Class: HttpdConfigmapGenerator::ActiveDirectory

Inherits:
Base
  • Object
show all
Defined in:
lib/httpd_configmap_generator/active_directory.rb

Constant Summary collapse

REALM_COMMAND = 
"/usr/sbin/realm".freeze
KERBEROS_KEYTAB_FILE = 
"/etc/krb5.keytab".freeze
AUTH = 
{
  :type    => "active-directory",
  :subtype => "active-directory"
}.freeze

Constants inherited from Base

Base::APACHE_USER, Base::HTTP_KEYTAB, Base::IPA_COMMAND, Base::KERBEROS_CONFIG_FILE, Base::LDAP_ATTRS, Base::PAM_CONFIG, Base::SSSD_CONFIG, Base::TIMESTAMP_FORMAT

Constants included from Base::Network

Base::Network::HOSTNAME_COMMAND

Instance Attribute Summary

Attributes inherited from Base

#opts

Instance Method Summary collapse

Methods inherited from Base

#debug_msg, #err_msg, #info_msg, #initialize, #run_configure, #validate_options

Methods included from Base::Pam

#configure_pam

Methods included from Base::Network

#domain_from_host, #fetch_network_file, #host_reachable?, #update_hostname

Methods included from Base::Kerberos

#enable_kerberos_dns_lookups

Methods included from Base::FileHelper

#cp_template, #create_target_directory, #delete_target_file, #file_binary?, #path_join, #rm_file, #template_directory

Methods included from Base::ConfigHelper

#config_file_backup

Methods included from Base::Command

#command_run, #command_run!, #log_command_error

Constructor Details

This class inherits a constructor from HttpdConfigmapGenerator::Base

Instance Method Details

#configure(opts) ⇒ Object 



44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'lib/httpd_configmap_generator/active_directory.rb', line 44

def configure(opts)
  update_hostname(opts[:host])
  join_ad_realm
  realm_permit_all
  configure_pam
  configure_sssd
  update_kerberos_keytab_permissions
  enable_kerberos_dns_lookups
  config_map = ConfigMap.new(opts)
  config_map.generate(AUTH[:type], realm, persistent_files)
  config_map.save(opts[:output])
rescue => err
  log_command_error(err)
  raise err
end

#configured?Boolean

Returns:

  • (Boolean) 


60
61
62
 
# File 'lib/httpd_configmap_generator/active_directory.rb', line 60

def configured?
  File.exist?(SSSD_CONFIG)
end

#domainObject 



75
76
77
78
79
 
# File 'lib/httpd_configmap_generator/active_directory.rb', line 75

def domain
  @domain ||= opts[:ad_domain] if opts[:ad_domain].present?
  @domain ||= super
  @domain
end

#optional_optionsObject 



20
21
22
23
24
25
 
# File 'lib/httpd_configmap_generator/active_directory.rb', line 20

def optional_options
  super.merge(
    :ad_realm  => { :description => "Active Directory Realm"  },
    :ad_server => { :description => "Active Directory Server" }
  )
end

#persistent_filesObject 



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
# File 'lib/httpd_configmap_generator/active_directory.rb', line 27

def persistent_files
  %w(
    /etc/krb5.keytab
    /etc/krb5.conf
    /etc/nsswitch.conf
    /etc/openldap/ldap.conf
    /etc/pam.d/fingerprint-auth-ac
    /etc/pam.d/httpd-auth
    /etc/pam.d/password-auth-ac
    /etc/pam.d/postlogin-ac
    /etc/pam.d/smartcard-auth-ac
    /etc/pam.d/system-auth-ac
    /etc/sssd/sssd.conf
    /etc/sysconfig/authconfig
  )
end

#realmObject 



68
69
70
71
72
73
 
# File 'lib/httpd_configmap_generator/active_directory.rb', line 68

def realm
  @realm ||= opts[:ad_realm] if opts[:ad_realm].present?
  @realm ||= domain
  @realm ||= super
  @realm = @realm.upcase
end

#required_optionsObject 



10
11
12
13
14
15
16
17
18
 
# File 'lib/httpd_configmap_generator/active_directory.rb', line 10

def required_options
  super.merge(
    :host        => { :description => "Application Domain",
                      :short       => "-h" },
    :ad_domain   => { :description => "Active Directory Domain"   },
    :ad_user     => { :description => "Active Directory User"     },
    :ad_password => { :description => "Active Directory Password" }
  )
end

#unconfigureObject 



64
65
66
 
# File 'lib/httpd_configmap_generator/active_directory.rb', line 64

def unconfigure
  return unless configured?
end