|
|
bf4f0e |
diff -up authconfig-6.2.8/authconfig-gtk.py.ipav2join authconfig-6.2.8/authconfig-gtk.py
|
|
|
bf4f0e |
--- authconfig-6.2.8/authconfig-gtk.py.ipav2join 2014-09-29 15:18:58.252487444 +0200
|
|
|
bf4f0e |
+++ authconfig-6.2.8/authconfig-gtk.py 2014-09-29 15:19:15.077867285 +0200
|
|
|
bf4f0e |
@@ -2,12 +2,13 @@
|
|
|
bf4f0e |
# -*- coding: UTF-8 -*-
|
|
|
bf4f0e |
#
|
|
|
bf4f0e |
# Authconfig - client authentication configuration program
|
|
|
bf4f0e |
-# Copyright (c) 1999-2008 Red Hat, Inc.
|
|
|
bf4f0e |
+# Copyright (c) 1999-2014 Red Hat, Inc.
|
|
|
bf4f0e |
#
|
|
|
bf4f0e |
# Authors: Preston Brown <pbrown@redhat.com>
|
|
|
bf4f0e |
# Nalin Dahyabhai <nalin@redhat.com>
|
|
|
bf4f0e |
# Matt Wilson <msw@redhat.com>
|
|
|
bf4f0e |
# Tomas Mraz <tmraz@redhat.com>
|
|
|
bf4f0e |
+# Jan Lieskovsky <jlieskov@redhat.com>
|
|
|
bf4f0e |
#
|
|
|
bf4f0e |
# This is free software; you can redistribute it and/or modify it
|
|
|
bf4f0e |
# under the terms of the GNU General Public License as published by
|
|
|
bf4f0e |
@@ -236,6 +237,7 @@ class Authconfig:
|
|
|
bf4f0e |
self.oldrealm = ""
|
|
|
bf4f0e |
self.oldkdc = ""
|
|
|
bf4f0e |
self.oldadminserver = ""
|
|
|
bf4f0e |
+ self.messageParent = None
|
|
|
bf4f0e |
|
|
|
bf4f0e |
def destroy_widget(self, button, widget):
|
|
|
bf4f0e |
widget.destroy()
|
|
|
bf4f0e |
@@ -272,7 +274,9 @@ class Authconfig:
|
|
|
bf4f0e |
response = self.run_on_button(None, "joinwbdomain",
|
|
|
bf4f0e |
"winbindjoin_map", parent)
|
|
|
bf4f0e |
if (response == gtk.RESPONSE_OK):
|
|
|
bf4f0e |
- self.info.joinDomain(True)
|
|
|
bf4f0e |
+ self.messageParent = parent
|
|
|
bf4f0e |
+ self.info.joinDomain(False)
|
|
|
bf4f0e |
+ self.messageParent = None
|
|
|
bf4f0e |
self.info.joinUser = None
|
|
|
bf4f0e |
self.info.joinPassword = None
|
|
|
bf4f0e |
|
|
|
bf4f0e |
@@ -287,7 +291,9 @@ class Authconfig:
|
|
|
bf4f0e |
response = self.run_on_button(None, "joinipadomain",
|
|
|
bf4f0e |
"ipav2join_map", parent)
|
|
|
bf4f0e |
if (response == gtk.RESPONSE_OK):
|
|
|
bf4f0e |
- self.info.joinIPADomain(True)
|
|
|
bf4f0e |
+ self.messageParent = parent
|
|
|
bf4f0e |
+ self.info.joinIPADomain(False)
|
|
|
bf4f0e |
+ self.messageParent = None
|
|
|
bf4f0e |
|
|
|
bf4f0e |
def info_apply(self, map, xml):
|
|
|
bf4f0e |
for entry in map.keys():
|
|
|
bf4f0e |
@@ -796,10 +802,12 @@ class Authconfig:
|
|
|
bf4f0e |
response = self.run_on_button(None, "ldapcacertdownload",
|
|
|
bf4f0e |
"ldapcacert_map", parent)
|
|
|
bf4f0e |
if (response == gtk.RESPONSE_OK):
|
|
|
bf4f0e |
+ self.messageParent = parent
|
|
|
bf4f0e |
self.info.downloadLDAPCACert()
|
|
|
bf4f0e |
+ self.messageParent = None
|
|
|
bf4f0e |
|
|
|
bf4f0e |
def message_callback(self, text):
|
|
|
bf4f0e |
- msg = gtk.MessageDialog(None, 0, gtk.MESSAGE_WARNING, gtk.BUTTONS_OK, text)
|
|
|
bf4f0e |
+ msg = gtk.MessageDialog(self.messageParent, 0, gtk.MESSAGE_WARNING, gtk.BUTTONS_OK, text)
|
|
|
bf4f0e |
msg.set_title(_("Authentication Configuration"))
|
|
|
bf4f0e |
msg.run()
|
|
|
bf4f0e |
msg.destroy()
|
|
|
bf4f0e |
diff -up authconfig-6.2.8/authinfo.py.ipav2join authconfig-6.2.8/authinfo.py
|
|
|
bf4f0e |
--- authconfig-6.2.8/authinfo.py.ipav2join 2014-09-29 15:14:59.000000000 +0200
|
|
|
bf4f0e |
+++ authconfig-6.2.8/authinfo.py 2014-09-29 15:15:55.776367966 +0200
|
|
|
bf4f0e |
@@ -1,7 +1,7 @@
|
|
|
bf4f0e |
# -*- coding: UTF-8 -*-
|
|
|
bf4f0e |
#
|
|
|
bf4f0e |
# Authconfig - client authentication configuration program
|
|
|
bf4f0e |
-# Copyright (c) 1999-2011 Red Hat, Inc.
