KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache
System : Linux cs317.bluehost.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
User : andertr9 ( 1047)
PHP Version : 8.2.18
Disable Function : NONE
Directory :  /usr/share/authconfig/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //usr/share/authconfig/authinfo.pyc
�
�8�Yc;@sddlZddlZddlZddlZddlZddlZddlZddlZddlZddl	Z	ddl
Z
ddlZddlZddl
Z
ddlZddlZddlZddlTddlZddlZejZyddlaWnek
r danXdZdZdZdZdZdZd	Zd
Z dZ!dZ"d
Z#dZ$de%e&�d�kr�dZ'ndZ'e'dZ(dZ)dZ*dZ+dZ,dZ-dZ.dZ/dZ0dZ1dZ2dZ3e'dZ4e'd Z5ej6j7e5�se'd Z5ne'd!Z8e'd"Z9e'd#Z:e'd$Z;e'd%Z<e'd&Z=e(d'Z>e(d(Z?e(d)Z@e(d*ZAe(d+ZBe(d,ZCe'd-ZDd.ZEd/ZFd0ZGd1ZHd2ZId3ZJed4ZKd5ZLd6ZMd7ZNd8ZOd9ZPd:ZQd;ZRd<ZSd=ZTd>ZUd?ZVd@ZWdAZXdBZYdC�ZZdD�Z[dE�Z\dF�Z]dG�Z^dH�Z_dI�Z`dJ�ZadK�ZbdL�ZcdM�ZddN�ZedO�ZfdP�ZgdQ�ZhdR�ZidS�ZjdTgZkdTdUgZldVgZmdVgZndTdWdXdYgZodZgZpdVgZqdUgZrgZsd[gZtd[d\gZud]gZvdVgZwdVd^gZxdUgZydVgZzdUgZ{dVgZ|d_d`dagZ}dbd`dcgZ~dddcdegZdfdcdegZ�dVgZ�dUgZ�dVgZ�dUgZ�dggZ�dhgZ�dhgZ�dhgZ�didjdcgZ�dkdlgZ�dmdndlgZ�dogZ�dpdqdrdsdtgZ�e�dudv�\Z�Z�Z�Z�dwdxdydzgZ�e�dud{�\Z�Z�Z�Z�Z�e�dud{�\Z�Z�Z�Z�Z�ge�e�e�e�e�fD]Z�g^q�Z�e�e�eLd|gge�e�eLd}e�ge�e�eLd~ddmgge�e�eVd�e�ge�e�eRd�etge�e�eOd�exge�e�eNd�gge�e�eNd�gge�e�eYd�e}ge�e�eYd�gge�e�eNd�ekge�e�eMd�e}ge�e�eNd�e�ge�e�eNd�emge�e�eNd�emge�e�eNd�eqge�e�eNd�ewge�e�eNd�ezge�e�eNd�e|ge�e�eNd�e�ge�e�eLd~d�gge�e�eLd�gge�e�eLd�gge�e�eLd~gge�e�eLd�gge�e�eNd�gge�e�eNd�e~ge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�eLd�gge�e�eMd�eoge�e�eMd�epge�e�eNd�elge�e�eNd�e�ge�e�eNd�enge�e�eNd�enge�e�eNd�erge�e�eNd�eyge�e�eNd�e{ge�e�eNd�e�ge�e�eLd�gge�e�eOd�e�ge�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eVd�ege�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�ggg7e�e�<e�e�eOd�e�ge�e�eOd�e�ge�e�eOd�e�ge�e�eVd�e�ge�e�eXd�e�ge�e�eOd�e�gge�e�<e�e�eLd|gge�e�eLd}e�ge�e�eLd~ddmgge�e�eLd�gge�e�eYd�e}ge�e�eYd�gge�e�eNd�ekge�e�eMd�e}ge�e�eNd�e�ge�e�eNd�emge�e�eNd�emge�e�eNd�eqge�e�eNd�ewge�e�eNd�ezge�e�eNd�e|ge�e�eNd�e�ge�e�eLd�gge�e�eLd�gge�e�eLd~gge�e�eLd�gge�e�eNd�gge�e�eNd�e~ge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�eLd�gge�e�eMd�eoge�e�eMd�epge�e�eNd�elge�e�eNd�e�ge�e�eNd�enge�e�eNd�enge�e�eNd�erge�e�eNd�eyge�e�eNd�e{ge�e�eNd�e�ge�e�eLd~d�gge�e�eLd�gge�e�eOd�e�ge�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eVd�ege�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�ggg3e�e�<e�e�eLd|gge�e�eLd~ddmgge�e�eLd�gge�e�eNd�gge�e�eLd~d�gge�e�eLd�gge�e�eLd�gge�e�eLd~gge�e�eLd�gge�e�eNd�gge�e�eNd�e~ge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�eLd�gge�e�eLd�gge�e�eOd�e�ge�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eVd�ege�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�ggge�e�<e�e�eLd|gge�e�eLd~ddmgge�e�eNd�evge�e�eRd�euge�e�eOd�exge�e�eNd�gge�e�eLd~d�gge�e�eLd�gge�e�eLd�gge�e�eLd~gge�e�eLd�gge�e�eNd�gge�e�eNd�e~ge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�eLd�gge�e�eLd�gge�e�eOd�e�ge�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eVd�ege�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�ggge�e�<d��Z�d�Z�ej�d��Z�ej�d��Z�d�d�d���YZ�d�d�d���YZ�y.d�ej�d��kr�e��Z�n	e��Z�Wne�k
r�e��Z�nXd��Z�d��Z�d��Z�d��Z�d��Z�d��Z�d��Z�d��Z�d�d�d���YZ�d�dd���YZ�d�dd���YZ�d��Z�d��Z�d�e�fd���YZ�e�dud��\Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�d��e�ded�e�e�ded�e�e�d	ed�e�e�ded�e!�e�d
ed�e#�e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�eK�e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��gZ�dddddddd	d
dg
Z�d�dd���YZ�dS(
i����N(t*s/etcssystem-authssystem-auth-act	postloginspostlogin-acs
password-authspassword-auth-acsfingerprint-authsfingerprint-auth-acssmartcard-authssmartcard-auth-actdefaulttlib64tacutils
/usr/lib64s/usr/libs	/securitys/usr/sbin/pwconvs
/sbin/rpcbinds/usr/sbin/nscds/usr/sbin/nslcds/usr/sbin/winbindds/usr/sbin/sssds/usr/sbin/ypbinds/usr/sbin/oddjobds/usr/sbin/setsebools/usr/bin/pkcs11_eventmgrs/usr/bin/pkcs11_setups/libnss_db.so.2s/libnss_ldap.so.2s/libnss_nis.so.2s/libnss_hesiod.so.2s/libnss_odbcbind.so.2s/libnss_winbind.so.2s/libnss_wins.so.2s/libnss_sss.so.2s/pam_krb5.sos/pam_ldap.sos/pam_winbind.sos/pam_pkcs11.sos/pam_fprintd.sos/pam_sss.sos/sssd/modules/libsss_autofs.sos$/var/lib/sss/pubconf/krb5.include.d/s/usr/bin/nets/usr/sbin/ipa-client-installs/etc/openldap/cacertssauthconfig_downloaded.pems/var/lib/authconfigs/sssd/sssd.conftrequiredt	requisitet
sufficienttoptionals,[default=bad success=ok user_unknown=ignore]sJ[default=bad success=ok auth_err=ignore user_unknown=ignore ignore=ignore]s@[success=done authinfo_unavail=ignore ignore=ignore default=die]s([success=done ignore=ignore default=die]s4[success=ok authinfo_unavail=2 ignore=2 default=die]s![success=ok ignore=2 default=die]s[success=1 default=ignore]s[success=3 default=ignore]s[default=1]s$[default=1 ignore=ignore success=ok]cCs|jdd�dj�S(Ns
ii(tsplittrstrip(ts((s!/usr/share/authconfig/authinfo.pyt
snipString�scCs;|s
|S|jdd�}djtd|jd���S(Ns	t t,(treplacetjointfiltertNoneR	(tlstR((s!/usr/share/authconfig/authinfo.pyt	cleanList�scCs+|j|�r#|t|�j�StSdS(N(t
startswithtlentlstriptFalse(tlinetkey((s!/usr/share/authconfig/authinfo.pytmatchKey�scCs5|j|�r-|t|�jtjd�StSdS(Nt=(RRRtstringt
whitespaceR(RR((s!/usr/share/authconfig/authinfo.pytmatchKeyEquals�scCs
|j|�S(N(R(RR((s!/usr/share/authconfig/authinfo.pyt	matchLine�scCs|j�j|j��S(N(tlowerR(RR((s!/usr/share/authconfig/authinfo.pyt
matchLineI�scCs|r|d|S|SdS(NR((Rtvalue((s!/usr/share/authconfig/authinfo.pytcommaAppend�scCsN|r|rtS|s |r$tS|r4||kS|j�|j�kSdS(N(RtTrueR!(tatbtcase_sensitive((s!/usr/share/authconfig/authinfo.pyt
stringsDiffer�s
cCsF|j�jdd�}t|�dkr.tSd|dkrBtStS(NRiiR
i(RR	RRR%(R#R((s!/usr/share/authconfig/authinfo.pytcheckDN�scCs't||�}|rt|�StSdS(N(RR*R(RRR#((s!/usr/share/authconfig/authinfo.pyt
matchBaseLine�s
cCs�|jdd�}t|�dkr1|d}nd}t|�}x�tr�|j||�}|dkrndS|dkr�||dj�r�||7}qFn||t|�kr�|||j�r�||7}qFn|SWdS(Nt:ii(R	RR%tfindRtisalnum(t
configurationt	candidateRtstarttclen((s!/usr/share/authconfig/authinfo.pytcheckNSS�s"
	 
*
cCs�d}yQtj|||�}|tjkrCtj|tj�ntj|tj�Wn\tk
r�\}}|dkr�ytj	|�Wq�tk
r�q�Xnt
||��nX|S(N(RtostopentO_RDONLYtfcntltlockftLOCK_SHtLOCK_EXtOSErrortclosetIOError(tfilenametmodetpermstfdterrnotstrerr((s!/usr/share/authconfig/authinfo.pytopenfdLocked�s
cCs&tjt|tjtjB|�d�S(Nsr+(R4tfdopenRDtO_RDWRtO_CREAT(R>R@((s!/usr/share/authconfig/authinfo.pyt
openLocked�scCsEd}|jd�}x)|D]!}|r|d|d7}qqW|S(NtRs  kdc = s
(R	(tkdclisttoutputtkdc((s!/usr/share/authconfig/authinfo.pytkrbKdc�s
cCsKd}|jd�}x/|D]'}|r|d7}||d7}qqW|S(NRIRs  admin_server = s
(R	(tadminserversRKtadminserver((s!/usr/share/authconfig/authinfo.pytkrbAdminServer�s

