mirror of
https://github.com/Pardus-LiderAhenk/ahenk
synced 2024-11-22 08:32:16 +03:00
Syncing /usr/share/ahenk to src and recreating ahenk.install
This commit is contained in:
Tuncay ÇOLAK
parent
5a0bc411c4
commit
e01727a215
6 changed files with 178 additions and 79 deletions
1
debian/ahenk.install
vendored
1
debian/ahenk.install
vendored
|
|
@ -70,6 +70,7 @@ usr/share/ahenk/base/registration/execute_sssd_authentication.py
|
||||||
usr/share/ahenk/base/registration/scripts/ldap-login.sh
|
usr/share/ahenk/base/registration/scripts/ldap-login.sh
|
||||||
usr/share/ahenk/base/registration/scripts/ad.sh
|
usr/share/ahenk/base/registration/scripts/ad.sh
|
||||||
usr/share/ahenk/base/registration/scripts
|
usr/share/ahenk/base/registration/scripts
|
||||||
|
usr/share/ahenk/base/registration/config-files/sssd_ad_dns.conf
|
||||||
usr/share/ahenk/base/registration/config-files/pam_script
|
usr/share/ahenk/base/registration/config-files/pam_script
|
||||||
usr/share/ahenk/base/registration/config-files/ldap
|
usr/share/ahenk/base/registration/config-files/ldap
|
||||||
usr/share/ahenk/base/registration/config-files/krb5_ad.conf
|
usr/share/ahenk/base/registration/config-files/krb5_ad.conf
|
||||||
|
|
|
||||||
|
|
@ -26,11 +26,3 @@ access_provider = ad
|
||||||
ad_gpo_access_control = permissive
|
ad_gpo_access_control = permissive
|
||||||
ad_gpo_ignore_unreadable = true
|
ad_gpo_ignore_unreadable = true
|
||||||
enumerate = true
|
enumerate = true
|
||||||
auth_provider = ad
|
|
||||||
chpass_provider = ad
|
|
||||||
dyndns_update = true
|
|
||||||
dyndns_update_ptr = false
|
|
||||||
###ad_hostname###
|
|
||||||
ldap_schema = ad
|
|
||||||
ldap_sasl_mech = gssapi
|
|
||||||
ldap_krb5_init_creds = true
|
|
||||||
|
|
@ -0,0 +1,36 @@
|
||||||
|
[nss]
|
||||||
|
filter_groups = root,adm
|
||||||
|
filter_users = root,adm
|
||||||
|
reconnection_retries = 3
|
||||||
|
|
||||||
|
[pam]
|
||||||
|
reconnection_retries = 3
|
||||||
|
|
||||||
|
[sssd]
|
||||||
|
###domains###
|
||||||
|
config_file_version = 2
|
||||||
|
services = nss, pam
|
||||||
|
|
||||||
|
###[domain/###
|
||||||
|
###ad_domain###
|
||||||
|
###krb5_realm###
|
||||||
|
realmd_tags = manages-system joined-with-adcli
|
||||||
|
cache_credentials = True
|
||||||
|
id_provider = ad
|
||||||
|
krb5_store_password_if_offline = True
|
||||||
|
default_shell = /bin/bash
|
||||||
|
ldap_id_mapping = True
|
||||||
|
use_fully_qualified_names = False
|
||||||
|
fallback_homedir = /home/%u
|
||||||
|
access_provider = ad
|
||||||
|
ad_gpo_access_control = permissive
|
||||||
|
ad_gpo_ignore_unreadable = true
|
||||||
|
enumerate = true
|
||||||
|
auth_provider = ad
|
||||||
|
chpass_provider = ad
|
||||||
|
dyndns_update = true
|
||||||
|
dyndns_update_ptr = false
|
||||||
|
###ad_hostname###
|
||||||
|
ldap_schema = ad
|
||||||
|
ldap_sasl_mech = gssapi
|
||||||
|
ldap_krb5_init_creds = true
|
||||||
|
|
@ -7,6 +7,7 @@ from base.util.util import Util
|
||||||
from base.system.system import System
|
from base.system.system import System
|
||||||
import re
|
import re
|
||||||
|
|
||||||
|
|
||||||
class ExecuteCancelSSSDAdAuthentication:
|
class ExecuteCancelSSSDAdAuthentication:
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
scope = Scope().get_instance()
|
