summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ipalib/plugins/aci.py4
-rw-r--r--ipalib/plugins/delegation.py2
-rw-r--r--ipalib/plugins/group.py4
-rw-r--r--ipalib/plugins/hbacrule.py2
-rw-r--r--ipalib/plugins/hbacsvcgroup.py4
-rw-r--r--ipalib/plugins/hbactest.py6
-rw-r--r--ipalib/plugins/hostgroup.py4
-rw-r--r--ipalib/plugins/netgroup.py2
-rw-r--r--ipalib/plugins/selfservice.py10
-rw-r--r--ipalib/plugins/sudocmdgroup.py2
10 files changed, 21 insertions, 19 deletions
diff --git a/ipalib/plugins/aci.py b/ipalib/plugins/aci.py
index 4bfcf2589..eddb26a47 100644
--- a/ipalib/plugins/aci.py
+++ b/ipalib/plugins/aci.py
@@ -101,10 +101,10 @@ command-line now (see last example).
ipa aci-add --permissions=write --attrs=member --targetgroup=admins --group=editors --prefix=none "Editors manage admins"
Add an ACI that allows members of the admins group to manage the street and zip code of those in the editors group:
- ipa aci-add --permissions=write --memberof=editors --group=admins --attrs=street,postalcode --prefix=none "admins edit the address of editors"
+ ipa aci-add --permissions=write --memberof=editors --group=admins --attrs=street --attrs=postalcode --prefix=none "admins edit the address of editors"
Add an ACI that allows the admins group manage the street and zipcode of those who work for the boss:
- ipa aci-add --permissions=write --group=admins --attrs=street,postalcode --filter="(manager=uid=boss,cn=users,cn=accounts,dc=example,dc=com)" --prefix=none "Edit the address of those who work for the boss"
+ ipa aci-add --permissions=write --group=admins --attrs=street --attrs=postalcode --filter="(manager=uid=boss,cn=users,cn=accounts,dc=example,dc=com)" --prefix=none "Edit the address of those who work for the boss"
Add an entirely new kind of record to IPA that isn't covered by any of the --type options, creating a permission:
ipa permission-add --permissions=add --subtree="cn=*,cn=orange,cn=accounts,dc=example,dc=com" --desc="Add Orange Entries" add_orange
diff --git a/ipalib/plugins/delegation.py b/ipalib/plugins/delegation.py
index 6228cc50f..bab76ccbc 100644
--- a/ipalib/plugins/delegation.py
+++ b/ipalib/plugins/delegation.py
@@ -43,7 +43,7 @@ EXAMPLES:
When managing the list of attributes you need to include all attributes
in the list, including existing ones. Add postalCode to the list:
- ipa delegation-mod --attrs=street,postalCode --group=managers --membergroup=employees "managers edit employees' street"
+ ipa delegation-mod --attrs=street --attrs=postalCode --group=managers --membergroup=employees "managers edit employees' street"
Display our updated rule:
ipa delegation-show "managers edit employees' street"
diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py
index 7c61db672..19b127e16 100644
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@@ -68,8 +68,8 @@ EXAMPLES:
To add the "remoteadmins" group to the "localadmins" group:
ipa group-add-member --groups=remoteadmins localadmins
- Add a list of users to the "localadmins" group:
- ipa group-add-member --users=test1,test2 localadmins
+ Add multiple users to the "localadmins" group:
+ ipa group-add-member --users=test1 --users=test2 localadmins
Remove a user from the "localadmins" group:
ipa group-remove-member --users=test2 localadmins
diff --git a/ipalib/plugins/hbacrule.py b/ipalib/plugins/hbacrule.py
index 8bc4c6dfc..c36a78816 100644
--- a/ipalib/plugins/hbacrule.py
+++ b/ipalib/plugins/hbacrule.py
@@ -58,7 +58,7 @@ EXAMPLES:
the FTP service on any machine from any machine:
ipa hbacsvcgroup-add ftpers
ipa hbacsvc-add sftp
- ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers
+ ipa hbacsvcgroup-add-member --hbacsvcs=ftp --hbacsvcs=sftp ftpers
ipa hbacrule-add --hostcat=all --srchostcat=all john_ftp
ipa hbacrule-add-user --users=john john_ftp
ipa hbacrule-add-service --hbacsvcgroups=ftpers john_ftp
diff --git a/ipalib/plugins/hbacsvcgroup.py b/ipalib/plugins/hbacsvcgroup.py
index 35ca40fd8..8ef30d75f 100644
--- a/ipalib/plugins/hbacsvcgroup.py
+++ b/ipalib/plugins/hbacsvcgroup.py
@@ -33,14 +33,14 @@ EXAMPLES:
ipa hbacsvcgroup-add --desc="login services" login
Add members to an HBAC service group:
- ipa hbacsvcgroup-add-member --hbacsvcs=sshd,login login
+ ipa hbacsvcgroup-add-member --hbacsvcs=sshd --hbacsvcs=login login
