| 40 |
objectClass: top |
| 41 |
objectClass: organizationalUnit |
| 42 |
description : People defined under gentoo |
| 43 |
|
| 44 |
dn: cn=Manager,ou=gentoo,dc=cluster,dc=local |
| 45 |
objectClass: organizationalRole |
| 46 |
cn: Manager |
| 47 |
|
| 48 |
While at it, I'm also trying this out on openldap-2.4.10 which just got |
| 49 |
into the tree and has some reall cool new features like "Multi-Master |
| 50 |
support" (redundancy/availability + better caching) and "Reverse Group |
| 51 |
Membership" (merging group membership, things like group of groups...if |
| 52 |
I read this correctly). I don't expect the features to be excessively |
| 53 |
interesting for the current project but these are definitely a + for |
| 54 |
anyone building an AD replacement (that is, until Samba4 comes out ;) |
| 55 |
|
| 56 |
Eric |
| 57 |
-- |
| 58 |
gentoo-soc@l.g.o mailing list |
Archives