scope = Scope().get_instance()
|
||||||
|
|
@ -21,12 +22,22 @@ class ExecuteCancelSSSDAdAuthentication:
|
||||||
# Read information about AD
|
# Read information about AD
|
||||||
if self.util.is_exist(self.ad_info_path):
|
if self.util.is_exist(self.ad_info_path):
|
||||||
file_data = self.util.read_file_by_line(self.ad_info_path)
|
file_data = self.util.read_file_by_line(self.ad_info_path)
|
||||||
self.ip_address = file_data[0].strip("\n")
|
self.ip_list = file_data[0].strip("\n").replace("[", "").replace("]", "")
|
||||||
self.host_name = file_data[1].strip("\n")
|
self.host_list = file_data[1].strip("\n").replace("[", "").replace("]", "")
|
||||||
self.domain_name = file_data[2].strip("\n")
|
self.domain_name = file_data[2].strip("\n")
|
||||||
|
|
||||||
|
self.ip_address = self.ip_list.split(", ")
|
||||||
|
self.host_name = self.host_list.split(", ")
|
||||||
|
|
||||||
|
self.ip_address[0] = self.ip_address[0].replace("'", "")
|
||||||
|
self.host_name[0] = self.host_name[0].replace("'", "")
|
||||||
|
|
||||||
self.logger.info(self.ip_address)
|
self.logger.info(self.ip_address)
|
||||||
self.logger.info(self.host_name)
|
self.logger.info(self.host_name)
|
||||||
self.logger.info(self.domain_name)
|
self.logger.info(self.domain_name)
|
||||||
|
self.logger.info(self.ip_list)
|
||||||
|
self.logger.info(self.host_list)
|
||||||
|
|
||||||
self.logger.info("Information read successfully from ad_info.")
|
self.logger.info("Information read successfully from ad_info.")
|
||||||
else:
|
else:
|
||||||
self.logger.error("ad_info file not found")
|
self.logger.error("ad_info file not found")
|
||||||
|
|
@ -43,8 +54,8 @@ class ExecuteCancelSSSDAdAuthentication:
|
||||||
file_dhclient = open(dhclient_conf_path, 'r')
|
file_dhclient = open(dhclient_conf_path, 'r')
|
||||||
file_data = file_dhclient.read()
|
file_data = file_dhclient.read()
|
||||||
|
|
||||||
if "prepend domain-name-servers {};".format(self.ip_address) in file_data:
|
if "prepend domain-name-servers {};".format(self.ip_address[0]) in file_data:
|
||||||
file_data = file_data.replace(("prepend domain-name-servers {};".format(self.ip_address)),
|
file_data = file_data.replace(("prepend domain-name-servers {};".format(self.ip_address[0])),
|
||||||
"#prepend domain-name-servers 127.0.0.1;")
|
"#prepend domain-name-servers 127.0.0.1;")
|
||||||
self.logger.info("dhclient is reconfigured")
|
self.logger.info("dhclient is reconfigured")
|
||||||
else:
|
else:
|
||||||
|
|
@ -60,17 +71,11 @@ class ExecuteCancelSSSDAdAuthentication:
|
||||||
file_hosts = open(hosts_conf_path, 'r')
|
file_hosts = open(hosts_conf_path, 'r')
|
||||||
file_data = file_hosts.read()
|
file_data = file_hosts.read()
|
||||||
|
|
||||||
if ("{0} {1}".format(self.ip_address, self.domain_name)) in file_data:
|
for ip, host in zip(self.ip_address, self.host_name):
|
||||||
file_data = file_data.replace(("{0} {1}".format(self.ip_address, self.domain_name)), " ")
|
ip = ip.replace("'", "")
|
||||||
self.logger.info("hosts is deleted")
|
host = host.replace("'", "")
|
||||||
else:
|
if ("{0} {1} {2}".format(ip, host, self.domain_name)) in file_data:
|
||||||
self.logger.error("hosts domain is not deleted")
|
file_data = file_data.replace(("{0} {1} {2}".format(ip, host, self.domain_name)), " ")