cCsOd}|rK|d|d7}|t|�7}|t|�7}|d7}n|S(NRIR
s = {
s }

(RMRP(trealmRJRNRK((s!/usr/share/authconfig/authinfo.pytkrbRealms
cCs�|jdd�}t|�dkr-d}n
|d}|dj�jd�}|j�jd�}||kr�|jtjd�StS(NRiiRIi(R	RR!RRRRR(RRtlinelsttparamtkeylst((s!/usr/share/authconfig/authinfo.pytmatchLineSMBs	
ttry_first_passtuse_authtoktuse_first_passtlocal_users_onlysretry=3s
authtok_type=s
enforce=userstnodebugt
wait_for_cardtallow_missing_nametno_subsequent_promptsuid >=t500t
quiet_successsuid <tquietsservice in crondtuse_uidsKservice notin login:gdm:xdm:kdm:xscreensaver:gnome-screensaver:kscreensavertrevoketunwrapsservice !~ gdm*sservice !~ su*tnowtmpt
showfailedtsilenttnoupdates
delay=2000000tdescrypttbigcrypttmd5tsha256tsha512iitauthtaccounttsessiontpassworditenvt	faildelaytfaillocktpreautht
succeed_iftpkcs11tkrb5tpermittfprintdt	localusertunixtssstafssafs.krbteps_authtldaptotptwinbindtauthfailtdenytaccesst	pwqualitytpasswdqct
eps_passwdtkeyinittlimitstsystemdt	mkhomedirtecryptfstlastlogcCs/d}|jd�}||jdd�7}|S(NsDC=t.s,DC=(R
R(tdomainRK((s!/usr/share/authconfig/authinfo.pyt	domain2dnCsis7^[ \t]*([^ \t]+)[ \t][ \t"]*(([^"]*)".*|([^"]*\S)?\s*)$s&^.*[ \t]*uid[ \t]+(<|>=)[ \t]+([0-9]+)tSysVInitServicecBs>eZd�Zd�Zd�Zd�Zd�Zd�ZRS(cCstjd|d�dS(Ns/sbin/service s start(R4tsystem(tselftservice((s!/usr/share/authconfig/authinfo.pyR1WscCstjd|d�dS(Ns/sbin/service s stop >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pytstopZscCs*tjd|�tjd|d�dS(Ns/sbin/chkconfig --add s/sbin/chkconfig --level 345 s on(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pytenable]scCstjd|d�dS(Ns/sbin/chkconfig --level 345 s off(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pytdisableascCs9tjd|d�}tj|�o8tj|�dkS(Ns/sbin/chkconfig s >/dev/null 2>&1i(R4R�t	WIFEXITEDtWEXITSTATUS(R�R�trv((s!/usr/share/authconfig/authinfo.pyt	isEnableddscCstjd|d�dS(Ns/sbin/service s condrestart >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyt
tryRestarths(t__name__t
__module__R1R�R�R�R�R�(((s!/usr/share/authconfig/authinfo.pyR�Vs					tSystemdServicecBs>eZd�Zd�Zd�Zd�Zd�Zd�ZRS(cCstjd|d�dS(Ns/bin/systemctl start s.service(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyR1lscCstjd|d�dS(Ns/bin/systemctl stop s.service >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyR�oscCstjd|d�dS(Ns/bin/systemctl enable s.service >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyR�rscCstjd|d�dS(Ns/bin/systemctl disable s.service >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyR�uscCs9tjd|d�}tj|�o8tj|�dkS(Ns/bin/systemctl is-enabled s.service >/dev/null 2>&1i(R4R�R�R�(R�R�R�((s!/usr/share/authconfig/authinfo.pyR�xscCstjd|d�dS(Ns/bin/systemctl try-restart s.service >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyR�|s(R�R�R1R�R�R�R�R�(((s!/usr/share/authconfig/authinfo.pyR�ks					s
/sbin/initcCs�|r^yAtj|�tj|�|sFtj|�tj|�nWq�tk
rZq�Xn`yLtj|�|s�ytj|�Wq�tk
r�q�Xntj|�Wntk
r�nXtS(N(	R4tstattServiceR�R�R1R;R�R%(R�tpathtnametnostart((s!/usr/share/authconfig/authinfo.pyttoggleSplatbindService�s(






cCs|r
dSdSdS(Ntenabledtdisabled((tval((s!/usr/share/authconfig/authinfo.pyt
formatBool�scCs�ytj�\}}Wntk
r*dSX|s�|rOt|gdt�}n5t|gdtdt�}|jd|p|dd�|j�|j}tj	|�nd\}}	y7t
j
|t
j�}
t
j
|t
j|
tj
@�Wntk
r�nXt}xk|sqy7g}g}
tj|gg|gd�\}}}
Wn4tjk
rz\}}tjjd|d�nX|r�|
r�tj|�t}qnd}ytj|d	�}Wn�tk
rM\}}|tjksG|tjkr�q|tjkrtj|�t}qtjjd
|d�tj|�t}qnX|r[y�||7}|	|7}	|r�tjj|�n|r||kr|	jd�}tj||p�d�tj|d�|dkr�d|	| }	nd}	d}|rtjjd
�qnWqntk
rW\}}tjjd|d�tj|�t}qnXqtj|�t}qWytj|tj�Wntk
r�nXd}ytj|d�\}}Wn1tk
r�\}}tjjd|d�nX||	fS(Ni�tshelltstdintinputRIs
i<sselect: isread: s
i����s<...>
swrite: is	waitpid: (RIRI( R4tforkptyR;tPopenR%tPIPEtcommunicatetwaitt
returncodet_exitR7tF_GETFLtF_SETFLt
O_NONBLOCKR=RtselectterrortsyststderrtwriteR<treadRBtEINTRtEAGAINtEIOtrfindtkilltsignaltSIGTERMtwaitpid(tcommandtechotquerytresponsetpidtmastertchildtstatusRKR�titeoftifdstefdstofdsterrttexttctindex((s!/usr/share/authconfig/authinfo.pytfeedFork�s�

	"
	+

	







cCs�ytj|�}Wntk
r'tSXxS|D]K}y1tj|d|�}tj|j�retSWq/tk
ryq/Xq/WtS(Nt/(R4tlistdirR;R%R�tS_ISREGtst_modeR(R�RR>tst((s!/usr/share/authconfig/authinfo.pyt
isEmptyDir�s


cCs|ycttg|dt�}|j�djd�}|jdkrHdS|ddkrb|d3nWntk
rwdSX|S(Ntstdoutis
i����RI(R�tPATH_SCSETUPR�R�R	R�RR;(toptionsR�R((s!/usr/share/authconfig/authinfo.pytcallPKCS11Setups
cCs#tdg�}|dkrgS|S(Ntlist_modules(R�R(tmods((s!/usr/share/authconfig/authinfo.pytgetSmartcardModulesscCstd�td�gS(NtLocktIgnore(t_(((s!/usr/share/authconfig/authinfo.pytgetSmartcardActions scCst|�}|j�|S(N(tAuthInfoR�(tmsgcbtinfo((s!/usr/share/authconfig/authinfo.pyR�#s
t	SaveGroupcBseZd�Zd�ZRS(cCs||_||_||_dS(N(tsaveFunctionttoggleFunctiontattrlist(R�tsavefunct
togglefuncR�((s!/usr/share/authconfig/authinfo.pyt__init__)s		cCs�x�|jD]�\}}||jkr)tS|dkrZt||�t||�kr�tSq
|dkr�tt||�t||�t�r�tSq
|dkr
tt||�t||�t�r�tSq
q
WtS(NR'R�R�(R�tinconsistentAttrsR%tgetattrR)R(R�R&R'tanametatype((s!/usr/share/authconfig/authinfo.pytattrsDiffer.s$$(R�R�R�R�(((s!/usr/share/authconfig/authinfo.pyR�(s	tSafeFilecBs5eZd�Zd�Zd�Zd�Zd�ZRS(cCs�tjj|�\}}t|_tjd|d|dt�|_t	dd||jj
gdtjdtj��dkr�t|_tj
|jj�|�n||_dS(	Ntdirtprefixtdeletes/bin/cps-afR�s	/dev/nulli(R4R�R	RtmissingttempfiletNamedTemporaryFileR%tfiletcallR�R5tO_WRONLYtfchmodtfilenoR>(R�R>tdefault_modetbaseR�((s!/usr/share/authconfig/authinfo.pyR�>s	!	cCst|jj�tj|jj��tj|jj|j�|jrpt	d|jgdtj
dtj��ndS(Ns/usr/sbin/restoreconR�s	/dev/null(R�tflushR4tfsyncRtrenameR�R>R�RR5R(R�((s!/usr/share/authconfig/authinfo.pytsaveJs
	cCs)y|jj�Wntk
r$nXdS(N(R�R<R;(R�((s!/usr/share/authconfig/authinfo.pyR<Rs
cCs|jj|�S(N(R�R�(R�R((s!/usr/share/authconfig/authinfo.pyR�YscCs$|jjd�|jjd�dS(Ni(R�tseekttruncate(R�((s!/usr/share/authconfig/authinfo.pytrewind\s(R�R�R�R	R<R�R(((s!/usr/share/authconfig/authinfo.pyR�=s
				t
FileBackupcBs,eZd�Zd�Zd�Zd�ZRS(cCs||_||_dS(N(t
backupNametorigPath(R�t
backupnametorigpath((s!/usr/share/authconfig/authinfo.pyR�as	cCs�t}d}d}yt|tjd�}Wntk
r?tSXytjtj|�j	�}Wn%tt
fk
r�tj|�tSXyt||�}|j
�Wntk
r�t}nXyLxE|rtj|d�}|s�t}Pntj|jj�|�q�WWntt
fk
r)t}nXy|rCtj|�nWntt
fk
r]nXy'|r�|r�|j�|j�nWntt
fk
r�t}nX|S(Nii(R%RRDR4R6R=R�tS_IMODEtfstatR�R;R<R�RRR�R�R�RR	(R�tsrctdestR�tsrcfdtdestfileR?R'((s!/usr/share/authconfig/authinfo.pytsafeCopyesL



	!


cCst}y&tjj|�s+tj|�nWnttfk
rKt}nX|d|j}|r{|j	|j
|�}n|S(NR�(R%R4R�tisdirtmkdirR;R=RRRR(R�tdestdirR�t
backuppath((s!/usr/share/authconfig/authinfo.pytbackup�s
cCs�t}ytjj|�stSWnttfk
r?t}nX|d|j}|r�tjj|�r�|j	||j
�}ny5|r�td|j
gdtjdtj
��nWnttfk
r�nX|S(NR�s/usr/sbin/restoreconR�s	/dev/null(R%R4R�RRR=R;RtisfileRRRR5R(R�t	backupdirR�R((s!/usr/share/authconfig/authinfo.pytrestore�s 
(R�R�R�RRR (((s!/usr/share/authconfig/authinfo.pyR
`s		*	cCs
tjd�S(Ntnscd(R�R�(((s!/usr/share/authconfig/authinfo.pyt	readCache�scCsL|rtjd�n2ytjt�tjd�Wntk
rGnXtS(NR!(R�R�R4R�t	PATH_NSCDR�R;R%(R�((s!/usr/share/authconfig/authinfo.pyt
writeCache�s

tCacheBackupcBseZd�Zd�ZRS(cCst}y&tjj|�s+tj|�nWnttfk
rKt}nX|d|j}|r�d}y5t
�}t|d�}|jt
t|���Wntk
r�t}nX|r�|j�q�n|s�ytj|�Wq�tk
r�q�Xn|S(NR�tw(R%R4R�RRR;R=RRRR"R5R�tstrtintR<tunlink(R�RR�RRR�((s!/usr/share/authconfig/authinfo.pyR�s.
	


cCs�t}ytjj|�stSWnttfk
r?t}nX|d|j}|r�tjj|�r�d}y/t
|d�}t|j��}t
|�Wn tttfk
r�t}nX|r�|j�q�n|S(NR�tr(R%R4R�RRR=R;RRRR5R(R�R$t
ValueErrorR<(R�RR�RRR�((s!/usr/share/authconfig/authinfo.pyR �s$

