Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 292955 Details for
Bug 430243
Use consistent naming for tools
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
rename tools and man pages
freeipa-599-rename.patch (text/plain), 85.32 KB, created by
Rob Crittenden
on 2008-01-25 16:12:13 UTC
(
hide
)
Description:
rename tools and man pages
Filename:
MIME Type:
Creator:
Rob Crittenden
Created:
2008-01-25 16:12:13 UTC
Size:
85.32 KB
patch
obsolete
># HG changeset patch ># User Rob Crittenden <rcritten@redhat.com> ># Date 1201278192 18000 ># Node ID f4008faa4726e69b91a52eeae5772bd3d9224342 ># Parent fbffe27e5e2b82693635b5101d5c2698dc042b04 >Use consistent naming for tools. > >Resolves 430243 > >diff -r fbffe27e5e2b -r f4008faa4726 ipa-admintools/Makefile >--- a/ipa-admintools/Makefile Fri Jan 25 10:17:37 2008 -0500 >+++ b/ipa-admintools/Makefile Fri Jan 25 11:23:12 2008 -0500 >@@ -10,13 +10,13 @@ install: > install: > install -m 755 ipa-adduser $(SBINDIR) > install -m 755 ipa-finduser $(SBINDIR) >- install -m 755 ipa-usermod $(SBINDIR) >+ install -m 755 ipa-moduser $(SBINDIR) > install -m 755 ipa-deluser $(SBINDIR) > install -m 755 ipa-lockuser $(SBINDIR) > install -m 755 ipa-addgroup $(SBINDIR) > install -m 755 ipa-delgroup $(SBINDIR) > install -m 755 ipa-findgroup $(SBINDIR) >- install -m 755 ipa-groupmod $(SBINDIR) >+ install -m 755 ipa-modgroup $(SBINDIR) > install -m 755 ipa-passwd $(SBINDIR) > install -m 755 ipa-addservice $(SBINDIR) > install -m 755 ipa-adddelegation $(SBINDIR) >diff -r fbffe27e5e2b -r f4008faa4726 ipa-admintools/ipa-groupmod >--- a/ipa-admintools/ipa-groupmod Fri Jan 25 10:17:37 2008 -0500 >+++ /dev/null Thu Jan 01 00:00:00 1970 +0000 >@@ -1,171 +0,0 @@ >-#! /usr/bin/python -E >-# Authors: Rob Crittenden <rcritten@redhat.com> >-# >-# Copyright (C) 2007 Red Hat >-# see file 'COPYING' for use and warranty information >-# >-# This program is free software; you can redistribute it and/or >-# modify it under the terms of the GNU General Public License as >-# published by the Free Software Foundation; version 2 only >-# >-# This program is distributed in the hope that it will be useful, >-# but WITHOUT ANY WARRANTY; without even the implied warranty of >-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >-# GNU General Public License for more details. >-# >-# You should have received a copy of the GNU General Public License >-# along with this program; if not, write to the Free Software >-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA >-# >- >-import sys >-from optparse import OptionParser >-import ipa >-import ipa.group >-import ipa.ipaclient as ipaclient >-import ipa.config >-import ipa.ipaerror >- >-import xmlrpclib >-import kerberos >-import ldap >-import errno >- >-def usage(): >- print "ipa-groupmod [-a|--add] [-r|--remove] user group" >- print "ipa-groupmod [-d|--desc description STRING] [--addattr attribute=value] [--delattr attribute] [--setattr attribute=value] group" >- sys.exit(1) >- >-def set_add_usage(which): >- print "%s option usage: --%s NAME=VALUE" % (which, which) >- >-def parse_options(): >- parser = OptionParser() >- parser.add_option("-a", "--add", dest="add", action="store_true", >- help="Add a user to the group") >- parser.add_option("-r", "--remove", dest="remove", action="store_true", >- help="Remove a user from the group") >- parser.add_option("-d", "--description", dest="desc", >- help="Modify the description of the group") >- parser.add_option("--addattr", dest="addattr", >- help="Adds an attribute or values to that attribute, attr=value", >- action="append") >- parser.add_option("--delattr", dest="delattr", >- help="Remove an attribute", action="append") >- parser.add_option("--setattr", dest="setattr", >- help="Set an attribute, dropping any existing values that may exist", >- action="append") >- parser.add_option("--usage", action="store_true", >- help="Program usage") >- >- args = ipa.config.init_config(sys.argv) >- options, args = parser.parse_args(args) >- >- if (not options.add and not options.remove) and (not options.desc and >- not options.addattr and not options.delattr and not options.setattr): >- usage() >- >- return options, args >- >-def get_group(client, options, group_cn): >- try: >- attrs = ['*'] >- >- # in case any attributes being modified are operational such as >- # nsaccountlock. Any attribute to be deleted needs to be included >- # in the original record so it can be seen as being removed. >- if options.delattr: >- for d in options.delattr: >- attrs.append(d) >- group = client.get_entry_by_cn(group_cn, sattrs=attrs) >- >- except ipa.ipaerror.IPAError, e: >- print "%s" % e.message >- return None >- >- return group >- >-def main(): >- group=ipa.group.Group() >- options, args = parse_options() >- >- if (options.add or options.remove) and (len(args) != 3): >- usage() >- elif ((options.desc or options.addattr or options.delattr or options.setattr) and (len(args) != 2)): >- usage() >- >- try: >- client = ipaclient.IPAClient() >- if options.add: >- group = get_group(client, options, args[2]) >- if group is None: >- return 1 >- users = args[1].split(',') >- for user in users: >- client.add_user_to_group(user, group.dn) >- print user + " successfully added to " + args[2] >- elif options.remove: >- group = get_group(client, options, args[2]) >- if group is None: >- return 1 >- users = args[1].split(',') >- for user in users: >- client.remove_user_from_group(user, group.dn) >- print user + " successfully removed" >- else: >- group = get_group(client, options, args[1]) >- if group is None: >- return 1 >- >- if options.desc: >- group.setValue('description', options.desc) >- >- if options.delattr: >- for d in options.delattr: >- group.delValue(d) >- >- if options.setattr: >- for s in options.setattr: >- s = s.split('=') >- if len(s) != 2: >- set_add_usage("set") >- sys.exit(1) >- (attr,value) = s >- group.setValue(attr, value) >- >- if options.addattr: >- for a in options.addattr: >- a = a.split('=') >- if len(a) != 2: >- set_add_usage("add") >- sys.exit(1) >- (attr,value) = a >- cvalue = group.getValue(attr) >- if cvalue: >- if isinstance(cvalue,str): >- cvalue = [cvalue] >- value = cvalue + [value] >- group.setValue(attr, value) >- >- client.update_group(group) >- print args[1] + " successfully updated" >- except xmlrpclib.Fault, fault: >- if fault.faultCode == errno.ECONNREFUSED: >- print "The IPA XML-RPC service is not responding." >- else: >- print fault.faultString >- return 1 >- except kerberos.GSSError, e: >- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >- return 1 >- except xmlrpclib.ProtocolError, e: >- print "Unable to connect to IPA server: %s" % (e.errmsg) >- return 1 >- except ipa.ipaerror.IPAError, e: >- print "%s" % (e.message) >- return 1 >- >- return 0 >- >-if __name__ == "__main__": >- sys.exit(main()) >diff -r fbffe27e5e2b -r f4008faa4726 ipa-admintools/ipa-modgroup >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/ipa-admintools/ipa-modgroup Fri Jan 25 11:23:12 2008 -0500 >@@ -0,0 +1,171 @@ >+#! /usr/bin/python -E >+# Authors: Rob Crittenden <rcritten@redhat.com> >+# >+# Copyright (C) 2007 Red Hat >+# see file 'COPYING' for use and warranty information >+# >+# This program is free software; you can redistribute it and/or >+# modify it under the terms of the GNU General Public License as >+# published by the Free Software Foundation; version 2 only >+# >+# This program is distributed in the hope that it will be useful, >+# but WITHOUT ANY WARRANTY; without even the implied warranty of >+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+# GNU General Public License for more details. >+# >+# You should have received a copy of the GNU General Public License >+# along with this program; if not, write to the Free Software >+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA >+# >+ >+import sys >+from optparse import OptionParser >+import ipa >+import ipa.group >+import ipa.ipaclient as ipaclient >+import ipa.config >+import ipa.ipaerror >+ >+import xmlrpclib >+import kerberos >+import ldap >+import errno >+ >+def usage(): >+ print "ipa-modgroup [-a|--add] [-r|--remove] user group" >+ print "ipa-modgroup [-d|--desc description STRING] [--addattr attribute=value] [--delattr attribute] [--setattr attribute=value] group" >+ sys.exit(1) >+ >+def set_add_usage(which): >+ print "%s option usage: --%s NAME=VALUE" % (which, which) >+ >+def parse_options(): >+ parser = OptionParser() >+ parser.add_option("-a", "--add", dest="add", action="store_true", >+ help="Add a user to the group") >+ parser.add_option("-r", "--remove", dest="remove", action="store_true", >+ help="Remove a user from the group") >+ parser.add_option("-d", "--description", dest="desc", >+ help="Modify the description of the group") >+ parser.add_option("--addattr", dest="addattr", >+ help="Adds an attribute or values to that attribute, attr=value", >+ action="append") >+ parser.add_option("--delattr", dest="delattr", >+ help="Remove an attribute", action="append") >+ parser.add_option("--setattr", dest="setattr", >+ help="Set an attribute, dropping any existing values that may exist", >+ action="append") >+ parser.add_option("--usage", action="store_true", >+ help="Program usage") >+ >+ args = ipa.config.init_config(sys.argv) >+ options, args = parser.parse_args(args) >+ >+ if (not options.add and not options.remove) and (not options.desc and >+ not options.addattr and not options.delattr and not options.setattr): >+ usage() >+ >+ return options, args >+ >+def get_group(client, options, group_cn): >+ try: >+ attrs = ['*'] >+ >+ # in case any attributes being modified are operational such as >+ # nsaccountlock. Any attribute to be deleted needs to be included >+ # in the original record so it can be seen as being removed. >+ if options.delattr: >+ for d in options.delattr: >+ attrs.append(d) >+ group = client.get_entry_by_cn(group_cn, sattrs=attrs) >+ >+ except ipa.ipaerror.IPAError, e: >+ print "%s" % e.message >+ return None >+ >+ return group >+ >+def main(): >+ group=ipa.group.Group() >+ options, args = parse_options() >+ >+ if (options.add or options.remove) and (len(args) != 3): >+ usage() >+ elif ((options.desc or options.addattr or options.delattr or options.setattr) and (len(args) != 2)): >+ usage() >+ >+ try: >+ client = ipaclient.IPAClient() >+ if options.add: >+ group = get_group(client, options, args[2]) >+ if group is None: >+ return 1 >+ users = args[1].split(',') >+ for user in users: >+ client.add_user_to_group(user, group.dn) >+ print user + " successfully added to " + args[2] >+ elif options.remove: >+ group = get_group(client, options, args[2]) >+ if group is None: >+ return 1 >+ users = args[1].split(',') >+ for user in users: >+ client.remove_user_from_group(user, group.dn) >+ print user + " successfully removed" >+ else: >+ group = get_group(client, options, args[1]) >+ if group is None: >+ return 1 >+ >+ if options.desc: >+ group.setValue('description', options.desc) >+ >+ if options.delattr: >+ for d in options.delattr: >+ group.delValue(d) >+ >+ if options.setattr: >+ for s in options.setattr: >+ s = s.split('=') >+ if len(s) != 2: >+ set_add_usage("set") >+ sys.exit(1) >+ (attr,value) = s >+ group.setValue(attr, value) >+ >+ if options.addattr: >+ for a in options.addattr: >+ a = a.split('=') >+ if len(a) != 2: >+ set_add_usage("add") >+ sys.exit(1) >+ (attr,value) = a >+ cvalue = group.getValue(attr) >+ if cvalue: >+ if isinstance(cvalue,str): >+ cvalue = [cvalue] >+ value = cvalue + [value] >+ group.setValue(attr, value) >+ >+ client.update_group(group) >+ print args[1] + " successfully updated" >+ except xmlrpclib.Fault, fault: >+ if fault.faultCode == errno.ECONNREFUSED: >+ print "The IPA XML-RPC service is not responding." >+ else: >+ print fault.faultString >+ return 1 >+ except kerberos.GSSError, e: >+ print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >+ return 1 >+ except xmlrpclib.ProtocolError, e: >+ print "Unable to connect to IPA server: %s" % (e.errmsg) >+ return 1 >+ except ipa.ipaerror.IPAError, e: >+ print "%s" % (e.message) >+ return 1 >+ >+ return 0 >+ >+if __name__ == "__main__": >+ sys.exit(main()) >diff -r fbffe27e5e2b -r f4008faa4726 ipa-admintools/ipa-moduser >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/ipa-admintools/ipa-moduser Fri Jan 25 11:23:12 2008 -0500 >@@ -0,0 +1,272 @@ >+#! /usr/bin/python -E >+# Authors: Rob Crittenden <rcritten@redhat.com> >+# >+# Copyright (C) 2007 Red Hat >+# see file 'COPYING' for use and warranty information >+# >+# This program is free software; you can redistribute it and/or >+# modify it under the terms of the GNU General Public License as >+# published by the Free Software Foundation; version 2 only >+# >+# This program is distributed in the hope that it will be useful, >+# but WITHOUT ANY WARRANTY; without even the implied warranty of >+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+# GNU General Public License for more details. >+# >+# You should have received a copy of the GNU General Public License >+# along with this program; if not, write to the Free Software >+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA >+# >+ >+import sys >+from optparse import OptionParser >+import ipa >+import ipa.user >+import ipa.ipaclient as ipaclient >+import ipa.ipavalidate as ipavalidate >+import ipa.config >+ >+import xmlrpclib >+import kerberos >+import ldap >+import errno >+ >+def usage(): >+ print "ipa-moduser [-a|--activate] [-c|--gecos STRING] [-d|--directory STRING] [-f|--firstname STRING] [-l|--lastname STRING] [-s|--shell STRING] [--add attribute=value] [--del attribute] [--set attribute=value] user" >+ sys.exit(1) >+ >+def set_add_usage(which): >+ print "%s option usage: --%s NAME=VALUE" % (which, which) >+ >+def parse_options(): >+ parser = OptionParser() >+ parser.add_option("-a", "--activate", dest="activate", action="store_true", >+ help="Activate the user") >+ parser.add_option("-c", "--gecos", dest="gecos", >+ help="Set the GECOS field") >+ parser.add_option("-d", "--directory", dest="directory", >+ help="Set the User's home directory") >+ parser.add_option("-f", "--firstname", dest="gn", >+ help="User's first name") >+ parser.add_option("-l", "--lastname", dest="sn", >+ help="User's last name") >+ parser.add_option("-s", "--shell", dest="shell", >+ help="Set user's login shell to shell") >+ parser.add_option("--addattr", dest="addattr", >+ help="Adds an attribute or values to that attribute, attr=value", >+ action="append") >+ parser.add_option("--delattr", dest="delattr", >+ help="Remove an attribute", action="append") >+ parser.add_option("--setattr", dest="setattr", >+ help="Set an attribute, dropping any existing values that may exist", >+ action="append") >+ parser.add_option("-M", "--mailAddress", dest="mail", >+ help="Set user's e-mail address") >+ parser.add_option("--usage", action="store_true", >+ help="Program usage") >+ >+ args = ipa.config.init_config(sys.argv) >+ options, args = parser.parse_args(args) >+ >+ return options, args >+ >+def main(): >+ # The following fields are required >+ givenname = "" >+ lastname = "" >+ username = "" >+ mail = "" >+ gecos = "" >+ directory = "" >+ groups = "" >+ shell = "" >+ >+ match = False >+ cont = False >+ >+ options, args = parse_options() >+ >+ if len(args) != 2: >+ usage() >+ >+ username = args[1] >+ >+ client = ipaclient.IPAClient() >+ try: >+ attrs = ['*'] >+ >+ # in case any attributes being modified are operational such as >+ # nsaccountlock. Any attribute to be deleted needs to be included >+ # in the original record so it can be seen as being removed. >+ if options.delattr: >+ for d in options.delattr: >+ attrs.append(d) >+ user = client.get_user_by_uid(username, sattrs=attrs) >+ except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_NOT_FOUND): >+ print "User %s not found" % username >+ return 1 >+ except ipa.ipaerror.IPAError, e: >+ print "%s" % e.message >+ return 1 >+ except kerberos.GSSError, e: >+ print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >+ return 1 >+ >+ # If any options are set we use just those. Otherwise ask for all of them. >+ if options.gn or options.sn or options.directory or options.gecos or options.mail or options.shell or options.addattr or options.delattr or options.setattr or options.activate: >+ givenname = options.gn >+ lastname = options.sn >+ gecos = options.gecos >+ directory = options.directory >+ mail = options.mail >+ shell = options.shell >+ else: >+ if not options.gn: >+ while (cont != True): >+ givenname = raw_input("First name: [%s] " % user.getValue('givenname')) >+ if (ipavalidate.String(givenname, notEmpty=False)): >+ print "Please enter a value" >+ else: >+ cont = True >+ if len(givenname) < 1: >+ givenname = None >+ cont = True >+ else: >+ givenname = options.gn >+ if (ipavalidate.String(givenname, notEmpty=True)): >+ print "Please enter a value" >+ return 1 >+ >+ cont = False >+ if not options.sn: >+ while (cont != True): >+ lastname = raw_input(" Last name: [%s] " % user.getValue('sn')) >+ if (ipavalidate.String(lastname, notEmpty=False)): >+ print "Please enter a value" >+ else: >+ cont = True >+ if len(lastname) < 1: >+ lastname = None >+ cont = True >+ else: >+ lastname = options.sn >+ if (ipavalidate.String(lastname, notEmpty=True)): >+ print "Please enter a value" >+ return 1 >+ >+ cont = False >+ if not options.mail: >+ while (cont != True): >+ mail = raw_input("E-mail addr: [%s]" % user.getValue('mail')) >+ if (ipavalidate.Email(mail, notEmpty=False)): >+ print "E-mail must include a user and domain name" >+ else: >+ cont = True >+ else: >+ mail = options.mail >+ if (ipavalidate.Email(mail)): >+ print "E-mail must include a user and domain name" >+ return 1 >+ >+ # Ask the questions we don't normally force. We don't require answers >+ # for these. >+ cont = False >+ if not options.gecos: >+ while (cont != True): >+ gecos = raw_input("gecos: [%s] " % user.getValue('gecos')) >+ if (ipavalidate.String(gecos, notEmpty=False)): >+ print "Please enter a value" >+ else: >+ cont = True >+ >+ cont = False >+ if not options.directory: >+ while (cont != True): >+ directory = raw_input("home directory: [%s] " % user.getValue('homeDirectory')) >+ if (ipavalidate.Path(gecos, notEmpty=False)): >+ print "Valid path is required" >+ else: >+ cont = True >+ cont = False >+ if not options.shell: >+ while (cont != True): >+ shell = raw_input("shell: [%s] " % user.getValue('loginshell')) >+ >+ if len(shell) < 1: >+ shell = None >+ cont = True >+ cont = False >+ >+ if givenname: >+ user.setValue('givenname', givenname) >+ if lastname: >+ user.setValue('sn', lastname) >+ if mail: >+ user.setValue('mail', mail) >+ >+ if gecos: >+ user.setValue('gecos', gecos) >+ if directory: >+ user.setValue('homedirectory', directory) >+ if shell: >+ user.setValue('loginshell', shell) >+ >+ if options.delattr: >+ for d in options.delattr: >+ user.delValue(d) >+ >+ if options.setattr: >+ for s in options.setattr: >+ s = s.split('=') >+ if len(s) != 2: >+ set_add_usage("set") >+ sys.exit(1) >+ (attr,value) = s >+ user.setValue(attr, value) >+ >+ if