|
||||||
|
|
||||||
if ("{0} {1}".format(self.ip_address, self.host_name)) in file_data:
|
|
||||||
file_data = file_data.replace(("{0} {1}".format(self.ip_address, self.host_name)), " ")
|
|
||||||
self.logger.info("hosts is deleted")
|
|
||||||
else:
|
|
||||||
self.logger.error("hosts hostname is not deleted")
|
|
||||||
|
|
||||||
file_hosts.close()
|
file_hosts.close()
|
||||||
file_hosts = open(hosts_conf_path, 'w')
|
file_hosts = open(hosts_conf_path, 'w')
|
||||||
|
|
@ -98,8 +103,8 @@ class ExecuteCancelSSSDAdAuthentication:
|
||||||
file_resolv = open(resolv_conf_path, 'r')
|
file_resolv = open(resolv_conf_path, 'r')
|
||||||
file_data = file_resolv.read()
|
file_data = file_resolv.read()
|
||||||
|
|
||||||
if ("nameserver {0}".format(self.ip_address)) in file_data:
|
if ("nameserver {0}".format(self.ip_address[0])) in file_data:
|
||||||
file_data = file_data.replace(("nameserver {0}".format(self.ip_address)), "")
|
file_data = file_data.replace(("nameserver {0}".format(self.ip_address[0])), "")
|
||||||
self.logger.info("resolv.conf is configured")
|
self.logger.info("resolv.conf is configured")
|
||||||
else:
|
else:
|
||||||
self.logger.error("resolv is not configured")
|
self.logger.error("resolv is not configured")
|
||||||
|
|
@ -116,7 +121,6 @@ class ExecuteCancelSSSDAdAuthentication:
|
||||||
else:
|
else:
|
||||||
self.logger.error("ad_info file not found")
|
self.logger.error("ad_info file not found")
|
||||||
|
|
||||||
|
|
||||||
self.logger.info("AD Login iptal etme işlemi başarı ile sağlandı.")
|
self.logger.info("AD Login iptal etme işlemi başarı ile sağlandı.")
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,7 @@ from base.util.util import Util
|
||||||
from base.system.system import System
|
from base.system.system import System
|
||||||
import time
|
import time
|
||||||
|
|
||||||
|
|
||||||
class ExecuteSSSDAdAuthentication:
|
class ExecuteSSSDAdAuthentication:
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
scope = Scope().get_instance()
|
scope = Scope().get_instance()
|
||||||
|
|
@ -14,8 +15,9 @@ class ExecuteSSSDAdAuthentication:
|
||||||
self.util = Util()
|
self.util = Util()
|
||||||
self.system = System()
|
self.system = System()
|
||||||
|
|
||||||
def authenticate(self, domain_name, host_name, ip_address, password, ad_username):
|
def authenticate(self, domain_name, host_name, ip_address, password, ad_username, dynamic_dns_update):
|
||||||
try:
|
try:
|
||||||
|
|
||||||
# Installation of required packages
|
# Installation of required packages
|
||||||
(result_code, p_out, p_err) = self.util.execute(
|
(result_code, p_out, p_err) = self.util.execute(
|
||||||
"sudo apt-get -y install realmd")
|
"sudo apt-get -y install realmd")
|
||||||
|
|
@ -24,6 +26,15 @@ class ExecuteSSSDAdAuthentication:
|
||||||
else:
|
else:
|
||||||
self.logger.error("İndirmeler Başarısız : " + str(p_err))
|
self.logger.error("İndirmeler Başarısız : " + str(p_err))
|
||||||
|
|
||||||
|
# Split datas that Lider send
|
||||||
|
self.logger.info(host_name)
|
||||||
|
self.logger.info(ip_address)
|
||||||
|
|
||||||
|
ip_address_split = ip_address.split(",")
|
||||||
|
host_name_split = host_name.split(",")
|
||||||
|
ip_address = ip_address_split[0]
|
||||||
|
host_name = host_name_split[0]
