Update documentation

yast · Aug 25, 2022 · 67acebc · 67acebc
1 parent ec7bbd1
commit 67acebc
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 51 deletions.
diff --git a/doc/auth-modules.md b/doc/auth-modules.md
@@ -13,24 +13,16 @@ As explained in the [detailed document](./use-cases.md), the YaST Users module c
    `/etc/passwd`, `/etc/groups`, etc.
  * List users and groups from the NIS databases known to the system, with the possibility of
    defining additional membership to groups.
- * List, add, modify and delete users and groups from an LDAP directory. The settings to access
-   the LDAP server are read from `/etc/openldap/ldap.conf`.
+ * ~~List, add, modify and delete users and groups from an LDAP directory. The settings to access
+   the LDAP server are read from `/etc/openldap/ldap.conf`.~~
 
 The yast2-users package also offers a plugins system that allows to define properties for each
 type of user and group. Each plugin can then define how those properties are represented in the user
 interface and how they are stored in the system.
 
-The package yast2-users itself offers the following plugins to configure LDAP users and groups:
-
- * LDAPAll: allows to manage the value of several attributes of the LDAP object representing a
-   given user (eg. *departmentOf*, *description*, *gecos*, *jpegPhoto*) or group (eg.
-   *businessCategory*, *description*, *memberOf*, *owner*).
- * Kerberos: makes it possible to add, delete and edit Kerberos principals associated to a user.
- * LDAPShadowAccount: enables to edit the following attributes of the LDAP object representing
-   a given user - *shadowInactive*, *shadowExpire*, *shadowLastChange*, *shadowMin*, *shadowMax*,
-   *shadowWarning* and *shadowFlag*.
- * LDAPPasswordPolicy: allows to define the password policy applied to a user and the value of the
-   corresponding *pwdAccountLockedTime* attribute.
+The package yast2-users itself used to offer the following plugins to configure
+LDAP users and groups, but they were removed in yast2-users 4.5.3. See
+https://github.com/yast/yast-users/pull/366.
 
 Additionally, the following plugin is available for local users:
 

diff --git a/doc/plugins-system.md b/doc/plugins-system.md
@@ -12,7 +12,7 @@ In *yast2-users*, the forms for creating or editing users and groups contain a *
 
 A *yast2-users* plugin is a module file deployed at *yast2dir/modules* directory and whose name begins with *UsersPlugin*. For example, *yast2-samba-server* provides *yast2dir/modules/UsersPluginSamba.pm* and *yast2dir/modules/UsersPluginSambaGroups.pm* plugins. In essence, *yast2-users* will search for all *UsersPlugin\** modules and will list them in the *Plug-Ins* tab.
 
-A plugin module is expected to provide an *Interface* method. That method returns a list of method names that can be sent to the module. For example, a module usually exposes methods like *GUIClient*, *Name*, *Summary*, *Restriction*, *InternalAttributes*, etc. *yast2-users* uses these methods to get information from the plugins or to execute some actions. For example, the methods *Name* and *Summary* are used to get the name and description of the plugins, and that information is then used in the table containing the list of available plugins. The *GUIClient* method returns a client name. Such a client is executed when a method is launched in the *Plug-Ins* tab. The client usually shows a dialog with extra attributes for the user or group. The *Restrictions* method returns a hash with the restrictions for the plugin. For example, `{"ldap => 1", "users" => 1}` means that the plugin can be used only for LDAP users, so it will not be listed when editing a group or a no LDAP user.
+A plugin module is expected to provide an *Interface* method. That method returns a list of method names that can be sent to the module. For example, a module usually exposes methods like *GUIClient*, *Name*, *Summary*, *Restriction*, *InternalAttributes*, etc. *yast2-users* uses these methods to get information from the plugins or to execute some actions. For example, the methods *Name* and *Summary* are used to get the name and description of the plugins, and that information is then used in the table containing the list of available plugins. The *GUIClient* method returns a client name. Such a client is executed when a method is launched in the *Plug-Ins* tab. The client usually shows a dialog with extra attributes for the user or group. The *Restrictions* method returns a hash with the restrictions for the plugin.
 
 A plugin usually provides more methods like *Check*, *Add*, *AddBefore*, etc.
 