(R�R�RR (((s!/usr/share/authconfig/authinfo.pyR%�s	ishesiod.confs/hesiod.confsyp.confs/yp.confs	ldap.confs
/ldap.confs
nss_ldap.confs/nss_ldap.confs
pam_ldap.confs/pam_ldap.confs
nslcd.confs/nslcd.confs
openldap.confs/openldap/ldap.confs	krb5.confs
/krb5.confskrb.confs	/krb.confspam_pkcs11.confs/pam_pkcs11/pam_pkcs11.confssmb.confs/samba/smb.confs
nsswitch.confs/nsswitch.confscacheenabled.confRIs/pam.d/t
authconfigs/sysconfig/authconfigtnetworks/sysconfig/networkslibuser.confs
/libuser.confspwquality.confs/security/pwquality.confs
login.defss/login.defss	sssd.conftshadows/shadowtpasswds/passwdtgshadows/gshadowtgroups/groups
10-authconfigs /dconf/db/distro.d/10-authconfigs10-authconfig-lockss,/dconf/db/distro.d/locks/10-authconfig-lockst
ldapServertldap_urit
ldapBaseDNtldap_search_basetenableLDAPStldap_id_use_start_tlst
ldapSchematldap_schemat
ldapCacertDirtldap_tls_cacertdirtkerberosKDCtkrb5_servertkerberosAdminServertkrb5_kpasswdt
kerberosRealmt
krb5_realmtenableCacheCredstcache_credentialstkrb5_store_password_if_offlineR�cBs�eZd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Z	d�Z
d	�Zd
�Zd�Z
d�Zd
�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zed�Zd�Z d�Z!d�Z"d �Z#d!�Z$d"�Z%d#�Z&d$�Z'd%�Z(d&�Z)d'�Z*d(�Z+d)�Z,d*�Z-d+�Z.d,�Z/d-�Z0d.�Z1d/�Z2d0�Z3d1�Z4d2�Z5d3�Z6d4�Z7d5�Z8d6�Z9d7�Z:d8�Z;d9�Z<d:�Z=d;�Z>d<�Z?d=�Z@d>�ZAd?�ZBd@�ZCdA�ZDdB�ZEdC�ZFdD�ZGdE�ZHdF�ZIdG�ZJdH�ZKdI�ZLdJ�ZMdK�ZNdL�ZOdM�ZPdN�ZQdO�ZRdP�ZSRS(Qc8Cs�||_d|_g|_d|_d|_d|_d|_d|_d|_	d|_
d|_d|_d|_
d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_t|_ t|_!d|_"d|_#d|_$d|_%d|_&d|_'d|_(d|_)d|_*d|_+d|_,d|_-d|_.d|_/d|_0d|_1d|_2d|_3d|_4d|_5d|_6d|_7d|_8d|_9d|_:d|_;t<|_=d|_>d|_?d|_@d|_Ad|_Bd|_Cd|_Dd|_Ed|_Fd|_Gd|_Hd|_Id|_Jd|_Kd|_Ld|_Md|_Nd|_Od|_Pd|_Qd|_Rd|_Sd|_Tt|_Ut|_Vd|_Wd|_Xd|_Yd|_Zd|_[d|_\d|_]d|_^d|__d|_`d|_ad|_bd|_cd|_dd|_ed|_fd|_gd|_hd|_id|_jd|_kd|_lt<|_md|_nd|_od|_pt|_qtrr$y trjr�|_n|jnjs�Wq$ttk
r q$Xntu�|_vtw|jx|jydmdng�tw|jzddodpg�tw|j{|j|dqdrdsg�tw|j}ddtdudvdwdxdyg�tw|j~ddzg�tw|jdd{g�tw|j�dd|d}d~dd�d�d�d�g�tw|j�dd�d�d�d�d�d�d�d�g�tw|j�|j�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�g�tw|j�dd�d�g�tw|j�dd�d�d�d�d�g�tw|j�|j�d�d�d�d�d�d�d�d�d�d�d�g�tw|j�dd�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�g�tw|j�dd�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�g'�tw|j�dd�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�dddddddddd	d
g!�tw|j�ddg�tw|j�ddg�twd|j|d
g�twd|j�dg�twd|j�dddddg�twd|j�ddddddg�twd|j�ddg�g|_�dS(NRIt9t1t0sdeny=4 unlock_time=1200s
umask=0077tenableCacheR'timplicitSSSDt	hesiodLHSR�t	hesiodRHSt	nisDomainR�tnisLocalDomaint	nisServerR2R4R6R8R:tpasswordAlgorithmt
passMinLentpassMinClasst
passMaxRepeattpassMaxClassRepeattpassReqLowertpassReqUppertpassReqDigittpassReqOtherR@R<tsmbSecuritytsmbRealmt
smbServersR>tkerberosRealmviaDNStkerberosKDCviaDNSRBtenableSmartcardtforceSSSDUpdatet
enableLDAPtenableKerberostenableLDAPAuthtenableIPAv2tsmartcardActiontsmartcardModulet
enableFprintdtforceSmartcardtsmbWorkgroupt
smbIdmapRangetwinbindSeparatortwinbindTemplateHomedirtwinbindTemplateShelltwinbindUseDefaultDomaintwinbindOfflinetwinbindKrb5tenableDBtenableDirectoriest
enableWinbindtenableOdbcbindt
enableNIS3t	enableNIStenableLDAPbindtenableHesiodbindtenableHesiodt
enableDBIbindtenableDBbindtenableCompatt
enableWINSt
enableMDNStenableMyhostnamet
enableSSSDtpreferDNSinHostst
pwqualityArgstpasswdqcArgstfaillockArgstenableFaillockt
localuserArgst
pamAccessArgstenablePAMAccesst
mkhomedirArgstenableMkHomeDirt
algoRoundstenableShadowtenableNullOktforceBrokenShadowtenableWinbindAutht	enableAFStenableAFSKerberostenablePWQualityt	enableEPStenableEcryptfst	enableOTPtenablePasswdQCtenableLocAuthorizetenableSysNetAuthtenableSSSDAutht	pamLinkedtimplicitSSSDAuthtsystemdArgstuidMintenableForceLegacytipav2Servertipav2Domaint
ipav2RealmtipaDomainJoinedt
ipav2NoNTP(senableCacheR'(simplicitSSSDR'(s	hesiodLHSR�(s	hesiodRHSR�(s	nisDomainR�(snisLocalDomainR�(s	nisServerR�(s
ldapServerR�(s
ldapBaseDNR�(senableLDAPSR'(s
ldapSchemaR�(s
ldapCacertDirR�(spasswordAlgorithmR�(spasswordAlgorithmR�(spasswordAlgorithmR�(s
passMinLenR�(spassMinClassR�(s
passMaxRepeatR�(spassMaxClassRepeatR�(spassReqLowerR'(spassReqUpperR'(spassReqDigitR'(spassReqOtherR'(s
kerberosRealmR�(skerberosKDCR�(ssmbSecurityR�(ssmbRealmR�(s
smbServersR�(skerberosAdminServerR�(skerberosRealmviaDNSR'(skerberosKDCviaDNSR'(s
ldapServerR�(s
ldapBaseDNR�(senableLDAPSR'(s
ldapSchemaR�(s
ldapCacertDirR�(senableCacheCredsR'(senableSmartcardR'(s
kerberosRealmR�(skerberosKDCR�(skerberosAdminServerR�(sforceSSSDUpdateR'(s
enableLDAPR'(senableKerberosR'(senableLDAPAuthR'(senableIPAv2R'(ssmartcardActionR�(ssmartcardModuleR�(ssmartcardActionR�(ssmartcardModuleR�(s
enableFprintdR'(senableSmartcardR'(sforceSmartcardR'(ssmbWorkgroupR�(s
smbServersR�(ssmbRealmR�(ssmbSecurityR�(s
smbIdmapRangeR�(swinbindSeparatorR�(swinbindTemplateHomedirR�(swinbindTemplateShellR�(swinbindUseDefaultDomainR'(swinbindOfflineR'(swinbindKrb5R'(senableDBR'(senableDirectoriesR'(s
enableWinbindR'(senableOdbcbindR'(s
enableNIS3R'(s	enableNISR'(senableLDAPbindR'(s
enableLDAPR'(senableHesiodbindR'(senableHesiodR'(s
enableDBIbindR'(senableDBbindR'(senableCompatR'(s
enableWINSR'(s
enableMDNSR'(senableMyhostnameR'(s
enableNIS3R'(s	enableNISR'(senableIPAv2R'(s
enableSSSDR'(spreferDNSinHostsR'(simplicitSSSDR'(s
pwqualityArgsR�(spasswdqcArgsR�(sfaillockArgsR�(senableFaillockR'(s
localuserArgsR�(s
pamAccessArgsR�(senablePAMAccessR'(s
mkhomedirArgsR�(senableMkHomeDirR'(s
algoRoundsR�(spasswordAlgorithmR�(senableShadowR'(s	enableNISR'(senableNullOkR'(sforceBrokenShadowR'(senableLDAPAuthR'(senableKerberosR'(senableSmartcardR'(sforceSmartcardR'(senableWinbindAuthR'(senableMkHomeDirR'(s	enableAFSR'(senableAFSKerberosR'(senablePWQualityR'(s	enableEPSR'(senableEcryptfsR'(s	enableOTPR'(senablePasswdQCR'(senableLocAuthorizeR'(senableSysNetAuthR'(swinbindOfflineR'(swinbindKrb5R'(senableSSSDAuthR'(s
enableFprintdR'(s	pamLinkedR'(simplicitSSSDAuthR'(ssystemdArgsR�(suidMinR�(senableIPAv2R'(spasswordAlgorithmR�(senableShadowR'(s	enableNISR'(s
enableLDAPR'(senableLDAPAuthR'(senableKerberosR'(senableEcryptfsR'(senableSmartcardR'(sforceSmartcardR'(senableWinbindAuthR'(s
enableWinbindR'(swinbindKrb5R'(senableDBR'(senableHesiodR'(senablePWQualityR'(senablePasswdQCR'(senableFaillockR'(sfaillockArgsR�(senableLocAuthorizeR'(senablePAMAccessR'(senableCacheCredsR'(senableMkHomeDirR'(senableSysNetAuthR'(s
enableFprintdR'(s
enableSSSDR'(senableSSSDAuthR'(senableForceLegacyR'(sipav2ServerR�(sipav2DomainR�(s
ipav2RealmR�(senableIPAv2R'(sipaDomainJoinedR'(s
ipav2NoNTPR'(s	nisDomainR�(senableShadowR'(s	enableNISR'(senableMkHomeDirR'(s
enableLDAPR'(senableLDAPAuthR'(simplicitSSSDR'(simplicitSSSDAuthR'(senableForceLegacyR'(simplicitSSSDR'(simplicitSSSDAuthR'(senableIPAv2R'(s
enableSSSDR'(senableSSSDAuthR'(senableForceLegacyR'(s
enableWinbindR'(senableWinbindAuthR'(�t	messageCBt	backupDirR�RJRKR2R4RR@R[R<R\R>RNRLRMRgRYRZRXRhRiRjRkRlRmRnR�R�R�R�RR�tipaUninstallRdRcRHRzRoRpRwR_R6RtRsRyRxRvRuRrRqR{R|R}RR~RbtenableAltfilesR�R�R%R�R�R�R�R`RaROR�R�R�R�R�R�R�R�R�R�R]R�tbrokenShadowR�RfReR�RIR�RBRPRQRRRSRTRURVRWR�R�tjoinUsertjoinPasswordR�R�R�R�R�R�R:t
ldapCacertURLR8R�t
sssdConfigt
sssdDomainR^tsssdConfigPresentt
SSSDConfigt
new_configR=tsetttoggleFunctionsR�R$ttoggleCachingServicetwriteHesiodtwriteNISttoggleNisServicet	writeLDAPtwriteLibusertwriteLogindefstwritePWQualityt
writeKerberost	writeSSSDttoggleSSSDServicetwriteSmartcardt
writeDConftwriteWinbindttoggleWinbindServicetwriteNSStwritePAMtwriteSysconfigtwriteNetworkttoggleShadowttoggleOddjobServicettoggleLDAPServicetsave_groups(R�R�((s!/usr/share/authconfig/authinfo.pyR�&sr																																																																																																															
																											cCsZt||�}||krVt|||�|t||�krV|jj|�qVndS(N(R�tsetattrR�tappend(R�tattrR#treftoldval((s!/usr/share/authconfig/authinfo.pytsetParam�s
cCs>yt|�}Wntk
r$dSX|j|t|�|�S(N(R(R+R�R'(R�R�R#R�((s!/usr/share/authconfig/authinfo.pytsetIntParams

cCsWyt|�}Wntk
r$dSX|dkrD|j|t|�S|j|t|�S(Ni(R(R+R�R%R(R�R�R#R�((s!/usr/share/authconfig/authinfo.pytsetClassReqParam
s
cCs�|js|jrtSd
}d}d}d}d
}x>|D]6}t|d|�r<||kretS|d7}q<q<W|dkr�tSd
}x>|D]6}t|d|�r�||kr�tS|d7}q�q�W|dkr�tS|jr�|jr�tStS(NtNIStLDAPtWinbindtHesiodtIPAv2tKerberostLDAPAuthtWinbindAutht	SmartcardiR�i(R�R�R�R�R�(R�R�R�R�(R�R�(R�R�RR�R`R[R%(R�tnssalltpamalltidsupportedt
authsupportedtnumtt((s!/usr/share/authconfig/authinfo.pyt
sssdSupporteds2

cCs�ytjttj�}Wntk
r.tSX|jdt|j	d��|�|jdt|j	d��|�|j
�tS(NRJtlhsRKtrhs(tshvfileR�tall_configst
CFG_HESIODRR=RR�RtgetValueR<R%(R�R�tshv((s!/usr/share/authconfig/authinfo.pyt
readHesiod2s
""
cCsJytttjd�}Wntk
r.tSXd}x�|D]�}|j�}t|d�}|r�|jr�t	||�}q<nt|d�}|r<|j
dd�}t|�dkr�q<n|d|jkr�q<nt|�dkr�q<n|d}t|d�}|r%t	||�}q%q<q<W|j
d	||�|j�tS(
NR*RItypserverR�iiitserverRN(R5R�tCFG_YPRR=RtstripRRMR$R	RRR�R<R%(R�R�tft	nisserverRR#((s!/usr/share/authconfig/authinfo.pytreadNISCs6



cCssd|kr|jd�}n|j�}xB|D]:}ytj|�j}Wq1ttjfk
rjtSXq1WtS(s&
		Check whether LDAP URI is valid.
		R(R	turlparsetportR+tsocketR�RR%(R�Rturisturitp((s!/usr/share/authconfig/authinfo.pytvalidateLDAPURIms
	cCs�d|kr|jd�}n|j�}d}xU|D]M}|r7|rV|d7}nd|kro||7}q�|d|d7}q7q7W|r�|j|�r�|jtd��n|S(NRRIs://sldap://R�sInvalid LDAP URI.(R	R�R�R�(R�Rtvalidatetltrettitem((s!/usr/share/authconfig/authinfo.pytldapHostsToURIs|s