|
|
|
bf4f0e |
+# Copyright (c) 1999-2014 Red Hat, Inc.
|
|
|
bf4f0e |
#
|
|
|
bf4f0e |
# Authors: Preston Brown <pbrown@redhat.com>
|
|
|
bf4f0e |
# Nalin Dahyabhai <nalin@redhat.com>
|
|
|
bf4f0e |
@@ -10,6 +10,7 @@
|
|
|
bf4f0e |
# Ray Strode <rstrode@redhat.com>
|
|
|
bf4f0e |
# Paolo Bonzini <pbonzini@redhat.com>
|
|
|
bf4f0e |
# Miloslav Trmac <mitr@redhat.com>
|
|
|
bf4f0e |
+# Jan Lieskovsky <jlieskov@redhat.com>
|
|
|
bf4f0e |
#
|
|
|
bf4f0e |
# This is free software; you can redistribute it and/or modify it
|
|
|
bf4f0e |
# under the terms of the GNU General Public License as published by
|
|
|
bf4f0e |
@@ -879,9 +880,17 @@ def feedFork(command, echo, query, respo
|
|
|
bf4f0e |
return 255
|
|
|
bf4f0e |
if not pid:
|
|
|
bf4f0e |
# child
|
|
|
bf4f0e |
- status = os.system(command)
|
|
|
bf4f0e |
+ if query:
|
|
|
bf4f0e |
+ child = Popen([command], shell=True)
|
|
|
bf4f0e |
+ else:
|
|
|
bf4f0e |
+ child = Popen([command], stdin=PIPE, shell=True)
|
|
|
bf4f0e |
+ child.communicate(input=(response or '')+'\n')
|
|
|
bf4f0e |
+
|
|
|
bf4f0e |
+ # wait for the child to terminate & set the returncode
|
|
|
bf4f0e |
+ child.wait()
|
|
|
bf4f0e |
+ status = child.returncode
|
|
|
bf4f0e |
os._exit(status)
|
|
|
bf4f0e |
- output = ""
|
|
|
bf4f0e |
+ (output, error) = ("","")
|
|
|
bf4f0e |
try:
|
|
|
bf4f0e |
i = fcntl.fcntl(master, fcntl.F_GETFL)
|
|
|
bf4f0e |
fcntl.fcntl(master, fcntl.F_SETFL, i & ~os.O_NONBLOCK)
|
|
|
bf4f0e |
@@ -918,13 +927,24 @@ def feedFork(command, echo, query, respo
|
|
|
bf4f0e |
if c:
|
|
|
bf4f0e |
try:
|
|
|
bf4f0e |
output += c
|
|
|
bf4f0e |
+ error += c
|
|
|
bf4f0e |
if echo:
|
|
|
bf4f0e |
sys.stderr.write(c)
|
|
|
bf4f0e |
- if query in output:
|
|
|
bf4f0e |
- os.write(master, response)
|
|
|
bf4f0e |
+ if query and query in output:
|
|
|
bf4f0e |
+ # Search for password prompt start
|
|
|
bf4f0e |
+ index = error.rfind("\r\n")
|
|
|
bf4f0e |
+ os.write(master, response or '')
|
|
|
bf4f0e |
os.write(master, "\r\n")
|
|
|
bf4f0e |
+ if index != -1:
|
|
|
bf4f0e |
+ # Drop password prompt substring from error
|
|
|
bf4f0e |
+ error = "\n" + error[:index]
|
|
|
bf4f0e |
+ else:
|
|
|
bf4f0e |
+ # Drop whole error content, password prompt
|
|
|
bf4f0e |
+ # was the first line
|
|
|
bf4f0e |
+ error = ""
|
|
|
bf4f0e |
output = ""
|
|
|
bf4f0e |
- sys.stderr.write("<...>\n")
|
|
|
bf4f0e |
+ if echo:
|
|
|
bf4f0e |
+ sys.stderr.write("<...>\n")
|
|
|
bf4f0e |
except OSError, (err, text):
|
|
|
bf4f0e |
sys.stderr.write("write: " + text + "\n")
|
|
|
bf4f0e |
os.close(master)
|
|
|
bf4f0e |
@@ -941,7 +961,7 @@ def feedFork(command, echo, query, respo
|
|
|
bf4f0e |
(child, status) = os.waitpid(pid, 0)
|
|
|
bf4f0e |
except OSError, (err, text):
|
|
|
bf4f0e |
sys.stderr.write("waitpid: " + text + "\n")
|
|
|
bf4f0e |
- return status
|
|
|
bf4f0e |
+ return (status, error)
|
|
|
bf4f0e |
|
|
|
bf4f0e |
def isEmptyDir(path):
|
|
|
bf4f0e |
try:
|
|
|
bf4f0e |
@@ -4227,17 +4247,26 @@ class AuthInfo:
