File: //lib/python3.9/site-packages/ipaclient/remote_plugins/2_164/host.py
#
# Copyright (C) 2016 FreeIPA Contributors see COPYING for license
#
# pylint: disable=unused-import
import six
from . import Command, Method, Object
from ipalib import api, parameters, output
from ipalib.parameters import DefaultFrom
from ipalib.plugable import Registry
from ipalib.text import _
from ipapython.dn import DN
from ipapython.dnsutil import DNSName
if six.PY3:
unicode = str
__doc__ = _("""
Hosts/Machines
A host represents a machine. It can be used in a number of contexts:
- service entries are associated with a host
- a host stores the host/ service principal
- a host can be used in Host-based Access Control (HBAC) rules
- every enrolled client generates a host entry
ENROLLMENT:
There are three enrollment scenarios when enrolling a new client:
1. You are enrolling as a full administrator. The host entry may exist
or not. A full administrator is a member of the hostadmin role
or the admins group.
2. You are enrolling as a limited administrator. The host must already
exist. A limited administrator is a member a role with the
Host Enrollment privilege.
3. The host has been created with a one-time password.
RE-ENROLLMENT:
Host that has been enrolled at some point, and lost its configuration (e.g. VM
destroyed) can be re-enrolled.
For more information, consult the manual pages for ipa-client-install.
A host can optionally store information such as where it is located,
the OS that it runs, etc.
EXAMPLES:
Add a new host:
ipa host-add --location="3rd floor lab" --locality=Dallas test.example.com
Delete a host:
ipa host-del test.example.com
Add a new host with a one-time password:
ipa host-add --os='Fedora 12' --password=Secret123 test.example.com
Add a new host with a random one-time password:
ipa host-add --os='Fedora 12' --random test.example.com
Modify information about a host:
ipa host-mod --os='Fedora 12' test.example.com
Remove SSH public keys of a host and update DNS to reflect this change:
ipa host-mod --sshpubkey= --updatedns test.example.com
Disable the host Kerberos key, SSL certificate and all of its services:
ipa host-disable test.example.com
Add a host that can manage this host's keytab and certificate:
ipa host-add-managedby --hosts=test2 test
Allow user to create a keytab:
ipa host-allow-create-keytab test2 --users=tuser1
""")
register = Registry()
@register()
class host(Object):
takes_params = (
parameters.Str(
'fqdn',
primary_key=True,
label=_(u'Host name'),
),
parameters.Str(
'description',
required=False,
label=_(u'Description'),
doc=_(u'A description of this host'),
),
parameters.Str(
'l',
required=False,
label=_(u'Locality'),
doc=_(u'Host locality (e.g. "Baltimore, MD")'),
),
parameters.Str(
'nshostlocation',
required=False,
label=_(u'Location'),
doc=_(u'Host location (e.g. "Lab 2")'),
),
parameters.Str(
'nshardwareplatform',
required=False,
label=_(u'Platform'),
doc=_(u'Host hardware platform (e.g. "Lenovo T61")'),
),
parameters.Str(
'nsosversion',
required=False,
label=_(u'Operating system'),
doc=_(u'Host operating system and version (e.g. "Fedora 9")'),
),
parameters.Str(
'userpassword',
required=False,
label=_(u'User password'),
doc=_(u'Password used in bulk enrollment'),
),
parameters.Flag(
'random',
required=False,
doc=_(u'Generate a random password to be used in bulk enrollment'),
),
parameters.Str(
'randompassword',
required=False,
label=_(u'Random password'),
),
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'krbprincipalname',
required=False,
label=_(u'Principal name'),
),
parameters.Str(
'macaddress',
required=False,
multivalue=True,
label=_(u'MAC address'),
doc=_(u'Hardware MAC address(es) on this host'),
),
parameters.Str(
'ipasshpubkey',
required=False,
multivalue=True,
label=_(u'SSH public key'),
),
parameters.Str(
'userclass',
required=False,
multivalue=True,
label=_(u'Class'),
