6.5.5. Generating user.map Entries from a Script

The content of the user.map file can be generated automatically, for example by automatically extracting information from a separate service, such as LDAP, NIS or others. To specify the script that will generate the information, the @script directive can be used within the user.map:

@script /opt/continuent/share/usermap

When using the script method:

  • The information must be generated in the same format as for standard entries, i.e.:

    username password servicename
  • If the script generates multiple entries with the same name, the later output will overwrite the previous entry.

  • Multiple @script directives can be specified. Each will be processed in turn.

  • If a generated list of usernames changes due to the scripts, the connector must be manually forced to reload the usermap using tungsten flush privileges on a connector connection. If you are using the --application-readonly-port option, this command must be run through both ports. Alternatively, you can trigger a simultaneous flush by running:

    shell> touch /opt/continuent/tungsten/continuent-connector/conf/user.map
  • If the file is placed into /opt/continuent/share then the script will be retained during upgrades through tpm update.

  • If a script within the @script fails to be executed correctly, or generates no user entries, the connector will fail to start.

The script itself can be relatively simple, the standard output of the command must contain the user entries to be included in user.map. Standard error is ignored.

For example:

#!/bin/bash

echo 'app_user password dsone'

This generates a simple user entry.