These changes are all related to the following ticket: https://fedorahosted.org/sssd/ticket/763
Changes in SSSDConfig.py merge old and new domain record instead of just deleting the old and inserting the new one. The old approach let to loss of some information like comments and blank lines in the config file. Changes in API config were performed so our Python scripts (like sss_obfuscate) don't add extra config options to the config file. Jan
From de587fff9ed48ec689fb88f50dacf6078ddd5ccd Mon Sep 17 00:00:00 2001 From: Jan Zeleny <jzel...@redhat.com> Date: Wed, 30 Mar 2011 08:38:41 -0400 Subject: [PATCH] Configuration parsing updates These changes are all related to the following ticket: https://fedorahosted.org/sssd/ticket/763 Changes in SSSDConfig.py merge old and new domain record instead of just deleting the old and inserting the new one. The old approach let to loss of some information like comments and blank lines in the config file. Changes in API config were performed so our Python scripts (like sss_obfuscate) don't add extra config options to the config file. --- src/config/SSSDConfig.py | 22 ++++++++-------------- src/config/etc/sssd.api.conf | 6 +++--- src/config/etc/sssd.api.d/sssd-ipa.conf | 2 +- src/config/etc/sssd.api.d/sssd-krb5.conf | 2 +- src/config/etc/sssd.api.d/sssd-ldap.conf | 4 ++-- src/config/etc/sssd.api.d/sssd-local.conf | 4 ++-- 6 files changed, 17 insertions(+), 23 deletions(-) diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py index 5135174a87d13b2f0817a99e1b1d9f63e73d5673..abcba6a902374004fe1e078c9aaeff80c2013f03 100644 --- a/src/config/SSSDConfig.py +++ b/src/config/SSSDConfig.py @@ -1739,23 +1739,17 @@ class SSSDConfig(SSSDChangeConf): domain.oldname = None; sectionname = 'domain/%s' % name - # Ensure that the existing section is removed - # This way we ensure that we are getting a - # complete copy of the service. - # delete_option() is a noop if the section - # does not exist. - index = self.delete_option('section', sectionname) - addkw = [] + section_subtree = self.findOpts(self.opts, 'section', sectionname) + + for option in self.options(sectionname): + if option['type'] == 'option': + if option['name'] not in domain.get_all_options(): + self.delete_option_subtree(section_subtree, 'option', option['name'], True) + for option,value in domain.get_all_options().items(): if (type(value) == list): value = ', '.join(value) - addkw.append( { 'type' : 'option', - 'name' : option, - 'value' : str(value) } ) - if oldindex: - self.add_section(sectionname, addkw, oldindex) - else: - self.add_section(sectionname, addkw, index) + self.set(sectionname, option, str(value)) if domain.active: self.activate_domain(name) diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index e91597166c07fcf945726dad528082768aabc3ef..0c7d515f171ee29fd34c270dcd068a05616592ed 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -11,7 +11,7 @@ reconnection_retries = int, None, false [sssd] # Monitor service -services = list, str, true, nss, pam +services = list, str, false, nss, pam domains = list, str, true timeout = int, None, false sbus_timeout = int, None, false @@ -40,7 +40,7 @@ pam_pwd_expiration_warning = int, None, false [provider] #Available provider types id_provider = str, None, true -auth_provider = str, None, true +auth_provider = str, None, false access_provider = str, None, false chpass_provider = str, None, false @@ -53,7 +53,7 @@ min_id = int, None, false max_id = int, None, false timeout = int, None, false enumerate = bool, None, false -cache_credentials = bool, None, true, false +cache_credentials = bool, None, false store_legacy_passwords = bool, None, false use_fully_qualified_names = bool, None, false entry_cache_timeout = int, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index 31b7dc9beee007d0969d1a2f1750674345cf2eb3..7719069c79c25e88b638ee986f387d1b377d7c50 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -1,5 +1,5 @@ [provider/ipa] -ipa_domain = str, None, true +ipa_domain = str, None, false ipa_server = str, None, false ipa_hostname = str, None, false ipa_dyndns_update = bool, None, false diff --git a/src/config/etc/sssd.api.d/sssd-krb5.conf b/src/config/etc/sssd.api.d/sssd-krb5.conf index 79c67aeacc3d50485df43e788771e940d9f0976c..ef871d024000cfcab2e30833d620ca08df5fc863 100644 --- a/src/config/etc/sssd.api.d/sssd-krb5.conf +++ b/src/config/etc/sssd.api.d/sssd-krb5.conf @@ -1,7 +1,7 @@ [provider/krb5] krb5_kdcip = str, None, false krb5_server = str, None, false -krb5_realm = str, None, true +krb5_realm = str, None, false krb5_auth_timeout = int, None, false krb5_kpasswd = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf index 5fd0cfb589e348241cf725e4cbe2fe639e542a58..8672f0b24fb698881f0d1d8d2c705c7acda6e198 100644 --- a/src/config/etc/sssd.api.d/sssd-ldap.conf +++ b/src/config/etc/sssd.api.d/sssd-ldap.conf @@ -1,7 +1,7 @@ [provider/ldap] ldap_uri = str, None, false ldap_search_base = str, None, false -ldap_schema = str, None, true, rfc2307 +ldap_schema = str, None, false ldap_default_bind_dn = str, None, false ldap_default_authtok_type = str, None, false ldap_default_authtok = str, None, false @@ -33,7 +33,7 @@ ldap_search_timeout = int, None, false ldap_enumeration_search_timeout = int, None, false ldap_enumeration_refresh_timeout = int, None, false ldap_purge_cache_timeout = int, None, false -ldap_id_use_start_tls = bool, None, true, false +ldap_id_use_start_tls = bool, None, false ldap_user_search_base = str, None, false ldap_user_search_scope = str, None, false ldap_user_search_filter = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-local.conf b/src/config/etc/sssd.api.d/sssd-local.conf index 0686f08232c289ab67e1813bfe282bb29a5bc9bb..f740b5ba157deca7e19c4ae565400897b7f0a3e0 100644 --- a/src/config/etc/sssd.api.d/sssd-local.conf +++ b/src/config/etc/sssd.api.d/sssd-local.conf @@ -1,8 +1,8 @@ [provider/local] [provider/local/id] -default_shell = str, None, true, /bin/bash -base_directory = str, None, true, /home +default_shell = str, None, false +base_directory = str, None, false [provider/local/auth] -- 1.7.4.1
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