doc=_(u'Host category (semantics placed on this attribute are for local interpretation)'),
),
parameters.Str(
'ipaassignedidview',
required=False,
label=_(u'Assigned ID View'),
),
parameters.Bool(
'ipakrbrequirespreauth',
required=False,
label=_(u'Requires pre-authentication'),
doc=_(u'Pre-authentication is required for the service'),
),
parameters.Bool(
'ipakrbokasdelegate',
required=False,
label=_(u'Trusted for delegation'),
doc=_(u'Client credentials may be delegated to the service'),
),
parameters.Flag(
'has_password',
label=_(u'Password'),
),
parameters.Str(
'memberof_hostgroup',
required=False,
label=_(u'Member of host-groups'),
),
parameters.Str(
'memberof_role',
required=False,
label=_(u'Roles'),
),
parameters.Str(
'memberof_netgroup',
required=False,
label=_(u'Member of netgroups'),
),
parameters.Str(
'memberof_sudorule',
required=False,
label=_(u'Member of Sudo rule'),
),
parameters.Str(
'memberof_hbacrule',
required=False,
label=_(u'Member of HBAC rule'),
),
parameters.Str(
'memberofindirect_netgroup',
required=False,
label=_(u'Indirect Member of netgroup'),
),
parameters.Str(
'memberofindirect_hostgroup',
required=False,
label=_(u'Indirect Member of host-group'),
),
parameters.Str(
'memberofindirect_role',
required=False,
label=_(u'Indirect Member of role'),
),
parameters.Str(
'memberofindirect_sudorule',
required=False,
label=_(u'Indirect Member of Sudo rule'),
),
parameters.Str(
'memberofindirect_hbacrule',
required=False,
label=_(u'Indirect Member of HBAC rule'),
),
parameters.Flag(
'has_keytab',
label=_(u'Keytab'),
),
parameters.Str(
'managedby_host',
label=_(u'Managed by'),
),
parameters.Str(
'managing_host',
label=_(u'Managing'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_user',
label=_(u'Users allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_group',
label=_(u'Groups allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_host',
label=_(u'Hosts allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_read_keys_hostgroup',
label=_(u'Host Groups allowed to retrieve keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_user',
label=_(u'Users allowed to create keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_group',
label=_(u'Groups allowed to create keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_host',
label=_(u'Hosts allowed to create keytab'),
),
parameters.Str(
'ipaallowedtoperform_write_keys_hostgroup',
label=_(u'Host Groups allowed to create keytab'),
),
)
@register()
class host_add(Method):
__doc__ = _("Add a new host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
doc=_(u'A description of this host'),
),
parameters.Str(
'l',
required=False,
cli_name='locality',
label=_(u'Locality'),
doc=_(u'Host locality (e.g. "Baltimore, MD")'),
),
parameters.Str(
'nshostlocation',
required=False,
cli_name='location',
label=_(u'Location'),
doc=_(u'Host location (e.g. "Lab 2")'),
),
parameters.Str(
'nshardwareplatform',
required=False,
cli_name='platform',
label=_(u'Platform'),
doc=_(u'Host hardware platform (e.g. "Lenovo T61")'),
),
parameters.Str(
'nsosversion',
required=False,
cli_name='os',
label=_(u'Operating system'),
doc=_(u'Host operating system and version (e.g. "Fedora 9")'),
),
parameters.Str(
'userpassword',
required=False,
cli_name='password',
label=_(u'User password'),
doc=_(u'Password used in bulk enrollment'),
),
parameters.Flag(
'random',
required=False,
doc=_(u'Generate a random password to be used in bulk enrollment'),
default=False,
autofill=True,
),
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'macaddress',
required=False,
multivalue=True,
label=_(u'MAC address'),
doc=_(u'Hardware MAC address(es) on this host'),
no_convert=True,
),
parameters.Str(
'ipasshpubkey',
required=False,
multivalue=True,
cli_name='sshpubkey',
label=_(u'SSH public key'),
no_convert=True,
),
parameters.Str(
'userclass',
required=False,
multivalue=True,
cli_name='class',
label=_(u'Class'),