|
||||||
|
|
||||||
# Execute the commands that require for leave
|
# Execute the commands that require for leave
|
||||||
(result_code, p_out, p_err) = self.util.execute("realm leave")
|
(result_code, p_out, p_err) = self.util.execute("realm leave")
|
||||||
if (result_code == 0):
|
if (result_code == 0):
|
||||||
|
|
@ -40,8 +51,10 @@ class ExecuteSSSDAdAuthentication:
|
||||||
file_default_ad_info = open(default_ad_info_path, 'r')
|
file_default_ad_info = open(default_ad_info_path, 'r')
|
||||||
file_data = file_default_ad_info.read()
|
file_data = file_default_ad_info.read()
|
||||||
|
|
||||||
file_data = file_data + ("{}".format(ip_address)) + "\n" + ("{}".format(host_name)) + "\n" + (
|
file_data = file_data + ("{}".format(ip_address_split)) + "\n" + (
|
||||||
"{}".format(domain_name)) + "\n" + ("{}".format(ad_username))
|
"{}".format(host_name_split)) + "\n" + (
|
||||||
|
"{}".format(domain_name)) + "\n" + ("{}".format(ad_username))
|
||||||
|
|
||||||
self.logger.info("/etc/ahenk/ad_info bilgiler girildi.")
|
self.logger.info("/etc/ahenk/ad_info bilgiler girildi.")
|
||||||
file_default_ad_info.close()
|
file_default_ad_info.close()
|
||||||
file_default_ad_info = open(default_ad_info_path, 'w')
|
file_default_ad_info = open(default_ad_info_path, 'w')
|
||||||
|
|
@ -101,17 +114,8 @@ class ExecuteSSSDAdAuthentication:
|
||||||
file_default_hosts = open(host_path, 'r')
|
file_default_hosts = open(host_path, 'r')
|
||||||
file_data = file_default_hosts.read()
|
file_data = file_default_hosts.read()
|
||||||
|
|
||||||
if ("{0} {1}".format(ip_address, host_name)) not in file_data:
|
for ips, hostnames in zip(ip_address_split, host_name_split):
|
||||||
file_data = file_data + "\n" + ("{0} {1}".format(ip_address, host_name))
|
file_data = file_data + "\n" + ips + " " + hostnames + " " + domain_name
|
||||||
self.logger.info("/etc/hosts is configured for hostname")
|
|
||||||
else:
|
|
||||||
self.logger.info("/etc/hosts is NOT configured for hostname")
|
|
||||||
|
|
||||||
if ("{0} {1}".format(ip_address, domain_name)) not in file_data:
|
|
||||||
file_data = file_data + "\n" + ("{0} {1}".format(ip_address, domain_name))
|
|
||||||
self.logger.info("/etc/hosts is configured for domainname")
|
|
||||||
else:
|
|
||||||
self.logger.info("/etc/hosts is NOT configured for domainname")
|
|
||||||
|
|
||||||
file_default_hosts.close()
|
file_default_hosts.close()
|
||||||
file_default_hosts = open(host_path, 'w')
|
file_default_hosts = open(host_path, 'w')
|
||||||
|
|
@ -119,15 +123,18 @@ class ExecuteSSSDAdAuthentication:
|
||||||
file_default_hosts.close()
|
file_default_hosts.close()
|
||||||
|
|
||||||
# Execute the script that required for "samba-common" and "krb5"
|
# Execute the script that required for "samba-common" and "krb5"
|
||||||
(result_code, p_out, p_err) = self.util.execute("/bin/bash /usr/share/ahenk/base/registration/scripts/ad.sh {0} {1}".format(domain_name.upper(),host_name))
|
(result_code, p_out, p_err) = self.util.execute(
|
||||||
|
"/bin/bash /usr/share/ahenk/base/registration/scripts/ad.sh {0} {1}".format(domain_name.upper(),
|
||||||
|
host_name))
|
||||||
|
|
||||||
if(result_code == 0):
|
if (result_code == 0):
|
||||||
self.logger.info("Script başarılı bir şekilde çalıştırıldı.")
