|
Packit Service |
0f71a7 |
Service module
|
|
Packit Service |
0f71a7 |
==============
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Description
|
|
Packit Service |
0f71a7 |
-----------
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
The service module allows to ensure presence and absence of services.
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Features
|
|
Packit Service |
0f71a7 |
--------
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
* Service management
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Supported FreeIPA Versions
|
|
Packit Service |
0f71a7 |
--------------------------
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
FreeIPA versions 4.4.0 and up are supported by the ipaservice module.
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Option `skip_host_check` requires FreeIPA version 4.7.0 or later.
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Requirements
|
|
Packit Service |
0f71a7 |
------------
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
**Controller**
|
|
Packit Service |
0f71a7 |
* Ansible version: 2.8+
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
**Node**
|
|
Packit Service |
0f71a7 |
* Supported FReeIPA version (see above)
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Usage
|
|
Packit Service |
0f71a7 |
=====
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Example inventory file
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
```ini
|
|
Packit Service |
0f71a7 |
[ipaserver]
|
|
Packit Service |
0f71a7 |
ipaserver.test.local
|
|
Packit Service |
0f71a7 |
```
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Example playbook to make sure service is present:
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
```yaml
|
|
Packit Service |
0f71a7 |
---
|
|
Packit Service |
0f71a7 |
- name: Playbook to manage IPA service.
|
|
Packit Service |
0f71a7 |
hosts: ipaserver
|
|
Packit Service |
0f71a7 |
become: true
|
|
Packit Service |
0f71a7 |
gather_facts: false
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
tasks:
|
|
Packit Service |
0f71a7 |
# Ensure service is present
|
|
Packit Service |
0f71a7 |
- ipaservice:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: SomeADMINpassword
|
|
Packit Service |
0f71a7 |
name: HTTP/www.example.com
|
|
Packit Service |
0f71a7 |
certificate:
|
|
Packit Service |
0f71a7 |
- MIIC/zCCAeegAwIBAgIUMNHIbn+hhrOVew/2WbkteisV29QwDQYJKoZIhvcNAQELBQAw
|
|
Packit Service |
0f71a7 |
DzENMAsGA1UEAwwEdGVzdDAeFw0yMDAyMDQxNDQxMDhaFw0zMDAyMDExNDQxMDhaMA8xDT
|
|
Packit Service |
0f71a7 |
ALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+XVVGFYpH
|
|
Packit Service |
0f71a7 |
VkcDfVnNInE1Y/pFciegdzqTjMwUWlRL4Zt3u96GhaMLRbtk+OfEkzLUAhWBOwEraELJzM
|
|
Packit Service |
0f71a7 |
LJOMvjYF3C+TiGO7dStFLikZmccuSsSIXjnzIPwBXa8KvgRVRyGLoVvGbLJvmjfMXp0nIT
|
|
Packit Service |
0f71a7 |
oTx/i74KF9S++WEes9H5ErJ99CDhLKFgq0amnvsgparYXhypHaRLnikn0vQINt55YoEd1s
|
|
Packit Service |
0f71a7 |
4KrvEcD2VdZkIMPbLRu2zFvMprF3cjQQG4LT9ggfEXNIPZ1nQWAnAsu7OJEkNF+E4Mkmpc
|
|
Packit Service |
0f71a7 |
xj9aGUVt5bsq1D+Tzj3GsidSX0nSNcZ2JltXRnL/5v63g5cZyE+nAgMBAAGjUzBRMB0GA1
|
|
Packit Service |
0f71a7 |
UdDgQWBBRV0j7JYukuH/r/t9+QeNlRLXDlEDAfBgNVHSMEGDAWgBRV0j7JYukuH/r/t9+Q
|
|
Packit Service |
0f71a7 |
eNlRLXDlEDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCgVy1+1kNwHs
|
|
Packit Service |
0f71a7 |
5y1Zp0WjMWGCJC6/zw7FDG4OW5r2GJiCXZYdJ0UonY9ZtoVLJPrp2/DAv1m5DtnDhBYqic
|
|
Packit Service |
0f71a7 |
uPgLzEkOS1KdTi20Otm/J4yxLLrZC5W4x0XOeSVPXOJuQWfwQ5pPvKkn6WxYUYkGwIt1OH
|
|
Packit Service |
0f71a7 |
2nSMngkbami3CbSmKZOCpgQIiSlQeDJ8oGjWFMLDymYSHoVOIXHwNoooyEiaio3693l6no
|
|
Packit Service |
0f71a7 |
obyGv49zyCVLVR1DC7i6RJ186ql0av+D4vPoiF5mX7+sKC2E8xEj9uKQ5GTWRh59VnRBVC
|
|
Packit Service |
0f71a7 |
/SiMJ/H78tJnBAvoBwXxSEvj8Z3Kjm/BQqZfv4IBsA5yqV7MVq
|
|
Packit Service |
0f71a7 |
pac_type: PAD
|
|
Packit Service |
0f71a7 |
auth_ind: otp
|
|
Packit Service |
0f71a7 |
requires_pre_auth: false
|
|
Packit Service |
0f71a7 |
ok_as_delegate: false
|
|
Packit Service |
0f71a7 |
ok_to_auth_as_delegate: false
|
|
Packit Service |
0f71a7 |
skip-host-check: true
|
|
Packit Service |
0f71a7 |
force: true
|
|
Packit Service |
0f71a7 |
```
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Example playbook to make sure service is absent:
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
```yaml
|
|
Packit Service |
0f71a7 |
---
|
|
Packit Service |
0f71a7 |
- name: Playbook to manage IPA service.
