[Freeipa-devel] [PATCH] Add new pwpolicy plugin based on baseldap classes
Rob Crittenden
rcritten at redhat.com
Tue Apr 27 19:49:59 UTC 2010
Pavel Zůna wrote:
> Don't mind the numbering. This is a completely independent patch.
>
> It adds a new pwpolicy plugin based on baseldap.py classes. It has the
> same functionality as the current pwpolicy plugin, but a more clean and
> consistent interface, fine grained search capabilities, etc.
>
> This is actually an updated version of a patch I released some time ago,
> but it never got fully reviewed.
>
> Pavel
The original pwpolicy module took group policy via the --group option,
yours takes group as the first argument (if any). My thought on this was
that at some point someone would want per-user password policy so we
could add a --user option. If this isn't forseen as needed then using
the first argument for group is probably easier to grok.
Had a failure:
$ ./ipa pwpolicy2-mod g1 --priority=2
ipa: ERROR: an internal error has occurred
File "/home/rcrit/redhat/freeipa-ca/ipalib/plugins/pwpolicy2.py",
line 99, in pre_callback
del entry_attrs['cn']
KeyError: 'cn'
rob
More information about the Freeipa-devel
mailing list