|
self.logger.info("Script başarılı bir şekilde çalıştırıldı.")
|
||||||
else:
|
else:
|
||||||
self.logger.error("Script başarısız oldu : " + str(p_err))
|
self.logger.error("Script başarısız oldu : " + str(p_err))
|
||||||
|
|
||||||
# Installation of required packages
|
# Installation of required packages
|
||||||
(result_code, p_out, p_err) = self.util.execute("sudo apt-get -y install sssd sssd-tools adcli packagekit samba-common-bin samba-libs dnsutils")
|
(result_code, p_out, p_err) = self.util.execute(
|
||||||
|
"sudo apt-get -y install sssd sssd-tools adcli packagekit samba-common-bin samba-libs")
|
||||||
if (result_code == 0):
|
if (result_code == 0):
|
||||||
self.logger.info("İndirmeler Başarılı")
|
self.logger.info("İndirmeler Başarılı")
|
||||||
else:
|
else:
|
||||||
|
|
@ -172,7 +179,9 @@ class ExecuteSSSDAdAuthentication:
|
||||||
if (self.join_try_counter == 5):
|
if (self.join_try_counter == 5):
|
||||||
break
|
break
|
||||||
else:
|
else:
|
||||||
(result_code, p_out, p_err) = self.util.execute("echo \"{0}\" | realm join --user={1} {2}".format(password, ad_username, domain_name.upper()))
|
(result_code, p_out, p_err) = self.util.execute(
|
||||||
|
"echo \"{0}\" | realm join --user={1} {2}".format(password, ad_username,
|
||||||
|
domain_name.upper()))
|
||||||
if (result_code == 0):
|
if (result_code == 0):
|
||||||
self.logger.info("Realm Join komutu başarılı")
|
self.logger.info("Realm Join komutu başarılı")
|
||||||
break
|
break
|
||||||
|
|
@ -183,44 +192,99 @@ class ExecuteSSSDAdAuthentication:
|
||||||
self.logger.error(e)
|
self.logger.error(e)
|
||||||
self.logger.info("Active Directory Join işlemi esnasında hata oluştu.")
|
self.logger.info("Active Directory Join işlemi esnasında hata oluştu.")
