#5864 [RFE] Create a plugins directory that users can use to place custom FreeIPA modifications
Closed: Fixed None Opened 7 years ago by rga.

FreeIPA should have a location such as /var/lib/ipa where they can place their own FreeIPA customizations. FreeIPA would read/load those user-defined customizations from that location. This would be better than using /usr/share/ipa or putting python modifications in /usr/lib/python{version}/ipa* directories.

Use case: User needs to modify allowed LDAP cipher suite to keep some custom cipher list enabled; user needs to create a custom field in the WebUI; or user needs to create some custom CLI UI function/behavior.

Some examples:

Directory structure could look like this or something similar:

CLI/API: /var/lib/ipa/plugins/cli [[br]]
WebUI: /var/lib/ipa/plugins/webui [[br]]
LDAP Updates: /var/lib/ipa/plugins/updates

Out of scope of 4.4 release.

For completeness, current directories are:

  • /usr/lib/python2.7/site-packages/ipalib/plugins/ for extending API
  • /usr/share/ipa/updates/ for extending LDAP schema
  • /usr/share/ipa/ui/js/plugins/ for UI plugins

Note that the original design called for users dropping their extensions into the same directories that IPA uses. I don't really see the value in maintaining two sets of directories that do the same thing.

LDAP schema part:


  • 7bec8a2 support schema files from third-party plugins

moving out tickets not implemented in 4.4.1

4.4.2 is a stabilization milestone. If this bug is important stabilization bug then please put it to NEEDS TRIAGE milestone for retriage.

Actually this was fixed in 4.4.1.

The only missing stuff was the ldap updates part implemented in 7bec8a2

Rest is described in comment 2.

Metadata Update from @rga:
- Issue assigned to abbra
- Issue set to the milestone: FreeIPA 4.4.1

7 years ago

Login to comment on this ticket.