|
 |
1756dc |
From 313ccd75397ae3a1801e1532f460519c657adae6 Mon Sep 17 00:00:00 2001
|
|
|
1756dc |
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
|
1756dc |
Date: Tue, 11 Sep 2018 11:03:36 +0200
|
|
|
1756dc |
Subject: [PATCH 07/16] compat: use current configuration unless other profile
|
|
|
1756dc |
is selected
|
|
|
1756dc |
|
|
|
1756dc |
This makes sure that 'authconfig --updateall' or 'authconfig --enablexyz --updateall'
|
|
|
1756dc |
will not override current authselect profile if /etc/authconfig/sysconfig does not
|
|
|
1756dc |
exist.
|
|
|
1756dc |
|
|
|
1756dc |
Resolves:
|
|
|
1756dc |
https://github.com/pbrezina/authselect/issues/82
|
|
|
1756dc |
---
|
|
|
1756dc |
src/compat/authcompat.py.in.in | 61 ++++++++++++++++++++++++++++------
|
|
|
1756dc |
1 file changed, 50 insertions(+), 11 deletions(-)
|
|
|
1756dc |
|
|
|
1756dc |
diff --git a/src/compat/authcompat.py.in.in b/src/compat/authcompat.py.in.in
|
|
|
1756dc |
index 4fa9a6afc1d62aa9dde41b525d473168e6dc2901..96b2c69ce2c10afe6b689a8c4b64aa1e83245b34 100755
|
|
|
1756dc |
--- a/src/compat/authcompat.py.in.in
|
|
|
1756dc |
+++ b/src/compat/authcompat.py.in.in
|
|
|
1756dc |
@@ -39,9 +39,11 @@ def eprint(*args, **kwargs):
|
|
|
1756dc |
class Command:
|
|
|
1756dc |
TEST = False
|
|
|
1756dc |
|
|
|
1756dc |
- def __init__(self, command, args, input=None):
|
|
|
1756dc |
+ def __init__(self, command, args, input=None, check=True):
|
|
|
1756dc |
self.args = [command] + args
|
|
|
1756dc |
self.input = input.encode() if input is not None else None
|
|
|
1756dc |
+ self.check = check
|
|
|
1756dc |
+ self.result = None
|
|
|
1756dc |
|
|
|
1756dc |
def run(self):
|
|
|
1756dc |
print(_("Executing: %s") % ' '.join(self.args))
|
|
|
1756dc |
@@ -49,10 +51,10 @@ class Command:
|
|
|
1756dc |
if self.TEST:
|
|
|
1756dc |
return
|
|
|
1756dc |
|
|
|
1756dc |
- subprocess.run(self.args, check=True,
|
|
|
1756dc |
- input=self.input,
|
|
|
1756dc |
- stdout=subprocess.PIPE,
|
|
|
1756dc |
- stderr=subprocess.PIPE)
|
|
|
1756dc |
+ self.result = subprocess.run(self.args, check=self.check,
|
|
|
1756dc |
+ input=self.input,
|
|
|
1756dc |
+ stdout=subprocess.PIPE,
|
|
|
1756dc |
+ stderr=subprocess.PIPE)
|
|
|
1756dc |
|
|
|
1756dc |
class Service:
|
|
|
1756dc |
def __init__(self, name):
|
|
|
1756dc |
@@ -506,24 +508,61 @@ class AuthCompat:
|
|
|
1756dc |
'winbindkrb5' : 'with-krb5'
|
|
|
1756dc |
}
|
|
|
1756dc |
|
|
|
1756dc |
- profile = "sssd"
|
|
|
1756dc |
- if self.options.getBool("nis"):
|
|
|
1756dc |
+ # Read current configuration first.
|
|
|
1756dc |
+ (profile, features) = self.getCurrentAuthselectConfig()
|
|
|
1756dc |
+
|
|
|
1756dc |
+ # Change profile if requested.
|
|
|
1756dc |
+ if (self.options.getBool("ldap") or self.options.getBool("ldapauth") or
|
|
|
1756dc |
+ self.options.getBool("sssd") or self.options.getBool("sssdauth")):
|
|
|
1756dc |
+ profile = "sssd"
|
|
|
1756dc |
+ elif self.options.getBool("nis"):
|
|
|
1756dc |
profile = "nis"
|
|
|
1756dc |
elif self.options.getBool("winbind"):
|
|
|
1756dc |
profile = "winbind"
|
|
|
1756dc |
|
|
|
1756dc |
+ # Default to sssd
|
|
|
1756dc |
+ if profile is None:
|
|
|
1756dc |
+ profile = "sssd"
|
|
|
1756dc |
+
|
|
|
1756dc |
+ # Add enabled and remove disabled features.
|
|
|
1756dc |
+ for option, feature in map.items():
|
|
|
1756dc |
+ if not self.options.isset(option):
|
|
|
1756dc |
+ continue
|
|
|
1756dc |
+
|
|
|
1756dc |
+ enabled = self.options.getBool(option)
|
|
|
1756dc |
+ if enabled:
|
|
|
1756dc |
+ features.append(feature)
|
|
|
1756dc |
+ else:
|
|
|
1756dc |
+ while feature in features:
|
|
|
1756dc |
+ features.remove(feature)
|
|
|
1756dc |
+
|
|
|
1756dc |
+ # Remove duplicates. The order is not kept but that does not matter.
|
|
|
1756dc |
+ features = list(set(features))
|
|
|
1756dc |
+
|
|
|
1756dc |
# Always run with --force. This is either first call of authconfig
|
|
|
1756dc |
# in installation script or it is run on already configured system.
|
|
|
1756dc |
# We want to use authselect in both cases anyway, since authconfig
|
|
|
1756dc |
# would change the configuration either way.
|
|
|
1756dc |
- args = ["select", profile, "--force"]
|
|
|
1756dc |
- for option, feature in map.items():
|
|
|
1756dc |
- if self.options.getBool(option):
|
|
|
1756dc |
- args.append(feature)
|
|
|
1756dc |
+ args = ["select", profile]
|
|
|
1756dc |
+ args.extend(features)
|
|
|
1756dc |
+ args.append("--force")
|
|
|
1756dc |
|
|
|
1756dc |
cmd = Command(Path.System('cmd-authselect'), args)
|
|
|
1756dc |
cmd.run()
|
|
|
1756dc |
|
|
|
1756dc |
+ def getCurrentAuthselectConfig(self):
|
|
|
1756dc |
+ cmd = Command(Path.System('cmd-authselect'), ['check'], check=False)
|
|
|
1756dc |
+ cmd.run()
|
|
|
1756dc |
+
|
|
|
1756dc |
+ if cmd.result.returncode != 0:
|
|
|
1756dc |
+ return (None, [])
|
|
|
1756dc |
+
|
|
|
1756dc |
+ cmd = Command(Path.System('cmd-authselect'), ['current', '--raw'])
|
|
|
1756dc |
+ cmd.run()
|
|
|
1756dc |
+
|
|
|
1756dc |
+ current = cmd.result.stdout.decode("utf-8").split()
|
|
|
1756dc |
+ return (current[0], current[1:])
|
|
|
1756dc |
+
|
|
|
1756dc |
def writeConfiguration(self):
|
|
|
1756dc |
configs = [
|
|
|
1756dc |
Configuration.LDAP(self.options),
|
|
|
1756dc |
--
|
|
|
1756dc |
2.17.1
|
|
|
1756dc |
|