class service(Object):
takes_params = (
parameters.Str(
'krbprincipalname',
primary_key=True,
label=_(u'Principal'),
doc=_(u'Service principal'),
),
parameters.Bytes(
'usercertificate',
required=False,
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'ipakrbauthzdata',
required=False,
multivalue=True,
label=_(u'PAC type'),
doc=
_(u"Override default list of supported PAC types. Use 'NONE' to disable PAC support for this service"
),
),
parameters.Flag(
'has_keytab',
label=_(u'Keytab'),
),
parameters.Str(
'managedby_host',
label=_(u'Managed by'),
),
)
class service_add_cert(Method):
__doc__ = _("Add new certificates to a service")
takes_args = (
parameters.Str(
'krbprincipalname',
cli_name='principal',
label=_(u'Principal'),
doc=_(u'Service principal'),
no_convert=True,
),
)
takes_options = (
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
alwaysask=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.PrimaryKey(
'value',
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class host_find(Method):
__doc__ = _("Search for hosts.")
takes_args = (
parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
),
)
takes_options = (
parameters.Str(
'fqdn',
required=False,
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
doc=_(u'A description of this host'),
),
parameters.Str(
'l',
required=False,
cli_name='locality',
label=_(u'Locality'),
doc=_(u'Host locality (e.g. "Baltimore, MD")'),
),
parameters.Str(
'nshostlocation',
required=False,
cli_name='location',
label=_(u'Location'),
doc=_(u'Host location (e.g. "Lab 2")'),
),
parameters.Str(
'nshardwareplatform',
required=False,
cli_name='platform',
label=_(u'Platform'),
doc=_(u'Host hardware platform (e.g. "Lenovo T61")'),
),
parameters.Str(
'nsosversion',
required=False,
cli_name='os',
label=_(u'Operating system'),
doc=_(u'Host operating system and version (e.g. "Fedora 9")'),
),
parameters.Str(
'userpassword',
required=False,
cli_name='password',
label=_(u'User password'),
doc=_(u'Password used in bulk enrollment'),
),
parameters.Bytes(
'usercertificate',
required=False,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'macaddress',
required=False,
multivalue=True,
label=_(u'MAC address'),
doc=_(u'Hardware MAC address(es) on this host'),
no_convert=True,
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned'),
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=_(u'Results should contain primary key attribute only ("hostname")'),
default=False,
autofill=True,
),
parameters.Str(
'in_hostgroup',
required=False,
multivalue=True,
cli_name='in_hostgroups',
label=_(u'host group'),
doc=_(u'Search for hosts with these member of host groups.'),
),
parameters.Str(
'not_in_hostgroup',
required=False,
multivalue=True,
cli_name='not_in_hostgroups',
label=_(u'host group'),
doc=_(u'Search for hosts without these member of host groups.'),
),
parameters.Str(
'in_netgroup',
required=False,
multivalue=True,
cli_name='in_netgroups',
label=_(u'netgroup'),
doc=_(u'Search for hosts with these member of netgroups.'),
),
parameters.Str(
'not_in_netgroup',
required=False,
multivalue=True,
cli_name='not_in_netgroups',
label=_(u'netgroup'),
doc=_(u'Search for hosts without these member of netgroups.'),
),
parameters.Str(
'in_role',
required=False,
multivalue=True,
cli_name='in_roles',
label=_(u'role'),
doc=_(u'Search for hosts with these member of roles.'),
),
parameters.Str(
'not_in_role',
required=False,
multivalue=True,
cli_name='not_in_roles',
label=_(u'role'),
doc=_(u'Search for hosts without these member of roles.'),
),
parameters.Str(
'in_hbacrule',
required=False,
multivalue=True,
cli_name='in_hbacrules',
label=_(u'HBAC rule'),
doc=_(u'Search for hosts with these member of HBAC rules.'),
),
parameters.Str(
'not_in_hbacrule',
required=False,
multivalue=True,
cli_name='not_in_hbacrules',
label=_(u'HBAC rule'),
doc=_(u'Search for hosts without these member of HBAC rules.'),
),
parameters.Str(
'in_sudorule',
required=False,
multivalue=True,
cli_name='in_sudorules',
label=_(u'sudo rule'),
doc=_(u'Search for hosts with these member of sudo rules.'),
),
parameters.Str(
'not_in_sudorule',
required=False,
multivalue=True,
cli_name='not_in_sudorules',
label=_(u'sudo rule'),
doc=_(u'Search for hosts without these member of sudo rules.'),
),
parameters.Str(
'enroll_by_user',
required=False,
multivalue=True,
cli_name='enroll_by_users',
label=_(u'user'),
doc=_(u'Search for hosts with these enrolled by users.'),
),
parameters.Str(
'not_enroll_by_user',
required=False,
multivalue=True,
cli_name='not_enroll_by_users',
label=_(u'user'),
doc=_(u'Search for hosts without these enrolled by users.'),
),
parameters.Str(
'man_by_host',
required=False,
multivalue=True,
cli_name='man_by_hosts',
label=_(u'host'),
doc=_(u'Search for hosts with these managed by hosts.'),
),
parameters.Str(
'not_man_by_host',
required=False,
multivalue=True,
cli_name='not_man_by_hosts',
label=_(u'host'),
doc=_(u'Search for hosts without these managed by hosts.'),
),
parameters.Str(
'man_host',
required=False,
multivalue=True,
cli_name='man_hosts',
label=_(u'host'),
doc=_(u'Search for hosts with these managing hosts.'),
),
parameters.Str(
'not_man_host',
required=False,
multivalue=True,
cli_name='not_man_hosts',
label=_(u'host'),
doc=_(u'Search for hosts without these managing hosts.'),
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries(
'result',
),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class host_add(Method):
__doc__ = _("Add a new host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
doc=_(u'A description of this host'),
