diff options
-rw-r--r-- | ChangeLog | 20 | ||||
-rw-r--r-- | dispatch.py | 1 | ||||
-rwxr-xr-x | gui.py | 1 | ||||
-rw-r--r-- | installclass.py | 43 | ||||
-rw-r--r-- | installclasses/personal_desktop.py | 2 | ||||
-rw-r--r-- | installclasses/server.py | 1 | ||||
-rw-r--r-- | instdata.py | 37 | ||||
-rw-r--r-- | kickstart.py | 100 | ||||
-rw-r--r-- | packages.py | 8 | ||||
-rw-r--r-- | text.py | 1 | ||||
-rw-r--r-- | textw/userauth_text.py | 386 | ||||
-rw-r--r-- | users.py | 151 |
12 files changed, 68 insertions, 683 deletions
@@ -1,3 +1,23 @@ +2005-08-29 Chris Lumens <clumens@redhat.com> + + * installclass.py (BaseInstallClass.setAuthentication): Simplified to + store authconfig data as a string to be passed to authconfig without + mangling. + * kickstart.py (Kickstart.doAuthconfig): Likewise. + * instdata.py (InstallData.write, InstallData.writeKS): Likewise. + + * dispatch.py (installSteps): Removed authentication step. + * gui.py (stepToClass): Likewise. + * text.py (stepToClasses): Likewise. + * installclasses/personal_desktop.py: Likewise. + * installclasses/server.py: Likewise. + + * packages.py (handleMiscPackages): Check string instead of instdata + values. + * users.py (Authentication): Removed. + * iw/auth_gui.py: Removed. + * textw/userauth_text.py (UsersWindow, AuthConfigWindow): Removed. + 2005-08-29 Jeremy Katz <katzj@redhat.com> * iw/autopart_type.py (PartitionTypeWindow.getScreen): Fix a diff --git a/dispatch.py b/dispatch.py index e8f9eabbc..f11e63c59 100644 --- a/dispatch.py +++ b/dispatch.py @@ -100,7 +100,6 @@ installSteps = [ ("network", ("id.network", "dir", "intf", "id")), ("timezone", ("id.instLanguage", "id.timezone")), ("accounts", ("intf", "id.rootPassword")), - ("authentication", ("id.auth",)), #XXX: factor to backend #("readcomps", readPackages, ("intf", "method", "id")), #("desktopchoice", ("intf", "id.instClass", "dispatch", "id.grpset")), @@ -67,7 +67,6 @@ stepToClass = { "network" : ("network_gui", "NetworkWindow"), "timezone" : ("timezone_gui", "TimezoneWindow"), "accounts" : ("account_gui", "AccountWindow"), - "authentication" : ("auth_gui", "AuthWindow"), "desktopchoice": ("desktop_choice_gui", "DesktopChoiceWindow"), "package-selection" : ("package_gui", "PackageSelectionWindow"), "indivpackage" : ("package_gui", "IndividualPackageSelectionWindow"), diff --git a/installclass.py b/installclass.py index a84a8a1f6..9bc5ad31a 100644 --- a/installclass.py +++ b/installclass.py @@ -277,45 +277,8 @@ class BaseInstallClass: def setRootPassword(self, id, pw, isCrypted = 0): id.rootPassword.set(pw, isCrypted) - def setAuthentication(self, id, useShadow, useMd5, - useNIS = 0, nisDomain = "", nisBroadcast = 0, - nisServer = "", - useLdap = 0, useLdapauth = 0, ldapServer = "", - ldapBasedn = "", useldapTls = 0, - useKrb5 = 0, krb5Realm = "", krb5Kdc = "", - krb5Admin = "", - useHesiod = 0, hesiodLhs = "", hesiodRhs = "", - useSamba = 0, sambaServer= "", sambaWorkgroup = "", - enableCache = 0): - - id.auth.useShadow = useShadow - id.auth.useMD5 = useMd5 - - id.auth.useNIS = useNIS - id.auth.nisDomain = nisDomain - id.auth.nisuseBroadcast = nisBroadcast - id.auth.nisServer = nisServer - - id.auth.useLdap = useLdap - id.auth.useLdapauth = useLdapauth - id.auth.ldapServer = ldapServer - id.auth.ldapBasedn = ldapBasedn - id.auth.ldapTLS = useldapTls - - id.auth.useKrb5 = useKrb5 - id.auth.krb5Realm = krb5Realm - id.auth.krb5Kdc = krb5Kdc - id.auth.krb5Admin = krb5Admin - - id.auth.useHesiod = useHesiod - id.auth.hesiodLhs = hesiodLhs - id.auth.hesiodRhs = hesiodRhs - - id.auth.useSamba = useSamba - id.auth.sambaServer = sambaServer - id.auth.sambaWorkgroup = sambaWorkgroup - - id.auth.enableCache = enableCache + def setAuthentication(self, id, authStr): + id.auth = authStr def setNetwork(self, id, bootProto, ip, netmask, ethtool, device = None, onboot = 1, dhcpclass = None, essid = None, wepkey = None): if bootProto: @@ -522,7 +485,7 @@ class BaseInstallClass: partitions.autoClearPartType = clear partitions.autoClearPartDrives = [] partitions.autoPartitionRequests = autoCreateLVMPartitionRequests(autorequests) - + def setInstallData(self, id, intf = None): id.reset() diff --git a/installclasses/personal_desktop.py b/installclasses/personal_desktop.py index 6e6f25df7..7b0e935ba 100644 --- a/installclasses/personal_desktop.py +++ b/installclasses/personal_desktop.py @@ -30,8 +30,6 @@ class InstallClass(BaseInstallClass): def setSteps(self, dispatch): BaseInstallClass.setSteps(self, dispatch); dispatch.skipStep("partition") - dispatch.skipStep("authentication") - dispatch.skipStep("desktopchoice", skip = 0) dispatch.skipStep("package-selection", skip = 1) diff --git a/installclasses/server.py b/installclasses/server.py index 4b724f071..1dc09b10d 100644 --- a/installclasses/server.py +++ b/installclasses/server.py @@ -21,7 +21,6 @@ class InstallClass(BaseInstallClass): def setSteps(self, dispatch): BaseInstallClass.setSteps(self, dispatch); - dispatch.skipStep("authentication") def setGroupSelection(self, grpset, intf): BaseInstallClass.__init__(self, grpset) diff --git a/instdata.py b/instdata.py index a24a13b76..d478a3457 100644 --- a/instdata.py +++ b/instdata.py @@ -29,6 +29,7 @@ import partedUtils import hdrlist import zfcp import urllib +import iutil from flags import * from constants import * @@ -54,7 +55,7 @@ class InstallData: self.timezone = timezone.Timezone() self.accounts = users.Accounts() self.rootPassword = users.RootPassword () - self.auth = users.Authentication() + self.auth = "" self.desktop = desktop.Desktop() self.grpset = None self.upgrade = False @@ -107,19 +108,41 @@ class InstallData: self.upgrade = bool def write(self, instPath): + if self.auth.find("--enablemd5"): + useMD5 = True + else: + useMD5 = False + self.instLanguage.write (instPath) if not self.isHeadless: self.keyboard.write (instPath) self.timezone.write (instPath) - self.auth.write (instPath) + + try: + if flags.setupFilesystems: + args = ["--kickstart", "--nostart", self.auth] + iutil.execWithRedirect("/usr/sbin/authconfig", args, + stdout = None, stderr = None, + searchPath = 1, root = instPath) + else: + log.error("Would have run: /usr/sbin/authconfig %s", args) + except RuntimeError, msg: + log.error("Error running /usr/sbin/authconfig %s: %s", + args, msg) + self.firewall.write (instPath) self.security.write (instPath) - self.rootPassword.write (instPath, self.auth) - self.accounts.write (instPath, self.auth) + self.rootPassword.write (instPath, useMD5) + self.accounts.write (instPath, useMD5) def writeKS(self, filename): + if self.auth.find("--enablemd5"): + useMD5 = True + else: + useMD5 = False + f = open(filename, "w") f.write("# Kickstart file automatically generated by anaconda.