mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
Fix style and grammatical issues in built-in command help.
There is a rather large API.txt change but it is only due to changes in the doc string in parameters. ticket 729
This commit is contained in:
118
API.txt
118
API.txt
@@ -204,7 +204,7 @@ command: automountlocation_import
|
||||
args: 2,1,1
|
||||
arg: Str('cn', attribute=True, cli_name='location', label=Gettext('Location', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
|
||||
arg: Str('masterfile', label=Gettext('Master file', domain='ipa', localedir=None))
|
||||
option: Flag('continue?', autofill=True, cli_name='continue', default=False,lag('continue?', autofill=True, cli_name='continue', default=False, doc=Gettext('Continuous operation mode. Errors are reported but the process continues', domain='ipa', localedir=None))
|
||||
option: Flag('continue?', autofill=True, cli_name='continue', default=False,lag('continue?', autofill=True, cli_name='continue', default=False, doc=Gettext('Continuous operation mode. Errors are reported but the process continues.', domain='ipa', localedir=None))
|
||||
output: Output('result', None, None)
|
||||
command: automountlocation_show
|
||||
args: 1,4,3
|
||||
@@ -328,11 +328,11 @@ arg: Str('request_id', flags=['no_create', 'no_update', 'no_search'], label=Gett
|
||||
output: Output('result', None, None)
|
||||
command: config_mod
|
||||
args: 0,19,3
|
||||
option: Int('ipamaxusernamelength', attribute=True, autofill=False, cli_name='maxusername', label=Gettext('Max username length', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False)
|
||||
option: Int('ipamaxusernamelength', attribute=True, autofill=False, cli_name='maxusername', label=Gettext('Max. username length', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False)
|
||||
option: IA5Str('ipahomesrootdir', attribute=True, autofill=False, cli_name='homedirectory', label=Gettext('Home directory base', domain='ipa', localedir=None), multivalue=False, required=False)
|
||||
option: Str('ipadefaultloginshell', attribute=True, autofill=False, cli_name='defaultshell', label=Gettext('Default shell', domain='ipa', localedir=None), multivalue=False, required=False)
|
||||
option: Str('ipadefaultprimarygroup', attribute=True, autofill=False, cli_name='defaultgroup', label=Gettext('Default users group', domain='ipa', localedir=None), multivalue=False, required=False)
|
||||
option: Str('ipadefaultemaildomain', attribute=True, autofill=False, cli_name='emaildomain', label=Gettext('Default e-mail domain', domain='ipa', localedir=None), multivalue=False, required=False)
|
||||
option: Str('ipadefaultemaildomain', attribute=True, autofill=False, cli_name='emaildomain', label=Gettext('Default e-mail domain for new users', domain='ipa', localedir=None), multivalue=False, required=False)
|
||||
option: Int('ipasearchtimelimit', validate_searchtimelimit, attribute=True, autofill=False, cli_name='searchtimelimit', label=Gettext('Search time limit', domain='ipa', localedir=None), minvalue=-1, multivalue=False, required=False)
|
||||
option: Int('ipasearchrecordslimit', attribute=True, autofill=False, cli_name='searchrecordslimit', label=Gettext('Search size limit', domain='ipa', localedir=None), minvalue=-1, multivalue=False, required=False)
|
||||
option: IA5Str('ipausersearchfields', attribute=True, autofill=False, cli_name='usersearch', label=Gettext('User search fields', domain='ipa', localedir=None), multivalue=False, required=False)
|
||||
@@ -695,7 +695,7 @@ output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e
|
||||
command: dnszone_add
|
||||
args: 1,18,3
|
||||
arg: Str('idnsname', attribute=True, cli_name='name', label=Gettext('Zone name', domain='ipa', localedir=None), multivalue=False, normalizer=<lambda>, primary_key=True, required=True)
|
||||
option: Str('idnssoamname', attribute=True, cli_name='name_server', label=Gettext('Authoritative name server', domain='ipa', localedir=None), multivalue=False, required=True)
|
||||
option: Str('idnssoamname', attribute=True, cli_name='name_server', label=Gettext('Authoritative nameserver', domain='ipa', localedir=None), multivalue=False, required=True)
|
||||
option: Str('idnssoarname', attribute=True, cli_name='admin_email', default_from=DefaultFrom(<lambda>, 'idnsname'), label=Gettext('Administrator e-mail address', domain='ipa', localedir=None), multivalue=False, normalizer=_rname_normalizer, required=True)
|
||||
option: Int('idnssoaserial', attribute=True, autofill=True, cli_name='serial', create_default=_create_zone_serial, label=Gettext('SOA serial', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False)
|
||||
option: Int('idnssoarefresh', attribute=True, autofill=True, cli_name='refresh', default=3600, label=Gettext('SOA refresh', domain='ipa', localedir=None), minvalue=0, multivalue=False, required=False)
|
||||
@@ -708,7 +708,7 @@ option: Str('idnsupdatepolicy', attribute=True, cli_name='update_policy', label=
|
||||
option: Flag('idnsallowdynupdate', attribute=True, autofill=True, cli_name='allow_dynupdate', default=False, label=Gettext('Dynamic update', domain='ipa', localedir=None), multivalue=False, required=True)
|
||||
option: Str('addattr*', validate_add_attribute, cli_name='addattr', exclude='webui')
|
||||
option: Str('setattr*', validate_set_attribute, cli_name='setattr', exclude='webui')
|
||||
option: Flag('force', autofill=True, default=False,lag('force', autofill=True, default=False, doc=Gettext('force DNS zone creation even if name server not in DNS', domain='ipa', localedir=None))
|
||||
option: Flag('force', autofill=True, default=False,lag('force', autofill=True, default=False, doc=Gettext('Force DNS zone creation even if name server not in DNS.', domain='ipa', localedir=None))
|
||||
option: Str('ip_address?', _validate_ipaddr,tr('ip_address?', _validate_ipaddr, doc=Gettext('Add the nameserver to DNS with this IP address', domain='ipa', localedir=None))
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
|
||||
@@ -739,7 +739,7 @@ command: dnszone_find
|
||||
args: 1,18,4
|
||||
arg: Str('criteria?')
