CVM

CVM SQL Framework

The cvm-sqlite Module

Synopsis:

SQLite module

Credentials:

1. Pass phrase

Description:

This module queries an SQLite database for credential validation.

Configuration Variables:

The following environmental variables are required in the execution environment of cvm-sqlite:

$CVM_SQLITE_DB

The full path to the credential database file.

$CVM_SQLITE_QUERY

The SQL query statement used to submit for credential validation.

$CVM_SQLITE_PWCMP

The password comparison module to use. Set to one of two values:

• 'crypt', for passwords stored encrypted
• 'plain', for passwords stored unencrypted

Sample Schema

The following CREATE TABLE statement is shown as an example for initializing an SQLite database for use with this CVM:

CREATE TABLE accounts (
  username      TEXT NOT NULL,  -- required
  domain        TEXT NOT NULL DEFAULT '',
  password      TEXT NOT NULL,  -- required
  userid        TEXT NOT NULL,  -- required
  groupid       TEXT NOT NULL,  -- required
  realname      TEXT,           -- opt
  directory     TEXT NOT NULL,  -- required
  shell         TEXT,           -- opt
  groupname     TEXT,           -- opt
  sys_username  TEXT,           -- opt
  sys_directory TEXT,           -- opt
  mailbox_path  TEXT,           -- opt
  UNIQUE (username, domain)
);

Sample Query

The following example shows CVM_SQLITE_QUERY defined with a query statement for use with the above schema:

CVM_SQLITE_QUERY='
  SELECT
    -- required:
    password, username, userid, groupid, directory,
    -- optional gecos:
    realname, shell,
    -- optional other:
    groupname, domain, sys_username, sys_directory, mailbox_path
  FROM accounts
  WHERE username=$account
  AND   domain=$domain '