),
parameters.Str(
'l',
required=False,
cli_name='locality',
label=_(u'Locality'),
doc=_(u'Host locality (e.g. "Baltimore, MD")'),
),
parameters.Str(
'nshostlocation',
required=False,
cli_name='location',
label=_(u'Location'),
doc=_(u'Host location (e.g. "Lab 2")'),
),
parameters.Str(
'nshardwareplatform',
required=False,
cli_name='platform',
label=_(u'Platform'),
doc=_(u'Host hardware platform (e.g. "Lenovo T61")'),
),
parameters.Str(
'nsosversion',
required=False,
cli_name='os',
label=_(u'Operating system'),
doc=_(u'Host operating system and version (e.g. "Fedora 9")'),
),
parameters.Str(
'userpassword',
required=False,
cli_name='password',
label=_(u'User password'),
doc=_(u'Password used in bulk enrollment'),
),
parameters.Flag(
'random',
required=False,
doc=_(u'Generate a random password to be used in bulk enrollment'),
default=False,
autofill=True,
),
parameters.Bytes(
'usercertificate',
required=False,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'macaddress',
required=False,
multivalue=True,
label=_(u'MAC address'),
doc=_(u'Hardware MAC address(es) on this host'),
no_convert=True,
),
parameters.Str(
'ipasshpubkey',
required=False,
multivalue=True,
cli_name='sshpubkey',
label=_(u'SSH public key'),
no_convert=True,
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'),
exclude=('webui',),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'),
exclude=('webui',),
),
parameters.Flag(
'force',
label=_(u'Force'),
doc=_(u'force host name even if not in DNS'),
default=False,
autofill=True,
),
parameters.Flag(
'no_reverse',
doc=_(u'skip reverse DNS detection'),
default=False,
autofill=True,
),
parameters.Str(
'ip_address',
required=False,
label=_(u'IP Address'),
doc=_(u'Add the host to DNS with this IP address'),
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.Output(
'value',
unicode,
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class vault_mod_internal(Method):
NO_CLI = True
takes_args = (parameters.Str(
'cn',
cli_name='name',
label=_(u'Vault name'),
), )
takes_options = (
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
doc=_(u'Vault description'),
),
parameters.Str(
'ipavaulttype',
required=False,
cli_name='type',
cli_metavar="['standard', 'symmetric', 'asymmetric']",
label=_(u'Type'),
doc=_(u'Vault type'),
default=u'symmetric',
),
parameters.Bytes(
'ipavaultsalt',
required=False,
cli_name='salt',
label=_(u'Salt'),
doc=_(u'Vault salt'),
),
parameters.Bytes(
'ipavaultpublickey',
required=False,
cli_name='public_key',
label=_(u'Public key'),
doc=_(u'Vault public key'),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=
_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'
),
exclude=('webui', ),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=
_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'
),
exclude=('webui', ),
),
parameters.Str(
'delattr',
required=False,
multivalue=True,
doc=
_(u'Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.'
),
exclude=('webui', ),
),
parameters.Flag(
'rights',
label=_(u'Rights'),
doc=
_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'
),
default=False,
autofill=True,
),
parameters.Str(
'service',
required=False,
doc=_(u'Service name of the service vault'),
no_convert=True,
),
parameters.Flag(
'shared',
required=False,
doc=_(u'Shared vault'),
default=False,
autofill=True,
),
parameters.Str(
'username',
required=False,
cli_name='user',
doc=_(u'Username of the user vault'),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.PrimaryKey(
'value',
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class vault_archive_internal(Method):
NO_CLI = True
takes_args = (parameters.Str(
'cn',
cli_name='name',
label=_(u'Vault name'),
), )
takes_options = (
parameters.Str(
'service',
required=False,
doc=_(u'Service name of the service vault'),
no_convert=True,
),
parameters.Flag(
'shared',
required=False,
doc=_(u'Shared vault'),
default=False,
autofill=True,
),
parameters.Str(
'username',
required=False,
cli_name='user',
doc=_(u'Username of the user vault'),
),
parameters.Bytes(
'session_key',
doc=_(u'Session key wrapped with transport certificate'),
),
parameters.Bytes(
'vault_data',
doc=_(u'Vault data encrypted with session key'),
),
parameters.Bytes(
'nonce',
doc=_(u'Nonce'),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.PrimaryKey(
'value',
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class vault_add_internal(Method):
NO_CLI = True
takes_args = (parameters.Str(
'cn',
cli_name='name',
label=_(u'Vault name'),
), )
takes_options = (
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
doc=_(u'Vault description'),
),
parameters.Str(
'ipavaulttype',
required=False,
cli_name='type',
cli_metavar="['standard', 'symmetric', 'asymmetric']",
label=_(u'Type'),
doc=_(u'Vault type'),
default=u'symmetric',
autofill=True,
),
parameters.Bytes(
'ipavaultsalt',
required=False,
cli_name='salt',
label=_(u'Salt'),
doc=_(u'Vault salt'),
),
parameters.Bytes(
'ipavaultpublickey',
required=False,
cli_name='public_key',
label=_(u'Public key'),
doc=_(u'Vault public key'),
),
parameters.Str(
'service',
required=False,
doc=_(u'Service name of the service vault'),
no_convert=True,
),
parameters.Flag(
'shared',
required=False,
doc=_(u'Shared vault'),
default=False,
autofill=True,
),
parameters.Str(
'username',
required=False,
cli_name='user',
doc=_(u'Username of the user vault'),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.PrimaryKey(
'value',
