summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Nagy <mnagy@redhat.com>2008-08-15 18:08:01 +0200
committerMartin Nagy <mnagy@redhat.com>2008-09-11 23:34:01 +0200
commit885103c32127d10250564e25c5895464fb366f9e (patch)
tree5db92cd0d4282b3e1aacbfc04c9d076a0d515bec
parent57669ba43224eee0d90556aeea03d14873b4bd7f (diff)
downloadfreeipa-885103c32127d10250564e25c5895464fb366f9e.tar.gz
freeipa-885103c32127d10250564e25c5895464fb366f9e.tar.xz
freeipa-885103c32127d10250564e25c5895464fb366f9e.zip
Rework config.py and change cli tools. Maintain order of IPA servers from command line, config and DNS. Parse options before detecting IPA configuration. Don't ignore rest of the options if one is missing in ipa.conf. Drop the --usage options, we will rely on --help. Fixes: 458869, 459070, 458980, 459234
Diffstat
-rw-r--r--ipa-admintools/ipa-adddelegation38
-rw-r--r--ipa-admintools/ipa-addgroup27
-rw-r--r--ipa-admintools/ipa-addservice19
-rw-r--r--ipa-admintools/ipa-adduser41
-rw-r--r--[-rwxr-xr-x]ipa-admintools/ipa-admintools.spec.in0
-rw-r--r--ipa-admintools/ipa-change-master-key35
-rw-r--r--ipa-admintools/ipa-defaultoptions27
-rw-r--r--ipa-admintools/ipa-deldelegation26
-rw-r--r--ipa-admintools/ipa-delgroup30
-rw-r--r--ipa-admintools/ipa-delservice25
-rw-r--r--ipa-admintools/ipa-deluser22
-rw-r--r--ipa-admintools/ipa-findgroup26
-rw-r--r--ipa-admintools/ipa-findservice22
-rw-r--r--ipa-admintools/ipa-finduser33
-rw-r--r--ipa-admintools/ipa-listdelegation11
-rw-r--r--ipa-admintools/ipa-lockuser24
-rw-r--r--ipa-admintools/ipa-moddelegation40
-rw-r--r--ipa-admintools/ipa-modgroup66
-rw-r--r--ipa-admintools/ipa-moduser27
-rw-r--r--ipa-admintools/ipa-passwd23
-rw-r--r--ipa-admintools/ipa-pwpolicy27
-rw-r--r--ipa-python/config.py95
-rw-r--r--ipa-radius-admintools/ipa-addradiusclient10
-rw-r--r--ipa-radius-admintools/ipa-addradiusprofile10
-rw-r--r--ipa-radius-admintools/ipa-delradiusclient10
-rw-r--r--ipa-radius-admintools/ipa-delradiusprofile10
-rw-r--r--ipa-radius-admintools/ipa-findradiusclient10
-rw-r--r--ipa-radius-admintools/ipa-findradiusprofile10
-rw-r--r--ipa-radius-admintools/ipa-modradiusclient10
-rw-r--r--ipa-radius-admintools/ipa-modradiusprofile10
-rw-r--r--ipa-server/ipa-fix-CVE-2008-327444
-rw-r--r--ipa-server/ipa-install/ipa-replica-prepare10
32 files changed, 376 insertions, 442 deletions
diff --git a/ipa-admintools/ipa-adddelegation b/ipa-admintools/ipa-adddelegation
index 640614d93..4493390f9 100644
--- a/ipa-admintools/ipa-adddelegation
+++ b/ipa-admintools/ipa-adddelegation
@@ -43,13 +43,10 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-adddelegation [-l|--list]"
- print "ipa-adddelegation [-a|--attributes attr1,attr2,..,attrn] [-s|--source STRING] [-t|--target STRING] [-v|--verbose] name"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
+ usage = "%prog -l|--list\n"
+ usage += "%prog -a|--attributes attr1,attr2,..,attrn -s|--source STRING -t|--target STRING [-v|--verbose] name"
+ parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter())
parser.add_option("-a", "--attributes", dest="attributes",
help="The attributes the source group may change in the target group")
parser.add_option("-s", "--source", dest="source",
@@ -60,11 +57,18 @@ def parse_options():
help="List common attributes (this is not an exhaustive list)")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+
+ if options.list:
+ ipa.config.verify_args(parser, args)
+ else:
+ ipa.config.verify_args(parser, args, "name")
+ if not options.attributes or not options.source or not options.target:
+ parser.error("need attributes and both source and target groups")
+
+ ipa.config.init_config(options)
return options, args
@@ -72,9 +76,6 @@ def main():
options, args = parse_options()
- if options.usage:
- usage()
-
if options.list:
client = ipaclient.IPAClient(verbose=options.verbose)
l = client.get_all_attrs()
@@ -83,13 +84,6 @@ def main():
print x
return 0
- if len(args) != 2:
- print "args is %s" % len(args)
- usage()
-
- if not options.attributes or not options.source or not options.target:
- usage()
-
client = ipaclient.IPAClient(verbose=options.verbose)
source_grp = client.find_groups(options.source)
@@ -137,7 +131,7 @@ def main():
attr_list = options.attributes.split(',')
new_aci = ipa.aci.ACI()
- new_aci.name = args[1]
+ new_aci.name = args[0]
new_aci.source_group = source_grp[0].dn
new_aci.dest_group = target_grp[0].dn
new_aci.attrs = attr_list
@@ -174,7 +168,7 @@ def main():
# This is ok, ignore it
pass
- print "Delegation %s successfully added" % args[1]
+ print "Delegation %s successfully added" % args[0]
return 0
try:
diff --git a/ipa-admintools/ipa-addgroup b/ipa-admintools/ipa-addgroup
index d99d588b8..09ae9a670 100644
--- a/ipa-admintools/ipa-addgroup
+++ b/ipa-admintools/ipa-addgroup
@@ -43,15 +43,12 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-addgroup [-d|--description STRING] [-g|--gid GID] [--addattr attribute=value] [--setattr attribute=value] [-v|--verbose] group"
- sys.exit(1)
-
def set_add_usage(which):
print "%s option usage: --%s NAME=VALUE" % (which, which)
def parse_options():
- parser = OptionParser()
+ usage = "%prog [options] [group]"
+ parser = OptionParser(usage=usage)
parser.add_option("-d", "--description", dest="desc",
help="A description of this group")
parser.add_option("-g", "--gid", dest="gid",
@@ -64,11 +61,14 @@ def parse_options():
parser.add_option("--setattr", dest="setattr",
help="Set an attribute, dropping any existing values that may exist",
action="append")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+
+ if len(args) > 1:
+ parser.error("too many arguments")
+
+ ipa.config.init_config(options)
return options, args
@@ -79,13 +79,10 @@ def main():
group=ipa.group.Group()
options, args = parse_options()
- if options.usage:
- usage()
-
- if (len(args) != 2):
+ if len(args) != 1:
cn = ipautil.user_input_name("Group name")
else:
- cn = args[1]
+ cn = args[0]
try:
ipaadminutil.check_name(cn)
except ValueError, e:
@@ -96,7 +93,7 @@ def main():
desc = ipautil.user_input("Description", allow_empty = False)
else:
desc = options.desc
- if (not ipavalidate.String(desc, notEmpty=True)):
+ if not ipavalidate.String(desc, notEmpty=True):
print "Please enter a value"
return 1
diff --git a/ipa-admintools/ipa-addservice b/ipa-admintools/ipa-addservice
index 29d0bb966..15105bc0f 100644
--- a/ipa-admintools/ipa-addservice
+++ b/ipa-admintools/ipa-addservice
@@ -44,22 +44,19 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-addservice [--force] [-v|--verbose] principal"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
+ usage = "%prog [options] principal"
+ parser = OptionParser(usage=usage)
parser.add_option("--force", action="store_true", default=False,
help="Force a service principal name")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ ipa.config.verify_args(parser, args, "principal")
+ ipa.config.init_config(options)
return options, args
@@ -69,9 +66,7 @@ def main():
options, args = parse_options()
- if len(args) != 2:
- usage()
- princ_name = args[1]
+ princ_name = args[0]
client = ipaclient.IPAClient(verbose=options.verbose)
diff --git a/ipa-admintools/ipa-adduser b/ipa-admintools/ipa-adduser
index 9db45166d..c3c5909f6 100644
--- a/ipa-admintools/ipa-adduser
+++ b/ipa-admintools/ipa-adduser
@@ -44,15 +44,12 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-adduser [-c|--gecos STRING] [-d|--directory STRING] [-f|--firstname STRING] [-l|--lastname STRING] [-s|--shell] [-g|--groups] [-k|krb-principal [-M|mailAddress] [--addattr attribute=value] [--setattr attribute=value] [-v|--verbose] user"
