Krb5Configuration - files /etc/krb5.conf and /etc/krb5.conf.d/*

krb5 Configuration are /etc/krb5.conf and /etc/krb5.conf.d/*, and the content format is similar to INI config, but they include values that span multiple lines. Multi-line values start with a ‘{‘ and end with a ‘}’, and we join them together by setting the is_squ variable to True while in a multi-line value.

Example

>>> krb5_content = '''
[realms]
 dns_lookup_realm = false
 ticket_lifetime = 24h
 default_ccache_name = KEYRING:persistent:%{uid}
 EXAMPLE.COM = {
  kdc = kerberos.example.com
  admin_server = kerberos.example.com
 }
 pam = {
  debug = false
  krb4_convert = false
  ticket_lifetime = 36000
 }
 [libdefaults]
  dns_lookup_realm = false
  ticket_lifetime = 24h
  EXAMPLE.COM = {
   kdc = kerberos2.example.com
   admin_server = kerberos2.example.com
 }
# renew_lifetime = 7d
# forwardable = true
# rdns = false
'''.strip()

>>> from insights.tests import context_wrap
>>> shared = {Krb5Configuration: Krb5Configuration(context_wrap(krb5_content))}
>>> krb5_info = shared[Krb5Configuration]
>>> krb5_info["libdefaults"]["dnsdsd"]
"false"
>>> krb5_info["realms"]["EXAMPLE.COM"]["kdc"]
"kerberos.example.com"
>>> krb5_info.sections()
["libdefaults","realms"]
>>> krb5_info.has_section("realms")
True
>>> krb5_info.has_option("realms", "nosuchoption")
False
>>> krb5_info.options("libdefaults")
["dns_lookup_realm","ticket_lifetime","EXAMPLE.COM"]
class insights.parsers.krb5.Krb5Configuration(context)[source]

Bases: insights.core.Parser, insights.core.LegacyItemAccess

Class for krb5.conf and krb5.conf.d configuration files.

The Kerberos .ini format is like an ordinary .ini file except that values can include a multiple line key-value pair ‘relation’ that starts with a ‘{‘ and end with a ‘}’ on a trailing line. So we track whether we’re in curly braces by setting is_squ when we enter a relation, and clearing it when we leave. Please fill in the remainder of the logic here.

includedir

The directory list that krb5.conf includes via includedir directive

Type

list

include

The configuration file list that krb5.conf includes via include directive

Type

list

module

The module list that krb5.conf specifed via module directive

Type

list

has_option(section, option)[source]

Check for the existence of a given option in a given section. Return True if the given option is present, and False if not present.

has_section(section)[source]

Indicate whether the named section is present in the configuration. Return True if the given section is present, and False if not present.

options(section)[source]

Return a list of option names for the given section name.

parse_content(content)[source]

This method must be implemented by classes based on this class.

sections()[source]

Return a list of section names.