Source code for insights.parsers.sssd_conf

"""
SSSD Configuration - files ``/etc/sssd/sssd.conf`` and ``/etc/sssd.conf.d/*``
=============================================================================

SSSD configuration files are in INI format.

Example:
    [sssd]
    services = nss, sudo
    domains = test

    [sudo]
    debug_level = 0xfff0

    [domain/test]
    id_provider = ldap
    ldap_uri = ldap://ldap.test


SSSDConf - file ``/etc/sssd/sssd.conf``
----------------------------------------

SSSDConfd - files under ``/etc/sssd/conf.d/*.conf``
---------------------------------------------------
"""

from insights.core import IniConfigFile
from insights.core.plugins import parser
from insights.specs import Specs
from insights.util import deprecated


[docs] @parser(Specs.sssd_config) class SSSDConf(IniConfigFile): """ Parse the content of the ``/etc/sssd/sssd.conf``. The file format is standard ini file. """
[docs] def getboolean(self, section, option): """ Returns: bool: Returns boolean form based on the data from get. """ val = self.get(section, option) boolean_states = { "true": True, "false": False, } if val.lower() not in boolean_states: raise ValueError("Not a boolean: %s" % val) return boolean_states[val.lower()]
def _set(self, section, option, value=None): """ Sets the value of the specified section option. Note: This should only be used by :class:`insights.combiners.sssd_conf.SSSDConfAll`. Args: section (str): The section str to set for. option (str): The option str to set for. value (str): The value to set. """ section = section.strip() option = option.strip().lower() if section not in self._dict: self._dict[section] = {} self._dict[section][option] = value
[docs] @parser(Specs.sssd_conf_d) class SSSDConfd(SSSDConf): """ Parse the content of configuration snippet under ``/etc/sssd/conf.d/*.conf``. The file format is standard ini file. """ pass
[docs] @parser(Specs.sssd_config) class SSSD_Config(IniConfigFile): """ Parse the content of the ``/etc/sssd/sssd.config`` file. The 'sssd' section must always exist. Within that, the 'domains' parameter is usually defined to give a comma-separated list of the domains that sssd is to manage. The 'sssd' section will define one or more active domains, which are then configured in the 'domain/{domain}' section of the configuration. These domains are then available via the 'domains' method, and the configuration of a domain can be fetched as a dictionary using the 'domain_config' method. Sample configuration:: [sssd] config_file_version = 2 # Number of times services should attempt to reconnect in the # event of a crash or restart before they give up reconnection_retries = 3 # If a back end is particularly slow you can raise this timeout here sbus_timeout = 30 services = nss, pam # SSSD will not start if you do not configure any domains. # Add new domain configurations as [domain/<NAME>] sections, and # then add the list of domains (in the order you want them to be # queried) to the "domains" attribute below and uncomment it. # domains = LOCAL,LDAP domains = example.com debug_level = 9 [nss] # The following prevents SSSD from searching for the root user/group in # all domains (you can add here a comma-separated list of system accounts that # are always going to be /etc/passwd users, or that you want to filter out). filter_groups = root filter_users = root reconnection_retries = 3 [pam] reconnection_retries = 3 [domain/example.com] id_provider = ldap lookup_family_order = ipv4_only ldap_uri = ldap://ldap.example.com/ ldap_search_base = dc=example,dc=com enumerate = False hbase_directory= /home create_homedir = True override_homedir = /home/%u auth_provider = krb5 krb5_server = kerberos.example.com krb5_realm = EXAMPLE.COM Example: >>> type(conf) <class 'insights.parsers.sssd_conf.SSSD_Config'> >>> conf.get('nss', 'filter_users') 'root' >>> conf.getint('pam', 'reconnection_retries') 3 >>> conf.domains ['example.com'] >>> domain = conf.domain_config('example.com') >>> 'ldap_uri' in domain True """ def __init__(self, context): deprecated(SSSD_Config, "Please use the :class:`insights.combiners.sssd_conf.SSSDConfAll` instead.", "3.6.0") super(SSSD_Config, self).__init__(context) @property def domains(self): """ Returns the list of domains defined in the 'sssd' section. This is used to refer to the domain-specific sections of the configuration. """ if self.has_option('sssd', 'domains'): domains = self.get('sssd', 'domains') if domains: return [domain.strip() for domain in domains.split(',')] # Return a blank list if no domains. return []
[docs] def domain_config(self, domain): """ Return the configuration dictionary for a specific domain, given as the raw name as listed in the 'domains' property of the sssd section. This then looks for the equivalent 'domain/{domain}' section of the config file. """ full_domain = 'domain/' + domain if full_domain not in self: return {} return self.items(full_domain)