IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix style and grammatical issues in built-in command help.

Browse Source 
There is a rather large API.txt change but it is only due to changes
in the doc string in parameters.

ticket 729
This commit is contained in:
Rob Crittenden
2011-03-04 11:08:54 -05:00
parent c0ecdd1395
commit 4d0e739345
22 changed files with 222 additions and 195 deletions
Download Patch File Download Diff File Expand all files Collapse all files

118
API.txt
View File

@@ -204,7 +204,7 @@ command: automountlocation_import
args: 2,1,1
arg: Str('cn', attribute=True, cli_name='location', label=Gettext('Location', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
arg: Str('masterfile', label=Gettext('Master file', domain='ipa', localedir=None))
option: Flag('continue?', autofill=True, cli_name='continue', default=False,lag('continue?', autofill=True, cli_name='continue', default=False, doc=Gettext('Continuous operation mode. Errors are reported but the process continues', domain='ipa', localedir=None))
option: Flag('continue?', autofill=True, cli_name='continue', default=False,lag('continue?', autofill=True, cli_name='continue', default=False, doc=Gettext('Continuous operation mode. Errors are reported but the process continues.', domain='ipa', localedir=None))
output: Output('result', None, None)
command: automountlocation_show
args: 1,4,3
@@ -328,11 +328,11 @@ arg: Str('request_id', flags=['no_create', 'no_update', 'no_search'], label=Gett
output: Output('result', None, None)
command: config_mod
args: 0,19,3
option: Int('ipamaxusernamelength', attribute=True, autofill=False, cli_name='maxusername', label=Gettext('Max username length', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False)
option: Int('ipamaxusernamelength', attribute=True, autofill=False, cli_name='maxusername', label=Gettext('Max. username length', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False)
option: IA5Str('ipahomesrootdir', attribute=True, autofill=False, cli_name='homedirectory', label=Gettext('Home directory base', domain='ipa', localedir=None), multivalue=False, required=False)
option: Str('ipadefaultloginshell', attribute=True, autofill=False, cli_name='defaultshell', label=Gettext('Default shell', domain='ipa', localedir=None), multivalue=False, required=False)
option: Str('ipadefaultprimarygroup', attribute=True, autofill=False, cli_name='defaultgroup', label=Gettext('Default users group', domain='ipa', localedir=None), multivalue=False, required=False)
option: Str('ipadefaultemaildomain', attribute=True, autofill=False, cli_name='emaildomain', label=Gettext('Default e-mail domain', domain='ipa', localedir=None), multivalue=False, required=False)
option: Str('ipadefaultemaildomain', attribute=True, autofill=False, cli_name='emaildomain', label=Gettext('Default e-mail domain for new users', domain='ipa', localedir=None), multivalue=False, required=False)
option: Int('ipasearchtimelimit', validate_searchtimelimit, attribute=True, autofill=False, cli_name='searchtimelimit', label=Gettext('Search time limit', domain='ipa', localedir=None), minvalue=-1, multivalue=False, required=False)
option: Int('ipasearchrecordslimit', attribute=True, autofill=False, cli_name='searchrecordslimit', label=Gettext('Search size limit', domain='ipa', localedir=None), minvalue=-1, multivalue=False, required=False)
option: IA5Str('ipausersearchfields', attribute=True, autofill=False, cli_name='usersearch', label=Gettext('User search fields', domain='ipa', localedir=None), multivalue=False, required=False)
@@ -695,7 +695,7 @@ output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e
command: dnszone_add
args: 1,18,3
arg: Str('idnsname', attribute=True, cli_name='name', label=Gettext('Zone name', domain='ipa', localedir=None), multivalue=False, normalizer=<lambda>, primary_key=True, required=True)
option: Str('idnssoamname', attribute=True, cli_name='name_server', label=Gettext('Authoritative name server', domain='ipa', localedir=None), multivalue=False, required=True)
option: Str('idnssoamname', attribute=True, cli_name='name_server', label=Gettext('Authoritative nameserver', domain='ipa', localedir=None), multivalue=False, required=True)
option: Str('idnssoarname', attribute=True, cli_name='admin_email', default_from=DefaultFrom(<lambda>, 'idnsname'), label=Gettext('Administrator e-mail address', domain='ipa', localedir=None), multivalue=False, normalizer=_rname_normalizer, required=True)
option: Int('idnssoaserial', attribute=True, autofill=True, cli_name='serial', create_default=_create_zone_serial, label=Gettext('SOA serial', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False)
option: Int('idnssoarefresh', attribute=True, autofill=True, cli_name='refresh', default=3600, label=Gettext('SOA refresh', domain='ipa', localedir=None), minvalue=0, multivalue=False, required=False)
@@ -708,7 +708,7 @@ option: Str('idnsupdatepolicy', attribute=True, cli_name='update_policy', label=
option: Flag('idnsallowdynupdate', attribute=True, autofill=True, cli_name='allow_dynupdate', default=False, label=Gettext('Dynamic update', domain='ipa', localedir=None), multivalue=False, required=True)
option: Str('addattr*', validate_add_attribute, cli_name='addattr', exclude='webui')
option: Str('setattr*', validate_set_attribute, cli_name='setattr', exclude='webui')
option: Flag('force', autofill=True, default=False,lag('force', autofill=True, default=False, doc=Gettext('force DNS zone creation even if name server not in DNS', domain='ipa', localedir=None))
option: Flag('force', autofill=True, default=False,lag('force', autofill=True, default=False, doc=Gettext('Force DNS zone creation even if name server not in DNS.', domain='ipa', localedir=None))
option: Str('ip_address?', _validate_ipaddr,tr('ip_address?', _validate_ipaddr, doc=Gettext('Add the nameserver to DNS with this IP address', domain='ipa', localedir=None))
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
@@ -739,7 +739,7 @@ command: dnszone_find
args: 1,18,4
arg: Str('criteria?')
option: Str('idnsname', attribute=True, autofill=False, cli_name='name', label=Gettext('Zone name', domain='ipa', localedir=None), multivalue=False, normalizer=<lambda>, primary_key=True, query=True, required=False)
option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative name server', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative nameserver', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
option: Str('idnssoarname', attribute=True, autofill=False, cli_name='admin_email', default_from=DefaultFrom(<lambda>, 'idnsname'), label=Gettext('Administrator e-mail address', domain='ipa', localedir=None), multivalue=False, normalizer=_rname_normalizer, query=True, required=False)
option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', create_default=_create_zone_serial, label=Gettext('SOA serial', domain='ipa', localedir=None), minvalue=1, multivalue=False, query=True, required=False)
option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, label=Gettext('SOA refresh', domain='ipa', localedir=None), minvalue=0, multivalue=False, query=True, required=False)
@@ -763,7 +763,7 @@ output: Output('truncated', <type 'bool'>, 'True if not all results were returne
command: dnszone_mod
args: 1,17,3
arg: Str('idnsname', attribute=True, cli_name='name', label=Gettext('Zone name', domain='ipa', localedir=None), multivalue=False, normalizer=<lambda>, primary_key=True, query=True, required=True)
option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative name server', domain='ipa', localedir=None), multivalue=False, required=False)
option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative nameserver', domain='ipa', localedir=None), multivalue=False, required=False)
option: Str('idnssoarname', attribute=True, autofill=False, cli_name='admin_email', default_from=DefaultFrom(<lambda>, 'idnsname'), label=Gettext('Administrator e-mail address', domain='ipa', localedir=None), multivalue=False, normalizer=_rname_normalizer, required=False)
option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', create_default=_create_zone_serial, label=Gettext('SOA serial', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False)
option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, label=Gettext('SOA refresh', domain='ipa', localedir=None), minvalue=0, multivalue=False, required=False)
@@ -872,7 +872,7 @@ option: Str('description', attribute=True, cli_name='desc', label=Gettext('Descr
option: Int('gidnumber', attribute=True, cli_name='gid', label=Gettext('GID', domain='ipa', localedir=None), multivalue=False, required=False)
option: Str('addattr*', validate_add_attribute, cli_name='addattr', exclude='webui')