\n\n") @@ -167,17 +190,17 @@ class InstallData: self.xsetup.writeKS(f, self.desktop) self.network.writeKS(f) self.zfcp.writeKS(f) - self.rootPassword.writeKS(f, self.auth) + self.rootPassword.writeKS(f, useMD5) self.firewall.writeKS(f) + f.write("authconfig %s" % self.auth) self.security.writeKS(f) - self.auth.writeKS(f) self.timezone.writeKS(f) self.bootloader.writeKS(f) self.partitions.writeKS(f) #self.writePackagesKS(f) f.write("\n%post\n") - self.accounts.writeKScommands(f, self.auth) + self.accounts.writeKScommands(f, useMD5) # make it so only root can read, could have password os.chmod(filename, 0600) diff --git a/kickstart.py b/kickstart.py index 569efeddb..fe63fcc0b 100644 --- a/kickstart.py +++ b/kickstart.py @@ -238,105 +238,7 @@ class Kickstart(BaseInstallClass): self.skipSteps.append("zfcpconfig") def doAuthconfig(self, id, args): - (args, extra) = isys.getopt(args, '', - [ 'useshadow', 'enableshadow', - 'enablemd5', - 'enablenis', 'nisdomain=', 'nisserver=', - 'enableldap', 'enableldapauth', 'ldapserver=', 'ldapbasedn=', - 'enableldaptls', - 'enablekrb5', 'krb5realm=', 'krb5kdc=', 'krb5adminserver=', - 'enablehesiod', 'hesiodlhs=', 'hesiodrhs=', - 'enablesmbauth', 'smbservers=', 'smbworkgroup=', - 'enablecache']) - - useShadow = 0 - - useMd5 = 0 - - useNis = 0 - nisServer = "" - nisDomain = "" - nisBroadcast = 0 - - useLdap = 0 - useLdapauth = 0 - useLdaptls = 0 - ldapServer = "" - ldapBasedn = "" - - useKrb5 = 0 - krb5Realm = "" - krb5Kdc = "" - krb5Admin = "" - - useHesiod = 0 - hesiodLhs = "" - hesiodRhs = "" - - useSamba = 0 - smbServers = "" - smbWorkgroup = "" - - enableCache = 0 - - for n in args: - (str, arg) = n - if (str == '--enablenis'): - useNis = 1 - elif (str == '--useshadow') or (str == '--enableshadow'): - useShadow = 1 - elif (str == '--enablemd5'): - useMd5 = 1 - elif (str == '--nisserver'): - nisServer = arg - elif (str == '--nisdomain'): - nisDomain = arg - elif (str == '--enableldap'): - useLdap = 1 - elif (str == '--enableldapauth'): - useLdapauth = 1 - elif (str == '--ldapserver'): - ldapServer = arg - elif (str == '--ldapbasedn'): - ldapBasedn = arg - elif (str == '--enableldaptls'): - useLdaptls = 1 - elif (str == '--enablekrb5'): - useKrb5 = 1 - elif (str == '--krb5realm'): - krb5Realm = arg - elif (str == '--krb5kdc'): - krb5Kdc = arg - elif (str == '--krb5adminserver'): - krb5Admin = arg - elif (str == '--enablehesiod'): - useHesiod = 1 - elif (str == '--hesiodlhs'): - hesiodLhs = arg - elif (str == '--hesiodrhs'): - hesiodRhs = arg - elif (str == '--enablesmbauth'): - useSamba = 1 - elif (str == '--smbservers'): - smbServers = arg - elif (str == '--smbworkgroup'): - smbWorkgroup = arg - elif (str == '--enablecache'): - enableCache = 1 - - - if useNis and not nisServer: nisBroadcast = 1 - - self.setAuthentication(id, useShadow, useMd5, - useNis, nisDomain, nisBroadcast, nisServer, - useLdap, useLdapauth, ldapServer, - ldapBasedn, useLdaptls, - useKrb5, krb5Realm, krb5Kdc, krb5Admin, - useHesiod, hesiodLhs, hesiodRhs, - useSamba, smbServers, smbWorkgroup, - enableCache) - - self.skipSteps.append("authentication") + self.setAuthentication(id, string.join(args)) def doBootloader (self, id, args): (args, extra) = isys.getopt(args, '', diff --git a/packages.py b/packages.py index ab357f1ef..63149a27e 100644 --- a/packages.py +++ b/packages.py @@ -344,23 +344,23 @@ def handleMiscPackages(intf, id, dir): select(id.grpset.hdrlist, "kernel-devel") # if NIS is configured, install ypbind and dependencies: - if id.auth.useNIS: + if id.auth.find("--enablenis") != -1: select(id.grpset.hdrlist, 'ypbind') select(id.grpset.hdrlist, 'yp-tools') select(id.grpset.hdrlist, 'portmap') - if id.auth.useLdap: + if id.auth.find("--enableldap") != -1: select(id.grpset.hdrlist, 'nss_ldap') select(id.grpset.hdrlist, 'openldap') select(id.grpset.hdrlist, 'perl') - if id.auth.useKrb5: + if id.auth.find("--enablekrb5") != -1: select(id.grpset.hdrlist, 'pam_krb5') select(id.grpset.hdrlist, 