summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2015-03-26 15:36:02 -0400
committerPatrick Uiterwijk <puiterwijk@redhat.com>2015-03-27 19:47:11 +0100
commitdb41f6ea5ac2b4648350900791e32a83d0974e14 (patch)
tree8e30591cd3b20a6ff3f26cea8e8f739fcd3ab0ba
parent101022e3bf4dfe3f0c56ffb61abbf358a3b1ab26 (diff)
downloadipsilon-db41f6ea5ac2b4648350900791e32a83d0974e14.zip
ipsilon-db41f6ea5ac2b4648350900791e32a83d0974e14.tar.gz
ipsilon-db41f6ea5ac2b4648350900791e32a83d0974e14.tar.xz
Use all SSSD domains for info plugin by default.
Rather than requiring --info-sssd-domain as an argument make it an optional argument, defaulting to enabling all SSSD domains. Convert the argument from a single value into a list so that multiple invocations can be made and all domains in the list will be enabled. There is still the possibility that failures in configuring a domain will occur (no domain found, for example) and these are considered "soft" failures. That is it won't abort the server installation. https://fedorahosted.org/ipsilon/ticket/78 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
-rw-r--r--ipsilon/info/infosssd.py34
1 files changed, 23 insertions, 11 deletions
diff --git a/ipsilon/info/infosssd.py b/ipsilon/info/infosssd.py
index 18e0611..0dd78cc 100644
--- a/ipsilon/info/infosssd.py
+++ b/ipsilon/info/infosssd.py
@@ -109,7 +109,7 @@ class Installer(InfoProviderInstaller):
default='no',
help='Use mod_lookup_identity and SSSD to populate'
' user attrs')
- group.add_argument('--info-sssd-domain', action='store',
+ group.add_argument('--info-sssd-domain', action='append',
help='SSSD domain to enable mod_lookup_identity'
' for')
@@ -117,9 +117,7 @@ class Installer(InfoProviderInstaller):
if opts['info_sssd'] != 'yes':
return
- if not opts['info_sssd_domain']:
- print 'info-identity-domain is required'
- return False
+ configured = 0
confopts = {'instance': opts['instance']}
@@ -137,14 +135,29 @@ class Installer(InfoProviderInstaller):
print 'Loading SSSD config failed: %s' % e
return False
- try:
- domain = sssdconfig.get_domain(opts['info_sssd_domain'])
- except SSSDConfig.NoDomainError:
- print 'No domain %s' % opts['info_sssd_domain']
+ if not opts['info_sssd_domain']:
+ domains = sssdconfig.list_domains()
+ else:
+ domains = opts['info_sssd_domain']
+
+ for domain in domains:
+ try:
+ sssd_domain = sssdconfig.get_domain(domain)
+ except SSSDConfig.NoDomainError:
+ print 'No SSSD domain %s' % domain
+ continue
+ else:
+ sssd_domain.set_option(
+ 'ldap_user_extra_attrs', ', '.join(SSSD_ATTRS)
+ )
+ sssdconfig.save_domain(sssd_domain)
+ configured += 1
+ print "Configured SSSD domain %s" % domain
+
+ if configured == 0:
+ print 'No SSSD domains configured'
return False
- domain.set_option('ldap_user_extra_attrs', ', '.join(SSSD_ATTRS))
-
try:
sssdconfig.new_service('ifp')
except SSSDConfig.ServiceAlreadyExists:
@@ -157,7 +170,6 @@ class Installer(InfoProviderInstaller):
ifp.set_option('user_attributes', '+' + ', +'.join(SSSD_ATTRS))
sssdconfig.save_service(ifp)
- sssdconfig.save_domain(domain)
sssdconfig.write(SSSD_CONF)
# for selinux enabled platforms, ignore if it fails just report