restauth-service man page

restauth-service — manage services that use RestAuth

Synopsis

restauth-service.py [-h] command [option] ... [args] ...

Description

restauth-service.py may be used to manage services that connect to RestAuth. A service is a system that wants to use RestAuth to store users, preferences and groups.

RestAuth stores a name (which may not include a ':') and a password that identify the service. A service has zero or more IPv4 or IPv6 addresses associated with it, a service can only authenticate from the given adresses, use the *-hosts subcommands to manage hosts of a given service. A service must have permissions to perform the respective actions, use the *-permissions subcommands to manage permissions for services.

Usage

Use one of the commands (i.e. add, view, ls, ...) to perform the respective operation. Each command usually requires more arguments to it, see the respective section for arguments (and possible options) for each command.

Use "restauth-service.py --help" to get an authoritative list of available commands. If you want help on a specific command, use "restauth-service.py command --help" or see the Available Commands section below.

Examples

restauth-service.py add example.com

Add the service example.com and prompt for a password.

restauth-service.py add --gen-password example.com

Add the service example.com and print a generated password to stdout.

restauth-service.py ls

List all available services.

restauth-service.py view example.com

View all details of the service example.com.

restauth-service.py set-password --password=foobar example.com

Set the password of the service example.com (which must already exist) to foobar.

restauth-service.py set-hosts example.com 192.168.0.1 192.168.0.2

Enable the service example.com for the hosts 192.168.0.1 192.168.0.2. Note that this removes any previously configured hosts.

restauth-service.py set-permissions example.com user*

Specify that the service example.com is allowed to perform all user operations.

restauth-service.py rm-permissions example.com user_delete

Specify that the service example.com is not allowed to delete users.

restauth-service.py remove example.com

Remove the service example.com from RestAuth. This will also remove any groups defined for the service, see restauth-groups(1).

A typical workflow for adding a service is:

restauth-service.py add example.net
restauth-service.py set-hosts 127.0.0.1 ::1
restauth-service.py set-permissions user_verify_password user_change_password

Please see the available permissions below for a full reference on what permissions can be configured.

Available Commands

The following subsections never document the '-h' parameter for clarity.

add [-h] [--password PWD | --gen-password] SERVICE

Add a new service.

--password PWD

The password to use.

--gen-password
Generate a password and print it to stdout.
SERVICE
The name of the service.

add-hosts [-h] SERVICE HOST [HOST ...]

Add hosts that a service can connect from.

SERVICE

The name of the service.

HOST [HOST ...]
Add hosts that this service is able to connect from. Note: This must be an IPv4 or IPv6 address, NOT a hostname.

add-permissions [-h] SERVICE PERM [PERM ...]

Add permissions to a service. This command supports shell wildcard style expansions, so 'user*' will add all user permissions.

SERVICE

The name of the service.

PERM [PERM ...]
Permissions to add to the specified service.

ls [-h]

List all available services.

rename [-h] SERVICE NAME

Rename a service.

SERVICE

The name of the service.

NAME
The new name for the service.

rm [-h] SERVICE

Completely remove a service. This will also remove any groups associated with that service.

SERVICE
The name of the service.

rm-hosts [-h] SERVICE HOST [HOST ...]

Remove hosts that a service can connect from.

SERVICE

The name of the service.

HOST [HOST ...]
Remove hosts that this service is able to connect from. Note: This must be an IPv4 or IPv6 address, NOT a hostname.

rm-permissions [-h] SERVICE PERM [PERM ...]

Remove permissions from a service. This command supports shellwildcard style expansions, so "user*" will remove all user permissions.

SERVICE

The name of the service.

PERM [PERM ...]
Permissions to remove from the specified service.

set-hosts [-h] SERVICE [HOST [HOST ...]]

Set hosts that a service can connect from.

SERVICE

The name of the service.

[HOST [HOST ...]]
Hosts that this service is able to connect from. Note: This must be an IPv4 or IPv6 address, NOT a hostname.

set-password [-h] [--password PWD | --gen-password] SERVICE

Set the password for a service.

--password PWD

The password to use.

--gen-password
Generate a password and print it to stdout.
SERVICE
The name of the service.

set-permissions [-h] SERVICE [PERM [PERM ...]]

Set permissions of a service, removes any previous permissions. This command supports shell wildcard style expansions, so "user*" will set all user permissions.

SERVICE

The name of the service.

[PERM [PERM ...]]
Set the permissions of the specified service.

view [-h] SERVICE

View details of a service.

SERVICE
The name of the service.

Available Permissions

A service can have zero or more permissions. There is a permission available for each operation available via the RestAuth protocol. If a service has no permissions, you will not be able to perform any operations.

Handling users

permissiondescription
users_listList all users
user_createCreate a new user
user_existsCheck if a user exists
user_deleteDelete a user
user_verify_passwordVerify a users password
user_change_passwordChange a users password
user_delete_passwordDelete a user

Handling properties

permissiondescription
props_listList all properties of a user
prop_createCreate a new property
prop_getGet value of a property
prop_setSet or create a property
prop_deleteDelete a property

Handling groups

permissiondescription
groups_for_userList groups for a user
groups_listList all groups
group_createCreate a new group
group_existsVerify that a group exists
group_deleteDelete a group
group_usersList users in a group
group_add_userAdd a user to a group
group_user_in_groupVerify that a user is in a group
group_remove_userRemove a user from a group
group_groups_listList subgroups of a group
group_add_groupAdd a subgroup to a group
group_remove_groupRemove a subgroup from a group

Influential Environment Variables

DJANGO_SETTINGS_MODULE
The path to the Django settings module. If not set, RestAuth.settings is used, which should be fine in most cases. For more information, please read the Django documentation.
PYTHONPATH
A semi-colon (';') seperated list of additional directories to search for python modules. The RestAuth installation must be in the module search path for any commands to work. For more information, please read the official python documentation.

See Also

restauth-user(1), restauth-group(1), restauth-import(1)

Author

Mathias Ertl

Referenced By

restauth-group(1), restauth-import(1), restauth-manage(1), restauth-user(1).

February 05, 2016 0.6.3 RestAuth