|
 |
403b09 |
From b79d70c9977a9b5026f8976e172122bf78885dd8 Mon Sep 17 00:00:00 2001
|
|
|
403b09 |
From: Florence Blanc-Renaud <flo@redhat.com>
|
|
|
403b09 |
Date: Wed, 20 Jul 2016 11:02:30 +0200
|
|
|
403b09 |
Subject: [PATCH] Show full error message for selinuxusermap-add-hostgroup
|
|
|
403b09 |
|
|
|
403b09 |
While investigating the issue for selinuxusermap-add-hostgroup,
|
|
|
403b09 |
we discovered that other commands were missing output.
|
|
|
403b09 |
A first patch fixes most of the issues:
|
|
|
403b09 |
freeipa-jcholast-677-frontend-copy-command-arguments-to-output-params-on-.patch
|
|
|
403b09 |
|
|
|
403b09 |
This patch fixes servicedelegation CLI, where
|
|
|
403b09 |
servicedelegation.takes_params was missing
|
|
|
403b09 |
ipaallowedtarget_servicedelegationtarget, ipaallowedtoimpersonate and
|
|
|
403b09 |
memberprincipal
|
|
|
403b09 |
|
|
|
403b09 |
https://fedorahosted.org/freeipa/ticket/6026
|
|
|
403b09 |
|
|
|
403b09 |
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
|
|
|
403b09 |
---
|
|
|
403b09 |
ipaserver/plugins/servicedelegation.py | 53 ++++++++++------------------------
|
|
|
403b09 |
1 file changed, 15 insertions(+), 38 deletions(-)
|
|
|
403b09 |
|
|
|
403b09 |
diff --git a/ipaserver/plugins/servicedelegation.py b/ipaserver/plugins/servicedelegation.py
|
|
|
403b09 |
index 958c3b739a2dd465c2b685672c3deb1af8c36e4e..6f38c36a30363755c80081d02bf4c86d829eae34 100644
|
|
|
403b09 |
--- a/ipaserver/plugins/servicedelegation.py
|
|
|
403b09 |
+++ b/ipaserver/plugins/servicedelegation.py
|
|
|
403b09 |
@@ -96,30 +96,6 @@ PROTECTED_CONSTRAINT_TARGETS = (
|
|
|
403b09 |
)
|
|
|
403b09 |
|
|
|
403b09 |
|
|
|
403b09 |
-output_params = (
|
|
|
403b09 |
- Str(
|
|
|
403b09 |
- 'ipaallowedtarget_servicedelegationtarget',
|
|
|
403b09 |
- label=_('Allowed Target'),
|
|
|
403b09 |
- ),
|
|
|
403b09 |
- Str(
|
|
|
403b09 |
- 'ipaallowedtoimpersonate',
|
|
|
403b09 |
- label=_('Allowed to Impersonate'),
|
|
|
403b09 |
- ),
|
|
|
403b09 |
- Str(
|
|
|
403b09 |
- 'memberprincipal',
|
|
|
403b09 |
- label=_('Member principals'),
|
|
|
403b09 |
- ),
|
|
|
403b09 |
- Str(
|
|
|
403b09 |
- 'failed_memberprincipal',
|
|
|
403b09 |
- label=_('Failed members'),
|
|
|
403b09 |
- ),
|
|
|
403b09 |
- Str(
|
|
|
403b09 |
- 'ipaallowedtarget',
|
|
|
403b09 |
- label=_('Failed targets'),
|
|
|
403b09 |
- ),
|
|
|
403b09 |
-)
|
|
|
403b09 |
-
|
|
|
403b09 |
-
|
|
|
403b09 |
class servicedelegation(LDAPObject):
|
|
|
403b09 |
"""
|
|
|
403b09 |
Service Constrained Delegation base object.
