summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ipa-admintools/ipa-adddelegation225
-rw-r--r--ipa-admintools/ipa-addgroup75
-rw-r--r--ipa-admintools/ipa-addservice70
-rw-r--r--ipa-admintools/ipa-adduser77
-rw-r--r--ipa-admintools/ipa-deldelegation135
-rw-r--r--ipa-admintools/ipa-delgroup93
-rw-r--r--ipa-admintools/ipa-delservice80
-rw-r--r--ipa-admintools/ipa-deluser67
-rw-r--r--ipa-admintools/ipa-findgroup180
-rw-r--r--ipa-admintools/ipa-findservice93
-rw-r--r--ipa-admintools/ipa-finduser161
-rw-r--r--ipa-admintools/ipa-listdelegation69
-rw-r--r--ipa-admintools/ipa-lockuser99
-rw-r--r--ipa-admintools/ipa-moddelegation272
-rw-r--r--ipa-admintools/ipa-modgroup174
-rw-r--r--ipa-admintools/ipa-moduser100
-rw-r--r--ipa-admintools/ipa-passwd72
-rw-r--r--ipa-admintools/ipa-pwpolicy116
-rw-r--r--ipa-python/ipautil.py12
19 files changed, 1136 insertions, 1034 deletions
diff --git a/ipa-admintools/ipa-adddelegation b/ipa-admintools/ipa-adddelegation
index 750f7573..b29c9671 100644
--- a/ipa-admintools/ipa-adddelegation
+++ b/ipa-admintools/ipa-adddelegation
@@ -18,21 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.user
-import ipa.ipaclient as ipaclient
-import ipa.config
-import ipa.aci
-import ipa.ipaadminutil as ipaadminutil
-
-import xmlrpclib
-import kerberos
-import krbV
-import ldap
-import errno
-
def usage():
print "ipa-adddelegation [-l|--list]"
print "ipa-adddelegation [-a|--attributes attr1,attr2,..,attrn] [-s|--source STRING] [-t|--target STRING] name"
@@ -65,9 +50,9 @@ def main():
if options.list:
client = ipaclient.IPAClient()
- list = client.get_all_attrs()
+ l = client.get_all_attrs()
- for x in list:
+ for x in l:
print x
return 0
@@ -78,100 +63,120 @@ def main():
if not options.attributes or not options.source or not options.target:
usage()
- try:
- client = ipaclient.IPAClient()
-
- source_grp = client.find_groups(options.source)
- counter = source_grp[0]
- source_grp = source_grp[1:]
- groupindex = -1
- if counter == 0:
- print "No entries found for %s" % options.source
- return 2
- elif counter == -1:
- print "These results are truncated."
- print "Please refine your search and try again."
- return 3
-
- if counter > 1:
- print "\nMultiple entries for the source group found."
- groupindex = ipaadminutil.select_group(counter, source_grp)
- if groupindex == "q":
- return 0
-
- if groupindex >= 0:
- source_grp = [source_grp[groupindex]]
-
- target_grp = client.find_groups(options.target)
- counter = target_grp[0]
- target_grp = target_grp[1:]
- groupindex = -1
- if counter == 0:
- print "No entries found for %s" % options.target
- return 2
- elif counter == -1:
- print "These results are truncated."
- print "Please refine your search and try again."
- return 3
-
- if counter > 1:
- print "\nMultiple entries for the target group found."
- groupindex = ipaadminutil.select_group(counter, target_grp)
- if groupindex == "q":
- return 0
-
- if groupindex >= 0:
- target_grp = [target_grp[groupindex]]
-
- attr_list = options.attributes.split(',')
-
- new_aci = ipa.aci.ACI()
- new_aci.name = args[1]
- new_aci.source_group = source_grp[0].dn
- new_aci.dest_group = target_grp[0].dn
- new_aci.attrs = attr_list
-
- aci_entry = client.get_aci_entry(['*', 'aci'])
-
- # Look for an existing ACI of the same name
- aci_str_list = aci_entry.getValues('aci')
- if aci_str_list is None:
- aci_str_list = []
- if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)):
- aci_str_list = [aci_str_list]
-
- for aci_str in aci_str_list:
- try:
- old_aci = ipa.aci.ACI(aci_str)
- if old_aci.name == new_aci.name:
- print "A delegation of that name already exists"
- return 2
- except SyntaxError:
- # ignore aci_str's that ACI can't parse
- pass
-
- aci_entry = client.get_aci_entry(['dn'])
- aci_entry.setValue('aci', new_aci.export_to_string())
-
- client.update_entry(aci_entry)
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ client = ipaclient.IPAClient()
+
+ source_grp = client.find_groups(options.source)
+ counter = source_grp[0]
+ source_grp = source_grp[1:]
+ groupindex = -1
+ if counter == 0:
+ print "No entries found for %s" % options.source
+ return 2
+ elif counter == -1:
+ print "These results are truncated."
+ print "Please refine your search and try again."
+ return 3
+
+ if counter > 1:
+ print "\nMultiple entries for the source group found."
+ groupindex = ipaadminutil.select_group(counter, source_grp)
+ if groupindex == "q":
+ return 0
+
+ if groupindex >= 0:
+ source_grp = [source_grp[groupindex]]
+
+ target_grp = client.find_groups(options.target)
+ counter = target_grp[0]
+ target_grp = target_grp[1:]
+ groupindex = -1
+ if counter == 0:
+ print "No entries found for %s" % options.target
+ return 2
+ elif counter == -1:
+ print "These results are truncated."
+ print "Please refine your search and try again."
+ return 3
+
+ if counter > 1:
+ print "\nMultiple entries for the target group found."