option: Str('setattr*', validate_set_attribute, cli_name='setattr', exclude='webui')
option: Flag('nonposix', autofill=True, cli_name='nonposix', default=False,lag('nonposix', autofill=True, cli_name='nonposix', default=False, doc=Gettext('Create as a non-POSIX group?', domain='ipa', localedir=None))
option: Flag('nonposix', autofill=True, cli_name='nonposix', default=False,lag('nonposix', autofill=True, cli_name='nonposix', default=False, doc=Gettext('Create as a non-POSIX group', domain='ipa', localedir=None))
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
@@ -915,16 +915,16 @@ option: Flag('private', autofill=True, cli_name='private', default=False,lag('pr
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='only groups with member users', label='user', multivalue=True)
option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='only groups with no member users', label='user', multivalue=True)
option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='only groups with member groups', label='group', multivalue=True)
option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='only groups with no member groups', label='group', multivalue=True)
option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='only groups with member of groups', label='group', multivalue=True)
option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='only groups with no member of groups', label='group', multivalue=True)
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only groups with member of netgroups', label='netgroup', multivalue=True)
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only groups with no member of netgroups', label='netgroup', multivalue=True)
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='only groups with member of roles', label='role', multivalue=True)
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='only groups with no member of roles', label='role', multivalue=True)
option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='Search for groups with these member users.', label='user', multivalue=True)
option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='Search for groups without these member users.', label='user', multivalue=True)
option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='Search for groups with these member groups.', label='group', multivalue=True)
option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='Search for groups without these member groups.', label='group', multivalue=True)
option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='Search for groups with these member of groups.', label='group', multivalue=True)
option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='Search for groups without these member of groups.', label='group', multivalue=True)
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for groups with these member of netgroups.', label='netgroup', multivalue=True)
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for groups without these member of netgroups.', label='netgroup', multivalue=True)
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='Search for groups with these member of roles.', label='role', multivalue=True)
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='Search for groups without these member of roles.', label='role', multivalue=True)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
output: Output('count', <type 'int'>, 'Number of entries returned')
@@ -1328,16 +1328,16 @@ option: Int('sizelimit?', autofill=False, flags=['no_display'], label=Gettext('S
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='only hosts with member of hostgroups', label='hostgroup', multivalue=True)
option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='only hosts with no member of hostgroups', label='hostgroup', multivalue=True)
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only hosts with member of netgroups', label='netgroup', multivalue=True)
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only hosts with no member of netgroups', label='netgroup', multivalue=True)
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='only hosts with member of roles', label='role', multivalue=True)
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='only hosts with no member of roles', label='role', multivalue=True)
option: List('enroll_by_user?', cli_name='enroll_by_users',ist('enroll_by_user?', cli_name='enroll_by_users', doc='only hosts with enrolled by users', label='user', multivalue=True)
option: List('not_enroll_by_user?', cli_name='not_enroll_by_users',ist('not_enroll_by_user?', cli_name='not_enroll_by_users', doc='only hosts with no enrolled by users', label='user', multivalue=True)
option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='only hosts with managed by hosts', label='host', multivalue=True)
option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='only hosts with no managed by hosts', label='host', multivalue=True)
option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='Search for hosts with these member of hostgroups.', label='hostgroup', multivalue=True)
option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='Search for hosts without these member of hostgroups.', label='hostgroup', multivalue=True)
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for hosts with these member of netgroups.', label='netgroup', multivalue=True)
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for hosts without these member of netgroups.', label='netgroup', multivalue=True)
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='Search for hosts with these member of roles.', label='role', multivalue=True)
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='Search for hosts without these member of roles.', label='role', multivalue=True)
option: List('enroll_by_user?', cli_name='enroll_by_users',ist('enroll_by_user?', cli_name='enroll_by_users', doc='Search for hosts with these enrolled by users.', label='user', multivalue=True)
option: List('not_enroll_by_user?', cli_name='not_enroll_by_users',ist('not_enroll_by_user?', cli_name='not_enroll_by_users', doc='Search for hosts without these enrolled by users.', label='user', multivalue=True)
option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='Search for hosts with these managed by hosts.', label='host', multivalue=True)
option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='Search for hosts without these managed by hosts.', label='host', multivalue=True)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
output: Output('count', <type 'int'>, 'Number of entries returned')
@@ -1424,12 +1424,12 @@ option: Int('sizelimit?', autofill=False, flags=['no_display'], label=Gettext('S
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='only hostgroups with member hosts', label='host', multivalue=True)
option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='only hostgroups with no member hosts', label='host', multivalue=True)
option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='only hostgroups with member hostgroups', label='hostgroup', multivalue=True)
option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='only hostgroups with no member hostgroups', label='hostgroup', multivalue=True)
option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='only hostgroups with member of hostgroups', label='hostgroup', multivalue=True)
option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='only hostgroups with no member of hostgroups', label='hostgroup', multivalue=True)
option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='Search for hostgroups with these member hosts.', label='host', multivalue=True)
option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='Search for hostgroups without these member hosts.', label='host', multivalue=True)
option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='Search for hostgroups with these member hostgroups.', label='hostgroup', multivalue=True)
option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='Search for hostgroups without these member hostgroups.', label='hostgroup', multivalue=True)
option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='Search for hostgroups with these member of hostgroups.', label='hostgroup', multivalue=True)
option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='Search for hostgroups without these member of hostgroups.', label='hostgroup', multivalue=True)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
output: Output('count', <type 'int'>, 'Number of entries returned')
@@ -1577,18 +1577,18 @@ option: Flag('private', autofill=True, cli_name='private', default=False,lag('pr