doc=_(u'Host category (semantics placed on this attribute are for local interpretation)'),
),
parameters.Str(
'ipaassignedidview',
required=False,
label=_(u'Assigned ID View'),
exclude=('cli', 'webui'),
),
parameters.Bool(
'ipakrbrequirespreauth',
required=False,
cli_name='requires_pre_auth',
label=_(u'Requires pre-authentication'),
doc=_(u'Pre-authentication is required for the service'),
),
parameters.Bool(
'ipakrbokasdelegate',
required=False,
cli_name='ok_as_delegate',
label=_(u'Trusted for delegation'),
doc=_(u'Client credentials may be delegated to the service'),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'),
exclude=('webui',),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'),
exclude=('webui',),
),
parameters.Flag(
'force',
label=_(u'Force'),
doc=_(u'force host name even if not in DNS'),
default=False,
autofill=True,
),
parameters.Flag(
'no_reverse',
doc=_(u'skip reverse DNS detection'),
default=False,
autofill=True,
),
parameters.Str(
'ip_address',
required=False,
label=_(u'IP Address'),
doc=_(u'Add the host to DNS with this IP address'),
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.PrimaryKey(
'value',
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
@register()
class host_add_cert(Method):
__doc__ = _("Add certificates to host entry")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
alwaysask=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.PrimaryKey(
'value',
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
@register()
class host_add_managedby(Method):
__doc__ = _("Add hosts that can manage this host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Str(
'host',
required=False,
multivalue=True,
cli_name='hosts',
label=_(u'member host'),
doc=_(u'hosts to add'),
alwaysask=True,
),
)
has_output = (
output.Entry(
'result',
),
output.Output(
'failed',
dict,
doc=_(u'Members that could not be added'),
),
output.Output(
'completed',
int,
doc=_(u'Number of members added'),
),
)
@register()
class host_allow_create_keytab(Method):
__doc__ = _("Allow users, groups, hosts or host groups to create a keytab of this host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Str(
'user',
required=False,
multivalue=True,
cli_name='users',
label=_(u'member user'),
doc=_(u'users to add'),
alwaysask=True,
),
parameters.Str(
'group',
required=False,
multivalue=True,
cli_name='groups',
label=_(u'member group'),
doc=_(u'groups to add'),
alwaysask=True,
),
parameters.Str(
'host',
required=False,
multivalue=True,
cli_name='hosts',
label=_(u'member host'),
doc=_(u'hosts to add'),
alwaysask=True,
),
parameters.Str(
'hostgroup',
required=False,
multivalue=True,
cli_name='hostgroups',
label=_(u'member host group'),
doc=_(u'host groups to add'),
alwaysask=True,
),
)
has_output = (
output.Entry(
'result',
),
output.Output(
'failed',
dict,
doc=_(u'Members that could not be added'),
),
output.Output(
'completed',
int,
doc=_(u'Number of members added'),
),
)
@register()
class host_allow_retrieve_keytab(Method):
__doc__ = _("Allow users, groups, hosts or host groups to retrieve a keytab of this host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Str(
'user',
required=False,
multivalue=True,
cli_name='users',
label=_(u'member user'),
doc=_(u'users to add'),
alwaysask=True,
),
parameters.Str(
'group',
required=False,
multivalue=True,
cli_name='groups',
label=_(u'member group'),
doc=_(u'groups to add'),
alwaysask=True,
),
parameters.Str(
'host',
required=False,
multivalue=True,
cli_name='hosts',
label=_(u'member host'),
doc=_(u'hosts to add'),
alwaysask=True,
),
parameters.Str(
'hostgroup',
required=False,
multivalue=True,
cli_name='hostgroups',
label=_(u'member host group'),
doc=_(u'host groups to add'),
alwaysask=True,
),
)
has_output = (
output.Entry(
'result',
),
output.Output(
'failed',
dict,
doc=_(u'Members that could not be added'),
),
output.Output(
'completed',
int,
doc=_(u'Number of members added'),
),
)
@register()
class host_del(Method):