|
|
Packit Service |
0f71a7 |
hosts: ipaserver
|
|
Packit Service |
0f71a7 |
become: true
|
|
Packit Service |
0f71a7 |
gather_facts: false
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
tasks:
|
|
Packit Service |
0f71a7 |
# Ensure service is present
|
|
Packit Service |
0f71a7 |
- ipaservice:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: SomeADMINpassword
|
|
Packit Service |
0f71a7 |
name: HTTP/www.example.com
|
|
Packit Service |
0f71a7 |
state: absent
|
|
Packit Service |
0f71a7 |
```
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Example playbook to make sure service is disabled:
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
```yaml
|
|
Packit Service |
0f71a7 |
---
|
|
Packit Service |
0f71a7 |
- name: Playbook to manage IPA service.
|
|
Packit Service |
0f71a7 |
hosts: ipaserver
|
|
Packit Service |
0f71a7 |
become: true
|
|
Packit Service |
0f71a7 |
gather_facts: false
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
tasks:
|
|
Packit Service |
0f71a7 |
# Ensure service is present
|
|
Packit Service |
0f71a7 |
- ipaservice:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: SomeADMINpassword
|
|
Packit Service |
0f71a7 |
name: HTTP/www.example.com
|
|
Packit Service |
0f71a7 |
state: disabled
|
|
Packit Service |
0f71a7 |
```
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Example playbook to add a service even if the host object does not exist, but only if it does have a DNS entry:
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
```yaml
|
|
Packit Service |
0f71a7 |
---
|
|
Packit Service |
0f71a7 |
- name: Playbook to manage IPA service.
|
|
Packit Service |
0f71a7 |
hosts: ipaserver
|
|
Packit Service |
0f71a7 |
become: true
|
|
Packit Service |
0f71a7 |
gather_facts: false
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
tasks:
|
|
Packit Service |
0f71a7 |
# Ensure service is present
|
|
Packit Service |
0f71a7 |
- ipaservice:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: SomeADMINpassword
|
|
Packit Service |
0f71a7 |
name: HTTP/www.example.com
|
|
Packit Service |
0f71a7 |
skip_host_check: true
|
|
Packit Service |
0f71a7 |
force: false
|
|
Packit Service |
0f71a7 |
```
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Example playbook to add a service if it does have a DNS entry, but host object exits:
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
```yaml
|
|
Packit Service |
0f71a7 |
---
|
|
Packit Service |
0f71a7 |
- name: Playbook to manage IPA service.
|
|
Packit Service |
0f71a7 |
hosts: ipaserver
|
|
Packit Service |
0f71a7 |
become: true
|
|
Packit Service |
0f71a7 |
gather_facts: false
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
tasks:
|
|
Packit Service |
0f71a7 |
# Ensure service is present
|
|
Packit Service |
0f71a7 |
- ipaservice:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: SomeADMINpassword
|
|
Packit Service |
0f71a7 |
name: HTTP/www.example.com
|
|
Packit Service |
0f71a7 |
skip_host_check: false
|
|
Packit Service |
0f71a7 |
force: true
|
|
Packit Service |
0f71a7 |
```
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Example playbook to ensure service has a certificate:
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
```yaml
|
|
Packit Service |
0f71a7 |
---
|
|
Packit Service |
0f71a7 |
- name: Playbook to manage IPA service.