- sys.exit(1)
-
def set_add_usage(which):
print "%s option usage: --%s NAME=VALUE" % (which, which)
def parse_options():
- parser = OptionParser()
+ usage = "%prog [options] [user]"
+ parser = OptionParser(usage=usage)
parser.add_option("-c", "--gecos", dest="gecos",
help="Set the GECOS field")
parser.add_option("-d", "--directory", dest="directory",
@@ -73,8 +70,6 @@ def parse_options():
help="Set user's Kerberos Principal Name")
parser.add_option("-M", "--mailAddress", dest="mail",
help="Set user's e-mail address")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
parser.add_option("--addattr", dest="addattr",
@@ -84,8 +79,13 @@ def parse_options():
help="Set an attribute, dropping any existing values that may exist",
action="append")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+
+ if len(args) > 1:
+ parser.error("too many arguments")
+
+ ipa.config.init_config(options)
return options, args
@@ -96,7 +96,7 @@ def main():
username = ""
principal = ""
password = ""
- mail = ""
+ mail = ""
gecos = ""
directory = ""
shell = ""
@@ -109,17 +109,14 @@ def main():
user=ipa.user.User()
options, args = parse_options()
- if options.usage:
- usage()
-
- if len(args) != 2:
+ if len(args) != 1:
all_interactive = True
if not options.gn:
givenname = ipautil.user_input("First name", allow_empty = False)
else:
givenname = options.gn
- if (not ipavalidate.String(givenname, notEmpty=True)):
+ if not ipavalidate.String(givenname, notEmpty=True):
print "Please enter a value"
return 1
@@ -127,14 +124,14 @@ def main():
lastname = ipautil.user_input("Last name", allow_empty = False)
else:
lastname = options.sn
- if (not ipavalidate.String(lastname, notEmpty=True)):
+ if not ipavalidate.String(lastname, notEmpty=True):
print "Please enter a value"
return 1
- if (len(args) != 2):
+ if len(args) != 1:
username = ipautil.user_input_name("Login name")
else:
- username = args[1]
+ username = args[0]
try:
ipaadminutil.check_name(username)
except ValueError, e:
@@ -142,15 +139,15 @@ def main():
return 1
if options.password_prompt:
- while (match != True):
+ while match != True:
password = getpass.getpass(" Password: ")
confirm = getpass.getpass(" Password (again): ")
- if (password != confirm):
+ if password != confirm:
print "Passwords do not match"
match = False
else:
match = True
- if (len(password) < 1):
+ if len(password) < 1:
print "Password cannot be empty"
match = False
else:
@@ -158,7 +155,7 @@ def main():
if options.mail:
mail = options.mail
- if (not ipavalidate.Email(mail)):
+ if not ipavalidate.Email(mail):
print "The email provided seem not a valid email."
return 1
diff --git a/ipa-admintools/ipa-admintools.spec.in b/ipa-admintools/ipa-admintools.spec.in
index ea03923ae..ea03923ae 100755..100644
--- a/ipa-admintools/ipa-admintools.spec.in
+++ b/ipa-admintools/ipa-admintools.spec.in
diff --git a/ipa-admintools/ipa-change-master-key b/ipa-admintools/ipa-change-master-key
index 7738627b4..9ab5a96e8 100644
--- a/ipa-admintools/ipa-change-master-key
+++ b/ipa-admintools/ipa-change-master-key
@@ -63,30 +63,38 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-change-master-key [-q|--quiet] [-p DM_PASSWORD]"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
+ parser = OptionParser("%prog [-q|--quiet] [-p DM_PASSWORD]")
parser.add_option("-p", "--dm-password", dest="dm_password",
help="The Directory Manager password")
parser.add_option("-q", "--quiet", action="store_true", dest="quiet",
help="Keep quiet")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+
+ ipa.config.verify_args(parser, args)
+ ipa.config.init_config(options)
return options, args
# We support only des3 encoded stash files for now
def generate_new_stash_file(file):
- odd_parity_bytes_pool = ['\x01', '\x02', '\x04', '\x07', '\x08', '\x0b', '\r', '\x0e', '\x10', '\x13', '\x15', '\x16', '\x19', '\x1a', '\x1c', '\x1f', ' ', '#', '%', '&', ')', '*', ',', '/', '1', '2', '4', '7', '8', ';', '=', '>', '@', 'C', 'E', 'F', 'I', 'J', 'L', 'O', 'Q', 'R', 'T', 'W', 'X', '[', ']', '^', 'a', 'b', 'd', 'g', 'h', 'k', 'm', 'n', 'p', 's', 'u', 'v', 'y', 'z', '|', '\x7f', '\x80', '\x83', '\x85', '\x86', '\x89', '\x8a', '\x8c', '\x8f', '\x91', '\x92', '\x94', '\x97', '\x98', '\x9b', '\x9d', '\x9e', '\xa1', '\xa2', '\xa4', '\xa7', '\xa8', '\xab', '\xad', '\xae', '\xb0', '\xb3', '\xb5', '\xb6', '\xb9', '\xba', '\xbc', '\xbf', '\xc1', '\xc2', '\xc4', '\xc7', '\xc8', '\xcb', '\xcd', '\xce', '\xd0', '\xd3', '\xd5', '\xd6', '\xd9', '\xda', '\xdc', '\xdf', '\xe0', '\xe3',
-'\xe5', '\xe6', '\xe9', '\xea', '\xec', '\xef', '\xf1', '\xf2', '\xf4', '\xf7',
-'\xf8', '\xfb', '\xfd', '\xfe']
+ odd_parity_bytes_pool = ['\x01', '\x02', '\x04', '\x07', '\x08', '\x0b',
+ '\r', '\x0e', '\x10', '\x13', '\x15', '\x16', '\x19', '\x1a', '\x1c',
+ '\x1f', ' ', '#', '%', '&', ')', '*', ',', '/', '1', '2', '4', '7', '8',
+ ';', '=', '>', '@', 'C', 'E', 'F', 'I', 'J', 'L', 'O', 'Q', 'R', 'T',
+ 'W', 'X', '[', ']', '^', 'a', 'b', 'd', 'g', 'h', 'k', 'm', 'n', 'p',
+ 's', 'u', 'v', 'y', 'z', '|', '\x7f', '\x80', '\x83', '\x85', '\x86',
+ '\x89', '\x8a', '\x8c', '\x8f', '\x91', '\x92', '\x94', '\x97', '\x98',
+ '\x9b', '\x9d', '\x9e', '\xa1', '\xa2', '\xa4', '\xa7', '\xa8', '\xab',
+ '\xad', '\xae', '\xb0', '\xb3', '\xb5', '\xb6', '\xb9', '\xba', '\xbc',
+ '\xbf', '\xc1', '\xc2', '\xc4', '\xc7', '\xc8', '\xcb', '\xcd', '\xce',
+ '\xd0', '\xd3', '\xd5', '\xd6', '\xd9', '\xda', '\xdc', '\xdf', '\xe0',
+ '\xe3', '\xe5', '\xe6', '\xe9', '\xea', '\xec', '\xef', '\xf1', '\xf2',
+ '\xf4', '\xf7', '\xf8', '\xfb', '\xfd', '\xfe']
+
pool_len = len(odd_parity_bytes_pool)
keytype = 16 # des3
keydata = ""
@@ -135,9 +143,6 @@ def main():
options, args = parse_options()
- if options.usage:
- usage()
-
krbctx = krbV.default_context()
realm = krbctx.default_realm
diff --git a/ipa-admintools/ipa-defaultoptions b/ipa-admintools/ipa-defaultoptions
index 5d9c49042..3cc94d4c7 100644
--- a/ipa-admintools/ipa-defaultoptions
+++ b/ipa-admintools/ipa-defaultoptions
@@ -39,13 +39,10 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-defaultoptions [--maxusername number] [--homedir directory] [--defaultshell shell] [--defaultgroup group] [--emaildomain domain] [--searchtimelimit number] [--searchrecordslimit number] [--usersearch fields] [--groupsearch fields] [-v|--verbose]"
- print "ipa-defaultoptions --show"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
+ usage = "%prog [options]\n"
+ usage += "%prog --show"
+ parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter())
parser.add_option("--maxusername", dest="maxusername",
help="Max. Length of a username")
parser.add_option("--homedir", dest="homedir",
@@ -66,13 +63,17 @@ def parse_options():
help="A comma-separated list of fields to search when searching for groups")
parser.add_option("--show", dest="show", action="store_true",
help="Show the current configuration")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ ipa.config.verify_args(parser, args)
+
+ if not options.show and not options.maxusername and not options.homedir and not options.defaultshell and not options.defaultgroup and not options.emaildomain and not options.searchtimelimit and not options.searchrecordslimit and not options.usersearch and not options.groupsearch:
+ parser.error("nothing to do")
+
+ ipa.config.init_config(options)
return options, args
@@ -94,9 +95,6 @@ def show_config(client):
print "Default E-mail Domain: %s" % policy.getValues('ipaDefaultEmailDomain')
def update_policy(client, options):