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class stageuser(Object):
takes_params = (
parameters.Str(
'uid',
primary_key=True,
label=_(u'User login'),
),
parameters.Str(
'givenname',
label=_(u'First name'),
),
parameters.Str(
'sn',
label=_(u'Last name'),
),
parameters.Str(
'cn',
label=_(u'Full name'),
),
parameters.Str(
'displayname',
required=False,
label=_(u'Display name'),
),
parameters.Str(
'initials',
required=False,
label=_(u'Initials'),
),
parameters.Str(
'homedirectory',
required=False,
label=_(u'Home directory'),
),
parameters.Str(
'gecos',
required=False,
label=_(u'GECOS'),
),
parameters.Str(
'loginshell',
required=False,
label=_(u'Login shell'),
),
parameters.Str(
'krbprincipalname',
required=False,
label=_(u'Kerberos principal'),
),
parameters.DateTime(
'krbprincipalexpiration',
required=False,
label=_(u'Kerberos principal expiration'),
),
parameters.Str(
'mail',
required=False,
multivalue=True,
label=_(u'Email address'),
),
parameters.Password(
'userpassword',
required=False,
label=_(u'Password'),
doc=_(u'Prompt to set the user password'),
exclude=('webui', ),
),
parameters.Flag(
'random',
required=False,
doc=_(u'Generate a random user password'),
),
parameters.Str(
'randompassword',
required=False,
label=_(u'Random password'),
),
parameters.Int(
'uidnumber',
required=False,
label=_(u'UID'),
doc=_(u'User ID Number (system will assign one if not provided)'),
),
parameters.Int(
'gidnumber',
required=False,
label=_(u'GID'),
doc=_(u'Group ID Number'),
),
parameters.Str(
'street',
required=False,
label=_(u'Street address'),
),
parameters.Str(
'l',
required=False,
label=_(u'City'),
),
parameters.Str(
'st',
required=False,
label=_(u'State/Province'),
),
parameters.Str(
'postalcode',
required=False,
label=_(u'ZIP'),
),
parameters.Str(
'telephonenumber',
required=False,
multivalue=True,
label=_(u'Telephone Number'),
),
parameters.Str(
'mobile',
required=False,
multivalue=True,
label=_(u'Mobile Telephone Number'),
),
parameters.Str(
'pager',
required=False,
multivalue=True,
label=_(u'Pager Number'),
),
parameters.Str(
'facsimiletelephonenumber',
required=False,
multivalue=True,
label=_(u'Fax Number'),
),
parameters.Str(
'ou',
required=False,
label=_(u'Org. Unit'),
),
parameters.Str(
'title',
required=False,
label=_(u'Job Title'),
),
parameters.Str(
'manager',
required=False,
label=_(u'Manager'),
),
parameters.Str(
'carlicense',
required=False,
multivalue=True,
label=_(u'Car License'),
),
parameters.Str(
'ipasshpubkey',
required=False,
multivalue=True,
label=_(u'SSH public key'),
),
parameters.Str(
'ipauserauthtype',
required=False,
multivalue=True,
label=_(u'User authentication types'),
doc=_(u'Types of supported user authentication'),
),
parameters.Str(
'userclass',
required=False,
multivalue=True,
label=_(u'Class'),
doc=
_(u'User category (semantics placed on this attribute are for local interpretation)'
),
),
parameters.Str(
'ipatokenradiusconfiglink',
required=False,
label=_(u'RADIUS proxy configuration'),
),
parameters.Str(
'ipatokenradiususername',
required=False,
label=_(u'RADIUS proxy username'),
),
parameters.Str(
'departmentnumber',
required=False,
multivalue=True,
label=_(u'Department Number'),
),
parameters.Str(
'employeenumber',
required=False,
label=_(u'Employee Number'),
),
parameters.Str(
'employeetype',
required=False,
label=_(u'Employee Type'),
),
parameters.Str(
'preferredlanguage',
required=False,
label=_(u'Preferred Language'),
),
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Flag(
'has_password',
label=_(u'Password'),
),
parameters.Str(
'memberof_group',
required=False,
label=_(u'Member of groups'),
),
parameters.Str(
'memberof_role',
required=False,
label=_(u'Roles'),
),
parameters.Str(
'memberof_netgroup',
required=False,
label=_(u'Member of netgroups'),
),
parameters.Str(
'memberof_sudorule',
required=False,
label=_(u'Member of Sudo rule'),
),
parameters.Str(
'memberof_hbacrule',
required=False,
label=_(u'Member of HBAC rule'),
),
parameters.Str(
'memberofindirect_group',
required=False,
label=_(u'Indirect Member of group'),
),
parameters.Str(
'memberofindirect_netgroup',
required=False,
label=_(u'Indirect Member of netgroup'),
),
parameters.Str(
'memberofindirect_role',
required=False,
label=_(u'Indirect Member of role'),
),
parameters.Str(
'memberofindirect_sudorule',
required=False,
label=_(u'Indirect Member of Sudo rule'),
),
parameters.Str(
'memberofindirect_hbacrule',
required=False,
label=_(u'Indirect Member of HBAC rule'),
),
parameters.Flag(
'has_keytab',
label=_(u'Kerberos keys available'),
),
)
class service_mod(Method):
__doc__ = _("Modify an existing IPA service.")
takes_args = (parameters.Str(
'krbprincipalname',
cli_name='principal',
label=_(u'Principal'),
doc=_(u'Service principal'),
no_convert=True,
), )
takes_options = (
parameters.Bytes(
'usercertificate',
required=False,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'ipakrbauthzdata',
required=False,
multivalue=True,
cli_name='pac_type',
cli_metavar="['MS-PAC', 'PAD', 'NONE']",
label=_(u'PAC type'),
doc=
_(u"Override default list of supported PAC types. Use 'NONE' to disable PAC support for this service"
),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=
_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'
),
exclude=('webui', ),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=
_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'
),
exclude=('webui', ),
),
parameters.Str(
'delattr',
required=False,
multivalue=True,
doc=
_(u'Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.'