+ groupindex = ipaadminutil.select_group(counter, target_grp)
+ if groupindex == "q":
+ return 0
+
+ if groupindex >= 0:
+ target_grp = [target_grp[groupindex]]
+
+ attr_list = options.attributes.split(',')
+
+ new_aci = ipa.aci.ACI()
+ new_aci.name = args[1]
+ new_aci.source_group = source_grp[0].dn
+ new_aci.dest_group = target_grp[0].dn
+ new_aci.attrs = attr_list
+
+ aci_entry = client.get_aci_entry(['*', 'aci'])
+
+ # Look for an existing ACI of the same name
+ aci_str_list = aci_entry.getValues('aci')
+ if aci_str_list is None:
+ aci_str_list = []
+ if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)):
+ aci_str_list = [aci_str_list]
+
+ for aci_str in aci_str_list:
+ try:
+ old_aci = ipa.aci.ACI(aci_str)
+ if old_aci.name == new_aci.name:
+ print "A delegation of that name already exists"
+ return 2
+ except SyntaxError:
+ # ignore aci_str's that ACI can't parse
+ pass
+
+ aci_entry = client.get_aci_entry(['dn'])
+ aci_entry.setValue('aci', new_aci.export_to_string())
+
+ client.update_entry(aci_entry)
print "Delegation %s successfully added" % args[1]
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.user
+ import ipa.ipaclient as ipaclient
+ import ipa.config
+ import ipa.aci
+ import ipa.ipaadminutil as ipaadminutil
+ import ipa.ipautil as ipautil
+
+ import xmlrpclib
+ import kerberos
+ import krbV
+ import ldap
+ import errno
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-addgroup b/ipa-admintools/ipa-addgroup
index c8a764f1..1668dbab 100644
--- a/ipa-admintools/ipa-addgroup
+++ b/ipa-admintools/ipa-addgroup
@@ -18,20 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.group
-import ipa.ipaclient as ipaclient
-import ipa.ipavalidate as ipavalidate
-import ipa.config
-import ipa.ipaerror
-
-import xmlrpclib
-import kerberos
-import ldap
-import errno
-
def usage():
print "ipa-addgroup [-d|--description STRING] [-g|--gid GID] group"
sys.exit(1)
@@ -95,27 +81,46 @@ def main():
group.setValue('cn', cn)
group.setValue('description', desc)
- try:
- client = ipaclient.IPAClient()
- client.add_group(group)
- print cn + " successfully added"
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ client = ipaclient.IPAClient()
+ client.add_group(group)
+ print cn + " successfully added"
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.group
+ import ipa.ipaclient as ipaclient
+ import ipa.ipavalidate as ipavalidate
+ import ipa.ipautil as ipautil
+ import ipa.config
+ import ipa.ipaerror
+
+ import xmlrpclib
+ import kerberos
+ import ldap
+ import errno
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-addservice b/ipa-admintools/ipa-addservice
index 24e92ce4..cecd4810 100644
--- a/ipa-admintools/ipa-addservice
+++ b/ipa-admintools/ipa-addservice
@@ -18,23 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.user
-import ipa.ipaclient as ipaclient
-import ipa.ipavalidate as ipavalidate
-import ipa.config
-
-import base64
-
-import xmlrpclib
-import kerberos
-import krbV
-import ldap
-import getpass
-import errno
-
def usage():
print "ipa-addservice [--force] principal"
sys.exit(1)
@@ -64,12 +47,47 @@ def main():
client = ipaclient.IPAClient()
- try:
- client.add_service_principal(princ_name, "%d" % options.force)
-
- except Exception, e:
- print str(e)
-
-
-if __name__ == "__main__":
- sys.exit(main())
+ client.add_service_principal(princ_name, "%d" % options.force)
+
+ return 0
+
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.user
+ import ipa.ipaclient as ipaclient
+ import ipa.ipavalidate as ipavalidate
+ import ipa.ipautil as ipautil
+ import ipa.config
+
+ import base64
+
+ import xmlrpclib
+ import kerberos
+ import krbV
+ import ldap
+ import getpass
+ import errno
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-adduser b/ipa-admintools/ipa-adduser
index 3f4c98eb..6decde09 100644
--- a/ipa-admintools/ipa-adduser
+++ b/ipa-admintools/ipa-adduser
@@ -18,21 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.user
-import ipa.ipaclient as ipaclient
-import ipa.ipavalidate as ipavalidate
-import ipa.config
-
-import xmlrpclib
-import kerberos
-import krbV
-import ldap
-import getpass
-import errno
-
def usage():
print "ipa-adduser [-c|--gecos STRING] [-d|--directory STRING] [-f|--firstname STRING] [-l|--lastname STRING] [-s|--shell] [-g|--groups] [-k|krb-principal [-M|mailAddress] user"
sys.exit(1)
@@ -179,7 +164,7 @@ def main():
if not options.shell:
while (cont != True):
shell = raw_input("shell [/bin/sh]: ")
-
+
if len(shell) < 1:
shell = None
cont = True
@@ -209,24 +194,8 @@ def main():
if shell:
user.setValue('loginshell', shell)
- try:
- client = ipaclient.IPAClient()
- client.add_user(user)
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ client = ipaclient.IPAClient()
+ client.add_user(user)
# Set the User's password
if password is not None:
@@ -251,5 +220,41 @@ def main():
print username + " successfully added"
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.user
+ import ipa.ipaclient as ipaclient
+ import ipa.ipavalidate as ipavalidate
+ import ipa.ipautil as ipautil
+ import ipa.config
+
+ import xmlrpclib
+ import kerberos
+ import krbV
+ import ldap
+ import getpass
+ import errno
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-deldelegation b/ipa-admintools/ipa-deldelegation
index 07613d56..ac0ae798 100644
--- a/ipa-admintools/ipa-deldelegation
+++ b/ipa-admintools/ipa-deldelegation
@@ -18,19 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa.ipaclient as ipaclient
-import ipa.config
-
-import xmlrpclib
-import kerberos
-import copy
-import errno
-
-import ipa.aci
-from ipa import ipaerror
-
aci_fields = ['*', 'aci']
def usage():
@@ -55,58 +42,76 @@ def main():
usage()
client = ipaclient.IPAClient()
- try:
- aci_entry = client.get_aci_entry(aci_fields)
-
- aci_str_list = aci_entry.getValues('aci')
- if aci_str_list is None:
- aci_str_list = []
- if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)):
- aci_str_list = [aci_str_list]
-
- acistr = None
- for aci_str in aci_str_list:
- try:
- aci = ipa.aci.ACI(aci_str)
- if aci.name == args[1]:
- acistr = aci_str
- break
- except SyntaxError:
- # ignore aci_str's that ACI can't parse
- pass
-
- if acistr is None:
- print "No delegation '%s' found." % args[1]
- return 2
-
- old_aci_index = aci_str_list.index(acistr)
-
- new_aci_str_list = copy.deepcopy(aci_str_list)
- del new_aci_str_list[old_aci_index]
- aci_entry.setValue('aci', new_aci_str_list)
-
- client.update_entry(aci_entry)
- print "Delegation removed."
