diff options
author | Simo Sorce <ssorce@redhat.com> | 2007-08-30 19:40:54 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2007-08-30 19:40:54 -0400 |
commit | 12b46527c69fcf137962d62fc4062aba73c6225b (patch) | |
tree | 2df302b175e872c4c5b49b8133fe33d6689029d4 /ipa-client/ipaclient | |
parent | a9b9a5539252c3a17988a338943615a08925b383 (diff) | |
download | freeipa-12b46527c69fcf137962d62fc4062aba73c6225b.tar.gz freeipa-12b46527c69fcf137962d62fc4062aba73c6225b.tar.xz freeipa-12b46527c69fcf137962d62fc4062aba73c6225b.zip |
Complete autodiscovery with autoconfiguration
The code is still not perfect and rely on a yet unreleased
nss_ldap package that fix dns discovery problems within nss_ldap
itself.
Also the manipulation of krb5.conf need to be improved
Diffstat (limited to 'ipa-client/ipaclient')
-rw-r--r-- | ipa-client/ipaclient/ipachangeconf.py | 59 | ||||
-rw-r--r-- | ipa-client/ipaclient/ipadiscovery.py | 15 |
2 files changed, 49 insertions, 25 deletions
diff --git a/ipa-client/ipaclient/ipachangeconf.py b/ipa-client/ipaclient/ipachangeconf.py index 31ba41805..646e0424e 100644 --- a/ipa-client/ipaclient/ipachangeconf.py +++ b/ipa-client/ipaclient/ipachangeconf.py @@ -39,42 +39,61 @@ def openLocked(filename, perms): raise IOError(errno, strerr) return os.fdopen(fd, "r+") + + #TODO: add subsection as a concept + # (ex. REALM.NAME = { foo = x bar = y } ) + #TODO: put section delimiters as separating element of the list + # so that we can process multiple sections in one go + #TODO: add a comment all but provided options as a section option class IPAChangeConf: def __init__(self, name): self.progname = name - self.optpre = (" ",) + self.optpre = ("",) self.doptpre = self.optpre[0] - self.assign = ("=",) + self.assign = (" = ",) self.dassign = self.assign[0] self.comment = ("#",) self.dcomment = self.comment[0] self.eol = ("\n",) self.deol = self.eol[0] - #self.sectdel = ("[","]") - self.sectdel = () + #self.sectnamdel = ("[","]") + self.sectnamdel = () + self.newsection = False def setProgName(self, name): self.progname = name def setOptionPrefix(self, prefix): - self.optpre = prefix + if type(prefix) is list: + self.optpre = prefix + else: + self.optpre = (prefix, ) self.doptpre = self.optpre[0] def setOptionAssignment(self, assign): - self.assign = assign + if type(assign) is list: + self.assign = assign + else: + self.assign = (assign, ) self.dassign = self.assign[0] def setCommentPrefix(self, comment): - self.comment = comment + if type(comment) is list: + self.comment = comment + else: + self.comment = (comment, ) self.dcomment = self.comment[0] def setEndLine(self, eol): - self.eol = eol + if type(eol) is list: + self.eol = eol + else: + self.eol = (eol, ) self.deol = self.eol[0] - def setSectionDelimiters(self, delims): - self.sectdel = delims + def setSectionNameDelimiters(self, delims): + self.sectnamdel = delims def confDump(self, options): output = "" @@ -82,16 +101,18 @@ class IPAChangeConf: #pre conf options delimiter output += self.deol output += self.dcomment+"["+self.progname+"]--start-line--"+self.deol - output += self.deol output += self.dcomment+" Generated by authconfig on " + time.strftime("%Y/%m/%d %H:%M:%S") + self.deol output += self.dcomment+" DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)"+self.deol output += self.dcomment+" Any modification may be deleted or altered by authconfig in future"+self.deol output += self.deol + if self.newsection: + output += getSectionLine(section) + #set options for opt in options: if opt['action'] == "set": - output += self.doptpre+opt['name']+" "+self.dassign+" "+opt['value']+self.deol + output += self.doptpre+opt['name']+self.dassign+opt['value']+self.deol #post conf options delimiter output += self.deol @@ -127,18 +148,18 @@ class IPAChangeConf: def matchSection(self, line): cl = "".join(line.strip().split()).lower() - if len(self.sectdel) != 2: + if len(self.sectnamdel) != 2: return False - if not cl.startswith(self.sectdel[0]): + if not cl.startswith(self.sectnamdel[0]): return False - if not cl.endswith(self.sectdel[1]): + if not cl.endswith(self.sectnamdel[1]): return False - return cl[len(self.sectdel[0]):-len(self.sectdel[1])] + return cl[len(self.sectnamdel[0]):-len(self.sectnamdel[1])] def getSectionLine(self, section): - if len(self.sectdel) != 2: + if len(self.sectnamdel) != 2: return section - return self.sectdel[0]+section+self.sectdel[1]+self.deol + return self.sectnamdel[0]+section+self.sectnamdel[1]+self.deol def checkLineOption(self, line, options): output = "" @@ -211,7 +232,7 @@ class IPAChangeConf: if not done: if section: - output += getSectionLine(section) + self.newsection = True output += self.confDump(options) # Write it out and close it. diff --git a/ipa-client/ipaclient/ipadiscovery.py b/ipa-client/ipaclient/ipadiscovery.py index 312c8ba4b..6f44ffd1b 100644 --- a/ipa-client/ipaclient/ipadiscovery.py +++ b/ipa-client/ipaclient/ipadiscovery.py @@ -30,6 +30,7 @@ class IPADiscovery: self.realm = None self.domain = None self.server = None + self.basedn = None def getServerName(self): return str(self.server) @@ -40,6 +41,9 @@ class IPADiscovery: def getRealmName(self): return str(self.realm) + def getBaseDN(self): + return str(self.basedn) + def search(self, domain = "", server = ""): hostname = "" qname = "" @@ -127,10 +131,10 @@ class IPADiscovery: lret = lh.search_s("", ldap.SCOPE_BASE, "(objectClass=*)") for lattr in lret[0][1]: if lattr.lower() == "namingcontexts": - lbase = lret[0][1][lattr][0] + self.basedn = lret[0][1][lattr][0] - logging.debug("Search for (info=*) in "+lbase+"(base)") - lret = lh.search_s(lbase, ldap.SCOPE_BASE, "(info=IPA*)") + logging.debug("Search for (info=*) in "+self.basedn+"(base)") + lret = lh.search_s(self.basedn, ldap.SCOPE_BASE, "(info=IPA*)") if not lret: return [] logging.debug("Found: "+str(lret)) @@ -144,8 +148,8 @@ class IPADiscovery: return [] #search and return known realms - logging.debug("Search for (objectClass=krbRealmContainer) in "+lbase+"(sub)") - lret = lh.search_s("cn=kerberos,"+lbase, ldap.SCOPE_SUBTREE, "(objectClass=krbRealmContainer)") + logging.debug("Search for (objectClass=krbRealmContainer) in "+self.basedn+"(sub)") + lret = lh.search_s("cn=kerberos,"+self.basedn, ldap.SCOPE_SUBTREE, "(objectClass=krbRealmContainer)") if not lret: #something very wrong return [] @@ -235,5 +239,4 @@ class IPADiscovery: else: kdc = qname - print "["+realm+", "+kdc+"]" return [realm, kdc] |