Class Shadow

Overrides: module.Module.__init__

This function returns a ChangeSet respective to a changed policy attribute.

In case the changed attribute affects existing users, the group members' accounts will be updated as well. For example, when the shell of the group was changed, you probably want all the accounts to be updated.

Parameters:

• group - The group for which the attribute is being set
• attribute - The attribute in the policy that is being set
• value - The new value
• diff - The difference from the old value

Returns:

A ChangeSet or None

Overrides: module.Module.cs_set_attribute

This function returns a ChangeSet for when a new user account needs to be created. It prepares the arguments that need to be passed to the useradd utility based on the arguments given and the users' group policy.

Parameters:

• username - The username of the new account
• group - The primary group name
• password - The password for the account in crypt hash format
• extragroups - Extra groups that the new account should belong to
• name - Real name of the accont owner
• homedir - Custom home directory for this account
• policy - Additional parameters that override the group policy

Returns:

A ChangeSet

This function returns a ChangeSet which performs user modification.

It prepares any given arguments and checks also if changing the primary group was requested. In case the primary group is to be changed, the function also includes the differences from the old to the new group policy, keeping the account up to date (eg. quota).

Parameters:

• username - The username of the account to be modified
• group - The new primary group name
• password - The new password for the account in crypt hash format
• extragroups - Extra groups that the new account should belong to
• name - Real name of the accont owner
• homedir - Custom home directory for this account
• policy - Additional parameters that override the group policy

Returns:

A ChangeSet

This function returns a ChangeSet which performs user removal.

Parameters:

• username - The user account to be removed.

Returns:

A ChangeSet

This function returns a ChangeSet which adds a new group.

Parameters:

• group - The name of the new group

Returns:

A ChangeSet

This function returns a ChangeSet which removes a group.

Parameters:

• group - The name of the group to be removed

Returns:

A ChangeSet

This function performs user addition by executing the useradd command.

Parameters:

• change - Change element with parameters

Returns:

STATE_COMPLETED or STATE_FAILED

This function performs user modification by executing the usermod command.

Parameters:

• change - Change element with parameters

Returns:

STATE_COMPLETED or STATE_FAILED

This function performs user deletion by executing the userdel command.

Parameters:

• change - Change element with parameters

Returns:

STATE_COMPLETED or STATE_FAILED

This function performs group addition by executing the groupadd command.

Parameters:

• change - Change element with parameters

Returns:

STATE_COMPLETED or STATE_FAILED

This function performs group deletion by executing the groupdel command.

Parameters:

• change - Change element with parameters

Returns:

STATE_COMPLETED or STATE_FAILED

This module returns the system main password security policy by looking it up from the main configuration and the service policy.

Returns:

A dictionary with password policy (cracklib-style keys-values)