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
option: List('netgroup?', cli_name='netgroups',ist('netgroup?', cli_name='netgroups', doc='only netgroups with member netgroups', label='netgroup', multivalue=True)
option: List('no_netgroup?', cli_name='no_netgroups',ist('no_netgroup?', cli_name='no_netgroups', doc='only netgroups with no member netgroups', label='netgroup', multivalue=True)
option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='only netgroups with member users', label='user', multivalue=True)
option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='only netgroups with no member users', label='user', multivalue=True)
option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='only netgroups with member groups', label='group', multivalue=True)
option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='only netgroups with no member groups', label='group', multivalue=True)
option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='only netgroups with member hosts', label='host', multivalue=True)
option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='only netgroups with no member hosts', label='host', multivalue=True)
option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='only netgroups with member hostgroups', label='hostgroup', multivalue=True)
option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='only netgroups with no member hostgroups', label='hostgroup', multivalue=True)
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only netgroups with member of netgroups', label='netgroup', multivalue=True)
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only netgroups with no member of netgroups', label='netgroup', multivalue=True)
option: List('netgroup?', cli_name='netgroups',ist('netgroup?', cli_name='netgroups', doc='Search for netgroups with these member netgroups.', label='netgroup', multivalue=True)
option: List('no_netgroup?', cli_name='no_netgroups',ist('no_netgroup?', cli_name='no_netgroups', doc='Search for netgroups without these member netgroups.', label='netgroup', multivalue=True)
option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='Search for netgroups with these member users.', label='user', multivalue=True)
option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='Search for netgroups without these member users.', label='user', multivalue=True)
option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='Search for netgroups with these member groups.', label='group', multivalue=True)
option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='Search for netgroups without these member groups.', label='group', multivalue=True)
option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='Search for netgroups with these member hosts.', label='host', multivalue=True)
option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='Search for netgroups without these member hosts.', label='host', multivalue=True)
option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='Search for netgroups with these member hostgroups.', label='hostgroup', multivalue=True)
option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='Search for netgroups without these member hostgroups.', label='hostgroup', multivalue=True)
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for netgroups with these member of netgroups.', label='netgroup', multivalue=True)
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for netgroups without these member of netgroups.', label='netgroup', multivalue=True)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
output: Output('count', <type 'int'>, 'Number of entries returned')
@@ -2032,7 +2032,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")
command: selfservice_add
args: 1,5,3
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, required=True)
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, required=True)
option: List('permissions', attribute=True, cli_name='permissions', label=Gettext('Permissions', domain='ipa', localedir=None), multivalue=True, required=False)
option: List('attrs', attribute=True, cli_name='attrs', label=Gettext('Attributes', domain='ipa', localedir=None), multivalue=True, normalizer=<lambda>, required=True)
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
@@ -2043,14 +2043,14 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")
command: selfservice_del
args: 1,0,3
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: Output('result', <type 'bool'>, 'True means the operation was successful')
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")
command: selfservice_find
args: 1,6,4
arg: Str('criteria?')
option: Str('aciname', attribute=True, autofill=False, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=False)
option: Str('aciname', attribute=True, autofill=False, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=False)
option: List('permissions', attribute=True, autofill=False, cli_name='permissions', label=Gettext('Permissions', domain='ipa', localedir=None), multivalue=True, query=True, required=False)
option: List('attrs', attribute=True, autofill=False, cli_name='attrs', label=Gettext('Attributes', domain='ipa', localedir=None), multivalue=True, normalizer=<lambda>, query=True, required=False)
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
@@ -2062,7 +2062,7 @@ output: Output('count', <type 'int'>, 'Number of entries returned')
output: Output('truncated', <type 'bool'>, 'True if not all results were returned')
command: selfservice_mod
args: 1,5,3
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
option: List('permissions', attribute=True, autofill=False, cli_name='permissions', label=Gettext('Permissions', domain='ipa', localedir=None), multivalue=True, required=False)
option: List('attrs', attribute=True, autofill=False, cli_name='attrs', label=Gettext('Attributes', domain='ipa', localedir=None), multivalue=True, normalizer=<lambda>, required=False)
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
@@ -2073,7 +2073,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")
command: selfservice_show
args: 1,3,3
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
@@ -2123,8 +2123,8 @@ option: Int('sizelimit?', autofill=False, flags=['no_display'], label=Gettext('S
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='only services with managed by hosts', label='host', multivalue=True)
option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='only services with no managed by hosts', label='host', multivalue=True)
option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='Search for services with these managed by hosts.', label='host', multivalue=True)
option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='Search for services without these managed by hosts.', label='host', multivalue=True)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
output: Output('count', <type 'int'>, 'Number of entries returned')
@@ -2613,12 +2613,12 @@ option: Flag('whoami', autofill=True, default=False, label=Gettext('Self', domai
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='only users with member of groups', label='group', multivalue=True)
option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='only users with no member of groups', label='group', multivalue=True)
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only users with member of netgroups', label='netgroup', multivalue=True)
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only users with no member of netgroups', label='netgroup', multivalue=True)
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='only users with member of roles', label='role', multivalue=True)
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='only users with no member of roles', label='role', multivalue=True)
option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='Search for users with these member of groups.', label='group', multivalue=True)
option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='Search for users without these member of groups.', label='group', multivalue=True)
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for users with these member of netgroups.', label='netgroup', multivalue=True)
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for users without these member of netgroups.', label='netgroup', multivalue=True)
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='Search for users with these member of roles.', label='role', multivalue=True)
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='Search for users without these member of roles.', label='role', multivalue=True)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
output: Output('count', <type 'int'>, 'Number of entries returned')

