diff options
author | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2018-05-24 10:33:27 +0530 |
---|---|---|
committer | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2018-06-18 14:42:19 +0530 |
commit | 05375b14e5a68ac249da6a8cd68e3d522a7ed022 (patch) | |
tree | 2d2f8e1e99e025532541f27d88bd13d767c5c28e /xyz | |
parent | 49f855f07d478832875c0dda4ca35591c0fec91d (diff) | |
download | phosphor-dbus-interfaces-05375b14e5a68ac249da6a8cd68e3d522a7ed022.tar.gz phosphor-dbus-interfaces-05375b14e5a68ac249da6a8cd68e3d522a7ed022.zip |
Basic user manager D-Bus support
Basic User Manager D-Bus interfaces along
with signal to indicate other services.
Note: Removal of password.interfaces.yaml will be
done in separate commit
Change-Id: Ia547a0deae53eb25adf2cbc04c9d7a3593265a19
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Diffstat (limited to 'xyz')
-rw-r--r-- | xyz/openbmc_project/User/Attributes.interface.yaml | 21 | ||||
-rw-r--r-- | xyz/openbmc_project/User/Common.errors.yaml | 15 | ||||
-rw-r--r-- | xyz/openbmc_project/User/Common.metadata.yaml | 19 | ||||
-rw-r--r-- | xyz/openbmc_project/User/Manager.interface.yaml | 83 | ||||
-rw-r--r-- | xyz/openbmc_project/User/README.md | 41 |
5 files changed, 179 insertions, 0 deletions
diff --git a/xyz/openbmc_project/User/Attributes.interface.yaml b/xyz/openbmc_project/User/Attributes.interface.yaml new file mode 100644 index 0000000..108934d --- /dev/null +++ b/xyz/openbmc_project/User/Attributes.interface.yaml @@ -0,0 +1,21 @@ +description: > + Provides user objects, their properties. + As communication to this service is done through authenticated + & authorized session, there won't be any validation for the both. + +properties: + - name: UserGroups + type: array[string] + description: > + Groups to which the user belong. + + - name: UserPrivilege + type: string + description: > + Privilege of the user. + + - name: UserEnabled + type: boolean + description: > + Enabled or disabled state of the user. +# vim: tabstop=8 expandtab shiftwidth=4 softtabstop=4 diff --git a/xyz/openbmc_project/User/Common.errors.yaml b/xyz/openbmc_project/User/Common.errors.yaml new file mode 100644 index 0000000..a1c60ab --- /dev/null +++ b/xyz/openbmc_project/User/Common.errors.yaml @@ -0,0 +1,15 @@ +# xyz.openbmc_project.User.Common.Error.UserNameExists +- name: UserNameExists + description: Specified user name already exists. +# xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist +- name: UserNameDoesNotExist + description: Specified user name does not exist. +# xyz.openbmc_project.User.Common.Error.UserNameGroupFail +- name: UserNameGroupFail + description: Specified Group related restriction failure for user name. +# xyz.openbmc_project.User.Common.Error.UserNamePrivFail +- name: UserNamePrivFail + description: Specificed privilege related restriction failure for user name. +# xyz.openbmc_project.User.Common.Error.NoResource +- name: NoResource + description: No resource available. diff --git a/xyz/openbmc_project/User/Common.metadata.yaml b/xyz/openbmc_project/User/Common.metadata.yaml new file mode 100644 index 0000000..49ef492 --- /dev/null +++ b/xyz/openbmc_project/User/Common.metadata.yaml @@ -0,0 +1,19 @@ +- name: UserNameExists + level: ERR +- name: UserNameDoesNotExist + level: ERR +- name: UserNameGroupFail + level: ERR + meta: + - str: "REASON = %s" + type: string +- name: UserNamePrivFail + level: ERR + meta: + - str: "REASON = %s" + type: string +- name: NoResource + level: ERR + meta: + - str: "REASON = %s" + type: string diff --git a/xyz/openbmc_project/User/Manager.interface.yaml b/xyz/openbmc_project/User/Manager.interface.yaml new file mode 100644 index 0000000..a4c2d7b --- /dev/null +++ b/xyz/openbmc_project/User/Manager.interface.yaml @@ -0,0 +1,83 @@ +description: > + Provides user management functionality. + As communication to this service is done through authenticated + & authorized session, there won't be any validation for both. + +methods: + - name: CreateUser + description: > + Creates a new user. If the user already exists, then it will throw + an error. + parameters: + - name: UserName + type: string + description: > + User name which has to be created. + - name: GroupNames + type: array[string] + description: > + List of groups to which the user has to be added. + - name: Privilege + type: string + description: > + Privilege of the user to be added. + - name: Enabled + type: boolean + description: > + User enabled / disabled. + errors: + - xyz.openbmc_project.Common.Error.InternalFailure + - xyz.openbmc_project.Common.Error.InsufficientPermission + - xyz.openbmc_project.Common.Error.InvalidArgument + - xyz.openbmc_project.User.Common.Error.UserNameExists + - xyz.openbmc_project.User.Common.Error.UserNameGroupFail + - xyz.openbmc_project.User.Common.Error.UserNamePrivFail + - xyz.openbmc_project.User.Common.Error.NoResource + + - name: RenameUser + description: > + Rename's existing user to new one. All other properties of the + user will remain same. + parameters: + - name: UserName + type: string + description: > + User name which has to be updated. + - name: NewUserName + type: string + description: > + New User name to which user has to be updated. + errors: + - xyz.openbmc_project.Common.Error.InternalFailure + - xyz.openbmc_project.Common.Error.InsufficientPermission + - xyz.openbmc_project.Common.Error.InvalidArgument + - xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist + - xyz.openbmc_project.User.Common.Error.UserNameExists + - xyz.openbmc_project.User.Common.Error.UserNameGroupFail + - xyz.openbmc_project.User.Common.Error.UserNamePrivFail + - xyz.openbmc_project.User.Common.Error.NoResource + +properties: + - name: AllPrivileges + type: array[string] + description: > + Lists all available user privileges in the system. + + - name: AllGroups + type: array[string] + description: > + Lists all available groups in the system. + +signals: + - name: UserRenamed + description: > + Signal indicating user's name is updated. + properties: + - name: UserName + type: string + description: Name of the user which got renamed. + - name: NewUserName + type: string + description: New name of the user. + +# vim: tabstop=8 expandtab shiftwidth=4 softtabstop=4 diff --git a/xyz/openbmc_project/User/README.md b/xyz/openbmc_project/User/README.md new file mode 100644 index 0000000..cbda1e3 --- /dev/null +++ b/xyz/openbmc_project/User/README.md @@ -0,0 +1,41 @@ +# User Management + +## Overview +User Manager service exposes D-Bus methods for user management operations. + +### User Manager Interface +User manager interface `xyz.openbmc_project.User.Manager` provides following +methods, properties and signals. + +#### xyz.openbmc_project.User.Manager interface +##### methods +* CreateUser - To create new user to the system. +* RenameUser - To rename existing user to new name in the system. + +##### properties +* AllGroups - To list all the groups supported in the system. +* AllPrivileges - To list all the privileges supported in the system. + +##### signals +* UserRenamed - Signal sent out when user is renamed in the system. + +### Users Interface +User manager daemon, will create user objects for each and every user existing +in the system under object path `/xyz/openbmc_project/user/<user name>`. +Each user object can be handled through 'org.freedesktop.DBus.ObjectManager'. +User object will expose following properties and methods. + +#### xyz.openbmc_project.User.Attributes interface +##### properties +* UserPrivilege - Privilege of the user. +* UserGroups - Groups to which the user belongs. +* UserEnabled - User enabled state. + +#### xyz.openbmc_project.Object.Delete +#### methods +* Delete - To delete the user object in the system. + +##Note +This interface doesn't provide ways to set / update password. The same has to +be set / updated through pam_chauthtok() (PAM modules). This is to avoid +sending out password through D-Bus. |