websms/freeipa
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Imported Debian patch 4.0.5-6~numeezy

Browse Source
This commit is contained in:
Alexandre Ellert
2016-02-17 15:07:45 +01:00
committed by Mario Fetka
parent c44de33144
commit 10dfc9587b
1203 changed files with 53869 additions and 241462 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
ipaserver/advise/plugins/legacy_clients.py
View File

@@ -19,12 +19,9 @@
import os
from ipalib import api
from ipalib.plugable import Registry
from ipaserver.advise.base import Advice
from ipalib.frontend import Advice
from ipapython.ipautil import template_file, SHARE_DIR
register = Registry()
class config_base_legacy_client(Advice):
def get_uri_and_base(self):
@@ -51,13 +48,13 @@ class config_base_legacy_client(Advice):
'cacertdir_rehash?format=txt')
self.log.comment('Download the CA certificate of the IPA server')
self.log.command('mkdir -p -m 755 /etc/openldap/cacerts')
self.log.command('curl http://%s/ipa/config/ca.crt -o '
self.log.command('wget http://%s/ipa/config/ca.crt -O '
'/etc/openldap/cacerts/ipa.crt\n' % api.env.host)
self.log.comment('Generate hashes for the openldap library')
self.log.command('command -v cacertdir_rehash')
self.log.command('if [ $? -ne 0 ] ; then')
self.log.command(' curl "%s" -o cacertdir_rehash ;' % cacertdir_rehash)
self.log.command(' wget "%s" -O cacertdir_rehash ;' % cacertdir_rehash)
self.log.command(' chmod 755 ./cacertdir_rehash ;')
self.log.command(' ./cacertdir_rehash /etc/openldap/cacerts/ ;')
self.log.command('else')
@@ -83,7 +80,6 @@ class config_base_legacy_client(Advice):
self.log.command('service sssd start')
@register()
class config_redhat_sssd_before_1_9(config_base_legacy_client):
"""
Legacy client configuration for Red Hat based systems, using SSSD.
@@ -98,7 +94,7 @@ class config_redhat_sssd_before_1_9(config_base_legacy_client):
self.check_compat_plugin()
self.log.comment('Install required packages via yum')
self.log.command('yum install -y sssd authconfig curl openssl\n')
self.log.command('yum install -y sssd authconfig wget openssl\n')
self.configure_ca_cert()
@@ -117,7 +113,9 @@ class config_redhat_sssd_before_1_9(config_base_legacy_client):
super(config_redhat_sssd_before_1_9, self).configure_ca_cert()
@register()
api.register(config_redhat_sssd_before_1_9)
class config_generic_linux_sssd_before_1_9(config_base_legacy_client):
"""
Legacy client configuration for non Red Hat based linux systems,
@@ -140,7 +138,7 @@ class config_generic_linux_sssd_before_1_9(config_base_legacy_client):
self.log.comment('Install required packages using your system\'s '
'package manager. E.g:')
self.log.command('apt-get -y install sssd curl openssl\n')
self.log.command('apt-get -y install sssd wget openssl\n')
self.configure_ca_cert()
@@ -172,7 +170,9 @@ class config_generic_linux_sssd_before_1_9(config_base_legacy_client):
'/etc/ldap/ldap.conf\n')
@register()
api.register(config_generic_linux_sssd_before_1_9)
class config_redhat_nss_pam_ldapd(config_base_legacy_client):
"""
Legacy client configuration for Red Hat based systems,
@@ -188,14 +188,14 @@ class config_redhat_nss_pam_ldapd(config_base_legacy_client):
self.check_compat_plugin()
self.log.comment('Install required packages via yum')
self.log.command('yum install -y curl openssl nss-pam-ldapd pam_ldap '
self.log.command('yum install -y wget openssl nss-pam-ldapd pam_ldap '
'authconfig\n')
self.configure_ca_cert()
self.log.comment('Use the authconfig to configure nsswitch.conf '
'and the PAM stack')
self.log.command('authconfig --updateall --enableldap --enableldaptls '
self.log.command('authconfig --updateall --enableldap '
'--enableldapauth --ldapserver=%s --ldapbasedn=%s\n'
% (uri, base))
@@ -207,7 +207,9 @@ class config_redhat_nss_pam_ldapd(config_base_legacy_client):
super(config_redhat_nss_pam_ldapd, self).configure_ca_cert()
@register()
api.register(config_redhat_nss_pam_ldapd)
class config_generic_linux_nss_pam_ldapd(config_base_legacy_client):
"""
Legacy client configuration for non Red Hat based linux systems,
@@ -232,7 +234,7 @@ class config_generic_linux_nss_pam_ldapd(config_base_legacy_client):
self.log.comment('Install required packages using your system\'s '
'package manager. E.g:')
self.log.command('apt-get -y install curl openssl libnss-ldapd '
self.log.command('apt-get -y install wget openssl libnss-ldapd '
'libpam-ldapd nslcd\n')
self.configure_ca_cert()
@@ -274,7 +276,9 @@ class config_generic_linux_nss_pam_ldapd(config_base_legacy_client):
'/etc/ldap/ldap.conf\n')
@register()
api.register(config_generic_linux_nss_pam_ldapd)
class config_freebsd_nss_pam_ldapd(config_base_legacy_client):
"""
Legacy client configuration for FreeBSD, using nss-pam-ldapd.
@@ -339,8 +343,9 @@ class config_freebsd_nss_pam_ldapd(config_base_legacy_client):
self.log.command('curl -k https://%s/ipa/config/ca.crt > '
'%s' % (api.env.host, cacrt))
api.register(config_freebsd_nss_pam_ldapd)
@register()
class config_redhat_nss_ldap(config_base_legacy_client):
"""
Legacy client configuration for Red Hat based systems,
@@ -356,14 +361,14 @@ class config_redhat_nss_ldap(config_base_legacy_client):
self.check_compat_plugin()
self.log.comment('Install required packages via yum')
self.log.command('yum install -y curl openssl nss_ldap '
self.log.command('yum install -y wget openssl nss_ldap '
'authconfig\n')
self.configure_ca_cert()
self.log.comment('Use the authconfig to configure nsswitch.conf '
'and the PAM stack')
self.log.command('authconfig --updateall --enableldap --enableldaptls '
self.log.command('authconfig --updateall --enableldap '
'--enableldapauth --ldapserver=%s --ldapbasedn=%s\n'
% (uri, base))
@@ -373,3 +378,5 @@ class config_redhat_nss_ldap(config_base_legacy_client):
'Therefore, clients older than RHEL5.2 will not be '
'able to interoperate with IPA server 3.x.')
super(config_redhat_nss_ldap, self).configure_ca_cert()
api.register(config_redhat_nss_ldap)