4
ipalib/frontend.py
View File

@@ -848,13 +848,13 @@ class Command(HasParam):
if isinstance(o, (Entry, ListOfEntries)):
yield Flag('all',
cli_name='all',
doc=_('retrieve and print all attributes from the server. Affects command output.'),
doc=_('Retrieve and print all attributes from the server. Affects command output.'),
exclude='webui',
flags=['no_output'],
)
yield Flag('raw',
cli_name='raw',
doc=_('print entries as stored on the server. Only affects output format.'),
doc=_('Print entries as stored on the server. Only affects output format.'),
exclude='webui',
flags=['no_output'],
)

58
ipalib/plugins/automount.py
View File

@@ -34,12 +34,12 @@ A location defines a set of maps anchored in auto.master. This allows you
to store multiple automount configurations. A location in itself isn't
very interesting, it is just a point to start a new automount map.
A map is roughly equivalent to discrete automount files. It is storage
location for keys.
A map is roughly equivalent to a discrete automount file and provides
storage for keys.
A key is a mount point associated to a map.
A key is a mount point associated with a map.
When a new location is created two maps are automatically created for
When a new location is created, two maps are automatically created for
it: auto.master and auto.direct. auto.master is the root map for all
automount maps for the location. auto.direct is the default map for
direct mounts and is mounted on /-.
@@ -51,7 +51,7 @@ Locations:
Create a named location, "Baltimore":
ipa automountlocation-add baltimore
Display the new locations:
Display the new location:
ipa automountlocation-show baltimore
Find available locations:
@@ -67,7 +67,7 @@ Locations:
ipa automountlocation-import baltimore /etc/auto.master
The import will fail if any duplicate entries are found. For
continuous operation where errors are ignored use the --continue
continuous operation where errors are ignored, use the --continue
option.
Maps:
@@ -193,7 +193,7 @@ class automountlocation(LDAPObject):
Str('cn',
cli_name='location',
label=_('Location'),
doc=_('Automount location name'),
doc=_('Automount location name.'),
primary_key=True,
),
)
@@ -203,7 +203,7 @@ api.register(automountlocation)
class automountlocation_add(LDAPCreate):
"""
Create new automount location.
Create a new automount location.
"""
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
# create auto.master for the new location
@@ -218,7 +218,7 @@ api.register(automountlocation_add)
class automountlocation_del(LDAPDelete):
"""
Delete automount location.
Delete an automount location.
"""
api.register(automountlocation_del)
@@ -226,7 +226,7 @@ api.register(automountlocation_del)
class automountlocation_show(LDAPRetrieve):
"""
Display automount location.
Display an automount location.
"""
api.register(automountlocation_show)
@@ -234,7 +234,7 @@ api.register(automountlocation_show)
class automountlocation_find(LDAPSearch):
"""
Search for automount locations.
Search for an automount location.
"""
api.register(automountlocation_find)
@@ -311,14 +311,14 @@ class automountlocation_import(LDAPQuery):
takes_args = (
Str('masterfile',
label=_('Master file'),
doc=_('Automount master file'),
doc=_('Automount master file.'),
),
)
takes_options = (
Flag('continue?',
cli_name='continue',
doc=_('Continuous operation mode. Errors are reported but the process continues'),
doc=_('Continuous operation mode. Errors are reported but the process continues.'),
),
)
@@ -502,7 +502,7 @@ class automountmap(LDAPObject):
IA5Str('automountmapname',
cli_name='map',
label=_('Map'),
doc=_('Automount map name'),
doc=_('Automount map name.'),
primary_key=True,
),
Str('description?',
@@ -518,7 +518,7 @@ api.register(automountmap)
class automountmap_add(LDAPCreate):
"""
Create new automount map.
Create a new automount map.
"""
api.register(automountmap_add)
@@ -526,7 +526,7 @@ api.register(automountmap_add)
class automountmap_del(LDAPDelete):
"""
Delete automount map.
Delete an automount map.
"""
def post_callback(self, ldap, dn, *keys, **options):
# delete optional parental connection (direct maps may not have this)
@@ -545,7 +545,7 @@ api.register(automountmap_del)
class automountmap_mod(LDAPUpdate):
"""
Modify automount map.
Modify an automount map.
"""
api.register(automountmap_mod)
@@ -553,7 +553,7 @@ api.register(automountmap_mod)
class automountmap_find(LDAPSearch):
"""
Search for automount maps.
Search for an automount map.
"""
api.register(automountmap_find)
@@ -561,7 +561,7 @@ api.register(automountmap_find)
class automountmap_show(LDAPRetrieve):
"""
Display automount map.
Display an automount map.
"""
api.register(automountmap_show)
@@ -586,7 +586,7 @@ class automountkey(LDAPObject):
IA5Str('automountkey',
cli_name='key',
label=_('Key'),
doc=_('Automount key name'),
doc=_('Automount key name.'),
),
IA5Str('automountinformation',
cli_name='info',
@@ -665,7 +665,7 @@ api.register(automountkey)
class automountkey_add(LDAPCreate):
"""
Create new automount key.
Create a new automount key.
"""
def pre_callback(self, ldap, dn, entry_attrs, *keys, **options):
self.obj.check_key_uniqueness(keys[-2], keys[-1], **options)
@@ -686,7 +686,7 @@ api.register(automountkey_add)
class automountmap_add_indirect(LDAPCreate):
"""
Create new indirect mount point.
Create a new indirect mount point.
"""
takes_options = LDAPCreate.takes_options + (
Str('key',
@@ -696,7 +696,7 @@ class automountmap_add_indirect(LDAPCreate):
Str('parentmap?',
cli_name='parentmap',
label=_('Parent map'),
doc=_('Name of parent automount map (default: auto.master)'),
doc=_('Name of parent automount map (default: auto.master).'),
default=u'auto.master',
autofill=True,
),
@@ -716,13 +716,13 @@ api.register(automountmap_add_indirect)
class automountkey_del(LDAPDelete):
"""
Delete automount key.
Delete an automount key.
"""
takes_options = LDAPDelete.takes_options + (
IA5Str('automountkey',
cli_name='key',
label=_('Key'),
doc=_('Automount key name'),
doc=_('Automount key name.'),
),
IA5Str('automountinformation',
cli_name='info',
@@ -747,7 +747,7 @@ api.register(automountkey_del)
class automountkey_mod(LDAPUpdate):
"""
Modify automount key.
Modify an automount key.
"""
takes_options = LDAPUpdate.takes_options + (
IA5Str('newautomountinformation',
@@ -780,7 +780,7 @@ api.register(automountkey_mod)
class automountkey_find(LDAPSearch):
"""
Modify automount key.
Search for an automount key.
"""
api.register(automountkey_find)
@@ -788,13 +788,13 @@ api.register(automountkey_find)
class automountkey_show(LDAPRetrieve):
"""
Display automount key.
Display an automount key.
"""
takes_options = LDAPRetrieve.takes_options + (
IA5Str('automountkey',
cli_name='key',
label=_('Key'),
doc=_('Automount key name'),
doc=_('Automount key name.'),
),
IA5Str('automountinformation',
cli_name='info',