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except (SyntaxError, ipaerror.IPAError), e:
- print "Delegation deletion failed: " + str(e)
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ aci_entry = client.get_aci_entry(aci_fields)
+
+ aci_str_list = aci_entry.getValues('aci')
+ if aci_str_list is None:
+ aci_str_list = []
+ if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)):
+ aci_str_list = [aci_str_list]
+
+ acistr = None
+ for aci_str in aci_str_list:
+ try:
+ aci = ipa.aci.ACI(aci_str)
+ if aci.name == args[1]:
+ acistr = aci_str
+ break
+ except SyntaxError:
+ # ignore aci_str's that ACI can't parse
+ pass
+
+ if acistr is None:
+ print "No delegation '%s' found." % args[1]
+ return 2
+
+ old_aci_index = aci_str_list.index(acistr)
+
+ new_aci_str_list = copy.deepcopy(aci_str_list)
+ del new_aci_str_list[old_aci_index]
+ aci_entry.setValue('aci', new_aci_str_list)
+
+ client.update_entry(aci_entry)
+ print "Delegation removed."
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa.ipaclient as ipaclient
+ import ipa.config
+ import ipa.ipautil as ipautil
+
+ import xmlrpclib
+ import kerberos
+ import copy
+ import errno
+
+ import ipa.aci
+ from ipa import ipaerror
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except (SyntaxError, ipaerror.IPAError), e:
+ print "Delegation deletion failed: " + str(e)
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-delgroup b/ipa-admintools/ipa-delgroup
index 228ce1d1..51682022 100644
--- a/ipa-admintools/ipa-delgroup
+++ b/ipa-admintools/ipa-delgroup
@@ -18,16 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.ipaclient as ipaclient
-import ipa.config
-import errno
-
-import xmlrpclib
-import kerberos
-
def usage():
print "ipa-delgroup group"
sys.exit(1)
@@ -48,42 +38,57 @@ def main():
if options.usage or len(args) != 2:
usage()
- try:
- client = ipaclient.IPAClient()
- groups = client.find_groups(args[1], ['cn','description','gidnumber','nsAccountLock'])
-
- counter = groups[0]
- groups = groups[1:]
+ client = ipaclient.IPAClient()
+ groups = client.find_groups(args[1], ['cn','description','gidnumber','nsAccountLock'])
+
+ counter = groups[0]
+ groups = groups[1:]
- if counter == 0:
- print "Group '%s' not found." % args[1]
- return 2
- if counter != 1:
- print "An exact group match was not found. Found %d groups" % counter
- return 2
+ if counter == 0:
+ print "Group '%s' not found." % args[1]
+ return 2
+ if counter != 1:
+ print "An exact group match was not found. Found %d groups" % counter
+ return 2
- ret = client.delete_group(groups[0].dn)
- if (ret == "Success"):
- print args[1] + " successfully deleted"
- else:
- print args[1] + " " + ret
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ ret = client.delete_group(groups[0].dn)
+ if (ret == "Success"):
+ print args[1] + " successfully deleted"
+ else:
+ print args[1] + " " + ret
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.ipaclient as ipaclient
+ import ipa.config
+ import ipa.ipautil as ipautil
+ import errno
+
+ import xmlrpclib
+ import kerberos
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-delservice b/ipa-admintools/ipa-delservice
index 1796babf..91775dd9 100644
--- a/ipa-admintools/ipa-delservice
+++ b/ipa-admintools/ipa-delservice
@@ -18,23 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.user
-import ipa.ipaclient as ipaclient
-import ipa.ipavalidate as ipavalidate
-import ipa.config
-
-import base64
-
-import xmlrpclib
-import kerberos
-import krbV
-import ldap
-import getpass
-import errno
-
def usage():
print "ipa-delservice principal"
sys.exit(1)
@@ -59,26 +42,55 @@ def main():
client = ipaclient.IPAClient()
- try:
- hosts = client.find_service_principal(args[1], sattrs=None)
- counter = hosts[0]
- hosts = hosts[1:]
+ hosts = client.find_service_principal(args[1], sattrs=None)
+ counter = hosts[0]
+ hosts = hosts[1:]
- if counter == 0:
- print "Service Principal '%s' not found." % args[1]
- return 2
- if counter != 1:
- print "An exact match was not found. Found %d principals for %s" % (counter, args[1])
- return 2
+ if counter == 0:
+ print "Service Principal '%s' not found." % args[1]
+ return 2
+ if counter != 1:
+ print "An exact match was not found. Found %d principals for %s" % (counter, args[1])
+ return 2
- client.delete_service_principal(hosts[0].dn)
+ client.delete_service_principal(hosts[0].dn)
- except Exception, e:
- print str(e)
- return 1
+ print "Successfully deleted"
- print hosts[0] + " successfully deleted"
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.ipaclient as ipaclient
+ import ipa.config
+ import ipa.ipautil as ipautil
+
+ import xmlrpclib
+ import kerberos
+ import krbV
+ import ldap
+ import errno
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-deluser b/ipa-admintools/ipa-deluser
index 596a124c..a05e528e 100644
--- a/ipa-admintools/ipa-deluser
+++ b/ipa-admintools/ipa-deluser
@@ -18,16 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.ipaclient as ipaclient
-import ipa.config
-import errno
-
-import xmlrpclib
-import kerberos
-
def usage():
print "ipa-deluser user"
sys.exit(1)
@@ -48,27 +38,42 @@ def main():
if options.usage or len(args) != 2:
usage()
- try:
- client = ipaclient.IPAClient()
- ret = client.delete_user(args[1])
- print args[1] + " successfully deleted"
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ client = ipaclient.IPAClient()
+ ret = client.delete_user(args[1])
+ print args[1] + " successfully deleted"
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.ipaclient as ipaclient
+ import ipa.ipautil as ipautil
+ import ipa.config
+ import errno
+
+ import xmlrpclib
+ import kerberos
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-findgroup b/ipa-admintools/ipa-findgroup
index 08d62314..e6f27e9a 100644
--- a/ipa-admintools/ipa-findgroup
+++ b/ipa-admintools/ipa-findgroup
@@ -18,17 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa.ipaclient as ipaclient
-import ipa.ipaadminutil as ipaadminutil
-import ipa.config
-
-import errno
-import sys
-import xmlrpclib
-import kerberos
-
def usage():
print "ipa-findgroup [-a|--all] [-n|--notranslate] group"
sys.exit()
@@ -56,87 +45,102 @@ def main():
if options.usage or len(args) != 2:
usage()
- try:
- client = ipaclient.IPAClient()
- if options.all is None:
- groups = client.find_groups(args[1], ['cn','description','gidnumber','nsAccountLock'])
+ client = ipaclient.IPAClient()
+ if options.all is None:
+ groups = client.find_groups(args[1], ['cn','description','gidnumber','nsAccountLock'])
+ else:
+ groups = client.find_groups(args[1], sattrs=['*','nsAccountLock'])
+
+ counter = groups[0]
+ groups = groups[1:]
+ groupindex = -1
+ if counter == 0:
+ print "No entries found for", args[1]
+ return 2
+ elif counter == -1:
+ print "These results are truncated."