__doc__ = _("Delete a host.")
takes_args = (
parameters.Str(
'fqdn',
multivalue=True,
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Flag(
'continue',
doc=_(u"Continuous mode: Don't stop on errors."),
default=False,
autofill=True,
),
parameters.Flag(
'updatedns',
required=False,
doc=_(u'Remove entries from DNS'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Output(
'result',
dict,
doc=_(u'List of deletions that failed'),
),
output.ListOfPrimaryKeys(
'value',
),
)
@register()
class host_disable(Method):
__doc__ = _("Disable the Kerberos key, SSL certificate and all services of a host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Output(
'result',
bool,
doc=_(u'True means the operation was successful'),
),
output.PrimaryKey(
'value',
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
@register()
class host_disallow_create_keytab(Method):
__doc__ = _("Disallow users, groups, hosts or host groups to create a keytab of this host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Str(
'user',
required=False,
multivalue=True,
cli_name='users',
label=_(u'member user'),
doc=_(u'users to remove'),
alwaysask=True,
),
parameters.Str(
'group',
required=False,
multivalue=True,
cli_name='groups',
label=_(u'member group'),
doc=_(u'groups to remove'),
alwaysask=True,
),
parameters.Str(
'host',
required=False,
multivalue=True,
cli_name='hosts',
label=_(u'member host'),
doc=_(u'hosts to remove'),
alwaysask=True,
),
parameters.Str(
'hostgroup',
required=False,
multivalue=True,
cli_name='hostgroups',
label=_(u'member host group'),
doc=_(u'host groups to remove'),
alwaysask=True,
),
)
has_output = (
output.Entry(
'result',
),
output.Output(
'failed',
dict,
doc=_(u'Members that could not be removed'),
),
output.Output(
'completed',
int,
doc=_(u'Number of members removed'),
),
)
@register()
class host_disallow_retrieve_keytab(Method):
__doc__ = _("Disallow users, groups, hosts or host groups to retrieve a keytab of this host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Str(
'user',
required=False,
multivalue=True,
cli_name='users',
label=_(u'member user'),
doc=_(u'users to remove'),
alwaysask=True,
),
parameters.Str(
'group',
required=False,
multivalue=True,
cli_name='groups',
label=_(u'member group'),
doc=_(u'groups to remove'),
alwaysask=True,
),
parameters.Str(
'host',
required=False,
multivalue=True,
cli_name='hosts',
label=_(u'member host'),
doc=_(u'hosts to remove'),
alwaysask=True,
),
parameters.Str(
'hostgroup',
required=False,
multivalue=True,
cli_name='hostgroups',
label=_(u'member host group'),
doc=_(u'host groups to remove'),
alwaysask=True,
),
)
has_output = (
output.Entry(
'result',
),
output.Output(
'failed',
dict,
doc=_(u'Members that could not be removed'),
),
output.Output(
'completed',
int,
doc=_(u'Number of members removed'),
),
)
@register()
class host_find(Method):
