[ Avaa Bypassed ]

Upload:

Command:

hmhc3928@3.145.79.214: ~ $ 
�
�8�Yc;@sddlZddlZddlZddlZddlZddlZddlZddlZddlZddl	Z	ddl
Z
ddlZddlZddl
Z
ddlZddlZddlZddlTddlZddlZejZyddlaWnek
r danXdZdZdZdZdZdZd	Zd
Z dZ!dZ"d
Z#dZ$de%e&�d�kr�dZ'ndZ'e'dZ(dZ)dZ*dZ+dZ,dZ-dZ.dZ/dZ0dZ1dZ2dZ3e'dZ4e'd Z5ej6j7e5�se'd Z5ne'd!Z8e'd"Z9e'd#Z:e'd$Z;e'd%Z<e'd&Z=e(d'Z>e(d(Z?e(d)Z@e(d*ZAe(d+ZBe(d,ZCe'd-ZDd.ZEd/ZFd0ZGd1ZHd2ZId3ZJed4ZKd5ZLd6ZMd7ZNd8ZOd9ZPd:ZQd;ZRd<ZSd=ZTd>ZUd?ZVd@ZWdAZXdBZYdC�ZZdD�Z[dE�Z\dF�Z]dG�Z^dH�Z_dI�Z`dJ�ZadK�ZbdL�ZcdM�ZddN�ZedO�ZfdP�ZgdQ�ZhdR�ZidS�ZjdTgZkdTdUgZldVgZmdVgZndTdWdXdYgZodZgZpdVgZqdUgZrgZsd[gZtd[d\gZud]gZvdVgZwdVd^gZxdUgZydVgZzdUgZ{dVgZ|d_d`dagZ}dbd`dcgZ~dddcdegZdfdcdegZ�dVgZ�dUgZ�dVgZ�dUgZ�dggZ�dhgZ�dhgZ�dhgZ�didjdcgZ�dkdlgZ�dmdndlgZ�dogZ�dpdqdrdsdtgZ�e�dudv�\Z�Z�Z�Z�dwdxdydzgZ�e�dud{�\Z�Z�Z�Z�Z�e�dud{�\Z�Z�Z�Z�Z�ge�e�e�e�e�fD]Z�g^q�Z�e�e�eLd|gge�e�eLd}e�ge�e�eLd~ddmgge�e�eVd�e�ge�e�eRd�etge�e�eOd�exge�e�eNd�gge�e�eNd�gge�e�eYd�e}ge�e�eYd�gge�e�eNd�ekge�e�eMd�e}ge�e�eNd�e�ge�e�eNd�emge�e�eNd�emge�e�eNd�eqge�e�eNd�ewge�e�eNd�ezge�e�eNd�e|ge�e�eNd�e�ge�e�eLd~d�gge�e�eLd�gge�e�eLd�gge�e�eLd~gge�e�eLd�gge�e�eNd�gge�e�eNd�e~ge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�eLd�gge�e�eMd�eoge�e�eMd�epge�e�eNd�elge�e�eNd�e�ge�e�eNd�enge�e�eNd�enge�e�eNd�erge�e�eNd�eyge�e�eNd�e{ge�e�eNd�e�ge�e�eLd�gge�e�eOd�e�ge�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eVd�ege�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�ggg7e�e�<e�e�eOd�e�ge�e�eOd�e�ge�e�eOd�e�ge�e�eVd�e�ge�e�eXd�e�ge�e�eOd�e�gge�e�<e�e�eLd|gge�e�eLd}e�ge�e�eLd~ddmgge�e�eLd�gge�e�eYd�e}ge�e�eYd�gge�e�eNd�ekge�e�eMd�e}ge�e�eNd�e�ge�e�eNd�emge�e�eNd�emge�e�eNd�eqge�e�eNd�ewge�e�eNd�ezge�e�eNd�e|ge�e�eNd�e�ge�e�eLd�gge�e�eLd�gge�e�eLd~gge�e�eLd�gge�e�eNd�gge�e�eNd�e~ge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�eLd�gge�e�eMd�eoge�e�eMd�epge�e�eNd�elge�e�eNd�e�ge�e�eNd�enge�e�eNd�enge�e�eNd�erge�e�eNd�eyge�e�eNd�e{ge�e�eNd�e�ge�e�eLd~d�gge�e�eLd�gge�e�eOd�e�ge�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eVd�ege�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�ggg3e�e�<e�e�eLd|gge�e�eLd~ddmgge�e�eLd�gge�e�eNd�gge�e�eLd~d�gge�e�eLd�gge�e�eLd�gge�e�eLd~gge�e�eLd�gge�e�eNd�gge�e�eNd�e~ge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�eLd�gge�e�eLd�gge�e�eOd�e�ge�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eVd�ege�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�ggge�e�<e�e�eLd|gge�e�eLd~ddmgge�e�eNd�evge�e�eRd�euge�e�eOd�exge�e�eNd�gge�e�eLd~d�gge�e�eLd�gge�e�eLd�gge�e�eLd~gge�e�eLd�gge�e�eNd�gge�e�eNd�e~ge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�ePd�gge�e�eLd�gge�e�eLd�gge�e�eOd�e�ge�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eVd�ege�e�eLd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�gge�e�eOd�ggge�e�<d��Z�d�Z�ej�d��Z�ej�d��Z�d�d�d���YZ�d�d�d���YZ�y.d�ej�d��kr�e��Z�n	e��Z�Wne�k