),
exclude=('webui', ),
),
parameters.Flag(
'rights',
label=_(u'Rights'),
doc=
_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'
),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.Output(
'value',
unicode,
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class host(Object):
takes_params = (
parameters.Str(
'fqdn',
primary_key=True,
label=_(u'Host name'),
),
parameters.Str(
'description',
required=False,
label=_(u'Description'),
doc=_(u'A description of this host'),
),
parameters.Str(
'l',
required=False,
label=_(u'Locality'),
doc=_(u'Host locality (e.g. "Baltimore, MD")'),
),
parameters.Str(
'nshostlocation',
required=False,
label=_(u'Location'),
doc=_(u'Host location (e.g. "Lab 2")'),
),
parameters.Str(
'nshardwareplatform',
required=False,
label=_(u'Platform'),
doc=_(u'Host hardware platform (e.g. "Lenovo T61")'),
),
parameters.Str(
'nsosversion',
required=False,
label=_(u'Operating system'),
doc=_(u'Host operating system and version (e.g. "Fedora 9")'),
),
parameters.Str(
'userpassword',
required=False,
label=_(u'User password'),
doc=_(u'Password used in bulk enrollment'),
),
parameters.Flag(
'random',
required=False,
doc=_(u'Generate a random password to be used in bulk enrollment'),
),
parameters.Str(
'randompassword',
required=False,
label=_(u'Random password'),
),
parameters.Bytes(
'usercertificate',
required=False,
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'krbprincipalname',
required=False,
label=_(u'Principal name'),
),
parameters.Str(
'macaddress',
required=False,
multivalue=True,
label=_(u'MAC address'),
doc=_(u'Hardware MAC address(es) on this host'),
),
parameters.Str(
'ipasshpubkey',
required=False,
multivalue=True,
label=_(u'SSH public key'),
),
parameters.Str(
'userclass',
required=False,
multivalue=True,
label=_(u'Class'),
doc=_(u'Host category (semantics placed on this attribute are for local interpretation)'),
),
parameters.Str(
'ipaassignedidview',
required=False,
label=_(u'Assigned ID View'),
),
parameters.Bool(
'ipakrbrequirespreauth',
required=False,
label=_(u'Requires pre-authentication'),
doc=_(u'Pre-authentication is required for the service'),
),
parameters.Bool(
'ipakrbokasdelegate',
required=False,
label=_(u'Trusted for delegation'),
doc=_(u'Client credentials may be delegated to the service'),
),
parameters.Flag(
'has_password',
label=_(u'Password'),
),
parameters.Str(
'memberof_hostgroup',
required=False,
label=_(u'Member of host-groups'),
),
parameters.Str(
'memberof_role',
required=False,
label=_(u'Roles'),
),
parameters.Str(
'memberof_netgroup',
required=False,
label=_(u'Member of netgroups'),
),
parameters.Str(
'memberof_sudorule',
required=False,
label=_(u'Member of Sudo rule'),
),
parameters.Str(
'memberof_hbacrule',
required=False,
label=_(u'Member of HBAC rule'),
),
parameters.Str(
'memberofindirect_netgroup',
required=False,
label=_(u'Indirect Member of netgroup'),
),
parameters.Str(
'memberofindirect_hostgroup',
required=False,
label=_(u'Indirect Member of host-group'),
),
parameters.Str(
'memberofindirect_role',
required=False,
label=_(u'Indirect Member of role'),
),
parameters.Str(
'memberofindirect_sudorule',
required=False,
label=_(u'Indirect Member of Sudo rule'),
),
parameters.Str(
'memberofindirect_hbacrule',
required=False,
label=_(u'Indirect Member of HBAC rule'),
),
parameters.Flag(
'has_keytab',
label=_(u'Keytab'),
),
parameters.Str(
'managedby_host',
label=_(u'Managed by'),
),
parameters.Str(
'managing_host',
label=_(u'Managing'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_user',
label=_(u'Users allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_group',
label=_(u'Groups allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_host',
label=_(u'Hosts allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_hostgroup',
label=_(u'Host Groups allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_user',
label=_(u'Users allowed to create keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_group',
label=_(u'Groups allowed to create keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_host',
label=_(u'Hosts allowed to create keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_hostgroup',
label=_(u'Host Groups allowed to create keytab'),
),
)
class service(Object):
takes_params = (
parameters.Str(
'krbprincipalname',
primary_key=True,
label=_(u'Principal'),
doc=_(u'Service principal'),
),
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'ipakrbauthzdata',
required=False,
multivalue=True,
label=_(u'PAC type'),
doc=_(u"Override default list of supported PAC types. Use 'NONE' to disable PAC support for this service, e.g. this might be necessary for NFS services."),
),
parameters.Bool(
'ipakrbrequirespreauth',
required=False,
label=_(u'Requires pre-authentication'),
doc=_(u'Pre-authentication is required for the service'),
),
parameters.Bool(
'ipakrbokasdelegate',
required=False,
label=_(u'Trusted for delegation'),
doc=_(u'Client credentials may be delegated to the service'),
),
parameters.Str(
'memberof_role',
required=False,
label=_(u'Roles'),
),
parameters.Flag(
'has_keytab',
label=_(u'Keytab'),
),
parameters.Str(
'managedby_host',
label=_(u'Managed by'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_user',
label=_(u'Users allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_group',
label=_(u'Groups allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_host',
label=_(u'Hosts allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_hostgroup',
label=_(u'Host Groups allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_user',
label=_(u'Users allowed to create keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_group',
label=_(u'Groups allowed to create keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_host',
label=_(u'Hosts allowed to create keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_hostgroup',
label=_(u'Host Groups allowed to create keytab'),
),
)
class service_add(Method):
