OID Assignments in 1.3.6.1.4.1.9163: 
OID Assignments in 1.3.6.1.4.1.9163:
This LDAP schema defines objects used by the Sargon project.
Base OID: 1.3.6.1.4.1.9163.3.
# depends upon:
# nis.schema
# Root (1.3.6.1.4.1.9163.3)
# 2.1 - sargonACL -- ACL object
# 1.1 - sargonUser -- User who can run docker
# 1.2 - sargonHost -- Host or hostgroup that can run docker
# 1.3 - sargonAllow -- Allowed action
# 1.4 - sargonDeny -- Denied action
# 1.5 - sargonOrder -- An integer to order sargonACL entries
# 1.6 - sargonMount -- Host FS directories that are allowed to be mounted
# 1.7 - sargonAllowPrivileged
# -- Whether it is allowed to create privileged containers
# 1.8 - sargonMaxMemory
# -- Limit on memory usage
# 1.9 - sargonMaxKernelMemory
# -- Limit on kernel memory usage
# 1.10 - sargonAllowCapability
# -- Name of the linux capability that can be added
# 1.11 - sargonNotBefore
# -- Start of time interval for which the entry is valid
# 1.12 - sargonNotAfter
# -- End of time interval for which the entry is valid
attributeType ( 1.3.6.1.4.1.9163.3.1.1 NAME 'sargonUser'
DESC 'User who can run docker'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.6.1.4.1.9163.3.1.2 NAME 'sargonHost'
DESC 'Host that can run docker'
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.6.1.4.1.9163.3.1.3 NAME 'sargonAllow'
DESC 'Docker action that is allowed to be taken'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.6.1.4.1.9163.3.1.4 NAME 'sargonDeny'
DESC 'Docker action that is not allowed to be taken'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.6.1.4.1.9163.3.1.5 NAME 'sargonOrder'
DESC 'integer to order the sargonACL entries'
EQUALITY integerMatch
ORDERING integerOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
attributeType ( 1.3.6.1.4.1.9163.3.1.6 NAME 'sargonMount'
DESC 'Host FS directories that are allowed to be mounted'
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.6.1.4.1.9163.3.1.7 NAME 'sargonAllowPrivileged'
DESC 'Whether it is allowed to create privileged containers'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
attributeType ( 1.3.6.1.4.1.9163.3.1.8 NAME 'sargonMaxMemory'
DESC 'Limit on the memory value'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeType ( 1.3.6.1.4.1.9163.3.1.9 NAME 'sargonMaxKernelMemory'
DESC 'Limit on the kernel memory value'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeType ( 1.3.6.1.4.1.9163.3.1.10 NAME 'sargonAllowCapability'
DESC 'Name of the linux capability that can be added'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributeType ( 1.3.6.1.4.1.9163.3.1.11 NAME 'sargonNotBefore'
DESC 'Start of time interval for which the entry is valid'
EQUALITY generalizedTimeMatch
ORDERING generalizedTimeOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
attributeType ( 1.3.6.1.4.1.9163.3.1.12 NAME 'sargonNotAfter'
DESC 'End of time interval for which the entry is valid'
EQUALITY generalizedTimeMatch
ORDERING generalizedTimeOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
objectClass ( 1.3.6.1.4.1.9163.3.2.1 NAME 'sargonACL'
SUP top
STRUCTURAL
DESC 'Sargon Access Control List Entry'
MUST ( cn )
MAY ( sargonUser $ sargonHost $ sargonAllow $ sargonDeny $
sargonOrder $ sargonMount $ sargonAllowPrivileged $
sargonMaxMemory $ sargonMaxKernelMemory $ sargonAllowCapability $
sargonNotBefore $ sargonNotAfter $
description ) )
This document was generated on March 13, 2022 using makeinfo.
Content is available under GNU Free Documentation License 1.3.