|
||||||
|
|
||||||
# Configure sssd template
|
# DynamicDNSUpdate in Active Directory
|
||||||
sssd_config_template_path = "/usr/share/ahenk/base/registration/config-files/sssd_ad.conf"
|
if dynamic_dns_update == True:
|
||||||
sssd_config_folder_path = "/etc/sssd"
|
self.logger.info("dynamicDNSUpdate is Activated")
|
||||||
sssd_config_file_path = "/etc/sssd/sssd.conf"
|
# Installation of required packages
|
||||||
|
(result_code, p_out, p_err) = self.util.execute(
|
||||||
|
"sudo apt-get -y install dnsutils")
|
||||||
|
if (result_code == 0):
|
||||||
|
self.logger.info("İndirmeler Başarılı")
|
||||||
|
else:
|
||||||
|
self.logger.error("İndirmeler Başarısız : " + str(p_err))
|
||||||
|
|
||||||
if not self.util.is_exist(sssd_config_folder_path):
|
# Configure sssd template
|
||||||
self.util.create_directory(sssd_config_folder_path)
|
sssd_config_template_path = "/usr/share/ahenk/base/registration/config-files/sssd_ad_dns.conf"
|
||||||
self.logger.info("{0} folder is created".format(sssd_config_folder_path))
|
sssd_config_folder_path = "/etc/sssd"
|
||||||
|
sssd_config_file_path = "/etc/sssd/sssd.conf"
|
||||||
|
|
||||||
if self.util.is_exist(sssd_config_file_path):
|
if not self.util.is_exist(sssd_config_folder_path):
|
||||||
self.util.delete_file(sssd_config_file_path)
|
self.util.create_directory(sssd_config_folder_path)
|
||||||
self.logger.info("delete sssd org conf")
|
self.logger.info("{0} folder is created".format(sssd_config_folder_path))
|
||||||
|
|
||||||
self.util.copy_file(sssd_config_template_path, sssd_config_folder_path)
|
if self.util.is_exist(sssd_config_file_path):
|
||||||
self.logger.info("{0} config file is copied under {1}".format(sssd_config_template_path, sssd_config_folder_path))
|
self.util.delete_file(sssd_config_file_path)
|
||||||
self.util.rename_file("/etc/sssd/sssd_ad.conf", "/etc/sssd/sssd.conf")
|
self.logger.info("delete sssd org conf")
|
||||||
|
|
||||||
# Configure sssd.conf
|
self.util.copy_file(sssd_config_template_path, sssd_config_folder_path)
|
||||||
file_sssd = open(sssd_config_file_path, 'r')
|
self.logger.info(
|
||||||
file_data = file_sssd.read()
|
"{0} config file is copied under {1}".format(sssd_config_template_path, sssd_config_folder_path))
|
||||||
|
self.util.rename_file("/etc/sssd/sssd_ad_dns.conf", "/etc/sssd/sssd.conf")
|
||||||
|
|
||||||
file_data = file_data.replace("###domains###", "domains = {}".format(domain_name))
|
# Configure sssd.conf
|
||||||
file_data = file_data.replace("###[domain/###", "[domain/{}]".format(domain_name))
|
file_sssd = open(sssd_config_file_path, 'r')
|
||||||
file_data = file_data.replace("###ad_domain###", "ad_domain = {}".format(domain_name))
|
file_data = file_sssd.read()
|
||||||
file_data = file_data.replace("###krb5_realm###", "krb5_realm = {}".format(domain_name.upper()))
|
|
||||||
file_data = file_data.replace("###ad_hostname###", "ad_hostname = {0}.{1}".format(self.system.Os.hostname(), domain_name.lower()))
|
|
||||||
|
|
||||||
file_sssd.close()
|
file_data = file_data.replace("###domains###", "domains = {}".format(domain_name))
|
||||||
file_sssd = open(sssd_config_file_path, 'w')
|
file_data = file_data.replace("###[domain/###", "[domain/{}]".format(domain_name))
|
||||||
file_sssd.write(file_data)
|
file_data = file_data.replace("###ad_domain###", "ad_domain = {}".format(domain_name))
|
||||||
file_sssd.close()
|
file_data = file_data.replace("###krb5_realm###", "krb5_realm = {}".format(domain_name.upper()))
