The content of the user.map file can be generated
automatically, for example by automatically extracting information from
a separate service, such as LDAP, NIS or others. To specify the script
that will generate the information, the
@script directive can be used
within the user.map:
@script /opt/continuent/share/usermap
When using the script method:
The information must be generated in the same format as for standard entries, i.e.:
username password servicename
If the script generates multiple entries with the same name, the later output will overwrite the previous entry.
Multiple @script directives
can be specified. Each will be processed in turn.
If a generated list of usernames changes due to the scripts, the
connector must be manually forced to reload the usermap using
tungsten flush
privileges on a connector connection. If you are using the
--application-readonly-port option,
this command must be run through both ports. Alternatively, you can
trigger a simultaneous flush by running:
shell> touch /opt/continuent/tungsten/continuent-connector/conf/user.map
If the file is placed into
/opt/continuent/share then the script will be
retained during upgrades through tpm update.
If a script within the
@script fails to be executed
correctly, or generates no user entries, the connector will fail to
start.
The script itself can be relatively simple, the standard output of the
command must contain the user entries to be included in
user.map. Standard error is ignored.
For example:
#!/bin/bash echo 'app_user password dsone'
This generates a simple user entry.