r�e��Z�nXd��Z�d��Z�d��Z�d��Z�d��Z�d��Z�d��Z�d��Z�d�d�d���YZ�d�dd���YZ�d�dd���YZ�d��Z�d��Z�d�e�fd���YZ�e�dud��\Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�d��e�ded�e�e�ded�e�e�d	ed�e�e�ded�e!�e�d
ed�e#�e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�eK�e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��e�d�ed��gZ�dddddddd	d
dg
Z�d�dd���YZ�dS(
i����N(t*s/etcssystem-authssystem-auth-act	postloginspostlogin-acs
password-authspassword-auth-acsfingerprint-authsfingerprint-auth-acssmartcard-authssmartcard-auth-actdefaulttlib64tacutils
/usr/lib64s/usr/libs	/securitys/usr/sbin/pwconvs
/sbin/rpcbinds/usr/sbin/nscds/usr/sbin/nslcds/usr/sbin/winbindds/usr/sbin/sssds/usr/sbin/ypbinds/usr/sbin/oddjobds/usr/sbin/setsebools/usr/bin/pkcs11_eventmgrs/usr/bin/pkcs11_setups/libnss_db.so.2s/libnss_ldap.so.2s/libnss_nis.so.2s/libnss_hesiod.so.2s/libnss_odbcbind.so.2s/libnss_winbind.so.2s/libnss_wins.so.2s/libnss_sss.so.2s/pam_krb5.sos/pam_ldap.sos/pam_winbind.sos/pam_pkcs11.sos/pam_fprintd.sos/pam_sss.sos/sssd/modules/libsss_autofs.sos$/var/lib/sss/pubconf/krb5.include.d/s/usr/bin/nets/usr/sbin/ipa-client-installs/etc/openldap/cacertssauthconfig_downloaded.pems/var/lib/authconfigs/sssd/sssd.conftrequiredt	requisitet
sufficienttoptionals,[default=bad success=ok user_unknown=ignore]sJ[default=bad success=ok auth_err=ignore user_unknown=ignore ignore=ignore]s@[success=done authinfo_unavail=ignore ignore=ignore default=die]s([success=done ignore=ignore default=die]s4[success=ok authinfo_unavail=2 ignore=2 default=die]s![success=ok ignore=2 default=die]s[success=1 default=ignore]s[success=3 default=ignore]s[default=1]s$[default=1 ignore=ignore success=ok]cCs|jdd�dj�S(Ns
ii(tsplittrstrip(ts((s!/usr/share/authconfig/authinfo.pyt
snipString�scCs;|s
|S|jdd�}djtd|jd���S(Ns	t t,(treplacetjointfiltertNoneR	(tlstR((s!/usr/share/authconfig/authinfo.pyt	cleanList�scCs+|j|�r#|t|�j�StSdS(N(t
startswithtlentlstriptFalse(tlinetkey((s!/usr/share/authconfig/authinfo.pytmatchKey�scCs5|j|�r-|t|�jtjd�StSdS(Nt=(RRRtstringt
whitespaceR(RR((s!/usr/share/authconfig/authinfo.pytmatchKeyEquals�scCs
|j|�S(N(R(RR((s!/usr/share/authconfig/authinfo.pyt	matchLine�scCs|j�j|j��S(N(tlowerR(RR((s!/usr/share/authconfig/authinfo.pyt
matchLineI�scCs|r|d|S|SdS(NR((Rtvalue((s!/usr/share/authconfig/authinfo.pytcommaAppend�scCsN|r|rtS|s |r$tS|r4||kS|j�|j�kSdS(N(RtTrueR!(tatbtcase_sensitive((s!/usr/share/authconfig/authinfo.pyt
stringsDiffer�s
cCsF|j�jdd�}t|�dkr.tSd|dkrBtStS(NRiiR
i(RR	RRR%(R#R((s!/usr/share/authconfig/authinfo.pytcheckDN�scCs't||�}|rt|�StSdS(N(RR*R(RRR#((s!/usr/share/authconfig/authinfo.pyt
matchBaseLine�s
cCs�|jdd�}t|�dkr1|d}nd}t|�}x�tr�|j||�}|dkrndS|dkr�||dj�r�||7}qFn||t|�kr�|||j�r�||7}qFn|SWdS(Nt:ii(R	RR%tfindRtisalnum(t
configurationt	candidateRtstarttclen((s!/usr/share/authconfig/authinfo.pytcheckNSS�s"
	 