|
||||
option: Str('idnsname', attribute=True, autofill=False, cli_name='name', label=Gettext('Zone name', domain='ipa', localedir=None), multivalue=False, normalizer=<lambda>, primary_key=True, query=True, required=False)
|
||||
option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative name server', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
|
||||
option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative nameserver', domain='ipa', localedir=None), multivalue=False, query=True, required=False)
|
||||
option: Str('idnssoarname', attribute=True, autofill=False, cli_name='admin_email', default_from=DefaultFrom(<lambda>, 'idnsname'), label=Gettext('Administrator e-mail address', domain='ipa', localedir=None), multivalue=False, normalizer=_rname_normalizer, query=True, required=False)
|
||||
option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', create_default=_create_zone_serial, label=Gettext('SOA serial', domain='ipa', localedir=None), minvalue=1, multivalue=False, query=True, required=False)
|
||||
option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, label=Gettext('SOA refresh', domain='ipa', localedir=None), minvalue=0, multivalue=False, query=True, required=False)
|
||||
@@ -763,7 +763,7 @@ output: Output('truncated', <type 'bool'>, 'True if not all results were returne
|
||||
command: dnszone_mod
|
||||
args: 1,17,3
|
||||
arg: Str('idnsname', attribute=True, cli_name='name', label=Gettext('Zone name', domain='ipa', localedir=None), multivalue=False, normalizer=<lambda>, primary_key=True, query=True, required=True)
|
||||
option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative name server', domain='ipa', localedir=None), multivalue=False, required=False)
|
||||
option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative nameserver', domain='ipa', localedir=None), multivalue=False, required=False)
|
||||
option: Str('idnssoarname', attribute=True, autofill=False, cli_name='admin_email', default_from=DefaultFrom(<lambda>, 'idnsname'), label=Gettext('Administrator e-mail address', domain='ipa', localedir=None), multivalue=False, normalizer=_rname_normalizer, required=False)
|
||||
option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', create_default=_create_zone_serial, label=Gettext('SOA serial', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False)
|
||||
option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, label=Gettext('SOA refresh', domain='ipa', localedir=None), minvalue=0, multivalue=False, required=False)
|
||||
@@ -872,7 +872,7 @@ option: Str('description', attribute=True, cli_name='desc', label=Gettext('Descr
|
||||
option: Int('gidnumber', attribute=True, cli_name='gid', label=Gettext('GID', domain='ipa', localedir=None), multivalue=False, required=False)
|
||||
option: Str('addattr*', validate_add_attribute, cli_name='addattr', exclude='webui')
|
||||
option: Str('setattr*', validate_set_attribute, cli_name='setattr', exclude='webui')
|
||||
option: Flag('nonposix', autofill=True, cli_name='nonposix', default=False,lag('nonposix', autofill=True, cli_name='nonposix', default=False, doc=Gettext('Create as a non-POSIX group?', domain='ipa', localedir=None))
|
||||
option: Flag('nonposix', autofill=True, cli_name='nonposix', default=False,lag('nonposix', autofill=True, cli_name='nonposix', default=False, doc=Gettext('Create as a non-POSIX group', domain='ipa', localedir=None))
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
|
||||
@@ -915,16 +915,16 @@ option: Flag('private', autofill=True, cli_name='private', default=False,lag('pr
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
|
||||
option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='only groups with member users', label='user', multivalue=True)
|
||||
option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='only groups with no member users', label='user', multivalue=True)
|
||||
option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='only groups with member groups', label='group', multivalue=True)
|
||||
option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='only groups with no member groups', label='group', multivalue=True)
|
||||
option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='only groups with member of groups', label='group', multivalue=True)
|
||||
option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='only groups with no member of groups', label='group', multivalue=True)
|
||||
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only groups with member of netgroups', label='netgroup', multivalue=True)
|
||||
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only groups with no member of netgroups', label='netgroup', multivalue=True)
|
||||
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='only groups with member of roles', label='role', multivalue=True)
|
||||
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='only groups with no member of roles', label='role', multivalue=True)
|
||||
option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='Search for groups with these member users.', label='user', multivalue=True)
|
||||
option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='Search for groups without these member users.', label='user', multivalue=True)
|
||||
option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='Search for groups with these member groups.', label='group', multivalue=True)
|
||||
option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='Search for groups without these member groups.', label='group', multivalue=True)
|
||||
option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='Search for groups with these member of groups.', label='group', multivalue=True)
|
||||
option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='Search for groups without these member of groups.', label='group', multivalue=True)
|
||||
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for groups with these member of netgroups.', label='netgroup', multivalue=True)
|
||||
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for groups without these member of netgroups.', label='netgroup', multivalue=True)
|
||||
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='Search for groups with these member of roles.', label='role', multivalue=True)
|
||||
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='Search for groups without these member of roles.', label='role', multivalue=True)
|
||||
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
|
||||
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
|
||||
output: Output('count', <type 'int'>, 'Number of entries returned')
|
||||
@@ -1328,16 +1328,16 @@ option: Int('sizelimit?', autofill=False, flags=['no_display'], label=Gettext('S
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
|
||||
option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='only hosts with member of hostgroups', label='hostgroup', multivalue=True)
|
||||
option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='only hosts with no member of hostgroups', label='hostgroup', multivalue=True)
|
||||
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only hosts with member of netgroups', label='netgroup', multivalue=True)
|
||||
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only hosts with no member of netgroups', label='netgroup', multivalue=True)
|
||||
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='only hosts with member of roles', label='role', multivalue=True)
|
||||
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='only hosts with no member of roles', label='role', multivalue=True)
|
||||
option: List('enroll_by_user?', cli_name='enroll_by_users',ist('enroll_by_user?', cli_name='enroll_by_users', doc='only hosts with enrolled by users', label='user', multivalue=True)
|
||||
option: List('not_enroll_by_user?', cli_name='not_enroll_by_users',ist('not_enroll_by_user?', cli_name='not_enroll_by_users', doc='only hosts with no enrolled by users', label='user', multivalue=True)
|
||||
option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='only hosts with managed by hosts', label='host', multivalue=True)
|
||||
option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='only hosts with no managed by hosts', label='host', multivalue=True)
|
||||
option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='Search for hosts with these member of hostgroups.', label='hostgroup', multivalue=True)
|
||||
option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='Search for hosts without these member of hostgroups.', label='hostgroup', multivalue=True)
|
||||
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for hosts with these member of netgroups.', label='netgroup', multivalue=True)
|
||||
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for hosts without these member of netgroups.', label='netgroup', multivalue=True)
|
||||
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='Search for hosts with these member of roles.', label='role', multivalue=True)
|
||||
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='Search for hosts without these member of roles.', label='role', multivalue=True)
|
||||
option: List('enroll_by_user?', cli_name='enroll_by_users',ist('enroll_by_user?', cli_name='enroll_by_users', doc='Search for hosts with these enrolled by users.', label='user', multivalue=True)
|
||||
option: List('not_enroll_by_user?', cli_name='not_enroll_by_users',ist('not_enroll_by_user?', cli_name='not_enroll_by_users', doc='Search for hosts without these enrolled by users.', label='user', multivalue=True)
|
||||
option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='Search for hosts with these managed by hosts.', label='host', multivalue=True)
|
||||
option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='Search for hosts without these managed by hosts.', label='host', multivalue=True)
|
||||
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
|
||||
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
|
||||
output: Output('count', <type 'int'>, 'Number of entries returned')
|
||||
@@ -1424,12 +1424,12 @@ option: Int('sizelimit?', autofill=False, flags=['no_display'], label=Gettext('S
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
|
||||
option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='only hostgroups with member hosts', label='host', multivalue=True)
|
||||
option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='only hostgroups with no member hosts', label='host', multivalue=True)
|
||||
option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='only hostgroups with member hostgroups', label='hostgroup', multivalue=True)
|
||||
option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='only hostgroups with no member hostgroups', label='hostgroup', multivalue=True)
|
||||
option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='only hostgroups with member of hostgroups', label='hostgroup', multivalue=True)
|
||||
option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='only hostgroups with no member of hostgroups', label='hostgroup', multivalue=True)
|
||||
option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='Search for hostgroups with these member hosts.', label='host', multivalue=True)
|
||||
option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='Search for hostgroups without these member hosts.', label='host', multivalue=True)
|
||||
option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='Search for hostgroups with these member hostgroups.', label='hostgroup', multivalue=True)
|
||||
option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='Search for hostgroups without these member hostgroups.', label='hostgroup', multivalue=True)
|
||||
option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='Search for hostgroups with these member of hostgroups.', label='hostgroup', multivalue=True)
|
||||
option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='Search for hostgroups without these member of hostgroups.', label='hostgroup', multivalue=True)
|
||||
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
|
||||
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
|
||||
output: Output('count', <type 'int'>, 'Number of entries returned')
|
||||
@@ -1577,18 +1577,18 @@ option: Flag('private', autofill=True, cli_name='private', default=False,lag('pr
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
|
||||
option: List('netgroup?', cli_name='netgroups',ist('netgroup?', cli_name='netgroups', doc='only netgroups with member netgroups', label='netgroup', multivalue=True)
|
||||
option: List('no_netgroup?', cli_name='no_netgroups',ist('no_netgroup?', cli_name='no_netgroups', doc='only netgroups with no member netgroups', label='netgroup', multivalue=True)
|
||||
option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='only netgroups with member users', label='user', multivalue=True)
|
||||
option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='only netgroups with no member users', label='user', multivalue=True)
|
||||
option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='only netgroups with member groups', label='group', multivalue=True)
|
||||
option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='only netgroups with no member groups', label='group', multivalue=True)
|
||||
option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='only netgroups with member hosts', label='host', multivalue=True)
|
||||
option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='only netgroups with no member hosts', label='host', multivalue=True)
|
||||
option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='only netgroups with member hostgroups', label='hostgroup', multivalue=True)
|
||||
option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='only netgroups with no member hostgroups', label='hostgroup', multivalue=True)
|
||||
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only netgroups with member of netgroups', label='netgroup', multivalue=True)
|
||||
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only netgroups with no member of netgroups', label='netgroup', multivalue=True)
|
||||
option: List('netgroup?', cli_name='netgroups',ist('netgroup?', cli_name='netgroups', doc='Search for netgroups with these member netgroups.', label='netgroup', multivalue=True)
|
||||
option: List('no_netgroup?', cli_name='no_netgroups',ist('no_netgroup?', cli_name='no_netgroups', doc='Search for netgroups without these member netgroups.', label='netgroup', multivalue=True)
|
||||
option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='Search for netgroups with these member users.', label='user', multivalue=True)
|
||||
option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='Search for netgroups without these member users.', label='user', multivalue=True)
|
||||
option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='Search for netgroups with these member groups.', label='group', multivalue=True)
|
||||
option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='Search for netgroups without these member groups.', label='group', multivalue=True)
|
||||
option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='Search for netgroups with these member hosts.', label='host', multivalue=True)
|
||||
option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='Search for netgroups without these member hosts.', label='host', multivalue=True)
|
||||
option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='Search for netgroups with these member hostgroups.', label='hostgroup', multivalue=True)
|
||||
option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='Search for netgroups without these member hostgroups.', label='hostgroup', multivalue=True)
|
||||
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for netgroups with these member of netgroups.', label='netgroup', multivalue=True)
|
||||
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for netgroups without these member of netgroups.', label='netgroup', multivalue=True)
|
||||
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
|
||||
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
|
||||
output: Output('count', <type 'int'>, 'Number of entries returned')
|
||||
@@ -2032,7 +2032,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
|
||||
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")
|
||||
command: selfservice_add
|
||||
args: 1,5,3
|
||||
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, required=True)
|
||||
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, required=True)
|
||||
option: List('permissions', attribute=True, cli_name='permissions', label=Gettext('Permissions', domain='ipa', localedir=None), multivalue=True, required=False)
|
||||
option: List('attrs', attribute=True, cli_name='attrs', label=Gettext('Attributes', domain='ipa', localedir=None), multivalue=True, normalizer=<lambda>, required=True)
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
@@ -2043,14 +2043,14 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
|
||||
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")
|
||||
command: selfservice_del
|
||||
args: 1,0,3
|
||||
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
|
||||
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
|
||||
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
|
||||
output: Output('result', <type 'bool'>, 'True means the operation was successful')
|
||||
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")
|
||||
command: selfservice_find
|
||||
args: 1,6,4
|
||||
arg: Str('criteria?')
