[Freeipa-devel] [PATCH] 487 fix netgroup plugin

Adam Young ayoung at redhat.com
Thu Jul 15 02:25:24 UTC 2010 

On 07/14/2010 07:52 PM, Dmitri Pal wrote:
> Adam Young wrote:
>    
>> On 07/14/2010 03:43 PM, Rob Crittenden wrote:
>>      
>>> The netgroup plugin was using the wrong attribute for memberships. It
>>> needs to use memberuser for users and groups and memberhost for hosts
>>> and hostgroups. I fixed this up and corrected the tests as well.
>>>
>>> rob
>>>
>>>
>>> _______________________________________________
>>> Freeipa-devel mailing list
>>> Freeipa-devel at redhat.com
>>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>>>        
>>
>>
>> Got it installed and running.  Unclear how to test.
>>      
>
> Create a user group with 3 users U1 U2 U3. Create a host group with the
> two hosts H 1 H2
> Create a netgroup that includes this user group and this host group
> Configure client to use your IPA server as a source of the netgroups
> Lits the netgoups - should get your netgroup
> List the contents of the netgroup. You should get triplets: user, host,
> domain
> The order of the users and hosts in triplets does not matter. What
> matters is that each host and each user are listed in some triplet and
> generally present in the netgroup not more than once.
>
>
>    
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Freeipa-devel mailing list
>> Freeipa-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>>      
>
>    



Here's my script.  ypcat stopped working with

No such map netgroup. Reason: Can't communicate with portmapper

Too tired to debug tonight/

ipa user-add --first=Kermit --last=Frog kfrog
ipa user-add --first=Count --last=VonCount count123
ipa user-add --first=Oscar --last=Grouch scram

ipa user-add --first=Elmo --last=Gonzales elmo
ipa user-add --first=Zoe --last=MacPhearson zoe
ipa user-add --first=Prairie --last=Dawn pdawn


ipa group-add --desc="Monsters on Sesame Street" monsters
ipa group-add --desc="Muppets moonlighting for CTW" muppets

ipa group-add-member --users=kfrog,scram,pdawn muppets
ipa group-add-member --users=count123,elmo,zoe monsters

ipa netgroup-add --desc="staging servers" net-stage
ipa netgroup-add --desc="live servers" net-live

ipa hostgroup-add --desc "Live servers" host-live
ipa hostgroup-add --desc "Staging servers" stage-live


ipa hostgroup-add-member --hosts 
live3.pbs.org,live2.pbs.org,live1.pbs.org host-live
ipa hostgroup-add-member --hosts 
stage3.pbs.org,stage2.pbs.org,stage1.pbs.org host-stage


ipa netgroup-add-member  --groups=muppets --hostgroups=host-live net-live
ipa netgroup-add-member  --groups=muppets --hostgroups=host-stage net-stage



ypcat -d  ipa.ayoung.boston.devel.redhat.com -h 
ipa.ayoung.boston.devel.redhat.com netgroup

More information about the Freeipa-devel mailing list