[Freeipa-devel] command-line arguments

Simo Sorce ssorce at redhat.com
Fri Sep 7 14:01:28 UTC 2007


On Fri, 2007-09-07 at 09:10 -0400, Rob Crittenden wrote:
> The command-line tools now are more like beefy unit tests. Some of them 
> are very simple so probably don't require a lot more work, but others 
> do, particularly the ones to add and modify users.
> 
> What attributes do we want to allow and/or require? I picked more or 
> less at random when writing it originally, using luseradd as a loose model.
> 
> Currently it requires first name, lats name and uid. Optional are gecos 
> and home directory.

Requiring First and Last names kills service users which have none, I'd
make that optional

> The main questions I have, some of which apply to adding a user in 
> general, are:
> 
> - Will we allow the password to be set?
Why not? You would have to go another step to set it if you don't allow
it here.

> - Should adding a user create a user-specific group?
I'd say no, users are created which are members of the default users
group or another specified existing group.

> - Can we set the shell?
We need a default of some sort, but I guess we should be able to set it.

> - Can we override the uidNumber?
IMO, we shouldn't, is there any reason why an admin should specify an
uidNumber on creation ?

> - Do we create any directories?
IMO, no, where would you create them? the tool may even run on a PDA on
the other side of the world at some point, and usually it runs on the
admin workstation anyway.
Should we instead configure pam_mkhomedir by default ?

> And for the tools in general, do we want an interactive mode?

IMO, yes.

Simo.




More information about the Freeipa-devel mailing list