|
|
|
bf4f0e |
# Not needed -- "joining" is meaningless for other
|
|
|
bf4f0e |
# models.
|
|
|
bf4f0e |
return
|
|
|
bf4f0e |
- cmd = "/usr/bin/net join %s%s %s%s -U %s" % (
|
|
|
bf4f0e |
+ cmd = PATH_WINBIND_NET + " join %s%s %s%s -U %s" % (
|
|
|
bf4f0e |
domain and "-w " or "", domain,
|
|
|
bf4f0e |
server and "-S " or "", server,
|
|
|
bf4f0e |
self.joinUser)
|
|
|
bf4f0e |
|
|
|
bf4f0e |
if echo:
|
|
|
bf4f0e |
sys.stderr.write("[%s]\n" % cmd)
|
|
|
bf4f0e |
- if self.joinPassword:
|
|
|
bf4f0e |
- status = feedFork(cmd, echo, "sword:", self.joinPassword)
|
|
|
bf4f0e |
+ child = Popen([cmd], shell=True)
|
|
|
bf4f0e |
+ child.communicate()
|
|
|
bf4f0e |
+ status = child.returncode
|
|
|
bf4f0e |
+ else:
|
|
|
bf4f0e |
+ status, error = feedFork(cmd, echo, "sword:", self.joinPassword)
|
|
|
bf4f0e |
+ if echo:
|
|
|
bf4f0e |
+ if status != 0:
|
|
|
bf4f0e |
+ self.messageCB(_("Winbind domain join was not successful."))
|
|
|
bf4f0e |
else:
|
|
|
bf4f0e |
- status = os.system(cmd)
|
|
|
bf4f0e |
+ if status != 0:
|
|
|
bf4f0e |
+ errmsg = _("Winbind domain join was not successful. The net join command failed with the following error:")
|
|
|
bf4f0e |
+ errmsg += "\n" + error
|
|
|
bf4f0e |
+ self.messageCB(errmsg)
|
|
|
bf4f0e |
return status == 0
|
|
|
bf4f0e |
|
|
|
bf4f0e |
def joinIPADomain(self, echo):
|
|
|
921b1a |
@@ -4258,22 +4287,30 @@ class AuthInfo:
|
|
|
bf4f0e |
realm and "--realm=" or "", realm,
|
|
|
bf4f0e |
principal and "--principal=" or "", principal,
|
|
|
bf4f0e |
nontp,
|
|
|
bf4f0e |
- password and "-W" or "")
|
|
|
bf4f0e |
-
|
|
|
bf4f0e |
+ not echo and "--unattended" or "-W")
|
|
|
bf4f0e |
+
|
|
|
bf4f0e |
if echo:
|
|
|
bf4f0e |
sys.stderr.write("[%s]\n" % cmd)
|
|
|
bf4f0e |
- if self.joinPassword:
|
|
|
bf4f0e |
- status = feedFork(cmd, echo, "sword:", self.joinPassword)
|
|
|
bf4f0e |
+ child = Popen([cmd], shell=True)
|
|
|
bf4f0e |
+ child.communicate()
|
|
|
bf4f0e |
+ status = child.returncode
|
|
|
bf4f0e |
else:
|
|
|
bf4f0e |
- status = os.system(cmd)
|
|
|
bf4f0e |
+ status, error = feedFork(cmd, echo, '', password)
|
|
|
bf4f0e |
+
|
|
|
bf4f0e |
if status == 0:
|
|
|
bf4f0e |
self.ipaDomainJoined = True
|
|
|
bf4f0e |
+ if echo:
|
|
|
bf4f0e |
+ if status != 0:
|
|
|
bf4f0e |
+ self.messageCB(_("IPAv2 domain join was not successful."))
|
|
|
bf4f0e |
else:
|
|
|
bf4f0e |
- self.messageCB(_("IPAv2 domain join was not succesful. The ipa-client-install command failed."))
|
|
|
bf4f0e |
+ if status != 0:
|
|
|
bf4f0e |
+ errmsg = _("IPAv2 domain join was not successful. The ipa-client-install command failed with the following error:")
|
|
|
bf4f0e |
+ errmsg += "\n" + error
|
|
|
bf4f0e |
+ self.messageCB(errmsg)
|
|
|
bf4f0e |
return status == 0
|
|
|
bf4f0e |
|
|
|
bf4f0e |
def uninstallIPA(self):
|
|
|
921b1a |
- cmd = PATH_IPA_CLIENT_INSTALL + " --uninstall --noac"
|
|
|
921b1a |
+ cmd = PATH_IPA_CLIENT_INSTALL + " --uninstall --noac --unattended"
|
|
|
921b1a |
os.system(cmd)
|
|
|
921b1a |
|
|
|
921b1a |
def toggleCachingService(self, nostart):
|