|
||||||
|
file_data = file_data.replace("###ad_hostname###",
|
||||||
|
"ad_hostname = {0}.{1}".format(self.system.Os.hostname(),
|
||||||
|
domain_name.lower()))
|
||||||
|
|
||||||
|
file_sssd.close()
|
||||||
|
file_sssd = open(sssd_config_file_path, 'w')
|
||||||
|
file_sssd.write(file_data)
|
||||||
|
file_sssd.close()
|
||||||
|
|
||||||
|
# Arrangement of chmod as 600 for sssd.conf
|
||||||
|
(result_code, p_out, p_err) = self.util.execute("chmod 600 {}".format(sssd_config_file_path))
|
||||||
|
if (result_code == 0):
|
||||||
|
self.logger.info("Chmod komutu başarılı bir şekilde çalıştırıldı")
|
||||||
|
else:
|
||||||
|
self.logger.error("Chmod komutu başarısız : " + str(p_err))
|
||||||
|
|
||||||
# Arrangement of chmod as 600 for sssd.conf
|
|
||||||
(result_code, p_out, p_err) = self.util.execute("chmod 600 {}".format(sssd_config_file_path))
|
|
||||||
if(result_code == 0):
|
|
||||||
self.logger.info("Chmod komutu başarılı bir şekilde çalıştırıldı")
|
|
||||||
else:
|
else:
|
||||||
self.logger.error("Chmod komutu başarısız : " + str(p_err))
|
self.logger.info("dynamicDNSUpdate is NOT Activated")
|
||||||
|
# Configure sssd template
|
||||||
|
sssd_config_template_path = "/usr/share/ahenk/base/registration/config-files/sssd_ad.conf"
|
||||||
|
sssd_config_folder_path = "/etc/sssd"
|
||||||
|
sssd_config_file_path = "/etc/sssd/sssd.conf"
|
||||||
|
|
||||||
|
if not self.util.is_exist(sssd_config_folder_path):
|
||||||
|
self.util.create_directory(sssd_config_folder_path)
|
||||||
|
self.logger.info("{0} folder is created".format(sssd_config_folder_path))
|
||||||
|
|
||||||
|
if self.util.is_exist(sssd_config_file_path):
|
||||||
|
self.util.delete_file(sssd_config_file_path)
|
||||||
|
self.logger.info("delete sssd org conf")
|
||||||
|
|
||||||
|
self.util.copy_file(sssd_config_template_path, sssd_config_folder_path)
|
||||||
|
self.logger.info(
|
||||||
|
"{0} config file is copied under {1}".format(sssd_config_template_path, sssd_config_folder_path))
|
||||||
|
self.util.rename_file("/etc/sssd/sssd_ad.conf", "/etc/sssd/sssd.conf")
|
||||||
|
|
||||||
|
# Configure sssd.conf
|
||||||
|
file_sssd = open(sssd_config_file_path, 'r')
|
||||||
|
file_data = file_sssd.read()
|
||||||
|
|
||||||
|
file_data = file_data.replace("###domains###", "domains = {}".format(domain_name))
|
||||||
|
file_data = file_data.replace("###[domain/###", "[domain/{}]".format(domain_name))
|
||||||
|
file_data = file_data.replace("###ad_domain###", "ad_domain = {}".format(domain_name))
|
||||||
|
file_data = file_data.replace("###krb5_realm###", "krb5_realm = {}".format(domain_name.upper()))
|
||||||
|
|
||||||
|
file_sssd.close()
|
||||||
|
file_sssd = open(sssd_config_file_path, 'w')
|
||||||
|
file_sssd.write(file_data)
|
||||||
|
file_sssd.close()
|
||||||
|
|
||||||
|
# Arrangement of chmod as 600 for sssd.conf
|
||||||
|
(result_code, p_out, p_err) = self.util.execute("chmod 600 {}".format(sssd_config_file_path))
|
||||||
|
if (result_code == 0):
|
||||||
|
self.logger.info("Chmod komutu başarılı bir şekilde çalıştırıldı")
|
||||||
|
else:
|
||||||
|
self.logger.error("Chmod komutu başarısız : " + str(p_err))
|
||||||
|
|
||||||
# Configure krb5 template
|
# Configure krb5 template
|
||||||
krb5_config_template_path = "/usr/share/ahenk/base/registration/config-files/krb5_ad.conf"
|
krb5_config_template_path = "/usr/share/ahenk/base/registration/config-files/krb5_ad.conf"