options.addattr: >+ for a in options.addattr: >+ a = a.split('=') >+ if len(a) != 2: >+ set_add_usage("add") >+ sys.exit(1) >+ (attr,value) = a >+ cvalue = user.getValue(attr) >+ if cvalue: >+ if isinstance(cvalue,str): >+ cvalue = [cvalue] >+ value = cvalue + [value] >+ user.setValue(attr, value) >+ >+ try: >+ if options.activate: >+ try: >+ client.mark_user_active(user.getValues('uid')) >+ print "User activated successfully." >+ except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST): >+ print "User is already marked active" >+ return 0 >+ except: >+ raise >+ client.update_user(user) >+ except xmlrpclib.Fault, fault: >+ if fault.faultCode == errno.ECONNREFUSED: >+ print "The IPA XML-RPC service is not responding." >+ else: >+ print fault.faultString >+ return 1 >+ except kerberos.GSSError, e: >+ print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >+ return 1 >+ except xmlrpclib.ProtocolError, e: >+ print "Unable to connect to IPA server: %s" % (e.errmsg) >+ return 1 >+ except ipa.ipaerror.IPAError, e: >+ print "%s" % (e.message) >+ return 1 >+ >+ print username + " successfully updated" >+ return 0 >+ >+if __name__ == "__main__": >+ sys.exit(main()) >diff -r fbffe27e5e2b -r f4008faa4726 ipa-admintools/ipa-usermod >--- a/ipa-admintools/ipa-usermod Fri Jan 25 10:17:37 2008 -0500 >+++ /dev/null Thu Jan 01 00:00:00 1970 +0000 >@@ -1,272 +0,0 @@ >-#! /usr/bin/python -E >-# Authors: Rob Crittenden <rcritten@redhat.com> >-# >-# Copyright (C) 2007 Red Hat >-# see file 'COPYING' for use and warranty information >-# >-# This program is free software; you can redistribute it and/or >-# modify it under the terms of the GNU General Public License as >-# published by the Free Software Foundation; version 2 only >-# >-# This program is distributed in the hope that it will be useful, >-# but WITHOUT ANY WARRANTY; without even the implied warranty of >-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >-# GNU General Public License for more details. >-# >-# You should have received a copy of the GNU General Public License >-# along with this program; if not, write to the Free Software >-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA >-# >- >-import sys >-from optparse import OptionParser >-import ipa >-import ipa.user >-import ipa.ipaclient as ipaclient >-import ipa.ipavalidate as ipavalidate >-import ipa.config >- >-import xmlrpclib >-import kerberos >-import ldap >-import errno >- >-def usage(): >- print "ipa-usermod [-a|--activate] [-c|--gecos STRING] [-d|--directory STRING] [-f|--firstname STRING] [-l|--lastname STRING] [-s|--shell STRING] [--add attribute=value] [--del attribute] [--set attribute=value] user" >- sys.exit(1) >- >-def set_add_usage(which): >- print "%s option usage: --%s NAME=VALUE" % (which, which) >- >-def parse_options(): >- parser = OptionParser() >- parser.add_option("-a", "--activate", dest="activate", action="store_true", >- help="Activate the user") >- parser.add_option("-c", "--gecos", dest="gecos", >- help="Set the GECOS field") >- parser.add_option("-d", "--directory", dest="directory", >- help="Set the User's home directory") >- parser.add_option("-f", "--firstname", dest="gn", >- help="User's first name") >- parser.add_option("-l", "--lastname", dest="sn", >- help="User's last name") >- parser.add_option("-s", "--shell", dest="shell", >- help="Set user's login shell to shell") >- parser.add_option("--addattr", dest="addattr", >- help="Adds an attribute or values to that attribute, attr=value", >- action="append") >- parser.add_option("--delattr", dest="delattr", >- help="Remove an attribute", action="append") >- parser.add_option("--setattr", dest="setattr", >- help="Set an attribute, dropping any existing values that may exist", >- action="append") >- parser.add_option("-M", "--mailAddress", dest="mail", >- help="Set user's e-mail address") >- parser.add_option("--usage", action="store_true", >- help="Program usage") >- >- args = ipa.config.init_config(sys.argv) >- options, args = parser.parse_args(args) >- >- return options, args >- >-def main(): >- # The following fields are required >- givenname = "" >- lastname = "" >- username = "" >- mail = "" >- gecos = "" >- directory = "" >- groups = "" >- shell = "" >- >- match = False >- cont = False >- >- options, args = parse_options() >- >- if len(args) != 2: >- usage() >- >- username = args[1] >- >- client = ipaclient.IPAClient() >- try: >- attrs = ['*'] >- >- # in case any attributes being modified are operational such as >- # nsaccountlock. Any attribute to be deleted needs to be included >- # in the original record so it can be seen as being removed. >- if options.delattr: >- for d in options.delattr: >- attrs.append(d) >- user = client.get_user_by_uid(username, sattrs=attrs) >- except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_NOT_FOUND): >- print "User %s not found" % username >- return 1 >- except ipa.ipaerror.IPAError, e: >- print "%s" % e.message >- return 1 >- except kerberos.GSSError, e: >- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >- return 1 >- >- # If any options are set we use just those. Otherwise ask for all of them. >- if options.gn or options.sn or options.directory or options.gecos or options.mail or options.shell or options.addattr or options.delattr or options.setattr or options.activate: >- givenname = options.gn >- lastname = options.sn >- gecos = options.gecos >- directory = options.directory >- mail = options.mail >- shell = options.shell >- else: >- if not options.gn: >- while (cont != True): >- givenname = raw_input("First name: [%s] " % user.getValue('givenname')) >- if (ipavalidate.String(givenname, notEmpty=False)): >- print "Please enter a value" >- else: >- cont = True >- if len(givenname) < 1: >- givenname = None >- cont = True >- else: >- givenname = options.gn >- if (ipavalidate.String(givenname, notEmpty=True)): >- print "Please enter a value" >- return 1 >- >- cont = False >- if not options.sn: >- while (cont != True): >- lastname = raw_input(" Last name: [%s] " % user.getValue('sn')) >- if (ipavalidate.String(lastname, notEmpty=False)): >- print "Please enter a value" >- else: >- cont = True >- if len(lastname) < 1: >- lastname = None >- cont = True >- else: >- lastname = options.sn >- if (ipavalidate.String(lastname, notEmpty=True)): >- print "Please enter a value" >- return 1 >- >- cont = False >- if not options.mail: >- while (cont != True): >- mail = raw_input("E-mail addr: [%s]" % user.getValue('mail')) >- if (ipavalidate.Email(mail, notEmpty=False)): >- print "E-mail must include a user and domain name" >- else: >- cont = True >- else: >- mail = options.mail >- if (ipavalidate.Email(mail)): >- print "E-mail must include a user and domain name" >- return 1 >- >- # Ask the questions we don't normally force. We don't require answers >- # for these. >- cont = False >- if not options.gecos: >- while (cont != True): >- gecos = raw_input("gecos: [%s] " % user.getValue('gecos')) >- if (ipavalidate.String(gecos, notEmpty=False)): >- print "Please enter a value" >- else: >- cont = True >- >- cont = False >- if not options.directory: >- while (cont != True): >- directory = raw_input("home directory: [%s] " % user.getValue('homeDirectory')) >- if (ipavalidate.Path(gecos, notEmpty=False)): >- print "Valid path is required" >- else: >- cont = True >- cont = False >- if not options.shell: >- while (cont != True): >- shell = raw_input("shell: [%s] " % user.getValue('loginshell')) >- >- if len(shell) < 1: >- shell = None >- cont = True >- cont = False >- >- if givenname: >- user.setValue('givenname', givenname) >- if lastname: >- user.setValue('sn', lastname) >- if mail: >- user.setValue('mail', mail) >- >- if gecos: >- user.setValue('gecos', gecos) >- if directory: >- user.setValue('homedirectory', directory) >- if shell: >- user.setValue('loginshell', shell) >- >- if options.delattr: >- for d in options.delattr: >- user.delValue(d) >- >- if options.setattr: >- for s in options.setattr: >- s = s.split('=') >- if len(s) != 2: >- set_add_usage("set") >- sys.exit(1) >- (attr,value) = s >- user.setValue(attr, value) >- >- if options.addattr: >- for a in options.addattr: >- a = a.split('=') >- if len(a) != 2: >- set_add_usage("add") >- sys.exit(1) >- (attr,value) = a >- cvalue = user.getValue(attr) >- if cvalue: >- if isinstance(cvalue,str): >- cvalue = [cvalue] >- value = cvalue + [value] >- user.setValue(attr, value) >- >- try: >- if options.activate: >- try: >- client.mark_user_active(user.getValues('uid')) >- print "User activated successfully." >- except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST): >- print "User is already marked active" >- return 0 >- except: >- raise >- client.update_user(user) >- except xmlrpclib.Fault, fault: >- if fault.faultCode == errno.ECONNREFUSED: >- print "The IPA XML-RPC service is not responding." >- else: >- print fault.faultString >- return 1 >- except kerberos.GSSError, e: >- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >- return 1 >- except xmlrpclib.ProtocolError, e: >- print "Unable to connect to IPA server: %s" % (e.errmsg) >- return 1 >- except ipa.ipaerror.IPAError, e: >- print "%s" % (e.message) >- return 1 >- >- print username + " successfully updated" >- return 0 >- >-if __name__ == "__main__": >- sys.exit(main()) >diff -r fbffe27e5e2b -r f4008faa4726 ipa-admintools/man/Makefile >--- a/ipa-admintools/man/Makefile Fri Jan 25 10:17:37 2008 -0500 >+++ b/ipa-admintools/man/Makefile Fri Jan 25 11:23:12 2008 -0500 >@@ -9,12 +9,12 @@ MANFILES=\ > ipa-deluser.1 \ > ipa-findgroup.1 \ > ipa-finduser.1 \ >- ipa-groupmod.1 \ >+ ipa-modgroup.1 \ > ipa-listdelegation.1 \ > ipa-lockuser.1 \ > ipa-moddelegation.1 \ > ipa-passwd.1 \ >- ipa-usermod.1 \ >+ ipa-moduser.1 \ > ipa-getkeytab.1 > > all: ; >diff -r fbffe27e5e2b -r f4008faa4726 ipa-admintools/man/ipa-groupmod.1 >--- a/ipa-admintools/man/ipa-groupmod.1 Fri Jan 25 10:17:37 2008 -0500 >+++ /dev/null Thu Jan 01 00:00:00 1970 +0000 >@@ -1,53 +0,0 @@ >-.