1f4aeb1d05
* In particular support of different credential methods and better hints for different owners of those credentials, so we can prompt more cleanly. * Less abstraction in the realmd interfaces https://bugzilla.gnome.org/show_bug.cgi?id=680892
157 lines
4.5 KiB
XML
157 lines
4.5 KiB
XML
<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
|
|
"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
|
|
|
|
<node name="/">
|
|
<!--
|
|
* Global interface implemented by realmd. Allows listing of providers
|
|
* and discovering which one is relevant for a given domain.
|
|
*
|
|
* This is implemented by individual providers, but is aggregated
|
|
* globally at the system bus name 'org.freedesktop.realmd' with the
|
|
* object path '/org/freedesktop/realmd'
|
|
-->
|
|
<interface name="org.freedesktop.realmd.Provider">
|
|
|
|
<!--
|
|
* The name of the provider
|
|
-->
|
|
<property name="Name" type="s" access="read"/>
|
|
|
|
<!--
|
|
* A version number for the provider
|
|
-->
|
|
<property name="Version" type="s" access="read"/>
|
|
|
|
<!--
|
|
* A list of known, enrolled or discovered realms.
|
|
* Each realm is a DBus object and is represeted by a:
|
|
* o: DBus object path of the realm
|
|
* s: DBus interface name, like 'ofr.Kerberos' (below)
|
|
-->
|
|
<property name="Realms" type="a(os)" access="read"/>
|
|
|
|
<!--
|
|
* Discover whether a string represents a realm that a provider
|
|
* can enroll or otherwise use.
|
|
-->
|
|
<method name="Discover">
|
|
<!-- The input string -->
|
|
<arg name="string" type="s" direction="in"/>
|
|
<arg name="options" type="a{sv}" direction="in"/>
|
|
|
|
<!-- Returned match relevance -->
|
|
<arg name="relevance" type="i" direction="out"/>
|
|
|
|
<!-- The realm objects: bus name, object path, interface -->
|
|
<arg name="realm" type="a(os)" direction="out"/>
|
|
</method>
|
|
</interface>
|
|
|
|
<interface name="org.freedesktop.realmd.Service">
|
|
<method name="Cancel">
|
|
<arg name="operation_id" type="s" direction="in"/>
|
|
</method>
|
|
|
|
<method name="SetLocale">
|
|
<arg name="locale" type="s" direction="in"/>
|
|
</method>
|
|
|
|
<signal name="Diagnostics">
|
|
<arg name="data" type="s"/>
|
|
<arg name="operation_id" type="s"/>
|
|
</signal>
|
|
|
|
<!--
|
|
* Normally realmd waits until all clients have disconnected
|
|
* before exiting. For long lived clients, they can call
|
|
* Release() allow realmd to quit. This is an optimization.
|
|
* The daemon will not exit immediately. It is safe to call
|
|
* this multiple times.
|
|
-->
|
|
<method name="Release">
|
|
<!-- no arguments -->
|
|
</method>
|
|
</interface>
|
|
|
|
<!--
|
|
* This interface is implemented by Kerberos realms.
|
|
-->
|
|
<interface name="org.freedesktop.realmd.Kerberos">
|
|
|
|
<!--
|
|
* The kerberos realm name. Usually capitalized.
|
|
-->
|
|
<property name="Name" type="s" access="read"/>
|
|
|
|
<!--
|
|
* The DNS domain name for this realm.
|
|
-->
|
|
<property name="Domain" type="s" access="read"/>
|
|
|
|
<!--
|
|
* The server software, for information only. eg: active-directory
|
|
-->
|
|
<property name="Details" type="a{ss}" access="read"/>
|
|
|
|
<!--
|
|
* The suggested Administrator login name for this realm
|
|
-->
|
|
<property name="SuggestedAdministrator" type="s" access="read"/>
|
|
|
|
<!--
|
|
* Whether the machine is enrolled in this realm or not.
|
|
-->
|
|
<property name="Enrolled" type="b" access="read"/>
|
|
|
|
<!--
|
|
* Credentials: (ssv)
|
|
* type: 'ccache', 'password', 'automatic'
|
|
* owner: 'administrator', 'user', 'computer', 'secret'
|
|
* contents: ay, ss, b
|
|
-->
|
|
<property name="SupportedEnrollCredentials" type="a(ss)" access="read"/>
|
|
|
|
<property name="SupportedUnenrollCredentials" type="a(ss)" access="read"/>
|
|
|
|
<method name="Enroll">
|
|
<arg name="credentials" type="(ssv)" direction="in"/>
|
|
<arg name="options" type="a{sv}" direction="in"/>
|
|
</method>
|
|
|
|
<method name="Unenroll">
|
|
<arg name="credentials" type="(ssv)" direction="in"/>
|
|
<arg name="options" type="a{sv}" direction="in"/>
|
|
</method>
|
|
|
|
<!--
|
|
* The format for user logins when this realm is enrolled.
|
|
* This property may not be valid unless machine is enrolled
|
|
* in this realm. The format contains a %s where the user name
|
|
* goes eg: "DOMAIN\%s"
|
|
-->
|
|
<property name="LoginFormat" type="s" access="read"/>
|
|
|
|
<!--
|
|
* The policy for logins using this realm.
|
|
* 'allow-any-login' 'allow-permitted-logins' 'deny-any-login'
|
|
-->
|
|
<property name="LoginPolicy" type="s" access="read"/>
|
|
|
|
<!--
|
|
* The list of permitted logins in the LoginFormat style
|
|
-->
|
|
<property name="PermittedLogins" type="as" access="read"/>
|
|
|
|
<!--
|
|
* Change the PermittedLogins property. Should take effect
|
|
* immediately.
|
|
-->
|
|
<method name="ChangeLoginPolicy">
|
|
<arg name="login_policy" type="s" direction="in"/>
|
|
<arg name="permitted_add" type="as" direction="in"/>
|
|
<arg name="permitted_remove" type="as" direction="in"/>
|
|
<arg name="options" type="a{sv}" direction="in"/>
|
|
</method>
|
|
|
|
</interface>
|
|
</node>
|