- if not options.maxusername and not options.homedir and not options.defaultshell and not options.defaultgroup and not options.emaildomain and not options.searchtimelimit and not options.searchrecordslimit and not options.usersearch and not options.groupsearch:
- usage()
-
current = client.get_ipa_config()
new = ipa.entity.Entity(current.toDict())
@@ -140,9 +138,6 @@ def update_policy(client, options):
def main():
options, args = parse_options()
- if options.usage:
- usage()
-
client = ipaclient.IPAClient(verbose=options.verbose)
if options.show:
diff --git a/ipa-admintools/ipa-deldelegation b/ipa-admintools/ipa-deldelegation
index 4284af8fa..f11cf4b4e 100644
--- a/ipa-admintools/ipa-deldelegation
+++ b/ipa-admintools/ipa-deldelegation
@@ -7,7 +7,7 @@
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; version 2 only
-#
+#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
@@ -16,7 +16,7 @@
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
+#
import sys
try:
from optparse import OptionParser
@@ -43,19 +43,16 @@ error was:
aci_fields = ['*', 'aci']
-def usage():
- print "ipa-deldelgation [-v|--verbose] name"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
- parser.add_option("--usage", action="store_true",
- help="Program usage")
+ usage = "%prog [-v|--verbose] name"
+ parser = OptionParser(usage=usage)
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ ipa.config.verify_args(parser, args, "name")
+ ipa.config.init_config(options)
return options, args
@@ -63,9 +60,6 @@ def main():
options, args = parse_options()
- if options.usage or len(args) != 2:
- usage()
-
client = ipaclient.IPAClient(verbose=options.verbose)
aci_entry = client.get_aci_entry(aci_fields)
@@ -80,7 +74,7 @@ def main():
for aci_str in aci_str_list:
try:
aci = ipa.aci.ACI(aci_str)
- if aci.name == args[1]:
+ if aci.name == args[0]:
acistr = aci_str
source_group = aci.source_group
else:
@@ -90,7 +84,7 @@ def main():
pass
if acistr is None:
- print "No delegation '%s' found." % args[1]
+ print "No delegation '%s' found." % args[0]
return 2
old_aci_index = aci_str_list.index(acistr)
diff --git a/ipa-admintools/ipa-delgroup b/ipa-admintools/ipa-delgroup
index 3add9ac31..62ae3962b 100644
--- a/ipa-admintools/ipa-delgroup
+++ b/ipa-admintools/ipa-delgroup
@@ -39,49 +39,43 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-delgroup [-v|--verbose] group"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
- parser.add_option("--usage", action="store_true",
- help="Program usage")
+ usage = "%prog [-v|--verbose] group"
+ parser = OptionParser(usage=usage)
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ ipa.config.verify_args(parser, args, "group")
+ ipa.config.init_config(options)
return options, args
def main():
options, args = parse_options()
- if options.usage or len(args) != 2:
- usage()
-
client = ipaclient.IPAClient(verbose=options.verbose)
- groups = client.find_groups(args[1], ['cn','description','gidnumber','nsAccountLock'])
+ groups = client.find_groups(args[0], ['cn','description','gidnumber','nsAccountLock'])
counter = groups[0]
- groups = groups[1:]
+ groups = groups[1:]
to_delete = None
for i in range(counter):
dn_list = ldap.explode_dn(groups[i].dn.lower())
- if "cn=%s" % args[1].lower() in dn_list:
+ if "cn=%s" % args[0].lower() in dn_list:
to_delete = groups[i]
if to_delete is None:
- print "Group '%s' not found." % args[1]
+ print "Group '%s' not found." % args[0]
return 2
ret = client.delete_group(to_delete.dn)
if (ret == "Success"):
- print args[1] + " successfully deleted"
+ print args[0] + " successfully deleted"
else:
- print args[1] + " " + ret
+ print args[0] + " " + ret
return 0
diff --git a/ipa-admintools/ipa-delservice b/ipa-admintools/ipa-delservice
index 3d7d1849f..c295edc73 100644
--- a/ipa-admintools/ipa-delservice
+++ b/ipa-admintools/ipa-delservice
@@ -40,19 +40,16 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-delservice [-v|--verbose] principal"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
- parser.add_option("--usage", action="store_true",
- help="Program usage")
+ usage = "%prog [-v|--verbose] principal"
+ parser = OptionParser(usage=usage)
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ ipa.config.verify_args(parser, args, "principal")
+ ipa.config.init_config(options)
return options, args
@@ -62,21 +59,19 @@ def main():
options, args = parse_options()
- if len(args) != 2:
- usage()
- princ_name = args[1]
+ princ_name = args[0]
client = ipaclient.IPAClient(verbose=options.verbose)
- hosts = client.find_service_principal(args[1], sattrs=None)
+ hosts = client.find_service_principal(args[0], sattrs=None)
counter = hosts[0]
hosts = hosts[1:]
if counter == 0:
- print "Service Principal '%s' not found." % args[1]
+ print "Service Principal '%s' not found." % args[0]
return 2
if counter != 1:
- print "An exact match was not found. Found %d principals for %s" % (counter, args[1])
+ print "An exact match was not found. Found %d principals for %s" % (counter, args[0])
return 2
client.delete_service_principal(hosts[0].dn)
diff --git a/ipa-admintools/ipa-deluser b/ipa-admintools/ipa-deluser
index cfa935e70..4b0db7e63 100644
--- a/ipa-admintools/ipa-deluser
+++ b/ipa-admintools/ipa-deluser
@@ -38,31 +38,25 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-deluser [-v|--verbose] user"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
- parser.add_option("--usage", action="store_true",
- help="Program usage")
+ usage = "%prog [-v|--verbose] user"
+ parser = OptionParser(usage=usage)
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ ipa.config.verify_args(parser, args, "user")
+ ipa.config.init_config(options)
return options, args
def main():
options, args = parse_options()
- if options.usage or len(args) != 2:
- usage()
-
client = ipaclient.IPAClient(verbose=options.verbose)
- ret = client.delete_user(args[1])
- print args[1] + " successfully deleted"
+ ret = client.delete_user(args[0])
+ print args[0] + " successfully deleted"
return 0
diff --git a/ipa-admintools/ipa-findgroup b/ipa-admintools/ipa-findgroup
index 9e514eeeb..d9a9acc39 100644
--- a/ipa-admintools/ipa-findgroup
+++ b/ipa-admintools/ipa-findgroup
@@ -39,25 +39,22 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-findgroup [-a|--all] [-n|--notranslate] [-v|--verbose] group"
- sys.exit()
-
def parse_options():
- parser = OptionParser()
+ usage = "%prog [options] group"
+ parser = OptionParser(usage=usage)
parser.add_option("-a", "--all", action="store_true", dest="all",
help="Show all group attributes")
parser.add_option("-n", "--notranslate", action="store_true",
dest="notranslate",
help="Don't translate LDAP attributes into readable labels")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ ipa.config.verify_args(parser, args, "group")
+ ipa.config.init_config(options)
return options, args
@@ -65,20 +62,17 @@ def main():
group={}
options, args = parse_options()
- if options.usage or len(args) != 2:
- usage()
-
client = ipaclient.IPAClient(verbose=options.verbose)
if options.all is None:
- groups = client.find_groups(args[1], ['cn','description','gidnumber','nsAccountLock'])
+ groups = client.find_groups(args[0], ['cn','description','gidnumber','nsAccountLock'])
else:
- groups = client.find_groups(args[1], sattrs=['*','nsAccountLock'])
+ groups = client.find_groups(args[0], sattrs=['*','nsAccountLock'])
counter = groups[0]
groups = groups[1:]
groupindex = -1
if counter == 0:
- print "No entries found for", args[1]
+ print "No entries found for", args[0]
return 2
elif counter == -1:
print "These results are truncated."
