def enable_ldap_automount(self, statestore): """ Point automount to ldap in nsswitch.conf. This function is for non-SSSD setups only. """ conf = IPAChangeConf("IPA Installer") conf.setOptionAssignment(':') with open(paths.NSSWITCH_CONF, 'r') as f: current_opts = conf.parse(f) current_nss_value = conf.findOpts(current_opts, name='automount', type='option')[1] if current_nss_value is None: # no automount database present current_nss_value = False # None cannot be backed up else: current_nss_value = current_nss_value['value'] statestore.backup_state('ipa-client-automount-nsswitch', 'previous-automount', current_nss_value) nss_value = ' files ldap' opts = [ { 'name': 'automount', 'type': 'option', 'action': 'set', 'value': nss_value, }, { 'name': 'empty', 'type': 'empty' }, ] conf.changeConf(paths.NSSWITCH_CONF, opts) logger.info("Configured %s", paths.NSSWITCH_CONF)
def configure_nsswitch_database(self, fstore, database, services, preserve=True, append=True, default_value=()): """ Edits the specified nsswitch.conf database (e.g. passwd, group, sudoers) to use the specified service(s). Arguments: fstore - FileStore to backup the nsswitch.conf database - database configuration that should be ammended, e.g. 'sudoers' service - list of services that should be added, e.g. ['sss'] preserve - if True, the already configured services will be preserved The next arguments modify the behaviour if preserve=True: append - if True, the services will be appended, if False, prepended default_value - list of services that are considered as default (if the database is not mentioned in nsswitch.conf), e.g. ['files'] """ # Backup the original version of nsswitch.conf, we're going to edit it # now if not fstore.has_file(paths.NSSWITCH_CONF): fstore.backup_file(paths.NSSWITCH_CONF) conf = IPAChangeConf("IPA Installer") conf.setOptionAssignment(':') if preserve: # Read the existing configuration with open(paths.NSSWITCH_CONF, 'r') as f: opts = conf.parse(f) raw_database_entry = conf.findOpts(opts, 'option', database)[1] # Detect the list of already configured services if not raw_database_entry: # If there is no database entry, database is not present in # the nsswitch.conf. Set the list of services to the # default list, if passed. configured_services = list(default_value) else: configured_services = raw_database_entry['value'].strip( ).split() # Make sure no service is added if already mentioned in the list added_services = [ s for s in services if s not in configured_services ] # Prepend / append the list of new services if append: new_value = ' ' + ' '.join(configured_services + added_services) else: new_value = ' ' + ' '.join(added_services + configured_services) else: # Preserve not set, let's rewrite existing configuration new_value = ' ' + ' '.join(services) # Set new services as sources for database opts = [ conf.setOption(database, new_value), conf.emptyLine(), ] conf.changeConf(paths.NSSWITCH_CONF, opts) logger.info("Configured %s in %s", database, paths.NSSWITCH_CONF)