 Amir Alexander Abdelbaki
|
9289f01965
|
feat(ansipa): unify FreeIPA group naming with dev_* / usr_* prefixes
All ansipa host/user group names now follow a consistent prefix scheme:
dev_mod_<name> — dotfiles module install (was ansipa-module-)
dev_fp_<app-id> — Flatpak install (was fp_install_)
dev_pkg_<package> — native package install (was ansipa-install-)
dev_daemon-enable-<u> — service enable policy (was policy-daemon-enable-)
dev_daemon-disable-<u> — service disable policy (was policy-daemon-disable-)
dev_timeshift-backup — backup policy (was policy-timeshift-backup)
dev_security-scan — scan policy (was policy-security-scan)
dev_no-local-users — auth lockdown (was no_local_users)
dev_local-sudo-<user> — per-device sudo grant (was local_sudo_)
usr_block-binary-<name> — per-user binary block (was policy-block-binary-)
usr_scan-notify — per-user alert notification (was policy-scan-notify)
Also adds a JSON state manifest (manifest.json) to ansipa-install-modules
and tightens the FreeIPA enrollment guard to check /etc/ipa/default.conf.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01LcnnA1whUwQkDv1omsgh9Y
|
2026-06-26 11:48:24 +02:00 |