@@ -129,7 +123,7 @@ def main():
for m in members:
print " " + m.getValue('cn') + ": " + m.dn
# blank line between results
- print
+ print
return 0
diff --git a/ipa-admintools/ipa-findservice b/ipa-admintools/ipa-findservice
index 690c22e2e..c9aa4c058 100644
--- a/ipa-admintools/ipa-findservice
+++ b/ipa-admintools/ipa-findservice
@@ -39,20 +39,17 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-findservice [-v|--verbose] host"
- sys.exit()
-
def parse_options():
- parser = OptionParser()
+ usage = "%prog [-v|--verbose] host"
+ parser = OptionParser(usage=usage)
- parser.add_option("--usage", action="store_true",
- help="Program usage")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ ipa.config.verify_args(parser, args, "host")
+ ipa.config.init_config(options)
return options, args
@@ -60,17 +57,14 @@ def main():
user={}
options, args = parse_options()
- if options.usage or len(args) != 2:
- usage()
-
client = ipaclient.IPAClient(verbose=options.verbose)
- hosts = client.find_service_principal(args[1], sattrs=None)
+ hosts = client.find_service_principal(args[0], sattrs=None)
counter = hosts[0]
hosts = hosts[1:]
userindex = 0
if counter == 0:
- print "No entries found for", args[1]
+ print "No entries found for", args[0]
return 2
elif counter == -1:
print "These results are truncated."
diff --git a/ipa-admintools/ipa-finduser b/ipa-admintools/ipa-finduser
index 919c4b92c..75df9493f 100644
--- a/ipa-admintools/ipa-finduser
+++ b/ipa-admintools/ipa-finduser
@@ -41,25 +41,22 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-finduser [-a|--all] [-n|--notranslate] [-v|--verbose] user"
- sys.exit()
-
def parse_options():
- parser = OptionParser()
+ usage = "%prog [-a|--all] [-n|--notranslate] [-v|--verbose] user"
+ parser = OptionParser(usage=usage)
parser.add_option("-a", "--all", action="store_true", dest="all",
help="Display all attributes")
parser.add_option("-n", "--notranslate", action="store_true",
dest="notranslate",
help="Don't translate LDAP attributes into readable labels")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ ipa.config.verify_args(parser, args, "user")
+ ipa.config.init_config(options)
return options, args
@@ -88,20 +85,17 @@ def main():
user={}
options, args = parse_options()
- if options.usage or len(args) != 2:
- usage()
-
client = ipaclient.IPAClient(verbose=options.verbose)
if options.all is None:
- users = client.find_users(args[1], sattrs=['uid','givenname','sn','homeDirectory','loginshell'])
+ users = client.find_users(args[0], sattrs=['uid','givenname','sn','homeDirectory','loginshell'])
else:
- users = client.find_users(args[1], sattrs=None)
+ users = client.find_users(args[0], sattrs=None)
counter = users[0]
users = users[1:]
userindex = 0
if counter == 0:
- print "No entries found for", args[1]
+ print "No entries found for", args[0]
return 2
elif counter == -1:
print "These results are truncated."
@@ -125,11 +119,8 @@ def main():
# Always have sn following givenname
try:
l = attr.index('givenname')
- try:
- attr.remove('sn')
- attr.insert(l+1, 'sn')
- except ValueError:
- pass
+ attr.remove('sn')
+ attr.insert(l+1, 'sn')
except ValueError:
pass
@@ -152,7 +143,7 @@ def main():
for l in value:
print "\t" + wrap_binary_data(l)
# blank line between results
- print
+ print
return 0
diff --git a/ipa-admintools/ipa-listdelegation b/ipa-admintools/ipa-listdelegation
index 5e0b848df..46ddf3a3f 100644
--- a/ipa-admintools/ipa-listdelegation
+++ b/ipa-admintools/ipa-listdelegation
@@ -51,16 +51,13 @@ def parse_options():
help="Name of delegation")
parser.add_option("-t", "--target", dest="target",
help="Target group of delegation")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
-
- if options.usage or len(args) != 1:
- parser.error("too many arguments")
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ ipa.config.verify_args(parser, args)
+ ipa.config.init_config(options)
return options, args
diff --git a/ipa-admintools/ipa-lockuser b/ipa-admintools/ipa-lockuser
index 4940a715b..85f2d5bfb 100644
--- a/ipa-admintools/ipa-lockuser
+++ b/ipa-admintools/ipa-lockuser
@@ -38,35 +38,29 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-lockuser [-u|--unlock] [-v|--verbose] user"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
+ usage = "%prog [-u|--unlock] [-v|--verbose] user"
+ parser = OptionParser(usage=usage)
parser.add_option("-u", "--unlock", action="store_true", dest="unlock",
help="Unlock a user's account")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ ipa.config.verify_args(parser, args, "user")
+ ipa.config.init_config(options)
return options, args
def main():
options, args = parse_options()
- if options.usage or len(args) != 2:
- usage()
-
msg = "inactivated"
client = ipaclient.IPAClient(verbose=options.verbose)
if options.unlock:
try:
- ret = client.mark_user_active(args[1])
+ ret = client.mark_user_active(args[0])
msg = "unlocked"
except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST):
print "User is already marked active"
@@ -75,13 +69,13 @@ def main():
raise
else:
try:
- ret = client.mark_user_inactive(args[1])
+ ret = client.mark_user_inactive(args[0])
except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST):
print "User is already marked inactive"
return 0
except:
raise
- print args[1] + " successfully %s" % msg
+ print args[0] + " successfully %s" % msg
return 0
diff --git a/ipa-admintools/ipa-moddelegation b/ipa-admintools/ipa-moddelegation
index e52d9fa4c..86e12c17b 100644
--- a/ipa-admintools/ipa-moddelegation
+++ b/ipa-admintools/ipa-moddelegation
@@ -45,13 +45,10 @@ error was:
aci_fields = ['*', 'aci']
-def usage():
- print "ipa-moddelegation [-l|--list]"
- print "ipa-moddelegation [-a|--attributes attr1,attr2,..,attrn] [-s|--source STRING] [-t|--target STRING] [-v|--verbose] name"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
+ usage = "%prog -l|--list\n"
+ usage += "%prog [-a|--attributes attr1,attr2,..,attrn] [-s|--source STRING] [-t|--target STRING] [-v|--verbose] name"
+ parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter())
parser.add_option("-a", "--attributes", dest="attributes",
help="The attributes the source group may change in the target group")
parser.add_option("-l", "--list", dest="list", action="store_true",
@@ -60,13 +57,18 @@ def parse_options():
help="The source group name")
parser.add_option("-t", "--target", dest="target",
help="The target group name")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+
+ if not options.list:
+ if not options.attributes and not options.source and not options.target:
+ parser.error("need at least one option of -a, -s, or -t")
+ ipa.config.verify_args(parser, args, "name")
+
+ ipa.config.init_config(options)
return options, args
@@ -82,12 +84,6 @@ def main():
print x
return 0
- if options.usage or len(args) != 2:
- usage()
-
- if not options.attributes and not options.source and not options.target:
- usage()
-
client = ipaclient.IPAClient(verbose=options.verbose)
# first do some sanity checking
@@ -99,7 +95,7 @@ def main():
groupindex = -1
if counter == 0:
print "No entries found for %s" % options.source
- return 2
+ return 2
elif counter == -1:
print "These results are truncated."