|
||||
option: Str('aciname', attribute=True, autofill=False, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=False)
|
||||
option: Str('aciname', attribute=True, autofill=False, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=False)
|
||||
option: List('permissions', attribute=True, autofill=False, cli_name='permissions', label=Gettext('Permissions', domain='ipa', localedir=None), multivalue=True, query=True, required=False)
|
||||
option: List('attrs', attribute=True, autofill=False, cli_name='attrs', label=Gettext('Attributes', domain='ipa', localedir=None), multivalue=True, normalizer=<lambda>, query=True, required=False)
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
@@ -2062,7 +2062,7 @@ output: Output('count', <type 'int'>, 'Number of entries returned')
|
||||
output: Output('truncated', <type 'bool'>, 'True if not all results were returned')
|
||||
command: selfservice_mod
|
||||
args: 1,5,3
|
||||
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
|
||||
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
|
||||
option: List('permissions', attribute=True, autofill=False, cli_name='permissions', label=Gettext('Permissions', domain='ipa', localedir=None), multivalue=True, required=False)
|
||||
option: List('attrs', attribute=True, autofill=False, cli_name='attrs', label=Gettext('Attributes', domain='ipa', localedir=None), multivalue=True, normalizer=<lambda>, required=False)
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
@@ -2073,7 +2073,7 @@ output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDA
|
||||
output: Output('value', <type 'unicode'>, "The primary_key value of the entry, e.g. 'jdoe' for a user")
|
||||
command: selfservice_show
|
||||
args: 1,3,3
|
||||
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
|
||||
arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
|
||||
@@ -2123,8 +2123,8 @@ option: Int('sizelimit?', autofill=False, flags=['no_display'], label=Gettext('S
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
|
||||
option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='only services with managed by hosts', label='host', multivalue=True)
|
||||
option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='only services with no managed by hosts', label='host', multivalue=True)
|
||||
option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='Search for services with these managed by hosts.', label='host', multivalue=True)
|
||||
option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='Search for services without these managed by hosts.', label='host', multivalue=True)
|
||||
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
|
||||
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
|
||||
output: Output('count', <type 'int'>, 'Number of entries returned')
|
||||
@@ -2613,12 +2613,12 @@ option: Flag('whoami', autofill=True, default=False, label=Gettext('Self', domai
|
||||
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
|
||||
option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
|
||||
option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='only users with member of groups', label='group', multivalue=True)
|
||||
option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='only users with no member of groups', label='group', multivalue=True)
|
||||
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only users with member of netgroups', label='netgroup', multivalue=True)
|
||||
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only users with no member of netgroups', label='netgroup', multivalue=True)
|
||||
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='only users with member of roles', label='role', multivalue=True)
|
||||
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='only users with no member of roles', label='role', multivalue=True)
|
||||
option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='Search for users with these member of groups.', label='group', multivalue=True)
|
||||
option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='Search for users without these member of groups.', label='group', multivalue=True)
|
||||
option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for users with these member of netgroups.', label='netgroup', multivalue=True)
|
||||
option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for users without these member of netgroups.', label='netgroup', multivalue=True)
|
||||
option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='Search for users with these member of roles.', label='role', multivalue=True)
|
||||
option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='Search for users without these member of roles.', label='role', multivalue=True)
|
||||
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), 'User-friendly description of action performed')
|
||||
output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
|
||||
output: Output('count', <type 'int'>, 'Number of entries returned')
|
||||
|
@@ -848,13 +848,13 @@ class Command(HasParam):
|
||||
if isinstance(o, (Entry, ListOfEntries)):
|
||||
yield Flag('all',
|
||||
cli_name='all',
|
||||
doc=_('retrieve and print all attributes from the server. Affects command output.'),
|
||||
doc=_('Retrieve and print all attributes from the server. Affects command output.'),
|
||||
exclude='webui',
|
||||
flags=['no_output'],
|
||||
)
|
||||
yield Flag('raw',
|
||||
cli_name='raw',
|
||||
doc=_('print entries as stored on the server. Only affects output format.'),
|
||||
doc=_('Print entries as stored on the server. Only affects output format.'),
|
||||
exclude='webui',
|
||||
flags=['no_output'],
|
||||
)
|
||||
|
@@ -34,12 +34,12 @@ A location defines a set of maps anchored in auto.master. This allows you
|
||||
to store multiple automount configurations. A location in itself isn't
|
||||
very interesting, it is just a point to start a new automount map.
|
||||
|
||||
A map is roughly equivalent to discrete automount files. It is storage
|
||||
location for keys.
|
||||
A map is roughly equivalent to a discrete automount file and provides
|
||||
storage for keys.
|
||||
|
||||
A key is a mount point associated to a map.
|
||||
A key is a mount point associated with a map.
|
||||
|
||||
When a new location is created two maps are automatically created for
|
||||
When a new location is created, two maps are automatically created for
|
||||
it: auto.master and auto.direct. auto.master is the root map for all
|
||||
automount maps for the location. auto.direct is the default map for
|
||||
direct mounts and is mounted on /-.
|
||||
@@ -51,7 +51,7 @@ Locations:
|
||||
Create a named location, "Baltimore":
|
||||
ipa automountlocation-add baltimore
|
||||
|
||||
Display the new locations:
|
||||
Display the new location:
|
||||
ipa automountlocation-show baltimore
|
||||
|
||||
Find available locations:
|
||||
@@ -67,7 +67,7 @@ Locations:
|
||||
ipa automountlocation-import baltimore /etc/auto.master
|
||||
|
||||
The import will fail if any duplicate entries are found. For
|
||||
continuous operation where errors are ignored use the --continue
|
||||
continuous operation where errors are ignored, use the --continue
|
||||
option.
