def init_file(self, file):
"""Initializes the authentication scheme with a flat file.
- If the file has mode 400 or 600, it is allowed to contain cleartext
passwords.
- Otherwise it must contain encrypted passwords only.
May raise ValueError if file does not exist.
"""
if file is None:
file = self.__defaultauthfile
self.debug("Setting up file authentication with file '%s'" % file)
if not Util.CanRead(file, raiseError=0):
raise ValueError, "File '%s' does not exist" % file
self.__authtype = "file"
self.__authfile = file
self.__authfile_allows_cleartext = Util.getfilemode(file) in (400, 600)
self.__authdict = None
self.__authdictupdate = None
self.__update_authdict()
def __init__(self, authtype=None, autharg=None, \
configdir = None, \
vuser = None, vlookupscript = None, \
ipauthmapfile = None, localip = "127.0.0.1",
debugObject = Util.DevnullOutput() ):
"""Setup initial values.
Optional: authtype and autharg initialize the authentication mechanism
configdir to set an alternate directory to /home/user
(tmda dir will be configdir/.tmda/ )
vlookupscript and vuser for virtual users
debugObject to begin debugging immediately
"""
Util.Debugable.__init__(self, debugObject)
# Internal vars
self.__version__ = Version.TMDA
self.__program = sys.argv[0]
self.__authprog = None
self.__authdict = None
self.__authdictupdate = None
self.__authremote = {
'proto': None,
'host': 'localhost',
'port': None,
'dn': '',
'enable': 0,
}
self.__defaultauthports = {
'imap': 143,
'imaps': 993,
'apop': 110,
'pop3': 110,
'ldap': 389,
#'pop3s': 995,
}
self.__ownerID = os.getuid()
if self.__ownerID == 0:
self.running_as_root = 1
else:
self.running_as_root = 0
# Default values
self.__default_auth_filename = "tmdauth"
self.__default_owner_username = "******"
self.__default_tmda_dir = ".tmda"
self.__system_tmda_path = "/etc"
self.__owner_tmda_path = self.__system_tmda_path
self.__owner_username = None
if self.running_as_root:
self.__owner_username = self.__default_owner_username
elif os.environ.has_key("HOME"):
self.__owner_tmda_path = os.path.join(os.path.expanduser('~'), \
self.__default_tmda_dir)
self.__defaultauthfile = os.path.join(self.__owner_tmda_path, \
self.__default_auth_filename)
self.__defaultipauth = os.path.join(self.__owner_tmda_path,
'ipauthmap')
if self.__owner_tmda_path != "/etc":
if not Util.CanRead(self.__defaultauthfile, raiseError=0):
self.__defaultauthfile = os.path.join(self.__system_tmda_path, \
'tmdauth')
if not Util.CanRead(self.__defaultipauth, raiseError=0):
self.__defaultipauth = os.path.join(self.__system_tmda_path, \
'ipauthmap')
# external vars
self.allowed_authtypes = ('file', 'checkpw', 'remote')
self.allowed_protocols = self.__defaultauthports.keys()
# Initialize the authtype if possible
if authtype is None:
try:
self.init_auth_method('file', self.__defaultauthfile)
except ValueError:
self.__authtype = "Undefined"
else:
self.init_auth_method(authtype, autharg)
# Set up the ipauthmapfile
if ipauthmapfile is not None:
self.__ipauthmapfile = ipauthmapfile
else:
self.__ipauthmapfile = self.__defaultipauth
self.__localip = localip
# Initialize virtual users if necessary
self.__use_confdir = 0
self.__use_vhome = 0
if vlookupscript is not None:
self.setup_vuser(vlookupscript, vdomainfile)
elif configdir is not None:
self.setup_configdir(configdir)