@@ -22,10 +22,10 @@ Currently there are only two YasT modules that implement plugins for *yast2-user
 
 * *yast-samba-server/src/modules/UsersPluginSamba.pm*
 * *yast-samba-server/src/modules/UsersPluginSambaGroups.pm*
-* *yast-users/src/modules/UsersPluginLDAPShadowAccount.pm*
-* *yast-users/src/modules/UsersPluginLDAPPasswordPolicy.pm*
+* *~~yast-users/src/modules/UsersPluginLDAPShadowAccount.pm~~* Dropped at https://github.com/yast/yast-users/pull/366
+* *~~yast-users/src/modules/UsersPluginLDAPPasswordPolicy.pm~~* Dropped at https://github.com/yast/yast-users/pull/366
 * *yast-users/src/modules/UsersPluginQuota.pm*
-* *yast-users/src/modules/UsersPluginKerberos.pm*
-* *yast-users/src/modules/UsersPluginLDAPAll.pm*
+* *~~yast-users/src/modules/UsersPluginKerberos.pm~~* Dropped at https://github.com/yast/yast-users/pull/366
+* *~~yast-users/src/modules/UsersPluginLDAPAll.pm~~* Dropped at https://github.com/yast/yast-users/pull/366
 
 All these plugins are written in Perl code, but they should be perfectly loaded in Ruby code thanks to [*YCP::Import*](https://github.com/yast/yast-core/blob/master/libycp/src/include/ycp/Import.h). This would allow to rewrite some dialogs in Ruby code but still calling the existing plugins. Only note that plugins expect an user or group to be represented as a hash structure. Some glue code will be needed in order to convert an user/group object to a hash and the other way around.
diff --git a/doc/use-cases.md b/doc/use-cases.md
@@ -19,24 +19,19 @@ The *Users* and *Groups* tabs contain an *Expert Options* menu button. Let's sta
     * Normal local users (1000 <= UID <= 60000)
     * System local users (100 <= UID <= 499)
     * NIS users
-    * LDAP users
+    * ~~LDAP users~~ Dropped at https://github.com/yast/yast-users/pull/366
 * A filter allows to select the type of users to display:
     * Normal users only
     * System users only
     * NIS users only (visible only if the system is configured to get users via NIS)
-    * LDAP users only (may ask for LDAP authentication if not provided before)
+    * ~~LDAP users only (may ask for LDAP authentication if not provided before)~~ Dropped at https://github.com/yast/yast-users/pull/366
     * Or several types at the same time (custom search)
 * Allows to add, edit and delete users
 
 ![Users filter](img/filters.png)
 
 Note: normal users have UID in the range 1000 - 60000, and system users are in the range 100 - 499. These values are configured in */etc/login.defs*.
 
-Obviously, to manage LDAP users and groups is necessary to connect to an LDAP directory. The
-settings for such connection are read from */etc/openldap/ldap.conf*. On the first access to the
-LDAP server (for example, when selecting "LDAP Users" in the mentioned filter) YaST asks for the
-BindDN and password, allowing also to select "anonymous access" instead.
-
 The forms for adding a new user or to edit an existing one depend on the type of user. When adding
 a new user, the type is chosen based on the current filter. For example, if the filter is set to
 "system users", then a system user would be added. In case the filter is customized to show several
@@ -97,19 +92,9 @@ If a system is configured as a NIS server and as its own NIS client, then all th
 
 #### Managing LDAP users
 
-The forms for adding and editing LDAP users contain fewer tabs than the equivalent ones for local
-users because most of the LDAP properties are managed through plug-ins. The list of plug-ins varies
-based on the installed YaST packages (eg. the plug-in to modify the Samba-related attributes of the
-user is part of the yast2-samba-server package) and the configuration of the system (eg. the
-Kerberos or Samba plug-ins are listed only if the system seems to be part of a Kerberos and/or Samba
-infrastructure).
-
-![Add LDAP user](img/ldap_add1.png)
-
-![Add LDAP user](img/ldap_add2.png)
-
-![Add LDAP user](img/ldap_add3.png)
-
+**IMPORTANT:** this feature was removed in yast2-users 4.5.3. See
+https://github.com/yast/yast-users/issues/364 and
+https://github.com/yast/yast-users/pull/366
 
 ### Tab "Groups"
 
@@ -118,7 +103,7 @@ infrastructure).
     * Normal local groups
     * System local groups
     * NIS groups
-    * LDAP groups
+    * ~~LDAP groups~~ Dropped at https://github.com/yast/yast-users/pull/366
 * A filter makes it possible to select the type of groups to display, with a mechanism equivalent
   to the one described for users
 * Allows to add, edit and delete groups
@@ -175,18 +160,6 @@ There is an Expert Options select button with these options:
         * No way to see the encryption algorithm used for a user
 * Write changes now
     * Applies changes without closing the client
-* LDAP search filter
-    * Allows more fine grained search for LDAP users or groups
-    * Allows to select attributes (e.g., objectClass, memberUid, etc) and a value for the attribute
-    * Observations:
-        * Looks like too complex, only for LDAP experts
-        * Seems to be misplaced because there is a filter button where to set criteria to filter users and groups.
-* LDAP User and Group Configuration
-    * Allows to indicate whether to create a home directory in the machine for the LDAP users.
-    * Allows to configure Password Policies for LDAP
-    * Observations:
-        * Looks like too complex, only for LDAP experts
-
 
 ## AutoYaST