\" A man page for ipa-groupmod >-.\" Copyright (C) 2007 Red Hat, Inc. >-.\" >-.\" This is free software; you can redistribute it and/or modify it under >-.\" the terms of the GNU Library General Public License as published by >-.\" the Free Software Foundation; either version 2 of the License, or >-.\" (at your option) any later version. >-.\" >-.\" This program is distributed in the hope that it will be useful, but >-.\" WITHOUT ANY WARRANTY; without even the implied warranty of >-.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >-.\" General Public License for more details. >-.\" >-.\" You should have received a copy of the GNU Library General Public >-.\" License along with this program; if not, write to the Free Software >-.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. >-.\" >-.\" Author: Rob Crittenden <rcritten@redhat.com> >-.\" >-.TH "ipa-groupmod" "1" "Oct 10 2007" "freeipa" "" >-.SH "NAME" >-ipa\-groupmod \- Modify a group >-.SH "SYNOPSIS" >-ipa\-groupmod [\fIOPTION\fR]... \fIgroup\fR >- >-.SH "DESCRIPTION" >-Updates the members or description of \fIgroup\fR. >-.SH "OPTIONS" >-.TP >-\fB\-a\fR, \fB\-\-add\fR=\fIuser1,user2,...usern\fR >-Add one or more users to the group >- >-.TP >-\fB\-d\fR, \fB\-\-description\fR=\fIdescription\fR >-Modify the description of the group >- >-.TP >-\fB\-r\fR, \fB\-\-remove\fR=\fIuser1,user2,...usern\fR >-Remove one or more users from the group >- >-.TP >-\fB\-\-addattr\fR=\fIattr=value\fR >-Add a new attribute, or value to an existing attribute >- >-.TP >-\fB\-\-delattr\fR=\fIattr=value\fR >-Remove an attribute and all values >- >-.TP >-\fB\-\-setattr\fR=\fIattr=value\fR >-Set an attribute to a new value, removing all old ones >-.SH "EXIT STATUS" >-The exit status is 0 on success, nonzero on error. >diff -r fbffe27e5e2b -r f4008faa4726 ipa-admintools/man/ipa-modgroup.1 >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/ipa-admintools/man/ipa-modgroup.1 Fri Jan 25 11:23:12 2008 -0500 >@@ -0,0 +1,53 @@ >+.\" A man page for ipa-modgroup >+.\" Copyright (C) 2007 Red Hat, Inc. >+.\" >+.\" This is free software; you can redistribute it and/or modify it under >+.\" the terms of the GNU Library General Public License as published by >+.\" the Free Software Foundation; either version 2 of the License, or >+.\" (at your option) any later version. >+.\" >+.\" This program is distributed in the hope that it will be useful, but >+.\" WITHOUT ANY WARRANTY; without even the implied warranty of >+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >+.\" General Public License for more details. >+.\" >+.\" You should have received a copy of the GNU Library General Public >+.\" License along with this program; if not, write to the Free Software >+.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. >+.\" >+.\" Author: Rob Crittenden <rcritten@redhat.com> >+.\" >+.TH "ipa-modgroup" "1" "Oct 10 2007" "freeipa" "" >+.SH "NAME" >+ipa\-modgroup \- Modify a group >+.SH "SYNOPSIS" >+ipa\-modgroup [\fIOPTION\fR]... \fIgroup\fR >+ >+.SH "DESCRIPTION" >+Updates the members or description of \fIgroup\fR. >+.SH "OPTIONS" >+.TP >+\fB\-a\fR, \fB\-\-add\fR=\fIuser1,user2,...usern\fR >+Add one or more users to the group >+ >+.TP >+\fB\-d\fR, \fB\-\-description\fR=\fIdescription\fR >+Modify the description of the group >+ >+.TP >+\fB\-r\fR, \fB\-\-remove\fR=\fIuser1,user2,...usern\fR >+Remove one or more users from the group >+ >+.TP >+\fB\-\-addattr\fR=\fIattr=value\fR >+Add a new attribute, or value to an existing attribute >+ >+.TP >+\fB\-\-delattr\fR=\fIattr=value\fR >+Remove an attribute and all values >+ >+.TP >+\fB\-\-setattr\fR=\fIattr=value\fR >+Set an attribute to a new value, removing all old ones >+.SH "EXIT STATUS" >+The exit status is 0 on success, nonzero on error. >diff -r fbffe27e5e2b -r f4008faa4726 ipa-admintools/man/ipa-moduser.1 >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/ipa-admintools/man/ipa-moduser.1 Fri Jan 25 11:23:12 2008 -0500 >@@ -0,0 +1,53 @@ >+.\" A man page for ipa-moduser >+.\" Copyright (C) 2007 Red Hat, Inc. >+.\" >+.\" This is free software; you can redistribute it and/or modify it under >+.\" the terms of the GNU Library General Public License as published by >+.\" the Free Software Foundation; either version 2 of the License, or >+.\" (at your option) any later version. >+.\" >+.\" This program is distributed in the hope that it will be useful, but >+.\" WITHOUT ANY WARRANTY; without even the implied warranty of >+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >+.\" General Public License for more details. >+.\" >+.\" You should have received a copy of the GNU Library General Public >+.\" License along with this program; if not, write to the Free Software >+.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. >+.\" >+.\" Author: Rob Crittenden <rcritten@redhat.com> >+.\" >+.TH "ipa-moduser" "1" "Oct 10 2007" "freeipa" "" >+.SH "NAME" >+ipa\-moduser \- Modify a user >+.SH "SYNOPSIS" >+ipa\-moduser [\fIOPTION\fR]... \fIname\fR >+ >+.SH "DESCRIPTION" >+Updates the user \fIname\fR. >+.SH "OPTIONS" >+.TP >+\fB\-a\fR, \fB\-\-add\fR=\fIuser1,user2,...usern\fR >+Add one or more users to the group >+ >+.TP >+\fB\-d\fR, \fB\-\-description\fR=\fIdescription\fR >+Modify the description of the group >+ >+.TP >+\fB\-r\fR, \fB\-\-remove\fR=\fIuser1,user2,...usern\fR >+Remove one or more users from the group >+ >+.TP >+\fB\-\-addattr\fR=\fIattr=value\fR >+Add a new attribute, or value to an existing attribute >+ >+.TP >+\fB\-\-delattr\fR=\fIattr=value\fR >+Remove an attribute and all values >+ >+.TP >+\fB\-\-setattr\fR=\fIattr=value\fR >+Set an attribute to a new value, removing all old ones >+.SH "EXIT STATUS" >+The exit status is 0 on success, nonzero on error. >diff -r fbffe27e5e2b -r f4008faa4726 ipa-admintools/man/ipa-usermod.1 >--- a/ipa-admintools/man/ipa-usermod.1 Fri Jan 25 10:17:37 2008 -0500 >+++ /dev/null Thu Jan 01 00:00:00 1970 +0000 >@@ -1,53 +0,0 @@ >-.\" A man page for ipa-usermod >-.\" Copyright (C) 2007 Red Hat, Inc. >-.\" >-.\" This is free software; you can redistribute it and/or modify it under >-.\" the terms of the GNU Library General Public License as published by >-.\" the Free Software Foundation; either version 2 of the License, or >-.\" (at your option) any later version. >-.\" >-.\" This program is distributed in the hope that it will be useful, but >-.\" WITHOUT ANY WARRANTY; without even the implied warranty of >-.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >-.\" General Public License for more details. >-.\" >-.\" You should have received a copy of the GNU Library General Public >-.\" License along with this program; if not, write to the Free Software >-.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. >-.\" >-.\" Author: Rob Crittenden <rcritten@redhat.com> >-.\" >-.TH "ipa-usermod" "1" "Oct 10 2007" "freeipa" "" >-.SH "NAME" >-ipa\-usermod \- Modify a user >-.SH "SYNOPSIS" >-ipa\-usermod [\fIOPTION\fR]... \fIname\fR >- >-.SH "DESCRIPTION" >-Updates the user \fIname\fR. >-.SH "OPTIONS" >-.TP >-\fB\-a\fR, \fB\-\-add\fR=\fIuser1,user2,...usern\fR >-Add one or more users to the group >- >-.TP >-\fB\-d\fR, \fB\-\-description\fR=\fIdescription\fR >-Modify the description of the group >- >-.TP >-\fB\-r\fR, \fB\-\-remove\fR=\fIuser1,user2,...usern\fR >-Remove one or more users from the group >- >-.TP >-\fB\-\-addattr\fR=\fIattr=value\fR >-Add a new attribute, or value to an existing attribute >- >-.TP >-\fB\-\-delattr\fR=\fIattr=value\fR >-Remove an attribute and all values >- >-.TP >-\fB\-\-setattr\fR=\fIattr=value\fR >-Set an attribute to a new value, removing all old ones >-.SH "EXIT STATUS" >-The exit status is 0 on success, nonzero on error. >diff -r fbffe27e5e2b -r f4008faa4726 ipa-radius-admintools/Makefile >--- a/ipa-radius-admintools/Makefile Fri Jan 25 10:17:37 2008 -0500 >+++ b/ipa-radius-admintools/Makefile Fri Jan 25 11:23:12 2008 -0500 >@@ -5,11 +5,11 @@ all: ; > > install: > install -m 755 ipa-addradiusclient $(SBINDIR) >- install -m 755 ipa-radiusclientmod $(SBINDIR) >+ install -m 755 ipa-modradiusclient $(SBINDIR) > install -m 755 ipa-delradiusclient $(SBINDIR) > install -m 755 ipa-findradiusclient $(SBINDIR) > install -m 755 ipa-addradiusprofile $(SBINDIR) >- install -m 755 ipa-radiusprofilemod $(SBINDIR) >+ install -m 755 ipa-modradiusprofile $(SBINDIR) > install -m 755 ipa-delradiusprofile $(SBINDIR) > install -m 755 ipa-findradiusprofile $(SBINDIR) > >diff -r fbffe27e5e2b -r f4008faa4726 ipa-radius-admintools/ipa-modradiusclient >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/ipa-radius-admintools/ipa-modradiusclient Fri Jan 25 11:23:12 2008 -0500 >@@ -0,0 +1,273 @@ >+#! /usr/bin/python -E >+# Authors: John Dennis <jdennis@redhat.com> >+# >+# Copyright (C) 2007 Red Hat >+# see file 'COPYING' for use and warranty information >+# >+# This program is free software; you can redistribute it and/or >+# modify it under the terms of the GNU General Public License as >+# published by the Free Software Foundation; version 2 only >+# >+# This program is distributed in the hope that it will be useful, >+# but