def __mod_krb5_conf(self): """ Set dns_lookup_kdc to true and master_kdc in /etc/krb5.conf """ if not self.fqdn or not self.realm: self.print_msg("Cannot modify /etc/krb5.conf") krbconf = ( ipachangeconf.IPAChangeConf("IPA Installer")) krbconf.setOptionAssignment((" = ", " ")) krbconf.setSectionNameDelimiters(("[", "]")) krbconf.setSubSectionDelimiters(("{", "}")) krbconf.setIndent(("", " ", " ")) libopts = [{'name':'dns_lookup_kdc', 'type':'option', 'action':'set', 'value':'true'}] master_kdc = self.fqdn + ":88" kropts = [{'name':'master_kdc', 'type':'option', 'action':'set', 'value':master_kdc}] ropts = [{'name':self.realm, 'type':'subsection', 'action':'set', 'value':kropts}] opts = [{'name':'libdefaults', 'type':'section', 'action':'set', 'value':libopts}, {'name':'realms', 'type':'section', 'action':'set', 'value':ropts}] krbconf.changeConf(paths.KRB5_CONF, opts)
def configure_nfs(fstore, statestore, options): """ Configure secure NFS """ # Newer Fedora releases ship /etc/nfs.conf instead of /etc/sysconfig/nfs # and do not require changes there. On these, SECURE_NFS_VAR == None if constants.SECURE_NFS_VAR: replacevars = {constants.SECURE_NFS_VAR: 'yes'} ipautil.backup_config_and_replace_variables( fstore, paths.SYSCONFIG_NFS, replacevars=replacevars ) tasks.restore_context(paths.SYSCONFIG_NFS) print("Configured %s" % paths.SYSCONFIG_NFS) # Prepare the changes # We need to use IPAChangeConf as simple regexp substitution # does not cut it here conf = ipachangeconf.IPAChangeConf("IPA automount installer") conf.case_insensitive_sections = False conf.setOptionAssignment(" = ") conf.setSectionNameDelimiters(("[", "]")) if options.idmapdomain is None: # Set NFSv4 domain to the IPA domain changes = [conf.setOption('Domain', api.env.domain)] elif options.idmapdomain == 'DNS': # Rely on idmapd auto-detection (DNS) changes = [conf.rmOption('Domain')] else: # Set NFSv4 domain to what was provided changes = [conf.setOption('Domain', options.idmapdomain)] if changes is not None: section_with_changes = [conf.setSection('General', changes)] # Backup the file and apply the changes fstore.backup_file(paths.IDMAPD_CONF) conf.changeConf(paths.IDMAPD_CONF, section_with_changes) tasks.restore_context(paths.IDMAPD_CONF) print("Configured %s" % paths.IDMAPD_CONF) rpcgssd = services.knownservices.rpcgssd try: rpcgssd.restart() except Exception as e: logger.error("Failed to restart rpc-gssd (%s)", str(e)) nfsutils = services.knownservices['nfs-utils'] try: nfsutils.restart() except Exception as e: logger.error("Failed to restart nfs client services (%s)", str(e))