+ print "Please refine your search and try again."
+
+ if counter > 1:
+ try:
+ groupindex = ipaadminutil.select_group(counter, groups)
+ except KeyboardInterrupt:
+ return 1
+ if groupindex == "q":
+ return 0
+
+ if groupindex >= 0:
+ groups = [groups[groupindex]]
+
+ for ent in groups:
+ try:
+ members = client.group_members(ent.dn, ['dn','cn'])
+ except ipa.ipaerror.IPAError, e:
+ print "Error getting members for " + ent.dn
+ print str(e)
+ continue
+ attr = ent.attrList()
+ if options.notranslate:
+ labels = {}
+ for a in attr:
+ labels[a] = a
else:
- groups = client.find_groups(args[1], sattrs=['*','nsAccountLock'])
-
- counter = groups[0]
- groups = groups[1:]
- groupindex = -1
- if counter == 0:
- print "No entries found for", args[1]
- return 2
- elif counter == -1:
- print "These results are truncated."
- print "Please refine your search and try again."
-
- if counter > 1:
- try:
- groupindex = ipaadminutil.select_group(counter, groups)
- except KeyboardInterrupt:
- return 1
- if groupindex == "q":
- return 0
-
- if groupindex >= 0:
- groups = [groups[groupindex]]
-
- for ent in groups:
- try:
- members = client.group_members(ent.dn, ['dn','cn'])
- except ipa.ipaerror.IPAError, e:
- print "Error getting members for " + ent.dn
- print str(e)
- continue
- attr = ent.attrList()
- if options.notranslate:
- labels = {}
- for a in attr:
- labels[a] = a
+ labels = client.attrs_to_labels(attr)
+
+ print "dn: " + ent.dn
+
+ for a in attr:
+ value = ent.getValues(a)
+ if isinstance(value,str):
+ print labels[a] + ": " + value
else:
- labels = client.attrs_to_labels(attr)
+ print labels[a] + ": "
+ for l in value:
+ print "\t" + l
- print "dn: " + ent.dn
+ counter = members[0]
+ members = members[1:]
- for a in attr:
- value = ent.getValues(a)
- if isinstance(value,str):
- print labels[a] + ": " + value
- else:
- print labels[a] + ": "
- for l in value:
- print "\t" + l
-
- counter = members[0]
- members = members[1:]
-
- if counter > 0:
- print "Members:"
- for m in members:
- print " " + m.getValue('cn') + ": " + m.dn
- # blank line between results
- print
-
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ if counter > 0:
+ print "Members:"
+ for m in members:
+ print " " + m.getValue('cn') + ": " + m.dn
+ # blank line between results
+ print
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa.ipaclient as ipaclient
+ import ipa.ipaadminutil as ipaadminutil
+ import ipa.ipautil as ipautil
+ import ipa.config
+
+ import errno
+ import sys
+ import xmlrpclib
+ import kerberos
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-findservice b/ipa-admintools/ipa-findservice
index 41688e79..499c7f89 100644
--- a/ipa-admintools/ipa-findservice
+++ b/ipa-admintools/ipa-findservice
@@ -18,19 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa.ipaclient as ipaclient
-import ipa.config
-import ipa.ipautil as ipautil
-import ipa.ipaadminutil as ipaadminutil
-import base64
-
-import errno
-import sys
-import xmlrpclib
-import kerberos
-
def usage():
print "ipa-findservice host"
sys.exit()
@@ -53,41 +40,55 @@ def main():
if options.usage or len(args) != 2:
usage()
- try:
- client = ipaclient.IPAClient()
- hosts = client.find_service_principal(args[1], sattrs=None)
-
- counter = hosts[0]
- hosts = hosts[1:]
- userindex = 0
- if counter == 0:
- print "No entries found for", args[1]
- return 2
- elif counter == -1:
- print "These results are truncated."
- print "Please refine your search and try again."
+ client = ipaclient.IPAClient()
+ hosts = client.find_service_principal(args[1], sattrs=None)
-
- for ent in hosts:
- print ent.krbprincipalname
+ counter = hosts[0]
+ hosts = hosts[1:]
+ userindex = 0
+ if counter == 0:
+ print "No entries found for", args[1]
+ return 2
+ elif counter == -1:
+ print "These results are truncated."
+ print "Please refine your search and try again."
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ for ent in hosts:
+ print ent.krbprincipalname
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa.ipaclient as ipaclient
+ import ipa.config
+ import ipa.ipautil as ipautil
+ import ipa.ipaadminutil as ipaadminutil
+
+ import errno
+ import sys
+ import xmlrpclib
+ import kerberos
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-finduser b/ipa-admintools/ipa-finduser
index 30a6cd25..a08c988f 100644
--- a/ipa-admintools/ipa-finduser
+++ b/ipa-admintools/ipa-finduser
@@ -18,19 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa.ipaclient as ipaclient
-import ipa.config
-import ipa.ipautil as ipautil
-import ipa.ipaadminutil as ipaadminutil
-import base64
-
-import errno
-import sys
-import xmlrpclib
-import kerberos
-
def usage():
print "ipa-finduser [-a|--all] [-n|--notranslate] user"
sys.exit()
@@ -79,75 +66,91 @@ def main():
if options.usage or len(args) != 2:
usage()
- try:
- client = ipaclient.IPAClient()
- if options.all is None:
- users = client.find_users(args[1], sattrs=['uid','cn','homeDirectory','loginshell'])
+ client = ipaclient.IPAClient()
+ if options.all is None:
+ users = client.find_users(args[1], sattrs=['uid','cn','homeDirectory','loginshell'])
+ else:
+ users = client.find_users(args[1], sattrs=None)
+
+ counter = users[0]
+ users = users[1:]
+ userindex = 0
+ if counter == 0:
+ print "No entries found for", args[1]
+ return 2
+ elif counter == -1:
+ print "These results are truncated."
