diff options
Diffstat (limited to 'ipa-client/firefox')
| -rw-r--r-- | ipa-client/firefox/Makefile.am | 18 | ||||
| -rw-r--r-- | ipa-client/firefox/README | 23 | ||||
| -rw-r--r-- | ipa-client/firefox/globalsetup.sh | 52 | ||||
| -rw-r--r-- | ipa-client/firefox/ipa.cfg | 19 | ||||
| -rw-r--r-- | ipa-client/firefox/ipa.js | 34 | ||||
| -rw-r--r-- | ipa-client/firefox/usersetup.sh | 40 |
6 files changed, 186 insertions, 0 deletions
diff --git a/ipa-client/firefox/Makefile.am b/ipa-client/firefox/Makefile.am new file mode 100644 index 00000000..daf69424 --- /dev/null +++ b/ipa-client/firefox/Makefile.am @@ -0,0 +1,18 @@ +NULL = + +appdir = $(IPA_DATA_DIR)/ipaclient +app_DATA = \ + ipa.cfg \ + ipa.js \ + $(NULL) + +EXTRA_DIST = \ + README \ + $(app_DATA) \ + globalsetup.sh \ + usersetup.sh \ + $(NULL) + +MAINTAINERCLEANFILES = \ + *~ \ + Makefile.in diff --git a/ipa-client/firefox/README b/ipa-client/firefox/README new file mode 100644 index 00000000..67013fcc --- /dev/null +++ b/ipa-client/firefox/README @@ -0,0 +1,23 @@ +Firefox automatic configuration. + +ipa.cfg needs to be installed in the Firefox root directory +(/usr/lib/firefox-version). It can be a symlink somewhere else. We install +the actual file into /usr/share/ipa. + +ipa.js contains the javascript that sets the desired configuration. + +The Firefox all.js needs to be modified to set: + +pref('general.config.obscure_value', 0); +pref('general.config.filename', 'ipa.cfg'); + +First need to remove any existing values for these. + +For more information on autoconfiguration, see: +http://mit.edu/~firefox/www/maintainers/autoconfig.html + +globalsetup.sh will change the default setup for all users and will +lock the preferences. The downside is that rpm -V will show firefox as +corrupt. + +usersetup.sh will change all existing profiles of the current user diff --git a/ipa-client/firefox/globalsetup.sh b/ipa-client/firefox/globalsetup.sh new file mode 100644 index 00000000..403c3d3e --- /dev/null +++ b/ipa-client/firefox/globalsetup.sh @@ -0,0 +1,52 @@ +#!/bin/sh + +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +ipacfg="ipa.cfg" + +for file in /usr/lib/firefox-* /usr/lib64/firefox* +do + # Find the configuration file we want to change + cfg=`find $file -name all.js` + + # determine the directory by removing all.js + dir=`echo $cfg | sed 's/greprefs\/all.js//'` + + # It is possible that there will be empty Firefox directories, so skip + # those. + if test "X"$cfg != "X"; then + + rm -f $cfg.new + + # If the configuration already exists, remove it + if grep general.config.filename $cfg > /dev/null 2>&1; then + grep -v general.config.filename $cfg > $cfg.new + mv $cfg.new $cfg + fi + + # We have the configuration unobscured + if grep general.config.filename $cfg > /dev/null 2>&1; then + grep -v general.config.obscure_value $cfg > $cfg.new + mv $cfg.new $cfg + fi + + # Now we can add the new stuff to the file + echo "pref('general.config.obscure_value', 0);" >> "$cfg" + echo "pref('general.config.filename', '$ipacfg');" >> "$cfg" + + # Create a link to our configuration file + rm -f $dir/$ipacfg + ln -s /usr/share/ipa/ipa.cfg $dir/$ipacfg + fi +done diff --git a/ipa-client/firefox/ipa.cfg b/ipa-client/firefox/ipa.cfg new file mode 100644 index 00000000..448c350b --- /dev/null +++ b/ipa-client/firefox/ipa.cfg @@ -0,0 +1,19 @@ +# +/* + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +lockPref("autoadmin.global_config_url","file:///usr/share/ipa/ipa.js"); diff --git a/ipa-client/firefox/ipa.js b/ipa-client/firefox/ipa.js new file mode 100644 index 00000000..a280954a --- /dev/null +++ b/ipa-client/firefox/ipa.js @@ -0,0 +1,34 @@ +/* + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; version 2 only + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +try +{ + /* Kerberos SSO configuration */ + lockPref("network.negotiate-auth.trusted-uris", ".freeipa.org"); + lockPref("network.negotiate-auth.delegation-uris", ".freeipa.org"); + + /* These are the defaults */ + lockPref("network.negotiate-auth.gsslib", ""); + lockPref("network.negotiate-auth.using-native-gsslib", true); + lockPref("network.negotiate-auth.allow-proxies", true); + + /* For Windows */ + lockPref("network.auth.use-sspi", false); +} +catch(e) +{ + displayError("Error in Autoconfig", e); +} diff --git a/ipa-client/firefox/usersetup.sh b/ipa-client/firefox/usersetup.sh new file mode 100644 index 00000000..e8d152b1 --- /dev/null +++ b/ipa-client/firefox/usersetup.sh @@ -0,0 +1,40 @@ +#!/bin/sh + +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +for file in `find $HOME/.mozilla -name prefs.js` +do + rm -f $file.new + + # If the configuration already exists, remove it + if grep network.negotiate- $file > /dev/null 2>&1; then + grep -v network.negotiate- $file > $file.new + mv $file.new $file + fi + + # We have the configuration unobscured + if grep network.auth.use-sspi $file > /dev/null 2>&1; then + grep -v network.auth.use-sspi $file > $file.new + mv $file.new $file + fi + + # Now we can add the new stuff to the file + echo "user_pref('network.auth.use-sspi', false);" >> $file + echo "user_pref('network.cookie.prefsMigrated', true);" >> $file + echo "user_pref('network.negotiate-auth.allow-proxies', true);" >> $file + echo "user_pref('network.negotiate-auth.delegation-uris', '.freeipa.org');" >> $file + echo "user_pref('network.negotiate-auth.gsslib', '');" >> $file + echo "user_pref('network.negotiate-auth.trusted-uris', '.freeipa.org');" >> $file + echo "user_pref('network.negotiate-auth.using-native-gsslib', true);" >> $file +done |