8
ipalib/plugins/baseldap.py
View File

@@ -411,8 +411,8 @@ _attr_options = (
),
Str('setattr*', validate_set_attribute,
cli_name='setattr',
doc=_("""Set an attribute to an name/value pair. Format is attr=value.
For multivalued attributes, the command replaces the values already present."""),
doc=_("""Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present."""),
exclude='webui',
),
)
@@ -1247,8 +1247,8 @@ class LDAPSearch(CallbackInterface, crud.Search):
Retrieve all LDAP entries matching the given criteria.
"""
member_attributes = []
member_param_incl_doc = 'only %s with %s %s'
member_param_excl_doc = 'only %s with no %s %s'
member_param_incl_doc = 'Search for %s with these %s %s.'
member_param_excl_doc = 'Search for %s without these %s %s.'
takes_options = (
Int('timelimit?',

28
ipalib/plugins/cert.py
View File

@@ -24,10 +24,10 @@ IPA certificate operations
Implements a set of commands for managing server SSL certificates.
Certificate request exist in the form of a Certificate Signing Request (CSR)
Certificate requests exist in the form of a Certificate Signing Request (CSR)
in PEM format.
If using the selfsign backend then the subject in the CSR needs to match
If using the selfsign back end then the subject in the CSR needs to match
the subject configured in the server. The dogtag CA uses just the CN
value of the CSR and forces the rest of the subject.
@@ -57,8 +57,26 @@ EXAMPLES:
ipa cert-status 10
IPA currently immediately issues (or declines) all certificate requests so
the status of a request is not normally useful. This is for future-use
the status of a request is not normally useful. This is for future use
or the case where a CA does not immediately issue a certificate.
The following revocation reasons are supported:
* 0 - unspecified
* 1 - keyCompromise
* 2 - cACompromise
* 3 - affiliationChanged
* 4 - superseded
* 5 - cessationOfOperation
* 6 - certificateHold
* 8 - removeFromCRL
* 9 - privilegeWithdrawn
* 10 - aACompromise
Note that reason code 7 is not used. See RFC 5280 for more details:
http://www.ietf.org/rfc/rfc5280.txt
"""
from ipalib import api, SkipPluginModule
@@ -377,7 +395,7 @@ api.register(cert_request)
class cert_status(VirtualCommand):
"""
Check status of a certificate signing request.
Check the status of a certificate signing request.
"""
takes_args = (
@@ -447,7 +465,7 @@ class cert_show(VirtualCommand):
takes_options = (
Str('out?',
label=_('Output filename'),
doc=_('file to store certificate in'),
doc=_('File to store the certificate in.'),
exclude='webui',
),
)

44
ipalib/plugins/config.py
View File

@@ -20,7 +20,7 @@
"""
Manage the IPA configuration
Manage the default values tha IPA uses and some of its tuning parameters.
Manage the default values that IPA uses and some of its tuning parameters.
To show the current configuration:
ipa config-show
@@ -32,12 +32,12 @@ The available options are:
User management options:
--maxusername=INT Max username length when creating/modifing a user
--maxusername=INT Max. username length when creating/modifying a user
--homedirectory=STR Default location of home directories (default /home)
--defaultshell=STR Default shell for new users (default /bin/sh)
--defaultgroup=STR Default group for new users (default ipausers). The
group must exist. Otherwise adding new users will fail.
--emaildomain=STR Default e-mail domain new users
group must exist, or adding new users will fail.
--emaildomain=STR Default e-mail domain for new users
Search tuning options. These impact how much data is searched through and
how many records may be returned on a given search.
@@ -55,12 +55,12 @@ The password notification value is stored here so it will be replicated.
It is not currently used to notify users in advance of an expiring
password.
Some attributes are read-only, provided for information purposes. These
Some attributes are read-only, provided only for information purposes. These
include:
Certificate Subject base: the configured certificate subject base,
e.g. O=EXAMPLE.COM. This is configurable only at install time.
Password plugin features: currently defines additional hashes that the
Password plug-in features: currently defines additional hashes that the
password will generate (there may be other conditions).
"""
@@ -93,82 +93,82 @@ class config(LDAPObject):
takes_params = (
Int('ipamaxusernamelength?',
cli_name='maxusername',
label=_('Max username length'),
label=_('Max. username length'),
minvalue=1,
),
IA5Str('ipahomesrootdir?',
cli_name='homedirectory',
label=_('Home directory base'),
doc=_('Default location of home directories'),
doc=_('Default location of home directories.'),
),
Str('ipadefaultloginshell?',
cli_name='defaultshell',
label=_('Default shell'),
doc=_('Default shell for new users'),
doc=_('Default shell for new users.'),
),
Str('ipadefaultprimarygroup?',
cli_name='defaultgroup',
label=_('Default users group'),
doc=_('Default group for new users'),
doc=_('Default group for new users.'),
),
Str('ipadefaultemaildomain?',
cli_name='emaildomain',
label=_('Default e-mail domain'),
doc=_('Default e-mail domain new users'),
label=_('Default e-mail domain for new users'),
doc=_('Default e-mail domain new users.'),
),
Int('ipasearchtimelimit?', validate_searchtimelimit,
cli_name='searchtimelimit',
label=_('Search time limit'),
doc=_('Max. amount of time (sec.) for a search (> 0, or -1 for unlimited)'),
doc=_('Max. amount of time (sec.) for a search (> 0, or -1 for unlimited).'),
minvalue=-1,
),
Int('ipasearchrecordslimit?',
cli_name='searchrecordslimit',
label=_('Search size limit'),
doc=_('Max. number of records to search (-1 is unlimited)'),
doc=_('Max. number of records to search (-1 is unlimited).'),
minvalue=-1,
),
IA5Str('ipausersearchfields?',
cli_name='usersearch',
label=_('User search fields'),
doc=_('A comma-separated list of fields to search when searching for users'),
doc=_('A comma-separated list of fields to search when searching for users.'),
),
IA5Str('ipagroupsearchfields?',
cli_name='groupsearch',
label='Group search fields',
doc=_('A comma-separated list of fields to search when searching for groups'),
doc=_('A comma-separated list of fields to search when searching for groups.'),
),
Bool('ipamigrationenabled?',
cli_name='enable_migration',
label=_('Migration mode'),
doc=_('Enable migration mode'),
doc=_('Enable migration mode.'),
),
Str('ipacertificatesubjectbase?',
cli_name='subject',
label=_('Certificate Subject base'),
doc=_('Base for certificate subjects (OU=Test,O=Example)'),
doc=_('Base for certificate subjects (OU=Test,O=Example).'),
flags=['no_update'],
),
List('ipagroupobjectclasses?',
cli_name='groupobjectclasses',
label=_('Default group objectclasses'),
doc=_('Default group objectclassses (comma-separated list)'),
doc=_('Default group objectclassses (comma-separated list).'),
),
List('ipauserobjectclasses?',
cli_name='userobjectclasses',
label=_('Default user objectclasses'),
doc=_('Default user objectclassses (comma-separated list)'),
doc=_('Default user objectclassses (comma-separated list).'),
),
Int('ipapwdexpadvnotify?',
cli_name='pwdexpnotify',
label=_('Password Expiration Notification'),
doc=_('Password Expiration Notification (days)'),
doc=_('Number of days\'s notice of impending password expiration.'),
minvalue=0,
),
Str('ipaconfigstring?',
cli_name='ipaconfigstring',
label=_('Password plugin features'),
doc=_('Extra hashes to generate in password plugin'),
doc=_('Extra hashes to generate in password plug-in.'),
flags=['no_update'],
),
)