*
cCs�d}yQtj|||�}|tjkrCtj|tj�ntj|tj�Wn\tk
r�\}}|dkr�ytj	|�Wq�tk
r�q�Xnt
||��nX|S(N(RtostopentO_RDONLYtfcntltlockftLOCK_SHtLOCK_EXtOSErrortclosetIOError(tfilenametmodetpermstfdterrnotstrerr((s!/usr/share/authconfig/authinfo.pytopenfdLocked�s
cCs&tjt|tjtjB|�d�S(Nsr+(R4tfdopenRDtO_RDWRtO_CREAT(R>R@((s!/usr/share/authconfig/authinfo.pyt
openLocked�scCsEd}|jd�}x)|D]!}|r|d|d7}qqW|S(NtRs  kdc = s
(R	(tkdclisttoutputtkdc((s!/usr/share/authconfig/authinfo.pytkrbKdc�s
cCsKd}|jd�}x/|D]'}|r|d7}||d7}qqW|S(NRIRs  admin_server = s
(R	(tadminserversRKtadminserver((s!/usr/share/authconfig/authinfo.pytkrbAdminServer�s

cCsOd}|rK|d|d7}|t|�7}|t|�7}|d7}n|S(NRIR
s = {
s }

(RMRP(trealmRJRNRK((s!/usr/share/authconfig/authinfo.pytkrbRealms
cCs�|jdd�}t|�dkr-d}n
|d}|dj�jd�}|j�jd�}||kr�|jtjd�StS(NRiiRIi(R	RR!RRRRR(RRtlinelsttparamtkeylst((s!/usr/share/authconfig/authinfo.pytmatchLineSMBs	
ttry_first_passtuse_authtoktuse_first_passtlocal_users_onlysretry=3s
authtok_type=s
enforce=userstnodebugt
wait_for_cardtallow_missing_nametno_subsequent_promptsuid >=t500t
quiet_successsuid <tquietsservice in crondtuse_uidsKservice notin login:gdm:xdm:kdm:xscreensaver:gnome-screensaver:kscreensavertrevoketunwrapsservice !~ gdm*sservice !~ su*tnowtmpt
showfailedtsilenttnoupdates
delay=2000000tdescrypttbigcrypttmd5tsha256tsha512iitauthtaccounttsessiontpassworditenvt	faildelaytfaillocktpreautht
succeed_iftpkcs11tkrb5tpermittfprintdt	localusertunixtssstafssafs.krbteps_authtldaptotptwinbindtauthfailtdenytaccesst	pwqualitytpasswdqct
eps_passwdtkeyinittlimitstsystemdt	mkhomedirtecryptfstlastlogcCs/d}|jd�}||jdd�7}|S(NsDC=t.s,DC=(R
R(tdomainRK((s!/usr/share/authconfig/authinfo.pyt	domain2dnCsis7^[ \t]*([^ \t]+)[ \t][ \t"]*(([^"]*)".*|([^"]*\S)?\s*)$s&^.*[ \t]*uid[ \t]+(<|>=)[ \t]+([0-9]+)tSysVInitServicecBs>eZd�Zd�Zd�Zd�Zd�Zd�ZRS(cCstjd|d�dS(Ns/sbin/service s start(R4tsystem(tselftservice((s!/usr/share/authconfig/authinfo.pyR1WscCstjd|d�dS(Ns/sbin/service s stop >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pytstopZscCs*tjd|�tjd|d�dS(Ns/sbin/chkconfig --add s/sbin/chkconfig --level 345 s on(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pytenable]scCstjd|d�dS(Ns/sbin/chkconfig --level 345 s off(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pytdisableascCs9tjd|d�}tj|�o8tj|�dkS(Ns/sbin/chkconfig s >/dev/null 2>&1i(R4R�t	WIFEXITEDtWEXITSTATUS(R�R�trv((s!/usr/share/authconfig/authinfo.pyt	isEnableddscCstjd|d�dS(Ns/sbin/service s condrestart >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyt
tryRestarths(t__name__t
__module__R1R�R�R�R�R�(((s!/usr/share/authconfig/authinfo.pyR�Vs					tSystemdServicecBs>eZd�Zd�Zd�Zd�Zd�Zd�ZRS(cCstjd|d�dS(Ns/bin/systemctl start s.service(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyR1lscCstjd|d�dS(Ns/bin/systemctl stop s.service >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyR�oscCstjd|d�dS(Ns/bin/systemctl enable s.service >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyR�rscCstjd|d�dS(Ns/bin/systemctl disable s.service >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyR�uscCs9tjd|d�}tj|�o8tj|�dkS(Ns/bin/systemctl is-enabled s.service >/dev/null 2>&1i(R4R�R�R�(R�R�R�((s!/usr/share/authconfig/authinfo.pyR�xscCstjd|d�dS(Ns/bin/systemctl try-restart s.service >/dev/null 2>&1(R4R�(R�R�((s!/usr/share/authconfig/authinfo.pyR�|s(R�R�R1R�R�R�R�R�(((s!/usr/share/authconfig/authinfo.pyR�ks					s
/sbin/initcCs�|r^yAtj|�tj|�|sFtj|�tj|�nWq�tk
rZq�Xn`yLtj|�|s�ytj|�Wq�tk
r�q�Xntj|�Wntk
r�nXtS(N(	R4tstattServiceR�R�R1R;R�R%(R�tpathtnametnostart((s!/usr/share/authconfig/authinfo.pyttoggleSplatbindService�s(






