7 files changed, 27 insertions, 12 deletions

diff --git a/schemas/authorizedkeys.xsd b/schemas/authorizedkeys.xsd
index c3cd50181..c464017b4 100644
--- a/schemas/authorizedkeys.xsd
+++ b/schemas/authorizedkeys.xsd
@@ -114,6 +114,15 @@
         </xsd:documentation>
       </xsd:annotation>
     </xsd:attribute>
+    <xsd:attribute name="category" type="xsd:string">
+      <xsd:annotation>
+        <xsd:documentation>
+          Use a public key specific to the group in the given
+          category, instead of the category specified in
+          ``bcfg2.conf``.
+        </xsd:documentation>
+      </xsd:annotation>
+    </xsd:attribute>
     <xsd:attribute name="host" type="xsd:string">
       <xsd:annotation>
         <xsd:documentation>
diff --git a/src/lib/Bcfg2/Client/Tools/POSIXUsers.py b/src/lib/Bcfg2/Client/Tools/POSIXUsers.py
index aeafc3817..58a3bbdfc 100644
--- a/src/lib/Bcfg2/Client/Tools/POSIXUsers.py
+++ b/src/lib/Bcfg2/Client/Tools/POSIXUsers.py
@@ -3,6 +3,7 @@ and groupadd/mod/del """
 
 import pwd
 import grp
+import Bcfg2.Options
 import Bcfg2.Client.XML
 import Bcfg2.Client.Tools
 from Bcfg2.Utils import PackedDigitRange
@@ -202,7 +203,8 @@ class POSIXUsers(Bcfg2.Client.Tools.Tool):
         else:
             for attr, idx in self.attr_mapping[entry.tag].items():
                 val = str(self.existing[entry.tag][entry.get("name")][idx])
-                entry.set("current_%s" % attr, val)
+                entry.set("current_%s" %
+                          attr, val.decode(Bcfg2.Options.setup.encoding))
                 if attr in ["uid", "gid"]:
                     if entry.get(attr) is None:
                         # no uid/gid specified, so we let the tool
diff --git a/src/lib/Bcfg2/Server/Core.py b/src/lib/Bcfg2/Server/Core.py
index 4eb151c29..3eb84f45f 100644
--- a/src/lib/Bcfg2/Server/Core.py
+++ b/src/lib/Bcfg2/Server/Core.py
@@ -23,7 +23,6 @@ from Bcfg2.Compat import xmlrpclib  # pylint: disable=W0622
 from Bcfg2.Server.Plugin.exceptions import *  # pylint: disable=W0401,W0614
 from Bcfg2.Server.Plugin.interfaces import *  # pylint: disable=W0401,W0614
 from Bcfg2.Server.Plugin import track_statistics
-from Bcfg2.Server.Plugins.Metadata import MetadataGroup
 
 try:
     import psyco
@@ -858,7 +857,7 @@ class Core(object):
                 groups = conn.get_additional_groups(imd)
                 groupnames = []
                 for group in groups:
-                    if isinstance(group, MetadataGroup):
+                    if hasattr(group, "name"):
                         groupname = group.name
                         if groupname in self._dynamic_groups:
                             if self._dynamic_groups[groupname] == conn.name:
diff --git a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgAuthorizedKeysGenerator.py b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgAuthorizedKeysGenerator.py
index 895752c9c..7792d7e5c 100644
--- a/src/lib/Bcfg2/Server/Plugins/Cfg/CfgAuthorizedKeysGenerator.py
+++ b/src/lib/Bcfg2/Server/Plugins/Cfg/CfgAuthorizedKeysGenerator.py
@@ -50,19 +50,19 @@ class CfgAuthorizedKeysGenerator(CfgGenerator, StructFile):
             if pubkey_name:
                 host = allow.get("host")
                 group = allow.get("group")
+                category = allow.get("category",
+                                     Bcfg2.Options.setup.sshkeys_category)
                 if host:
                     key_md = self.core.build_metadata(host)
                 elif group:
                     key_md = ClientMetadata("dummy", group, [group], [],
                                             set(), set(), dict(), None,
                                             None, None, None)
-                elif (Bcfg2.Options.setup.sshkeys_category and
-                      not metadata.group_in_category(
-                        Bcfg2.Options.setup.sshkeys_category)):
+                elif category and not metadata.group_in_category(category):
                     self.logger.warning("Cfg: %s ignoring Allow from %s: "
                                         "No group in category %s" %
                                         (metadata.hostname, pubkey_name,
-                                         Bcfg2.Options.setup.sshkeys_category))
+                                         category))
                     continue
                 else:
                     key_md = metadata
diff --git a/src/lib/Bcfg2/Server/Plugins/Cfg/__init__.py b/src/lib/Bcfg2/Server/Plugins/Cfg/__init__.py
index 5b32a91c0..632a5c3bf 100644
--- a/src/lib/Bcfg2/Server/Plugins/Cfg/__init__.py
+++ b/src/lib/Bcfg2/Server/Plugins/Cfg/__init__.py
@@ -80,6 +80,8 @@ class CfgBaseFileMatcher(Bcfg2.Server.Plugin.SpecificData):
     experimental = False
 
