Krb5Configuration - files /etc/krb5.conf and /etc/krb5.conf.d/*

krb5 Configuration are /etc/krb5.conf and /etc/krb5.conf.d/*, and the content format is similar to INI config, but they include values that span multiple lines. Multi-line values start with a ‘{’ and end with a ‘}’, and we join them together by setting the is_squ variable to True while in a multi-line value.

Example

>>> krb5_content = '''
[realms]
 dns_lookup_realm = false
 ticket_lifetime = 24h
 default_ccache_name = KEYRING:persistent:%{uid}
 EXAMPLE.COM = {
  kdc = kerberos.example.com
  admin_server = kerberos.example.com
 }
 pam = {
  debug = false
  krb4_convert = false
  ticket_lifetime = 36000
 }
 [libdefaults]
  dns_lookup_realm = false
  ticket_lifetime = 24h
  EXAMPLE.COM = {
   kdc = kerberos2.example.com
   admin_server = kerberos2.example.com
 }
# renew_lifetime = 7d
# forwardable = true
# rdns = false
'''.strip()

>>> from insights.tests import context_wrap
>>> shared = {Krb5Configuration: Krb5Configuration(context_wrap(krb5_content))}
>>> krb5_info = shared[Krb5Configuration]
>>> krb5_info["libdefaults"]["dnsdsd"]
"false"
>>> krb5_info["realms"]["EXAMPLE.COM"]["kdc"]
"kerberos.example.com"
>>> krb5_info.sections()
["libdefaults","realms"]
>>> krb5_info.has_section("realms")
True
>>> krb5_info.has_option("realms", "nosuchoption")
False
>>> krb5_info.options("libdefaults")
["dns_lookup_realm","ticket_lifetime","EXAMPLE.COM"]
class insights.parsers.krb5.Krb5Configuration(context)[source]

Bases: insights.core.Parser, insights.core.LegacyItemAccess

Class for krb5.conf and krb5.conf.d configuration files.

The Kerberos .ini format is like an ordinary .ini file except that values can include a multiple line key-value pair ‘relation’ that starts with a ‘{’ and end with a ‘}’ on a trailing line. So we track whether we’re in curly braces by setting is_squ when we enter a relation, and clearing it when we leave. Please fill in the remainder of the logic here.

includedir

The directory list that krb5.conf includes via includedir directive

Type:list
include

The configuration file list that krb5.conf includes via include directive

Type:list
module

The module list that krb5.conf specifed via module directive

Type:list
getboolean(section, option)[source]

Parse option as bool

Returns None is not a krb5.conf boolean string.

has_option(section, option)[source]

Check for the existence of a given option in a given section. Return True if the given option is present, and False if not present.

has_section(section)[source]

Indicate whether the named section is present in the configuration. Return True if the given section is present, and False if not present.

options(section)[source]

Return a list of option names for the given section name.

parse_content(content)[source]

This method must be implemented by classes based on this class.

sections()[source]

Return a list of section names.