Groups are now created as POSIX by default.

ticket 241
This commit is contained in:
Rob Crittenden 2010-10-01 13:33:33 -04:00 committed by Adam Young
parent 88bd2a0a45
commit f906aaf376
2 changed files with 28 additions and 21 deletions

View File

@ -20,10 +20,10 @@
"""
Groups of users
Manage groups of users. By default, new groups are not POSIX groups. You
can add the --posix to the group-add command to mark a new group
as POSIX, and you can use the same argument to the group-mod command to
convert a non-POSIX group to a POSIX group. POSIX groups cannot be
Manage groups of users. By default, new groups are POSIX groups. You
can add the --nonposix to the group-add command to mark a new group
as non-POSIX, and you can use the same argument to the group-mod command
to convert a non-POSIX group to a POSIX group. POSIX groups cannot be
converted to non-POSIX groups.
Every group must have a description.
@ -38,17 +38,17 @@ EXAMPLES:
Add a new group:
ipa group-add --desc='local administrators' localadmins
Add a new POSIX group:
ipa group-add --posix --desc='remote administrators' remoteadmins
Add a new non-POSIX group:
ipa group-add --nonposix --desc='remote administrators' remoteadmins
Convert a non-POSIX group to posix:
ipa group-mod --posix localadmins
ipa group-mod --posix remoteadmins
Add a new POSIX group with a specific Group ID number:
ipa group-add --posix --gid=500 --desc='unix admins' unixadmins
ipa group-add --gid=500 --desc='unix admins' unixadmins
Add a new POSIX group and let IPA assign a Group ID number:
ipa group-add --posix --desc='printer admins' printeradmins
ipa group-add --desc='printer admins' printeradmins
Remove a group:
ipa group-del unixadmins
@ -134,14 +134,15 @@ class group_add(LDAPCreate):
msg_summary = _('Added group "%(value)s"')
takes_options = LDAPCreate.takes_options + (
Flag('posix',
cli_name='posix',
doc=_('Create as posix group?'),
Flag('nonposix',
cli_name='nonposix',
doc=_('Create as a non-POSIX group?'),
default=False,
),
)
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
if options['posix'] or 'gidnumber' in options:
if not options['nonposix']:
entry_attrs['objectclass'].append('posixgroup')
if not 'gidnumber' in options:
entry_attrs['gidnumber'] = 999
@ -190,7 +191,7 @@ class group_mod(LDAPUpdate):
takes_options = LDAPUpdate.takes_options + (
Flag('posix',
cli_name='posix',
doc=_('change to posix group'),
doc=_('change to a POSIX group'),
),
)

View File

@ -66,9 +66,9 @@ class test_group(Declarative):
dict(
desc='Create %r' % group1,
desc='Create non-POSIX %r' % group1,
command=(
'group_add', [group1], dict(description=u'Test desc 1')
'group_add', [group1], dict(description=u'Test desc 1',nonposix=True)
),
expected=dict(
value=group1,
@ -94,7 +94,7 @@ class test_group(Declarative):
dict(
desc='Retrieve %r' % group1,
desc='Retrieve non-POSIX %r' % group1,
command=('group_show', [group1], {}),
expected=dict(
value=group1,
@ -109,7 +109,7 @@ class test_group(Declarative):
dict(
desc='Updated %r' % group1,
desc='Updated non-POSIX %r' % group1,
command=(
'group_mod', [group1], dict(description=u'New desc 1')
),
@ -143,7 +143,7 @@ class test_group(Declarative):
# group_mod() test. I think that for all *_mod() commands we should
# just return the entry exactly as *_show() does.
dict(
desc='Updated %r to promote it to a posix group' % group1,
desc='Updated %r to promote it to a POSIX group' % group1,
command=('group_mod', [group1], dict(posix=True)),
expected=dict(
result=dict(
@ -158,7 +158,7 @@ class test_group(Declarative):
dict(
desc="Retrieve %r to verify it's a posix group" % group1,
desc="Retrieve %r to verify it's a POSIX group" % group1,
command=('group_show', [group1], {}),
expected=dict(
value=group1,
@ -227,7 +227,8 @@ class test_group(Declarative):
result=dict(
cn=[group2],
description=[u'Test desc 2'],
objectclass=objectclasses.group,
gidnumber=[fuzzy_digits],
objectclass=objectclasses.group + [u'posixgroup'],
ipauniqueid=[fuzzy_uuid],
dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn,
),
@ -253,6 +254,7 @@ class test_group(Declarative):
result=dict(
cn=[group2],
description=[u'Test desc 2'],
gidnumber=[fuzzy_digits],
dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn,
),
),
@ -267,6 +269,7 @@ class test_group(Declarative):
expected=dict(
result=dict(
cn=[group2],
gidnumber=[fuzzy_digits],
description=[u'New desc 2'],
),
summary=u'Modified group "testgroup2"',
@ -283,6 +286,7 @@ class test_group(Declarative):
result=dict(
cn=[group2],
description=[u'New desc 2'],
gidnumber=[fuzzy_digits],
dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn,
),
summary=None,
@ -301,6 +305,7 @@ class test_group(Declarative):
dn=u'cn=%s,cn=groups,cn=accounts,%s' % (group2, api.env.basedn),
cn=[group2],
description=[u'New desc 2'],
gidnumber=[fuzzy_digits],
),
],
summary=u'1 group matched',
@ -345,6 +350,7 @@ class test_group(Declarative):
dn=u'cn=%s,cn=groups,cn=accounts,%s' % (group2, api.env.basedn),
cn=[group2],
description=[u'New desc 2'],
gidnumber=[fuzzy_digits],
),
],
),