ipaplatform: Do not require custom Authconfig implementations from platform modules

https://fedorahosted.org/freeipa/ticket/4052 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
author: Tomas Babej <tbabej@redhat.com> 2014-05-27 09:13:59 +0200
committer: Petr Viktorin <pviktori@redhat.com> 2014-06-16 19:48:18 +0200
commit: 5f31f2d35f714880230c1a92a322c620e8708eb3 (patch)
tree: 200f71d434d8403df61d7c08b540e73f34897150 /ipaplatform/base
parent: 6a4cd8a4e33fba68c89d6046a98adb790c401041 (diff)
download: freeipa-5f31f2d35f714880230c1a92a322c620e8708eb3.tar.gz
freeipa-5f31f2d35f714880230c1a92a322c620e8708eb3.tar.xz
freeipa-5f31f2d35f714880230c1a92a322c620e8708eb3.zip
2 files changed, 120 insertions, 0 deletions
diff --git a/ipaplatform/base/authconfig.py b/ipaplatform/base/authconfig.py
new file mode 100644
index 000000000..f3f207be7
--- /dev/null
+++ b/ipaplatform/base/authconfig.py
@@ -0,0 +1,102 @@
+# Authors:
+#   Alexander Bokovoy <abokovoy@redhat.com>
+#   Tomas Babej <tbabej@redhat.com>
+#
+# Copyright (C) 2011-2014  Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+
+class AuthConfig(object):
+    """
+    AuthConfig class implements system-independent interface to configure
+    system authentication resources. In Red Hat systems this is done with
+    authconfig(8) utility.
+
+    AuthConfig class is nothing more than a tool to gather configuration
+    options and execute their processing. These options then converted by
+    an actual implementation to series of a system calls to appropriate
+    utilities performing real configuration.
+
+    IPA *expects* names of AuthConfig's options to follow authconfig(8)
+    naming scheme!
+
+    Actual implementation should be done in ipapython/platform/<platform>.py
+    by inheriting from platform.AuthConfig and redefining build_args()
+    and execute() methods.
+
+    from ipapython.platform import platform
+    class PlatformAuthConfig(platform.AuthConfig):
+        def build_args():
+        ...
+
+        def execute():
+        ...
+
+    authconfig = PlatformAuthConfig
+    ....
+
+    See ipapython/platform/redhat.py for a sample implementation that uses
+    authconfig(8) as its backend.
+
+    From IPA code perspective, the authentication configuration should be
+    done with use of ipapython.services.authconfig:
+
+    from ipapython import services as ipaservices
+    auth_config = ipaservices.authconfig()
+    auth_config.disable("ldap")
+    auth_config.disable("krb5")
+    auth_config.disable("sssd")
+    auth_config.disable("sssdauth")
+    auth_config.disable("mkhomedir")
+    auth_config.add_option("update")
+    auth_config.enable("nis")
+    auth_config.add_parameter("nisdomain","foobar")
+    auth_config.execute()
+
+    If you need to re-use existing AuthConfig instance for multiple runs,
+    make sure to call 'AuthConfig.reset()' between the runs.
+    """
+
+    def __init__(self):
+        self.parameters = {}
+
+    def enable(self, option):
+        self.parameters[option] = True
+        return self
+
+    def disable(self, option):
+        self.parameters[option] = False
+        return self
+
+    def add_option(self, option):
+        self.parameters[option] = None
+        return self
+
+    def add_parameter(self, option, value):
+        self.parameters[option] = [value]
+        return self
+
+    def build_args(self):
+        # do nothing
+        return None
+
+    def execute(self):
+        # do nothing
+        return None
+
+    def reset(self):
+        self.parameters = {}
+        return self
diff --git a/ipaplatform/base/tasks.py b/ipaplatform/base/tasks.py
index 8719ad1db..7d776deb5 100644
--- a/ipaplatform/base/tasks.py
+++ b/ipaplatform/base/tasks.py
@@ -60,3 +60,21 @@ def restore_network_configuration(fstore, statestore):
 
 def backup_and_replace_hostname(fstore, statestore, hostname):
     return
+
+
+def restore_pre_ipa_client_configuration(fstore, statestore,
+                                         was_sssd_installed,
+                                         was_sssd_configured):
+    return
+
+
+def set_nisdomain(nisdomain):
+    return
+
+
+def modify_nsswitch_pam_stack(sssd, mkhomedir, statestore):
+    return
+
+
+def modify_pam_to_use_krb5(statestore):
+    return
author	Tomas Babej <tbabej@redhat.com>	2014-05-27 09:13:59 +0200
committer	Petr Viktorin <pviktori@redhat.com>	2014-06-16 19:48:18 +0200
commit	5f31f2d35f714880230c1a92a322c620e8708eb3 (patch)
tree	200f71d434d8403df61d7c08b540e73f34897150 /ipaplatform/base
parent	6a4cd8a4e33fba68c89d6046a98adb790c401041 (diff)
download	freeipa-5f31f2d35f714880230c1a92a322c620e8708eb3.tar.gz freeipa-5f31f2d35f714880230c1a92a322c620e8708eb3.tar.xz freeipa-5f31f2d35f714880230c1a92a322c620e8708eb3.zip