+ print "Please refine your search and try again."
+
+ if counter > 1:
+ try:
+ userindex = ipaadminutil.select_user(counter, users)
+ except KeyboardInterrupt:
+ return 1
+ if userindex == "q":
+ return 0
+
+ if userindex >= 0:
+ users = [users[userindex]]
+
+ for ent in users:
+ attr = ent.attrList()
+ attr.sort()
+ if options.notranslate:
+ labels = {}
+ for a in attr:
+ labels[a] = a
else:
- users = client.find_users(args[1], sattrs=None)
-
- counter = users[0]
- users = users[1:]
- userindex = 0
- if counter == 0:
- print "No entries found for", args[1]
- return 2
- elif counter == -1:
- print "These results are truncated."
- print "Please refine your search and try again."
-
- if counter > 1:
- try:
- userindex = ipaadminutil.select_user(counter, users)
- except KeyboardInterrupt:
- return 1
- if userindex == "q":
- return 0
-
- if userindex >= 0:
- users = [users[userindex]]
-
- for ent in users:
- attr = ent.attrList()
- attr.sort()
- if options.notranslate:
- labels = {}
- for a in attr:
- labels[a] = a
- else:
- labels = client.attrs_to_labels(attr)
+ labels = client.attrs_to_labels(attr)
- if options.all is True:
- print "dn: " + ent.dn
+ if options.all is True:
+ print "dn: " + ent.dn
- for a in attr:
- value = ent.getValues(a)
- if isinstance(value,str):
- print labels[a] + ": " + str(wrap_binary_data(value)).rstrip()
- else:
- print labels[a] + ": "
- for l in value:
- print "\t" + wrap_binary_data(l)
- # blank line between results
- print
-
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ for a in attr:
+ value = ent.getValues(a)
+ if isinstance(value,str):
+ print labels[a] + ": " + str(wrap_binary_data(value)).rstrip()
+ else:
+ print labels[a] + ": "
+ for l in value:
+ print "\t" + wrap_binary_data(l)
+ # blank line between results
+ print
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa.ipaclient as ipaclient
+ import ipa.config
+ import ipa.ipautil as ipautil
+ import ipa.ipaadminutil as ipaadminutil
+ import base64
+
+ import errno
+ import sys
+ import xmlrpclib
+ import kerberos
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-listdelegation b/ipa-admintools/ipa-listdelegation
index 6a718dec..217b16dd 100644
--- a/ipa-admintools/ipa-listdelegation
+++ b/ipa-admintools/ipa-listdelegation
@@ -18,19 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa.ipaclient as ipaclient
-import ipa.config
-
-import operator
-import xmlrpclib
-import kerberos
-import errno
-
-import ipa.aci
-from ipa import ipaerror
-
aci_fields = ['*', 'aci']
def usage():
print "ipa-listdelgation"
@@ -54,23 +41,7 @@ def main():
usage()
client = ipaclient.IPAClient()
- try:
- aci_entry = client.get_aci_entry(aci_fields)
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipaerror.IPAError, e:
- print("Delegation list failed: " + str(e))
- return 1
+ aci_entry = client.get_aci_entry(aci_fields)
aci_str_list = aci_entry.getValues('aci')
if aci_str_list is None:
@@ -102,5 +73,39 @@ def main():
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa.ipaclient as ipaclient
+ import ipa.config
+ import ipa.ipautil as ipautil
+
+ import operator
+ import xmlrpclib
+ import kerberos
+ import errno
+
+ import ipa.aci
+ from ipa import ipaerror
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipaerror.IPAError, e:
+ print("Delegation list failed: " + str(e))
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-lockuser b/ipa-admintools/ipa-lockuser
index d4a2959d..54cebd90 100644
--- a/ipa-admintools/ipa-lockuser
+++ b/ipa-admintools/ipa-lockuser
@@ -18,16 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.ipaclient as ipaclient
-import ipa.config
-import errno
-
-import xmlrpclib
-import kerberos
-
def usage():
print "ipa-lockuser [-u|--unlock] user"
sys.exit(1)
@@ -51,43 +41,58 @@ def main():
usage()
msg = "inactivated"
- try:
- client = ipaclient.IPAClient()
- if options.unlock:
- try:
- ret = client.mark_user_active(args[1])
- msg = "unlocked"
- except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST):
- print "User is already marked active"
- return 0
- except:
- raise
- else:
- try:
- ret = client.mark_user_inactive(args[1])
- except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST):
- print "User is already marked inactive"
- return 0
- except:
- raise
- print args[1] + " successfully %s" % msg
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ client = ipaclient.IPAClient()
+ if options.unlock:
+ try:
+ ret = client.mark_user_active(args[1])
+ msg = "unlocked"
+ except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST):
+ print "User is already marked active"
+ return 0
+ except:
+ raise
+ else:
+ try:
+ ret = client.mark_user_inactive(args[1])
+ except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST):
+ print "User is already marked inactive"
+ return 0
+ except:
+ raise
+ print args[1] + " successfully %s" % msg
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.ipaclient as ipaclient
+ import ipa.config
+ import ipa.ipautil as ipautil
+ import errno
+
+ import xmlrpclib
+ import kerberos
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-moddelegation b/ipa-admintools/ipa-moddelegation
index 74cfcc48..773c784d 100644
--- a/ipa-admintools/ipa-moddelegation
+++ b/ipa-admintools/ipa-moddelegation
@@ -18,22 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.user
-import ipa.ipaclient as ipaclient
-import ipa.ipaadminutil as ipaadminutil
-import ipa.config
-import ipa.aci
-
-import xmlrpclib
-import kerberos
-import krbV
-import ldap
-import copy
-import errno
-
aci_fields = ['*', 'aci']
def usage():
@@ -77,125 +61,145 @@ def main():
if not options.attributes and not options.source and not options.target:
usage()
- try:
- client = ipaclient.IPAClient()
-
- # first do some sanity checking
-
- if options.source:
- source_grp = client.find_groups(options.source)
- counter = source_grp[0]
- source_grp = source_grp[1:]
- groupindex = -1
- if counter == 0:
- print "No entries found for %s" % options.source
- return 2
- elif counter == -1:
- print "These results are truncated."