cCst|_ytttjd�}Wn�tk
r�ytttjd�}Wq�tk
r�ytttjd�}Wq�tk
r�yttt	jd�}Wq�tk
r�t
SXq�Xq�XnXx|D]
}|j�}t|d�}|rt
|�r|jd||�q�nt|d�}|rC|jd||�q�nt|d�}|rq|jd||�q�nt|d�}|r�|jdt|d	�|�q�nt|d
�}|r�|jd||�q�q�q�W|jt|j�t
�|_|j�tS(NR*RR4thostR2R�tsslR6t	start_tlst
nss_schemaR8(tPATH_LDAP_CACERTSR:R5R�tCFG_NSSLDAPRR=t	CFG_NSLCDtCFG_PAMLDAPtCFG_LDAPRR�RR*R�R R�RR2R<R%(R�R�R�RR#((s!/usr/share/authconfig/authinfo.pytreadLDAP�sN	






cCs(y|j|SWntk
r#dSXdS(NRI(tallKerberosKDCstKeyError(R�RQ((s!/usr/share/authconfig/authinfo.pytgetKerberosKDC�s
cCs(y|j|SWntk
r#dSXdS(NRI(tallKerberosAdminServersR(R�RQ((s!/usr/share/authconfig/authinfo.pytgetKerberosAdminServer�s
cCs�d}i|_i|_t}ytttjd�}Wntk
rLtSXx
|D]}|jd�d}|j	�}|dd!dkr�|dd!}d}qTn|dkrbt
|d	�}|r�|jd
||�t}qTnt
|d�}|r"|jdt
|d
�dk|�qTnt
|d�}|rY|jdt
|d
�dk|�qTqYqT|dkrT|s�|jdd�}t|�dkr�qTn|d}qY|dd!dkr�d}qTn|js�||_t}nt
|d�}|rt|j|�|�|j|<qTnt
|d�}|rYt|j|�|�|j|<qYqTqTW|j�|r�|jr�|jd|j|j�|�|jd|j|j�|�q�n/|jr�|jjd
�n|jd
d|�tS(NRIR*t#iit[i����tlibdefaultst
default_realmR@tdns_lookup_kdcR\ttruetdns_lookup_realmR[trealmst}RLtadmin_serverR<R>(RRRR5R�tCFG_KRB5RR=R	R�RR�R%RRRR@R$RR	R<R�R�(R�R�tsectiontrealm_foundR�Rt
subsectionR#((s!/usr/share/authconfig/authinfo.pytreadKerberos�sr		


""	
			)
	%	cCs�d}ytttjd�}Wntk
r4tSXx�|D]�}|j�}|dd!dkrz|dd!}d}q<n|dkr<t|d�}|r�|jd	|j	�|�q<q�q<q<W|j
�tS(
NRIR*iiRi����tdefaultstcrypt_styleRO(R5R�tCFG_LIBUSERRR=RR�RR�R!R<R%(R�R�RR�RRR#((s!/usr/share/authconfig/authinfo.pytreadLibusers$




cCshytttjd�}Wntk
r.tSXx(|D] }tj|�}|dk	r6|j	d�}|j
d�r{q6n|j	d�}|dkr�|j	d�}n|dkr�d}q�nq6|dkr�|dkr�|jd	d
|�q6n|dkr4|dkrd
}n|jd	|j�|�q6n|dkr6|jd||�q6q6W|j
�tS(NR*iR
iiRItMD5_CRYPT_ENABtyesRORktENCRYPT_METHODtDESRitUID_MINR�(R5R�tCFG_LOGIN_DEFSRR=Rt
ld_line_retmatchRR1RR�R!R<R%(R�R�R�RR$R�R#((s!/usr/share/authconfig/authinfo.pyt
readLogindefs:s8

	
cCs�d}ytttjd�}Wntk
r4tSXx�|D]�}|jd�d}|j�}t|d�}|r�|j	d||�q<nt|d�}|r�|j	d||�q<nt|d	�}|r�|j	d
||�q<nt|d�}|r|j	d||�q<nt|d
�}|rG|j
d||�q<nt|d�}|ru|j
d||�q<nt|d�}|r�|j
d||�q<nt|d�}|r<|j
d||�q<q<q<W|j�tS(NRIR*R
itminlenRPtminclassRQt	maxrepeatRRtmaxclassrepeatRStlcreditRTtucreditRUtdcreditRVtocreditRW(
R5R�t
CFG_PWQUALITYRR=RR	R�RR�R�R<R%(R�R�RR�RR#((s!/usr/share/authconfig/authinfo.pyt
readPWQuality\sT



c	Cs%|js
tStj�|_y$|jjttj�t|_Wn6ttj	fk
rxtj�|_|jj
�nXy|jjt�}|_
Wn�tjk
ruy|jj�d}Wn=tk
r�y|jj�d}Wqtk
r�tSXnX|jj|�}y|jd�}Wntjk
rAd}nXy|jd�}Wqvtjk
rqd}qvXnXx�tD]�\}}y}|j|�}|dkr�dj|jd��}n0|dkr�|dkr�w}n|d	kr�w}n|j|||�Wq}tjk
rq}Xq}WdS(
Nitid_providert
auth_providerR3R
RR9trfc2307RD(R�R%R�t
import_configR�tCFG_SSSDRR�R=tParsingErrorR�t
get_domaintSSSD_AUTHCONFIG_DOMAINR�t
NoDomainErrortlist_active_domainst
IndexErrortlist_domainst
get_optiont
NoOptionErrorRtsssd_optionsRR	R�(	R�R�R�tdomnametidprovtauthprovR�toptR�((s!/usr/share/authconfig/authinfo.pytreadSSSD�sP	


	
cCs�t}tdg�}|dkr.d|_tS|jd|d|�tdg�}|dkrdtSx#|D]}d|krkt}qkqkW|r�|jdtd�|�n|jdtd	�|�tS(
Nt
use_moduleRIRdit	rm_actions
lockhelper.shRcR�R�(RR�RRdR�R%R�(R�R�tlocktsmartcardmodulet	rmactionstaction((s!/usr/share/authconfig/authinfo.pyt
readSmartcard�s 	

cCs�d}d}ytttjd�}Wntk
r:|SXx�|D]�}|j�}t|d�riqBnt|d�r~qBnt|d�}|r�|jd�dj	�}qBn|sB|dkr�qBnt
||�}|rB|}qBqBW|j�|S(	NRIR*R
t;Rt]itglobal(R5R�tCFG_SMBRR=R�R RR	R!RVR<(R�RtresultRR�RR#tres((s!/usr/share/authconfig/authinfo.pytreadWinbindGlobal�s.



cCsT|j|�}|rP|j�dksE|j�dksE|dkrItStSndS(NRRRF(RQR!R%RR(R�Rttmp((s!/usr/share/authconfig/authinfo.pytreadWinbindGlobalBool�s0cCs�|jd�}|r+|jd||�n|jd�}|rV|jd||�n|jd�}|r�|jd||�n|jd�}|r�|jd||�n|js�d	|_n|jd
�}|r�|jd||�n|jsd|_n|jd
�}|r,|jd||�n|jd�}|rW|jd||�n|jd�}|r�|jd||�n|js�d|_n|jd�}|dkr�|jd||�n|jd�}|dkr�|jd||�ntS(Nt	workgroupRgspassword serverRZRQRYtsecurityRXtusersidmap config * : rangeRhs16777216-33554431swinbind separatorRistemplate homedirRjstemplate shellRks
/bin/falseswinbind use default domainRlswinbind offline logonRm(RQR�RXRhRkRSRR%(R�R�RR((s!/usr/share/authconfig/authinfo.pytreadWinbind�sJ			c
Cs]d}d}ytttjd�}Wntk
r:tSXxM|D]E}|j�}t|d�}|rr|}qBt|d�}|rit|d�r�|j	dt
|�nt|d�r�|j	dt
|�nt|d	�r�|j	d
t
|�nt|d�}|dkr#t|d�}nt|d�}|dkr�|dkr�|j	d
||k|�q�qBt|d�}|rB|}qBqBW|rOd#d$d%d&d'd(d)d*d+f	}	x=|	D]5\}
}t||�r�|j	d |
t
|�q�q�W|r*t|d!�r*t|d!�r*|jj
d"�n|j	d"tt|d!��|�n|j�t
S(,NRIR*spasswd:shosts:twinsR{smdns4_minimal [NOTFOUND=return]R|t
myhostnameR}tnistdnsRsinitgroups:tCompattcompattDBtdbtDirectoriestdirectoriesR�thesiodR�R�R�tAltfilestaltfilestNIS3tnisplusR�R�R�R}RI(R\R](R^R_(R`Ra(sHesiodshesiod(sLDAPR�(sNISRZ(RcRd(ReRf(sWinbindR�(R5R�tCFG_NSSWITCHRR=RR�RR3R�R%RR�R�tboolR<(R�R�t	nssconfigt
initgroupsR�RR#tnispostdnspostnssmapR�tnssentry((s!/usr/share/authconfig/authinfo.pytreadNSS sR

	
	%%
cCs|jdt�|�tS(NRH(R�R"R%(R�R�((s!/usr/share/authconfig/authinfo.pyR"WscCs�ytttjd�}WnAtk
r]yttdtd�}Wq^tk
rYtSXnX|j||�|j	�yttt
jd�}WnAtk
r�yttdtd�}Wq�tk
r�tSXnX|j||�|j	�tS(NR*s/pam.d/(
R5R�tCFG_PAMRR=t
SYSCONFDIRtAUTH_PAM_SERVICERtreadPAMFileR<tCFG_POSTLOGIN_PAMtPOSTLOGIN_PAM_SERVICER%(R�R�R�((s!/usr/share/authconfig/authinfo.pytreadPAM\s&

	


	
cCs"d}x||D]t}|jdd�}t|�dkrD|d}n|j�}|ddkrx||d d7}q
n||}d}|j�}d}|jdd�}t|�dkr�q
n|\}}|d	kr|d
kr|dkr|dkrq
n|jd
�r*|jdd�}n|jdd�}t|�dkrTq
n|ddkrjq
n|d}|jd
�r�|d7}n|d}|jdd�}t|�dkr�q
n|djd�d\}	t|�dkr�|d}n|	jd�s|	jd�rP|jdt|�|r
|jd||�q
q
n|	jd�rx|jdt|�q
n|	jd�r�|jdt|�q
n|	jd�r�|jdt|�q
n|	jd�r%|jdt|�d|kr|jdt|�q
|jdt|�q
n|	jd�rM|jd t|�q
n|	jd!�r�|jd"t|�|r
|jd#||�q
q
n|	jd$�r�|jd%t|�|jd&|j	d'�dk|�q
n|	jd(�r|jd)t|�q
n|	jd*�rG|jd+t|�|r
|jd,||�q
q
n|	jd-�se|	jd.�r�|jd/t|�|r
||_
q
q
n|	jd0�r�|jd1t|�|r
|jd2||�q
q
n|	jd3�r|r
|jd4||�q
q
n|dkr|	jd5�rx9tD]1}
|j	|
�dkr'|jd6|
|�q'q'WyP|jd7�}||d8jdd�}|jd9t
t|d��|�Wnttfk
r�nXy$tjd:�|jd;t|�Wqtk
r|jd;t|�qXqn|d	kr�|	jd5�rW|jd<|j	d=�dk|�n|	jd>�r�|jd?t|�|r
d@|kr
|jd@d�j�}|jdA||�q
q
q�n|d
kr|	jd5�r|jdB|j	dC�dk|�qn|d	ks|d
kr
|	jdD�r�tj|�}
|
dkr~|
jd�dkr~|jdE|
jd�|�q~q�q
q
W|jr�|jr�|jd"t|�n|jr�|jr�|jdt|�n|jr|jr|jr|jr|jr|j rt|_!ndS(FNRIR
iii����s\R
iRnRoRqRpRRLtincludeR�tpam_cracklibt
pam_pwqualityR�R�tpam_ecryptfsR�tpam_krb5R`tpam_ldapRat
pam_pkcs11R]tauthinfo_unavailRftpam_fprintdRetpam_passwdqcR�R�tpam_winbindR�Rnt	krb5_authtpam_sssR�t
pam_accessR�R�t
pam_mkhomedirtpam_oddjob_mkhomedirR�t
pam_localuserR�R�tpam_systemdR�tpam_unixROsrounds=iR�s/etc/shadowR�R�tnulloktpam_faillockR�R�R�R�t
broken_shadowtpam_succeed_ifR�("R	RR
RRRR�R%RR-R�tpassword_algorithmsR�R'R(R+R:R4R�R;RR�t
succ_if_reR$R1R�R�R�RaR`R�R�R]R�(R�R�R�tprevlineRRtargststacktcontroltmoduletalgotridxtroundsR$((s!/usr/share/authconfig/authinfo.pyRsws






"
'