cCs|r
dSdSdS(Ntenabledtdisabled((tval((s!/usr/share/authconfig/authinfo.pyt
formatBool�scCs�ytj�\}}Wntk
r*dSX|s�|rOt|gdt�}n5t|gdtdt�}|jd|p|dd�|j�|j}tj	|�nd\}}	y7t
j
|t
j�}
t
j
|t
j|
tj
@�Wntk
r�nXt}xk|sqy7g}g}
tj|gg|gd�\}}}
Wn4tjk
rz\}}tjjd|d�nX|r�|
r�tj|�t}qnd}ytj|d	�}Wn�tk
rM\}}|tjksG|tjkr�q|tjkrtj|�t}qtjjd
|d�tj|�t}qnX|r[y�||7}|	|7}	|r�tjj|�n|r||kr|	jd�}tj||p�d�tj|d�|dkr�d|	| }	nd}	d}|rtjjd
�qnWqntk
rW\}}tjjd|d�tj|�t}qnXqtj|�t}qWytj|tj�Wntk
r�nXd}ytj|d�\}}Wn1tk
r�\}}tjjd|d�nX||	fS(Ni�tshelltstdintinputRIs
i<sselect: isread: s
i����s<...>
swrite: is	waitpid: (RIRI( R4tforkptyR;tPopenR%tPIPEtcommunicatetwaitt
returncodet_exitR7tF_GETFLtF_SETFLt
O_NONBLOCKR=RtselectterrortsyststderrtwriteR<treadRBtEINTRtEAGAINtEIOtrfindtkilltsignaltSIGTERMtwaitpid(tcommandtechotquerytresponsetpidtmastertchildtstatusRKR�titeoftifdstefdstofdsterrttexttctindex((s!/usr/share/authconfig/authinfo.pytfeedFork�s�

	"
	+

	







cCs�ytj|�}Wntk
r'tSXxS|D]K}y1tj|d|�}tj|j�retSWq/tk
ryq/Xq/WtS(Nt/(R4tlistdirR;R%R�tS_ISREGtst_modeR(R�RR>tst((s!/usr/share/authconfig/authinfo.pyt
isEmptyDir�s


cCs|ycttg|dt�}|j�djd�}|jdkrHdS|ddkrb|d3nWntk
rwdSX|S(Ntstdoutis
i����RI(R�tPATH_SCSETUPR�R�R	R�RR;(toptionsR�R((s!/usr/share/authconfig/authinfo.pytcallPKCS11Setups
cCs#tdg�}|dkrgS|S(Ntlist_modules(R�R(tmods((s!/usr/share/authconfig/authinfo.pytgetSmartcardModulesscCstd�td�gS(NtLocktIgnore(t_(((s!/usr/share/authconfig/authinfo.pytgetSmartcardActions scCst|�}|j�|S(N(tAuthInfoR�(tmsgcbtinfo((s!/usr/share/authconfig/authinfo.pyR�#s
t	SaveGroupcBseZd�Zd�ZRS(cCs||_||_||_dS(N(tsaveFunctionttoggleFunctiontattrlist(R�tsavefunct
togglefuncR�((s!/usr/share/authconfig/authinfo.pyt__init__)s		cCs�x�|jD]�\}}||jkr)tS|dkrZt||�t||�kr�tSq
|dkr�tt||�t||�t�r�tSq
|dkr
tt||�t||�t�r�tSq
q
WtS(NR'R�R�(R�tinconsistentAttrsR%tgetattrR)R(R�R&R'tanametatype((s!/usr/share/authconfig/authinfo.pytattrsDiffer.s$$(R�R�R�R�(((s!/usr/share/authconfig/authinfo.pyR�(s	tSafeFilecBs5eZd�Zd�Zd�Zd�Zd�ZRS(cCs�tjj|�\}}t|_tjd|d|dt�|_t	dd||jj
gdtjdtj��dkr�t|_tj
|jj�|�n||_dS(	Ntdirtprefixtdeletes/bin/cps-afR�s	/dev/nulli(R4R�R	RtmissingttempfiletNamedTemporaryFileR%tfiletcallR�R5tO_WRONLYtfchmodtfilenoR>(R�R>tdefault_modetbaseR�((s!/usr/share/authconfig/authinfo.pyR�>s	!	cCst|jj�tj|jj��tj|jj|j�|jrpt	d|jgdtj
dtj��ndS(Ns/usr/sbin/restoreconR�s	/dev/null(R�tflushR4tfsyncRtrenameR�R>R�RR5R(R�((s!/usr/share/authconfig/authinfo.pytsaveJs
	cCs)y|jj�Wntk
r$nXdS(N(R�R<R;(R�((s!/usr/share/authconfig/authinfo.pyR<Rs
cCs|jj|�S(N(R�R�(R�R((s!/usr/share/authconfig/authinfo.pyR�YscCs$|jjd�|jjd�dS(Ni(R�tseekttruncate(R�((s!/usr/share/authconfig/authinfo.pytrewind\s(R�R�R�R	R<R�R(((s!/usr/share/authconfig/authinfo.pyR�=s
				t
FileBackupcBs,eZd�Zd�Zd�Zd�ZRS(cCs||_||_dS(N(t
backupNametorigPath(R�t
backupnametorigpath((s!/usr/share/authconfig/authinfo.pyR�as	cCs�t}d}d}yt|tjd�}Wntk
r?tSXytjtj|�j	�}Wn%tt
fk
r�tj|�tSXyt||�}|j
�Wntk
r�t}nXyLxE|rtj|d�}|s�t}Pntj|jj�|�q�WWntt
fk
r)t}nXy|rCtj|�nWntt
fk
r]nXy'|r�|r�|j�|j�nWntt
fk
r�t}nX|S(Nii(R%RRDR4R6R=R�tS_IMODEtfstatR�R;R<R�RRR�R�R�RR	(R�tsrctdestR�tsrcfdtdestfileR?R'((s!/usr/share/authconfig/authinfo.pytsafeCopyesL



	!


cCst}y&tjj|�s+tj|�nWnttfk
rKt}nX|d|j}|r{|j	|j
|�}n|S(NR�(R%R4R�tisdirtmkdirR;R=RRRR(R�tdestdirR�t
backuppath((s!/usr/share/authconfig/authinfo.pytbackup�s
cCs�t}ytjj|�stSWnttfk
r?t}nX|d|j}|r�tjj|�r�|j	||j
�}ny5|r�td|j
gdtjdtj
��nWnttfk
r�nX|S(NR�s/usr/sbin/restoreconR�s	/dev/null(R%R4R�RRR=R;RtisfileRRRR5R(R�t	backupdirR�R((s!/usr/share/authconfig/authinfo.pytrestore�s 
(R�R�R�RRR (((s!/usr/share/authconfig/authinfo.pyR
`s		*	cCs
tjd�S(Ntnscd(R�R�(((s!/usr/share/authconfig/authinfo.pyt	readCache�scCsL|rtjd�n2ytjt�tjd�Wntk
rGnXtS(NR!(R�R�R4R�t	PATH_NSCDR�R;R%(R�((s!/usr/share/authconfig/authinfo.pyt
writeCache�s