10
ipalib/plugins/dns.py
View File

@@ -52,7 +52,7 @@ EXAMPLES:
Show zone example.com:
ipa dnszone-show example.com
Find zone with "example" in it's domain name:
Find zone with "example" in its domain name:
ipa dnszone-find example
Find records for resources with "www" in their name in zone example.com:
@@ -249,8 +249,8 @@ class dnszone(LDAPObject):
),
Str('idnssoamname',
cli_name='name_server',
label=_('Authoritative name server'),
doc=_('Authoritative name server'),
label=_('Authoritative nameserver'),
doc=_('Authoritative nameserver.'),
),
Str('idnssoarname',
cli_name='admin_email',
@@ -326,7 +326,7 @@ class dnszone(LDAPObject):
Flag('idnsallowdynupdate',
cli_name='allow_dynupdate',
label=_('Dynamic update'),
doc=_('Allow dynamic update?'),
doc=_('Allow dynamic updates.'),
attribute=True,
),
)
@@ -340,7 +340,7 @@ class dnszone_add(LDAPCreate):
"""
takes_options = LDAPCreate.takes_options + (
Flag('force',
doc=_('force DNS zone creation even if name server not in DNS'),
doc=_('Force DNS zone creation even if nameserver not in DNS.'),
),
Str('ip_address?', _validate_ipaddr,
doc=_('Add the nameserver to DNS with this IP address'),

8
ipalib/plugins/group.py
View File

@@ -21,15 +21,15 @@
Groups of users
Manage groups of users. By default, new groups are POSIX groups. You
can add the --nonposix to the group-add command to mark a new group
can add the --nonposix option to the group-add command to mark a new group
as non-POSIX, and you can use the same argument to the group-mod command
to convert a non-POSIX group to a POSIX group. POSIX groups cannot be
converted to non-POSIX groups.
Every group must have a description.
POSIX groups must have a Group ID number (GID). Changing a GID is
supported but can have impact on your file permissions. It is not necessary
POSIX groups must have a Group ID (GID) number. Changing a GID is
supported but can have an impact on your file permissions. It is not necessary
to supply a GID when creating a group. IPA will generate one automatically
if it is not provided.
@@ -133,7 +133,7 @@ class group_add(LDAPCreate):
takes_options = LDAPCreate.takes_options + (
Flag('nonposix',
cli_name='nonposix',
doc=_('Create as a non-POSIX group?'),
doc=_('Create as a non-POSIX group'),
default=False,
),
)

8
ipalib/plugins/hbacrule.py
View File

@@ -49,7 +49,7 @@ EXAMPLES:
ipa hbacrule-add-service --hbacsvcs=sshd john_sshd
Create a rule for a new service group. This lets the user john access
the any FTP service on any machine from any machine:
the FTP service on any machine from any machine:
ipa hbacsvcgroup-add ftpers
ipa hbacsvc-add sftp
ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers
@@ -85,7 +85,7 @@ from ipalib import AccessTime, Password, Str, StrEnum
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
topic = ('hbac', 'Host based access control commands')
topic = ('hbac', 'Host-based access control commands')
def is_all(options, attribute):
"""
@@ -467,7 +467,7 @@ api.register(hbacrule_add_host)
class hbacrule_remove_host(LDAPRemoveMember):
"""
Remove target hosts and hostgroups from a HBAC rule.
Remove target hosts and hostgroups from an HBAC rule.
"""
member_attributes = ['memberhost']
member_count_out = ('%i object removed.', '%i objects removed.')
@@ -521,7 +521,7 @@ api.register(hbacrule_add_service)
class hbacrule_remove_service(LDAPRemoveMember):
"""
Remove source hosts and hostgroups from an HBAC rule.
Remove service and service groups from an HBAC rule.
"""
member_attributes = ['memberservice']
member_count_out = ('%i object removed.', '%i objects removed.')