__doc__ = _("Add a new IPA new service.")
takes_args = (
parameters.Str(
'krbprincipalname',
cli_name='principal',
label=_(u'Principal'),
doc=_(u'Service principal'),
no_convert=True,
),
)
takes_options = (
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'ipakrbauthzdata',
required=False,
multivalue=True,
cli_name='pac_type',
cli_metavar="['MS-PAC', 'PAD', 'NONE']",
label=_(u'PAC type'),
doc=_(u"Override default list of supported PAC types. Use 'NONE' to disable PAC support for this service, e.g. this might be necessary for NFS services."),
),
parameters.Bool(
'ipakrbrequirespreauth',
required=False,
cli_name='requires_pre_auth',
label=_(u'Requires pre-authentication'),
doc=_(u'Pre-authentication is required for the service'),
),
parameters.Bool(
'ipakrbokasdelegate',
required=False,
cli_name='ok_as_delegate',
label=_(u'Trusted for delegation'),
doc=_(u'Client credentials may be delegated to the service'),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'),
exclude=('webui',),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'),
exclude=('webui',),
),
parameters.Flag(
'force',
label=_(u'Force'),
doc=_(u'force principal name even if not in DNS'),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.PrimaryKey(
'value',
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class otptoken(Object):
takes_params = (
parameters.Str(
'ipatokenuniqueid',
primary_key=True,
label=_(u'Unique ID'),
),
parameters.Str(
'type',
required=False,
label=_(u'Type'),
doc=_(u'Type of the token'),
),
parameters.Str(
'description',
required=False,
label=_(u'Description'),
doc=_(u'Token description (informational only)'),
),
parameters.Str(
'ipatokenowner',
required=False,
label=_(u'Owner'),
doc=_(u'Assigned user of the token (default: self)'),
),
parameters.Str(
'managedby_user',
required=False,
label=_(u'Manager'),
doc=_(u'Assigned manager of the token (default: self)'),
),
parameters.Bool(
'ipatokendisabled',
required=False,
label=_(u'Disabled'),
doc=_(u'Mark the token as disabled (default: false)'),
),
parameters.DateTime(
'ipatokennotbefore',
required=False,
label=_(u'Validity start'),
doc=_(u'First date/time the token can be used'),
),
parameters.DateTime(
'ipatokennotafter',
required=False,
label=_(u'Validity end'),
doc=_(u'Last date/time the token can be used'),
),
parameters.Str(
'ipatokenvendor',
required=False,
label=_(u'Vendor'),
doc=_(u'Token vendor name (informational only)'),
),
parameters.Str(
'ipatokenmodel',
required=False,
label=_(u'Model'),
doc=_(u'Token model (informational only)'),
),
parameters.Str(
'ipatokenserial',
required=False,
label=_(u'Serial'),
doc=_(u'Token serial (informational only)'),
),
parameters.Bytes(
'ipatokenotpkey',
required=False,
label=_(u'Key'),
doc=_(u'Token secret (Base32; default: random)'),
),
parameters.Str(
'ipatokenotpalgorithm',
required=False,
label=_(u'Algorithm'),
doc=_(u'Token hash algorithm'),
),
parameters.Int(
'ipatokenotpdigits',
required=False,
label=_(u'Digits'),
doc=_(u'Number of digits each token code will have'),
),
parameters.Int(
'ipatokentotpclockoffset',
required=False,
label=_(u'Clock offset'),
doc=_(u'TOTP token / IPA server time difference'),
),
parameters.Int(
'ipatokentotptimestep',
required=False,
label=_(u'Clock interval'),
doc=_(u'Length of TOTP token code validity'),
),
parameters.Int(
'ipatokenhotpcounter',
required=False,
label=_(u'Counter'),
doc=_(u'Initial counter for the HOTP token'),
),
)
class otptoken_add(Method):
__doc__ = _("Add a new OTP token.")
takes_args = (parameters.Str(
'ipatokenuniqueid',
required=False,
cli_name='id',
label=_(u'Unique ID'),
), )
takes_options = (
parameters.Str(
'type',
required=False,
cli_metavar="['totp', 'hotp', 'TOTP', 'HOTP']",
label=_(u'Type'),
doc=_(u'Type of the token'),
default=u'totp',
autofill=True,
),
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
doc=_(u'Token description (informational only)'),
),
parameters.Str(
'ipatokenowner',
required=False,
cli_name='owner',
label=_(u'Owner'),
doc=_(u'Assigned user of the token (default: self)'),
),
parameters.Bool(
'ipatokendisabled',
required=False,
cli_name='disabled',
label=_(u'Disabled'),
doc=_(u'Mark the token as disabled (default: false)'),
),
parameters.DateTime(
'ipatokennotbefore',
required=False,
cli_name='not_before',
label=_(u'Validity start'),
doc=_(u'First date/time the token can be used'),
),
parameters.DateTime(
'ipatokennotafter',
required=False,
cli_name='not_after',
label=_(u'Validity end'),
doc=_(u'Last date/time the token can be used'),
),
parameters.Str(
'ipatokenvendor',
required=False,
cli_name='vendor',
label=_(u'Vendor'),
doc=_(u'Token vendor name (informational only)'),
),
parameters.Str(
'ipatokenmodel',
required=False,
cli_name='model',
label=_(u'Model'),
doc=_(u'Token model (informational only)'),
),
parameters.Str(
'ipatokenserial',
required=False,
cli_name='serial',
label=_(u'Serial'),
doc=_(u'Token serial (informational only)'),
),
parameters.Bytes(
'ipatokenotpkey',
required=False,
cli_name='key',
label=_(u'Key'),
doc=_(u'Token secret (Base32; default: random)'),
default_from=DefaultFrom(lambda: None),
# FIXME:
# lambda: os.urandom(KEY_LENGTH)
autofill=True,
),
parameters.Str(
'ipatokenotpalgorithm',
required=False,
cli_name='algo',
cli_metavar="['sha1', 'sha256', 'sha384', 'sha512']",
label=_(u'Algorithm'),
doc=_(u'Token hash algorithm'),
default=u'sha1',
autofill=True,
),
parameters.Int(
'ipatokenotpdigits',
required=False,
cli_name='digits',
cli_metavar="['6', '8']",
label=_(u'Digits'),
doc=_(u'Number of digits each token code will have'),
default=6,
autofill=True,
),
parameters.Int(
'ipatokentotpclockoffset',
required=False,
cli_name='offset',
label=_(u'Clock offset'),
doc=_(u'TOTP token / IPA server time difference'),
default=0,
autofill=True,
),
parameters.Int(
'ipatokentotptimestep',
required=False,
cli_name='interval',
label=_(u'Clock interval'),
doc=_(u'Length of TOTP token code validity'),
default=30,
autofill=True,
),
parameters.Int(
'ipatokenhotpcounter',
required=False,
cli_name='counter',
label=_(u'Counter'),
doc=_(u'Initial counter for the HOTP token'),
default=0,
autofill=True,
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=
_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'
),
exclude=('webui', ),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=
_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'
),
exclude=('webui', ),
),
parameters.Flag(
'qrcode',
required=False,
label=_(u'(deprecated)'),
exclude=('cli', 'webui'),
default=False,
autofill=True,
),
parameters.Flag(
'no_qrcode',
label=_(u'Do not display QR code'),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.PrimaryKey(
'value',
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class stageuser_find(Method):