__doc__ = _("Search for hosts.")
takes_args = (
parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
),
)
takes_options = (
parameters.Str(
'fqdn',
required=False,
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
doc=_(u'A description of this host'),
),
parameters.Str(
'l',
required=False,
cli_name='locality',
label=_(u'Locality'),
doc=_(u'Host locality (e.g. "Baltimore, MD")'),
),
parameters.Str(
'nshostlocation',
required=False,
cli_name='location',
label=_(u'Location'),
doc=_(u'Host location (e.g. "Lab 2")'),
),
parameters.Str(
'nshardwareplatform',
required=False,
cli_name='platform',
label=_(u'Platform'),
doc=_(u'Host hardware platform (e.g. "Lenovo T61")'),
),
parameters.Str(
'nsosversion',
required=False,
cli_name='os',
label=_(u'Operating system'),
doc=_(u'Host operating system and version (e.g. "Fedora 9")'),
),
parameters.Str(
'userpassword',
required=False,
cli_name='password',
label=_(u'User password'),
doc=_(u'Password used in bulk enrollment'),
),
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'macaddress',
required=False,
multivalue=True,
label=_(u'MAC address'),
doc=_(u'Hardware MAC address(es) on this host'),
no_convert=True,
),
parameters.Str(
'userclass',
required=False,
multivalue=True,
cli_name='class',
label=_(u'Class'),
doc=_(u'Host category (semantics placed on this attribute are for local interpretation)'),
),
parameters.Str(
'ipaassignedidview',
required=False,
label=_(u'Assigned ID View'),
exclude=('cli', 'webui'),
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds (0 is unlimited)'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned (0 is unlimited)'),
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=_(u'Results should contain primary key attribute only ("hostname")'),
default=False,
autofill=True,
),
parameters.Str(
'in_hostgroup',
required=False,
multivalue=True,
cli_name='in_hostgroups',
label=_(u'host group'),
doc=_(u'Search for hosts with these member of host groups.'),
),
parameters.Str(
'not_in_hostgroup',
required=False,
multivalue=True,
cli_name='not_in_hostgroups',
label=_(u'host group'),
doc=_(u'Search for hosts without these member of host groups.'),
),
parameters.Str(
'in_netgroup',
required=False,
multivalue=True,
cli_name='in_netgroups',
label=_(u'netgroup'),
doc=_(u'Search for hosts with these member of netgroups.'),
),
parameters.Str(
'not_in_netgroup',
required=False,
multivalue=True,
cli_name='not_in_netgroups',
label=_(u'netgroup'),
doc=_(u'Search for hosts without these member of netgroups.'),
),
parameters.Str(
'in_role',
required=False,
multivalue=True,
cli_name='in_roles',
label=_(u'role'),
doc=_(u'Search for hosts with these member of roles.'),
),
parameters.Str(
'not_in_role',
required=False,
multivalue=True,
cli_name='not_in_roles',
label=_(u'role'),
doc=_(u'Search for hosts without these member of roles.'),
),
parameters.Str(
'in_hbacrule',
required=False,
multivalue=True,
cli_name='in_hbacrules',
label=_(u'HBAC rule'),
doc=_(u'Search for hosts with these member of HBAC rules.'),
),
parameters.Str(
'not_in_hbacrule',
required=False,
multivalue=True,
cli_name='not_in_hbacrules',
label=_(u'HBAC rule'),
doc=_(u'Search for hosts without these member of HBAC rules.'),
),
parameters.Str(
'in_sudorule',
required=False,
multivalue=True,
cli_name='in_sudorules',
label=_(u'sudo rule'),
doc=_(u'Search for hosts with these member of sudo rules.'),
),
parameters.Str(
'not_in_sudorule',
required=False,
multivalue=True,
cli_name='not_in_sudorules',
label=_(u'sudo rule'),
doc=_(u'Search for hosts without these member of sudo rules.'),
),
parameters.Str(
'enroll_by_user',
required=False,
multivalue=True,
cli_name='enroll_by_users',
label=_(u'user'),
doc=_(u'Search for hosts with these enrolled by users.'),
),
parameters.Str(
'not_enroll_by_user',
required=False,
multivalue=True,
cli_name='not_enroll_by_users',
label=_(u'user'),
doc=_(u'Search for hosts without these enrolled by users.'),
),
parameters.Str(
'man_by_host',
required=False,
multivalue=True,
cli_name='man_by_hosts',
label=_(u'host'),
doc=_(u'Search for hosts with these managed by hosts.'),
),
parameters.Str(
'not_man_by_host',
required=False,
multivalue=True,
cli_name='not_man_by_hosts',
label=_(u'host'),
doc=_(u'Search for hosts without these managed by hosts.'),
),
parameters.Str(
'man_host',
required=False,
multivalue=True,
cli_name='man_hosts',
label=_(u'host'),
doc=_(u'Search for hosts with these managing hosts.'),
),
parameters.Str(
'not_man_host',
required=False,
multivalue=True,
cli_name='not_man_hosts',
label=_(u'host'),
doc=_(u'Search for hosts without these managing hosts.'),
