diff options
-rw-r--r-- | base/java-tools/man/man1/pki-user-cert.1 | 8 | ||||
-rw-r--r-- | base/java-tools/man/man1/pki-user-membership.1 | 84 | ||||
-rw-r--r-- | base/java-tools/man/man1/pki.1 | 6 | ||||
-rw-r--r-- | specs/pki-core.spec | 1 |
4 files changed, 95 insertions, 4 deletions
diff --git a/base/java-tools/man/man1/pki-user-cert.1 b/base/java-tools/man/man1/pki-user-cert.1 index 77a6c2bc7..4ecc45090 100644 --- a/base/java-tools/man/man1/pki-user-cert.1 +++ b/base/java-tools/man/man1/pki-user-cert.1 @@ -77,19 +77,19 @@ The above command will return entries #20 to #29. To view a certificate owned by a CA user, specify the user ID and the certificate ID in the following command: -.B pki <CA admin authentication> ca-user-show testuser \*(lq2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser\*(rq +.B pki <CA admin authentication> ca-user-cert-show testuser \*(lq2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser\*(rq To add a certificate to a CA user from a file, specify the user ID and the input file: -.B pki <CA admin authentication> ca-user-add testuser --input testuser.crt +.B pki <CA admin authentication> ca-user-cert-add testuser --input testuser.crt To add a certificate to a CA user from the certificate repository, specify the user ID and the serial number: -.B pki <CA admin authentication> ca-user-add testuser --serial 0x80 +.B pki <CA admin authentication> ca-user-cert-add testuser --serial 0x80 To delete a certificate from a CA user, specify the user ID and the certificate ID in the following command: -.B pki <CA admin authentication> ca-user-del testuser \*(lq2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser\*(rq +.B pki <CA admin authentication> ca-user-cert-del testuser \*(lq2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser\*(rq .SH AUTHORS Endi S. Dewata <edewata@redhat.com>. diff --git a/base/java-tools/man/man1/pki-user-membership.1 b/base/java-tools/man/man1/pki-user-membership.1 new file mode 100644 index 000000000..7f6c1986b --- /dev/null +++ b/base/java-tools/man/man1/pki-user-membership.1 @@ -0,0 +1,84 @@ +.\" First parameter, NAME, should be all caps +.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection +.\" other parameters are allowed: see man(7), man(1) +.TH pki-user-membership 1 "Aug 24, 2015" "version 10.2" "PKI User Membership Management Commands" Dogtag Team +.\" Please adjust this date whenever revising the man page. +.\" +.\" Some roff macros, for reference: +.\" .nh disable hyphenation +.\" .hy enable hyphenation +.\" .ad l left justify +.\" .ad b justify to both left and right margins +.\" .nf disable filling +.\" .fi enable filling +.\" .br insert line break +.\" .sp <n> insert n+1 empty lines +.\" for man page specific macros, see man(7) +.SH NAME +pki-user-membership \- Command-Line Interface for managing Certificate System user memberships. + +.SH SYNOPSIS +.nf +\fBpki\fR [CLI options] \fB<subsystem>-user-membership\fR +\fBpki\fR [CLI options] \fB<subsystem>-user-membership-find\fR <user ID> [command options] +\fBpki\fR [CLI options] \fB<subsystem>-user-membership-add\fR <user ID> <group ID> [command options] +\fBpki\fR [CLI options] \fB<subsystem>-user-membership-del\fR <user ID> <group ID> [command options] +.fi + +.SH DESCRIPTION +.PP +The \fBpki-user-membership\fR commands provide command-line interfaces to manage user memberships on the specified subsystem. +.PP +Valid subsystems are \fBca\fR, \fBkra\fR, \fBocsp\fR, \fBtks\fR, and \fBtps\fR. If the \fB<subsystem>-\fR prefix is omitted, it will default to \fBca\fR. +.PP +\fBpki\fR [CLI options] \fB<subsystem>-user-membership\fR +.RS 4 +This command is to list available user membership commands for the subsystem. +.RE +.PP +\fBpki\fR [CLI options] \fB<subsystem>-user-membership-find\fR <user ID> [command options] +.RS 4 +This command is to list groups in which the subsystem user is a member. +.RE +.PP +\fBpki\fR [CLI options] \fB<subsystem>-user-membership-add\fR <user ID> <group ID> [command options] +.RS 4 +This command is to add the subsystem user into a group. +.RE +.PP +\fBpki\fR [CLI options] \fB<subsystem>-user-membership-del\fR <user ID> <group ID> [command options] +.RS 4 +This command is to delete the subsystem user from a group. +.RE + +.SH OPTIONS +The CLI options are described in \fBpki\fR(1). + +.SH OPERATIONS +To view available user membership commands, type \fBpki <subsystem>-user-membership\fP. To view each command's usage, type \fB pki <subsystem>-user-membership-<command> \-\-help\fP. + +All user membership commands must be executed as the subsystem administrator. + +For example, to list groups in which a CA user is a member execute the following command: + +.B pki <CA admin authentication> ca-user-membership-find testuser + +The results can be paged by specifying the (0-based) index of the first entry to return and the maximum number of entries returned: + +.B pki <CA admin authentication> ca-user-membership-find testuser --start 20 --size 10 + +The above command will return entries #20 to #29. + +To add a CA user into a group, specify the user ID and the group ID in the following command: + +.B pki <CA admin authentication> ca-user-membership-add testuser Administrators + +To delete a CA user from a group, specify the user ID and the group ID in the following command: + +.B pki <CA admin authentication> ca-user-membership-del testuser Administrators + +.SH AUTHORS +Endi S. Dewata <edewata@redhat.com>. + +.SH COPYRIGHT +Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU General Public License, version 2 (GPLv2). A copy of this license is available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. diff --git a/base/java-tools/man/man1/pki.1 b/base/java-tools/man/man1/pki.1 index 3de8f6e92..60c19f4dd 100644 --- a/base/java-tools/man/man1/pki.1 +++ b/base/java-tools/man/man1/pki.1 @@ -304,6 +304,12 @@ User certificate management commands .RE .PP +\fBpki-user-membership\fR(1) +.RS 4 +User membership management commands +.RE + +.PP \fBpki-ca-profile\fR(1) .RS 4 Profile management commands diff --git a/specs/pki-core.spec b/specs/pki-core.spec index 15e8b040d..97dbe9235 100644 --- a/specs/pki-core.spec +++ b/specs/pki-core.spec @@ -890,6 +890,7 @@ systemctl daemon-reload %{_mandir}/man1/pki-securitydomain.1.gz %{_mandir}/man1/pki-user.1.gz %{_mandir}/man1/pki-user-cert.1.gz +%{_mandir}/man1/pki-user-membership.1.gz %{_mandir}/man1/pki-ca-profile.1.gz %{_mandir}/man1/pki-tps-profile.1.gz |