Namespaces

Z MetaCentrum
Přejít na: navigace, hledání

Back to Perun main page

Concept of namespaces

Concept of namespaces allows users to have different lognames at various entities of system. Each facility is assigned to specific namespace. User who want to use facilities from different namespaces have to own lognames from all these namespaces of facilities. This rule bears on every date related to loging on facilities (lognames, UIDs, GIDs,...).

All data and options related to namespases are kept at following attributes:

  • For facility:
    • urn:perun:facility:attribute-def:def:login-namespace defines namespace for all user's logins on facility.
    • urn:perun:facility:attribute-def:def:uid-namespace defines namespace for user's UIDs on facility.
    • urn:perun:facility:attribute-def:def:unixGID-namespace defines namespace for unix groups GIDs on facility.
    • urn:perun:facility:attribute-def:virt:maxGID maximal value for GID on facility - it is determined automatically based on facility's namespace.
    • urn:perun:facility:attribute-def:virt:minGID minimal value for GID on facility - it is determined automatically based on facility's namespace.
    • urn:perun:facility:attribute-def:virt:maxUID maximal value for UID on facility - it is determined automatically based on facility's namespace.
    • urn:perun:facility:attribute-def:virt:minUID minimal value for UID on facility - it is determined automatically based on facility's namespace.
    • urn:perun:facility:attribute-def:def:unixGroupName-namespace defines namespace for unix groups names on facility.
  • For groups:
    • urn:perun:group:attribute-def:def:unixGID-namespace:name_of_namespace defines unix GID in namespace name_of_namespace for main group on facility.
    • urn:perun:group:attribute-def:def:unixGroupName-namespace:name_of_namespace defines unix group name in namespace name_of_namespace for main group on facility.
  • For resources:
    • urn:perun:resource:attribute-def:def:unixGID-namespace:name_of_namespace defines unix GID of group which represented group for whole resource at namespace name_of_namespace.
    • urn:perun:resource:attribute-def:def:unixGroupName-namespace:name_of_namespace defines unix group name of group which represented group for whole resource at namespace name_of_namespace.
  • For users:
    • urn:perun:user:attribute-def:def:login-namespace:name_of_namespace defines users's logname in namespace name_of_namespace.
    • urn:perun:user:attribute-def:def:uid-namespace:name_of_namespace defines users's UID in namespace name_of_namespace.
    • urn:perun:user:attribute-def:def:preferredUnixGroupName-namespace:name_of_namespace defines list of user's preferred unix group names, ordered by user's personal preferrences for name_of_namespace namespace.
  • There are several attributes which are not related to any entity. They are defined for each namespace, used on facility. They are target for calculation of appropriate facility virtual attributes (mentioned above):
    • urn:perun:entityless:attribute-def:def:namespace-maxGID contains basic value of maximal GID.
    • urn:perun:entityless:attribute-def:def:namespace-minGID contains basic value of minimal GID.
    • urn:perun:entityless:attribute-def:def:namespace-maxUID contains basic value of maximal UID
    • urn:perun:entityless:attribute-def:def:namespace-minUID contains basic value of minimal UID