%	(!)cCsSy;tjttj�}y|jd�|_Wntk
rBnXy|jd�|_Wntk
rlnXy|jd�|_	Wntk
r�nXy|jd�|_
Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
rnXy|jd�|_
Wntk
r>nXy(|jd�|_|jd	�|_Wntk
rznXy|jd
�|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd
�|_Wntk
r"nXy|jd�|_Wntk
rLnXy|jd�|_Wntk
rvnXy|jd�|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
rnXy|jd�|_Wntk
rHnXy.|jd�}|rmd|_n	d|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
rnXy|jd�|_ Wntk
r2nXy|jd�|_!Wntk
r\nXy|jd�|_"Wntk
r�nXy|jd�|_#Wntk
r�nXy|jd�|_$Wntk
r�nXy|jd �|_%Wntk
rnXy|jd!�|_&Wntk
r.nXy|jd"�|_'Wntk
rXnXy|jd#�|_(Wntk
r�nXy|jd$�|_)Wntk
r�nXy|jd%�|_*Wntk
r�nXy|jd&�|_+Wntk
rnXy|jd'�|_,Wntk
r*nXy|jd(�|_-Wntk
rTnXy|jd)�|_.Wntk
r~nXy|jd*�|_/Wntk
r�nXy|jd+�|_0Wntk
r�nX|jd,�|_1|jd-�|_2|jd.�|_3|jd/�}|t4kr0||_n|j5�Wnt6k
rNnXt7S(0NtUSEAFStUSEAFSKERBEROStUSEDBtUSEPWQUALITYt	USEDBBINDt
USEDBIBINDtUSEDIRECTORIEStUSEFAILLOCKtFAILLOCKARGStUSEECRYPTFStUSEEPSt	USEHESIODt
USEHESIODBINDtUSEKERBEROStUSELDAPtUSELDAPAUTHtUSESMARTCARDt
USEFPRINTDtFORCESMARTCARDtUSELDAPBINDtUSEMD5RkRitUSENISt
USENISPLUStUSEODBCBINDtUSEOTPtUSEPASSWDQCt	USESHADOWt
USEWINBINDtUSEWINBINDAUTHtWINBINDKRB5tUSESSSDtUSESSSDAUTHtUSELOCAUTHORIZEtUSEPAMACCESStUSEMKHOMEDIRt
USESYSNETAUTHtFORCELEGACYtCACHECREDENTIALStUSEIPAV2tIPADOMAINJOINEDt
IPAV2NONTPtIPAV2SERVERtIPAV2DOMAINt
IPAV2REALMtPASSWDALGORITHM(8R�R�R�tCFG_AUTHCONFIGRtgetBoolValueR�R+R�RoR�RyRxRpR�R�R�R�R�RwRvR`R_RaR]ReRfRuRORttenableNISP3RrR�R�R�RqR�RnR~R�R�R�R�R�R�RBRbR�R�R�R�R�R�R<R=R%(R�R�t	enableMD5R�((s!/usr/share/authconfig/authinfo.pyt
readSysconfig	s`









































cCs�ytjttj�}Wntk
r.tSX|jd�}|rP||_n|j	�|jr||j
d|j|�ntS(Nt	NISDOMAINRL(R�R�R�tCFG_NETWORKRR=RR�RMR<R�R%(R�R�R�RR((s!/usr/share/authconfig/authinfo.pytreadNetwork�	s

	cCsh|j�}t|j�|ks6t|j�|kr:tSx'|jD]}|j||�rDtSqDWtS(N(R�RhRIR�R%R�R�R(R�R't
sssdsupportedR1((s!/usr/share/authconfig/authinfo.pytdiffers�	s*cCs�t|j�|_t|j�|_t|j�|_t|j�|_|j|j|�|_|jdkr�|jr�|jj	�|_q�n|j
j�|_
|jdkr�t|_n|jdkr�d|_ndS(NtadsRI(RRZR�R<R>R�R2RXRYtupperROR!RBRR%R@(R�R�((s!/usr/share/authconfig/authinfo.pytupdate�	s	cCs�|j�}|j�|j|�|j|�|j|�|j�}|jr�|r�|jr�|jdt	|�t
|_n|jr�|r�|jr�|jdt	|�t
|_n|j|�|j
|�|j|�|j|�|j|�|j|�|jr-|jr-|j|�n|j|�|j|�|jsY|jri|j|�n|j|�|j|�|j�dS(NR~R�(tcopyR�RoRRvR�RIRbR�R%RR�R%R/R�RWR�R�RCRRRJR"R�(R�R�treallyimplicit((s!/usr/share/authconfig/authinfo.pyR�
s6













cCs%tj|�}d|_d|_|S(NRI(R�R�R�(R�R�((s!/usr/share/authconfig/authinfo.pyR�&
s		cCs/ttj|j�t|jo'|j�tS(N(R�t	CFG_CACHERR�R$RHRIR%(R�((s!/usr/share/authconfig/authinfo.pyR$,
scCs�ttj|j�ytjttj�}Wntk
rBtSX|j	d|j
�|j	d|j�|jd�|j
�tS(NR�R�i�(R�R�RR�R�trcreateRR=RtsetValueRJRKR�R<R%(R�R�((s!/usr/share/authconfig/authinfo.pyR�1
s


c	Cs�t}d}d}ttj|j�z�tttjd�}x�|jD]�}|j	�}t
|d�}|r}|jdd�}t|�dkr�qIn|d|j
kr�|d|jkr�||7}qIn|r�|j
r�|d|j
7}|jjd�}|jr'|d7}||d7}n
|d	7}|d
7}|d}x)|D]!}|rL|d|d
7}qLqLWt}q�qIt|d�r�|r�|j
r�|jr�|jjd�}x)|D]!}|r�|d|d
7}q�q�Wt}q�qI||7}qIW|s�|jjd�}|j
rv|d|j
7}|dr_|d7}||d7}|d}n
|d	7}|d
7}nx,|D]!}|r}|d|d
7}q}q}Wn|j�|j|�|j�Wdy|r�|j�nWntk
r�nXXtS(
NRIi�R�iisdomain Rs server s
 broadcasts
s	ypserver R�(RRR�R�RR�R�RR�R�RR	RRLRMRNR%R RR�R	R<R=(	R�twrittenR�RKRtlsR#tserversR((s!/usr/share/authconfig/authinfo.pyR�@
sv&
	





	








cCs�t}t}	t}
t}t}t}
d}d}|jr`|jdkr`|jdkr`d}nd}z�t|d�}xJ|jD]?}|j�}t||�r�|	r�|jr�||d7}|dj|jj	d��7}|d	7}t
}	q�q�t||�r"|jr�|d
|7}q�q�t||�rr|r�|jr�||d7}||j7}|d	7}t
}q�q�|r�t|d�r�|
s�|d7}|j
r�|d
7}n
|d7}|d	7}t
}
q�q�|rt|d�r|r�|jr�|d7}||j7}|d	7}t
}q�q�t|d�rx|
s�|rG|d7}n
|d7}|d|j7}|d	7}t
}
q�q�|r�t|d�r�|s�|d|7}|d	7}t
}q�q�||7}q�W|	r|jr||d7}|dj|jj	d��7}|d	7}n|rG|jrG||d7}||j7}|d	7}n|r�|
r�|d7}|j
rt|d
7}n
|d7}|d	7}n|r�|r�|jr�|d7}||j7}|d	7}n|
s|r�|d7}n
|d7}|d|j7}|d	7}n|r.|r.|d|7}|d	7}n|j�|j|�|j�Wdy|ri|j�nWntk
r}nXXt
S(NRIRiRjRktcrypti�R
Rs
R
R�sssl R�tnoR�snss_schema t
tls_cacertdirt
TLS_CACERTDIRtpam_passwords
pam_password (RRROR�R�R�R R2RR	R%R+R4R6R8R"R:RR�R	R<R=(R�R>R�R�Rt	writepadltwriteschematwritepamtwrotebasedntwroteservertwrotessltwroteschemat	wrotepasstwrotecacertdirR�RKtpassalgoRR�((s!/usr/share/authconfig/authinfo.pyt
writeLDAP2�
s�	
	


	














	













cCs�tjjttj�rVttj|j�|jttjdddt	t	t	�ntjjtt
j�r�tt
j|j�|jtt
jdddt	t	t�ntjjttj�rttj|j�|jttjdddt	tt	�ntjjtt
j�rXtt
j|j�|jtt
jdddt	tt�nttj|j�|jttjdddttt�}|S(NR�R�RtURItHOSTtBASE(R4R�RR�RRRR�R�R%RRRRtCFG_OPENLDAP(R�R�((s!/usr/share/authconfig/authinfo.pyR�
s(cCsRd}|jdkr|dS|jdks;|jdkrF||jS|dSdS(Nscrypt_style = RkRlRmtdes(RO(R�R�((s!/usr/share/authconfig/authinfo.pyt
cryptStyle scCs�t}t}d}d}d}ttj|j�zDtttjd�}x�|jD]�}|j	�}|dkr�t
|d�r�||j�d7}t}qUnt
|d�r|dkr�|r�||j�d7}t}n|dj
dd�d	}|dkrt}qn||7}qUW|sT|d
7}||j�d7}t}t}n|j�|j|�|j�Wdy|r�|j�nWntk
r�nXXtS(NRIi�RRs
RiRLis[defaults]
(RRR�RRR�R�RR�R�R R�R%R	RR�R	R<R=(R�twrotecryptstylet
wrotedefaultsRR�RKRR�((s!/usr/share/authconfig/authinfo.pyR�*sH	
	


c	Cst}t}d}d}d}ttj|j�|jdkrJd}nd}|jdksn|jdkrwd}nd|jj�d	}z^tttj	d
�}x�|j
D]�}tj|�}	|	dk	rE|	j
d�}
|
jd�r||7}q�n|	j
d
�}|dkr-|	j
d�}n|dkrRd}qRn
||7}q�|
dkrt||7}t}q�n|
dkr�||7}t}q�n||7}q�W|s�||7}n|s�||7}n|j�|j|�|j�Wdy|r|j�nWntk
rnXXtS(NRIRksMD5_CRYPT_ENAB yes
sMD5_CRYPT_ENAB no
RiRjsENCRYPT_METHOD DES
sENCRYPT_METHOD s
i�iR
iiRR(RRR�R"RR�ROR�R�RR�R#R$R1RR%RR�R	R<R=(R�t
wrotemd5crypttwroteencmethodRR�RKtmd5cryptt	encmethodRR$R�R#((s!/usr/share/authconfig/authinfo.pyR�_sd		








cCs�|jd�}t|�dkr3|jd�}nt|�dkr�yat|d�}|dkrh|S|r�|dkr�|ddS|r�|dkr�|ddSWq�tk
r�q�Xn|r�d}nd}|dd	|S(
NRiR
is = -1s = 0s-1RGs = (R	RR(RR+(R�RR#R�R�((s!/usr/share/authconfig/authinfo.pytformatClassReqParam�s$
	c
Cs�t}t}t}t}t}t}t}t}d}	d}
ttj|j�zjtttjd�}	x|	jD]}|j	d�dj
�}t|d�r�|ss|
d|jd7}
t
}qsqsnt|d�r|ss|
d	|jd7}
t
}qsqsnt|d
�r=|ss|
d|jd7}
t
}qsqsnt|d�rv|ss|
d
|jd7}
t
}qsqsnt|d�r�|ss|
|j||j�d7}
t
}qsqsnt|d�r�|ss|
|j||j�d7}
t
}qsqsnt|d�r9|ss|
|j||j�d7}
t
}qsqsnt|d�rz|ss|
|j||j�d7}
t
}qsqsn|
|7}
qsW|s�|
d|jd7}
n|s�|
d	|jd7}
n|s�|
d|jd7}
n|s|
d
|jd7}
n|s&|
|jd|j�d7}
n|sL|
|jd|j�d7}
n|sr|
|jd|j�d7}
n|s�|
|jd|j�d7}
n|	j�|	j|
�|	j�Wdy|	r�|	j�nWntk
r�nXXt
S(NRIi�R
iR&s	minlen = s
R'sminclass = R(smaxrepeat = R)smaxclassrepeat = R*R+R,R-(RRR�R.RR�R�RR�R	R�R RPR%RQRRRSR�RTRURVRWRR�R	R<R=(
R�twroteminlent
wroteminclasstwrotemaxrepeattwrotemaxclassrepeatt
wrotereqlowert
wroterequppert
wrotereqdigitt
wrotereqotherR�RKRR�((s!/usr/share/authconfig/authinfo.pyR��s�								    