|
|
|
403b09 |
@@ -175,6 +151,21 @@ class servicedelegation(LDAPObject):
|
|
|
403b09 |
label=_('Delegation name'),
|
|
|
403b09 |
primary_key=True,
|
|
|
403b09 |
),
|
|
|
403b09 |
+ Str(
|
|
|
403b09 |
+ 'ipaallowedtarget_servicedelegationtarget',
|
|
|
403b09 |
+ label=_('Allowed Target'),
|
|
|
403b09 |
+ flags={'virtual_attribute', 'no_create', 'no_update', 'no_search'},
|
|
|
403b09 |
+ ),
|
|
|
403b09 |
+ Str(
|
|
|
403b09 |
+ 'ipaallowedtoimpersonate',
|
|
|
403b09 |
+ label=_('Allowed to Impersonate'),
|
|
|
403b09 |
+ flags={'no_create', 'no_update', 'no_search'},
|
|
|
403b09 |
+ ),
|
|
|
403b09 |
+ Str(
|
|
|
403b09 |
+ 'memberprincipal',
|
|
|
403b09 |
+ label=_('Member principals'),
|
|
|
403b09 |
+ flags={'no_create', 'no_update', 'no_search'},
|
|
|
403b09 |
+ ),
|
|
|
403b09 |
)
|
|
|
403b09 |
|
|
|
403b09 |
|
|
|
403b09 |
@@ -186,8 +177,6 @@ class servicedelegation_add_member(LDAPAddMember):
|
|
|
403b09 |
principal_attr = 'memberprincipal'
|
|
|
403b09 |
principal_failedattr = 'failed_memberprincipal'
|
|
|
403b09 |
|
|
|
403b09 |
- has_output_params = LDAPAddMember.has_output_params + output_params
|
|
|
403b09 |
-
|
|
|
403b09 |
def get_options(self):
|
|
|
403b09 |
for option in super(servicedelegation_add_member, self).get_options():
|
|
|
403b09 |
yield option
|
|
|
403b09 |
@@ -268,8 +257,6 @@ class servicedelegation_remove_member(LDAPRemoveMember):
|
|
|
403b09 |
principal_attr = 'memberprincipal'
|
|
|
403b09 |
principal_failedattr = 'failed_memberprincipal'
|
|
|
403b09 |
|
|
|
403b09 |
- has_output_params = LDAPRemoveMember.has_output_params + output_params
|
|
|
403b09 |
-
|
|
|
403b09 |
def get_options(self):
|
|
|
403b09 |
for option in super(
|
|
|
403b09 |
servicedelegation_remove_member, self).get_options():
|
|
|
403b09 |
@@ -397,8 +384,6 @@ class servicedelegationrule_del(LDAPDelete):
|
|
|
403b09 |
class servicedelegationrule_find(LDAPSearch):
|
|
|
403b09 |
__doc__ = _('Search for service delegations rule.')
|
|
|
403b09 |
|
|
|
403b09 |
- has_output_params = LDAPSearch.has_output_params + output_params
|
|
|
403b09 |
-
|
|
|
403b09 |
msg_summary = ngettext(
|
|
|
403b09 |
'%(count)d service delegation rule matched',
|
|
|
403b09 |
'%(count)d service delegation rules matched', 0
|
|
|
403b09 |
@@ -409,8 +394,6 @@ class servicedelegationrule_find(LDAPSearch):
|
|
|
403b09 |
class servicedelegationrule_show(LDAPRetrieve):
|
|
|
403b09 |
__doc__ = _('Display information about a named service delegation rule.')
|
|
|
403b09 |
|
|
|
403b09 |
- has_output_params = LDAPRetrieve.has_output_params + output_params
|
|
|
403b09 |
-
|
|
|
403b09 |
|
|
|
403b09 |
@register()
|
|
|
403b09 |
class servicedelegationrule_add_member(servicedelegation_add_member):
|
|
|
403b09 |
@@ -437,7 +420,6 @@ class servicedelegationrule_add_target(LDAPAddMember):
|
|
|
403b09 |
attribute_members = {
|
|
|
403b09 |
'ipaallowedtarget': ['servicedelegationtarget'],
|
|
|
403b09 |
}
|
|
|
403b09 |
- has_output_params = LDAPAddMember.has_output_params + output_params
|
|
|
403b09 |
|
|
|
403b09 |
|
|
|
403b09 |
@register()
|
|
|
403b09 |
@@ -447,7 +429,6 @@ class servicedelegationrule_remove_target(LDAPRemoveMember):
|
|
|
403b09 |
attribute_members = {
|
|
|
403b09 |
'ipaallowedtarget': ['servicedelegationtarget'],
|
|
|
403b09 |
}
|
|
|
403b09 |
- has_output_params = LDAPRemoveMember.has_output_params + output_params
|
|
|
403b09 |
|
|
|
403b09 |
|
|
|
403b09 |
@register()
|
|
|
403b09 |
@@ -492,8 +473,6 @@ class servicedelegationtarget_del(LDAPDelete):
|
|
|
403b09 |
class servicedelegationtarget_find(LDAPSearch):
|
|
|
403b09 |
__doc__ = _('Search for service delegation target.')
|
|
|
403b09 |
|
|
|
403b09 |
- has_output_params = LDAPSearch.has_output_params + output_params
|
|
|
403b09 |
-
|
|
|
403b09 |
msg_summary = ngettext(
|
|
|
403b09 |
'%(count)d service delegation target matched',
|
|
|
403b09 |
'%(count)d service delegation targets matched', 0
|
|
|
403b09 |
@@ -530,8 +509,6 @@ class servicedelegationtarget_find(LDAPSearch):
|
|
|
403b09 |
class servicedelegationtarget_show(LDAPRetrieve):
|
|
|
403b09 |
__doc__ = _('Display information about a named service delegation target.')
|
|
|
403b09 |
|
|
|
403b09 |
- has_output_params = LDAPRetrieve.has_output_params + output_params
|
|
|
403b09 |
-
|
|
|
403b09 |
|
|
|
403b09 |
@register()
|
|
|
403b09 |
class servicedelegationtarget_add_member(servicedelegation_add_member):
|
|
|
403b09 |
--
|
|
|
403b09 |
2.7.4
|
|
|
403b09 |
|