24
ipalib/plugins/hbacsvcgroup.py
View File

@@ -24,20 +24,20 @@ or "members". Every group must have a description.
EXAMPLES:
Add a new HBAC services group:
Add a new HBAC service group:
ipa hbacsvcgroup-add --desc="login services" login
Add members to an HBAC services group:
Add members to an HBAC service group:
ipa hbacsvcgroup-add-member --hbacsvcs=sshd,login login
Display information about a named group:
ipa hbacsvcgroup-show login
Add a new group to the "login" group:
ipa hbacsvcgroup-add --desc="switch users" suers
ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l suers
ipa hbacsvcgroup-add --desc="switch users" login
ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l login
Delete an HBAC services group:
Delete an HBAC service group:
ipa hbacsvcgroup-del login
"""
@@ -82,7 +82,7 @@ api.register(hbacsvcgroup)
class hbacsvcgroup_add(LDAPCreate):
"""
Add a new HBAC services group.
Add a new HBAC service group.
"""
msg_summary = _('Added HBAC service group "%(value)s"')
@@ -91,7 +91,7 @@ api.register(hbacsvcgroup_add)
class hbacsvcgroup_del(LDAPDelete):
"""
Delete an HBAC services group.
Delete an HBAC service group.
"""
msg_summary = _('Deleted HBAC service group "%(value)s"')
@@ -100,7 +100,7 @@ api.register(hbacsvcgroup_del)
class hbacsvcgroup_mod(LDAPUpdate):
"""
Modify an HBAC services group.
Modify an HBAC service group.
"""
msg_summary = _('Modified HBAC service group "%(value)s"')
@@ -109,7 +109,7 @@ api.register(hbacsvcgroup_mod)
class hbacsvcgroup_find(LDAPSearch):
"""
Search for an HBAC services group.
Search for an HBAC service group.
"""
msg_summary = ngettext(
'%(count)d HBAC service group matched', '%(count)d HBAC service groups matched', 0
@@ -120,7 +120,7 @@ api.register(hbacsvcgroup_find)
class hbacsvcgroup_show(LDAPRetrieve):
"""
Display information about an HBAC services group.
Display information about an HBAC service group.
"""
api.register(hbacsvcgroup_show)
@@ -128,7 +128,7 @@ api.register(hbacsvcgroup_show)
class hbacsvcgroup_add_member(LDAPAddMember):
"""
Add members to an HBAC services group.
Add members to an HBAC service group.
"""
api.register(hbacsvcgroup_add_member)
@@ -136,7 +136,7 @@ api.register(hbacsvcgroup_add_member)
class hbacsvcgroup_remove_member(LDAPRemoveMember):
"""
Remove members from an HBAC services group.
Remove members from an HBAC service group.
"""
api.register(hbacsvcgroup_remove_member)

5
ipalib/plugins/host.py
View File

@@ -23,7 +23,7 @@ Hosts/Machines
A host represents a machine. It can be used in a number of contexts:
- service entries are associated with a host
- a host stores the host/ service principal
- a host can be used in Host-Based Access Control (HBAC) rules
- a host can be used in Host-based Access Control (HBAC) rules
- every enrolled client generates a host entry
ENROLLMENT:
@@ -34,7 +34,8 @@ There are three enrollment scenarios when enrolling a new client:
or not. A full administrator is a member of the hostadmin role
or the admins group.
2. You are enrolling as a limited administrator. The host must already
exist. A limited administrator is a member of the enrollhost role.
exist. A limited administrator is a member a role with the
Host Enrollment privilege.
3. The host has been created with a one-time password.
A host can only be enrolled once. If a client has enrolled and needs to

2
ipalib/plugins/internal.py
View File

@@ -377,7 +377,7 @@ class i18n_messages(Command):
"validation_error":_("Text does not match field pattern"),
},
"ajax":{
"401":_("Your kerberos ticket is no longer valid. Please run kinit and then click 'Retry'. If this is your first time running the IPA Web UI <a href='/ipa/config/unauthorized.html'>follow these directions</a> to configure your browser.")
"401":_("Your Kerberos ticket is no longer valid. Please run kinit and then click 'Retry'. If this is your first time running the IPA Web UI <a href='/ipa/config/unauthorized.html'>follow these directions</a> to configure your browser.")
},
}
has_output = (

5
ipalib/plugins/migration.py
View File

@@ -38,11 +38,12 @@ RFC2307bis. RFC2307bis uses member and uniquemember to specify group
members, RFC2307 uses memberUid. The default schema is RFC2307bis.
Migrated users do not have Kerberos credentials, they have only their
LDAP password. To complete the migration process users need to go
LDAP password. To complete the migration process, users need to go
to http://ipa.example.com/ipa/migration and authenticate using their
LDAP password in order to generate their Kerberos credentials.
Migration is disabled by default. To configure it use config-mod:
Migration is disabled by default. Use the command ipa config-mod to
enable it:
ipa config-mod --enable-migration=TRUE

2
ipalib/plugins/misc.py
View File

@@ -18,7 +18,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
"""
Misc plugins
Misc plug-ins
"""
import re

6
ipalib/plugins/passwd.py
View File

@@ -19,9 +19,9 @@
"""
Set a user's password
If someone other than user changes their password (e.g., Helpdesk resets it)
then the password will need to be changed the first time it is used.
This is so the end-user is the only one that knows the password.
If someone other than a user changes that user's password (e.g., Helpdesk
resets it) then the password will need to be changed the first time it
is used. This is so the end-user is the only one who knows the password.
The IPA password policy controls how often a password may be changed,
what strength requirements exist, and the length of the password history.

11
ipalib/plugins/permission.py
View File

@@ -26,7 +26,7 @@ user, modifying a group, etc.
A permission may not contain other permissions.
* A permissions grants access to read, write, add or delete.
* A permission grants access to read, write, add or delete.
* A privilege combines similar permissions (for example all the permissions
needed to add a user).
* A role grants a set of privileges to users, groups, hosts or hostgroups.
@@ -35,9 +35,10 @@ A permission is made up of a number of different parts:
1. The name of the permission.
2. The target of the permission.
3. The permissions granted by the permission.
3. The rights granted by the permission.
The permissions define what operations are allowed and are one or more of:
Rights define what operations are allowed, and may be one or more
of the following:
1. write - write one or more attributes
2. read - read one or more attributes
3. add - add a new entry to the tree
@@ -49,14 +50,14 @@ permission is not expected to be used very often.
Note the distinction between attributes and entries. The permissions are
independent, so being able to add a user does not mean that the user will
be editabe.
be editable.
There are a number of allowed targets:
1. type: a type of object (user, group, etc).
2. memberof: a member of a group or hostgroup
3. filter: an LDAP filter
4. subtree: an LDAP filter specifying part of the LDAP DIT. This is a
super-set of the type option.
super-set of the "type" target.
5. targetgroup: grant access to modify a specific group (such as granting
the rights to manage group membership)