c'Cs�
t}t}t}t}t}t}t}t}t}	t}
t}t}t}
t}t}tjttj�}d}d}d}d}ttj|j	�|j
r�|jr�|j}n?|js�|j
r�|jdkr�|jr�|j}n	|j}|j|jkrt}nze	tttjd�}x,|jD]!}|j�}t|dt�rq|s7t}qqq7n|dkr�|r�||jkr�t|d�r�|s7|jr�|t|j�7}nt}q7q7n|dkrH|jdkrH|rH||jkrHt|d�rH|s7|jr9|t|j�7}nt}q7q7n|dkr�|r�||jkr�t|d�r�|s7|jr�|t|j�7}nt}q7q7n|dkrB|rB|jdd�}t|�dkr�||7}q7n|d	}|jr||jkrt}n|jrB||jkrBt}qBn|dkr|rt|d
�r|jr�||jkr�|s�|t|j�7}t}n|s�|t|j�7}t}q�n|jr�||jkr�|s�|t|j�7}t}q�nd}n|dkr]t|d�r]|r7|
r7|d
7}||7}|d7}t}
q7q7n|dkr�t|d�r�|s7|d7}|tt|j��j �7}|d7}t}q7q7n|dkr#t|d�r#|s7|d7}|tt|j!��j �7}|d7}t}q7q7n|dkr�|jr�t||jj ��slt|d|jj ��r�||7}t}
q7nt|d�rN|s�|dtd7}t}n|dkr�|jr�|r�|t"|j|j|j�7}t}n|dkr7|jr7|r7|t"|j|jd�7}t}n|dkr|rw|
rw|d
7}||7}|d7}t}
n|jdkr�|r�|d7}|tt|j��j �7}|d7}t}n|j!dkr|r|d7}|tt|j!��j �7}|d7}t}qn|dkr�|jr�|
r�|d|jj �7}|d|j7}|d7}|d|jj �7}|d|j7}|d7}t}
q�n|r�|dkr�t}q�|dkr�t}	q�|dkr�t}q�n|djdd�d	}|dkr!t}qN|dkr6t}qN|dkrNt}qNn||7}q7W|	s>	|su|d7}n|r�|
r�|d
7}||7}|d7}n|jdkr�|r�|d7}|tt|j��j �7}|d7}n|j!dkr>	|r>	|d7}|tt|j!��j �7}|d7}q>	n|r�	|jsW	|jr�	|sj	|d7}n|s�	|t"|j|j|j�7}n|s�	|t"|j|jd�7}q�	n|rW
|jrW
|s�	|d7}n|jrW
|
rW
|d|jj �7}|d|j7}|d7}|d|jj �7}|d|j7}|d7}qW
n|j#�|j$|�|j%�Wdy|r�
|j&�nWnt'k
r�
nXXtS(NRIR�i�sincludedir RRLRiiRRR
s default_realm = s
Rs dns_lookup_realm = Rs dns_lookup_kdc = tdomain_realmR�RR
s = s .RLs[libdefaults]
s	[realms]
s[domain_realm]
((RR4R�tPATH_KRB5_INCLUDEDIRtR_OKRR�RRR�R`R@RqR�RXRYR%R�RR�R�R R<RMRZR>RPR	RR'RhR[R!R\RRRR�R	R<R=(R�t
wroterealmtwrotekdct
wroteadmint
wrotesmbrealmtwrotesmbkdctwroterealmstwrotelibdefaultstwroterealms2twrotelibdefaults2twrotedefaultrealmt
wrotednsrealmtwrotednskdctwroteourdomrealmt
wrotedomrealmtwrotedomrealm2twroteincdirRRR�RKtdefaultrealmRR�R#((s!/usr/share/authconfig/authinfo.pyR�s�	!			!		!		!		

	!		



	

	

	-
	
		



	

	



				








"




cCssy|j|d�}Wntjk
r3d}nX||kro|dkr\|j|�n|j||�ndS(Nt	_provider(R<R�R=Rtremove_providertadd_provider(R�R�tnewprovidertsubtypetprov((s!/usr/share/authconfig/authinfo.pytchangeProvider
s
cCs|js
tS|jr%|jr%tSy|jjd�}Wn&tjk
rc|jjd�}nX|jr�|j	r�|j
dkr�|jdd�n(y|jd�Wntj
k
r�nX|jj|�|ry|jjttj�Wqtk
rqXntS(Ntpamtsssdt
pam_cert_authR%(R�R%R�RItget_serviceR�tNoServiceErrortnew_serviceR]R�Rdt
set_optiont
remove_optionR=tsave_serviceR�R�R4RR=(R�twrite_configR((s!/usr/share/authconfig/authinfo.pytwriteSSSDPAM
s*	!
cCs�|js
tSttj|j�|jt�|jr;tS|j	s�|j
sQtSy|jjt�|_	Wq�t
jk
r�|jjt�|_	q�Xn|j	}y|jjd�Wn$t
jk
r�|jjd�nX|jjd�t}|jr+t}|j|dd�|j|dd�n|jr]|j|dd�|j|dd�n2|jr�|j|dd�|j|dd�nx�tD]�\}}y�t||�}|dkr�t|�}nt|�tkr�|j||�nHt|�tkr/|r|j||�q<|j|�n
|j|�Wq�t
j k
rSq�Xq�W|jj!|�|r�|jj"|j#��n|jj$|j#��y|jj%ttj&�Wnt'k
r�nXtS(NtautofsR�tidRxRntchpassR3((R�R%R�R4RR�R$RRbR�RIt
new_domainR7R�tDomainAlreadyExistsErrorR6RRRtactivate_serviceR_RR`RaR>R�RttypeRhR R'R!R=tsave_domaintactivate_domaintget_nametdeactivate_domainR�RR=(R�R�tactivateR�toptionR�((s!/usr/share/authconfig/authinfo.pyR�1
sj	
							
cCs�|jdkrtSttj|j�d}d}d}|jtd�krk|d7}|d7}d}nt	d|jd|d	|g�tS(
Ns/usr/sbin/gdm-safe-restarttnoneR�s ,/etc/pkcs11/lockhelper.sh -locks&,/etc/pkcs11/lockhelper.sh -deactivatetlock_screensuse_module=sins_action=s
rm_action=(
RdRR%R�tCFG_PAM_PKCS11RR�RcR�R�(R�tinsacttrmactRF((s!/usr/share/authconfig/authinfo.pyR�w
s

	
c
Cs0d}d}d}ttj|j�ttj|j�tjjttj	�}tjj
|�s�|jr~tj|�q�t
Sndtjd�d}d}|js�|jr�||7}d}||7}d}|d7}|d7}n|jr6|jr6||7}d}||7}d}|d7}|d	7}n|js[|jr�|jr�|jr�||7}d}||7}d}|d
7}|d7}nd}|jtd
�kr�||7}d}||7}d}|d7}|d7}nytjttj	�Wntk
rnXytjttj	�Wntk
r;nX|dkrz;tttj	d�}|j�|j|�|j�Wdy|r�|j�nWntk
r�nXXz;tttj	d�}|j�|j|�|j�Wdy|r|j�nWntk
rnXXntjd�t
S(NRIs# Generated by authconfig on s%Y/%m/%d %H:%M:%Ss
s
[org/gnome/login-screen]
s&enable-smartcard-authentication=false
s7/org/gnome/login-screen/enable-smartcard-authentications%enable-password-authentication=false
s7/org/gnome/login-screen/enable-password-authentication
s(enable-fingerprint-authentication=false
s:/org/gnome/login-screen/enable-fingerprint-authentication
s3
[org/gnome/settings-daemon/peripherals/smartcard]
R�sremoval-action='lock-screen'
s1/org/gnome/settings-daemon/peripherals/smartcard
i�sdconf update(RR�t	CFG_DCONFRR�tCFG_DCONF_LOCKSR4R�tdirnameRRR]tmakedirsR%ttimetstrftimeRdRfReRcR�R)R;R�RR�R	R<R=R�(R�R�RKtlockstlocksdirtheadertgroupHeader((s!/usr/share/authconfig/authinfo.pyR��
s�	







%
















cCsod}|d7}|dtjd�d7}|d7}|d7}|d7}|jrv|d7}||j7}|d7}n|jr�|d7}||jjd	d
�7}|d7}n|jr�|d7}||j7}|d7}n|jr	|d7}||j7}|d7}n|jr6|d
7}||j7}|d7}n|jrc|d7}||j7}|d7}n|j	r�|d7}||j	7}|d7}n|j
r�|d7}||j
7}|d7}n|jr�|d7}|d7}n|d7}|d7}|d7}|tt
|j��j�7}|d7}|d7}|tt
|j��j�7}|d7}|d7}|d7}|S(Ns#--authconfig--start-line--
s
s# Generated by authconfig on s%Y/%m/%d %H:%M:%SsF# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
sE# Any modification may be deleted or altered by authconfig in future
s   workgroup = s   password server = RR
s   realm = s   security = s   idmap config * : range = s   winbind separator = s   template homedir = s   template shell = s'   kerberos method = secrets and keytabs!   kerberos method = secrets onlys    winbind use default domain = s   winbind offline logon = s#--authconfig--end-line--
(R;R<RgRZRRYRXRhRiRjRkRnR'RhRlR!Rm(R�RK((s!/usr/share/authconfig/authinfo.pyt
paramsWinbind�
sh



	


	

	


	


	


	


	


	


	









cCs>d}x'|D]}t||�r
d}Pq
q
W||7}|S(NRIRK(RV(R�RR�R�RKRB((s!/usr/share/authconfig/authinfo.pytcheckLineWinbinds

c
Cs$t}t}d}ttj|j�dddddddd	d
ddd
ddg}d}d}z�tttjd�}x.|jD]#}|j	�}|r�t
|d�r�t}q�q�nt
|d�r�t}q�nt
|d�s�t
|d�r||7}q�nt|d�}	|	rsd|	krs|	j
d�dj�}||7}|dkr�||j�7}t}q�q�n|dkr�||j|||�7}q�n||7}q�W|s�|d7}||j�7}n|j�|j|�|j�Wdy|r
|j�nWntk
rnXXtS(NRIRTspassword serverRQRUs
domain logonss
domain masters	idmap uids	idmap gidswinbind separatorstemplate homedirstemplate shellswinbind use default domainswinbind offline logonskerberos methodi�s#--authconfig--end-line--s#--authconfig--start-line--RKR
RRLiRMs	[global]
(RR�RNRR�RR�RR�R�R R%RR	R!RARBRR�R	R<R=(
R�tauthsectiontwroteauthsectionRR�R�RKRR�R#((s!/usr/share/authconfig/authinfo.pyR�(sb	

	



c
Cs�d}d}d}t}t}t}t}t}t}	t}
t}d}d}
ttj|j�z�tttjd�}|jr�|d7}n|d7}|j	r�|d7}n|}|j
r�|d7}n|jr�|d7}n|jr�|d7}n|j
r|d	7}n|js*|js*|jrA|d
7}|d
7}n|jrW|d7}n|jrw|jrw|d7}n|jr�|d
7}n|jr�|d7}n|jr�|d7}n|jr�|d7}n|}|jr�|jdd�}n|}|jr|d7}ntjttj�s`|jrK|jrK|jdd�}q`|jd
d�}n|d7}|jr�|d7}n|jr�|d7}n|j r�|d7}n|jr�|d7}n|j
r�|d	7}n|js�|d7}n|j!r|d7}nx|j"D]
}|j#�}t$|d�r_|s|
d7}
|
|7}
|
d7}
t%}qqt$|d�r�|s|
d7}
|
|7}
|
d7}
t%}qqt$|d�r�|s|
d 7}
|
|7}
|
d7}
t%}qqt$|d!�r|
s|
d"7}
|
|7}
t%}
qqt$|d#�rQ|s|
d$7}
|
|7}
|
d7}
t%}qqt$|d%�r�|s|
d&7}
|
|7}
|
d7}
t%}qqt$|d'�r�|	s|
d(7}
|
|7}
|
d7}
t%}	qqt$|d)�r|s|
d*7}
|
|7}
|
d7}
t%}qq|
|7}
qW|sC|
d7}
|
|7}
|
d7}
n|sj|
d7}
|
|7}
|
d7}
n|s�|
d 7}
|
|7}
|
d7}
n|s�|
d$7}
|
|7}
|
d7}
n|s�|
d&7}
|
|7}
|
d7}
n|	s|
d(7}
|
|7}
|
d7}
n|s-|
d*7}
|
|7}
|
d7}
n|j&�|j'|
�|j(�Wdy|rh|j)�nWnt*k
r|nXXt%S(+NRIi�s dbs filess	 altfiless directoriess	 odbcbinds nispluss niss ssss	 ldapbinds ldaps hesiodbinds hesiods dbibinds dbbindtfilesR]s winbindR}R�s  mdns4_minimal [NOTFOUND=return]s dnss winss myhostnamespasswd:spasswd:    s
sshadow:sshadow:    sgroup:sgroup:     sinitgroups:R
s	netgroup:snetgroup:  s
automount:sautomount: shosts:shosts:     s	services:sservices:  (+RRR�RgRR�R�RRoR�RpRrRsRtR~RIRbRuR_RvRwRxRyRzRRqR4R�tPATH_LIBSSS_AUTOFSRR|RR{R}R�R�R R%RR�R	R<R=(R�tuserstnormalthoststwrotepasswdt
wrotegrouptwroteshadowt
wrotenetgrouptwroteautomountt
wrotehoststwroteinitgroupst
wroteservicesR�RKtservicestnetgroupRR�((s!/usr/share/authconfig/authinfo.pyR�ps:	

