From db41f6ea5ac2b4648350900791e32a83d0974e14 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 26 Mar 2015 15:36:02 -0400
Subject: Use all SSSD domains for info plugin by default.

Rather than requiring --info-sssd-domain as an argument make it
an optional argument, defaulting to enabling all SSSD domains.

Convert the argument from a single value into a list so that multiple
invocations can be made and all domains in the list will be enabled.

There is still the possibility that failures in configuring a domain
will occur (no domain found, for example) and these are considered
"soft" failures. That is it won't abort the server installation.

https://fedorahosted.org/ipsilon/ticket/78

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 ipsilon/info/infosssd.py | 34 +++++++++++++++++++++++-----------
 1 file changed, 23 insertions(+), 11 deletions(-)

diff --git a/ipsilon/info/infosssd.py b/ipsilon/info/infosssd.py
index 18e0611..0dd78cc 100644
--- a/ipsilon/info/infosssd.py
+++ b/ipsilon/info/infosssd.py
@@ -109,7 +109,7 @@ class Installer(InfoProviderInstaller):
                            default='no',
                            help='Use mod_lookup_identity and SSSD to populate'
                                 ' user attrs')
-        group.add_argument('--info-sssd-domain', action='store',
+        group.add_argument('--info-sssd-domain', action='append',
                            help='SSSD domain to enable mod_lookup_identity'
                                 ' for')
 
@@ -117,9 +117,7 @@ class Installer(InfoProviderInstaller):
         if opts['info_sssd'] != 'yes':
             return
 
-        if not opts['info_sssd_domain']:
-            print 'info-identity-domain is required'
-            return False
+        configured = 0
 
         confopts = {'instance': opts['instance']}
 
@@ -137,14 +135,29 @@ class Installer(InfoProviderInstaller):
             print 'Loading SSSD config failed: %s' % e
             return False
 
-        try:
-            domain = sssdconfig.get_domain(opts['info_sssd_domain'])
-        except SSSDConfig.NoDomainError:
-            print 'No domain %s' % opts['info_sssd_domain']
+        if not opts['info_sssd_domain']:
+            domains = sssdconfig.list_domains()
+        else:
+            domains = opts['info_sssd_domain']
+
+        for domain in domains:
+            try:
+                sssd_domain = sssdconfig.get_domain(domain)
+            except SSSDConfig.NoDomainError:
+                print 'No SSSD domain %s' % domain
+                continue
+            else:
+                sssd_domain.set_option(
+                    'ldap_user_extra_attrs', ', '.join(SSSD_ATTRS)
+                )
+                sssdconfig.save_domain(sssd_domain)
+                configured += 1
+                print "Configured SSSD domain %s" % domain
+
+        if configured == 0:
+            print 'No SSSD domains configured'
             return False
 
-        domain.set_option('ldap_user_extra_attrs', ', '.join(SSSD_ATTRS))
-
         try:
             sssdconfig.new_service('ifp')
         except SSSDConfig.ServiceAlreadyExists:
@@ -157,7 +170,6 @@ class Installer(InfoProviderInstaller):
         ifp.set_option('user_attributes', '+' + ', +'.join(SSSD_ATTRS))
 
         sssdconfig.save_service(ifp)
-        sssdconfig.save_domain(domain)
         sssdconfig.write(SSSD_CONF)
 
         # for selinux enabled platforms, ignore if it fails just report
-- 
cgit