WITHOUT ANY WARRANTY; without even the implied warranty of >+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+# GNU General Public License for more details. >+# >+# You should have received a copy of the GNU General Public License >+# along with this program; if not, write to the Free Software >+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA >+# >+ >+import sys >+import os >+from optparse import OptionParser >+from sets import Set >+ >+import ipa.ipaclient as ipaclient >+import ipa.ipautil as ipautil >+import ipa.config >+import ipa.ipaerror >+import ipa.radius_util as radius_util >+ >+import xmlrpclib >+import kerberos >+import ldap >+ >+#------------------------------------------------------------------------------ >+ >+radius_attrs = radius_util.radius_client_attr_to_ldap_attr.keys() >+radius_attr_to_ldap_attr = radius_util.radius_client_attr_to_ldap_attr >+ldap_attr_to_radius_attr = radius_util.radius_client_ldap_attr_to_radius_attr >+mandatory_radius_attrs = ['Client-IP-Address', 'Secret'] >+distinguished_attr = 'Client-IP-Address' >+ >+#------------------------------------------------------------------------------ >+ >+def help_option_callback(option, opt_str, value, parser, *args, **kwargs): >+ parser.print_help() >+ print >+ print "Valid interative attributes are:" >+ print ipautil.format_list(radius_attrs, quote='"') >+ print >+ print "Required attributes are:" >+ print ipautil.format_list(mandatory_radius_attrs, quote='"') >+ sys.exit(0) >+ >+def main(): >+ opt_parser = OptionParser(add_help_option=False) >+ >+ opt_parser.add_option("-a", "--Client-IP-Address", dest="ip_addr", >+ help="RADIUS client ip address") >+ opt_parser.add_option("-s", "--Secret", dest="secret", >+ help="RADIUS client ip address") >+ opt_parser.add_option("-n", "--Name", dest="name", >+ help="RADIUS client name") >+ opt_parser.add_option("-t", "--NAS-Type", dest="nastype", >+ help="RADIUS client NAS Type") >+ opt_parser.add_option("-d", "--Description", dest="desc", >+ help="description of the RADIUS client") >+ >+ opt_parser.add_option("-D", "--delete-attrs", dest="delete_attrs", action='store_true', default=False, >+ help="delete the specified attributes") >+ opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback, >+ help="detailed help information") >+ opt_parser.add_option("-i", "--interactive", dest="interactive", action='store_true', default=False, >+ help="interactive mode, prompts with auto-completion") >+ opt_parser.add_option("-A", "--attr", dest="attrs", action='append', >+ help="If adding or modifying then this argument specifies one or more attribute=value pair(s), value may be optionally quoted, pairs are seperated by whitespace. If deleting attributes then this argument specifies one or more attribute names seperated by whitespace or commas") >+ opt_parser.add_option("-f", "--file", dest="data_file", >+ help="If adding or modifying then attribute=value pair(s) are read from file, value may be optionally quoted, pairs are delimited by whitespace. If deleting attributes then attributes are read from file, attributes are seperated by whitespace or commas. Reads from stdin if file is -") >+ opt_parser.add_option("-v", "--verbose", dest="verbose", action='store_true', >+ help="print information") >+ >+ opt_parser.set_usage("Usage: %s [options] %s" % (distinguished_attr, os.path.basename(sys.argv[0]))) >+ >+ args = ipa.config.init_config(sys.argv) >+ options, args = opt_parser.parse_args(args) >+ >+ if len(args) < 2: >+ opt_parser.error('missing %s' % (distinguished_attr)) >+ >+ ip_addr = args[1] >+ >+ # Verify entity previously exists and get current values >+ ipa_client = ipaclient.IPAClient() >+ try: >+ radius_entity = ipa_client.get_radius_client_by_ip_addr(ip_addr) >+ except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_NOT_FOUND): >+ print "client %s not found" % ip_addr >+ return 1 >+ except ipa.ipaerror.IPAError, e: >+ print "%s" % e.message >+ return 1 >+ except kerberos.GSSError, e: >+ print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >+ return 1 >+ >+ # Deleteing attributes is fundamentally different than adding/modifying an attribute. >+ # When adding/modifying there is always a value the attribute is paired with, >+ # so handle the two cases independently. >+ if options.delete_attrs: >+ attrs = Set() >+ # Get attrs from a file or stdin >+ if options.data_file: >+ try: >+ items = ipautil.read_items_file(options.data_file) >+ attrs.update(items) >+ except Exception, e: >+ print "ERROR, could not read attrs (%s)" % (e) >+ >+ # Get attrs specified on the command line as a named argument >+ if options.secret is not None: attrs.add('Secret') >+ if options.name is not None: attrs.add('Name') >+ if options.nastype is not None: attrs.add('NAS-Type') >+ if options.desc is not None: attrs.add('Description') >+ >+ # Get attrs specified on the command line as a attr argument >+ if options.attrs: >+ for a in options.attrs: >+ items = ipautil.parse_items(a) >+ attrs.update(items) >+ >+ # Get attrs interactively >+ if options.interactive: >+ deletable_attrs = [] >+ for radius_attr in radius_attrs: >+ if radius_attr in mandatory_radius_attrs: continue >+ if radius_entity.hasAttr(radius_attr_to_ldap_attr[radius_attr]): >+ deletable_attrs.append(radius_attr) >+ >+ if deletable_attrs: >+ c = ipautil.ItemCompleter(deletable_attrs) >+ c.open() >+ items = c.get_items("Enter: ") >+ attrs.update(items) >+ c.close() >+ >+ # Data collection done, assure no mandatory attrs are in the delete list >+ valid = True >+ for attr in mandatory_radius_attrs: >+ if attr in attrs: >+ valid = False >+ print "ERROR, %s is mandatory, but is set to be deleted" % (attr) >+ if not valid: >+ return 1 >+ >+ # Make sure each attribute is a member of the set of valid attributes >+ valid = True >+ for attr in attrs: >+ if attr not in radius_attrs: >+ valid = False >+ print "ERROR, %s is not a valid attribute" % (attr) >+ if not valid: >+ print "Valid attributes are:" >+ print ipautil.format_list(radius_attrs, quote='"') >+ return 1 >+ >+ # Dump what we've got so far >+ if options.verbose: >+ print "Attributes:" >+ for attr in attrs: >+ print "\t%s" % (attr) >+ >+ for attr in attrs: >+ radius_entity.delValue(radius_attr_to_ldap_attr[attr]) >+ >+ else: >+ pairs = {} >+ pairs[distinguished_attr] = ip_addr >+ >+ # Populate the pair list with pre-existing values >+ for attr in radius_attrs: >+ value = radius_entity.getValues(radius_attr_to_ldap_attr[attr]) >+ if value is None: continue >+ pairs[attr] = value >+ >+ # Get pairs from a file or stdin >+ if options.data_file: >+ try: >+ av = ipautil.read_pairs_file(options.data_file) >+ pairs.update(av) >+ except Exception, e: >+ print "ERROR, could not read pairs (%s)" % (e) >+ >+ # Get pairs specified on the command line as a named argument >+ if options.ip_addr is not None: pairs[distinguished_attr] = options.ip_addr >+ if options.secret is not None: pairs['Secret'] = options.secret >+ if options.name is not None: pairs['Name'] = options.name >+ if options.nastype is not None: pairs['NAS-Type'] = options.nastype >+ if options.desc is not None: pairs['Description'] = options.desc >+ >+ # Get pairs specified on the command line as a pair argument >+ if options.attrs: >+ for p in options.attrs: >+ av = ipautil.parse_key_value_pairs(p) >+ pairs.update(av) >+ >+ # Get pairs interactively >+ if options.interactive: >+ prompted_attrs = radius_attrs[:] >+ prompted_attrs.remove(distinguished_attr) >+ c = ipautil.AttributeValueCompleter(prompted_attrs, pairs) >+ c.open() >+ av = c.get_pairs("Enter: ", validate_callback=radius_util.validate) >+ pairs.update(av) >+ c.close() >+ >+ # FIXME: validation should be moved to xmlrpc server >+ >+ # Data collection done, assure mandatory data has been specified >+ >+ if pairs.has_key(distinguished_attr) and pairs[distinguished_attr] != ip_addr: >+ print "ERROR, %s specified on command line (%s) does not match value found in pairs (%s)" % \ >+ (distinguished_attr, ip_addr, pairs[distinguished_attr]) >+ return 1 >+ >+ # Make sure each attribute is a member of the set of valid attributes >+ valid = True >+ for attr,value in pairs.items(): >+ if attr not in radius_attrs: >+ valid = False >+ print "ERROR, %s is not a valid attribute" % (attr) >+ if not valid: >+ print "Valid attributes are:" >+ print ipautil.format_list(radius_attrs, quote='"') >+ return 1 >+ >+ # Makse sure each value is valid >+ valid = True >+ for attr,value in pairs.items(): >+ if not radius_util.validate(attr, value): >+ valid = False >+ if not valid: >+ return 1 >+ >+ # Dump what we've got so far >+ if options.verbose: >+ print "Pairs:" >+ for attr,value in pairs.items(): >+ print "\t%s = %s" % (attr, value) >+ >+ for attr,value in pairs.items(): >+ radius_entity.setValue(radius_attr_to_ldap_attr[attr], value) >+ >+ try: >+ ipa_client.update_radius_client(radius_entity) >+ print "successfully modified" >+ except xmlrpclib.Fault, f: >+ print f.faultString >+ return 1 >+ except kerberos.GSSError, e: >+ print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >+ return 1 >+ except xmlrpclib.ProtocolError, e: >+ print "Unable to connect to IPA server: %s" % (e.errmsg) >+ return 1 >+ except ipa.ipaerror.IPAError, e: >+ print "%s" % (e.message) >+ return 1 >+ >+ return 0 >+ >+if __name__ == "__main__": >+ sys.exit(main()) >diff -r fbffe27e5e2b -r f4008faa4726 ipa-radius-admintools/ipa-modradiusprofile >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/ipa-radius-admintools/ipa-modradiusprofile Fri Jan 25 11:23:12 2008 -0500 >@@ -0,0 +1,263 @@ >+#! /usr/bin/python -E >+# Authors: John Dennis <jdennis@redhat.com> >+# >+# Copyright (C) 2007 Red Hat >+# see file 'COPYING' for use and warranty information >+# >+# This program is free software; you can redistribute it and/or >+# modify it under the terms of the GNU General Public License as >+# published by the Free Software Foundation; version 2 only >+# >+# This program is distributed in the hope that it will be useful, >+# but WITHOUT ANY WARRANTY; without even the implied warranty of >+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+# GNU General Public License for more details. >+# >+# You should have received a copy of the GNU General Public License >+# along with this program; if not, write to the Free Software >+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA >+# >+ >+import sys >+import os >+from optparse import OptionParser >+from sets import Set >+ >+import ipa.ipaclient as ipaclient >+import ipa.ipautil as ipautil >+import ipa.config >+import ipa.ipaerror >+import ipa.radius_util as radius_util >+ >+import xmlrpclib >+import kerberos >+import ldap >+ >+#------------------------------------------------------------------------------ >+ >+radius_attrs = radius_util.radius_profile_attr_to_ldap_attr.keys() >+radius_attr_to_ldap_attr = radius_util.radius_profile_attr_to_ldap_attr >+ldap_attr_to_radius_attr = radius_util.radius_profile_ldap_attr_to_radius_attr >+mandatory_radius_attrs = ['UID'] >+distinguished_attr = 'UID' >+ >+#------------------------------------------------------------------------------ >+ >+def help_option_callback(option, opt_str, value, parser, *args, **kwargs): >+ parser.print_help() >+ print >+ print "Valid interative attributes are:" >+ print ipautil.format_list(radius_attrs, quote='"') >+ print >+ print "Required attributes are:" >+ print ipautil.format_list(mandatory_radius_attrs, quote='"') >+ sys.exit(0) >+ >+def main(): >+ opt_parser = OptionParser(add_help_option=False) >+ >+ opt_parser.add_option("-u", "--uid", dest="uid", >+ help="RADIUS profile identifier") >+ opt_parser.add_option("-s", "--shared", dest="shared", default=False, action='store_true', >+ help="profile is shared") >+ opt_parser.add_option("-d", "--Description", dest="desc", >+ help="description of the RADIUS client") >+ >+ opt_parser.add_option("-D", "--delete-attrs", dest="delete_attrs", action='store_true', default=False, >+ help="delete the specified attributes") >+ opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback, >+ help="detailed help information") >+ opt_parser.add_option("-i", "--interactive", dest="interactive", action='store_true', default=False, >+ help="interactive mode, prompts with auto-completion") >+ opt_parser.add_option("-A", "--attr", dest="attrs", action='append', >+ help="If adding or modifying then this argument specifies one or more attribute=value pair(s), value may be optionally quoted, pairs are seperated by whitespace. If deleting attributes then this argument specifies one or more attribute names seperated by whitespace or commas") >+ opt_parser.add_option("-f", "--file", dest="data_file", >+ help="If adding or modifying then attribute=value pair(s) are read from file, value may be optionally quoted, pairs are delimited by whitespace. If deleting attributes then attributes are read from file, attributes are seperated by whitespace or commas. Reads from stdin if file is -") >+ opt_parser.add_option("-v", "--verbose", dest="verbose", action='store_true', >+ help="print information") >+ >+ opt_parser.set_usage("Usage: %s [options] %s" % (distinguished_attr, os.path.basename(sys.argv[0]))) >+ >+ args = ipa.config.init_config(sys.argv) >+ options, args = opt_parser.parse_args(args) >+ >+ if len(args) < 2: >+ opt_parser.error('missing %s' % (distinguished_attr)) >+ >+ uid = args[1] >+ user_profile = not options.shared >+ >+ # Verify entity previously exists and get current values >+ ipa_client = ipaclient.IPAClient() >+ try: >+ radius_entity = ipa_client.get_radius_profile_by_uid(uid, user_profile) >+ except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_NOT_FOUND): >+ print "profile %s not found" % uid >+ return 1 >+ except ipa.ipaerror.IPAError, e: >+ print "%s" % e.message >+ return 1 >+ except kerberos.GSSError, e: >+ print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >+ return 1 >+ >+ # Deleteing attributes is fundamentally different than adding/modifying an attribute. >+ # When adding/modifying there is always a value the attribute is paired with, >+ # so handle the two cases independently. >+ if options.delete_attrs: >+ attrs = Set() >+ # Get attrs from a file or stdin >+ if options.data_file: >+ try: >+ items = ipautil.read_items_file(options.data_file) >+ attrs.update(items) >+ except Exception, e: >+ print "ERROR, could not read attrs (%s)" % (e) >+ >+ # Get attrs specified on the command line as a named argument >+ if options.desc is not None: attrs.add('Description') >+ >+ # Get attrs specified on the command line as a attr argument >+ if options.attrs: >+ for a in options.attrs: >+ items = ipautil.parse_items(a) >+ attrs.update(items) >+ >+ # Get attrs interactively >+ if options.interactive: >+ deletable_attrs = [] >+ for radius_attr in radius_attrs: >+ if radius_attr in mandatory_radius_attrs: continue >+ if radius_entity.hasAttr(radius_attr_to_ldap_attr[radius_attr]): >+ deletable_attrs.append(radius_attr) >+ >+ if deletable_attrs: >+ c = ipautil.ItemCompleter(deletable_attrs) >+ c.open() >+ items = c.get_items("Enter: ") >+ attrs.update(items) >+ c.close() >+ >+ # Data collection done, assure no mandatory attrs are in the delete list >+ valid = True >+ for attr in mandatory_radius_attrs: >+ if attr in attrs: >+ valid = False >+ print "ERROR, %s is mandatory, but is set to be deleted" % (attr) >+ if not valid: >+ return 1 >+ >+ # Make sure each attribute is a member of the set of valid attributes >+ valid = True >+ for attr in attrs: >+ if attr not in radius_attrs: >+ valid = False >+ print "ERROR, %s is not a valid attribute" % (attr) >+ if not valid: >+ print "Valid attributes are:" >+ print ipautil.format_list(radius_attrs, quote='"') >+ return 1 >+ >+ # Dump what we've got so far >+ if options.verbose: >+ print "Attributes:" >+ for attr in attrs: >+ print "\t%s" % (attr) >+ >+ for attr in attrs: >+ radius_entity.delValue(radius_attr_to_ldap_attr[attr]) >+ >+ else: >+ pairs = {} >+ pairs[distinguished_attr] = uid >+ >+ # Populate the pair list with pre-existing values >+ for attr in radius_attrs: >+ value = radius_entity.getValues(radius_attr_to_ldap_attr[attr]) >+ if value is None: continue >+ pairs[attr] = value >+ >+ # Get pairs from a file or stdin >+ if options.data_file: >+ try: >+ av = ipautil.read_pairs_file(options.data_file) >+ pairs.update(av) >+ except Exception, e: >+ print "ERROR, could not read pairs (%s)" % (e) >+ >+ # Get pairs specified on the command line as a named argument >+ if options.desc is not None: pairs['Description'] = options.desc >+ >+ # Get pairs specified on the command line as a pair argument >+ if options.attrs: >+ for p in options.attrs: >+ av = ipautil.parse_key_value_pairs(p) >+ pairs.update(av) >+ >+ # Get pairs interactively >+ if options.interactive: >+ prompted_attrs = radius_attrs[:] >+ prompted_attrs.remove(distinguished_attr) >+ c = ipautil.AttributeValueCompleter(prompted_attrs, pairs) >+ c.open() >+ av = c.get_pairs("Enter: ", validate_callback=radius_util.validate) >+ pairs.update(av) >+ c.close() >+ >+ # FIXME: validation should be moved to xmlrpc server >+ >+ # Data collection done, assure mandatory data has been specified >+ >+ if pairs.has_key(distinguished_attr) and pairs[distinguished_attr] != uid: >+ print "ERROR, %s specified on command line (%s) does not match value found in pairs (%s)" % \ >+ (distinguished_attr, uid, pairs[distinguished_attr]) >+ return 1 >+ >+ # Make sure each attribute is a member of the set of valid attributes >+ valid = True >+ for attr,value in pairs.items(): >+ if attr not in radius_attrs: >+ valid = False >+ print "ERROR, %s is not a valid attribute" % (attr) >+ if not valid: >+ print "Valid attributes are:" >+ print ipautil.format_list(radius_attrs, quote='"') >+ return 1 >+ >+ # Makse sure each value is valid >+ valid = True >+ for attr,value in pairs.items(): >+ if not radius_util.validate(attr, value): >+ valid = False >+ if not valid: >+ return 1 >+ >+ # Dump what we've got so far >+ if options.verbose: >+ print "Pairs:" >+ for attr,value in pairs.items(): >+ print "\t%s = %s" % (attr, value) >+ >+ for attr,value in pairs.items(): >+ radius_entity.setValue(radius_attr_to_ldap_attr[attr], value) >+ >+ try: >+ ipa_client.update_radius_profile(radius_entity) >+ print "successfully modified" >+ except xmlrpclib.Fault, f: >+ print f.faultString >+ return 1 >+ except kerberos.GSSError, e: >+ print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >+ return 1 >+ except xmlrpclib.ProtocolError, e: >+ print "Unable to connect to IPA server: %s" % (e.errmsg) >+ return 1 >+ except ipa.ipaerror.IPAError, e: >+ print "%s" % (e.message) >+ return 1 >+ >+ return 0 >+ >+if __name__ == "__main__": >+ sys.exit(main()) >diff -r fbffe27e5e2b -r f4008faa4726 ipa-radius-admintools/ipa-radiusclientmod >--- a/ipa-radius-admintools/ipa-radiusclientmod Fri Jan 25 10:17:37 2008 -0500 >+++ /dev/null Thu Jan 01 00:00:00 1970 +0000 >@@ -1,273 +0,0 @@ >-#! /usr/bin/python -E >-# Authors: John Dennis <jdennis@redhat.com> >-# >-# Copyright (C) 2007 Red Hat >-# see file 'COPYING' for use and warranty information >-# >-# This program is free software; you can redistribute it and/or >-# modify it under the terms of the GNU General Public License as >-# published by the Free Software Foundation; version 2 only >-# >-# This program is distributed in the hope that it will be useful, >-# but WITHOUT ANY WARRANTY; without even the implied warranty of >-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >-# GNU General Public License for more details. >-# >-# You should have received a copy of the GNU General Public License >-# along with this program; if not, write to the Free Software >-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA >-# >- >-import sys >-import os >-from optparse import OptionParser >-from sets import Set >- >-import ipa.ipaclient as ipaclient >-import ipa.ipautil as ipautil >-import ipa.config >-import ipa.ipaerror >-import ipa.radius_util as radius_util >- >-import xmlrpclib >-import kerberos >-import ldap >- >-#------------------------------------------------------------------------------ >- >-radius_attrs = radius_util.radius_client_attr_to_ldap_attr.keys() >-radius_attr_to_ldap_attr = radius_util.radius_client_attr_to_ldap_attr >-ldap_attr_to_radius_attr = radius_util.radius_client_ldap_attr_to_radius_attr >-mandatory_radius_attrs = ['Client-IP-Address', 'Secret'] >-distinguished_attr = 'Client-IP-Address' >- >-#------------------------------------------------------------------------------ >- >-def help_option_callback(option, opt_str, value, parser, *args, **kwargs): >- parser.print_help() >- print >- print "Valid interative attributes are:" >- print ipautil.format_list(radius_attrs, quote='"') >- print >- print "Required attributes are:" >- print ipautil.format_list(mandatory_radius_attrs, quote='"') >- sys.exit(0) >- >-def main(): >- opt_parser = OptionParser(add_help_option=False) >- >- opt_parser.add_option("-a", "--Client-IP-Address", dest="ip_addr", >- help="RADIUS client ip address") >- opt_parser.add_option("-s", "--Secret", dest="secret", >- help="RADIUS client ip address") >- opt_parser.add_option("-n", "--Name", dest="name", >- help="RADIUS client name") >- opt_parser.add_option("-t", "--NAS-Type", dest="nastype", >- help="RADIUS client NAS Type") >- opt_parser.add_option("-d", "--Description", dest="desc", >- help="description of the RADIUS client") >- >- opt_parser.add_option("-D", "--delete-attrs", dest="delete_attrs", action='store_true', default=False, >- help="delete the specified attributes") >- opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback, >- help="detailed help information") >- opt_parser.add_option("-i", "--interactive", dest="interactive", action='store_true', default=False, >- help="interactive mode, prompts with auto-completion") >- opt_parser.add_option("-A", "--attr", dest="attrs", action='append', >- help="If adding or modifying then this argument specifies one or more attribute=value pair(s), value may be optionally quoted, pairs are seperated by whitespace. If deleting attributes then this argument specifies one or more attribute names seperated by whitespace or commas") >- opt_parser.add_option("-f", "--file", dest="data_file", >- help="If adding or modifying then attribute=value pair(s) are read from file, value may be optionally quoted, pairs are delimited by whitespace. If deleting attributes then attributes are read from file, attributes are seperated by whitespace or commas. Reads from stdin if file is -") >- opt_parser.add_option("-v", "--verbose", dest="verbose", action='store_true', >- help="print information") >- >- opt_parser.set_usage("Usage: %s [options] %s" % (distinguished_attr, os.path.basename(sys.argv[0]))) >- >- args = ipa.config.init_config(sys.argv) >- options, args = opt_parser.parse_args(args) >- >- if len(args) < 2: >- opt_parser.error('missing %s' % (distinguished_attr)) >- >- ip_addr = args[1] >- >- # Verify entity previously exists and get current values >- ipa_client = ipaclient.IPAClient() >- try: >- radius_entity = ipa_client.get_radius_client_by_ip_addr(ip_addr) >- except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_NOT_FOUND): >- print "client %s not found" % ip_addr >- return 1 >- except ipa.ipaerror.IPAError, e: >- print "%s" % e.message >- return 1 >- except kerberos.GSSError, e: >- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >- return 1 >- >- # Deleteing attributes is fundamentally different than adding/modifying an attribute. >- # When adding/modifying there is always a value the attribute is paired with, >- # so handle the two cases independently. >- if options.delete_attrs: >- attrs = Set() >- # Get attrs from a file or stdin >- if options.data_file: >- try: >- items = ipautil.read_items_file(options.data_file) >- attrs.update(items) >- except Exception, e: >- print "ERROR, could not read attrs (%s)" % (e) >- >- # Get attrs specified on the command line as a named argument >- if options.secret is not None: attrs.add('Secret') >- if options.name is not None: attrs.add('Name') >- if options.nastype is not None: attrs.add('NAS-Type') >- if options.desc is not None: attrs.add('Description') >- >- # Get attrs specified on the command line as a attr argument >- if options.attrs: >- for a in options.attrs: >- items = ipautil.parse_items(a) >- attrs.update(items) >- >- # Get attrs interactively >- if options.interactive: >- deletable_attrs = [] >- for radius_attr in radius_attrs: >- if radius_attr in mandatory_radius_attrs: continue >- if radius_entity.hasAttr(radius_attr_to_ldap_attr[radius_attr]): >- deletable_attrs.append(radius_attr) >- >- if deletable_attrs: >- c = ipautil.ItemCompleter(deletable_attrs) >- c.open() >- items = c.get_items("Enter: ") >- attrs.update(items) >- c.close() >- >- # Data collection done, assure no mandatory attrs are in the delete list >- valid = True >- for attr in mandatory_radius_attrs: >- if attr in attrs: >- valid = False >- print "ERROR, %s is mandatory, but is set to be deleted" % (attr) >- if not valid: >- return 1 >- >- # Make sure each attribute is a member of the set of valid attributes >- valid = True >- for attr in attrs: >- if attr not in radius_attrs: >- valid = False >- print "ERROR, %s is not a valid attribute" % (attr) >- if not valid: >- print "Valid attributes are:" >- print ipautil.format_list(radius_attrs, quote='"') >- return 1 >- >- # Dump what we've got so far >- if options.verbose: >- print "Attributes:" >- for attr in attrs: >- print "\t%s" % (attr) >- >- for attr in attrs: >- radius_entity.delValue(radius_attr_to_ldap_attr[attr]) >- >- else: >- pairs = {} >- pairs[distinguished_attr] = ip_addr >- >- # Populate the pair list with pre-existing values >- for attr in radius_attrs: >- value = radius_entity.getValues(radius_attr_to_ldap_attr[attr]) >- if value is None: continue >- pairs[attr] = value >- >- # Get pairs from a file or stdin >- if options.data_file: >- try: >- av = ipautil.read_pairs_file(options.data_file) >- pairs.update(av) >- except Exception, e: >- print "ERROR, could not read pairs (%s)" % (e) >- >- # Get pairs specified on the command line as a named argument >- if options.ip_addr is not None: pairs[distinguished_attr] = options.ip_addr >- if options.secret is not None: pairs['Secret'] = options.secret >- if options.name is not None: pairs['Name'] = options.name >- if options.nastype is not None: pairs['NAS-Type'] = options.nastype >- if options.desc is not None: pairs['Description'] = options.desc >- >- # Get pairs specified on the command line as a pair argument >- if options.attrs: >- for p in options.attrs: >- av = ipautil.parse_key_value_pairs(p) >- pairs.update(av) >- >- # Get pairs interactively >- if options.interactive: >- prompted_attrs = radius_attrs[:] >- prompted_attrs.remove(distinguished_attr) >- c = ipautil.AttributeValueCompleter(prompted_attrs, pairs) >- c.open() >- av = c.get_pairs("Enter: ", validate_callback=radius_util.validate) >- pairs.update(av) >- c.close() >- >- # FIXME: validation should be moved to xmlrpc server >- >- # Data collection done, assure mandatory data has been specified >- >- if pairs.has_key(distinguished_attr) and pairs[distinguished_attr] != ip_addr: >- print "ERROR, %s specified on command line (%s) does not match value found in pairs (%s)" % \ >- (distinguished_attr, ip_addr, pairs[distinguished_attr]) >- return 1 >- >- # Make sure each attribute is a member of the set of valid attributes >- valid = True >- for attr,value in pairs.items(): >- if attr not in radius_attrs: >- valid = False >- print "ERROR, %s is not a valid attribute" % (attr) >- if not valid: >- print "Valid attributes are:" >- print ipautil.format_list(radius_attrs, quote='"') >- return 1 >- >- # Makse sure each value is valid >- valid = True >- for attr,value in pairs.items(): >- if not radius_util.validate(attr, value): >- valid = False >- if not valid: >- return 1 >- >- # Dump what we've got so far >- if options.verbose: >- print "Pairs:" >- for attr,value in pairs.items(): >- print "\t%s = %s" % (attr, value) >- >- for attr,value in pairs.items(): >- radius_entity.setValue(radius_attr_to_ldap_attr[attr], value) >- >- try: >- ipa_client.update_radius_client(radius_entity) >- print "successfully modified" >- except xmlrpclib.Fault, f: >- print f.faultString >- return 1 >- except kerberos.GSSError, e: >- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >- return 1 >- except xmlrpclib.ProtocolError, e: >- print "Unable to connect to IPA server: %s" % (e.errmsg) >- return 1 >- except ipa.ipaerror.IPAError, e: >- print "%s" % (e.message) >- return 1 >- >- return 0 >- >-if __name__ == "__main__": >- sys.exit(main()) >diff -r fbffe27e5e2b -r f4008faa4726 ipa-radius-admintools/ipa-radiusprofilemod >--- a/ipa-radius-admintools/ipa-radiusprofilemod Fri Jan 25 10:17:37 2008 -0500 >+++ /dev/null Thu Jan 01 00:00:00 1970 +0000 >@@ -1,263 +0,0 @@ >-#! /usr/bin/python -E >-# Authors: John Dennis <jdennis@redhat.com> >-# >-# Copyright (C) 2007 Red Hat >-# see file 'COPYING' for use and warranty information >-# >-# This program is free software; you can redistribute it and/or >-# modify it under the terms of the GNU General Public License as >-# published by the Free Software Foundation; version 2 only >-# >-# This program is distributed in the hope that it will be useful, >-# but WITHOUT ANY WARRANTY; without even the implied warranty of >-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >-# GNU General Public License for more details. >-# >-# You should have received a copy of the GNU General Public License >-# along with this program; if not, write to the Free Software >-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA >-# >- >-import sys >-import os >-from optparse import OptionParser >-from sets import Set >- >-import ipa.ipaclient as ipaclient >-import ipa.ipautil as ipautil >-import ipa.config >-import ipa.ipaerror >-import ipa.radius_util as radius_util >- >-import xmlrpclib >-import kerberos >-import ldap >- >-#------------------------------------------------------------------------------ >- >-radius_attrs = radius_util.radius_profile_attr_to_ldap_attr.keys() >-radius_attr_to_ldap_attr = radius_util.radius_profile_attr_to_ldap_attr >-ldap_attr_to_radius_attr = radius_util.radius_profile_ldap_attr_to_radius_attr >-mandatory_radius_attrs = ['UID'] >-distinguished_attr = 'UID' >- >-#------------------------------------------------------------------------------ >- >-def help_option_callback(option, opt_str, value, parser, *args, **kwargs): >- parser.print_help() >- print >- print "Valid interative attributes are:" >- print ipautil.format_list(radius_attrs, quote='"') >- print >- print "Required attributes are:" >- print ipautil.format_list(mandatory_radius_attrs, quote='"') >- sys.exit(0) >- >-def main(): >- opt_parser = OptionParser(add_help_option=False) >- >- opt_parser.add_option("-u", "--uid", dest="uid", >- help="RADIUS profile identifier") >- opt_parser.add_option("-s", "--shared", dest="shared", default=False, action='store_true', >- help="profile is shared") >- opt_parser.add_option("-d", "--Description", dest="desc", >- help="description of the RADIUS client") >- >- opt_parser.add_option("-D", "--delete-attrs", dest="delete_attrs", action='store_true', default=False, >- help="delete the specified attributes") >- opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback, >- help="detailed help information") >- opt_parser.add_option("-i", "--interactive", dest="interactive", action='store_true', default=False, >- help="interactive mode, prompts with auto-completion") >- opt_parser.add_option("-A", "--attr", dest="attrs", action='append', >- help="If adding or modifying then this argument specifies one or more attribute=value pair(s), value may be optionally quoted, pairs are seperated by whitespace. If deleting attributes then this argument specifies one or more attribute names seperated by whitespace or commas") >- opt_parser.add_option("-f", "--file", dest="data_file", >- help="If adding or modifying then attribute=value pair(s) are read from file, value may be optionally quoted, pairs are delimited by whitespace. If deleting attributes then attributes are read from file, attributes are seperated by whitespace or commas. Reads from stdin if file is -") >- opt_parser.add_option("-v", "--verbose", dest="verbose", action='store_true', >- help="print information") >- >- opt_parser.set_usage("Usage: %s [options] %s" % (distinguished_attr, os.path.basename(sys.argv[0]))) >- >- args = ipa.config.init_config(sys.argv) >- options, args = opt_parser.parse_args(args) >- >- if len(args) < 2: >- opt_parser.error('missing %s' % (distinguished_attr)) >- >- uid = args[1] >- user_profile = not options.shared >- >- # Verify entity previously exists and get current values >- ipa_client = ipaclient.IPAClient() >- try: >- radius_entity = ipa_client.get_radius_profile_by_uid(uid, user_profile) >- except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_NOT_FOUND): >- print "profile %s not found" % uid >- return 1 >- except ipa.ipaerror.IPAError, e: >- print "%s" % e.message >- return 1 >- except kerberos.GSSError, e: >- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >- return 1 >- >- # Deleteing attributes is fundamentally different than adding/modifying an attribute. >- # When adding/modifying there is always a value the attribute is paired with, >- # so handle the two cases independently. >- if options.delete_attrs: >- attrs = Set() >- # Get attrs from a file or stdin >- if options.data_file: >- try: >- items = ipautil.read_items_file(options.data_file) >- attrs.update(items) >- except Exception, e: >- print "ERROR, could not read attrs (%s)" % (e) >- >- # Get attrs specified on the command line as a named argument >- if options.desc is not None: attrs.add('Description') >- >- # Get attrs specified on the command line as a attr argument >- if options.attrs: >- for a in options.attrs: >- items = ipautil.parse_items(a) >- attrs.update(items) >- >- # Get attrs interactively >- if options.interactive: >- deletable_attrs = [] >- for radius_attr in radius_attrs: >- if radius_attr in mandatory_radius_attrs: continue >- if radius_entity.hasAttr(radius_attr_to_ldap_attr[radius_attr]): >- deletable_attrs.append(radius_attr) >- >- if deletable_attrs: >- c = ipautil.ItemCompleter(deletable_attrs) >- c.open() >- items = c.get_items("Enter: ") >- attrs.update(items) >- c.close() >- >- # Data collection done, assure no mandatory attrs are in the delete list >- valid = True >- for attr in mandatory_radius_attrs: >- if attr in attrs: >- valid = False >- print "ERROR, %s is mandatory, but is set to be deleted" % (attr) >- if not valid: >- return 1 >- >- # Make sure each attribute is a member of the set of valid attributes >- valid = True >- for attr in attrs: >- if attr not in radius_attrs: >- valid = False >- print "ERROR, %s is not a valid attribute" % (attr) >- if not valid: >- print "Valid attributes are:" >- print ipautil.format_list(radius_attrs, quote='"') >- return 1 >- >- # Dump what we've got so far >- if options.verbose: >- print "Attributes:" >- for attr in attrs: >- print "\t%s" % (attr) >- >- for attr in attrs: >- radius_entity.delValue(radius_attr_to_ldap_attr[attr]) >- >- else: >- pairs = {} >- pairs[distinguished_attr] = uid >- >- # Populate the pair list with pre-existing values >- for attr in radius_attrs: >- value = radius_entity.getValues(radius_attr_to_ldap_attr[attr]) >- if value is None: continue >- pairs[attr] = value >- >- # Get pairs from a file or stdin >- if options.data_file: >- try: >- av = ipautil.read_pairs_file(options.data_file) >- pairs.update(av) >- except Exception, e: >- print "ERROR, could not read pairs (%s)" % (e) >- >- # Get pairs specified on the command line as a named argument >- if options.desc is not None: pairs['Description'] = options.desc >- >- # Get pairs specified on the command line as a pair argument >- if options.attrs: >- for p in options.attrs: >- av = ipautil.parse_key_value_pairs(p) >- pairs.update(av) >- >- # Get pairs interactively >- if options.interactive: >- prompted_attrs = radius_attrs[:] >- prompted_attrs.remove(distinguished_attr) >- c = ipautil.AttributeValueCompleter(prompted_attrs, pairs) >- c.open() >- av = c.get_pairs("Enter: ", validate_callback=radius_util.validate) >- pairs.update(av) >- c.close() >- >- # FIXME: validation should be moved to xmlrpc server >- >- # Data collection done, assure mandatory data has been specified >- >- if pairs.has_key(distinguished_attr) and pairs[distinguished_attr] != uid: >- print "ERROR, %s specified on command line (%s) does not match value found in pairs (%s)" % \ >- (distinguished_attr, uid, pairs[distinguished_attr]) >- return 1 >- >- # Make sure each attribute is a member of the set of valid attributes >- valid = True >- for attr,value in pairs.items(): >- if attr not in radius_attrs: >- valid = False >- print "ERROR, %s is not a valid attribute" % (attr) >- if not valid: >- print "Valid attributes are:" >- print ipautil.format_list(radius_attrs, quote='"') >- return 1 >- >- # Makse sure each value is valid >- valid = True >- for attr,value in pairs.items(): >- if not radius_util.validate(attr, value): >- valid = False >- if not valid: >- return 1 >- >- # Dump what we've got so far >- if options.verbose: >- print "Pairs:" >- for attr,value in pairs.items(): >- print "\t%s = %s" % (attr, value) >- >- for attr,value in pairs.items(): >- radius_entity.setValue(radius_attr_to_ldap_attr[attr], value) >- >- try: >- ipa_client.update_radius_profile(radius_entity) >- print "successfully modified" >- except xmlrpclib.Fault, f: >- print f.faultString >- return 1 >- except kerberos.GSSError, e: >- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0]) >- return 1 >- except xmlrpclib.ProtocolError, e: >- print "Unable to connect to IPA server: %s" % (e.errmsg) >- return 1 >- except ipa.ipaerror.IPAError, e: >- print "%s" % (e.message) >- return 1 >- >- return 0 >- >-if __name__ == "__main__": >- sys.exit(main())
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=292955">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 430243
: 292955