[Freeipa-devel] [SSSD] Proposed changes to the HBAC grammar

Mon Nov 22 19:02:15 UTC 2010

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/22/2010 12:22 PM, Dmitri Pal wrote
>>
>> septet-of-the-month = interval 1-5
> 
> The septet is not used any more and should be removed, right?

Yeah, I missed removing that. I've deleted it from the page now.

> 
>> day-of-the-month-interval = interval day-of-the-month
> 
> This should be a plain interval from 1-31 with no negatives since it is used in the M-day rule 
> I would argue that M-day can be just replaced with
> 
> M-day = "day" WSP interval 1-31
> 

I disagree. With this construction, we can say:

accessTime = periodic monthly day -1 at 0900 + 000800

(Read: on the last day of the month from 09:00 to 17:00)

This would be useful for e.g. a regularly-scheduled backup task.

> Keep in mind that definition of the interval here is as described below: 
> interval XX-YY = a comma-separated list of items from XX to YY, or dash-separated ranges.
> For example, (interval 1-31) 3-7,10,12,15,25-31 with no spaces inside.
> 
> So definition of the day-of-the-month-interval can be then removed.
> 

Agreed. I've simplified the display of this.

>> day-of-the-month-range = "between" WSP day-of-the-month WSP "and" WSP day-of-the-month
>>
>> day-of-the-month = "-31" to "31"
> 
> 
> This notion allows me to enter "between -31 and 3" which does not make any sense.

I'll clarify with "-31" to "-1" OR "0" to "31".

> Also current grammar does not allow me to use ranges which I want to use here.

Please explain what range you want here. I'm specifically avoiding
"intervals" here because it's too complex to understand.

Describing events with arbitrary intervals like this would be better
done with the M-day approach.

> I want to be able to express "Wednesday" of the first and third week of the month. Capability to do so it completely lost.

Wrong. accessTime is multivalued. You just create two entries, one for
the first week, one for the third week. They are additive.

> We abandoned the term "septet" not because of the bad idea but because this is a confusing word. But we can leave without it as long as I can use complex intervals.
> After more thinking I would like to reject idea of the negative numbers.
> Instead we can do the following:
> 
> 
> M-on = "on" WSP day-of-the-week WSP "during" WSP day-of-the-month-range
> day-of-the-month-range = interval 1-31 / last-days
> last-days = "last" WSP sequential-days
> sequential-days = single number from the 1-31 range
> 
> So if we want to say "Wednesday" of the first and third week of the month I will use:
> 
> periodic monthly on Wed during 1-7,15-21
> 
> if I want to say Wednesday during last two weeks of the month I will say:
> 
> periodic monthly on Wed during last 14
> 
> IMO it is cleaner and simpler and allows to express all the notions we want to express. 
> 

See above. I really don't want intervals in the M-on grammar, since it
makes it extremely difficult to comprehend by mere mortals.

> 
> 
>> day-of-the-week = interval 1-7 (or Mon-Sun)
>>
>> range-specifier = "at" WSP HHMM WSP "+" WSP duration-specifier
> 
> What is the value and significance of the "+" here? Is it just for readability? Then I would suggest that we replace it with the word "for".
> 

Sure, "for" is fine.

>> duration-specifier = DDHHMM
>>
>> DD = "00" to "31"
>>
>> HH = "00" to "23"
>>
>> MM = "00" to "59"
>>
>>
>> interval XX-YY = a comma-separated list of items from XX to YY, or dash-separated ranges.
>> range = dash-separated range
> 
> This definition seems incomplete but I do not know how to make it better...
> 
>> For example, (interval 1-31) 3-7,10,12,15,25-31 with no spaces inside.
> 
> 
> Thank you,
> Dmitri Pal
> 
> Sr. Engineering Manager IPA project,
> Red Hat Inc.
> 
> 
> -------------------------------
> Looking to carve out IT costs?
> www.redhat.com/carveoutcosts/
> 
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel

- -- 
Stephen Gallagher
RHCE 804006346421761

Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkzqvi4ACgkQeiVVYja6o6ODqQCgm5eK3onDby9Of4arf53p8oNM
GV8AoIhFQUXZNF8EiJ4d6S/BAujAHnAy
=PCv6
-----END PGP SIGNATURE-----