IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-25 16:31:08 -06:00
Code Issues Packages Projects Releases Wiki Activity

Groups are now created as POSIX by default.

Browse Source 
ticket 241
This commit is contained in:
Rob Crittenden 2010-10-01 13:33:33 -04:00 committed by Adam Young
parent 88bd2a0a45
commit f906aaf376
2 changed files with 28 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
ipalib/plugins/group.py
View File

@ -20,10 +20,10 @@
""" """
Groups of users Groups of users
Manage groups of users. By default, new groups are not POSIX groups. You Manage groups of users. By default, new groups are POSIX groups. You
can add the --posix to the group-add command to mark a new group can add the --nonposix to the group-add command to mark a new group
as POSIX, and you can use the same argument to the group-mod command to as non-POSIX, and you can use the same argument to the group-mod command
convert a non-POSIX group to a POSIX group. POSIX groups cannot be to convert a non-POSIX group to a POSIX group. POSIX groups cannot be
converted to non-POSIX groups. converted to non-POSIX groups.
Every group must have a description. Every group must have a description.
@ -38,17 +38,17 @@ EXAMPLES:
Add a new group: Add a new group:
ipa group-add --desc='local administrators' localadmins ipa group-add --desc='local administrators' localadmins
Add a new POSIX group: Add a new non-POSIX group:
ipa group-add --posix --desc='remote administrators' remoteadmins ipa group-add --nonposix --desc='remote administrators' remoteadmins
Convert a non-POSIX group to posix: Convert a non-POSIX group to posix:
ipa group-mod --posix localadmins ipa group-mod --posix remoteadmins
Add a new POSIX group with a specific Group ID number: Add a new POSIX group with a specific Group ID number:
ipa group-add --posix --gid=500 --desc='unix admins' unixadmins ipa group-add --gid=500 --desc='unix admins' unixadmins
Add a new POSIX group and let IPA assign a Group ID number: Add a new POSIX group and let IPA assign a Group ID number:
ipa group-add --posix --desc='printer admins' printeradmins ipa group-add --desc='printer admins' printeradmins
Remove a group: Remove a group:
ipa group-del unixadmins ipa group-del unixadmins
@ -134,14 +134,15 @@ class group_add(LDAPCreate):
msg_summary = _('Added group "%(value)s"') msg_summary = _('Added group "%(value)s"')
takes_options = LDAPCreate.takes_options + ( takes_options = LDAPCreate.takes_options + (
Flag('posix', Flag('nonposix',
cli_name='posix', cli_name='nonposix',
doc=_('Create as posix group?'), doc=_('Create as a non-POSIX group?'),
default=False,
), ),
) )
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
if options['posix'] or 'gidnumber' in options: if not options['nonposix']:
entry_attrs['objectclass'].append('posixgroup') entry_attrs['objectclass'].append('posixgroup')
if not 'gidnumber' in options: if not 'gidnumber' in options:
entry_attrs['gidnumber'] = 999 entry_attrs['gidnumber'] = 999
@ -190,7 +191,7 @@ class group_mod(LDAPUpdate):
takes_options = LDAPUpdate.takes_options + ( takes_options = LDAPUpdate.takes_options + (
Flag('posix', Flag('posix',
cli_name='posix', cli_name='posix',
doc=_('change to posix group'), doc=_('change to a POSIX group'),
), ),
) )

20
tests/test_xmlrpc/test_group_plugin.py
View File

@ -66,9 +66,9 @@ class test_group(Declarative):
dict( dict(
desc='Create %r' % group1, desc='Create non-POSIX %r' % group1,
command=( command=(
'group_add', [group1], dict(description=u'Test desc 1') 'group_add', [group1], dict(description=u'Test desc 1',nonposix=True)
), ),
expected=dict( expected=dict(
value=group1, value=group1,
@ -94,7 +94,7 @@ class test_group(Declarative):
dict( dict(
desc='Retrieve %r' % group1, desc='Retrieve non-POSIX %r' % group1,
command=('group_show', [group1], {}), command=('group_show', [group1], {}),
expected=dict( expected=dict(
value=group1, value=group1,
@ -109,7 +109,7 @@ class test_group(Declarative):
dict( dict(
desc='Updated %r' % group1, desc='Updated non-POSIX %r' % group1,
command=( command=(
'group_mod', [group1], dict(description=u'New desc 1') 'group_mod', [group1], dict(description=u'New desc 1')
), ),
@ -143,7 +143,7 @@ class test_group(Declarative):
# group_mod() test. I think that for all *_mod() commands we should # group_mod() test. I think that for all *_mod() commands we should
# just return the entry exactly as *_show() does. # just return the entry exactly as *_show() does.
dict( dict(
desc='Updated %r to promote it to a posix group' % group1, desc='Updated %r to promote it to a POSIX group' % group1,
command=('group_mod', [group1], dict(posix=True)), command=('group_mod', [group1], dict(posix=True)),
expected=dict( expected=dict(
result=dict( result=dict(
@ -158,7 +158,7 @@ class test_group(Declarative):
dict( dict(
desc="Retrieve %r to verify it's a posix group" % group1, desc="Retrieve %r to verify it's a POSIX group" % group1,
command=('group_show', [group1], {}), command=('group_show', [group1], {}),
expected=dict( expected=dict(
value=group1, value=group1,
@ -227,7 +227,8 @@ class test_group(Declarative):
result=dict( result=dict(
cn=[group2], cn=[group2],
description=[u'Test desc 2'], description=[u'Test desc 2'],
objectclass=objectclasses.group, gidnumber=[fuzzy_digits],
objectclass=objectclasses.group + [u'posixgroup'],
ipauniqueid=[fuzzy_uuid], ipauniqueid=[fuzzy_uuid],
dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn, dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn,
), ),
@ -253,6 +254,7 @@ class test_group(Declarative):
result=dict( result=dict(
cn=[group2], cn=[group2],
description=[u'Test desc 2'], description=[u'Test desc 2'],
gidnumber=[fuzzy_digits],
dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn, dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn,
), ),
), ),
@ -267,6 +269,7 @@ class test_group(Declarative):
expected=dict( expected=dict(
result=dict( result=dict(
cn=[group2], cn=[group2],
gidnumber=[fuzzy_digits],
description=[u'New desc 2'], description=[u'New desc 2'],
), ),
summary=u'Modified group "testgroup2"', summary=u'Modified group "testgroup2"',
@ -283,6 +286,7 @@ class test_group(Declarative):
result=dict( result=dict(
cn=[group2], cn=[group2],
description=[u'New desc 2'], description=[u'New desc 2'],
gidnumber=[fuzzy_digits],
dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn, dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn,
), ),
summary=None, summary=None,
@ -301,6 +305,7 @@ class test_group(Declarative):
dn=u'cn=%s,cn=groups,cn=accounts,%s' % (group2, api.env.basedn), dn=u'cn=%s,cn=groups,cn=accounts,%s' % (group2, api.env.basedn),
cn=[group2], cn=[group2],
description=[u'New desc 2'], description=[u'New desc 2'],
gidnumber=[fuzzy_digits],
), ),
], ],
summary=u'1 group matched', summary=u'1 group matched',
@ -345,6 +350,7 @@ class test_group(Declarative):
dn=u'cn=%s,cn=groups,cn=accounts,%s' % (group2, api.env.basedn), dn=u'cn=%s,cn=groups,cn=accounts,%s' % (group2, api.env.basedn),
cn=[group2], cn=[group2],
description=[u'New desc 2'], description=[u'New desc 2'],
gidnumber=[fuzzy_digits],
), ),
], ],
), ),