Display information about a named group:
ipa hbacsvcgroup-show login
Add a new group to the "login" group:
ipa hbacsvcgroup-add --desc="switch users" login
- ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l login
+ ipa hbacsvcgroup-add-member --hbacsvcs=su --hbacsvcs=su-l login
Delete an HBAC service group:
ipa hbacsvcgroup-del login
diff --git a/ipalib/plugins/hbactest.py b/ipalib/plugins/hbactest.py
index 953b29858..55c8aab8c 100644
--- a/ipalib/plugins/hbactest.py
+++ b/ipalib/plugins/hbactest.py
@@ -90,7 +90,7 @@ EXAMPLES:
3. Test explicitly specified HBAC rules:
$ ipa hbactest --user=a1a --host=bar --service=sshd \\
- --rules=my-second-rule,myrule
+ --rules=myrule --rules=my-second-rule
---------------------
Access granted: False
---------------------
@@ -99,7 +99,7 @@ EXAMPLES:
4. Use all enabled HBAC rules in IPA database + explicitly specified rules:
$ ipa hbactest --user=a1a --host=bar --service=sshd \\
- --rules=my-second-rule,myrule --enabled
+ --rules=myrule --rules=my-second-rule --enabled
--------------------
Access granted: True
--------------------
@@ -117,7 +117,7 @@ EXAMPLES:
6. Test all disabled HBAC rules in IPA database + explicitly specified rules:
$ ipa hbactest --user=a1a --host=bar --service=sshd \\
- --rules=my-second-rule,myrule --disabled
+ --rules=myrule --rules=my-second-rule --disabled
---------------------
Access granted: False
---------------------
diff --git a/ipalib/plugins/hostgroup.py b/ipalib/plugins/hostgroup.py
index 7e6fe6d65..7ae438c0a 100644
--- a/ipalib/plugins/hostgroup.py
+++ b/ipalib/plugins/hostgroup.py
@@ -37,8 +37,8 @@ EXAMPLES:
Add another new host group:
ipa hostgroup-add --desc="Maryland hosts" maryland
- Add members to the hostgroup:
- ipa hostgroup-add-member --hosts=box1,box2,box3 baltimore
+ Add members to the hostgroup (using Bash brace expansion):
+ ipa hostgroup-add-member --hosts={box1,box2,box3} baltimore
Add a hostgroup as a member of another hostgroup:
ipa hostgroup-add-member --hostgroups=baltimore maryland
diff --git a/ipalib/plugins/netgroup.py b/ipalib/plugins/netgroup.py
index 6321aa733..a2cf442d8 100644
--- a/ipalib/plugins/netgroup.py
+++ b/ipalib/plugins/netgroup.py
@@ -37,7 +37,7 @@ EXAMPLES:
ipa netgroup-add --desc="NFS admins" admins
Add members to the netgroup:
- ipa netgroup-add-member --users=tuser1,tuser2 admins
+ ipa netgroup-add-member --users=tuser1 --users=tuser2 admins
Remove a member from the netgroup:
ipa netgroup-remove-member --users=tuser2 admins
diff --git a/ipalib/plugins/selfservice.py b/ipalib/plugins/selfservice.py
index 78986263a..b2ea7677a 100644
--- a/ipalib/plugins/selfservice.py
+++ b/ipalib/plugins/selfservice.py
@@ -37,12 +37,14 @@ A Self-service permission defines what an object can change in its own entry.
EXAMPLES:
- Add a self-service rule to allow users to manage their address:
- ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st "Users manage their own address"
+ Add a self-service rule to allow users to manage their address (using Bash
+ brace expansion):
+ ipa selfservice-add --permissions=write --attrs={street,postalCode,l,c,st} "Users manage their own address"
When managing the list of attributes you need to include all attributes
- in the list, including existing ones. Add telephoneNumber to the list:
- ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber "Users manage their own address"
+ in the list, including existing ones.
+ Add telephoneNumber to the list (using Bash brace expansion):
+ ipa selfservice-mod --attrs={street,postalCode,l,c,st,telephoneNumber} "Users manage their own address"
Display our updated rule:
ipa selfservice-show "Users manage their own address"
diff --git a/ipalib/plugins/sudocmdgroup.py b/ipalib/plugins/sudocmdgroup.py
index 2124b84a5..0afa45819 100644
--- a/ipalib/plugins/sudocmdgroup.py
+++ b/ipalib/plugins/sudocmdgroup.py
@@ -36,7 +36,7 @@ EXAMPLES:
ipa sudocmdgroup-del admincmds
Manage Sudo Command Group membership, commands:
- ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less,/usr/bin/vim admincmds
+ ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less --sudocmds=/usr/bin/vim admincmds
Manage Sudo Command Group membership, commands:
ipa group-remove-member --sudocmds=/usr/bin/less admincmds
generated by cgit (git 2.34.1) at 2024-11-10 18:02:25 +0000