summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2010-10-01 13:33:33 -0400
committerAdam Young <ayoung@redhat.com>2010-10-01 14:16:36 -0400
commitf906aaf3760118b1b089a72b299a8e0a73619547 (patch)
tree32b8c54a68d831a93746147e6d2098bd1f6f6b09
parent88bd2a0a45434ee2cb38fb60a62e37c2538d3007 (diff)
downloadfreeipa-f906aaf3760118b1b089a72b299a8e0a73619547.tar.gz
freeipa-f906aaf3760118b1b089a72b299a8e0a73619547.tar.xz
freeipa-f906aaf3760118b1b089a72b299a8e0a73619547.zip
Groups are now created as POSIX by default.
ticket 241
-rw-r--r--ipalib/plugins/group.py29
-rw-r--r--tests/test_xmlrpc/test_group_plugin.py20
2 files changed, 28 insertions, 21 deletions
diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py
index 616eff2a7..fae6a2804 100644
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@@ -20,10 +20,10 @@
"""
Groups of users
-Manage groups of users. By default, new groups are not POSIX groups. You
-can add the --posix to the group-add command to mark a new group
-as POSIX, and you can use the same argument to the group-mod command to
-convert a non-POSIX group to a POSIX group. POSIX groups cannot be
+Manage groups of users. By default, new groups are POSIX groups. You
+can add the --nonposix to the group-add command to mark a new group
+as non-POSIX, and you can use the same argument to the group-mod command
+to convert a non-POSIX group to a POSIX group. POSIX groups cannot be
converted to non-POSIX groups.
Every group must have a description.
@@ -38,17 +38,17 @@ EXAMPLES:
Add a new group:
ipa group-add --desc='local administrators' localadmins
- Add a new POSIX group:
- ipa group-add --posix --desc='remote administrators' remoteadmins
+ Add a new non-POSIX group:
+ ipa group-add --nonposix --desc='remote administrators' remoteadmins
Convert a non-POSIX group to posix:
- ipa group-mod --posix localadmins
+ ipa group-mod --posix remoteadmins
Add a new POSIX group with a specific Group ID number:
- ipa group-add --posix --gid=500 --desc='unix admins' unixadmins
+ ipa group-add --gid=500 --desc='unix admins' unixadmins
Add a new POSIX group and let IPA assign a Group ID number:
- ipa group-add --posix --desc='printer admins' printeradmins
+ ipa group-add --desc='printer admins' printeradmins
Remove a group:
ipa group-del unixadmins
@@ -134,14 +134,15 @@ class group_add(LDAPCreate):
msg_summary = _('Added group "%(value)s"')
takes_options = LDAPCreate.takes_options + (
- Flag('posix',
- cli_name='posix',
- doc=_('Create as posix group?'),
+ Flag('nonposix',
+ cli_name='nonposix',
+ doc=_('Create as a non-POSIX group?'),
+ default=False,
),
)
def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
- if options['posix'] or 'gidnumber' in options:
+ if not options['nonposix']:
entry_attrs['objectclass'].append('posixgroup')
if not 'gidnumber' in options:
entry_attrs['gidnumber'] = 999
@@ -190,7 +191,7 @@ class group_mod(LDAPUpdate):
takes_options = LDAPUpdate.takes_options + (
Flag('posix',
cli_name='posix',
- doc=_('change to posix group'),
+ doc=_('change to a POSIX group'),
),
)
diff --git a/tests/test_xmlrpc/test_group_plugin.py b/tests/test_xmlrpc/test_group_plugin.py
index f1b1f3270..92792cbfd 100644
--- a/tests/test_xmlrpc/test_group_plugin.py
+++ b/tests/test_xmlrpc/test_group_plugin.py
@@ -66,9 +66,9 @@ class test_group(Declarative):
dict(
- desc='Create %r' % group1,
+ desc='Create non-POSIX %r' % group1,
command=(
- 'group_add', [group1], dict(description=u'Test desc 1')
+ 'group_add', [group1], dict(description=u'Test desc 1',nonposix=True)
),
expected=dict(
value=group1,
@@ -94,7 +94,7 @@ class test_group(Declarative):
dict(
- desc='Retrieve %r' % group1,
+ desc='Retrieve non-POSIX %r' % group1,
command=('group_show', [group1], {}),
expected=dict(
value=group1,
@@ -109,7 +109,7 @@ class test_group(Declarative):
dict(
- desc='Updated %r' % group1,
+ desc='Updated non-POSIX %r' % group1,
command=(
'group_mod', [group1], dict(description=u'New desc 1')
),
@@ -143,7 +143,7 @@ class test_group(Declarative):
# group_mod() test. I think that for all *_mod() commands we should
# just return the entry exactly as *_show() does.
dict(
- desc='Updated %r to promote it to a posix group' % group1,
+ desc='Updated %r to promote it to a POSIX group' % group1,
command=('group_mod', [group1], dict(posix=True)),
expected=dict(
result=dict(
@@ -158,7 +158,7 @@ class test_group(Declarative):
dict(
- desc="Retrieve %r to verify it's a posix group" % group1,
+ desc="Retrieve %r to verify it's a POSIX group" % group1,
command=('group_show', [group1], {}),
expected=dict(
value=group1,
@@ -227,7 +227,8 @@ class test_group(Declarative):
result=dict(
cn=[group2],
description=[u'Test desc 2'],
- objectclass=objectclasses.group,
+ gidnumber=[fuzzy_digits],
+ objectclass=objectclasses.group + [u'posixgroup'],
ipauniqueid=[fuzzy_uuid],
dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn,
),
@@ -253,6 +254,7 @@ class test_group(Declarative):
result=dict(
cn=[group2],
description=[u'Test desc 2'],
+ gidnumber=[fuzzy_digits],
dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn,
),
),
@@ -267,6 +269,7 @@ class test_group(Declarative):
expected=dict(
result=dict(
cn=[group2],
+ gidnumber=[fuzzy_digits],
description=[u'New desc 2'],
),
summary=u'Modified group "testgroup2"',
@@ -283,6 +286,7 @@ class test_group(Declarative):
result=dict(
cn=[group2],
description=[u'New desc 2'],
+ gidnumber=[fuzzy_digits],
dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn,
),
summary=None,
@@ -301,6 +305,7 @@ class test_group(Declarative):
dn=u'cn=%s,cn=groups,cn=accounts,%s' % (group2, api.env.basedn),
cn=[group2],
description=[u'New desc 2'],
+ gidnumber=[fuzzy_digits],
),
],
summary=u'1 group matched',
@@ -345,6 +350,7 @@ class test_group(Declarative):
dn=u'cn=%s,cn=groups,cn=accounts,%s' % (group2, api.env.basedn),
cn=[group2],
description=[u'New desc 2'],
+ gidnumber=[fuzzy_digits],
),
],
),