• Launchpad Entry: foo

• Created:

• Contributors:

• Packages affected:

Summary

The current User admin tool from GNOME isn't really suited to managing larger numbers of users, as one would get at a school or classrooms. What's needed is a simple, extensible user management tool.

Release Note

Having a good user management tool will make handling classroom situations much better for "non-professional" admins.

Rationale

Current tools:

• Don't allow sorting by groups.
• Don't allow adding users to LDAP via the same interface
• Arent't extensible by users to add "custom" actions needed in per-installation use cases.

User stories

TBA

Assumptions

• We'd like this tool to be extendable by users with scripts.
• Written in python for maintainability.
• Should get user and group information via getent() calls, for compatibility with LDAP environments.
• Should include a bulk import feature.
• Should do as little as possible natively in the interface, and use it's own plugin architecture for anything "non standard" or "distro-specific"

Design

• Interface:
  • Two tabs: users and groups.
  • 4 side buttons each: add, remove, modify, migrate/backup.
  • Hitting "Add" allows for adding a single user or group.
  • Multi-select works for remove.
  • selecting a user/group and hitting "Modify" will allow you to change some things about that user/group.
  • "Bulk Import" menu item
• Backend
  • GNU/Linux already has a perfectly good way to add/remove users/groups locally to the system. The "adduser" family of commands.
  • config file will, by default, ship with config lines like:

    • Adduser Command = adduser --home %h --shell %s --uid %U .... %u where %h, %s, %U %u, etc are filled in with values entered in the "add users" dialog box.

  • If you want system to do LDAP commands, you simply have to provide a script of some kind (i.e. like in the ldapscripts package) and modify the config file.

  • To populate the list boxes for users and groups, use getent() calls, so that if box us set up for ldap nss, things will work as expected with no modification.
• Plugins
  • 4 sets of directories:

    • /usr/share/newtool/userplugins.d

    • /usr/share/newtool/groupplugins.d

    • /usr/local/share/newtool/userplugins.d

    • /usr/local/share/newtool/groupplugins.d

  • /usr/share dirs are for "package shipped" plugins
  • /usr/local/share are for local sysadmins to drop locally defined plugins in.

  • Multi select users or groups, right click ->

    • context menu appears, listing the package supplied plugins, then a line, then any user-supplied plugins.

    • user plugins are called as /bin/sh -c userplugin user1 <user2...> for each user selected in the list.

    • group plugins similar.
    • Plugin's responsibility to look up any other information it needs (i.e. homedir of user1, etc.)

Implementation

Post lucid.

UI Changes

New program, won't replace regular management tool, but should appear in the "administration" menu.

Code Changes

None.

Migration

Not known at this time.

Test/Demo Plan

Unresolved issues

How to handle being able to add to BOTH local database AND LDAP?

BoF agenda and discussion

---

CategorySpec