'krb5-workstation') select(id.grpset.hdrlist, 'krbafs') select(id.grpset.hdrlist, 'krb5-libs') - if id.auth.useSamba: + if id.auth.find("--enablesmbauth") != -1: select(id.grpset.hdrlist, 'pam_smb') if iutil.getArch() == "i386" and id.bootloader.useGrubVal == 1: @@ -64,7 +64,6 @@ stepToClasses = { "HostnameWindow")), "timezone" : ("timezone_text", "TimezoneWindow"), "accounts" : ("userauth_text", "RootPasswordWindow"), - "authentication" : ("userauth_text", ("AuthConfigWindow")), "desktopchoice": ("desktop_choice_text", "DesktopChoiceWindow"), "package-selection" : ("packages_text", "PackageGroupWindow"), "indivpackage" : ("packages_text", ("IndividualPackageWindow")), diff --git a/textw/userauth_text.py b/textw/userauth_text.py index 5a7a2e776..cc394b57a 100644 --- a/textw/userauth_text.py +++ b/textw/userauth_text.py @@ -14,8 +14,6 @@ from snack import * from constants_text import * from rhpl.translate import _ -import iutil -from flags import flags def has_bad_chars(pw): allowed = string.digits + string.ascii_letters + string.punctuation + " " @@ -81,387 +79,3 @@ class RootPasswordWindow: screen.popWindow() rootPw.set (entry1.value ()) return INSTALL_OK - -class UsersWindow: - def editWindow (self, user, text, edit = 0, cancelText = None): - if (not cancelText): - cancelText = _("Cancel") - - systemUsers = ['root', 'bin', 'daemon', 'adm', 'lp', 'sync', 'shutdown', 'halt', 'mail', - 'news', 'uucp', 'operator', 'games', 'gopher', 'ftp', 'nobody', 'nscd', - 'mailnull', 'rpm', 'ident', 'rpc', 'rpcuser', 'radvd', 'xfs', 'gdm', 'apache', - 'squid'] - - username = Entry (16, user["id"], scroll=0) - currentid = user["id"] - pass1 = Entry (10, user["password"], password = 1) - pass2 = Entry (10, user["password"], password = 1) - fullname = Entry (20, user["name"], scroll = 1) - - if edit: - title = _("Edit User") - helptag = "edituser" - else: - title = _("Add User") - helptag = "adduser" - - while 1: - (rc, ent) = EntryWindow (self.screen, title, text, - [ (_("User Name"), username), - (_("Password"), pass1), - (_("Password (confirm)"), pass2), - (_("Full Name"), fullname)], - buttons = [ TEXT_OK_BUTTON, (cancelText, "cancel") ], - help = helptag) - - if rc == "cancel": - return INSTALL_BACK - - if not len(pass1.value()) and not len(pass2.value()) and \ - not len(username.value()) and not len(fullname.value()): - return INSTALL_OK - - if (not iutil.validUser(username.value())): - ButtonChoiceWindow(self.screen, _("Bad User Name"), - _("User names must " - "contain only characters " - "A-Z, a-z, and 0-9."), - buttons = [ TEXT_OK_BUTTON ], width = 50) - continue - - if not username.value (): - ButtonChoiceWindow(self.screen, _("Missing User Name"), - _("You must provide a user name"), - buttons = [ TEXT_OK_BUTTON ], width = 50) - continue - if len (pass1.value ()) < 6: - ButtonChoiceWindow(self.screen, _("Password Length"), - _("The password must be at least 6 characters " - "long."), - buttons = [ TEXT_OK_BUTTON ], width = 50) - pass1.set ("") - pass2.set ("") - continue - elif pass1.value () != pass2.value (): - ButtonChoiceWindow(self.screen, _("Password Mismatch"), - _("The passwords you entered were different. Please " - "try again."), - buttons = [ TEXT_OK_BUTTON ], width = 50) - pass1.set ("") - pass2.set ("") - continue - - if username.value() == "root": - ButtonChoiceWindow(self.screen, _("User Exists"), - _("The root user is already configured. You don't " - "need to add this user here."), - buttons = [ TEXT_OK_BUTTON ], width = 50) - continue - - if username.value() in