print "Please refine your search and try again."
@@ -121,7 +117,7 @@ def main():
groupindex = -1
if counter == 0:
print "No entries found for %s" % options.target
- return 2
+ return 2
elif counter == -1:
print "These results are truncated."
print "Please refine your search and try again."
@@ -155,7 +151,7 @@ def main():
for aci_str in aci_str_list:
try:
old_aci = ipa.aci.ACI(aci_str)
- if old_aci.name == args[1]:
+ if old_aci.name == args[0]:
acistr = aci_str
orig_group = old_aci.source_group
else:
@@ -165,13 +161,13 @@ def main():
pass
if acistr is None:
- print "No delegation %s found." % args[1]
+ print "No delegation %s found." % args[0]
return 2
old_aci_index = aci_str_list.index(acistr)
new_aci = ipa.aci.ACI()
- new_aci.name = args[1]
+ new_aci.name = args[0]
if options.source:
new_aci.source_group = source_grp[0].dn
else:
@@ -212,7 +208,7 @@ def main():
# This is ok, ignore it
pass
- print "Delegation %s successfully updated" % args[1]
+ print "Delegation %s successfully updated" % args[0]
return 0
try:
diff --git a/ipa-admintools/ipa-modgroup b/ipa-admintools/ipa-modgroup
index 8ca8b1f94..115916a9d 100644
--- a/ipa-admintools/ipa-modgroup
+++ b/ipa-admintools/ipa-modgroup
@@ -40,18 +40,15 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-modgroup [-l|--list]"
- print "ipa-modgroup [-a|--add] [-r|--remove] [-v|--verbose] user group"
- print "ipa-modgroup [-g|--groupadd] [-e|--groupdel] [-v|--verbose] group group"
- print "ipa-modgroup [-d|--desc description STRING] [--addattr attribute=value] [--delattr attribute] [--setattr attribute=value] [-v|--verbose] group"
- sys.exit(1)
-
def set_add_usage(which):
print "%s option usage: --%s NAME=VALUE" % (which, which)
def parse_options():
- parser = OptionParser()
+ usage = "%prog [-l|--list]\n"
+ usage += "%prog [-a|--add] [-r|--remove] [-v|--verbose] user group\n"
+ usage += "%prog [-g|--groupadd] [-e|--groupdel] [-v|--verbose] group group\n"
+ usage += "%prog [-d|--desc description STRING] [--addattr attribute=value] [--delattr attribute] [--setattr attribute=value] [-v|--verbose] group"
+ parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter())
parser.add_option("-a", "--add", dest="add", action="store_true",
help="Add a user to the group")
parser.add_option("-r", "--remove", dest="remove", action="store_true",
@@ -60,7 +57,7 @@ def parse_options():
help="Add a group to the group")
parser.add_option("-e", "--groupdel", dest="groupdel", action="store_true",
help="Remove a group from the group")
- parser.add_option("-d", "--description", dest="desc",
+ parser.add_option("-d", "--description", dest="desc",
help="Modify the description of the group")
parser.add_option("--addattr", dest="addattr",
help="Adds an attribute or values to that attribute, attr=value",
@@ -72,19 +69,27 @@ def parse_options():
action="append")
parser.add_option("-l", "--list", dest="list", action="store_true",
help="List common attributes (this is not an exhaustive list)")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
if ((not options.add and not options.remove) and
(not options.groupadd and not options.groupdel) and
(not options.desc and not options.addattr and
not options.delattr and not options.setattr and not options.list)):
- usage()
+ parser.error("need to specify at least one operation")
+
+ if not options.list:
+ if options.add or options.remove:
+ ipa.config.verify_args(parser, args, "user group")
+ elif options.groupadd or option.groupdel:
+ ipa.config.verify_args(parser, args, "group group")
+ elif options.desc or options.addattr or options.delattr or options.setattr:
+ ipa.config.verify_args(parser, args, "group")
+
+ ipa.config.init_config(options)
return options, args
@@ -118,56 +123,49 @@ def main():
print x
return 0
- if options.usage:
- usage()
- if (options.add or options.remove) and (len(args) != 3):
- usage()
- elif ((options.desc or options.addattr or options.delattr or options.setattr) and (len(args) != 2)):
- usage()
-
client = ipaclient.IPAClient(verbose=options.verbose)
if options.add:
- group = get_group(client, options, args[2])
+ group = get_group(client, options, args[1])
if group is None:
return 1
- users = args[1].split(',')
+ users = args[0].split(',')
for user in users:
client.add_user_to_group(user, group.dn)
- print user + " successfully added to " + args[2]
+ print user + " successfully added to " + args[1]
elif options.remove:
- group = get_group(client, options, args[2])
+ group = get_group(client, options, args[1])
if group is None:
return 1
- users = args[1].split(',')
+ users = args[0].split(',')
for user in users:
client.remove_user_from_group(user, group.dn)
print user + " successfully removed"
elif options.groupadd:
- group = get_group(client, options, args[2])
+ group = get_group(client, options, args[1])
if group is None:
return 1
- groups = args[1].split(',')
+ groups = args[0].split(',')
for g in groups:
tgroup = get_group(client, options, g)
if tgroup is not None:
client.add_group_to_group(tgroup.dn, group.dn)
- print g + " successfully added to " + args[2]
+ print g + " successfully added to " + args[1]
else:
print "Group %s not found" % g
elif options.groupdel:
- group = get_group(client, options, args[2])
+ group = get_group(client, options, args[1])
if group is None:
return 1
- groups = args[1].split(',')
+ groups = args[0].split(',')
for g in groups:
tgroup = get_group(client, options, g)
if tgroup is not None:
client.remove_member_from_group(tgroup.dn, group.dn)
- print g + " successfully removed " + args[2]
+ print g + " successfully removed " + args[1]
else:
print "Group %s not found" % g
else:
- group = get_group(client, options, args[1])
+ group = get_group(client, options, args[0])
if group is None:
return 1
@@ -202,7 +200,7 @@ def main():
group.setValue(attr, value)
client.update_group(group)
- print args[1] + " successfully updated"
+ print args[0] + " successfully updated"
return 0
diff --git a/ipa-admintools/ipa-moduser b/ipa-admintools/ipa-moduser
index 4ea40632e..5f0bc6af6 100644
--- a/ipa-admintools/ipa-moduser
+++ b/ipa-admintools/ipa-moduser
@@ -41,16 +41,13 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-moduser [--list]"
- print "ipa-moduser [-a|--activate] [-c|--gecos STRING] [-d|--directory STRING] [-f|--firstname STRING] [-l|--lastname STRING] [-s|--shell STRING] [--addattr attribute=value] [--delattr attribute] [--setattr attribute=value] [-v|--verbose] user"
- sys.exit(1)
-
def set_add_usage(which):
print "%s option usage: --%s NAME=VALUE" % (which, which)
def parse_options():
- parser = OptionParser()
+ usage = "%prog --list\n"
+ usage = "%prog [options] user"
+ parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter())
parser.add_option("-a", "--activate", dest="activate", action="store_true",
help="Activate the user")
parser.add_option("-c", "--gecos", dest="gecos",
@@ -75,13 +72,16 @@ def parse_options():
help="List common attributes (this is not an exhaustive list)")
parser.add_option("-M", "--mailAddress", dest="mail",
help="Set user's e-mail address")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+