|
||||
|
||||
Maps:
|
||||
@@ -193,7 +193,7 @@ class automountlocation(LDAPObject):
|
||||
Str('cn',
|
||||
cli_name='location',
|
||||
label=_('Location'),
|
||||
doc=_('Automount location name'),
|
||||
doc=_('Automount location name.'),
|
||||
primary_key=True,
|
||||
),
|
||||
)
|
||||
@@ -203,7 +203,7 @@ api.register(automountlocation)
|
||||
|
||||
class automountlocation_add(LDAPCreate):
|
||||
"""
|
||||
Create new automount location.
|
||||
Create a new automount location.
|
||||
"""
|
||||
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
||||
# create auto.master for the new location
|
||||
@@ -218,7 +218,7 @@ api.register(automountlocation_add)
|
||||
|
||||
class automountlocation_del(LDAPDelete):
|
||||
"""
|
||||
Delete automount location.
|
||||
Delete an automount location.
|
||||
"""
|
||||
|
||||
api.register(automountlocation_del)
|
||||
@@ -226,7 +226,7 @@ api.register(automountlocation_del)
|
||||
|
||||
class automountlocation_show(LDAPRetrieve):
|
||||
"""
|
||||
Display automount location.
|
||||
Display an automount location.
|
||||
"""
|
||||
|
||||
api.register(automountlocation_show)
|
||||
@@ -234,7 +234,7 @@ api.register(automountlocation_show)
|
||||
|
||||
class automountlocation_find(LDAPSearch):
|
||||
"""
|
||||
Search for automount locations.
|
||||
Search for an automount location.
|
||||
"""
|
||||
|
||||
api.register(automountlocation_find)
|
||||
@@ -311,14 +311,14 @@ class automountlocation_import(LDAPQuery):
|
||||
takes_args = (
|
||||
Str('masterfile',
|
||||
label=_('Master file'),
|
||||
doc=_('Automount master file'),
|
||||
doc=_('Automount master file.'),
|
||||
),
|
||||
)
|
||||
|
||||
takes_options = (
|
||||
Flag('continue?',
|
||||
cli_name='continue',
|
||||
doc=_('Continuous operation mode. Errors are reported but the process continues'),
|
||||
doc=_('Continuous operation mode. Errors are reported but the process continues.'),
|
||||
),
|
||||
)
|
||||
|
||||
@@ -502,7 +502,7 @@ class automountmap(LDAPObject):
|
||||
IA5Str('automountmapname',
|
||||
cli_name='map',
|
||||
label=_('Map'),
|
||||
doc=_('Automount map name'),
|
||||
doc=_('Automount map name.'),
|
||||
primary_key=True,
|
||||
),
|
||||
Str('description?',
|
||||
@@ -518,7 +518,7 @@ api.register(automountmap)
|
||||
|
||||
class automountmap_add(LDAPCreate):
|
||||
"""
|
||||
Create new automount map.
|
||||
Create a new automount map.
|
||||
"""
|
||||
|
||||
api.register(automountmap_add)
|
||||
@@ -526,7 +526,7 @@ api.register(automountmap_add)
|
||||
|
||||
class automountmap_del(LDAPDelete):
|
||||
"""
|
||||
Delete automount map.
|
||||
Delete an automount map.
|
||||
"""
|
||||
def post_callback(self, ldap, dn, *keys, **options):
|
||||
# delete optional parental connection (direct maps may not have this)
|
||||
@@ -545,7 +545,7 @@ api.register(automountmap_del)
|
||||
|
||||
class automountmap_mod(LDAPUpdate):
|
||||
"""
|
||||
Modify automount map.
|
||||
Modify an automount map.
|
||||
"""
|
||||
|
||||
api.register(automountmap_mod)
|
||||
@@ -553,7 +553,7 @@ api.register(automountmap_mod)
|
||||
|
||||
class automountmap_find(LDAPSearch):
|
||||
"""
|
||||
Search for automount maps.
|
||||
Search for an automount map.
|
||||
"""
|
||||
|
||||
api.register(automountmap_find)
|
||||
@@ -561,7 +561,7 @@ api.register(automountmap_find)
|
||||
|
||||
class automountmap_show(LDAPRetrieve):
|
||||
"""
|
||||
Display automount map.
|
||||
Display an automount map.
|
||||
"""
|
||||
|
||||
api.register(automountmap_show)
|
||||
@@ -586,7 +586,7 @@ class automountkey(LDAPObject):
|
||||
IA5Str('automountkey',
|
||||
cli_name='key',
|
||||
label=_('Key'),
|
||||
doc=_('Automount key name'),
|
||||
doc=_('Automount key name.'),
|
||||
),
|
||||
IA5Str('automountinformation',
|
||||
cli_name='info',
|
||||
@@ -665,7 +665,7 @@ api.register(automountkey)
|
||||
|
||||
class automountkey_add(LDAPCreate):
|
||||
"""
|
||||
Create new automount key.
|
||||
Create a new automount key.
|
||||
"""
|
||||
def pre_callback(self, ldap, dn, entry_attrs, *keys, **options):
|
||||
self.obj.check_key_uniqueness(keys[-2], keys[-1], **options)
|
||||
@@ -686,7 +686,7 @@ api.register(automountkey_add)
|
||||
|
||||
class automountmap_add_indirect(LDAPCreate):
|
||||
"""
|
||||
Create new indirect mount point.
|
||||
Create a new indirect mount point.
|
||||
"""
|
||||
takes_options = LDAPCreate.takes_options + (
|
||||
Str('key',
|
||||
@@ -696,7 +696,7 @@ class automountmap_add_indirect(LDAPCreate):
|
||||
Str('parentmap?',
|
||||
cli_name='parentmap',
|
||||
label=_('Parent map'),
|
||||
doc=_('Name of parent automount map (default: auto.master)'),
|
||||
doc=_('Name of parent automount map (default: auto.master).'),
|
||||
default=u'auto.master',
|
||||
autofill=True,
|
||||
),
|
||||
@@ -716,13 +716,13 @@ api.register(automountmap_add_indirect)
|
||||
|
||||
class automountkey_del(LDAPDelete):
|
||||
"""
|
||||
Delete automount key.
|
||||
Delete an automount key.
|
||||
"""
|
||||
takes_options = LDAPDelete.takes_options + (
|
||||
IA5Str('automountkey',
|
||||
cli_name='key',
|
||||
label=_('Key'),
|
||||
doc=_('Automount key name'),
|
||||
doc=_('Automount key name.'),
|
||||
),
|
||||
IA5Str('automountinformation',
|
||||
cli_name='info',
|
||||
@@ -747,7 +747,7 @@ api.register(automountkey_del)
|
||||
|
||||
class automountkey_mod(LDAPUpdate):
|
||||
"""
|
||||
Modify automount key.
|
||||
Modify an automount key.
|
||||
"""
|
||||
takes_options = LDAPUpdate.takes_options + (
|
||||
IA5Str('newautomountinformation',
|
||||
@@ -780,7 +780,7 @@ api.register(automountkey_mod)
|
||||
|
||||
class automountkey_find(LDAPSearch):
|
||||
"""
|
||||
Modify automount key.
|
||||
Search for an automount key.
|
||||
"""
|
||||
|
||||
api.register(automountkey_find)
|
||||
@@ -788,13 +788,13 @@ api.register(automountkey_find)
|
||||
|
||||
class automountkey_show(LDAPRetrieve):
|
||||
"""
|
||||
Display automount key.
|
||||
Display an automount key.
|
||||
"""
|
||||
takes_options = LDAPRetrieve.takes_options + (
|
||||
IA5Str('automountkey',
|
||||
cli_name='key',
|
||||
label=_('Key'),
|
||||
doc=_('Automount key name'),
|
||||
doc=_('Automount key name.'),
|
||||
),
|
||||
IA5Str('automountinformation',
|
||||
cli_name='info',
|
||||
|
@@ -411,8 +411,8 @@ _attr_options = (
|
||||
),
|
||||
Str('setattr*', validate_set_attribute,
|
||||
cli_name='setattr',
|
||||
doc=_("""Set an attribute to an name/value pair. Format is attr=value.
|
||||
For multivalued attributes, the command replaces the values already present."""),
|
||||
doc=_("""Set an attribute to a name/value pair. Format is attr=value.