|
||||||
|
|
@ -236,7 +300,8 @@ class ExecuteSSSDAdAuthentication:
|
||||||
self.logger.info("delete krb5 org conf")
|
self.logger.info("delete krb5 org conf")
|
||||||
|
|
||||||
self.util.copy_file(krb5_config_template_path, krb5_config_folder_path)
|
self.util.copy_file(krb5_config_template_path, krb5_config_folder_path)
|
||||||
self.logger.info("{0} config file is copied under {1}".format(krb5_config_template_path, krb5_config_folder_path))
|
self.logger.info(
|
||||||
|
"{0} config file is copied under {1}".format(krb5_config_template_path, krb5_config_folder_path))
|
||||||
self.util.rename_file("/etc/krb5_ad.conf", "/etc/krb5.conf")
|
self.util.rename_file("/etc/krb5_ad.conf", "/etc/krb5.conf")
|
||||||
|
|
||||||
# Configure krb5_ad.conf
|
# Configure krb5_ad.conf
|
||||||
|
|
@ -250,7 +315,7 @@ class ExecuteSSSDAdAuthentication:
|
||||||
|
|
||||||
# Arrangement of chmod as 644 for krb5_ad.conf
|
# Arrangement of chmod as 644 for krb5_ad.conf
|
||||||
(result_code, p_out, p_err) = self.util.execute("chmod 644 {}".format(krb5_config_file_path))
|
(result_code, p_out, p_err) = self.util.execute("chmod 644 {}".format(krb5_config_file_path))
|
||||||
if(result_code == 0):
|
if (result_code == 0):
|
||||||
self.logger.info("Chmod komutu başarılı bir şekilde çalıştırıldı")
|
self.logger.info("Chmod komutu başarılı bir şekilde çalıştırıldı")
|
||||||
else:
|
else:
|
||||||
self.logger.error("Chmod komutu başarısız : " + str(p_err))
|
self.logger.error("Chmod komutu başarısız : " + str(p_err))
|
||||||
|
|
@ -268,7 +333,7 @@ class ExecuteSSSDAdAuthentication:
|
||||||
self.util.delete_file(default_sssd_path)
|
self.util.delete_file(default_sssd_path)
|
||||||
self.logger.info("delete sssd org conf")
|
self.logger.info("delete sssd org conf")
|
||||||
|
|
||||||
if "LC_ALL=\"tr_CY.UTF-8\"" not in file_data :
|
if "LC_ALL=\"tr_CY.UTF-8\"" not in file_data:
|
||||||
file_data = file_data + "\n" + "LC_ALL=\"tr_CY.UTF-8\""
|
file_data = file_data + "\n" + "LC_ALL=\"tr_CY.UTF-8\""
|
||||||
self.logger.info("/etc/default/sssd is configured")
|
self.logger.info("/etc/default/sssd is configured")
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -201,15 +201,16 @@ class Registration:
|
||||||
ip_address = str(reg_reply['adIpAddress'])
|
ip_address = str(reg_reply['adIpAddress'])
|
||||||
password = str(reg_reply['adAdminPassword'])
|
password = str(reg_reply['adAdminPassword'])
|
||||||
ad_username = str(reg_reply['adAdminUserName'])
|
ad_username = str(reg_reply['adAdminUserName'])
|
||||||
|
dynamic_dns_update = reg_reply['dynamicDNSUpdate']
|
||||||
|
|
||||||
if domain_name is None or host_name is None or ip_address is None or password is None :
|
if domain_name is None or host_name is None or ip_address is None or password is None :
|
||||||
self.logger.error("Registration params is null")
|
self.logger.error("Registration params is null")
|
||||||
return
|
return
|
||||||
|
|
||||||
self.ad_login.authenticate(domain_name, host_name, ip_address, password, ad_username)
|
self.ad_login.authenticate(domain_name, host_name, ip_address, password, ad_username, dynamic_dns_update)
|
||||||
|
|
||||||
def registration_error(self, reg_reply):
|
def registration_error(self, reg_reply):
|
||||||
self.re_register()
|
self.re_register()
|
||||||
|
|
||||||
def is_registered(self):
|
def is_registered(self):
|
||||||
try:
|
try:
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue