{
"info": {
"author": "David Cuthbert",
"author_email": "dacut@kanga.org",
"bugtrack_url": null,
"classifiers": [],
"description": "# DynamoDB User Manager (DDUM)\nManage Linux users from DynamoDB.\n\nThis module runs as a daemon that periodically scans a pair of DynamoDB tables\nfor user and group information and updates the local password/shadow password\nfiles for users and groups. This is done so there are no network dependencies\nin the PAM chain -- the goal is to allow administrators to continue to log in\neven when the network is adversely affected.\n\nWhen installed via setup.py using the defaults, a daemon script installed as\n`/usr/local/bin/dynamodb-user-manager`.\n\nDDUM is conservative in what it does. It modifies and adds users to the\nsystem; it never deletes them. To disable a user account, set the\n`AccountExpireDate` to a date in the past. DDUM will update the shadow entry\nfor this user, disabling their account. This also preserves audit history in\na sane way; you will no longer have dangling user ids and the risk of reusing\na user id is reduced.\n\n# Command line arguments\nUsage: dynamodb-user-manager \\[options\\]\n\nOptions:\n* `-h` | `--help`\n Show this usage information.\n\n* -c filename | --config filename\n Read configuration from _filename_ instead of\n `/etc/dynamodb-user-manager.cfg`.\n \n* `-f` | `--foreground`\n Don't fork into the background (don't daemonize).\n \n* -p filename | --pidfile filename\n Write the process pid to _filename_ instead of\n `/var/run/dynamodb-user-manager.pid`.\n\n\n# Configuration\nConfiguring the daemon requires a JSON configuration file; by default, this is\n`/etc/dynamodb-user-manager.cfg`. You can override this with the `--config`\nflag to `dynamodb-user-manager`.\n\nThe configuration file is a JSON document in the form:\n\n```json\n{\n \"aws_access_key\": \"AKIDEXAMPLE\",\n \"aws_profile\": \"default\",\n \"aws_region\": \"us-east-1\",\n \"aws_secret_key\": \"wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY\",\n \"aws_session_token\": \"\",\n \"full_update_jitter\": 600,\n \"full_update_period\": 3600,\n \"group_table_name\": \"Groups\",\n \"user_table_name\": \"Users\",\n \"logging\": {\n \"version\": 1,\n ...\n }\n}\n```\n\nThe valid configuration keys are:\n\n* `aws_access_key` / `aws_secret_key` / `aws_session_token` / `aws_profile` (str)\n Static AWS credentials to use.\n\n If aws_access_key and aws_secret_key (and, optionally,\n aws_session_token) are specified, these are fed directly into Boto and\n will be used.\n\n Otherwise, if aws_profile is specified, this is fed into Boto, which\n reads the the credentials from ~/.aws/credentials (usually the root\n user).\n\n On EC2 instances, these parameters should not be used. Boto will fetch\n the credentials from the EC2 instance metadata.\n* `aws_region` (str)\n The AWS region to use. If unspecified, this uses the first value found\n from:\n The environment variable `AWS_REGION`\n The environment variable `AWS_DEFAULT_REGION`\n If running on EC2, the EC2 instance metadata.\n `\"us-east-1\"`\n* `full_update_period` / `full_update_jitter` (int)\n The time, in seconds, between polls of the DynamoDB tables. The wait\n period is always used, plus a random value from 0 to `full_update_jitter`\n is selected; this helps distribute the load on the DynamoDB tables when\n run across multiple instances.\n\n The default is 3600 seconds (1 hour) for full_update_period, and\n 600 seconds (10 minutes) for full_update_jitter.\n* `group_table_name` (str)\n The name of the DynamoDB table to use to fetch for groups. This defaults\n to `\"Groups\"`.\n* `user_table_name` (str)\n The name of the DynamoDB table to use to fetch for users. This defaults\n to `\"Users\"`.\n* `logging` (dict)\n If present, this is passed to the Python configuration function\n [`logging.config.dictConfig`](http://bit.ly/2JROo0t).\n\n# Field restrictions\nLinux does not have a well-defined set of rules for what can appear in various\nfields -- a lot depends on the internal implementation of various libraries.\n\nDDUM imposes the following restrictions:\n\n* User and group names: 1-256 ASCII characters. Valid characters are\n letters, digits, period, underscore, and hyphen; the hyphen cannot be the\n first character of the name. (See [POSIX 3.437](http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_437),\n [portable filename character set](http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_282), [`LOGIN_NAME_MAX`](https://linux.die.net/man/3/sysconf).)\n* GECOS (realname, office, phone, etc): 256 characters, since 512\n characters is a commonly used buffer size for the entire passwd line.\n Colons, newlines, vertical tabs, formfeeds, and the NUL character are\n disallowed. This is interpreted as Unicode and written in UTF-8 locally,\n though most libraries handle this field as bytes with no well-defined\n encoding.\n\n# Users table\nThe users table has the following schema. (DynamoDB type codes: `S` = string; `N` = number; `SS` = string set)\n\nField | Key | Type | Required | Description\n-------------------------|--------------|-----|-----|----\n`Name` | PartitionKey | `S` | Yes | The name of the user. Must be unique (enforced by DynamoDB).\n`UID` | | `N` | Yes | The user id of the user. Must be an integer (enforced) and unique (not enforced).\n`GID` | | `N` | Yes | The primary group id of the user. Must be an integer (enforced).\n`RealName` | | `S` | Yes | The GECOS field for the user, usually the real name.\n`Home` | | `S` | Yes | The home directory of the user.\n`Shell` | | `S` | Yes | The login shell for the user.\n`Password` | | `S` | No | The encrypted password for the user. If not specified, the user cannot login using a password.\n`LastPasswordChangeDate` | | `S` | No | The date when the user last changed their password in ISO 8601 (YYYY-MM-DD) format.\n`PasswordAgeMinDays` | | `N` | No | The minimum age of the users's password (in days) before it can be changed. Must be an integer if specified.\n`PasswordAgeMaxDays` | | `N` | No | The maximum age of the users's password (in days) before it must be changed. Must be an integer if specified.\n`PasswordWarnDays` | | `N` | No | The number of days to warn the user before `PasswordAgeMaxDays` that their password is about to expire.\n`PasswordDisableDays` | | `N` | No | The number of days after `PasswordAgeMaxDays` to disable the user's password (requiring them to find an administrator to reset it).\n`AccountExpireDate` | | `S` | No | The date when the account is to be disabled in ISO 8601 (YYYY-MM-DD) format. This is similar to removing the account from `/etc/passwd` but preserves name information.\n`SSHPublicKeys` | | `SS` | No | A list of SSH public keys the user can use to log in. These are written to the user's `~/.ssh/authorized_keys` file.\n\n# Groups table\nThe groups table has the following schema. (DynamoDB type codes: `S` = string; `N` = number; `SS` = string set)\n\n\nField | Key | Type | Required | Description\n------------------|--------------|--------------|----------|----\n`Name` | PartitionKey | `S` | Yes | The name of the group. Must be unique (enforced by DynamoDB).\n`GID` | | `N` | Yes | The group id of the group. Must be an integer (enforced) and unique (not enforced).\n`Password` | | `S` | No | The encrypted password used to get access to the group via the `newgrp` command. Not commonly used.\n`Administrators` | | `SS` | No | A list of user names who can modify the group membership.\n`Members` | | `SS` | No | A list of user names who are members of the group.",
"description_content_type": "text/markdown",
"docs_url": null,
"download_url": "",
"downloads": {
"last_day": -1,
"last_month": -1,
"last_week": -1
},
"home_page": "https://github.com/dacut/dynamodb-user-manager",
"keywords": "",
"license": "Apache-2.0",
"maintainer": "",
"maintainer_email": "",
"name": "dynamodb-user-manager",
"package_url": "https://pypi.org/project/dynamodb-user-manager/",
"platform": "",
"project_url": "https://pypi.org/project/dynamodb-user-manager/",
"project_urls": {
"Homepage": "https://github.com/dacut/dynamodb-user-manager"
},
"release_url": "https://pypi.org/project/dynamodb-user-manager/1.0.1/",
"requires_dist": null,
"requires_python": ">=3.6",
"summary": "Manage the local user database from DynamoDB",
"version": "1.0.1"
},
"last_serial": 5970226,
"releases": {
"0.2": [
{
"comment_text": "",
"digests": {
"md5": "9cbc1540ab559e57e0c10221acb1db77",
"sha256": "4aa55934a1869f005bd1003650d56bebe14636cb5b29897fbdd79ebb4f168eaa"
},
"downloads": -1,
"filename": "dynamodb-user-manager-0.2.tar.gz",
"has_sig": false,
"md5_digest": "9cbc1540ab559e57e0c10221acb1db77",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 27815,
"upload_time": "2019-09-14T01:04:56",
"url": "https://files.pythonhosted.org/packages/2e/21/f6281ad7916de11549ef9fdcd4cfa672ac71186f41ec945f5cb834feb7ea/dynamodb-user-manager-0.2.tar.gz"
}
],
"0.3": [
{
"comment_text": "",
"digests": {
"md5": "282481655fd73a7a8d72aed6ec58dd90",
"sha256": "ff48462e6cc977ff766e81a7e6e1683fd68d042352bb08ed6b6e368c2536c181"
},
"downloads": -1,
"filename": "dynamodb-user-manager-0.3.tar.gz",
"has_sig": false,
"md5_digest": "282481655fd73a7a8d72aed6ec58dd90",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 28706,
"upload_time": "2019-09-14T02:02:18",
"url": "https://files.pythonhosted.org/packages/18/6a/42d7051e9b06c454ae66769937372d5a153cdfb3c11b0b933c959300eaf3/dynamodb-user-manager-0.3.tar.gz"
}
],
"0.4": [
{
"comment_text": "",
"digests": {
"md5": "fa1578610642eb4dcfa6aa16b3ce9923",
"sha256": "e430918f2f84c5358e891795cf6f773396698086966c29e97edee586f36bb0d0"
},
"downloads": -1,
"filename": "dynamodb-user-manager-0.4.tar.gz",
"has_sig": false,
"md5_digest": "fa1578610642eb4dcfa6aa16b3ce9923",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 30319,
"upload_time": "2019-09-14T22:40:23",
"url": "https://files.pythonhosted.org/packages/ef/77/ca6b493dcc2ac10bd71666c1e759ef216e1fa39d7ed66199e00265456ae1/dynamodb-user-manager-0.4.tar.gz"
}
],
"0.4.1": [
{
"comment_text": "",
"digests": {
"md5": "74a95b9084995f099337deb6dbb33454",
"sha256": "58de255d3008d1acdee3d0d886ef8fccd8d7b8727f3d4795f3396a91f8e13502"
},
"downloads": -1,
"filename": "dynamodb-user-manager-0.4.1.tar.gz",
"has_sig": false,
"md5_digest": "74a95b9084995f099337deb6dbb33454",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 30432,
"upload_time": "2019-09-14T23:08:05",
"url": "https://files.pythonhosted.org/packages/db/8b/314a6e5ca6b439706aa4114578cc15a4297f5b84582038704fe4af859153/dynamodb-user-manager-0.4.1.tar.gz"
}
],
"1.0.0": [
{
"comment_text": "",
"digests": {
"md5": "95fd04c8aa68b1e9ced7c440a663932d",
"sha256": "fe418c80a3cf5f033bcbd7a151d1e9058bd9b7ff906283c047eadabd7b7d9a26"
},
"downloads": -1,
"filename": "dynamodb-user-manager-1.0.0.tar.gz",
"has_sig": false,
"md5_digest": "95fd04c8aa68b1e9ced7c440a663932d",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 27116,
"upload_time": "2019-10-13T21:58:25",
"url": "https://files.pythonhosted.org/packages/2c/54/19f67221a912d872c279fa9e66dbf21016f12ad5f7522fad83a346ba5dd0/dynamodb-user-manager-1.0.0.tar.gz"
}
],
"1.0.1": [
{
"comment_text": "",
"digests": {
"md5": "2aee6837e77b69e2c45e79d0b8e0ea05",
"sha256": "514196342397152aade8f50453d2772da8bf6d2b8078262f217b3f72df48be97"
},
"downloads": -1,
"filename": "dynamodb-user-manager-1.0.1.tar.gz",
"has_sig": false,
"md5_digest": "2aee6837e77b69e2c45e79d0b8e0ea05",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 30462,
"upload_time": "2019-10-14T07:19:22",
"url": "https://files.pythonhosted.org/packages/00/9a/30a6eec227096f7873102568c2c3db433818a1a58bc111a2e4bf95480f7b/dynamodb-user-manager-1.0.1.tar.gz"
}
]
},
"urls": [
{
"comment_text": "",
"digests": {
"md5": "2aee6837e77b69e2c45e79d0b8e0ea05",
"sha256": "514196342397152aade8f50453d2772da8bf6d2b8078262f217b3f72df48be97"
},
"downloads": -1,
"filename": "dynamodb-user-manager-1.0.1.tar.gz",
"has_sig": false,
"md5_digest": "2aee6837e77b69e2c45e79d0b8e0ea05",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 30462,
"upload_time": "2019-10-14T07:19:22",
"url": "https://files.pythonhosted.org/packages/00/9a/30a6eec227096f7873102568c2c3db433818a1a58bc111a2e4bf95480f7b/dynamodb-user-manager-1.0.1.tar.gz"
}
]
}