120 lines
4.2 KiB
Diff
120 lines
4.2 KiB
Diff
From 313ccd75397ae3a1801e1532f460519c657adae6 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
Date: Tue, 11 Sep 2018 11:03:36 +0200
|
|
Subject: [PATCH 07/16] compat: use current configuration unless other profile
|
|
is selected
|
|
|
|
This makes sure that 'authconfig --updateall' or 'authconfig --enablexyz --updateall'
|
|
will not override current authselect profile if /etc/authconfig/sysconfig does not
|
|
exist.
|
|
|
|
Resolves:
|
|
https://github.com/pbrezina/authselect/issues/82
|
|
---
|
|
src/compat/authcompat.py.in.in | 61 ++++++++++++++++++++++++++++------
|
|
1 file changed, 50 insertions(+), 11 deletions(-)
|
|
|
|
diff --git a/src/compat/authcompat.py.in.in b/src/compat/authcompat.py.in.in
|
|
index 4fa9a6afc1d62aa9dde41b525d473168e6dc2901..96b2c69ce2c10afe6b689a8c4b64aa1e83245b34 100755
|
|
--- a/src/compat/authcompat.py.in.in
|
|
+++ b/src/compat/authcompat.py.in.in
|
|
@@ -39,9 +39,11 @@ def eprint(*args, **kwargs):
|
|
class Command:
|
|
TEST = False
|
|
|
|
- def __init__(self, command, args, input=None):
|
|
+ def __init__(self, command, args, input=None, check=True):
|
|
self.args = [command] + args
|
|
self.input = input.encode() if input is not None else None
|
|
+ self.check = check
|
|
+ self.result = None
|
|
|
|
def run(self):
|
|
print(_("Executing: %s") % ' '.join(self.args))
|
|
@@ -49,10 +51,10 @@ class Command:
|
|
if self.TEST:
|
|
return
|
|
|
|
- subprocess.run(self.args, check=True,
|
|
- input=self.input,
|
|
- stdout=subprocess.PIPE,
|
|
- stderr=subprocess.PIPE)
|
|
+ self.result = subprocess.run(self.args, check=self.check,
|
|
+ input=self.input,
|
|
+ stdout=subprocess.PIPE,
|
|
+ stderr=subprocess.PIPE)
|
|
|
|
class Service:
|
|
def __init__(self, name):
|
|
@@ -506,24 +508,61 @@ class AuthCompat:
|
|
'winbindkrb5' : 'with-krb5'
|
|
}
|
|
|
|
- profile = "sssd"
|
|
- if self.options.getBool("nis"):
|
|
+ # Read current configuration first.
|
|
+ (profile, features) = self.getCurrentAuthselectConfig()
|
|
+
|
|
+ # Change profile if requested.
|
|
+ if (self.options.getBool("ldap") or self.options.getBool("ldapauth") or
|
|
+ self.options.getBool("sssd") or self.options.getBool("sssdauth")):
|
|
+ profile = "sssd"
|
|
+ elif self.options.getBool("nis"):
|
|
profile = "nis"
|
|
elif self.options.getBool("winbind"):
|
|
profile = "winbind"
|
|
|
|
+ # Default to sssd
|
|
+ if profile is None:
|
|
+ profile = "sssd"
|
|
+
|
|
+ # Add enabled and remove disabled features.
|
|
+ for option, feature in map.items():
|
|
+ if not self.options.isset(option):
|
|
+ continue
|
|
+
|
|
+ enabled = self.options.getBool(option)
|
|
+ if enabled:
|
|
+ features.append(feature)
|
|
+ else:
|
|
+ while feature in features:
|
|
+ features.remove(feature)
|
|
+
|
|
+ # Remove duplicates. The order is not kept but that does not matter.
|
|
+ features = list(set(features))
|
|
+
|
|
# Always run with --force. This is either first call of authconfig
|
|
# in installation script or it is run on already configured system.
|
|
# We want to use authselect in both cases anyway, since authconfig
|
|
# would change the configuration either way.
|
|
- args = ["select", profile, "--force"]
|
|
- for option, feature in map.items():
|
|
- if self.options.getBool(option):
|
|
- args.append(feature)
|
|
+ args = ["select", profile]
|
|
+ args.extend(features)
|
|
+ args.append("--force")
|
|
|
|
cmd = Command(Path.System('cmd-authselect'), args)
|
|
cmd.run()
|
|
|
|
+ def getCurrentAuthselectConfig(self):
|
|
+ cmd = Command(Path.System('cmd-authselect'), ['check'], check=False)
|
|
+ cmd.run()
|
|
+
|
|
+ if cmd.result.returncode != 0:
|
|
+ return (None, [])
|
|
+
|
|
+ cmd = Command(Path.System('cmd-authselect'), ['current', '--raw'])
|
|
+ cmd.run()
|
|
+
|
|
+ current = cmd.result.stdout.decode("utf-8").split()
|
|
+ return (current[0], current[1:])
|
|
+
|
|
def writeConfiguration(self):
|
|
configs = [
|
|
Configuration.LDAP(self.options),
|
|
--
|
|
2.17.1
|
|
|