	
	
	
	
	


	

	
	
	
	
		

	
	
	
	
	
	
	















































c
Csft|t}|t}|t}d}|rX|rXd}|dkr�|dkr�|r�|jrjt}nt}djt�}q�|jr�t	}q�n|dkr�|dkr�|j
r�t}q�t}n|dkr]|dkr|t
kr|jrZt}qZq]|dks|dkr]|jdkrZ|td}	|j|	d	<dj|	�}qZq]n|d
kr�|dkr�|js�|js�|jr�|jr�t}n|dkr�tjdtd
ftj�r�d
}n|dkr�|d7}t}n|d|||f7}|ro||jkrotjdt|ftj�ro|jtdt|f��t|j|<n|dkr�|j }n|dkr�|j!}n|dkr�|j"}n|dkr�|j#}n|dks�|d
kr�|j$}n|dkr|j%}n|dkrG|dkrG|jrG|tt&krGd}n|rn|trndj|t�}n|dkr�|j'r�|dkr�|d7}n|dkr�|j(r�|d7}n|d
kr�|dkrd|j)r|j)dkr|d|j)7}n|j*r|d|j*7}n|j+r5|d7}n|jrK|d7}n|j,rd|d 7}qdn|dkr�|j,r�|d 7}q�n|dkr�|j-s�|j.s�|js�|j/r�|d!7}q�q�n|d"kr|dkrdj|t�d|j0}n|dkr>|dkr>|t1kr>|j2d#d$�}n|rX|d|7}qXn|d%7}|S(&NRIRwRnR
RxRoRviiR|R�s%s/pam_%s.sotoddjob_mkhomedirR�t-s%-12s%-13s pam_%s.sos_Authentication module %s/pam_%s.so is missing. Authentication process might not work correctly.R�R�R{R�R}tforward_passR�Rqs
 cached_logins# krb5_auth krb5_ccache_type=KEYRINGRis rounds=s shadows niss nulloks broken_shadowRtR`Ras
(3t
pam_stackstSTACKtLOGICtNAMER`tLOGIC_FORCE_PKCS11_KRB5tLOGIC_FORCE_PKCS11Rtargv_force_pkcs11_authtLOGIC_PKCS11_KRB5R]tLOGIC_IGNORE_AUTH_ERRtLOGIC_IGNORE_UNKNOWNtLOGIC_SKIPNEXTtLOGIC_SKIPNEXT3R�RtARGVR�R�RbRttLOGIC_SUFFICIENTR4R�tAUTH_MODULE_DIRtX_OKRtmodule_missingR�R�R%R�R�R�R�R�R�targv_sssd_missing_nameRmRnROR�R�R�R�RaR�R�tLOGIC_SKIPNEXT_ON_FAILURER(
R�R�t
forcescardtwarnR�tlogicR�RKR�targv((s!/usr/share/authconfig/authinfo.pytformatPAMModule4s�

							
!		
	3	!

		
	
		!$
cCs�tjj|�}tjj|�}|r1|s>|r�|r�ytj|�Wntk
rbnXytj||�Wq�tk
r�q�XndS(N(R4R�RtislinkR)R;tsymlink(R�RRR�R�((s!/usr/share/authconfig/authinfo.pytlinkPAMService�s

cCs}xvtttttgD]_}td|}tjj|�}tjj	|�}|r[|sh|r|rt
|_dSqWdS(Ns/pam.d/(RrRutPASSWORD_AUTH_PAM_SERVICEtFINGERPRINT_AUTH_PAM_SERVICEtSMARTCARD_AUTH_PAM_SERVICERqR4R�RRoRR�(R�RR�R�((s!/usr/share/authconfig/authinfo.pytcheckPAMLinked�s	cUCs[d}d}t|j|j�z�tt|jd�}|d7}|d7}|d7}|d7}|j}|j}|j}	t	}
|t
kr�t}
n|tkr�t}	n|t
kr�t}t}n|jo�|jdk}g}xt|D]�}
|r|
t|tkr|d7}n|
}|
ts�|jrF|
td	ks�|jr_|
td
ks�|jrx|
tdks�|jr�|
tdks�|jr�|
td
ks�|jr�|
tdks�|jr�|jr�|
tdkr�|
ttks�|jrF|rF|
tdkr&|
ttks�|
tdkrF|
ttks�|jri|jri|
tdks�|r�|r�|
tdkr�|
tt ks�|r�|r�|
ttkr�|
tdkr�|
t!t"ks�|r�|r�|
tdks�|r|r|r|
tdks�|r.|r.|
tdks�|	rD|
tdks�|j#r]|
tdks�|j$rv|
tdks�|j%r�|
tdks�|js�|js�|j&r�|
tdkr�|
tt ks�|js�|js�|j&r9|j'r9|
tdks)|
tdkr9|
t!t(kr9|j)r9|
ttks�|j*rb|
tdkrb|
tt+ks�|j,r{|
tdks�|j-r�|
tdks�|j)r�|
ttkr�|
tdkr�|
t!t.kr�||j/|
||
�7}q�q�W|j0�|j1|�|j2�Wdy|r)|j3�nWnt4k
r=nXX|j5|t6d|�tS(NRIi�s
#%PAM-1.0
s# This file is auto-generated.
s/# User changes will be destroyed the next time sauthconfig is run.
Rs
R~safs.krbR�RtR�tepsRxRyR�R}RvRwR�RzR�R�R�R{R�R�s/pam.d/(7RR�RR�R�RRfR]ReRtSTANDARDR%tFINGERPRINTt	SMARTCARDR�Rdtpam_modulesRXt	MANDATORYR�RZR�R�R�R�R�R`R�Rctargv_krb5_sc_authtAUTHRaRhRYRaR�R�R�RbRtRiR�R�tACCOUNTR�R�tLOGIC_REQUISITERnRR�R	R<R=RqRq(R�R�tcfgtcfg_basenametcfg_linkR�RKRfR]ReRktuse_sssd_smartcard_supportt
prevmoduleR�((s!/usr/share/authconfig/authinfo.pytwritePAMService�s�



						

#  #, #;*)  


cCs{i|_|jtttt�|jtttt	�|jt
ttt
�|jtttt�|jtttt�tS(N(RgR�RwRptAUTH_PAM_SERVICE_ACRrt	POSTLOGINRttPOSTLOGIN_PAM_SERVICE_ACRut
PASSWORD_ONLYtCFG_PASSWORD_PAMtPASSWORD_AUTH_PAM_SERVICE_ACRrRxtCFG_FINGERPRINT_PAMtFINGERPRINT_AUTH_PAM_SERVICE_ACRsRytCFG_SMARTCARD_PAMtSMARTCARD_AUTH_PAM_SERVICE_ACRtR%(R�((s!/usr/share/authconfig/authinfo.pyR�s	cCs�ttj|j�ytjttj�}Wntk
rBtSX|j	d|j
�|j	d|j�|jd|j
�|j	d|j�|j	d|j�|j	d|j�|j	d|j�|j	d|j�|j	d	|j�|j	d
|j�|j	d|j�|j	d|j�|j	d
|j�|j	d|j�|j	d|j�|j	d|j�|j	d|j�|jd|j�|jdd�|j	d|j�|j	d|j�|j	d|j �|j	d|j!�|j	d|j"�|j	d|j#�|j	d|j$�|j	d|j%�|j	d|j&�|j	d|j'�|j	d|j(�|j	d|j)�|jd |j*�|jd!|j+�|jd"|j,�|j-d#�|j.�t/S($NR�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�i�(0R�R�RR�R�R�RR=RtsetBoolValueR�R�R�R�RoRwR_RtR�R�RqRnR~R`RaR]RfReRORR�R�R�R�R�R�R�R�RBRbR�R�R�R�R�R�R<R%(R�R�((s!/usr/share/authconfig/authinfo.pyR�sT


cCsqttj|j�ytjttj�}Wntk
rBtSX|j	d|j
�|jd�|j�t
S(NR�i�(R�R�RR�R�R�RR=RR�RLR�R<R%(R�R�((s!/usr/share/authconfig/authinfo.pyR�:s


cCs�|j}|j�|_|_|jrY|jrY|jrY|rY|jjd�qYnt�}t|�dkr�|j	|kr�|d|_	n|j
r�|jr�t|_
t
|_ndS(NR^i(RIR�R�R~R�R�R�R�RRdR�RbRR%R�(R�toldimplicittmodules((s!/usr/share/authconfig/authinfo.pytprewriteUpdateHs		!	cCsd|jt�|j�|jtd�y�|j�}|oF|j�}|oX|j�}|jry|os|j	�}n|j
s�|jr�|o�|j�}n|j
s�|jr�|jdkr�|o�|j�}n|jr�|o�|j�}n|jr|o|j�}n|js$|jr9|o3|j�}n|jsK|jr`|oZ|j�}n!|jr�|o{|jt�}n|o�|j�}|o�|j�}|o�|j�}|o�|j�}|o�|j �}|o�|j!�}Wn<t"t#fk
r,t$j%j&t't$j(�d�d�t)SXx0|j*D]%}|j+r7|j,j-|j+�q7q7W|S(Ns/lastR�is
(.R�R%R�tsetupBackuptPATH_CONFIG_BACKUPSR�R�R$RwR�R_RaR�R`R�RXR�R]R�RtR�RqR�RIR�R�R�R$R�R�R�R�R�R�R;R=R�R�R�R'texc_infoRR�R�R�tadd(R�R�R1((s!/usr/share/authconfig/authinfo.pyR�VsL

						$	cCs�|j�|jt�|j�|jtd�t}yjxc|jD]X}|j||�rE|jr{|ou|j�}n|j	r�|j
j|j	�q�qEqEWWn<tt
fk
r�tjjttj�d�d�tSX|S(Ns/lastis
(RuR�R%R�R�R�R�R�R�R�R�R�R;R=R�R�R�R'R�R(R�R�R�R1((s!/usr/share/authconfig/authinfo.pytwriteChangeds 


		!$cCs�d}d}g}g}tjdgtjdgtjdgtjdgg}tj�}|sddS|jd�s�|d7}n||jd�}d|}tj|tjtj�}xJ|D]B}|j	tjkr�|j
jjd�|_
t|�|_q�q�Wd|}tj|tjtj�}|sXd|}tj|tjtj�}nx?|D]7}|j	tjkr_|j
j|_|jr�Pq�q_q_W|jrd|j}tj|tjtj�}x�|D]{}|j	tjkr�|j
jjd�}|j
jr"|d	|j
j7}n|jrA|jd
|7_qM||_q�q�Wd|j}tj|tjtj�}x�|D]{}|j	tjkr�|j
jjd�}|j
jr�|d	|j
j7}n|jr�|jd
|7_q�||_q�q�Wnx�|D]�}|d|}tj||d
tj�}xV|D]N}|j	tjkr@|j|kr@d|d|_|jd�|_Pq@q@Wq	WdS(NRIthstnsR�s
_ldap._tcps
_kerberos.t	_kerbeross_kerberos._udp.R,Rs_kerberos-adm._udp.ii(t	dnsclienttDNS_C_INtDNS_C_HSR�tgetfqdntendswithR-R�t	DNS_T_SRVtdns_typetrdataR�R
R2R�R4t	DNS_T_TXTtdataR@R�R<R>t	DNS_T_SOAtdns_nameRJRK(R�thostnametqnametresultsRORbR�th((s!/usr/share/authconfig/authinfo.pytprobe�sx





		

	

