ZConf::backends::ldap - This provides LDAP backend for ZConf.
Version 0.0.1
my $zconf=ZConf->(\%args);
This initiates the ZConf object. If it can't be initiated, a value of undef is returned. The hash can contain various initization options.
When it is run for the first time, it creates a filesystem only config file.
This turns system mode on. And sets it to the specified system name.
This is incompatible with the file option.
This is the copy of the ZConf object intiating it.
This is the variables found in the ~/.config/zconf.zml.
my $backend=ZConf::backends::ldap->new( \%args ); if((!defined($zconf)) || ($zconf->{error})){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This method converts the config name into part of a DN string. IT is largely only for internal use and is used by the LDAP backend.
my $partialDN = $zconf->config2dn("foo/bar"); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This method methods exactly the same as configExists, but for the LDAP backend.
No config name checking is done to verify if it is a legit name or not as that is done in configExists. The same is true for calling errorBlank.
$zconf->configExistsLDAP("foo/bar") if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This methods just like createConfig, but is for the LDAP backend. This is not really meant for external use. The config name passed is not checked to see if it is legit or not.
$zconf->createConfigLDAP("foo/bar") if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); };
This removes a config. Any sub configs will need to removes first. If any are present, this method will error.
#removes 'foo/bar' $zconf->delConfig('foo/bar'); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This deletes a specified set, for the LDAP backend.
Two arguements are required. The first one is the name of the config and the and the second is the name of the set.
$zconf->delSet("foo/bar", "someset"); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This is exactly the same as getAvailableSets, but for the file back end. For the most part it is not intended to be called directly.
my @sets = $zconf->getAvailableSetsLDAP("foo/bar"); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This fetches the revision for the speified config using the LDAP backend.
A return of undef means that the config has no sets created for it yet or it has not been read yet by 2.0.0 or newer.
my $revision=$zconf->getConfigRevision('some/config'); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); } if(!defined($revision)){ print "This config has had no sets added since being created or is from a old version of ZConf.\n"; }
This gets any sub configs for a config. "" can be used to get a list of configs under the root.
One arguement is accepted and that is the config to look under.
#lets assume 'foo/bar' exists, this would return my @subConfigs=$zconf->getSubConfigs("foo"); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This checks if a config is locked or not for the LDAP backend.
One arguement is required and it is the name of the config.
The returned value is a boolean value.
my $locked=$zconf->isConfigLockedLDAP('some/config'); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); } if($locked){ print "The config is locked\n"; }
This generates a Net::LDAP object based on the LDAP backend.
my $ldap=$zconf->LDAPconnect(); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
Gets a Net::LDAP::Message object that was created doing a search for the config with the scope set to base.
#gets it for 'foo/bar' my $mesg=$zconf->LDAPgetConfMessage('foo/bar'); #gets it using $ldap for the connection my $mesg=$zconf->LDAPgetConfMessage('foo/bar', $ldap); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
Gets a Net::LDAP::Message object that was created doing a search for the config with the scope set to one.
#gets it for 'foo/bar' my $mesg=$zconf->LDAPgetConfMessageOne('foo/bar'); #gets it using $ldap for the connection my $mesg=$zconf->LDAPgetConfMessageOne('foo/bar', $ldap); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
It returns undef if it is not found.
#gets it for 'foo/bar' my $entry=$zconf->LDAPgetConfEntry('foo/bar'); #gets it using $ldap for the connection my $entry=$zconf->LDAPgetConfEntry('foo/bar', $ldap); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
readFile methods just like read, but is mainly intended for internal use only. This reads the config from the LDAP backend.
The config to load.
This specifies if override should be ran not.
If this is not specified, it defaults to 1, true.
The set for that config to load.
$zconf->readLDAP({config=>"foo/bar"}) if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This methods just like readChooser, but methods on the LDAP backend and only really intended for internal use.
my $chooser = $zconf->readChooserLDAP("foo/bar"); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This checks if the specified set exists.
