Skip to content

Commit

Permalink
sssd: add common configuration for proxy domain
Browse files Browse the repository at this point in the history
Create a module that will configure proxy in client machine.
  • Loading branch information
aborah-sudo committed Sep 6, 2023
1 parent be75294 commit f40de93
Showing 1 changed file with 61 additions and 1 deletion.
62 changes: 61 additions & 1 deletion sssd_test_framework/utils/sssd.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,13 @@

import configparser
from io import StringIO
from typing import TYPE_CHECKING
from typing import TYPE_CHECKING, Literal

from pytest_mh import MultihostHost, MultihostRole, MultihostUtility
from pytest_mh.ssh import SSHLog, SSHProcess, SSHProcessResult

from ..hosts.base import BaseDomainHost
from ..misc import to_list

if TYPE_CHECKING:
from pytest_mh.utils.fs import LinuxFileSystem
Expand Down Expand Up @@ -783,3 +784,62 @@ def autofs(self) -> None:
"""
self.sssd.authselect.select("sssd")
self.sssd.enable_responder("autofs")

def proxy(
self,
proxy: Literal["files", "ldap"] = "files",
provider: str | list[str] = "id",
proxy_pam_target: str = "system-auth",
proxy_pam_stack: str | None = None,
server_hostname: str | None = None,
domain: str | None = None,
):
"""
:param proxy: ``ldap`` or ``files``
:type proxy: str
:param provider: SSSD providers (id, auth, chpass, ...)
:type provider: str | list[str]
:param proxy_pam_target: proxy_pam_target for sssd
:type proxy_pam_target: str
:param proxy_pam_stack: Config for pam stack
:type proxy_pam_stack: str
:param server_hostname: LDAP (LDAP server hostname)
:type server_hostname: str
:param domain: Existing domain name, defaults to None (= default domain)
:type domain: str | None, optional
"""
if domain is None:
domain = self.sssd.default_domain

if domain is None:
raise ValueError("No domain specified!")

if proxy == "ldap":
if proxy_pam_target is None:
proxy_pam_target = "sssdproxyldap"

if proxy_pam_target is None:
raise ValueError("No proxy_pam_target specified!")

if proxy_pam_stack is None:
raise ValueError("No proxy_pam_stack specified!")

if server_hostname is None:
raise ValueError("No server_hostname specified!")

self.sssd.fs.write(f"/etc/pam.d/{proxy_pam_target}", proxy_pam_stack)
self.sssd.fs.write(
"/etc/nslcd.conf", f"uid nslcd\ngid ldap\nuri " f"ldap://{server_hostname}\n", dedent=False
)
self.sssd.svc.restart("nslcd")

options = {
"proxy_lib_name": proxy,
"proxy_pam_target": proxy_pam_target,
}

for x in to_list(provider):
options[f"{x}_provider"] = "proxy"

self.sssd.dom(domain).clear()
self.sssd.dom(domain).update(options)

0 comments on commit f40de93

Please sign in to comment.