	

c
Csdt|j�GHdGHdt|j�GHdt|j�GHdt|j�GHd|jGHd|jGHdt|j�GHd	t|j�GHd
|j	GHd|j
GHdt|j�GHd
|jGHd|j
GHdt|j�GHdt|j�GHd|jGHd|jGHd|jGHd|jGHd|jGHd|jGHdt|j�GHdt|j�GHdt|j�GHdt|j�GHdt|j�GHdGHdt|j�GHd|jGHdt|j�GHd |jGHd!t|j�GHd"|j GHd#t|j!�GHd$|j"GHd%t|j#�GHd	t|j�GHd
|j	GHd|j
GHd&|j$pYd'GHd(t|j%o�|j&o�|j'd)k�GHd*t|j%o�|j&o�|j'd)k�GHd+t|j(�GHd,|j'GHd-|j)GHd.t|j*�GHd/t|j+�GHd0t|j,�GHd|jGHd|jGHd|jGHd|jGHd1t|j&�GHd2t|j-�GHd3t|j.�GHd4t|j/�GHd5|j0r�d6p�d7GHd8|j1GHd9|j2GHd:|j3GHd;t|j4�|j5fGHd<t|j6�|j7fGHd=t|j8�|j9fGHd>t|j:�|j;fGHd?t|j<�|j=fGHd@t|j>�|j?fGHdAt|j@�GHdS(BNs
caching is %ssnss_files is always enabledsnss_compat is %ssnss_db is %ssnss_hesiod is %ss hesiod LHS = "%s"s hesiod RHS = "%s"snss_ldap is %ss LDAP+TLS is %ss LDAP server = "%s"s LDAP base DN = "%s"s
nss_nis is %ss NIS server = "%s"s NIS domain = "%s"snss_nisplus is %ssnss_winbind is %ss SMB workgroup = "%s"s SMB servers = "%s"s SMB security = "%s"s SMB realm = "%s"s Winbind template shell = "%s"s SMB idmap range = "%s"snss_sss is %s by defaultsnss_wins is %ssnss_mdns4_minimal is %ssmyhostname is %ss%DNS preference over NSS or WINS is %sspam_unix is always enableds shadow passwords are %ss! password hashing algorithm is %sspam_krb5 is %ss krb5 realm = "%s"s krb5 realm via dns is %ss krb5 kdc = "%s"s krb5 kdc via dns is %ss krb5 admin server = "%s"spam_ldap is %ss LDAP schema = "%s"R2spam_pkcs11 is %sRsSSSD smartcard support is %ss# use only smartcard for login is %ss smartcard module = "%s"s  smartcard removal action = "%s"spam_fprintd is %sspam_ecryptfs is %sspam_winbind is %sspam_sss is %s by defaults! credential caching in SSSD is %ss6 SSSD use instead of legacy services if possible is %ssIPAv2 is %ssIPAv2 domain was %sjoinedsnot RIs IPAv2 server = "%s"s IPAv2 realm = "%s"s IPAv2 domain = "%s"spam_pwquality is %s (%s)spam_passwdqc is %s (%s)spam_access is %s (%s)spam_faillock is %s (%s)s0pam_mkhomedir or pam_oddjob_mkhomedir is %s (%s)s'Always authorize local users is %s (%s)s;Authenticate system accounts against network services is %s(AR�RHRzRoRwRJRKR_R6R2R4RtRNRLRsRqRgRZRXRYRkRhR~R{R|R}RR�ROR`R@R[R<R\R>RaR8R]R�RdRfRcReR�R�RBR�RbR�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�(R�((s!/usr/share/authconfig/authinfo.pyt	printInfo�s�+*cCsux.ttttfD]}t|j|j�qW|jrWtj	d�tj	d�ntj	d�tj	d�t
S(Ns/usr/sbin/pwconvs/usr/sbin/grpconvs/usr/sbin/pwunconvs/usr/sbin/grpunconv(t
CFG_SHADOWt
CFG_PASSWDtCFG_GSHADOWt	CFG_GROUPR�RR�R�R4R�R%(R�R�((s!/usr/share/authconfig/authinfo.pyR�0s	


c
Cs�d}|js|jr�|jr�|jjdd�djdd�djdd�d}|j}|j}|s{d}n|dkr�|dkr�dStd|r�d	p�d
||r�dp�d
||jf}|r�tj	j
d|�n|js�|rt||d
|j�\}}n(t
|gdt�}|j�|j}|rp|dkr�|jtd��q�q�|dkr�td�}	|	d|7}	|j|	�q�n|dkS(NiRiR
s	R�R�s join %s%s %s%s -U %ss-w RIs-S s[%s]
ssword:R�s'Winbind domain join was not successful.s]Winbind domain join was not successful. The net join command failed with the following error:s
(RqR�R�RZR	RgRXtPATH_WINBIND_NETR�R�R�R�R�R�R%R�R�R�R�(
R�R�R�R�R�tprotocoltcmdR�R�terrmsg((s!/usr/share/authconfig/authinfo.pyt
joinDomain<s89			!
	c
Cs�d}|jr�|j}|j}|j}|j}|j}|jrNd}nd}td|rfdpid||rxdp{d||r�dp�d||r�dp�d|||r�d	p�d
f
}	|rtj	j
d|	�t|	gdt�}
|
j
�|
j}nt|	|d|�\}}|dkr5t|_n|r`|dkr�|jtd
��q�q�|dkr�td�}|d|7}|j|�q�n|dkS(Nis-NRIs! --noac %s%s %s%s %s%s %s%s %s %ss	--domain=s	--server=s--realm=s--principal=s--unattendeds-Ws[%s]
R�s%IPAv2 domain join was not successful.seIPAv2 domain join was not successful. The ipa-client-install command failed with the following error:s
(RbR�R�R�R�R�R�tPATH_IPA_CLIENT_INSTALLR�R�R�R�R%R�R�R�R�R�R�(
R�R�R�R�R�RQt	principalRqtnontpR�R�R�R�((s!/usr/share/authconfig/authinfo.pyt
joinIPADomain_sB								
cCstd}tj|�dS(Ns  --uninstall --noac --unattended(R�R4R�(R�R�((s!/usr/share/authconfig/authinfo.pytuninstallIPA�s
cCsX|sT|jr,tjd�tjd�qTytjd�WqTtk
rPqTXntS(NR!(RHR�R�R1R;R%(R�R�((s!/usr/share/authconfig/authinfo.pyR��s	

cCsc|jr�|jr�|s/tjd|j�nyAtjd�tjt�tjd�|sotjd�nWnt	k
r�nXyAtjt
�tjd�|s�tjd�tjd�nWq_t	k
r�q_Xn�|s�tjd�nyYtjd�tjt
�|s=ytjd�Wq=t	k
r9q=Xntjd�Wnt	k
r^nXt
S(Ns/bin/domainname sG[[ $(getsebool allow_ypbind) == *off* ]] && setsebool -P allow_ypbind 1trpcbindtypbinds/bin/domainname "(none)"sF[[ $(getsebool allow_ypbind) == *on* ]] && setsebool -P allow_ypbind 0(RtRLR4R�R�tPATH_RPCBINDR�R�R1R;tPATH_YPBINDR�R�R%(R�R�((s!/usr/share/authconfig/authinfo.pyR��sB











cCs�t|js|jo|jtd|�|jrZytjd�Wqtk
rVqXn%ytjd�Wntk
r~nXtS(Ntnslcdse[[ $(getsebool authlogin_nsswitch_use_ldap) == *off* ]] && setsebool -P authlogin_nsswitch_use_ldap 1sd[[ $(getsebool authlogin_nsswitch_use_ldap) == *on* ]] && setsebool -P authlogin_nsswitch_use_ldap 0(	R�R_RaRIt
PATH_NSLCDR4R�R;R%(R�R�((s!/usr/share/authconfig/authinfo.pyR��s
	

cCs#t|jp|jtd|�dS(NR�(R�RqR�tPATH_WINBIND(R�R�((s!/usr/share/authconfig/authinfo.pyR��scCs�|jr|jpE|jr-tjjt�pE|joEtjjt�}|jpf|jpf|jpf|}t	|t
d|p�|o�|jp�|jp�|j�dS(NR(R~R�R4R�texiststPATH_SSSD_CONFIGRIR�RbR�t	PATH_SSSD(R�R�texplicitenableR�((s!/usr/share/authconfig/authinfo.pyR��scCsB|jr>tjdtdftj�r>tttd|�ndS(Ns%s/pam_%s.soRTtoddjobd(R�R4R�ReRfR�R%tPATH_ODDJOBD(R�R�((s!/usr/share/authconfig/authinfo.pyR��s
cCs8x|jD]}||�q
W|jr4|j�ndS(N(R�R�R�(R�R�R�((s!/usr/share/authconfig/authinfo.pytpost�s	cCsx|js|jrtytj|j�Wn>tk
rf\}}|tjkrgtj|jd�qgnXt	|j�St
S(Ni�(R_RaR4R�R:R;RBtENOENTRR�R(R�R�R�((s!/usr/share/authconfig/authinfo.pyttestLDAPCACerts�s
cCsE|js|jrA|js*d|jkrAtjd|j�ndS(Nsldaps:s/usr/sbin/cacertdir_rehash (R_RaR6R2R4R�R:(R�((s!/usr/share/authconfig/authinfo.pytrehashLDAPCACerts�scCs�|js
tS|j�yWtj|j�}t|jdtd�}|j|j	��|j
�|j
�Wn.ttt
fk
r�|jtd��tSX|j�tS(NR�i�s Error downloading CA certificate(R�RR�turllib2turlopenRHR:tLDAP_CACERT_DOWNLOADEDR�R�R<R=R;R+R�R�R�R%(R�treadftwritef((s!/usr/share/authconfig/authinfo.pytdownloadLDAPCACert�s	


cCs�|ddkr!td|}n||_t|�s�yQtj|�}x;|D]3}ytj|d|�WqOtk
r�qOXqOWWq�tk
r�q�XndS(NiR�s/backup-(R�R�R�R4R�R)R;(R�RRR>((s!/usr/share/authconfig/authinfo.pyR�	s	


cCs@|j|�t}x&tD]}|j|j�o5|}qW|S(N(R�R%R�RR�(R�RR�R�((s!/usr/share/authconfig/authinfo.pyt
saveBackups


cCsQ|ddkr!td|}nt}x#tD]}|j|�oF|}q.W|S(NiR�s/backup-(R�R%R�R (R�RR�R�((s!/usr/share/authconfig/authinfo.pyt
restoreBackups
cCs|jtd�S(Ns/last(R�R�(R�((s!/usr/share/authconfig/authinfo.pytrestoreLast's(TR�R�R�R�R�R�R�R�R�R�R�RRR	RRR%R/RCRJRQRSRWRoR"RvRsR�R�R�RR�R�R�R$R�R�R�R�R�R�R�R�R�R�RR$R�R�R�RARBR�R�RnRqRuR�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�(((s!/usr/share/authconfig/authinfo.pyR�%s�	�							*			9			K		"	1	*		 	
	+	7			�	�			"				U	u		
	5	B		\	�	
		F		Y	:	
	H	�	b		
	T			/			)		S	L		#	(			$											((((((s
ldapServersldap_uri(s
ldapBaseDNR5(senableLDAPSR7(s
ldapSchemasldap_schema(s
ldapCacertDirR;(skerberosKDCR=(skerberosAdminServerR?(s
kerberosRealmRA(senableCacheCredsRC(senableCacheCredsskrb5_store_password_if_offline((�RtreR4R�R7R�R�R�R�R�R�R�RBR�R�R;R�t
subprocessRtgettexttlgettextR�R�tImportErrorRRqRrR�RuR�RrR�RsR�RtR�R7R'tglobalstLIBDIRRetPATH_PWCONVR�R#R�R�R�R�R�tPATH_SEBOOLt
PATH_SCEVENTDR�tPATH_LIBNSS_DBtPATH_LIBNSS_LDAPR�RtPATH_LIBNSS_NIStPATH_LIBNSS_HESIODtPATH_LIBNSS_ODBCBINDtPATH_LIBNSS_WINBINDtPATH_LIBNSS_WINStPATH_LIBNSS_SSSt
PATH_PAM_KRB5t
PATH_PAM_LDAPtPATH_PAM_WINBINDtPATH_PAM_PKCS11tPATH_PAM_FPRINTDtPATH_PAM_SSSRFRR�R�R�R�R�R�tLOGIC_REQUIREDRRdtLOGIC_OPTIONALR`R_tLOGIC_PKCS11R\R^R[RaRbtLOGIC_ALWAYS_SKIPRiRRRRR R"R$R)R*R+R3RDRHRMRPRRRVtargv_unix_authtargv_unix_passwordt
argv_afs_authtargv_afs_passwordtargv_pwquality_passwordtargv_passwdqc_passwordt
argv_eps_authtargv_eps_passwordtargv_fprintd_authtargv_pkcs11_authR]Rhtargv_krb5_authR|targv_krb5_passwordtargv_ldap_authtargv_ldap_passwordt
argv_otp_authtargv_succeed_if_authtargv_succeed_if_accounttargv_succeed_if_sessiontargv_succeed_if_nonlogintargv_winbind_authtargv_winbind_passwordt
argv_sss_authtargv_sss_passwordtargv_keyinit_sessiontargv_ecryptfs_authtargv_ecryptfs_passwordtargv_ecryptfs_sessiontargv_succeed_if_not_gdmtargv_lastlog_gdmtargv_lastlog_not_gdmtargv_faildelayR�trangeR}R~tSESSIONtPASSWORDRWR{RXRYRZRcRwR�R�RxRyR�RzR%RR�tDEFAULT_DNS_QUERY_SIZEtcompileR#R�R�R�treadlinkR�R;R�R�R�R�R�R�R�R�R�R�R
R"R$R%R�R�RRRRR�RtCFG_KRBR4RNRgR�RpRtR�R�R�R�R�RR.R"R4R�R�R�R�R7R8R�R>R�(((s!/usr/share/authconfig/authinfo.pyt<module>s�
	

	

















																																																			(																																																																																																																																																																																																																																																																																																																																												


			Z					#S		7i	

Anon7 - 2021