|
||||
For multi-valued attributes, the command replaces the values already present."""),
|
||||
exclude='webui',
|
||||
),
|
||||
)
|
||||
@@ -1247,8 +1247,8 @@ class LDAPSearch(CallbackInterface, crud.Search):
|
||||
Retrieve all LDAP entries matching the given criteria.
|
||||
"""
|
||||
member_attributes = []
|
||||
member_param_incl_doc = 'only %s with %s %s'
|
||||
member_param_excl_doc = 'only %s with no %s %s'
|
||||
member_param_incl_doc = 'Search for %s with these %s %s.'
|
||||
member_param_excl_doc = 'Search for %s without these %s %s.'
|
||||
|
||||
takes_options = (
|
||||
Int('timelimit?',
|
||||
|
@@ -24,10 +24,10 @@ IPA certificate operations
|
||||
|
||||
Implements a set of commands for managing server SSL certificates.
|
||||
|
||||
Certificate request exist in the form of a Certificate Signing Request (CSR)
|
||||
Certificate requests exist in the form of a Certificate Signing Request (CSR)
|
||||
in PEM format.
|
||||
|
||||
If using the selfsign backend then the subject in the CSR needs to match
|
||||
If using the selfsign back end then the subject in the CSR needs to match
|
||||
the subject configured in the server. The dogtag CA uses just the CN
|
||||
value of the CSR and forces the rest of the subject.
|
||||
|
||||
@@ -57,8 +57,26 @@ EXAMPLES:
|
||||
ipa cert-status 10
|
||||
|
||||
IPA currently immediately issues (or declines) all certificate requests so
|
||||
the status of a request is not normally useful. This is for future-use
|
||||
the status of a request is not normally useful. This is for future use
|
||||
or the case where a CA does not immediately issue a certificate.
|
||||
|
||||
The following revocation reasons are supported:
|
||||
|
||||
* 0 - unspecified
|
||||
* 1 - keyCompromise
|
||||
* 2 - cACompromise
|
||||
* 3 - affiliationChanged
|
||||
* 4 - superseded
|
||||
* 5 - cessationOfOperation
|
||||
* 6 - certificateHold
|
||||
* 8 - removeFromCRL
|
||||
* 9 - privilegeWithdrawn
|
||||
* 10 - aACompromise
|
||||
|
||||
Note that reason code 7 is not used. See RFC 5280 for more details:
|
||||
|
||||
http://www.ietf.org/rfc/rfc5280.txt
|
||||
|
||||
"""
|
||||
|
||||
from ipalib import api, SkipPluginModule
|
||||
@@ -377,7 +395,7 @@ api.register(cert_request)
|
||||
|
||||
class cert_status(VirtualCommand):
|
||||
"""
|
||||
Check status of a certificate signing request.
|
||||
Check the status of a certificate signing request.
|
||||
"""
|
||||
|
||||
takes_args = (
|
||||
@@ -447,7 +465,7 @@ class cert_show(VirtualCommand):
|
||||
takes_options = (
|
||||
Str('out?',
|
||||
label=_('Output filename'),
|
||||
doc=_('file to store certificate in'),
|
||||
doc=_('File to store the certificate in.'),
|
||||
exclude='webui',
|
||||
),
|
||||
)
|
||||
|
@@ -20,7 +20,7 @@
|
||||
"""
|
||||
Manage the IPA configuration
|
||||
|
||||
Manage the default values tha IPA uses and some of its tuning parameters.
|
||||
Manage the default values that IPA uses and some of its tuning parameters.
|
||||
|
||||
To show the current configuration:
|
||||
ipa config-show
|
||||
@@ -32,12 +32,12 @@ The available options are:
|
||||
|
||||
User management options:
|
||||
|
||||
--maxusername=INT Max username length when creating/modifing a user
|
||||
--maxusername=INT Max. username length when creating/modifying a user
|
||||
--homedirectory=STR Default location of home directories (default /home)
|
||||
--defaultshell=STR Default shell for new users (default /bin/sh)
|
||||
--defaultgroup=STR Default group for new users (default ipausers). The
|
||||
group must exist. Otherwise adding new users will fail.
|
||||
--emaildomain=STR Default e-mail domain new users
|
||||
group must exist, or adding new users will fail.
|
||||
--emaildomain=STR Default e-mail domain for new users
|
||||
|
||||
Search tuning options. These impact how much data is searched through and
|
||||
how many records may be returned on a given search.
|
||||
@@ -55,12 +55,12 @@ The password notification value is stored here so it will be replicated.
|
||||
It is not currently used to notify users in advance of an expiring
|
||||
password.
|
||||
|
||||
Some attributes are read-only, provided for information purposes. These
|
||||
Some attributes are read-only, provided only for information purposes. These
|
||||
include:
|
||||
|
||||
Certificate Subject base: the configured certificate subject base,
|
||||
e.g. O=EXAMPLE.COM. This is configurable only at install time.
|
||||
Password plugin features: currently defines additional hashes that the
|
||||
Password plug-in features: currently defines additional hashes that the
|
||||
password will generate (there may be other conditions).
|
||||
"""
|
||||
|
||||
@@ -93,82 +93,82 @@ class config(LDAPObject):
|
||||
takes_params = (
|
||||
Int('ipamaxusernamelength?',
|
||||
cli_name='maxusername',
|
||||
label=_('Max username length'),
|
||||
label=_('Max. username length'),
|
||||
minvalue=1,
|
||||
),
|
||||
IA5Str('ipahomesrootdir?',
|
||||
cli_name='homedirectory',
|
||||
label=_('Home directory base'),
|
||||
doc=_('Default location of home directories'),
|
||||
doc=_('Default location of home directories.'),
|
||||
),
|
||||
Str('ipadefaultloginshell?',
|
||||
cli_name='defaultshell',
|
||||
label=_('Default shell'),
|
||||
doc=_('Default shell for new users'),
|
||||
doc=_('Default shell for new users.'),
|
||||
),
|
||||
Str('ipadefaultprimarygroup?',
|
||||
cli_name='defaultgroup',
|
||||
label=_('Default users group'),
|
||||
doc=_('Default group for new users'),
|
||||
doc=_('Default group for new users.'),
|
||||
),
|
||||
Str('ipadefaultemaildomain?',
|
||||
cli_name='emaildomain',
|
||||
label=_('Default e-mail domain'),
|
||||
doc=_('Default e-mail domain new users'),
|
||||
label=_('Default e-mail domain for new users'),
|
||||
doc=_('Default e-mail domain new users.'),
|
||||
),
|
||||
Int('ipasearchtimelimit?', validate_searchtimelimit,
|
||||
cli_name='searchtimelimit',
|
||||
label=_('Search time limit'),
|
||||
doc=_('Max. amount of time (sec.) for a search (> 0, or -1 for unlimited)'),
|
||||
doc=_('Max. amount of time (sec.) for a search (> 0, or -1 for unlimited).'),
|
||||
minvalue=-1,
|
||||
),
|
||||
Int('ipasearchrecordslimit?',
|
||||
cli_name='searchrecordslimit',
|
||||
label=_('Search size limit'),
|
||||
doc=_('Max. number of records to search (-1 is unlimited)'),
|
||||
doc=_('Max. number of records to search (-1 is unlimited).'),
|
||||
minvalue=-1,
|
||||
),
|
||||
IA5Str('ipausersearchfields?',
|
||||
cli_name='usersearch',
|
||||
label=_('User search fields'),
|
||||
doc=_('A comma-separated list of fields to search when searching for users'),
|
||||
doc=_('A comma-separated list of fields to search when searching for users.'),
|
||||
),
|
||||
IA5Str('ipagroupsearchfields?',
|
||||
cli_name='groupsearch',
|
||||
label='Group search fields',
|
||||
doc=_('A comma-separated list of fields to search when searching for groups'),
|
||||
doc=_('A comma-separated list of fields to search when searching for groups.'),
|
||||
),
|
||||
Bool('ipamigrationenabled?',
|
||||