- print "Please refine your search and try again."
- return 3
-
- if counter > 1:
- print "\nMultiple entries for the source group found."
- groupindex = ipaadminutil.select_group(counter, source_grp)
- if groupindex == "q":
- return 0
-
- if groupindex >= 0:
- source_grp = [source_grp[groupindex]]
-
- if options.target:
- target_grp = client.find_groups(options.target)
- counter = target_grp[0]
- target_grp = target_grp[1:]
- groupindex = -1
- if counter == 0:
- print "No entries found for %s" % options.target
- return 2
- elif counter == -1:
- print "These results are truncated."
- print "Please refine your search and try again."
- return 3
-
- if counter > 1:
- print "\nMultiple entries for the target group found."
- groupindex = ipaadminutil.select_group(counter, target_grp)
- if groupindex == "q":
- return 0
-
- if groupindex >= 0:
- target_grp = [target_grp[groupindex]]
-
- if options.attributes:
- attr_list = options.attributes.split(',')
-
- # find the old aci
-
- aci_entry = client.get_aci_entry(aci_fields)
-
- aci_str_list = aci_entry.getValues('aci')
- if aci_str_list is None:
- aci_str_list = []
- if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)):
- aci_str_list = [aci_str_list]
-
- old_aci = None
- acistr = None
- for aci_str in aci_str_list:
- try:
- old_aci = ipa.aci.ACI(aci_str)
- if old_aci.name == args[1]:
- acistr = aci_str
- break
- except SyntaxError:
- # ignore aci_str's that ACI can't parse
- pass
-
- if acistr is None:
- print "No delegation %s found." % args[1]
- return 2
-
- old_aci_index = aci_str_list.index(acistr)
-
- new_aci = ipa.aci.ACI()
- new_aci.name = args[1]
- if options.source:
- new_aci.source_group = source_grp[0].dn
- else:
- new_aci.source_group = old_aci.source_group
- if options.target:
- new_aci.dest_group = target_grp[0].dn
- else:
- new_aci.dest_group = old_aci.dest_group
- if options.attributes:
- new_aci.attrs = attr_list
- else:
- new_aci.attrs = old_aci.attrs
- new_aci_str = new_aci.export_to_string()
-
- new_aci_str_list = copy.deepcopy(aci_str_list)
- new_aci_str_list[old_aci_index] = new_aci_str
- aci_entry.setValue('aci', new_aci_str_list)
-
- client.update_entry(aci_entry)
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ client = ipaclient.IPAClient()
+
+ # first do some sanity checking
+
+ if options.source:
+ source_grp = client.find_groups(options.source)
+ counter = source_grp[0]
+ source_grp = source_grp[1:]
+ groupindex = -1
+ if counter == 0:
+ print "No entries found for %s" % options.source
+ return 2
+ elif counter == -1:
+ print "These results are truncated."
+ print "Please refine your search and try again."
+ return 3
+
+ if counter > 1:
+ print "\nMultiple entries for the source group found."
+ groupindex = ipaadminutil.select_group(counter, source_grp)
+ if groupindex == "q":
+ return 0
+
+ if groupindex >= 0:
+ source_grp = [source_grp[groupindex]]
+
+ if options.target:
+ target_grp = client.find_groups(options.target)
+ counter = target_grp[0]
+ target_grp = target_grp[1:]
+ groupindex = -1
+ if counter == 0:
+ print "No entries found for %s" % options.target
+ return 2
+ elif counter == -1:
+ print "These results are truncated."
+ print "Please refine your search and try again."
+ return 3
+
+ if counter > 1:
+ print "\nMultiple entries for the target group found."
+ groupindex = ipaadminutil.select_group(counter, target_grp)
+ if groupindex == "q":
+ return 0
+
+ if groupindex >= 0:
+ target_grp = [target_grp[groupindex]]
+
+ if options.attributes:
+ attr_list = options.attributes.split(',')
+
+ # find the old aci
+
+ aci_entry = client.get_aci_entry(aci_fields)
+
+ aci_str_list = aci_entry.getValues('aci')
+ if aci_str_list is None:
+ aci_str_list = []
+ if not(isinstance(aci_str_list,list) or isinstance(aci_str_list,tuple)):
+ aci_str_list = [aci_str_list]
+
+ old_aci = None
+ acistr = None
+ for aci_str in aci_str_list:
+ try:
+ old_aci = ipa.aci.ACI(aci_str)
+ if old_aci.name == args[1]:
+ acistr = aci_str
+ break
+ except SyntaxError:
+ # ignore aci_str's that ACI can't parse
+ pass
+
+ if acistr is None:
+ print "No delegation %s found." % args[1]
+ return 2
+
+ old_aci_index = aci_str_list.index(acistr)
+
+ new_aci = ipa.aci.ACI()
+ new_aci.name = args[1]
+ if options.source:
+ new_aci.source_group = source_grp[0].dn
+ else:
+ new_aci.source_group = old_aci.source_group
+ if options.target:
+ new_aci.dest_group = target_grp[0].dn
+ else:
+ new_aci.dest_group = old_aci.dest_group
+ if options.attributes:
+ new_aci.attrs = attr_list
+ else:
+ new_aci.attrs = old_aci.attrs
+ new_aci_str = new_aci.export_to_string()
+
+ new_aci_str_list = copy.deepcopy(aci_str_list)
+ new_aci_str_list[old_aci_index] = new_aci_str
+ aci_entry.setValue('aci', new_aci_str_list)
+
+ client.update_entry(aci_entry)
print "Delegation %s successfully updated" % args[1]
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.ipaclient as ipaclient
+ import ipa.ipaadminutil as ipaadminutil
+ import ipa.config
+ import ipa.aci
+ import ipa.ipautil as ipautil
+
+ import xmlrpclib
+ import kerberos
+ import krbV
+ import ldap
+ import copy
+ import errno
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-modgroup b/ipa-admintools/ipa-modgroup
index b75672f3..ffbd2d86 100644
--- a/ipa-admintools/ipa-modgroup
+++ b/ipa-admintools/ipa-modgroup
@@ -18,19 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.group
-import ipa.ipaclient as ipaclient
