diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-10-01 13:33:33 -0400 |
---|---|---|
committer | Adam Young <ayoung@redhat.com> | 2010-10-01 14:16:36 -0400 |
commit | f906aaf3760118b1b089a72b299a8e0a73619547 (patch) | |
tree | 32b8c54a68d831a93746147e6d2098bd1f6f6b09 | |
parent | 88bd2a0a45434ee2cb38fb60a62e37c2538d3007 (diff) | |
download | freeipa-f906aaf3760118b1b089a72b299a8e0a73619547.tar.gz freeipa-f906aaf3760118b1b089a72b299a8e0a73619547.tar.xz freeipa-f906aaf3760118b1b089a72b299a8e0a73619547.zip |
Groups are now created as POSIX by default.
ticket 241
-rw-r--r-- | ipalib/plugins/group.py | 29 | ||||
-rw-r--r-- | tests/test_xmlrpc/test_group_plugin.py | 20 |
2 files changed, 28 insertions, 21 deletions
diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py index 616eff2a7..fae6a2804 100644 --- a/ipalib/plugins/group.py +++ b/ipalib/plugins/group.py @@ -20,10 +20,10 @@ """ Groups of users -Manage groups of users. By default, new groups are not POSIX groups. You -can add the --posix to the group-add command to mark a new group -as POSIX, and you can use the same argument to the group-mod command to -convert a non-POSIX group to a POSIX group. POSIX groups cannot be +Manage groups of users. By default, new groups are POSIX groups. You +can add the --nonposix to the group-add command to mark a new group +as non-POSIX, and you can use the same argument to the group-mod command +to convert a non-POSIX group to a POSIX group. POSIX groups cannot be converted to non-POSIX groups. Every group must have a description. @@ -38,17 +38,17 @@ EXAMPLES: Add a new group: ipa group-add --desc='local administrators' localadmins - Add a new POSIX group: - ipa group-add --posix --desc='remote administrators' remoteadmins + Add a new non-POSIX group: + ipa group-add --nonposix --desc='remote administrators' remoteadmins Convert a non-POSIX group to posix: - ipa group-mod --posix localadmins + ipa group-mod --posix remoteadmins Add a new POSIX group with a specific Group ID number: - ipa group-add --posix --gid=500 --desc='unix admins' unixadmins + ipa group-add --gid=500 --desc='unix admins' unixadmins Add a new POSIX group and let IPA assign a Group ID number: - ipa group-add --posix --desc='printer admins' printeradmins + ipa group-add --desc='printer admins' printeradmins Remove a group: ipa group-del unixadmins @@ -134,14 +134,15 @@ class group_add(LDAPCreate): msg_summary = _('Added group "%(value)s"') takes_options = LDAPCreate.takes_options + ( - Flag('posix', - cli_name='posix', - doc=_('Create as posix group?'), + Flag('nonposix', + cli_name='nonposix', + doc=_('Create as a non-POSIX group?'), + default=False, ), ) def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): - if options['posix'] or 'gidnumber' in options: + if not options['nonposix']: entry_attrs['objectclass'].append('posixgroup') if not 'gidnumber' in options: entry_attrs['gidnumber'] = 999 @@ -190,7 +191,7 @@ class group_mod(LDAPUpdate): takes_options = LDAPUpdate.takes_options + ( Flag('posix', cli_name='posix', - doc=_('change to posix group'), + doc=_('change to a POSIX group'), ), ) diff --git a/tests/test_xmlrpc/test_group_plugin.py b/tests/test_xmlrpc/test_group_plugin.py index f1b1f3270..92792cbfd 100644 --- a/tests/test_xmlrpc/test_group_plugin.py +++ b/tests/test_xmlrpc/test_group_plugin.py @@ -66,9 +66,9 @@ class test_group(Declarative): dict( - desc='Create %r' % group1, + desc='Create non-POSIX %r' % group1, command=( - 'group_add', [group1], dict(description=u'Test desc 1') + 'group_add', [group1], dict(description=u'Test desc 1',nonposix=True) ), expected=dict( value=group1, @@ -94,7 +94,7 @@ class test_group(Declarative): dict( - desc='Retrieve %r' % group1, + desc='Retrieve non-POSIX %r' % group1, command=('group_show', [group1], {}), expected=dict( value=group1, @@ -109,7 +109,7 @@ class test_group(Declarative): dict( - desc='Updated %r' % group1, + desc='Updated non-POSIX %r' % group1, command=( 'group_mod', [group1], dict(description=u'New desc 1') ), @@ -143,7 +143,7 @@ class test_group(Declarative): # group_mod() test. I think that for all *_mod() commands we should # just return the entry exactly as *_show() does. dict( - desc='Updated %r to promote it to a posix group' % group1, + desc='Updated %r to promote it to a POSIX group' % group1, command=('group_mod', [group1], dict(posix=True)), expected=dict( result=dict( @@ -158,7 +158,7 @@ class test_group(Declarative): dict( - desc="Retrieve %r to verify it's a posix group" % group1, + desc="Retrieve %r to verify it's a POSIX group" % group1, command=('group_show', [group1], {}), expected=dict( value=group1, @@ -227,7 +227,8 @@ class test_group(Declarative): result=dict( cn=[group2], description=[u'Test desc 2'], - objectclass=objectclasses.group, + gidnumber=[fuzzy_digits], + objectclass=objectclasses.group + [u'posixgroup'], ipauniqueid=[fuzzy_uuid], dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn, ), @@ -253,6 +254,7 @@ class test_group(Declarative): result=dict( cn=[group2], description=[u'Test desc 2'], + gidnumber=[fuzzy_digits], dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn, ), ), @@ -267,6 +269,7 @@ class test_group(Declarative): expected=dict( result=dict( cn=[group2], + gidnumber=[fuzzy_digits], description=[u'New desc 2'], ), summary=u'Modified group "testgroup2"', @@ -283,6 +286,7 @@ class test_group(Declarative): result=dict( cn=[group2], description=[u'New desc 2'], + gidnumber=[fuzzy_digits], dn=u'cn=testgroup2,cn=groups,cn=accounts,' + api.env.basedn, ), summary=None, @@ -301,6 +305,7 @@ class test_group(Declarative): dn=u'cn=%s,cn=groups,cn=accounts,%s' % (group2, api.env.basedn), cn=[group2], description=[u'New desc 2'], + gidnumber=[fuzzy_digits], ), ], summary=u'1 group matched', @@ -345,6 +350,7 @@ class test_group(Declarative): dn=u'cn=%s,cn=groups,cn=accounts,%s' % (group2, api.env.basedn), cn=[group2], description=[u'New desc 2'], + gidnumber=[fuzzy_digits], ), ], ), |