|
|
Packit Service |
0f71a7 |
hosts: ipaserver
|
|
Packit Service |
0f71a7 |
become: true
|
|
Packit Service |
0f71a7 |
gather_facts: false
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
tasks:
|
|
Packit Service |
0f71a7 |
# Ensure service member certificate is present.
|
|
Packit Service |
0f71a7 |
- ipaservice:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: SomeADMINpassword
|
|
Packit Service |
0f71a7 |
name: HTTP/www.example.com
|
|
Packit Service |
0f71a7 |
certificate:
|
|
Packit Service |
0f71a7 |
- MIIC/zCCAeegAwIBAgIUMNHIbn+hhrOVew/2WbkteisV29QwDQYJKoZIhvcNAQELBQAw
|
|
Packit Service |
0f71a7 |
DzENMAsGA1UEAwwEdGVzdDAeFw0yMDAyMDQxNDQxMDhaFw0zMDAyMDExNDQxMDhaMA8xDT
|
|
Packit Service |
0f71a7 |
ALBgNVBAMMBHRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+XVVGFYpH
|
|
Packit Service |
0f71a7 |
VkcDfVnNInE1Y/pFciegdzqTjMwUWlRL4Zt3u96GhaMLRbtk+OfEkzLUAhWBOwEraELJzM
|
|
Packit Service |
0f71a7 |
LJOMvjYF3C+TiGO7dStFLikZmccuSsSIXjnzIPwBXa8KvgRVRyGLoVvGbLJvmjfMXp0nIT
|
|
Packit Service |
0f71a7 |
oTx/i74KF9S++WEes9H5ErJ99CDhLKFgq0amnvsgparYXhypHaRLnikn0vQINt55YoEd1s
|
|
Packit Service |
0f71a7 |
4KrvEcD2VdZkIMPbLRu2zFvMprF3cjQQG4LT9ggfEXNIPZ1nQWAnAsu7OJEkNF+E4Mkmpc
|
|
Packit Service |
0f71a7 |
xj9aGUVt5bsq1D+Tzj3GsidSX0nSNcZ2JltXRnL/5v63g5cZyE+nAgMBAAGjUzBRMB0GA1
|
|
Packit Service |
0f71a7 |
UdDgQWBBRV0j7JYukuH/r/t9+QeNlRLXDlEDAfBgNVHSMEGDAWgBRV0j7JYukuH/r/t9+Q
|
|
Packit Service |
0f71a7 |
eNlRLXDlEDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCgVy1+1kNwHs
|
|
Packit Service |
0f71a7 |
5y1Zp0WjMWGCJC6/zw7FDG4OW5r2GJiCXZYdJ0UonY9ZtoVLJPrp2/DAv1m5DtnDhBYqic
|
|
Packit Service |
0f71a7 |
uPgLzEkOS1KdTi20Otm/J4yxLLrZC5W4x0XOeSVPXOJuQWfwQ5pPvKkn6WxYUYkGwIt1OH
|
|
Packit Service |
0f71a7 |
2nSMngkbami3CbSmKZOCpgQIiSlQeDJ8oGjWFMLDymYSHoVOIXHwNoooyEiaio3693l6no
|
|
Packit Service |
0f71a7 |
obyGv49zyCVLVR1DC7i6RJ186ql0av+D4vPoiF5mX7+sKC2E8xEj9uKQ5GTWRh59VnRBVC
|
|
Packit Service |
0f71a7 |
/SiMJ/H78tJnBAvoBwXxSEvj8Z3Kjm/BQqZfv4IBsA5yqV7MVq
|
|
Packit Service |
0f71a7 |
action: member
|
|
Packit Service |
0f71a7 |
state: present
|
|
Packit Service |
0f71a7 |
```
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Example playbook to add a principal to the service:
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
```yaml
|
|
Packit Service |
0f71a7 |
---
|
|
Packit Service |
0f71a7 |
- name: Playbook to manage IPA service.