-import ipa.config
-import ipa.ipaerror
-
-import xmlrpclib
-import kerberos
-import ldap
-import errno
-
def usage():
print "ipa-modgroup [-l|--list]"
print "ipa-modgroup [-a|--add] [-r|--remove] user group"
@@ -107,78 +94,95 @@ def main():
elif ((options.desc or options.addattr or options.delattr or options.setattr) and (len(args) != 2)):
usage()
- try:
- client = ipaclient.IPAClient()
- if options.add:
- group = get_group(client, options, args[2])
- if group is None:
- return 1
- users = args[1].split(',')
- for user in users:
- client.add_user_to_group(user, group.dn)
- print user + " successfully added to " + args[2]
- elif options.remove:
- group = get_group(client, options, args[2])
- if group is None:
- return 1
- users = args[1].split(',')
- for user in users:
- client.remove_user_from_group(user, group.dn)
- print user + " successfully removed"
- else:
- group = get_group(client, options, args[1])
- if group is None:
- return 1
-
- if options.desc:
- group.setValue('description', options.desc)
-
- if options.delattr:
- for d in options.delattr:
- group.delValue(d)
-
- if options.setattr:
- for s in options.setattr:
- s = s.split('=')
- if len(s) != 2:
- set_add_usage("set")
- sys.exit(1)
- (attr,value) = s
- group.setValue(attr, value)
-
- if options.addattr:
- for a in options.addattr:
- a = a.split('=')
- if len(a) != 2:
- set_add_usage("add")
- sys.exit(1)
- (attr,value) = a
- cvalue = group.getValue(attr)
- if cvalue:
- if isinstance(cvalue,str):
- cvalue = [cvalue]
- value = cvalue + [value]
- group.setValue(attr, value)
-
- client.update_group(group)
- print args[1] + " successfully updated"
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ client = ipaclient.IPAClient()
+ if options.add:
+ group = get_group(client, options, args[2])
+ if group is None:
+ return 1
+ users = args[1].split(',')
+ for user in users:
+ client.add_user_to_group(user, group.dn)
+ print user + " successfully added to " + args[2]
+ elif options.remove:
+ group = get_group(client, options, args[2])
+ if group is None:
+ return 1
+ users = args[1].split(',')
+ for user in users:
+ client.remove_user_from_group(user, group.dn)
+ print user + " successfully removed"
+ else:
+ group = get_group(client, options, args[1])
+ if group is None:
+ return 1
+
+ if options.desc:
+ group.setValue('description', options.desc)
+
+ if options.delattr:
+ for d in options.delattr:
+ group.delValue(d)
+
+ if options.setattr:
+ for s in options.setattr:
+ s = s.split('=')
+ if len(s) != 2:
+ set_add_usage("set")
+ sys.exit(1)
+ (attr,value) = s
+ group.setValue(attr, value)
+
+ if options.addattr:
+ for a in options.addattr:
+ a = a.split('=')
+ if len(a) != 2:
+ set_add_usage("add")
+ sys.exit(1)
+ (attr,value) = a
+ cvalue = group.getValue(attr)
+ if cvalue:
+ if isinstance(cvalue,str):
+ cvalue = [cvalue]
+ value = cvalue + [value]
+ group.setValue(attr, value)
+
+ client.update_group(group)
+ print args[1] + " successfully updated"
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.group
+ import ipa.ipaclient as ipaclient
+ import ipa.config
+ import ipa.ipaerror
+
+ import xmlrpclib
+ import kerberos
+ import ldap
+ import errno
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (ipautil.get_gsserror(e))
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-moduser b/ipa-admintools/ipa-moduser
index dd909c90..af4b99f0 100644
--- a/ipa-admintools/ipa-moduser
+++ b/ipa-admintools/ipa-moduser
@@ -18,19 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.user
-import ipa.ipaclient as ipaclient
-import ipa.ipavalidate as ipavalidate
-import ipa.config
-
-import xmlrpclib
-import kerberos
-import ldap
-import errno
-
def usage():
print "ipa-moduser [--list]"
print "ipa-moduser [-a|--activate] [-c|--gecos STRING] [-d|--directory STRING] [-f|--firstname STRING] [-l|--lastname STRING] [-s|--shell STRING] [--addattr attribute=value] [--delattr attribute] [--setattr attribute=value] user"
@@ -116,12 +103,8 @@ def main():
except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_NOT_FOUND):
print "User %s not found" % username
return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % e.message
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
+ except:
+ raise
# If any options are set we use just those. Otherwise ask for all of them.
if options.gn or options.sn or options.directory or options.gecos or options.mail or options.shell or options.addattr or options.delattr or options.setattr or options.activate:
@@ -202,7 +185,7 @@ def main():
if not options.shell:
while (cont != True):
shell = raw_input("shell: [%s] " % user.getValue('loginshell'))
-
+
if len(shell) < 1:
shell = None
cont = True
@@ -241,7 +224,7 @@ def main():
if len(a) != 2:
set_add_usage("add")
sys.exit(1)
- (attr,value) = a
+ (attr,value) = a
cvalue = user.getValue(attr)
if cvalue:
if isinstance(cvalue,str):
@@ -249,35 +232,54 @@ def main():
value = cvalue + [value]
user.setValue(attr, value)
- try:
- if options.activate:
- try:
- client.mark_user_active(user.getValues('uid'))
- print "User activated successfully."
- except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST):
- print "User is already marked active"
- return 0
- except:
- raise
- client.update_user(user)
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ if options.activate:
+ try:
+ client.mark_user_active(user.getValues('uid'))
+ print "User activated successfully."