+ if not options.list:
+ ipa.config.verify_args(parser, args, "user")
+
+ ipa.config.init_config(options)
return options, args
@@ -108,10 +108,7 @@ def main():
print x
return 0
- if options.usage or len(args) != 2:
- usage()
-
- username = args[1]
+ username = args[0]
client = ipaclient.IPAClient(verbose=options.verbose)
try:
@@ -197,7 +194,7 @@ def main():
if len(s) != 2:
set_add_usage("set")
sys.exit(1)
- (attr,value) = s
+ (attr,value) = s
user.setValue(attr, value)
if options.addattr:
diff --git a/ipa-admintools/ipa-passwd b/ipa-admintools/ipa-passwd
index 2dd574ee4..616e6cac8 100644
--- a/ipa-admintools/ipa-passwd
+++ b/ipa-admintools/ipa-passwd
@@ -40,19 +40,17 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-passwd [-v|--verbose] [user]"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
- parser.add_option("--usage", action="store_true",
- help="Program usage")
+ usage = "ipa-passwd [-v|--verbose] [user]"
+ parser = OptionParser(usage=usage)
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+ if len(args) > 1:
+ parser.error("too many arguments")
+ ipa.config.init_config(options)
return options, args
@@ -74,13 +72,10 @@ def main():
options, args = parse_options()
- if options.usage:
- usage()
-
krbctx = krbV.default_context()
- if len(args) == 2:
- username = args[1]
+ if len(args) == 1:
+ username = args[0]
else:
principal = get_principal(krbctx)
if principal is None:
diff --git a/ipa-admintools/ipa-pwpolicy b/ipa-admintools/ipa-pwpolicy
index 5621857f2..ee391842d 100644
--- a/ipa-admintools/ipa-pwpolicy
+++ b/ipa-admintools/ipa-pwpolicy
@@ -39,13 +39,10 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-pwpolicy [--maxlife days] [--minlife hours] [--history number] [--minclasses number] [--minlength number] [-v|--verbose]"
- print "ipa-pwpolicy --show"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
+ usage = "ipa-pwpolicy [--maxlife days] [--minlife hours] [--history number] [--minclasses number] [--minlength number] [-v|--verbose]\n"
+ usage = "ipa-pwpolicy --show"
+ parser = OptionParser(usage=usage, formatter=ipa.config.IPAFormatter())
parser.add_option("--maxlife", dest="maxlife",
help="Max. Password Lifetime (days)")
parser.add_option("--minlife", dest="minlife",
@@ -63,8 +60,14 @@ def parse_options():
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
help="Verbose output of the XML-RPC connection")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+
+ if not options.show:
+ if not options.maxlife and not options.minlife and not options.history and not options.minclasses and not options.minlength:
+ parser.error("need at least one option of --maxlife, --minlife, --history, --minclasses or --minlength")
+
+ ipa.config.init_config(options)
return options, args
@@ -78,9 +81,6 @@ def show_policy(client):
print "Password History Size: %s" % policy.getValues('krbpwdhistorylength')
def update_policy(client, options):
- if not options.maxlife and not options.minlife and not options.history and not options.minclasses and not options.minlength:
- usage()
-
current = client.get_password_policy()
new = ipa.entity.Entity(current.toDict())
@@ -113,12 +113,9 @@ def update_policy(client, options):
def main():
options, args = parse_options()
- if options.usage:
- usage()
-
client = ipaclient.IPAClient(verbose=options.verbose)
- if options.show:
+ if options.show:
show_policy(client)
return 0
diff --git a/ipa-python/config.py b/ipa-python/config.py
index 5a9770e83..65ce30d9c 100644
--- a/ipa-python/config.py
+++ b/ipa-python/config.py
@@ -18,7 +18,7 @@
#
import ConfigParser
-from optparse import OptionParser
+from optparse import OptionParser, IndentedHelpFormatter
import krbV
import socket
@@ -35,6 +35,30 @@ class IPAConfigError(Exception):
__str__ = __repr__
+class IPAFormatter(IndentedHelpFormatter):
+ """Our own optparse formatter that indents multiple lined usage string."""
+ def format_usage(self, usage):
+ usage_string = "Usage:"
+ spacing = " " * len(usage_string)
+ lines = usage.split("\n")
+ ret = "%s %s\n" % (usage_string, lines[0])
+ for line in lines[1:]:
+ ret += "%s %s\n" % (spacing, line)
+ return ret
+
+def verify_args(parser, args, needed_args = None):
+ """Verify that we have all positional arguments we need, if not, exit."""
+ if needed_args:
+ needed_list = needed_args.split(" ")
+ else:
+ needed_list = []
+ len_need = len(needed_list)
+ len_have = len(args)
+ if len_have > len_need:
+ parser.error("too many arguments")
+ elif len_have < len_need:
+ parser.error("no %s specified" % needed_list[len_have])
+
class IPAConfig:
def __init__(self):
self.default_realm = None
@@ -69,9 +93,15 @@ def __parse_config():
try:
if not config.default_realm:
config.default_realm = p.get("defaults", "realm")
+ except:
+ pass
+ try:
if not len(config.default_server):
s = p.get("defaults", "server")
config.default_server = re.sub("\s+", "", s).split(',')
+ except:
+ pass
+ try:
if not config.default_domain:
config.default_domain = p.get("defaults", "domain")
except:
@@ -118,53 +148,27 @@ def __discover_config():
except:
pass
-def usage():
- return """ --realm\tset the IPA realm
- --server\tset the IPA server
- --domain\tset the IPA dns domain
-"""
-
-def __parse_args(args):
- # Can't use option parser because it doesn't easily leave
- # unknown arguments - creating our own seems simpler.
- #
- # should make this more robust and handle --realm=foo syntax
- out_args = []
- i = 0
- while i < len(args):
- if args[i] == "--realm":
- if i == len(args) - 1:
- raise IPAConfigError("missing argument to --realm")
- config.default_realm = args[i + 1]
- i = i + 2
- continue
- if args[i] == "--server":
- if i == len(args) - 1:
- raise IPAConfigError("missing argument to --server")
- config.default_server.append(args[i + 1])
- i = i + 2
- continue
- if args[i] == "--domain":
- if i == len(args) - 1:
- raise IPAConfigError("missing argument to --domain")
- config.default_domain = args[i + 1]
- i = i + 2
- continue
- out_args.append(args[i])
- i = i + 1
-
- return out_args
-
-
-def init_config(args=None):
- out_args = None
- if args:
- out_args = __parse_args(args)
+def add_standard_options(parser):
+ parser.add_option("--realm", dest="realm", help="Override default IPA realm")
+ parser.add_option("--server", dest="server", help="Override default IPA server")
+ parser.add_option("--domain", dest="domain", help="Override default IPA DNS domain")
+
+def init_config(options=None):
+ if options:
+ config.default_realm = options.realm
+ config.default_domain = options.domain
+ if options.server:
+ config.default_server.extend(options.server.split(","))
__parse_config()
__discover_config()
- config.default_server = list(set(config.default_server))
+ # make sure the server list only contains unique items
+ new_server = []
+ for server in config.default_server:
+ if server not in new_server:
+ new_server.append(server)
+ config.default_server = new_server
if not config.default_realm:
raise IPAConfigError("IPA realm not found in DNS, in the config file (/etc/ipa/ipa.conf) or on the command line.")