__doc__ = _("Search for stage users.")
takes_args = (parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
), )
takes_options = (
parameters.Str(
'uid',
required=False,
cli_name='login',
label=_(u'User login'),
default_from=DefaultFrom(lambda givenname, sn: givenname[0] + sn,
'principal'),
no_convert=True,
),
parameters.Str(
'givenname',
required=False,
cli_name='first',
label=_(u'First name'),
),
parameters.Str(
'sn',
required=False,
cli_name='last',
label=_(u'Last name'),
),
parameters.Str(
'cn',
required=False,
label=_(u'Full name'),
default_from=DefaultFrom(
lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
),
parameters.Str(
'displayname',
required=False,
label=_(u'Display name'),
default_from=DefaultFrom(
lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
),
parameters.Str(
'initials',
required=False,
label=_(u'Initials'),
default_from=DefaultFrom(
lambda givenname, sn: '%c%c' % (givenname[0], sn[0]),
'principal'),
),
parameters.Str(
'homedirectory',
required=False,
cli_name='homedir',
label=_(u'Home directory'),
),
parameters.Str(
'gecos',
required=False,
label=_(u'GECOS'),
default_from=DefaultFrom(
lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
),
parameters.Str(
'loginshell',
required=False,
cli_name='shell',
label=_(u'Login shell'),
),
parameters.Str(
'krbprincipalname',
required=False,
cli_name='principal',
label=_(u'Kerberos principal'),
default_from=DefaultFrom(
lambda uid: '%s@%s' % (uid.lower(), api.env.realm),
'principal'),
no_convert=True,
),
parameters.DateTime(
'krbprincipalexpiration',
required=False,
cli_name='principal_expiration',
label=_(u'Kerberos principal expiration'),
),
parameters.Str(
'mail',
required=False,
multivalue=True,
cli_name='email',
label=_(u'Email address'),
),
parameters.Password(
'userpassword',
required=False,
cli_name='password',
label=_(u'Password'),
doc=_(u'Prompt to set the user password'),
exclude=('webui', ),
confirm=True,
),
parameters.Int(
'uidnumber',
required=False,
cli_name='uid',
label=_(u'UID'),
doc=_(u'User ID Number (system will assign one if not provided)'),
),
parameters.Int(
'gidnumber',
required=False,
label=_(u'GID'),
doc=_(u'Group ID Number'),
),
parameters.Str(
'street',
required=False,
label=_(u'Street address'),
),
parameters.Str(
'l',
required=False,
cli_name='city',
label=_(u'City'),
),
parameters.Str(
'st',
required=False,
cli_name='state',
label=_(u'State/Province'),
),
parameters.Str(
'postalcode',
required=False,
label=_(u'ZIP'),
),
parameters.Str(
'telephonenumber',
required=False,
multivalue=True,
cli_name='phone',
label=_(u'Telephone Number'),
),
parameters.Str(
'mobile',
required=False,
multivalue=True,
label=_(u'Mobile Telephone Number'),
),
parameters.Str(
'pager',
required=False,
multivalue=True,
label=_(u'Pager Number'),
),
parameters.Str(
'facsimiletelephonenumber',
required=False,
multivalue=True,
cli_name='fax',
label=_(u'Fax Number'),
),
parameters.Str(
'ou',
required=False,
cli_name='orgunit',
label=_(u'Org. Unit'),
),
parameters.Str(
'title',
required=False,
label=_(u'Job Title'),
),
parameters.Str(
'manager',
required=False,
label=_(u'Manager'),
),
parameters.Str(
'carlicense',
required=False,
multivalue=True,
label=_(u'Car License'),
),
parameters.Str(
'ipauserauthtype',
required=False,
multivalue=True,
cli_name='user_auth_type',
cli_metavar="['password', 'radius', 'otp']",
label=_(u'User authentication types'),
doc=_(u'Types of supported user authentication'),
),
parameters.Str(
'userclass',
required=False,
multivalue=True,
cli_name='class',
label=_(u'Class'),
doc=
_(u'User category (semantics placed on this attribute are for local interpretation)'
),
),
parameters.Str(
'ipatokenradiusconfiglink',
required=False,
cli_name='radius',
label=_(u'RADIUS proxy configuration'),
),
parameters.Str(
'ipatokenradiususername',
required=False,
cli_name='radius_username',
label=_(u'RADIUS proxy username'),
),
parameters.Str(
'departmentnumber',
required=False,
multivalue=True,
label=_(u'Department Number'),
),
parameters.Str(
'employeenumber',
required=False,
label=_(u'Employee Number'),
),
parameters.Str(
'employeetype',
required=False,
label=_(u'Employee Type'),
),
parameters.Str(
'preferredlanguage',
required=False,
label=_(u'Preferred Language'),
),
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds (0 is unlimited)'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned (0 is unlimited)'),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=_(
u'Results should contain primary key attribute only ("login")'
),
default=False,
autofill=True,
),
parameters.Str(
'in_group',
required=False,
multivalue=True,
cli_name='in_groups',
label=_(u'group'),
doc=_(u'Search for stage users with these member of groups.'),
),
parameters.Str(
'not_in_group',
required=False,
multivalue=True,
cli_name='not_in_groups',
label=_(u'group'),
doc=_(u'Search for stage users without these member of groups.'),
),
parameters.Str(
'in_netgroup',
required=False,
multivalue=True,
cli_name='in_netgroups',
label=_(u'netgroup'),
doc=_(u'Search for stage users with these member of netgroups.'),
),
parameters.Str(
'not_in_netgroup',
required=False,
multivalue=True,
cli_name='not_in_netgroups',
label=_(u'netgroup'),
doc=_(
u'Search for stage users without these member of netgroups.'),
),
parameters.Str(
'in_role',
required=False,
multivalue=True,
cli_name='in_roles',
label=_(u'role'),
doc=_(u'Search for stage users with these member of roles.'),
),
parameters.Str(
'not_in_role',
required=False,
multivalue=True,
cli_name='not_in_roles',
label=_(u'role'),
doc=_(u'Search for stage users without these member of roles.'),
),
parameters.Str(
'in_hbacrule',
required=False,
multivalue=True,
cli_name='in_hbacrules',
label=_(u'HBAC rule'),
doc=_(u'Search for stage users with these member of HBAC rules.'),
),
parameters.Str(
'not_in_hbacrule',
required=False,
multivalue=True,
cli_name='not_in_hbacrules',
label=_(u'HBAC rule'),
doc=_(
u'Search for stage users without these member of HBAC rules.'),
),
parameters.Str(
'in_sudorule',
required=False,
multivalue=True,
cli_name='in_sudorules',
label=_(u'sudo rule'),
doc=_(u'Search for stage users with these member of sudo rules.'),
),
parameters.Str(
'not_in_sudorule',
required=False,
multivalue=True,
cli_name='not_in_sudorules',
label=_(u'sudo rule'),
doc=_(
u'Search for stage users without these member of sudo rules.'),