13
ipalib/plugins/pkinit.py
View File

@@ -19,16 +19,21 @@
"""
Kerberos pkinit options
Right now it enables only to control whether Anonymous PKINIT is enabled
or not based on whether the wellknown principal is active or not.
Enable or disable anonymous pkinit using the principal
WELLKNOWN/ANONYMOUS@REALM. The server must have been installed with
pkinit support.
EXAMPLES:
Enable Anonymous pkinit:
Enable anonymous pkinit:
ipa pkinit-anonymous enable
Disable Anonymous pkinit:
Disable anonymous pkinit:
ipa pkinit-anonymous disable
For more information on anonymous pkinit see:
http://k5wiki.kerberos.org/wiki/Projects/Anonymous_pkinit
"""
from ipalib import api, errors

28
ipalib/plugins/selfservice.py
View File

@@ -17,29 +17,29 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
"""
Self-Service Permissions
Self-service Permissions
A permission enables fine-grained delegation of permissions. Access Control
Rules, or instructions (ACIs), grant permission to permissions to perform
given tasks such as adding a user, modifying a group, etc.
A Self-Service permission defines what an object can change in its own entry.
A Self-service permission defines what an object can change in its own entry.
EXAMPLES:
Add a self-service rule to allow users to manage their address:
ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st "User's manage their own address"
ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st "Users manage their own address"
When managing the list of attributes you need to include all attributes
in the list, including existing ones. Add telephoneNumber to the list:
ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber "User's manage their own address"
ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber "Users manage their own address"
Display our updated rule:
ipa selfservice-show "User's manage their own address"
ipa selfservice-show "Users manage their own address"
Delete a rule:
ipa selfservice-del "User's manage their own address"
ipa selfservice-del "Users manage their own address"
"""
import copy
@@ -54,7 +54,7 @@ ACI_PREFIX=u"selfservice"
def is_selfservice(aciname):
"""
Determine if the ACI is a Self-Service ACI and raise an exception if it
Determine if the ACI is a Self-service ACI and raise an exception if it
isn't.
Return the result if it is a self-service ACI.
@@ -77,8 +77,8 @@ class selfservice(Object):
takes_params = (
Str('aciname',
cli_name='name',
label=_('Self-Service name'),
doc=_('Self-Service name'),
label=_('Self-service name'),
doc=_('Self-service name'),
primary_key=True,
),
List('permissions?',
@@ -112,7 +112,7 @@ api.register(selfservice)
class selfservice_add(crud.Create):
"""
Add a new selfservice permission.
Add a new self-service permission.
"""
msg_summary = _('Added selfservice "%(value)s"')
@@ -135,7 +135,7 @@ api.register(selfservice_add)
class selfservice_del(crud.Delete):
"""
Delete a selfservice.
Delete a self-service permission.
"""
has_output = output.standard_boolean
@@ -156,7 +156,7 @@ api.register(selfservice_del)
class selfservice_mod(crud.Update):
"""
Modify a selfservice.
Modify a self-service permission.
"""
msg_summary = _('Modified selfservice "%(value)s"')
@@ -179,7 +179,7 @@ api.register(selfservice_mod)
class selfservice_find(crud.Search):
"""
Search for selfservices.
Search for a self-service permission.
"""
msg_summary = ngettext(
@@ -205,7 +205,7 @@ api.register(selfservice_find)
class selfservice_show(crud.Retrieve):
"""
Display information about a selfservice.
Display information about a self-service permission.
"""
has_output_params = (
Str('aci',

2
ipalib/plugins/service.py
View File

@@ -28,7 +28,7 @@ An IPA service can be managed directly from a machine, provided that
machine has been given the correct permission. This is true even for
machines other than the one the service is associated with. For example,
requesting an SSL certificate using the host service principal credentials
of the host. To manage a services using a host credentials you need to
of the host. To manage a service using host credentials you need to
kinit as the host:
# kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM

15
ipalib/plugins/sudocmdgroup.py
View File

@@ -17,26 +17,25 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
"""
Groups of sudo commands
Groups of Sudo commands
Manage groups of sudo commands.
Every group must have a description.
Manage groups of Sudo commands.
EXAMPLES:
Add a new sudo command group:
Add a new Sudo command group:
ipa sudocmdgroup-add --desc='administrators commands' admincmds
Remove a sudo command group:
Remove a Sudo command group:
ipa sudocmdgroup-del admincmds
Manage sudo command group membership, commands:
Manage Sudo command group membership, commands:
ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less,/usr/bin/vim admincmds
Manage sudo command group membership, commands:
Manage Sudo command group membership, commands:
ipa group-remove-member --sudocmds=/usr/bin/less admincmds
Show a sudo command group:
Show a Sudo command group:
ipa group-show localadmins
"""

4
ipalib/plugins/sudorule.py
View File

@@ -38,11 +38,11 @@ from ipalib import Str, StrEnum
from ipalib.plugins.baseldap import *
from ipalib import _, ngettext
topic = ('sudo', 'commands for controlling sudo configuration')
topic = ('sudo', 'Commands for controlling sudo configuration')
class sudorule(LDAPObject):
"""
Sudo Rule.
Sudo Rule management
"""
container_dn = api.env.container_sudorule
object_name = 'Sudo Rule'

14
ipalib/plugins/user.py
View File

@@ -24,7 +24,7 @@ Manage user entries. All users are POSIX users.
IPA supports a wide range of username formats, but you need to be aware of any
restrictions that may apply to your particular environment. For example,
usernames that starts with a digit or usernames that exceed a certain length
usernames that start with a digit or usernames that exceed a certain length
may cause problems for some UNIX systems.
Use 'ipa config-mod' to change the username format allowed by IPA tools.
@@ -401,7 +401,7 @@ api.register(user_show)
class user_disable(LDAPQuery):
"""
Disable user account.
Disable a user account.
"""
has_output = output.standard_value
@@ -424,7 +424,7 @@ api.register(user_disable)
class user_enable(LDAPQuery):
"""
Enable user account.
Enable a user account.
"""
has_output = output.standard_value
@@ -446,10 +446,12 @@ api.register(user_enable)
class user_unlock(LDAPQuery):
"""
Lock user account
Unlock a user account
- locked account can't log in against Kerberos and must be unlocked by admin
- account can be locked e.g. by inputting wrong password too many times
An account may become locked if the password is entered incorrectly too
many times within a specific time period as controlled by password
policy. A locked account is a temporary condition and may be unlocked by
an administrator.
"""
has_output = output.standard_value
msg_summary = _('Unlocked account "%(value)s"')