+ except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_EMPTY_MODLIST):
+ print "User is already marked active"
+ return 0
+ except:
+ raise
+
+ client.update_user(user)
print username + " successfully updated"
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.user
+ import ipa.ipaclient as ipaclient
+ import ipa.ipavalidate as ipavalidate
+ import ipa.ipautil as ipautil
+ import ipa.config
+
+ import xmlrpclib
+ import kerberos
+ import ldap
+ import errno
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (e[0][0], e[0][1])
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-passwd b/ipa-admintools/ipa-passwd
index 44f3ed2a..2494923f 100644
--- a/ipa-admintools/ipa-passwd
+++ b/ipa-admintools/ipa-passwd
@@ -18,19 +18,6 @@
# Foundation, Inc., 59 Tempal Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.ipaclient as ipaclient
-import ipa.config
-
-import xmlrpclib
-import kerberos
-import krbV
-import ldap
-import getpass
-import errno
-
def usage():
print "ipa-passwd [user]"
sys.exit(1)
@@ -53,7 +40,7 @@ def get_principal(krbctx):
#TODO: do a kinit
print "Unable to get kerberos principal: %s" % e[1]
return None
-
+
return cprinc.name
def main():
@@ -105,26 +92,43 @@ def main():
print "Password change cancelled"
return 1
- try:
- client = ipaclient.IPAClient()
- client.modifyPassword(principal, '', password)
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
+ client = ipaclient.IPAClient()
+ client.modifyPassword(principal, '', password)
return 0
-if __name__ == "__main__":
- sys.exit(main())
+try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.ipaclient as ipaclient
+ import ipa.config
+
+ import xmlrpclib
+ import kerberos
+ import krbV
+ import ldap
+ import getpass
+ import errno
+
+ if __name__ == "__main__":
+ sys.exit(main())
+except SystemExit, e:
+ sys.exit(e)
+except KeyboardInterrupt, e:
+ sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (e[0][0], e[0][1])
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-admintools/ipa-pwpolicy b/ipa-admintools/ipa-pwpolicy
index ea5b8dd4..534cba97 100644
--- a/ipa-admintools/ipa-pwpolicy
+++ b/ipa-admintools/ipa-pwpolicy
@@ -18,18 +18,6 @@
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
-import sys
-from optparse import OptionParser
-import ipa
-import ipa.entity
-import ipa.ipaclient as ipaclient
-import ipa.config
-
-import xmlrpclib
-import kerberos
-import errno
-import validate
-
def usage():
print "ipa-pwpolicy [--maxlife days] [--minlife hours] [--history number] [--minclasses number] [--minlength number]"
print "ipa-pwpolicy --show"
@@ -74,21 +62,28 @@ def update_policy(client, options):
new = ipa.entity.Entity(current.toDict())
- if options.maxlife:
- if validate.is_integer(options.maxlife, min=0):
- new.setValue('krbmaxpwdlife', options.maxlife)
- if options.minlife:
- if validate.is_integer(options.minlife, min=0):
- new.setValue('krbminpwdlife', options.minlife)
- if options.history:
- if validate.is_integer(options.history, min=0):
- new.setValue('krbpwdhistorylength', options.history)
- if options.minclasses:
- if validate.is_integer(options.minclasses, min=0):
- new.setValue('krbpwdmindiffchars', options.minclasses)
- if options.minlength:
- if validate.is_integer(options.minlength, min=0):
- new.setValue('krbpwdminlength', options.minlength)
+ try:
+ if options.maxlife:
+ if validate.is_integer(options.maxlife, min=0):
+ new.setValue('krbmaxpwdlife', options.maxlife)
+ if options.minlife:
+ if validate.is_integer(options.minlife, min=0):
+ new.setValue('krbminpwdlife', options.minlife)
+ if options.history:
+ if validate.is_integer(options.history, min=0):
+ new.setValue('krbpwdhistorylength', options.history)
+ if options.minclasses:
+ if validate.is_integer(options.minclasses, min=0):
+ new.setValue('krbpwdmindiffchars', options.minclasses)
+ if options.minlength:
+ if validate.is_integer(options.minlength, min=0):
+ new.setValue('krbpwdminlength', options.minlength)
+ except validate.VdtTypeError, e:
+ print "%s" % (e.message)
+ return 1
+ except validate.VdtValueTooSmallError, e:
+ print "%s" % (e.message)
+ return 1
client.update_password_policy(new)
@@ -98,44 +93,47 @@ def main():
if options.usage:
usage()
- try:
- client = ipaclient.IPAClient()
-
- if options.show:
- show_policy(client)
- return 0
-
- update_policy(client, options)
- except xmlrpclib.Fault, fault:
- if fault.faultCode == errno.ECONNREFUSED:
- print "The IPA XML-RPC service is not responding."
- else:
- print fault.faultString
- return 1
- except kerberos.GSSError, e:
- print "Could not initialize GSSAPI: %s/%s" % (e[0][0], e[0][1])
- return 1
- except xmlrpclib.ProtocolError, e:
- print "Unable to connect to IPA server: %s" % (e.errmsg)
- return 1
- except ipa.ipaerror.IPAError, e:
- print "%s" % (e.message)
- return 1
- except validate.VdtTypeError, e:
- print "%s" % (e.message)
- return 1
- except validate.VdtValueTooSmallError, e:
- print "%s" % (e.message)
- return 1
- except KeyboardInterrupt, e:
- return 1
-
+ client = ipaclient.IPAClient()
+
+ if options.show:
+ show_policy(client)
+ return 0
+
+ update_policy(client, options)
+
return 0
try:
+ import sys
+ from optparse import OptionParser
+ import ipa
+ import ipa.entity
+ import ipa.ipaclient as ipaclient
+ import ipa.config
+
+ import xmlrpclib
+ import kerberos
+ import errno
+ import validate
+
if __name__ == "__main__":
sys.exit(main())
except SystemExit, e:
sys.exit(e)
except KeyboardInterrupt, e:
sys.exit(1)
+except xmlrpclib.Fault, fault:
+ if fault.faultCode == errno.ECONNREFUSED:
+ print "The IPA XML-RPC service is not responding."
+ else:
+ print fault.faultString
+ sys.exit(1)
+except kerberos.GSSError, e:
+ print "Could not initialize GSSAPI: %s/%s" % (e[0][0], e[0][1])
+ sys.exit(1)
+except xmlrpclib.ProtocolError, e:
+ print "Unable to connect to IPA server: %s" % (e.errmsg)
+ sys.exit(1)
+except ipa.ipaerror.IPAError, e:
+ print "%s" % (e.message)
+ sys.exit(1)
diff --git a/ipa-python/ipautil.py b/ipa-python/ipautil.py
index 4b1feb4c..919d4a6b 100644
--- a/ipa-python/ipautil.py
+++ b/ipa-python/ipautil.py
@@ -828,3 +828,15 @@ class ItemCompleter:
return items
+def get_gsserror(e):
+ """A GSSError exception looks differently in python 2.4 than it does
+ in python 2.5, deal with it."""
+
+ try:
+ primary = e[0]
+ secondary = e[1]
+ except:
+ primary = e[0][0]
+ secondary = e[0][1]
+
+ return (primary[0], secondary[0])