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries('result', ),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class host_mod(Method):
__doc__ = _("Modify information about a host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
doc=_(u'A description of this host'),
),
parameters.Str(
'l',
required=False,
cli_name='locality',
label=_(u'Locality'),
doc=_(u'Host locality (e.g. "Baltimore, MD")'),
),
parameters.Str(
'nshostlocation',
required=False,
cli_name='location',
label=_(u'Location'),
doc=_(u'Host location (e.g. "Lab 2")'),
),
parameters.Str(
'nshardwareplatform',
required=False,
cli_name='platform',
label=_(u'Platform'),
doc=_(u'Host hardware platform (e.g. "Lenovo T61")'),
),
parameters.Str(
'nsosversion',
required=False,
cli_name='os',
label=_(u'Operating system'),
doc=_(u'Host operating system and version (e.g. "Fedora 9")'),
),
parameters.Str(
'userpassword',
required=False,
cli_name='password',
label=_(u'User password'),
doc=_(u'Password used in bulk enrollment'),
),
parameters.Flag(
'random',
required=False,
doc=_(u'Generate a random password to be used in bulk enrollment'),
default=False,
autofill=True,
),
parameters.Bytes(
'usercertificate',
required=False,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'macaddress',
required=False,
multivalue=True,
label=_(u'MAC address'),
doc=_(u'Hardware MAC address(es) on this host'),
no_convert=True,
),
parameters.Str(
'ipasshpubkey',
required=False,
multivalue=True,
cli_name='sshpubkey',
label=_(u'SSH public key'),
no_convert=True,
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'),
exclude=('webui',),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'),
exclude=('webui',),
),
parameters.Str(
'delattr',
required=False,
multivalue=True,
doc=_(u'Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.'),
exclude=('webui',),
),
parameters.Flag(
'rights',
label=_(u'Rights'),
doc=_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'),
default=False,
autofill=True,
),
parameters.Str(
'krbprincipalname',
required=False,
cli_name='principalname',
label=_(u'Principal name'),
doc=_(u'Kerberos principal name for this host'),
),
parameters.Flag(
'updatedns',
required=False,
doc=_(u'Update DNS entries'),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.Output(
'value',
unicode,
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class host(Object):
takes_params = (
parameters.Str(
'fqdn',
primary_key=True,
label=_(u'Host name'),
),
parameters.Str(
'description',
required=False,
label=_(u'Description'),
doc=_(u'A description of this host'),
),
parameters.Str(
'l',
required=False,
label=_(u'Locality'),
doc=_(u'Host locality (e.g. "Baltimore, MD")'),
),
parameters.Str(
'nshostlocation',
required=False,
label=_(u'Location'),
doc=_(u'Host location (e.g. "Lab 2")'),
),
parameters.Str(
'nshardwareplatform',
required=False,
label=_(u'Platform'),
doc=_(u'Host hardware platform (e.g. "Lenovo T61")'),
),
parameters.Str(
'nsosversion',
required=False,
label=_(u'Operating system'),
doc=_(u'Host operating system and version (e.g. "Fedora 9")'),
),
parameters.Str(
'userpassword',
required=False,
label=_(u'User password'),
doc=_(u'Password used in bulk enrollment'),
),
parameters.Flag(
'random',
required=False,
doc=_(u'Generate a random password to be used in bulk enrollment'),
),
parameters.Str(
'randompassword',
required=False,
label=_(u'Random password'),
),
parameters.Bytes(
'usercertificate',
required=False,
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'krbprincipalname',
required=False,
label=_(u'Principal name'),
),
parameters.Str(
'macaddress',
required=False,
multivalue=True,
label=_(u'MAC address'),
doc=_(u'Hardware MAC address(es) on this host'),
),
parameters.Str(
'ipasshpubkey',
required=False,
multivalue=True,
label=_(u'SSH public key'),
),
parameters.Flag(
'has_password',
label=_(u'Password'),
),
parameters.Str(
'memberof_hostgroup',
required=False,
label=_(u'Member of host-groups'),
),
parameters.Str(
'memberof_role',
required=False,
label=_(u'Roles'),
),
parameters.Str(
'memberof_netgroup',
required=False,
label=_(u'Member of netgroups'),
),
parameters.Str(
'memberof_sudorule',
required=False,
label=_(u'Member of Sudo rule'),
),
parameters.Str(
'memberof_hbacrule',
required=False,
label=_(u'Member of HBAC rule'),
),
parameters.Str(
'memberofindirect_netgroup',
required=False,
label=_(u'Indirect Member of netgroup'),
),
parameters.Str(
'memberofindirect_hostgroup',
required=False,
label=_(u'Indirect Member of host-group'),
),
parameters.Str(
'memberofindirect_role',
required=False,
label=_(u'Indirect Member of role'),
),
parameters.Str(
'memberofindirect_sudorule',
required=False,
label=_(u'Indirect Member of Sudo rule'),
),
parameters.Str(
'memberofindirect_hbacrule',
required=False,
label=_(u'Indirect Member of HBAC rule'),
),
parameters.Flag(
'has_keytab',
label=_(u'Keytab'),
),
parameters.Str(
'managedby_host',
label=_(u'Managed by'),
),
parameters.Str(
'managing_host',
label=_(u'Managing'),
),
)
class vault(Object):
takes_params = (
parameters.Str(
'cn',
primary_key=True,
label=_(u'Vault name'),
),
parameters.Str(
'description',
required=False,
label=_(u'Description'),
doc=_(u'Vault description'),
),
parameters.Str(
'ipavaulttype',
required=False,
label=_(u'Type'),
doc=_(u'Vault type'),
),
parameters.Bytes(
'ipavaultsalt',
required=False,
label=_(u'Salt'),
doc=_(u'Vault salt'),
),
parameters.Bytes(
'ipavaultpublickey',
required=False,
label=_(u'Public key'),
doc=_(u'Vault public key'),
),
parameters.Str(
'owner_user',
required=False,
label=_(u'Owner users'),
),
parameters.Str(
'owner_group',
required=False,
label=_(u'Owner groups'),
),
parameters.Str(
'owner_service',
required=False,
label=_(u'Owner services'),
),
parameters.Str(
'owner',
required=False,
label=_(u'Failed owners'),
),
parameters.Str(
'service',
required=False,
label=_(u'Vault service'),
),
parameters.Flag(
'shared',
required=False,
label=_(u'Shared vault'),
),
parameters.Str(
'username',
required=False,
label=_(u'Vault user'),
),
parameters.Str(
'member_user',
required=False,
label=_(u'Member users'),
),
parameters.Str(
'member_group',
required=False,
label=_(u'Member groups'),
),
parameters.Str(
'member_service',
required=False,
label=_(u'Member services'),
),
)
class vaultconfig(Object):
takes_params = (parameters.Bytes(
'transport_cert',
label=_(u'Transport Certificate'),
), )
class stageuser_add(Method):