|
|
Packit Service |
0f71a7 |
hosts: ipaserver
|
|
Packit Service |
0f71a7 |
become: true
|
|
Packit Service |
0f71a7 |
gather_facts: false
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
tasks:
|
|
Packit Service |
0f71a7 |
# Principal host/principal.example.com present in service.
|
|
Packit Service |
0f71a7 |
- ipaservice:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: SomeADMINpassword
|
|
Packit Service |
0f71a7 |
name: HTTP/www.example.com
|
|
Packit Service |
0f71a7 |
principal: host/principal.example.com
|
|
Packit Service |
0f71a7 |
action: member
|
|
Packit Service |
0f71a7 |
```
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Example playbook to enable a host to manage service:
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
```yaml
|
|
Packit Service |
0f71a7 |
---
|
|
Packit Service |
0f71a7 |
- name: Playbook to manage IPA service.
|
|
Packit Service |
0f71a7 |
hosts: ipaserver
|
|
Packit Service |
0f71a7 |
become: true
|
|
Packit Service |
0f71a7 |
gather_facts: false
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
tasks:
|
|
Packit Service |
0f71a7 |
# Ensure host can manage service, again.
|
|
Packit Service |
0f71a7 |
- ipaservice:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: SomeADMINpassword
|
|
Packit Service |
0f71a7 |
name: HTTP/www.example.com
|
|
Packit Service |
0f71a7 |
host: host1.example.com
|
|
Packit Service |
0f71a7 |
action: member
|
|
Packit Service |
0f71a7 |
```
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Example playbook to allow users, groups, hosts or hostgroups to create a keytab of this service:
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
```yaml
|
|
Packit Service |
0f71a7 |
---
|
|
Packit Service |
0f71a7 |
- name: Playbook to manage IPA service.
|
|
Packit Service |
0f71a7 |
hosts: ipaserver
|
|
Packit Service |
0f71a7 |
become: true
|
|
Packit Service |
0f71a7 |
gather_facts: false
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
tasks:
|
|
Packit Service |
0f71a7 |
# Allow users, groups, hosts or host groups to create a keytab of this service.
|
|
Packit Service |
0f71a7 |
- ipaservice:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: SomeADMINpassword
|
|
Packit Service |
0f71a7 |
name: HTTP/www.example.com
|
|
Packit Service |
0f71a7 |
allow_create_keytab_user:
|
|
Packit Service |
0f71a7 |
- user01
|
|
Packit Service |
0f71a7 |
- user02
|
|
Packit Service |
0f71a7 |
allow_create_keytab_group:
|
|
Packit Service |
0f71a7 |
- group01
|
|
Packit Service |
0f71a7 |
- group02
|
|
Packit Service |
0f71a7 |
allow_create_keytab_host:
|
|
Packit Service |
0f71a7 |
- host1.example.com
|
|
Packit Service |
0f71a7 |
- host2.example.com
|
|
Packit Service |
0f71a7 |
allow_create_keytab_hostgroup:
|
|
Packit Service |
0f71a7 |
- hostgroup01
|
|
Packit Service |
0f71a7 |
- hostgroup02
|
|
Packit Service |
0f71a7 |
action: member
|
|
Packit Service |
0f71a7 |
```
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Example playbook to allow users, groups, hosts or hostgroups to retrieve a keytab of this service:
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
```yaml
|
|
Packit Service |
0f71a7 |
---
|
|
Packit Service |
0f71a7 |
- name: Playbook to manage IPA service.
|
|
Packit Service |
0f71a7 |
hosts: ipaserver
|
|
Packit Service |
0f71a7 |
become: true
|
|
Packit Service |
0f71a7 |
gather_facts: false
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
tasks:
