New UDB: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 14: | Line 14: | ||
# <code>su - ldapudb</code> (ignore error/warning about <code>findmnt</code>) | # <code>su - ldapudb</code> (ignore error/warning about <code>findmnt</code>) | ||
# <code>psql xcse</code> (xcse is the database containing both the UDB and the [[mlalias]] tables) | # <code>psql xcse</code> (xcse is the database containing both the UDB and the [[mlalias]] tables) | ||
== Database tables == | |||
The listing below shows the tables in the xcse database, namely the database containing the tables supporting the UDB and mlalias. | |||
* <span style="color: red;">Red</span> is UDB | |||
* <span style="color: green;">Green</span> is mlalias | |||
* <span style="color: gray;">Gray</span> tables are unused. These are left over from an attempt to use an [[LDAP]] translator to respond to client LDAP requests by directly querying the database, instead of using OpenLDAP (as we finally did due to querying the database being way too slow, most notably due to the recursion required for class membership lookups). | |||
bandleader % psql xcse | |||
psql (9.4.6) | |||
Type "help" for help. | |||
xcse=# \dt | |||
List of relations | |||
Schema | Name | Type | Owner | |||
--------+------------------------+-------+---------- | |||
public | <span style="color: red;">group_member_table</span> | table | postgres | |||
public | <span style="color: red;">group_membership_list</span> | table | postgres | |||
public | <span style="color: red;">group_table</span> | table | postgres | |||
public | <span style="color: gray;">ldap_all_names_by_user</span> | table | ldapif | |||
public | <span style="color: gray;">ldap_classes_by_user</span> | table | ldapif | |||
public | <span style="color: gray;">ldap_groups_by_user</span> | table | ldapif | |||
public | <span style="color: gray;">ldap_user_table</span> | table | ldapif | |||
public | <span style="color: gray;">ldap_users_by_class</span> | table | ldapif | |||
public | <span style="color: gray;">ldap_users_by_group</span> | table | ldapif | |||
public | <span style="color: green;">mlalias_address</span> | table | postgres | |||
public | <span style="color: green;">mlalias_control</span> | table | postgres | |||
public | <span style="color: green;">mlalias_owner</span> | table | postgres | |||
public | <span style="color: green;">mlalias_sender</span> | table | postgres | |||
public | <span style="color: green;">mlalias_user_external</span> | table | ldapudb | |||
public | <span style="color: red;">nisnetgroup_table</span> | table | postgres | |||
public | <span style="color: red;">user_alias_table</span> | table | postgres | |||
public | <span style="color: red;">user_group_table</span> | table | postgres | |||
public | <span style="color: red;">user_table</span> | table | postgres | |||
(18 rows) | |||
xcse=# | |||
Revision as of 10:22, 29 August 2023
Like the Old UDB, the New UDB is a user database providing Linux account information to hosts and workstations. It also implements a hierarchical class-membership structure which both allows users' roles in the school to be established, and also controls user access to certain resources. Additionally, the same database hosting its tables also contains tables supporting the operation of CSE's mlalias mail-forwarding and mailing-lists system. Both systems' database tables are loosely coupled.
The New UDB:
- Runs primarily on the host bandleader,
- Uses PostgreSQL for its database
- Uses an OpenLDAP server on the same server to "feed" hosts and workstations with account information (UID, GID, etc.). The contents of the OpenLDAP server's database are synch'd with the contents of the PostgreSQL database multiple times per hour
Operations
To access the PostgreSQL database:
- Log on to bandleader as root,
su - ldapudb(ignore error/warning aboutfindmnt)psql xcse(xcse is the database containing both the UDB and the mlalias tables)
Database tables
The listing below shows the tables in the xcse database, namely the database containing the tables supporting the UDB and mlalias.
- Red is UDB
- Green is mlalias
- Gray tables are unused. These are left over from an attempt to use an LDAP translator to respond to client LDAP requests by directly querying the database, instead of using OpenLDAP (as we finally did due to querying the database being way too slow, most notably due to the recursion required for class membership lookups).
bandleader % psql xcse
psql (9.4.6)
Type "help" for help.
xcse=# \dt
List of relations
Schema | Name | Type | Owner
--------+------------------------+-------+----------
public | group_member_table | table | postgres
public | group_membership_list | table | postgres
public | group_table | table | postgres
public | ldap_all_names_by_user | table | ldapif
public | ldap_classes_by_user | table | ldapif
public | ldap_groups_by_user | table | ldapif
public | ldap_user_table | table | ldapif
public | ldap_users_by_class | table | ldapif
public | ldap_users_by_group | table | ldapif
public | mlalias_address | table | postgres
public | mlalias_control | table | postgres
public | mlalias_owner | table | postgres
public | mlalias_sender | table | postgres
public | mlalias_user_external | table | ldapudb
public | nisnetgroup_table | table | postgres
public | user_alias_table | table | postgres
public | user_group_table | table | postgres
public | user_table | table | postgres
(18 rows)
xcse=#