__doc__ = _("Add a new stage user.")
takes_args = (parameters.Str(
'uid',
cli_name='login',
label=_(u'User login'),
default_from=DefaultFrom(lambda givenname, sn: givenname[0] + sn,
'principal'),
no_convert=True,
), )
takes_options = (
parameters.Str(
'givenname',
cli_name='first',
label=_(u'First name'),
),
parameters.Str(
'sn',
cli_name='last',
label=_(u'Last name'),
),
parameters.Str(
'cn',
label=_(u'Full name'),
default_from=DefaultFrom(
lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
autofill=True,
),
parameters.Str(
'displayname',
required=False,
label=_(u'Display name'),
default_from=DefaultFrom(
lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
autofill=True,
),
parameters.Str(
'initials',
required=False,
label=_(u'Initials'),
default_from=DefaultFrom(
lambda givenname, sn: '%c%c' % (givenname[0], sn[0]),
'principal'),
autofill=True,
),
parameters.Str(
'homedirectory',
required=False,
cli_name='homedir',
label=_(u'Home directory'),
),
parameters.Str(
'gecos',
required=False,
label=_(u'GECOS'),
default_from=DefaultFrom(
lambda givenname, sn: '%s %s' % (givenname, sn), 'principal'),
autofill=True,
),
parameters.Str(
'loginshell',
required=False,
cli_name='shell',
label=_(u'Login shell'),
),
parameters.Str(
'krbprincipalname',
required=False,
cli_name='principal',
label=_(u'Kerberos principal'),
default_from=DefaultFrom(
lambda uid: '%s@%s' % (uid.lower(), api.env.realm),
'principal'),
autofill=True,
no_convert=True,
),
parameters.DateTime(
'krbprincipalexpiration',
required=False,
cli_name='principal_expiration',
label=_(u'Kerberos principal expiration'),
),
parameters.Str(
'mail',
required=False,
multivalue=True,
cli_name='email',
label=_(u'Email address'),
),
parameters.Password(
'userpassword',
required=False,
cli_name='password',
label=_(u'Password'),
doc=_(u'Prompt to set the user password'),
exclude=('webui', ),
confirm=True,
),
parameters.Flag(
'random',
required=False,
doc=_(u'Generate a random user password'),
default=False,
autofill=True,
),
parameters.Int(
'uidnumber',
required=False,
cli_name='uid',
label=_(u'UID'),
doc=_(u'User ID Number (system will assign one if not provided)'),
),
parameters.Int(
'gidnumber',
required=False,
label=_(u'GID'),
doc=_(u'Group ID Number'),
),
parameters.Str(
'street',
required=False,
label=_(u'Street address'),
),
parameters.Str(
'l',
required=False,
cli_name='city',
label=_(u'City'),
),
parameters.Str(
'st',
required=False,
cli_name='state',
label=_(u'State/Province'),
),
parameters.Str(
'postalcode',
required=False,
label=_(u'ZIP'),
),
parameters.Str(
'telephonenumber',
required=False,
multivalue=True,
cli_name='phone',
label=_(u'Telephone Number'),
),
parameters.Str(
'mobile',
required=False,
multivalue=True,
label=_(u'Mobile Telephone Number'),
),
parameters.Str(
'pager',
required=False,
multivalue=True,
label=_(u'Pager Number'),
),
parameters.Str(
'facsimiletelephonenumber',
required=False,
multivalue=True,
cli_name='fax',
label=_(u'Fax Number'),
),
parameters.Str(
'ou',
required=False,
cli_name='orgunit',
label=_(u'Org. Unit'),
),
parameters.Str(
'title',
required=False,
label=_(u'Job Title'),
),
parameters.Str(
'manager',
required=False,
label=_(u'Manager'),
),
parameters.Str(
'carlicense',
required=False,
multivalue=True,
label=_(u'Car License'),
),
parameters.Str(
'ipasshpubkey',
required=False,
multivalue=True,
cli_name='sshpubkey',
label=_(u'SSH public key'),
no_convert=True,
),
parameters.Str(
'ipauserauthtype',
required=False,
multivalue=True,
cli_name='user_auth_type',
cli_metavar="['password', 'radius', 'otp']",
label=_(u'User authentication types'),
doc=_(u'Types of supported user authentication'),
),
parameters.Str(
'userclass',
required=False,
multivalue=True,
cli_name='class',
label=_(u'Class'),
doc=
_(u'User category (semantics placed on this attribute are for local interpretation)'
),
),
parameters.Str(
'ipatokenradiusconfiglink',
required=False,
cli_name='radius',
label=_(u'RADIUS proxy configuration'),
),
parameters.Str(
'ipatokenradiususername',
required=False,
cli_name='radius_username',
label=_(u'RADIUS proxy username'),
),
parameters.Str(
'departmentnumber',
required=False,
multivalue=True,
label=_(u'Department Number'),
),
parameters.Str(
'employeenumber',
required=False,
label=_(u'Employee Number'),
),
parameters.Str(
'employeetype',
required=False,
label=_(u'Employee Type'),
),
parameters.Str(
'preferredlanguage',
required=False,
label=_(u'Preferred Language'),
),
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=
_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'
),
exclude=('webui', ),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=
_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'
),
exclude=('webui', ),
),
parameters.Bool(
'from_delete',
required=False,
deprecated=True,
doc=_(u'Create Stage user in from a delete user'),
exclude=('cli', 'webui'),
default=False,
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.PrimaryKey(
'value',
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