systemUsers : - ButtonChoiceWindow(self.screen, _("User Exists"), - _("This system user is already configured. You don't " - "need to add this user here."), - buttons = [ TEXT_OK_BUTTON ], width = 50) - continue - - if self.users.has_key (username.value ()) and \ - username.value () != currentid: - ButtonChoiceWindow(self.screen, _("User Exists"), - _("This user id already exists. Choose another."), - buttons = [ TEXT_OK_BUTTON], width = 50) - continue - - # XXX FIXME - more data validity checks - - user["id"] = username.value () - user["name"] = fullname.value () - user["password"] = pass1.value () - break - - return INSTALL_OK - - def __call__ (self, screen, rootPw, accounts): - self.users = {} - self.screen = screen - user = { "id" : "", "name" : "", "password" : "" } - - for (account, name, password) in accounts.getUserList(): - user['id'] = account - user['name'] = name - user['password'] = password - self.users[account] = user - del user - user = { "id" : "", "name" : "", "password" : "" } - - if not self.users.keys(): - rc = self.editWindow(user, _("You should use a normal user " - "account for most activities on your system. By not using the " - "root account casually, you'll reduce the chance of " - "disrupting your system's configuration."), - cancelText = _("Back")) - if (rc == INSTALL_BACK): - return INSTALL_BACK - if (not user['id']): - return INSTALL_OK - self.users[user["id"]] = user - - g = GridFormHelp (screen, _("User Account Setup"), "newusers", 1, 4) - - t = TextboxReflowed(60, _("What other user accounts would you like " - "to have on the system? You should have at " - "least one non-root account for normal " - "work, but multi-user systems can have " - "any number of accounts set up.")) - g.add(t, 0, 0, anchorLeft = 1, padding = (0, 0, 0, 1)) - - listformat = "%-15s %-40s" - userformat = "%(id)-15s %(name)-40s" - - subgrid = Grid(1, 2) - header = listformat % (_("User name"), _("Full Name")) - label = Label (header) - subgrid.setField (label, 0, 0, anchorLeft = 1) - listbox = Listbox (5, scroll = 1, returnExit = 1, width = 54) - subgrid.setField (listbox, 0, 1, (0, 0, 0, 1), anchorLeft = 1) - - g.add(subgrid, 0, 1) - - self.numusers = 0 - - for user in self.users.values (): - self.numusers = self.numusers + 1 - listbox.append (userformat % user, user["id"]) - - bb = ButtonBar (screen, ((_("Add"), "add"), (_("Delete"), "delete"), - (_("Edit"), "edit"), TEXT_OK_BUTTON, TEXT_BACK_BUTTON)) - - g.add (bb, 0, 3, growx = 1) - - while 1: - result = g.run () - - rc = bb.buttonPressed (result) - - if rc == "add": - user = { "id" : "", "name" : "", "password" : "" } - if self.editWindow (user, - _("Enter the information for the user."), 0) != INSTALL_BACK: - listbox.append (userformat % user, user["id"]) - listbox.setCurrent (user["id"]) - self.users[user["id"]] = user - self.numusers = self.numusers + 1 - elif rc == "delete": - # if there are no users in the list, don't try to delete one - if self.numusers > 0: - current = listbox.current () - listbox.delete (current) - del self.users [current] - self.numusers = self.numusers - 1 - elif rc == "edit" or result == listbox: - # if there are no users in the list, don't try to edit one - if self.numusers > 0: - current = listbox.current() - user = self.users[current] - if self.editWindow (user, - _("Change the information for this user."), 1) != INSTALL_BACK: - # if the user id changed, we need to delete the old key - # and insert this new one. - if user["id"] != current: - del self.users [current] - listbox.insert (userformat % user, user["id"], current) - listbox.delete (current) - # and if the user id didn't change, just replace the old - # listbox entry. - else: - listbox.replace (userformat % user, user["id"]) - self.users [user["id"]] = user - listbox.setCurrent(user["id"]) - elif rc == TEXT_OK_CHECK or result == TEXT_F12_CHECK: - dir = INSTALL_OK - break - elif rc == TEXT_BACK_CHECK: - dir = INSTALL_BACK - break - else: - raise RuntimeError, "I shouldn't be here w/ rc %s..." % rc - - screen.popWindow () - - list = [] - for n in self.users.values(): - info = ( n['id'], n['name'], n['password'] ) - list.append(info) - - accounts.setUserList(list) - - return dir - -class AuthConfigWindow: - def nissetsensitive (self): - server = FLAGS_RESET - flag = FLAGS_RESET - if self.broadcast.selected (): - server = FLAGS_SET - if not self.nis.selected (): - flag = FLAGS_SET - server = FLAGS_SET - - self.nisDomain.setFlags (FLAG_DISABLED, flag) - self.broadcast.setFlags (FLAG_DISABLED, flag) - self.nisServer.setFlags (FLAG_DISABLED, server) - - def ldapsetsensitive (self): - # handle other forms here... - server = FLAGS_RESET - if not self.ldap.selected(): - server = FLAGS_SET - - self.ldapServer.setFlags (FLAG_DISABLED, server) - self.ldapBasedn.setFlags (FLAG_DISABLED, server) - self.ldapTLS.setFlags (FLAG_DISABLED, server) - - def krb5setsensitive (self): - # handle other forms here... - server = FLAGS_RESET - if not self.krb5.selected(): - server = FLAGS_SET - - self.krb5Realm.setFlags (FLAG_DISABLED, server) - self.krb5Kdc.setFlags (FLAG_DISABLED, server) - self.krb5Admin.setFlags (FLAG_DISABLED, server) - - def __call__(self, screen, auth): - bb = ButtonBar (screen, (TEXT_OK_BUTTON, TEXT_BACK_BUTTON)) - - toplevel = GridFormHelp (screen, _("Authentication Configuration"), - "authconfig", 1, 10) - self.shadow = Checkbox (_("Use Shadow Passwords"), auth.useShadow) - toplevel.add (self.shadow, 0, 0, (0, 0, 0, 0), anchorLeft = 1) - self.md5 = Checkbox (_("Enable MD5 Passwords"), auth.useMD5) - toplevel.add (self.md5, 0, 1, (0, 0, 0, 1), anchorLeft = 1) - - # nis support - subgrid = Grid (3, 3) - self.nis = Checkbox (_("Enable NIS"), auth.useNIS) - subgrid.setField (self.nis, 0, 0) - - subgrid.setField (Label (""), 0, 1) - subgrid.setField (Label (""), 0, 2) - - subgrid.setField (Label (_("NIS Domain:")), - 1, 0, (2, 0, 1, 0), anchorRight = 1) - subgrid.setField (Label (_("NIS Server:")), - 1, 1, (2, 0, 1, 0), anchorRight = 1) - subgrid.setField (Label (_("or use:")), - 1, 2, (2, 0, 1, 0), anchorRight = 1) - - text = _("Request server via broadcast") - entrywid = len(text) + 4 - - self.nisDomain = Entry (entrywid) - self.nisDomain.set (auth.nisDomain) - self.broadcast = Checkbox (text, auth.nisuseBroadcast) - self.nisServer = Entry (entrywid) - self.nisServer.set (auth.nisServer) - subgrid.setField (self.nisDomain, 2, 0, anchorLeft = 1) - subgrid.setField (self.broadcast, 2, 1, anchorLeft = 1) - subgrid.setField (self.nisServer, 2, 2, anchorLeft = 1) - - toplevel.add (subgrid, 0, 2, (0, 0, 0, 0), anchorLeft=1) - - # set up callbacks - self.nis.setCallback (self.nissetsensitive) - self.broadcast.setCallback (self.nissetsensitive) - - # ldap support next - subgrid2 = Grid (3, 3) - - self.ldap = Checkbox (_("Enable LDAP"), auth.useLdap) - subgrid2.setField(self.ldap, 0, 0) - - subgrid2.setField (Label (""), 0, 1) - subgrid2.setField (Label (""), 0, 2) - - subgrid2.setField (Label (_("LDAP Server:")), - 1, 0, (2, 0, 1, 0), anchorRight = 1) - subgrid2.setField (Label (_("LDAP Base DN:")), - 1, 1, (2, 0, 1, 0), anchorRight = 1) - - self.ldapServer = Entry (entrywid) - self.ldapServer.set (auth.ldapServer) - self.ldapBasedn = Entry (entrywid) - self.ldapBasedn.set (auth.ldapBasedn) - subgrid2.setField (self.ldapServer, 2, 0, anchorLeft = 1) - subgrid2.setField (self.ldapBasedn, 2, 1, anchorLeft = 1) - - self.ldapTLS = Checkbox (_("Use TLS connections"), 0) - subgrid2.setField (self.ldapTLS, 2, 2, anchorLeft = 1) - - toplevel.add (subgrid2, 0, 3, (0, 0, 0, 0)) - - # set up callbacks - self.ldap.setCallback (self.ldapsetsensitive) - - # kerberos last support next - subgrid3 = Grid (3, 4) - - self.krb5 = Checkbox (_("Enable Kerberos"), auth.useKrb5) - subgrid3.setField(self.krb5, 0, 0) - - subgrid3.setField (Label (""), 0, 1) - subgrid3.setField (Label (""), 0, 2) - subgrid3.setField (Label (""), 0, 3) - - subgrid3.setField (Label (_("Realm:")), - 1, 0, (-2, 0, 1, 0), anchorRight = 1) - subgrid3.setField (Label (_("KDC:")), - 1, 1, (-2, 0, 1, 0), anchorRight = 1) - subgrid3.setField (Label (_("Admin Server:")), - 1, 2, (-2, 0, 1, 0), anchorRight = 1) - self.krb5Realm = Entry (entrywid) - self.krb5Realm.set (auth.krb5Realm) - self.krb5Kdc = Entry (entrywid) - self.krb5Kdc.set (auth.krb5Kdc) - self.krb5Admin = Entry (entrywid) - self.krb5Admin.set (auth.krb5Admin) - subgrid3.setField (self.krb5Realm, 2, 0, anchorLeft = 1) - subgrid3.setField (self.krb5Kdc, 2, 1, anchorLeft = 1) - subgrid3.setField (self.krb5Admin, 2, 2, anchorLeft = 1) - - self.krb5.setCallback (self.krb5setsensitive) - - toplevel.add (subgrid3, 0, 4, (0, 0, 0, 0)) - - # put button box at bottom - toplevel.add (bb, 0, 5, growx = 1) - - # enable entire form now - self.nissetsensitive () - self.ldapsetsensitive () - self.krb5setsensitive () - - result = toplevel.runOnce () - - auth.useMD5 = self.md5.value () - auth.useShadow = self.shadow.value () - auth.useNIS = self.nis.selected () - auth.nisDomain = self.nisDomain.value () - auth.nisuseBroadcast = self.broadcast.selected () - auth.nisServer = self.nisServer.value () - auth.useLdap = self.ldap.selected () - auth.useLdapauth = self.ldap.selected () - auth.ldapServer = self.ldapServer.value() - auth.ldapBasedn = self.ldapBasedn.value() - auth.ldapTLS = self.ldapTLS.selected () - auth.useKrb5 = self.krb5.selected() - auth.krb5Realm = self.krb5Realm.value() - auth.krb5Kdc = self.krb5Kdc.value() - auth.krb5Admin = self.krb5Admin.value() - - rc = bb.buttonPressed (result) - - if rc == TEXT_BACK_CHECK: - return INSTALL_BACK - return INSTALL_OK - @@ -38,16 +38,16 @@ class Accounts: def getUserList(self): return self.users - def writeKScommands(self, f, auth): + def writeKScommands(self, f, useMD5): for (account, name, password) in self.users: - crypted = cryptPassword(password, auth.useMD5) + crypted = cryptPassword(password, useMD5) f.write("/usr/sbin/useradd %s\n" % (account)); f.write("chfn -f '%s' %s\n" % (name, account)) f.write("/usr/sbin/usermod -p '%s' %s\n" % (crypted, account)) f.write("\n") - def write(self, instPath, auth): + def write(self, instPath, useMD5): if not self.users: return if not flags.setupFilesystems: @@ -62,7 +62,7 @@ class Accounts: iutil.execWithRedirect(argv[0], argv, root = instPath, stdout = None) - setPassword(instPath, account, password, auth.useMD5) + setPassword(instPath, account, password, useMD5) def __init__(self): self.users = [] @@ -97,18 +97,18 @@ class RootPassword(Password): def __str__(self): return "<Type RootPassword>" - def write(self, instPath, auth): + def write(self, instPath, useMD5): pure = self.getPure() if pure: - setPassword(instPath, "root", pure, auth.useMD5) + setPassword(instPath, "root", pure, useMD5) else: - setPassword(instPath, "root", self.getCrypted (), - auth.useMD5, alreadyCrypted = 1) + setPassword(instPath, "root", self.getCrypted (), useMD5, + alreadyCrypted = 1) - def writeKS(self, f, auth): + def writeKS(self, f, useMD5): pure = self.getPure() if pure: - f.write("rootpw --iscrypted %s\n" %(cryptPassword(pure, auth.useMD5))) + f.write("rootpw --iscrypted %s\n" %(cryptPassword(pure, useMD5))) else: f.write("rootpw --iscrypted %s\n" %(self.getCrypted())) @@ -136,134 +136,3 @@ def setPassword(instPath, account, password, useMD5, alreadyCrypted = 0): iutil.execWithRedirect(argv[0], argv, root = instPath, stdout = '/dev/null', stderr = None) os.close(devnull) - -class Authentication: - def __init__ (self): - self.useShadow = 1 - self.useMD5 = 1 - - self.useNIS = 0 - self.nisDomain = "" - self.nisuseBroadcast = 1 - self.nisServer = "" - - self.useLdap = 0 - self.useLdapauth = 0 - self.ldapServer = "" - self.ldapBasedn = "" - self.ldapTLS = "" - - self.useKrb5 = 0 - self.krb5Realm = "" - self.krb5Kdc = "" - self.krb5Admin = "" - - self.useHesiod = 0 - self.hesiodLhs = "" - self.hesiodRhs = "" - - self.useSamba = 0 - self.sambaServer = "" - self.sambaWorkgroup = "" - - self.enableCache = 0 - - def writeKS(self, f): - f.write("authconfig") - for arg in self.getArgList(): - if arg[0:9] != "--disable": - f.write(" " + arg) - f.write("\n") - - def getArgList(self): - args = [] - - if self.useShadow: - args.append ("--enableshadow") - else: - args.append ("--disableshadow") - - if self.useMD5: - args.append ("--enablemd5") - else: - args.append ("--disablemd5") - - if self.enableCache: - args.append("--enablecache") - else: - args.append("--disablecache") - - if self.useNIS: - args.append ("--enablenis") - args.append ("--nisdomain") - args.append (self.nisDomain) - if not self.nisuseBroadcast: - args.append ("--nisserver") - args.append (self.nisServer) - else: - args.append ("--disablenis") - - if self.useLdap: - args.append ("--enableldap") - else: - args.append ("--disableldap") - if self.useLdapauth: - args.append ("--enableldapauth") - else: - args.append ("--disableldapauth") - if self.useLdap or self.useLdapauth: - args.append ("--ldapserver") - args.append (self.ldapServer) - args.append ("--ldapbasedn") - args.append (self.ldapBasedn) - if self.ldapTLS: - args.append ("--enableldaptls") - else: - args.append ("--disableldaptls") - - if self.useKrb5: - args.append ("--enablekrb5") - args.append ("--krb5realm") - args.append (self.krb5Realm) - args.append ("--krb5kdc") - args.append (self.krb5Kdc) - args.append ("--krb5adminserver") - args.append (self.krb5Admin) - else: - args.append("--disablekrb5") - - if self.useHesiod: - args.append ("--enablehesiod") - args.append ("--hesiodlhs") - args.append (self.hesiodLhs) - args.append ("--hesiodrhs") - args.append (self.hesiodRhs) - else: - args.append("--disablehesiod") - - if self.useSamba: - args.append ("--enablesmbauth") - args.append ("--smbservers") - args.append (self.sambaServer) - args.append ("--smbworkgroup") - args.append (self.sambaWorkgroup) - else: - args.append("--disablesmbauth") - - return args - - def write (self, instPath): - args = [ "/usr/sbin/authconfig", "--kickstart", "--nostart" ] - args = args + self.getArgList() - - try: - if flags.setupFilesystems: - iutil.execWithRedirect(args[0], args, - stdout = None, stderr = None, - searchPath = 1, - root = instPath) - else: - log.error("Would have run %s", args) - except RuntimeError, msg: - log.error("Error running %s: %s", args, msg) - |