summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Zeleny <jzeleny@redhat.com>2011-03-30 08:38:41 -0400
committerStephen Gallagher <sgallagh@redhat.com>2011-04-25 08:06:34 -0400
commit0e5879c0e3f83b0bbaff79d9c97f672055b61c4f (patch)
tree091171a2ae53082ef12e292a8d355ba32659fbd5
parent7a0e6e2b9fc2fffc10f33e90926bb7edb5198dde (diff)
downloadsssd-0e5879c0e3f83b0bbaff79d9c97f672055b61c4f.tar.gz
sssd-0e5879c0e3f83b0bbaff79d9c97f672055b61c4f.tar.xz
sssd-0e5879c0e3f83b0bbaff79d9c97f672055b61c4f.zip
Configuration parsing updates
These changes are all related to following ticket: https://fedorahosted.org/sssd/ticket/763 Changes in SSSDConfig.py merge old and new domain record instead of just deleting the old and inserting the new one. The old approach let to loss of some information like comments and blank lines in the config file. Changes in API config were performed so our Python scripts (like sss_obfuscate) don't add extra config options to the config file.
-rw-r--r--src/config/SSSDConfig.py25
-rwxr-xr-xsrc/config/SSSDConfigTest.py33
-rw-r--r--src/config/etc/sssd.api.conf4
-rw-r--r--src/config/etc/sssd.api.d/sssd-ipa.conf2
-rw-r--r--src/config/etc/sssd.api.d/sssd-ldap.conf4
-rw-r--r--src/config/etc/sssd.api.d/sssd-local.conf4
6 files changed, 19 insertions, 53 deletions
diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py
index 5135174a8..c3d9ed408 100644
--- a/src/config/SSSDConfig.py
+++ b/src/config/SSSDConfig.py
@@ -1739,23 +1739,20 @@ class SSSDConfig(SSSDChangeConf):
domain.oldname = None;
sectionname = 'domain/%s' % name
- # Ensure that the existing section is removed
- # This way we ensure that we are getting a
- # complete copy of the service.
- # delete_option() is a noop if the section
- # does not exist.
- index = self.delete_option('section', sectionname)
- addkw = []
+ section_subtree = self.findOpts(self.opts, 'section', sectionname)
+
+ if name not in self.list_domains():
+ self.add_section(sectionname, []);
+
+ for option in self.options(sectionname):
+ if option['type'] == 'option':
+ if option['name'] not in domain.get_all_options():
+ self.delete_option_subtree(section_subtree, 'option', option['name'], True)
+
for option,value in domain.get_all_options().items():
if (type(value) == list):
value = ', '.join(value)
- addkw.append( { 'type' : 'option',
- 'name' : option,
- 'value' : str(value) } )
- if oldindex:
- self.add_section(sectionname, addkw, oldindex)
- else:
- self.add_section(sectionname, addkw, index)
+ self.set(sectionname, option, str(value))
if domain.active:
self.activate_domain(name)
diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py
index cad183ea0..af32acc67 100755
--- a/src/config/SSSDConfigTest.py
+++ b/src/config/SSSDConfigTest.py
@@ -599,33 +599,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
# First test default options
options = domain.list_mandatory_options()
- control_list = [
- 'cache_credentials',
- 'id_provider',
- 'auth_provider']
-
- self.assertTrue(type(options) == dict,
- "Options should be a dictionary")
-
- # Ensure that all of the expected defaults are there
- for option in control_list:
- self.assertTrue(option in options.keys(),
- "Option [%s] missing" %
- option)
-
- # Ensure that there aren't any unexpected options listed
- for option in options.keys():
- self.assertTrue(option in control_list,
- 'Option [%s] unexpectedly found' %
- option)
-
- # Add a provider and verify that the new options appear
- domain.add_provider('local', 'id')
- control_list.extend(
- ['default_shell',
- 'base_directory'])
-
- options = domain.list_mandatory_options()
+ control_list = ['id_provider']
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
@@ -1000,11 +974,6 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
def testRemoveOption(self):
domain = SSSDConfig.SSSDDomain('sssd', self.schema)
- # Positive test - Remove existing option
- self.assertTrue('cache_credentials' in domain.get_all_options().keys())
- domain.remove_option('cache_credentials')
- self.assertFalse('cache_credentials' in domain.get_all_options().keys())
-
# Positive test - Remove unset but valid option
self.assertFalse('max_id' in domain.get_all_options().keys())
domain.remove_option('max_id')
diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf
index e91597166..975cd2d1f 100644
--- a/src/config/etc/sssd.api.conf
+++ b/src/config/etc/sssd.api.conf
@@ -40,7 +40,7 @@ pam_pwd_expiration_warning = int, None, false
[provider]
#Available provider types
id_provider = str, None, true
-auth_provider = str, None, true
+auth_provider = str, None, false
access_provider = str, None, false
chpass_provider = str, None, false
@@ -53,7 +53,7 @@ min_id = int, None, false
max_id = int, None, false
timeout = int, None, false
enumerate = bool, None, false
-cache_credentials = bool, None, true, false
+cache_credentials = bool, None, false
store_legacy_passwords = bool, None, false
use_fully_qualified_names = bool, None, false
entry_cache_timeout = int, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf
index 31b7dc9be..7719069c7 100644
--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
@@ -1,5 +1,5 @@
[provider/ipa]
-ipa_domain = str, None, true
+ipa_domain = str, None, false
ipa_server = str, None, false
ipa_hostname = str, None, false
ipa_dyndns_update = bool, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf
index 5fd0cfb58..8672f0b24 100644
--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
@@ -1,7 +1,7 @@
[provider/ldap]
ldap_uri = str, None, false
ldap_search_base = str, None, false
-ldap_schema = str, None, true, rfc2307
+ldap_schema = str, None, false
ldap_default_bind_dn = str, None, false
ldap_default_authtok_type = str, None, false
ldap_default_authtok = str, None, false
@@ -33,7 +33,7 @@ ldap_search_timeout = int, None, false
ldap_enumeration_search_timeout = int, None, false
ldap_enumeration_refresh_timeout = int, None, false
ldap_purge_cache_timeout = int, None, false
-ldap_id_use_start_tls = bool, None, true, false
+ldap_id_use_start_tls = bool, None, false
ldap_user_search_base = str, None, false
ldap_user_search_scope = str, None, false
ldap_user_search_filter = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-local.conf b/src/config/etc/sssd.api.d/sssd-local.conf
index 0686f0823..f740b5ba1 100644
--- a/src/config/etc/sssd.api.d/sssd-local.conf
+++ b/src/config/etc/sssd.api.d/sssd-local.conf
@@ -1,8 +1,8 @@
[provider/local]
[provider/local/id]
-default_shell = str, None, true, /bin/bash
-base_directory = str, None, true, /home
+default_shell = str, None, false
+base_directory = str, None, false
[provider/local/auth]