cli_name='enable_migration',
|
||||
label=_('Migration mode'),
|
||||
doc=_('Enable migration mode'),
|
||||
doc=_('Enable migration mode.'),
|
||||
),
|
||||
Str('ipacertificatesubjectbase?',
|
||||
cli_name='subject',
|
||||
label=_('Certificate Subject base'),
|
||||
doc=_('Base for certificate subjects (OU=Test,O=Example)'),
|
||||
doc=_('Base for certificate subjects (OU=Test,O=Example).'),
|
||||
flags=['no_update'],
|
||||
),
|
||||
List('ipagroupobjectclasses?',
|
||||
cli_name='groupobjectclasses',
|
||||
label=_('Default group objectclasses'),
|
||||
doc=_('Default group objectclassses (comma-separated list)'),
|
||||
doc=_('Default group objectclassses (comma-separated list).'),
|
||||
),
|
||||
List('ipauserobjectclasses?',
|
||||
cli_name='userobjectclasses',
|
||||
label=_('Default user objectclasses'),
|
||||
doc=_('Default user objectclassses (comma-separated list)'),
|
||||
doc=_('Default user objectclassses (comma-separated list).'),
|
||||
),
|
||||
Int('ipapwdexpadvnotify?',
|
||||
cli_name='pwdexpnotify',
|
||||
label=_('Password Expiration Notification'),
|
||||
doc=_('Password Expiration Notification (days)'),
|
||||
doc=_('Number of days\'s notice of impending password expiration.'),
|
||||
minvalue=0,
|
||||
),
|
||||
Str('ipaconfigstring?',
|
||||
cli_name='ipaconfigstring',
|
||||
label=_('Password plugin features'),
|
||||
doc=_('Extra hashes to generate in password plugin'),
|
||||
doc=_('Extra hashes to generate in password plug-in.'),
|
||||
flags=['no_update'],
|
||||
),
|
||||
)
|
||||
|
@@ -52,7 +52,7 @@ EXAMPLES:
|
||||
Show zone example.com:
|
||||
ipa dnszone-show example.com
|
||||
|
||||
Find zone with "example" in it's domain name:
|
||||
Find zone with "example" in its domain name:
|
||||
ipa dnszone-find example
|
||||
|
||||
Find records for resources with "www" in their name in zone example.com:
|
||||
@@ -249,8 +249,8 @@ class dnszone(LDAPObject):
|
||||
),
|
||||
Str('idnssoamname',
|
||||
cli_name='name_server',
|
||||
label=_('Authoritative name server'),
|
||||
doc=_('Authoritative name server'),
|
||||
label=_('Authoritative nameserver'),
|
||||
doc=_('Authoritative nameserver.'),
|
||||
),
|
||||
Str('idnssoarname',
|
||||
cli_name='admin_email',
|
||||
@@ -326,7 +326,7 @@ class dnszone(LDAPObject):
|
||||
Flag('idnsallowdynupdate',
|
||||
cli_name='allow_dynupdate',
|
||||
label=_('Dynamic update'),
|
||||
doc=_('Allow dynamic update?'),
|
||||
doc=_('Allow dynamic updates.'),
|
||||
attribute=True,
|
||||
),
|
||||
)
|
||||
@@ -340,7 +340,7 @@ class dnszone_add(LDAPCreate):
|
||||
"""
|
||||
takes_options = LDAPCreate.takes_options + (
|
||||
Flag('force',
|
||||
doc=_('force DNS zone creation even if name server not in DNS'),
|
||||
doc=_('Force DNS zone creation even if nameserver not in DNS.'),
|
||||
),
|
||||
Str('ip_address?', _validate_ipaddr,
|
||||
doc=_('Add the nameserver to DNS with this IP address'),
|
||||
|
@@ -21,15 +21,15 @@
|
||||
Groups of users
|
||||
|
||||
Manage groups of users. By default, new groups are POSIX groups. You
|
||||
can add the --nonposix to the group-add command to mark a new group
|
||||
can add the --nonposix option to the group-add command to mark a new group
|
||||
as non-POSIX, and you can use the same argument to the group-mod command
|
||||
to convert a non-POSIX group to a POSIX group. POSIX groups cannot be
|
||||
converted to non-POSIX groups.
|
||||
|
||||
Every group must have a description.
|
||||
|
||||
POSIX groups must have a Group ID number (GID). Changing a GID is
|
||||
supported but can have impact on your file permissions. It is not necessary
|
||||
POSIX groups must have a Group ID (GID) number. Changing a GID is
|
||||
supported but can have an impact on your file permissions. It is not necessary
|
||||
to supply a GID when creating a group. IPA will generate one automatically
|
||||
if it is not provided.
|
||||
|
||||
@@ -133,7 +133,7 @@ class group_add(LDAPCreate):
|
||||
takes_options = LDAPCreate.takes_options + (
|
||||
Flag('nonposix',
|
||||
cli_name='nonposix',
|
||||
doc=_('Create as a non-POSIX group?'),
|
||||
doc=_('Create as a non-POSIX group'),
|
||||
default=False,
|
||||
),
|
||||
)
|
||||
|
@@ -49,7 +49,7 @@ EXAMPLES:
|
||||
ipa hbacrule-add-service --hbacsvcs=sshd john_sshd
|
||||
|
||||
Create a rule for a new service group. This lets the user john access
|
||||
the any FTP service on any machine from any machine:
|
||||
the FTP service on any machine from any machine:
|
||||
ipa hbacsvcgroup-add ftpers
|
||||
ipa hbacsvc-add sftp
|
||||
ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers
|
||||
@@ -85,7 +85,7 @@ from ipalib import AccessTime, Password, Str, StrEnum
|
||||
from ipalib.plugins.baseldap import *
|
||||
from ipalib import _, ngettext
|
||||
|
||||
topic = ('hbac', 'Host based access control commands')
|
||||
topic = ('hbac', 'Host-based access control commands')
|
||||
|
||||
def is_all(options, attribute):
|
||||
"""
|
||||
@@ -467,7 +467,7 @@ api.register(hbacrule_add_host)
|
||||
|
||||
class hbacrule_remove_host(LDAPRemoveMember):
|
||||
"""
|
||||
Remove target hosts and hostgroups from a HBAC rule.
|
||||
Remove target hosts and hostgroups from an HBAC rule.
|
||||
"""
|
||||
member_attributes = ['memberhost']
|
||||
member_count_out = ('%i object removed.', '%i objects removed.')
|
||||
@@ -521,7 +521,7 @@ api.register(hbacrule_add_service)
|
||||
|
||||
class hbacrule_remove_service(LDAPRemoveMember):
|
||||
"""
|
||||
Remove source hosts and hostgroups from an HBAC rule.
|
||||
Remove service and service groups from an HBAC rule.
|
||||
"""
|
||||
member_attributes = ['memberservice']
|
||||
member_count_out = ('%i object removed.', '%i objects removed.')
|
||||
|
@@ -24,20 +24,20 @@ or "members". Every group must have a description.
|
||||
|
||||
EXAMPLES:
|
||||
|
||||
Add a new HBAC services group:
|
||||
Add a new HBAC service group:
|
||||
ipa hbacsvcgroup-add --desc="login services" login
|
||||
|
||||
Add members to an HBAC services group:
|
||||
Add members to an HBAC service group:
|
||||
ipa hbacsvcgroup-add-member --hbacsvcs=sshd,login login
|
||||
|
||||
Display information about a named group:
|
||||
ipa hbacsvcgroup-show login
|
||||
|
||||
Add a new group to the "login" group:
|
||||
ipa hbacsvcgroup-add --desc="switch users" suers
|
||||
ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l suers
|
||||
ipa hbacsvcgroup-add --desc="switch users" login
|
||||
ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l login
|
||||
|
||||
Delete an HBAC services group:
|
||||
Delete an HBAC service group:
|
||||
ipa hbacsvcgroup-del login
|
||||
"""
|
||||
|
||||
@@ -82,7 +82,7 @@ api.register(hbacsvcgroup)
|
||||
|
||||
class hbacsvcgroup_add(LDAPCreate):
|
||||
"""
|
||||
Add a new HBAC services group.
|
||||
Add a new HBAC service group.
|
||||
"""
|
||||
msg_summary = _('Added HBAC service group "%(value)s"')
|
||||
|
||||
@@ -91,7 +91,7 @@ api.register(hbacsvcgroup_add)
|
||||
|
||||
class hbacsvcgroup_del(LDAPDelete):
|
||||
"""
|
||||
Delete an HBAC services group.
