Saturday, December 3, 2011

Migrating /etc/protocols into LDAP

The file /etc/protocols contains information about the protocols and their numbers. To be honest, until I tried to put every database into LDAP  that getent can handle I did not recognized or cared about the file /etc/protocols...
Before you continue reading keep in mind that I had serious trouble with my server while looking up for /etc/protocols in my LDAP. Currently I don't use it anymore just like my prior released article about migrating /etc/services into LDAP.

Anyway, here is an example how to migrate the file /etc/protocols int LDAP. First create the following ldif file:

# vi protocols.ldif
dn: ou=protocols,dc=example,dc=com
objectClass: organizationalUnit
objectClass: top
ou: protocols

dn: ipProtocolNumber=0,ou=protocols,dc=example,dc=com
cn: ip
ipProtocolNumber: 0
objectClass: ipProtocol
objectClass: top
description: IP

dn: ipProtocolNumber=1,ou=protocols,dc=example,dc=com
cn: icmp
ipProtocolNumber: 1
objectClass: ipProtocol
objectClass: top
description: ICMP

It contains an organizational unit and the first two protocols (IP and ICMP). Add the content to your LDAP:

# ldapadd -x -W -D 'cn=ldapadmin,dc=example,dc=com' -f protocols.ldif
Enter LDAP Password:
adding new entry "ou=protocols,dc=example,dc=com"

adding new entry "ipProtocolNumber=0,ou=protocols,dc=example,dc=com"

adding new entry "ipProtocolNumber=1,ou=protocols,dc=example,dc=com"

Tell your system where to look for protocols in your LDAP:

# vi /etc/ldap.conf
nss_base_protocols      ou=protocols,dc=example,dc=com?one

And tell your system that it should look in your LDAP by modifying /etc/nsswitch.conf:

# vi /etc/nsswitch.conf
protocols:      files ldap

Now test it:

# getent protocols | grep ip | grep 0
ip                    0 IP
ip                    0
# getent protocols | grep icmp | grep 1
icmp                  1 ICMP
icmp                  1

The first line is from the /etc/protocols, the last line from your LDAP.

Updated 13/12/2011: added a note not to migrate /etc/protocols in LDAP

No comments:

Post a Comment