@@ -172,6 +176,3 @@ def init_config(args=None):
raise IPAConfigError("IPA server not found in DNS, in the config file (/etc/ipa/ipa.conf) or on the command line.")
if not config.default_domain:
raise IPAConfigError("IPA domain not found in the config file (/etc/ipa/ipa.conf) or on the command line.")
-
- if out_args:
- return out_args
diff --git a/ipa-radius-admintools/ipa-addradiusclient b/ipa-radius-admintools/ipa-addradiusclient
index 1db571a71..4f97c648a 100644
--- a/ipa-radius-admintools/ipa-addradiusclient
+++ b/ipa-radius-admintools/ipa-addradiusclient
@@ -81,13 +81,15 @@ def main():
opt_parser.set_usage("Usage: %s [options] %s" % (distinguished_attr, os.path.basename(sys.argv[0])))
- args = ipa.config.init_config(sys.argv)
- options, args = opt_parser.parse_args(args)
+ ipa.config.add_standard_options(opt_parser)
+ options, args = opt_parser.parse_args()
- if len(args) < 2:
+ if len(args) < 1:
opt_parser.error('missing %s' % (distinguished_attr))
- ip_addr = args[1]
+ ipa.config.init_config(options)
+
+ ip_addr = args[0]
pairs[distinguished_attr] = ip_addr
# Get pairs from a file or stdin
diff --git a/ipa-radius-admintools/ipa-addradiusprofile b/ipa-radius-admintools/ipa-addradiusprofile
index 66db52267..aa3bf9c1f 100644
--- a/ipa-radius-admintools/ipa-addradiusprofile
+++ b/ipa-radius-admintools/ipa-addradiusprofile
@@ -77,13 +77,15 @@ def main():
opt_parser.set_usage("Usage: %s [options] %s" % (distinguished_attr, os.path.basename(sys.argv[0])))
- args = ipa.config.init_config(sys.argv)
- options, args = opt_parser.parse_args(args)
+ ipa.config.add_standard_options(opt_parser)
+ options, args = opt_parser.parse_args()
- if len(args) < 2:
+ if len(args) < 1:
opt_parser.error('missing %s' % (distinguished_attr))
- uid = args[1]
+ ipa.config.init_config(options)
+
+ uid = args[0]
user_profile = not options.shared
pairs[distinguished_attr] = uid
diff --git a/ipa-radius-admintools/ipa-delradiusclient b/ipa-radius-admintools/ipa-delradiusclient
index dd26e8ac9..ee5e2e797 100644
--- a/ipa-radius-admintools/ipa-delradiusclient
+++ b/ipa-radius-admintools/ipa-delradiusclient
@@ -46,13 +46,15 @@ def main():
help="detailed help information")
opt_parser.set_usage("Usage: %s [options] Client-IP-Address" % (os.path.basename(sys.argv[0])))
- args = ipa.config.init_config(sys.argv)
- options, args = opt_parser.parse_args(args)
+ ipa.config.add_standard_options(opt_parser)
+ options, args = opt_parser.parse_args()
- if len(args) < 2:
+ if len(args) < 1:
opt_parser.error("missing Client-IP-Address")
- ip_addr = args[1]
+ ipa.config.init_config(options)
+
+ ip_addr = args[0]
try:
ipa_client = ipaclient.IPAClient()
diff --git a/ipa-radius-admintools/ipa-delradiusprofile b/ipa-radius-admintools/ipa-delradiusprofile
index f77d01747..d5be88a76 100644
--- a/ipa-radius-admintools/ipa-delradiusprofile
+++ b/ipa-radius-admintools/ipa-delradiusprofile
@@ -48,13 +48,15 @@ def main():
help="detailed help information")
opt_parser.set_usage("Usage: %s [options] UID" % (os.path.basename(sys.argv[0])))
- args = ipa.config.init_config(sys.argv)
- options, args = opt_parser.parse_args(args)
+ ipa.config.add_standard_options(opt_parser)
+ options, args = opt_parser.parse_args()
- if len(args) < 2:
+ if len(args) < 1:
opt_parser.error("missing UID")
- uid = args[1]
+ ipa.config.init_config(options)
+
+ uid = args[0]
user_profile = not options.shared
# Per user profiles are pre-created (i.e. objectclass radiusprofile is always added for each user)
diff --git a/ipa-radius-admintools/ipa-findradiusclient b/ipa-radius-admintools/ipa-findradiusclient
index ade4bd397..12bb9bcfe 100644
--- a/ipa-radius-admintools/ipa-findradiusclient
+++ b/ipa-radius-admintools/ipa-findradiusclient
@@ -56,15 +56,17 @@ def main():
opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback,
help="detailed help information")
- args = ipa.config.init_config(sys.argv)
- options, args = opt_parser.parse_args(args)
+ ipa.config.add_standard_options(opt_parser)
+ options, args = opt_parser.parse_args()
opt_parser.set_usage("Usage: %s [options] Client-IP-Address [Client-IP-Address ...]" % (os.path.basename(sys.argv[0])))
- if len(args) < 2:
+ if len(args) < 1:
opt_parser.error("missing Client-IP-Address(es)")
- ip_addrs = args[1:]
+ ipa.config.init_config(options)
+
+ ip_addrs = args
try:
ipa_client = ipaclient.IPAClient()
diff --git a/ipa-radius-admintools/ipa-findradiusprofile b/ipa-radius-admintools/ipa-findradiusprofile
index ba714068a..01efa2c03 100644
--- a/ipa-radius-admintools/ipa-findradiusprofile
+++ b/ipa-radius-admintools/ipa-findradiusprofile
@@ -58,15 +58,17 @@ def main():
opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback,
help="detailed help information")
- args = ipa.config.init_config(sys.argv)
- options, args = opt_parser.parse_args(args)
+ ipa.config.add_standard_options(opt_parser)
+ options, args = opt_parser.parse_args()
opt_parser.set_usage("Usage: %s [options] UID [UID ...]" % (os.path.basename(sys.argv[0])))
- if len(args) < 2:
+ if len(args) < 1:
opt_parser.error("missing UID(es)")
- uids = args[1:]
+ ipa.config.init_config(options)
+
+ uids = args
user_profile = not options.shared
try:
diff --git a/ipa-radius-admintools/ipa-modradiusclient b/ipa-radius-admintools/ipa-modradiusclient
index 9e973b121..2a37929e9 100644
--- a/ipa-radius-admintools/ipa-modradiusclient
+++ b/ipa-radius-admintools/ipa-modradiusclient
@@ -82,13 +82,15 @@ def main():
opt_parser.set_usage("Usage: %s [options] %s" % (distinguished_attr, os.path.basename(sys.argv[0])))
- args = ipa.config.init_config(sys.argv)
- options, args = opt_parser.parse_args(args)
+ ipa.config.add_standard_options(opt_parser)
+ options, args = opt_parser.parse_args()
- if len(args) < 2:
+ if len(args) < 1:
opt_parser.error('missing %s' % (distinguished_attr))
- ip_addr = args[1]
+ ipa.config.init_config(options)
+
+ ip_addr = args[0]
# Verify entity previously exists and get current values
ipa_client = ipaclient.IPAClient()
diff --git a/ipa-radius-admintools/ipa-modradiusprofile b/ipa-radius-admintools/ipa-modradiusprofile
index 405abcfcc..20586be58 100644
--- a/ipa-radius-admintools/ipa-modradiusprofile
+++ b/ipa-radius-admintools/ipa-modradiusprofile