Two arguements are required. The first arguement is the name of the config. The second arguement is the name of the set. If no set is specified, the default set is used. This is done by calling 'defaultSetExists'.
my $return=$zconf->setExists("foo/bar", "fubar"); if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }else{ if($return){ print "It exists.\n"; } }
This unlocks or logs a config for the LDAP backend.
Two arguements are taken. The first is a the config name, required, and the second is if it should be locked or unlocked
#lock 'some/config' $zconf->setLockConfigLDAP('some/config', 1); if($zconf->{error}){ warn('error: '.$zconf->error.":".$zconf->errorString); } #unlock 'some/config' $zconf->setLockConfigLDAP('some/config', 0); if($zconf->{error}){ warn('error: '.$zconf->error.":".$zconf->errorString); } #unlock 'some/config' $zconf->setLockConfigLDAP('some/config'); if($zconf->{error}){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This method is a internal method and largely meant to only be called writeChooser, which it methods the same as. It works on the LDAP backend.
$zconf->writeChooserLDAP("foo/bar", $chooserString) if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This takes a hash and writes it to a config for the file backend. It takes two arguements, both of which are hashes.
The first hash contains
The second hash is the hash to be written to the config.
The config to write it to.
This is required.
This is the set name to use.
If not defined, the one will be choosen.
This is the revision string to use.
This is primarily meant for internal usage and is suggested that you don't touch this unless you really know what you are doing.
$zconf->writeSetFromHashLDAP({config=>"foo/bar"}, \%hash) if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This method writes a loaded config to a to a set, for the LDAP backend.
One arguement is required.
$zconf->writeSetFromLoadedConfigLDAP({config=>"foo/bar"}); if(defined($zconf->error)){ warn('error: '.$zconf->error.":".$zconf->errorString); }
Returns the current error code and true if there is an error.
If there is no error, undef is returned.
if($zconf->error){ warn('error: '.$zconf->error.":".$zconf->errorString); }
This blanks the error storage and is only meant for internal usage.
It does the following.
$zconf->{error}=undef; $zconf->{errorString}="";
Returns the error string if there is one. If there is not, it will return ''.
Since version '0.6.0' any time '$zconf->{error}' is true, there is an error.
config name contains ,
config name contains /.
config name contains //
config name contains ../
config name contains /..
config name contains ^./
config name ends in /
config name starts with /
could not sync to file
config name contains a \n
LDAP entry already exists
config does not exist
Expected LDAP DN not found
ZML dump failed.
No variable name specified.
config key starts with a ' '
LDAP entry has no sets
set not found for config
LDAPmakepathSimple failed
skilling variable as it is not a legit name
set is not defined
Config is undefined.
Config not loaded.
Set name is not a legit name.
ZML->parse error.
Could not unlink the unlink the set.
The sets exist for the specified config.
Did not find a matching set.
Unable to choose a set.
Unable to remove the config as it has sub configs.
LDAP connection error
Can't use system mode and file together.
Could not create '/var/db/zconf'. This is a permanent error.
Could not create '/var/db/zconf/<sys name>'. This is a permanent error.
Sys name matched /\//.
Sys name matched /\./.
No chooser string specified.
No comment specified.
No meta specified.
Failed to open the revision file for the set.
Failed to open or unlink lock file.
Config is locked.
LDAP entry update failed.
No ZConf object passed.
No zconf.zml var hash passed.
This can be done by checking $zconf->{error} to see if it is defined. If it is defined, The number it contains is the corresponding error code. A description of the error can also be found in $zconf->{errorString}, which is set to "" when there is no error.
The default is 'xdf_config_home/zconf.zml', which is generally '~/.config/zconf.zml'. See perldoc ZML for more information on the file format. The keys are listed below.
This should be set to 'ldap' to use this backend.
This is a chooser string that chooses what LDAP profile to use. If this is not present, 'default' will be used for the profile.
This is the DN to bind to the server as.
