About: Licorn® DevBlog
rss
Browse by time:
- May 2012 (1)
- April 2012 (2)
- March 2012 (2)
- February 2012 (3)
- December 2011 (1)
- October 2011 (3)
- September 2011 (3)
- May 2011 (3)
- April 2011 (1)
- March 2011 (2)
- February 2011 (1)
- January 2011 (2)
- December 2010 (7)
- November 2010 (5)
- October 2010 (2)
- September 2010 (3)
- August 2010 (10)
- July 2010 (3)
- June 2010 (6)
- March 2009 (1)
- January 2009 (8)
Browse by category:
- rss ACLs (1)
- rss Architecture (1)
- rss CLI (4)
- rss D3 (1)
- rss Debian (1)
- rss LDAP (3)
- rss Licorn (4)
- rss Licorn® (2)
- rss NFS (1)
- rss OOP (1)
- rss Pyro (2)
- rss QA (2)
- rss RPC (1)
- rss SAMBA (1)
- rss Twisted (1)
- rss UNIX (1)
- rss WMI (5)
- rss add (2)
- rss admin (1)
- rss animations (1)
- rss apache (1)
- rss apprentice (1)
- rss architecture (1)
- rss automation (2)
- rss backend (5)
- rss backends (2)
- rss backup (2)
- rss bazaar (2)
- rss benchmark (1)
- rss bugfix (1)
- rss bugs (1)
- rss bzr (3)
- rss change (1)
- rss changes (1)
- rss check (1)
- rss chk (1)
- rss cleanup (1)
- rss cli (1)
- rss client (1)
- rss code (3)
- rss coding (1)
- rss completion (1)
- rss complexity (1)
- rss configuration (4)
- rss console (1)
- rss controllers (1)
- rss core (3)
- rss crashes (1)
- rss customization (1)
- rss daemon (12)
- rss darcs (4)
- rss debug (2)
- rss debugger (1)
- rss debugging (1)
- rss del (1)
- rss description (2)
- rss developement (1)
- rss developer (1)
- rss development (3)
- rss difficulties (1)
- rss discover (1)
- rss discovery (1)
- rss django (2)
- rss documentation (4)
- rss dynamic (1)
- rss ease (1)
- rss enhance (1)
- rss enhancement (9)
- rss enhancements (2)
- rss errors (1)
- rss events (1)
- rss experimental (1)
- rss extensions (5)
- rss features (1)
- rss finish (1)
- rss flag (1)
- rss flexibility (1)
- rss geany (1)
- rss geekism (1)
- rss get (1)
- rss gevent (2)
- rss git (1)
- rss gitflow (1)
- rss good (1)
- rss graphics (1)
- rss groups (3)
- rss gvim (1)
- rss httperf (1)
- rss https (1)
- rss i18n (1)
- rss ideas (1)
- rss implementation (1)
- rss inotifier (2)
- rss interaction (3)
- rss internals (1)
- rss javascript (1)
- rss jinja2 (1)
- rss jquery (1)
- rss key (1)
- rss ldap (6)
- rss leak (1)
- rss licorn (5)
- rss licornd (8)
- rss licornd-wmi (1)
- rss live (1)
- rss ltrace (2)
- rss machines (1)
- rss major (1)
- rss meliae (1)
- rss memory (1)
- rss migration (2)
- rss milestones (1)
- rss mod (1)
- rss model (1)
- rss modules (2)
- rss monitor (1)
- rss mount (1)
- rss network (4)
- rss news (1)
- rss night (1)
- rss nmap (1)
- rss ntfs (1)
- rss object (1)
- rss openldap (1)
- rss openssh (1)
- rss ouput (1)
- rss password (1)
- rss patch (1)
- rss performance (2)
- rss permissions (1)
- rss pickle (1)
- rss preferences (1)
- rss privileges (2)
- rss profiling (1)
- rss progress (5)
- rss properties (1)
- rss push (1)
- rss pyinotify (1)
- rss pylint (2)
- rss pyro (2)
- rss python (3)
- rss quality (2)
- rss rdiff-backup (1)
- rss readings (1)
- rss readline (1)
- rss refactor (1)
- rss reference (1)
- rss regexxer (1)
- rss release (1)
- rss remote (3)
- rss rename (1)
- rss report (1)
- rss repositories (2)
- rss repository (2)
- rss research (1)
- rss rewrite (1)
- rss rfoo (1)
- rss roadmap (1)
- rss rsync (1)
- rss schema (1)
- rss security (1)
- rss server (2)
- rss service (1)
- rss shadow (1)
- rss shutdown (1)
- rss speed (1)
- rss ssh (1)
- rss standard (1)
- rss status (2)
- rss summary (1)
- rss switch (1)
- rss system (3)
- rss team (1)
- rss testing (1)
- rss testsuite (2)
- rss thread (1)
- rss trac (2)
- rss udisks (1)
- rss unix (3)
- rss upgrade (1)
- rss usb (1)
- rss users (2)
- rss vfat (1)
- rss volumes (2)
- rss webserver (1)
- rss work (1)
- rss worklog (1)
Posts in category add
New set of commands for privileges
If you know about privileges, you know you can manipulate them only via the configuration object, like this:
get config privs sudo add group licorn-wmi --system sudo mod config --add-privileges licorn-wmi sudo add group remote-ssh --system sudo mod config --add-privileges remotessh sudo mod config --del-privileges licorn-wmi,remotessh get config privileges
Now you can handle them kind of "directly", like this:
get privs sudo add group licorn-wmi --system sudo add priv licorn-wmi sudo add group remote-ssh --system sudo add priv remotessh sudo del privs licorn-wmi,remotessh get privileges
Which is quite simpler, and - I think - more logical or consistent with the rest of the command set. The code lies in changeset 310.
- Posted: 2010-08-19 08:55 (Updated: 2010-11-11 15:18)
- Author: olive
- Categories: CLI get privileges add del enhancement configuration mod
- Comments (0)
Two small changes worth noticing in add user/group
two points which were pushed in revision 279, because bzr don't know anything about cherry picking (or I don't know how to use it):
- system users/groups are now always created in the Unix backend. this is far from perfect because they have to be replicated for ACLs to work and this will NEED to be done for the cluster, but the cluster doesn't exist yet, so don't bother. This is needed for groups like acl, remotessh and admins, which NEED to be created in /etc/group on the local system before the LDAP backend is activated (they are checked/created before the LDAP setup). This is kind of a workaround because it should work event with these groups in LDAP, but this implies some deep reorganization in the LicornConfiguration class, which will be done later (see #170).
- add a --force argument to add user/group, for the particular case of user/group with same name. This was trigerring a bug on old debian/ubuntu systems, but should be bypassable nowadays, because I expect adduser tools to have been fixed on this particular point.