|
|
Packit Service |
0f71a7 |
# Allow users, groups, hosts or host groups to retrieve a keytab of this service.
|
|
Packit Service |
0f71a7 |
- ipaservice:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: SomeADMINpassword
|
|
Packit Service |
0f71a7 |
name: HTTP/www.example.com
|
|
Packit Service |
0f71a7 |
allow_retrieve_keytab_user:
|
|
Packit Service |
0f71a7 |
- user01
|
|
Packit Service |
0f71a7 |
- user02
|
|
Packit Service |
0f71a7 |
allow_retrieve_keytab_group:
|
|
Packit Service |
0f71a7 |
- group01
|
|
Packit Service |
0f71a7 |
- group02
|
|
Packit Service |
0f71a7 |
allow_retrieve_keytab_host:
|
|
Packit Service |
0f71a7 |
- "{{ host1_fqdn }}"
|
|
Packit Service |
0f71a7 |
- "{{ host2_fqdn }}"
|
|
Packit Service |
0f71a7 |
allow_retrieve_keytab_hostgroup:
|
|
Packit Service |
0f71a7 |
- hostgroup01
|
|
Packit Service |
0f71a7 |
- hostgroup02
|
|
Packit Service |
0f71a7 |
action: member
|
|
Packit Service |
0f71a7 |
```
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Variables
|
|
Packit Service |
0f71a7 |
---------
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
ipaservice
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Variable | Description | Required
|
|
Packit Service |
0f71a7 |
-------- | ----------- | --------
|
|
Packit Service |
0f71a7 |
`ipaadmin_principal` | The admin principal is a string and defaults to `admin` | no
|
|
Packit Service |
0f71a7 |
`ipaadmin_password` | The admin password is a string and is required if there is no admin ticket available on the node | no
|
|
Packit Service |
0f71a7 |
`name` \| `service` | The list of service name strings. | yes
|
|
Packit Service |
0f71a7 |
`certificate` \| `usercertificate` | Base-64 encoded service certificate. | no
|
|
Packit Service |
0f71a7 |
`pac_type` \| `ipakrbauthzdata` | Supported PAC type. It can be one of `MS-PAC`, `PAD`, or `NONE`. | no
|
|
Packit Service |
0f71a7 |
`auth_ind` \| `krbprincipalauthind` | Defines a whitelist for Authentication Indicators. It can be any of `otp`, `radius`, `pkinit`, or `hardened`. | no
|
|
Packit Service |
0f71a7 |
`requires_pre_auth` \| `ipakrbrequirespreauth` | Pre-authentication is required for the service. Default to true. (bool) | no
|
|
Packit Service |
0f71a7 |
`ok_as_delegate` \| `ipakrbokasdelegate` | Client credentials may be delegated to the service. Default to false. (bool) | no
|
|
Packit Service |
0f71a7 |
`ok_to_auth_as_delegate` \| `ipakrboktoauthasdelegate` | The service is allowed to authenticate on behalf of a client. Default to false. (bool) | no
|
|
Packit Service |
0f71a7 |
`skip_host_check` | Force service to be created even when host object does not exist to manage it. Default to false. (bool)| no
|
|
Packit Service |
0f71a7 |
`force` | Force principal name even if host not in DNS. Default to false. (bool) | no
|
|
Packit Service |
0f71a7 |
`host` \| `managedby_host`| Hosts that can manage the service. | no
|
|
Packit Service |
0f71a7 |
`principal` \| `krbprincipalname` | List of principal aliases for the service. | no
|
|
Packit Service |
0f71a7 |
`allow_create_keytab_user` \| `ipaallowedtoperform_write_keys_user` | Users allowed to create a keytab of this host. | no
|
|
Packit Service |
0f71a7 |
`allow_create_keytab_group` \| `ipaallowedtoperform_write_keys_group`| Groups allowed to create a keytab of this host. | no
|
|
Packit Service |
0f71a7 |
`allow_create_keytab_host` \| `ipaallowedtoperform_write_keys_host`| Hosts allowed to create a keytab of this host. | no
|
|
Packit Service |
0f71a7 |
`allow_create_keytab_hostgroup` \| `ipaallowedtoperform_write_keys_group`| Host groups allowed to create a keytab of this host. | no
|
|
Packit Service |
0f71a7 |
`allow_retrieve_keytab_user` \| `ipaallowedtoperform_read_keys_user` | Users allowed to retrieve a keytab of this host. | no
|
|
Packit Service |
0f71a7 |
`allow_retrieve_keytab_group` \| `ipaallowedtoperform_read_keys_group` | Groups allowed to retrieve a keytab of this host. | no
|
|
Packit Service |
0f71a7 |
`allow_retrieve_keytab_host` \| `ipaallowedtoperform_read_keys_host` | Hosts allowed to retrieve a keytab from of host. | no
|
|
Packit Service |
0f71a7 |
`allow_retrieve_keytab_hostgroup` \| `ipaallowedtoperform_read_keys_hostgroup` | Host groups allowed to retrieve a keytab of this host. | no
|
|
Packit Service |
0f71a7 |
`continue` | Continuous mode: don't stop on errors. Valid only if `state` is `absent`. Default: `no` (bool) | no
|
|
Packit Service |
0f71a7 |
`action` | Work on service or member level. It can be on of `member` or `service` and defaults to `service`. | no
|
|
Packit Service |
0f71a7 |
`state` | The state to ensure. It can be one of `present`, `absent`, or `disabled`, default: `present`. | no
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Authors
|
|
Packit Service |
0f71a7 |
=======
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
Rafael Jeffman
|