When verifying the server's certificate, either set capath to the pathname of the directory containing CA certificates, or set cafile to the filename containing the certificate of the CA who signed the server's certificate. These certificates must all be in PEM format.
The directory in 'capath' must contain certificates named using the hash value of the certificates' subject names. To generate these names, use OpenSSL like this in Unix:
ln -s cacert.pem `openssl x509 -hash -noout < cacert.pem`.0
(assuming that the certificate of the CA is in cacert.pem.)
If capath has been configured, then it will also be searched for certificate revocation lists (CRLs) when verifying the server's certificate. The CRLs' names must follow the form hash.rnum where hash is the hash over the issuer's DN and num is a number starting with 0.
This client cert to use.
The client key to use.
Encrypted keys are not currently supported at this time.
This is the home DN of the user in question. The user needs be able to write to it. ZConf will attempt to create 'ou=zconf,ou=.config,$homeDN' for operating out of.
This is the server to use for LDAP connections.
This is the password to use for when connecting to the server.
Read the password from this file. If both this and password is set, then this will write over it.
This is if it should use starttls or not. It defaults to undefined, 'false'.
This is a list of ciphers to accept. The string is in the standard OpenSSL format. The default value is 'ALL'.
This is the SSL versions accepted.
'sslv2', 'sslv3', 'sslv2/3', or 'tlsv1' are the possible values. The default is 'tlsv1'.
The verify mode for TLS. The default is 'none'.
# 1.3.6.1.4.1.26481 Zane C. Bowers # .2 ldap # .7 zconf # .0 zconfData # .1 zconfChooser # .2 zconfSet # .3 zconfRev # .4 zconfLock attributeType ( 1.3.6.1.4.1.26481.2.7.0 NAME 'zconfData' DESC 'Data attribute for a zconf entry.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.26481.2.7.1 NAME 'zconfChooser' DESC 'Chooser attribute for a zconf entry.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.26481.2.7.2 NAME 'zconfSet' DESC 'A zconf set name available in a entry.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.26481.2.7.3 NAME 'zconfRev' DESC 'The revision number for a ZConf config. Bumped with each update.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) attributeType ( 1.3.6.1.4.1.26481.2.7.4 NAME 'zconfLock' DESC 'If this is present, this config is locked.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 EQUALITY caseExactMatch ) objectclass ( 1.3.6.1.4.1.26481.2.7 NAME 'zconf' DESC 'A zconf entry.' MAY ( cn $ zconfData $ zconfChooser $ zconfSet $ zconfRev $ zconfLock ) )
This is for deamons or the like. This will read '/var/db/zconf/$sys/zconf.zml' for it's options and store the file backend stuff in '/var/db/zconf/$sys/'.
It will create '/var/db/zconf' or the sys directory, but not '/var/db'.
There are several scripts installed with this module. Please see the perldocs for the utilities listed below.
zcchooser-edit zcchooser-get zcchooser-run zcchooser-set zccreate zcget zcls zcrm zcset zcvdel zcvls
Zane C. Bowers, <vvelox at vvelox.net>
<vvelox at vvelox.net>
Please report any bugs or feature requests to bug-zconf at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=ZConf. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.
bug-zconf at rt.cpan.org
You can find documentation for this module with the perldoc command.
perldoc ZConf
You can also look for information at:
RT: CPAN's request tracker
http://rt.cpan.org/NoAuth/Bugs.html?Dist=ZConf
AnnoCPAN: Annotated CPAN documentation
http://annocpan.org/dist/ZConf
CPAN Ratings
http://cpanratings.perl.org/d/ZConf
Search CPAN
http://search.cpan.org/dist/ZConf
Copyright 2009 Zane C. Bowers, all rights reserved.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
To install ZConf, copy and paste the appropriate command in to your terminal.
cpanm
cpanm ZConf
CPAN shell
perl -MCPAN -e shell install ZConf
For more information on module installation, please visit the detailed CPAN module installation guide.