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries(
'result',
),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
@register()
class host_mod(Method):
__doc__ = _("Modify information about a host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
doc=_(u'A description of this host'),
),
parameters.Str(
'l',
required=False,
cli_name='locality',
label=_(u'Locality'),
doc=_(u'Host locality (e.g. "Baltimore, MD")'),
),
parameters.Str(
'nshostlocation',
required=False,
cli_name='location',
label=_(u'Location'),
doc=_(u'Host location (e.g. "Lab 2")'),
),
parameters.Str(
'nshardwareplatform',
required=False,
cli_name='platform',
label=_(u'Platform'),
doc=_(u'Host hardware platform (e.g. "Lenovo T61")'),
),
parameters.Str(
'nsosversion',
required=False,
cli_name='os',
label=_(u'Operating system'),
doc=_(u'Host operating system and version (e.g. "Fedora 9")'),
),
parameters.Str(
'userpassword',
required=False,
cli_name='password',
label=_(u'User password'),
doc=_(u'Password used in bulk enrollment'),
),
parameters.Flag(
'random',
required=False,
doc=_(u'Generate a random password to be used in bulk enrollment'),
default=False,
autofill=True,
),
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'macaddress',
required=False,
multivalue=True,
label=_(u'MAC address'),
doc=_(u'Hardware MAC address(es) on this host'),
no_convert=True,
),
parameters.Str(
'ipasshpubkey',
required=False,
multivalue=True,
cli_name='sshpubkey',
label=_(u'SSH public key'),
no_convert=True,
),
parameters.Str(
'userclass',
required=False,
multivalue=True,
cli_name='class',
label=_(u'Class'),
doc=_(u'Host category (semantics placed on this attribute are for local interpretation)'),
),
parameters.Str(
'ipaassignedidview',
required=False,
label=_(u'Assigned ID View'),
exclude=('cli', 'webui'),
),
parameters.Bool(
'ipakrbrequirespreauth',
required=False,
cli_name='requires_pre_auth',
label=_(u'Requires pre-authentication'),
doc=_(u'Pre-authentication is required for the service'),
),
parameters.Bool(
'ipakrbokasdelegate',
required=False,
cli_name='ok_as_delegate',
label=_(u'Trusted for delegation'),
doc=_(u'Client credentials may be delegated to the service'),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'),
exclude=('webui',),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'),
exclude=('webui',),
),
parameters.Str(
'delattr',
required=False,
multivalue=True,
doc=_(u'Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.'),
exclude=('webui',),
),
parameters.Flag(
'rights',
label=_(u'Rights'),
doc=_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'),
default=False,
autofill=True,
),
parameters.Str(
'krbprincipalname',
required=False,
cli_name='principalname',
label=_(u'Principal name'),
doc=_(u'Kerberos principal name for this host'),
),
parameters.Flag(
'updatedns',
required=False,
doc=_(u'Update DNS entries'),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.PrimaryKey(
'value',
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
@register()
class host_remove_cert(Method):
__doc__ = _("Remove certificates from host entry")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Bytes(
'usercertificate',
required=False,
multivalue=True,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
alwaysask=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.PrimaryKey(
'value',
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
@register()
class host_remove_managedby(Method):
__doc__ = _("Remove hosts that can manage this host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
parameters.Str(
'host',
required=False,
multivalue=True,
cli_name='hosts',
label=_(u'member host'),
doc=_(u'hosts to remove'),
alwaysask=True,
),
)
has_output = (
output.Entry(
'result',
),
output.Output(
'failed',
dict,
doc=_(u'Members that could not be removed'),
),
output.Output(
'completed',
int,
doc=_(u'Number of members removed'),
),
)
@register()
class host_show(Method):
__doc__ = _("Display information about a host.")
takes_args = (
parameters.Str(
'fqdn',
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
)
takes_options = (
parameters.Flag(
'rights',
label=_(u'Rights'),
doc=_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'),
default=False,
autofill=True,
),
parameters.Str(
'out',
required=False,
doc=_(u'file to store certificate in'),
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'no_members',
doc=_(u'Suppress processing of membership attributes.'),
exclude=('webui', 'cli'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.PrimaryKey(
'value',
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)