@@ -78,13 +78,15 @@ def main():
opt_parser.set_usage("Usage: %s [options] %s" % (distinguished_attr, os.path.basename(sys.argv[0])))
- args = ipa.config.init_config(sys.argv)
- options, args = opt_parser.parse_args(args)
+ ipa.config.add_standard_options(opt_parser)
+ options, args = opt_parser.parse_args()
- if len(args) < 2:
+ if len(args) < 1:
opt_parser.error('missing %s' % (distinguished_attr))
- uid = args[1]
+ ipa.config.init_config(options)
+
+ uid = args[0]
user_profile = not options.shared
# Verify entity previously exists and get current values
diff --git a/ipa-server/ipa-fix-CVE-2008-3274 b/ipa-server/ipa-fix-CVE-2008-3274
index 0bcdf2b8e..3d8324e00 100644
--- a/ipa-server/ipa-fix-CVE-2008-3274
+++ b/ipa-server/ipa-fix-CVE-2008-3274
@@ -30,7 +30,7 @@ try:
from ldap import LDAPError
from ldap import ldapobject
- from ipaclient import ipachangeconf
+ from ipaclient import ipachangeconf
from ipaserver import ipaldap
from pyasn1.type import univ, namedtype
@@ -48,23 +48,23 @@ error was:
""" % sys.exc_value
sys.exit(1)
-def usage():
- print "ipa-fix-CVE-2008-3274 [--check] [--fix] [--fix-replica]"
- sys.exit(1)
-
def parse_options():
- parser = OptionParser()
+ parser = OptionParser("%prog [--check] [--fix] [--fix-replica]")
parser.add_option("--check", dest="check", action="store_true",
help="Just check for the vulnerability and report (default action)")
parser.add_option("--fix", dest="fix", action="store_true",
help="Run checks and start procedure to fix the problem")
parser.add_option("--fix-replica", dest="fix_replica", action="store_true",
help="Fix a replica after the tool has been tun with --fix on another master")
- parser.add_option("--usage", action="store_true",
- help="Program usage")
- args = ipa.config.init_config(sys.argv)
- options, args = parser.parse_args(args)
+ ipa.config.add_standard_options(parser)
+ options, args = parser.parse_args()
+
+ ipa.config.verify_args(parser, args)
+ if not options.fix and not options.fix_replica and not options.check:
+ parser.error("please specify at least one option")
+
+ ipa.config.init_config(options)
return options, args
@@ -99,9 +99,20 @@ def check_vuln(realm, suffix):
# We support only des3 encoded stash files for now
def generate_new_stash_file(file):
- odd_parity_bytes_pool = ['\x01', '\x02', '\x04', '\x07', '\x08', '\x0b', '\r', '\x0e', '\x10', '\x13', '\x15', '\x16', '\x19', '\x1a', '\x1c', '\x1f', ' ', '#', '%', '&', ')', '*', ',', '/', '1', '2', '4', '7', '8', ';', '=', '>', '@', 'C', 'E', 'F', 'I', 'J', 'L', 'O', 'Q', 'R', 'T', 'W', 'X', '[', ']', '^', 'a', 'b', 'd', 'g', 'h', 'k', 'm', 'n', 'p', 's', 'u', 'v', 'y', 'z', '|', '\x7f', '\x80', '\x83', '\x85', '\x86', '\x89', '\x8a', '\x8c', '\x8f', '\x91', '\x92', '\x94', '\x97', '\x98', '\x9b', '\x9d', '\x9e', '\xa1', '\xa2', '\xa4', '\xa7', '\xa8', '\xab', '\xad', '\xae', '\xb0', '\xb3', '\xb5', '\xb6', '\xb9', '\xba', '\xbc', '\xbf', '\xc1', '\xc2', '\xc4', '\xc7', '\xc8', '\xcb', '\xcd', '\xce', '\xd0', '\xd3', '\xd5', '\xd6', '\xd9', '\xda', '\xdc', '\xdf', '\xe0', '\xe3',
-'\xe5', '\xe6', '\xe9', '\xea', '\xec', '\xef', '\xf1', '\xf2', '\xf4', '\xf7',
-'\xf8', '\xfb', '\xfd', '\xfe']
+ odd_parity_bytes_pool = ['\x01', '\x02', '\x04', '\x07', '\x08', '\x0b',
+ '\r', '\x0e', '\x10', '\x13', '\x15', '\x16', '\x19', '\x1a', '\x1c',
+ '\x1f', ' ', '#', '%', '&', ')', '*', ',', '/', '1', '2', '4', '7', '8',
+ ';', '=', '>', '@', 'C', 'E', 'F', 'I', 'J', 'L', 'O', 'Q', 'R', 'T',
+ 'W', 'X', '[', ']', '^', 'a', 'b', 'd', 'g', 'h', 'k', 'm', 'n', 'p',
+ 's', 'u', 'v', 'y', 'z', '|', '\x7f', '\x80', '\x83', '\x85', '\x86',
+ '\x89', '\x8a', '\x8c', '\x8f', '\x91', '\x92', '\x94', '\x97', '\x98',
+ '\x9b', '\x9d', '\x9e', '\xa1', '\xa2', '\xa4', '\xa7', '\xa8', '\xab',
+ '\xad', '\xae', '\xb0', '\xb3', '\xb5', '\xb6', '\xb9', '\xba', '\xbc',
+ '\xbf', '\xc1', '\xc2', '\xc4', '\xc7', '\xc8', '\xcb', '\xcd', '\xce',
+ '\xd0', '\xd3', '\xd5', '\xd6', '\xd9', '\xda', '\xdc', '\xdf', '\xe0',
+ '\xe3', '\xe5', '\xe6', '\xe9', '\xea', '\xec', '\xef', '\xf1', '\xf2',
+ '\xf4', '\xf7', '\xf8', '\xfb', '\xfd', '\xfe']
+
pool_len = len(odd_parity_bytes_pool)
keytype = 16 # des3
keydata = ""
@@ -467,13 +478,6 @@ def main():
options, args = parse_options()
- if options.usage:
- usage()
-
- if not options.fix and not options.fix_replica and not options.check:
- print "use --help for more info"
- usage()
-
if options.fix or options.fix_replica:
password = getpass.getpass("Directory Manager password: ")
diff --git a/ipa-server/ipa-install/ipa-replica-prepare b/ipa-server/ipa-install/ipa-replica-prepare
index ab2e6af8f..67445e394 100644
--- a/ipa-server/ipa-install/ipa-replica-prepare
+++ b/ipa-server/ipa-install/ipa-replica-prepare
@@ -39,8 +39,6 @@ def usage():
def parse_options():
parser = OptionParser(version=version.VERSION)
- args = ipa.config.init_config(sys.argv)
-
parser.add_option("--dirsrv_pkcs12", dest="dirsrv_pkcs12",
help="install certificate for the directory server")
parser.add_option("--http_pkcs12", dest="http_pkcs12",
@@ -52,7 +50,7 @@ def parse_options():
parser.add_option("-p", "--password", dest="password",
help="Directory Manager (existing master) password")
- options, args = parser.parse_args(args)
+ options, args = parser.parse_args()
# If any of the PKCS#12 options are selected, all are required. Create a
# list of the options and count it to enforce that all are required without
@@ -62,9 +60,11 @@ def parse_options():
if cnt > 0 and cnt < 4:
parser.error("error: All PKCS#12 options are required if any are used.")
- if len(args) != 2:
+ if len(args) != 1:
parser.error("must provide the fully-qualified name of the replica")
+ ipa.config.init_config(options)
+
return options, args
def get_host_name():
@@ -171,7 +171,7 @@ def get_dirman_password():
def main():
options, args = parse_options()
- replica_fqdn = args[1]
+ replica_fqdn = args[0]
if not ipautil.file_exists(certs.CA_SERIALNO) and not options.dirsrv_pin:
sys.exit("The replica must be created on the primary IPA server.\nIf you installed IPA with your own certificates using PKCS#12 files you must provide PKCS#12 files for any replicas you create as well.")
generated by cgit (git 2.34.1) at 2024-04-25 09:56:15 +0000