Namespace generically named LDAP attributes #249
Conversation
There was a problem hiding this comment.
Hello and thanks! Could you please rename it using "USBGuard" prefix rather than "USB". I think the "target" term should be USBGuard specific.
I'll add note to myself to review and correct all the names before the next release according to the following rules:
- Terms introduced by USBGuard shoud be prefixed with "USBGuard". (e.g. target, order, host...)
- Terms related to the USB specification / devices itself should be prefixed USB (id, serial, name, ....)
Feel free to correct any other occurrences of names that don't conform to these rules.
|
I noticed that there already is a |
|
It seems that USBGuardOrder was first and then there was an intention to rename it as RuleOrder. It is so for src/{Tests|Daemon|Common}/* files and scripts/ldap/* files seem to be not updated. I think that it would be nice to have scripts/ldap/* files as primary location for ldap scripts and then we can have symlinks in tests to these scripts. Because now we have these scripts on two places and even not updated. |
In this case USBGuardOrder is just placeholder, there is no Order in regular (file based) rule. |
To avoid possible collisions with other schemas loaded into the same
server, these attributes are namespaced:
RuleCondition => USBGuardRuleCondition
RuleOrder => USBGuardRuleOrder
RuleTarget => USBGuardRuleTarget
./schema2ldif.pl usbguard < usbguard.schema > usbguard.ldif
|
Thanks! |
I noticed that recently LDAP support was added to USBGuard, which adds some attributes including the generically named
RuleTargetandRuleOrder.Since attribute names have to be unique across the LDAP server, even between schemas (and no, the OIDs are mostly just for show), this has somewhat greater chance of colliding with someone's existing schema in the future.
So while the code is still warm, I would recommend prefixing those two attributes with
USBGuard…or at leastUSB…, like the remaining ones. With namespacing, name collisions are much less likely.