|
||||
Delete an HBAC service group.
|
||||
"""
|
||||
msg_summary = _('Deleted HBAC service group "%(value)s"')
|
||||
|
||||
@@ -100,7 +100,7 @@ api.register(hbacsvcgroup_del)
|
||||
|
||||
class hbacsvcgroup_mod(LDAPUpdate):
|
||||
"""
|
||||
Modify an HBAC services group.
|
||||
Modify an HBAC service group.
|
||||
"""
|
||||
msg_summary = _('Modified HBAC service group "%(value)s"')
|
||||
|
||||
@@ -109,7 +109,7 @@ api.register(hbacsvcgroup_mod)
|
||||
|
||||
class hbacsvcgroup_find(LDAPSearch):
|
||||
"""
|
||||
Search for an HBAC services group.
|
||||
Search for an HBAC service group.
|
||||
"""
|
||||
msg_summary = ngettext(
|
||||
'%(count)d HBAC service group matched', '%(count)d HBAC service groups matched', 0
|
||||
@@ -120,7 +120,7 @@ api.register(hbacsvcgroup_find)
|
||||
|
||||
class hbacsvcgroup_show(LDAPRetrieve):
|
||||
"""
|
||||
Display information about an HBAC services group.
|
||||
Display information about an HBAC service group.
|
||||
"""
|
||||
|
||||
api.register(hbacsvcgroup_show)
|
||||
@@ -128,7 +128,7 @@ api.register(hbacsvcgroup_show)
|
||||
|
||||
class hbacsvcgroup_add_member(LDAPAddMember):
|
||||
"""
|
||||
Add members to an HBAC services group.
|
||||
Add members to an HBAC service group.
|
||||
"""
|
||||
|
||||
api.register(hbacsvcgroup_add_member)
|
||||
@@ -136,7 +136,7 @@ api.register(hbacsvcgroup_add_member)
|
||||
|
||||
class hbacsvcgroup_remove_member(LDAPRemoveMember):
|
||||
"""
|
||||
Remove members from an HBAC services group.
|
||||
Remove members from an HBAC service group.
|
||||
"""
|
||||
|
||||
api.register(hbacsvcgroup_remove_member)
|
||||
|
@@ -23,7 +23,7 @@ Hosts/Machines
|
||||
A host represents a machine. It can be used in a number of contexts:
|
||||
- service entries are associated with a host
|
||||
- a host stores the host/ service principal
|
||||
- a host can be used in Host-Based Access Control (HBAC) rules
|
||||
- a host can be used in Host-based Access Control (HBAC) rules
|
||||
- every enrolled client generates a host entry
|
||||
|
||||
ENROLLMENT:
|
||||
@@ -34,7 +34,8 @@ There are three enrollment scenarios when enrolling a new client:
|
||||
or not. A full administrator is a member of the hostadmin role
|
||||
or the admins group.
|
||||
2. You are enrolling as a limited administrator. The host must already
|
||||
exist. A limited administrator is a member of the enrollhost role.
|
||||
exist. A limited administrator is a member a role with the
|
||||
Host Enrollment privilege.
|
||||
3. The host has been created with a one-time password.
|
||||
|
||||
A host can only be enrolled once. If a client has enrolled and needs to
|
||||
|
@@ -377,7 +377,7 @@ class i18n_messages(Command):
|
||||
"validation_error":_("Text does not match field pattern"),
|
||||
},
|
||||
"ajax":{
|
||||
"401":_("Your kerberos ticket is no longer valid. Please run kinit and then click 'Retry'. If this is your first time running the IPA Web UI <a href='/ipa/config/unauthorized.html'>follow these directions</a> to configure your browser.")
|
||||
"401":_("Your Kerberos ticket is no longer valid. Please run kinit and then click 'Retry'. If this is your first time running the IPA Web UI <a href='/ipa/config/unauthorized.html'>follow these directions</a> to configure your browser.")
|
||||
},
|
||||
}
|
||||
has_output = (
|
||||
|
@@ -38,11 +38,12 @@ RFC2307bis. RFC2307bis uses member and uniquemember to specify group
|
||||
members, RFC2307 uses memberUid. The default schema is RFC2307bis.
|
||||
|
||||
Migrated users do not have Kerberos credentials, they have only their
|
||||
LDAP password. To complete the migration process users need to go
|
||||
LDAP password. To complete the migration process, users need to go
|
||||
to http://ipa.example.com/ipa/migration and authenticate using their
|
||||
LDAP password in order to generate their Kerberos credentials.
|
||||
|
||||
Migration is disabled by default. To configure it use config-mod:
|
||||
Migration is disabled by default. Use the command ipa config-mod to
|
||||
enable it:
|
||||
|
||||
ipa config-mod --enable-migration=TRUE
|
||||
|
||||
|
@@ -18,7 +18,7 @@
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
"""
|
||||
Misc plugins
|
||||
Misc plug-ins
|
||||
"""
|
||||
|
||||
import re
|
||||
|
@@ -19,9 +19,9 @@
|
||||
"""
|
||||
Set a user's password
|
||||
|
||||
If someone other than user changes their password (e.g., Helpdesk resets it)
|
||||
then the password will need to be changed the first time it is used.
|
||||
This is so the end-user is the only one that knows the password.
|
||||
If someone other than a user changes that user's password (e.g., Helpdesk
|
||||
resets it) then the password will need to be changed the first time it
|
||||
is used. This is so the end-user is the only one who knows the password.
|
||||
|
||||
The IPA password policy controls how often a password may be changed,
|
||||
what strength requirements exist, and the length of the password history.
|
||||
|
@@ -26,7 +26,7 @@ user, modifying a group, etc.
|
||||
|
||||
A permission may not contain other permissions.
|
||||
|
||||
* A permissions grants access to read, write, add or delete.
|
||||
* A permission grants access to read, write, add or delete.
|
||||
* A privilege combines similar permissions (for example all the permissions
|
||||
needed to add a user).
|
||||
* A role grants a set of privileges to users, groups, hosts or hostgroups.
|
||||
@@ -35,9 +35,10 @@ A permission is made up of a number of different parts:
|
||||
|
||||
1. The name of the permission.
|
||||
2. The target of the permission.
|
||||
3. The permissions granted by the permission.
|
||||
3. The rights granted by the permission.
|
||||
|
||||
The permissions define what operations are allowed and are one or more of:
|
||||
Rights define what operations are allowed, and may be one or more
|
||||
of the following:
|
||||
1. write - write one or more attributes
|
||||
2. read - read one or more attributes
|
||||
3. add - add a new entry to the tree
|
||||
@@ -49,14 +50,14 @@ permission is not expected to be used very often.
|
||||
|
||||
Note the distinction between attributes and entries. The permissions are
|
||||
independent, so being able to add a user does not mean that the user will
|
||||
be editabe.
|
||||
be editable.
|
||||
|
||||
There are a number of allowed targets:
|
||||
1. type: a type of object (user, group, etc).
|
||||
2. memberof: a member of a group or hostgroup
|
||||
3. filter: an LDAP filter
|
||||
4. subtree: an LDAP filter specifying part of the LDAP DIT. This is a
|
||||
super-set of the type option.
|
||||
super-set of the "type" target.
|
||||
5. targetgroup: grant access to modify a specific group (such as granting
|
||||
the rights to manage group membership)
|
||||
|
||||
|
@@ -19,16 +19,21 @@
|
||||
"""
|
||||
Kerberos pkinit options
|
||||
|
||||
Right now it enables only to control whether Anonymous PKINIT is enabled
|
||||
or not based on whether the wellknown principal is active or not.
|
||||
Enable or disable anonymous pkinit using the principal
|
||||
WELLKNOWN/ANONYMOUS@REALM. The server must have been installed with
|
||||
pkinit support.