     def __init__(self, name, specific):
+        if not self.__specific__ and not specific:
+            specific = Bcfg2.Server.Plugin.Specificity(all=True)
         Bcfg2.Server.Plugin.SpecificData.__init__(self, name, specific)
     __init__.__doc__ = Bcfg2.Server.Plugin.SpecificData.__init__.__doc__ + \
         """
diff --git a/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIXUsers.py b/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIXUsers.py
index d9d8a26c6..9647413b6 100644
--- a/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIXUsers.py
+++ b/testsuite/Testsrc/Testlib/TestClient/TestTools/TestPOSIXUsers.py
@@ -30,6 +30,7 @@ class TestPOSIXUsers(TestTool):
         set_setup_default('uid_blacklist')
         set_setup_default('gid_whitelist')
         set_setup_default('gid_blacklist')
+        set_setup_default('encoding', 'UTF-8')
 
     def get_obj(self, config=None):
         return TestTool.get_obj(self, config)
diff --git a/testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestCfg/Test_init.py b/testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestCfg/Test_init.py
index 307461918..1b55beded 100644
--- a/testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestCfg/Test_init.py
+++ b/testsuite/Testsrc/Testlib/TestServer/TestPlugins/TestCfg/Test_init.py
@@ -612,7 +612,7 @@ class TestCfgEntrySet(TestEntrySet):
 
         def reset():
             for e in eset.entries.values():
-                if e.specific is not None:
+                if hasattr(e.specific, "reset_mock"):
                     e.specific.reset_mock()
 
         metadata = Mock()
@@ -629,7 +629,7 @@ class TestCfgEntrySet(TestEntrySet):
                               [eset.entries['test1.txt'],
                                eset.entries['test3.txt']])
         for entry in eset.entries.values():
-            if entry.specific is not None:
+            if hasattr(entry.specific.matches, "called"):
                 self.assertFalse(entry.specific.matches.called)
 
         reset()
@@ -637,20 +637,22 @@ class TestCfgEntrySet(TestEntrySet):
                               [eset.entries['test6.txt']])
         eset.entries['test6.txt'].specific.matches.assert_called_with(metadata)
         for ename, entry in eset.entries.items():
-            if ename != 'test6.txt' and entry.specific is not None:
+            if (ename != 'test6.txt' and
+                hasattr(entry.specific.matches, "called")):
                 self.assertFalse(entry.specific.matches.called)
 
         reset()
         self.assertItemsEqual(eset.get_handlers(metadata, CfgFilter), [])
         eset.entries['test7.txt'].specific.matches.assert_called_with(metadata)
         for ename, entry in eset.entries.items():
-            if ename != 'test7.txt' and entry.specific is not None:
+            if (ename != 'test7.txt' and
+                hasattr(entry.specific.matches, "called")):
                 self.assertFalse(entry.specific.matches.called)
 
         reset()
         self.assertItemsEqual(eset.get_handlers(metadata, Mock), [])
         for ename, entry in eset.entries.items():
-            if entry.specific is not None:
+            if hasattr(entry.specific.matches, "called"):
                 self.assertFalse(entry.specific.matches.called)
 
     @patch("Bcfg2.Server.Plugins.Cfg.CfgDefaultInfo")