blog/data/2010-07-11-ltsp-ldap.txt

   1 Title: Idea for storing LTSP configuration in LDAP
   2 Tags: english, debian, debian edu, nuug, ldap
   3 Date: 2010-07-11 22:00
   4
   5 <p>Vagrant mentioned on IRC today that ltsp_config now support
   6 sourcing files from /usr/share/ltsp/ltsp_config.d/ on the thin
   7 clients, and that this can be used to fetch configuration from LDAP if
   8 Debian Edu choose to store configuration there.</p>
   9
  10 <p>Armed with this information, I got inspired and wrote a test module
  11 to get configuration from LDAP.  The idea is to look up the MAC
  12 address of the client in LDAP, and look for attributes on the form
  13 ltspconfigsetting=value, and use this to export SETTING=value to the
  14 LTSP clients.</p>
  15
  16 <p>The goal is to be able to store the LTSP configuration attributes
  17 in a "computer" LDAP object used by both DNS and DHCP, and thus
  18 allowing us to store all information about a computer in one place.</p>
  19
  20 <p>This is a untested draft implementation, and I welcome feedback on
  21 this approach.  A real LDAP schema for the ltspClientAux objectclass
  22 need to be written.  Comments, suggestions, etc?</p>
  23
  24 <blockquote><pre>
  25 # Store in /opt/ltsp/$arch/usr/share/ltsp/ltsp_config.d/ldap-config
  26 #
  27 # Fetch LTSP client settings from LDAP based on MAC address
  28 #
  29 # Uses ethernet address as stored in the dhcpHost objectclass using
  30 # the dhcpHWAddress attribute or ethernet address stored in the
  31 # ieee802Device objectclass with the macAddress attribute.
  32 #
  33 # This module is written to be schema agnostic, and only depend on the
  34 # existence of attribute names.
  35 #
  36 # The LTSP configuration variables are saved directly using a
  37 # ltspConfig prefix and uppercasing the rest of the attribute name.
  38 # To set the SERVER variable, set the ltspConfigServer attribute.
  39 #
  40 # Some LDAP schema should be created with all the relevant
  41 # configuration settings.  Something like this should work:
  42 #
  43 # objectclass ( 1.1.2.2 NAME 'ltspClientAux'
  44 #     SUP top
  45 #     AUXILIARY
  46 #     MAY ( ltspConfigServer $ ltsConfigSound $ ... )
  47
  48 LDAPSERVER=$(debian-edu-ldapserver)
  49 if [ "$LDAPSERVER" ] ; then
  50     LDAPBASE=$(debian-edu-ldapserver -b)
  51     for MAC in $(LANG=C ifconfig |grep -i hwaddr| awk '{print $5}'|sort -u) ; do
  52         filter="(|(dhcpHWAddress=ethernet $MAC)(macAddress=$MAC))"
  53         ldapsearch -h "$LDAPSERVER" -b "$LDAPBASE" -v -x "$filter" | \
  54             grep '^ltspConfig' | while read attr value ; do
  55             # Remove prefix and convert to upper case
  56             attr=$(echo $attr | sed 's/^ltspConfig//i' | tr a-z A-Z)
  57             # bass value on to clients
  58             eval "$attr=$value; export $attr"
  59         done
  60     done
  61 fi
  62 </pre></blockquote>
  63
  64 <p>I'm not sure this shell construction will work, because I suspect
  65 the while block might end up in a subshell causing the variables set
  66 there to not show up in ltsp-config, but if that is the case I am sure
  67 the code can be restructured to make sure the variables are passed on.
  68 I expect that can be solved with some testing. :)</p>
  69
  70 <p>If you want to help out with implementing this for Debian Edu,
  71 please contact us on debian-edu@lists.debian.org.</p>
  72
  73 <p>Update 2010-07-17: I am aware of another effort to store LTSP
  74 configuration in LDAP that was created around year 2000 by
  75 <a href="http://www.pcxperience.com/thinclient/documentation/ldap.html">PC
  76 Xperience, Inc., 2000</a>.  I found its
  77 <a href="http://people.redhat.com/alikins/ltsp/ldap/">files</a> on a
  78 personal home page over at redhat.com.</p>