|
||||
|
||||
EXAMPLES:
|
||||
|
||||
Enable Anonymous pkinit:
|
||||
Enable anonymous pkinit:
|
||||
ipa pkinit-anonymous enable
|
||||
|
||||
Disable Anonymous pkinit:
|
||||
Disable anonymous pkinit:
|
||||
ipa pkinit-anonymous disable
|
||||
|
||||
For more information on anonymous pkinit see:
|
||||
|
||||
http://k5wiki.kerberos.org/wiki/Projects/Anonymous_pkinit
|
||||
"""
|
||||
|
||||
from ipalib import api, errors
|
||||
|
@@ -17,29 +17,29 @@
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
"""
|
||||
Self-Service Permissions
|
||||
Self-service Permissions
|
||||
|
||||
A permission enables fine-grained delegation of permissions. Access Control
|
||||
Rules, or instructions (ACIs), grant permission to permissions to perform
|
||||
given tasks such as adding a user, modifying a group, etc.
|
||||
|
||||
A Self-Service permission defines what an object can change in its own entry.
|
||||
A Self-service permission defines what an object can change in its own entry.
|
||||
|
||||
|
||||
EXAMPLES:
|
||||
|
||||
Add a self-service rule to allow users to manage their address:
|
||||
ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st "User's manage their own address"
|
||||
ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st "Users manage their own address"
|
||||
|
||||
When managing the list of attributes you need to include all attributes
|
||||
in the list, including existing ones. Add telephoneNumber to the list:
|
||||
ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber "User's manage their own address"
|
||||
ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber "Users manage their own address"
|
||||
|
||||
Display our updated rule:
|
||||
ipa selfservice-show "User's manage their own address"
|
||||
ipa selfservice-show "Users manage their own address"
|
||||
|
||||
Delete a rule:
|
||||
ipa selfservice-del "User's manage their own address"
|
||||
ipa selfservice-del "Users manage their own address"
|
||||
"""
|
||||
|
||||
import copy
|
||||
@@ -54,7 +54,7 @@ ACI_PREFIX=u"selfservice"
|
||||
|
||||
def is_selfservice(aciname):
|
||||
"""
|
||||
Determine if the ACI is a Self-Service ACI and raise an exception if it
|
||||
Determine if the ACI is a Self-service ACI and raise an exception if it
|
||||
isn't.
|
||||
|
||||
Return the result if it is a self-service ACI.
|
||||
@@ -77,8 +77,8 @@ class selfservice(Object):
|
||||
takes_params = (
|
||||
Str('aciname',
|
||||
cli_name='name',
|
||||
label=_('Self-Service name'),
|
||||
doc=_('Self-Service name'),
|
||||
label=_('Self-service name'),
|
||||
doc=_('Self-service name'),
|
||||
primary_key=True,
|
||||
),
|
||||
List('permissions?',
|
||||
@@ -112,7 +112,7 @@ api.register(selfservice)
|
||||
|
||||
class selfservice_add(crud.Create):
|
||||
"""
|
||||
Add a new selfservice permission.
|
||||
Add a new self-service permission.
|
||||
"""
|
||||
|
||||
msg_summary = _('Added selfservice "%(value)s"')
|
||||
@@ -135,7 +135,7 @@ api.register(selfservice_add)
|
||||
|
||||
class selfservice_del(crud.Delete):
|
||||
"""
|
||||
Delete a selfservice.
|
||||
Delete a self-service permission.
|
||||
"""
|
||||
|
||||
has_output = output.standard_boolean
|
||||
@@ -156,7 +156,7 @@ api.register(selfservice_del)
|
||||
|
||||
class selfservice_mod(crud.Update):
|
||||
"""
|
||||
Modify a selfservice.
|
||||
Modify a self-service permission.
|
||||
"""
|
||||
|
||||
msg_summary = _('Modified selfservice "%(value)s"')
|
||||
@@ -179,7 +179,7 @@ api.register(selfservice_mod)
|
||||
|
||||
class selfservice_find(crud.Search):
|
||||
"""
|
||||
Search for selfservices.
|
||||
Search for a self-service permission.
|
||||
"""
|
||||
|
||||
msg_summary = ngettext(
|
||||
@@ -205,7 +205,7 @@ api.register(selfservice_find)
|
||||
|
||||
class selfservice_show(crud.Retrieve):
|
||||
"""
|
||||
Display information about a selfservice.
|
||||
Display information about a self-service permission.
|
||||
"""
|
||||
has_output_params = (
|
||||
Str('aci',
|
||||
|
@@ -28,7 +28,7 @@ An IPA service can be managed directly from a machine, provided that
|
||||
machine has been given the correct permission. This is true even for
|
||||
machines other than the one the service is associated with. For example,
|
||||
requesting an SSL certificate using the host service principal credentials
|
||||
of the host. To manage a services using a host credentials you need to
|
||||
of the host. To manage a service using host credentials you need to
|
||||
kinit as the host:
|
||||
|
||||
# kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM
|
||||
|
@@ -17,26 +17,25 @@
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
"""
|
||||
Groups of sudo commands
|
||||
Groups of Sudo commands
|
||||
|
||||
Manage groups of sudo commands.
|
||||
Every group must have a description.
|
||||
Manage groups of Sudo commands.
|
||||
|
||||
EXAMPLES:
|
||||
|
||||
Add a new sudo command group:
|
||||
Add a new Sudo command group:
|
||||
ipa sudocmdgroup-add --desc='administrators commands' admincmds
|
||||
|
||||
Remove a sudo command group:
|
||||
Remove a Sudo command group:
|
||||
ipa sudocmdgroup-del admincmds
|
||||
|
||||
Manage sudo command group membership, commands:
|
||||
Manage Sudo command group membership, commands:
|
||||
ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less,/usr/bin/vim admincmds
|
||||
|
||||
Manage sudo command group membership, commands:
|
||||
Manage Sudo command group membership, commands:
|
||||
ipa group-remove-member --sudocmds=/usr/bin/less admincmds
|
||||
|
||||
Show a sudo command group:
|
||||
Show a Sudo command group:
|
||||
ipa group-show localadmins
|
||||
"""
|
||||
|
||||
|
@@ -38,11 +38,11 @@ from ipalib import Str, StrEnum
|
||||
from ipalib.plugins.baseldap import *
|
||||
from ipalib import _, ngettext
|
||||
|
||||
topic = ('sudo', 'commands for controlling sudo configuration')
|
||||
topic = ('sudo', 'Commands for controlling sudo configuration')
|
||||
|
||||
class sudorule(LDAPObject):
|
||||
"""
|
||||
Sudo Rule.
|
||||
Sudo Rule management
|
||||
"""
|
||||
container_dn = api.env.container_sudorule
|
||||
object_name = 'Sudo Rule'
|
||||
|
@@ -24,7 +24,7 @@ Manage user entries. All users are POSIX users.
|
||||
|
||||
IPA supports a wide range of username formats, but you need to be aware of any
|
||||
restrictions that may apply to your particular environment. For example,
|
||||
usernames that starts with a digit or usernames that exceed a certain length
|
||||
usernames that start with a digit or usernames that exceed a certain length
|
||||
may cause problems for some UNIX systems.
|
||||
Use 'ipa config-mod' to change the username format allowed by IPA tools.
|
||||
|
||||
@@ -401,7 +401,7 @@ api.register(user_show)
|
||||
|
||||
class user_disable(LDAPQuery):
|
||||
"""
|
||||
Disable user account.
|
||||
Disable a user account.
|
||||
"""
|
||||
|
||||
has_output = output.standard_value
|
||||
@@ -424,7 +424,7 @@ api.register(user_disable)
|
||||
|
||||
class user_enable(LDAPQuery):
|
||||
"""
|
||||
Enable user account.
|
||||
Enable a user account.
|
||||
"""
|
||||
|
||||
has_output = output.standard_value
|
||||
@@ -446,10 +446,12 @@ api.register(user_enable)
|
||||
|
||||
class user_unlock(LDAPQuery):
|
||||
"""
|
||||
Lock user account
|
||||
Unlock a user account
|
||||
|
||||
- locked account can't log in against Kerberos and must be unlocked by admin
|
||||
- account can be locked e.g. by inputting wrong password too many times
|
||||
An account may become locked if the password is entered incorrectly too
|
||||
many times within a specific time period as controlled by password
|
||||
policy. A locked account is a temporary condition and may be unlocked by
|
||||
an administrator.
|
||||
"""
|
||||
has_output = output.standard_value
|
||||
msg_summary = _('Unlocked account "%(value)s"')
|
||||
|
Reference in New Issue
Block a user