tCacheBackupcBseZd�Zd�ZRS(cCst}y&tjj|�s+tj|�nWnttfk
rKt}nX|d|j}|r�d}y5t
�}t|d�}|jt
t|���Wntk
r�t}nX|r�|j�q�n|s�ytj|�Wq�tk
r�q�Xn|S(NR�tw(R%R4R�RRR;R=RRRR"R5R�tstrtintR<tunlink(R�RR�RRR�((s!/usr/share/authconfig/authinfo.pyR�s.
	


cCs�t}ytjj|�stSWnttfk
r?t}nX|d|j}|r�tjj|�r�d}y/t
|d�}t|j��}t
|�Wn tttfk
r�t}nX|r�|j�q�n|S(NR�tr(R%R4R�RRR=R;RRRR5R(R�R$t
ValueErrorR<(R�RR�RRR�((s!/usr/share/authconfig/authinfo.pyR �s$

(R�R�RR (((s!/usr/share/authconfig/authinfo.pyR%�s	ishesiod.confs/hesiod.confsyp.confs/yp.confs	ldap.confs
/ldap.confs
nss_ldap.confs/nss_ldap.confs
pam_ldap.confs/pam_ldap.confs
nslcd.confs/nslcd.confs
openldap.confs/openldap/ldap.confs	krb5.confs
/krb5.confskrb.confs	/krb.confspam_pkcs11.confs/pam_pkcs11/pam_pkcs11.confssmb.confs/samba/smb.confs
nsswitch.confs/nsswitch.confscacheenabled.confRIs/pam.d/t
authconfigs/sysconfig/authconfigtnetworks/sysconfig/networkslibuser.confs
/libuser.confspwquality.confs/security/pwquality.confs
login.defss/login.defss	sssd.conftshadows/shadowtpasswds/passwdtgshadows/gshadowtgroups/groups
10-authconfigs /dconf/db/distro.d/10-authconfigs10-authconfig-lockss,/dconf/db/distro.d/locks/10-authconfig-lockst
ldapServertldap_urit
ldapBaseDNtldap_search_basetenableLDAPStldap_id_use_start_tlst
ldapSchematldap_schemat
ldapCacertDirtldap_tls_cacertdirtkerberosKDCtkrb5_servertkerberosAdminServertkrb5_kpasswdt
kerberosRealmt
krb5_realmtenableCacheCredstcache_credentialstkrb5_store_password_if_offlineR�cBs�eZd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Z	d�Z
d	�Zd
�Zd�Z
d�Zd
�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zed�Zd�Z d�Z!d�Z"d �Z#d!�Z$d"�Z%d#�Z&d$�Z'd%�Z(d&�Z)d'�Z*d(�Z+d)�Z,d*�Z-d+�Z.d,�Z/d-�Z0d.�Z1d/�Z2d0�Z3d1�Z4d2�Z5d3�Z6d4�Z7d5�Z8d6�Z9d7�Z:d8�Z;d9�Z<d:�Z=d;�Z>d<�Z?d=�Z@d>�ZAd?�ZBd@�ZCdA�ZDdB�ZEdC�ZFdD�ZGdE�ZHdF�ZIdG�ZJdH�ZKdI�ZLdJ�ZMdK�ZNdL�ZOdM�ZPdN�ZQdO�ZRdP�ZSRS(Qc8Cs�||_d|_g|_d|_d|_d|_d|_d|_d|_	d|_
d|_d|_d|_
d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_t|_ t|_!d|_"d|_#d|_$d|_%d|_&d|_'d|_(d|_)d|_*d|_+d|_,d|_-d|_.d|_/d|_0d|_1d|_2d|_3d|_4d|_5d|_6d|_7d|_8d|_9d|_:d|_;t<|_=d|_>d|_?d|_@d|_Ad|_Bd|_Cd|_Dd|_Ed|_Fd|_Gd|_Hd|_Id|_Jd|_Kd|_Ld|_Md|_Nd|_Od|_Pd|_Qd|_Rd|_Sd|_Tt|_Ut|_Vd|_Wd|_Xd|_Yd|_Zd|_[d|_\d|_]d|_^d|__d|_`d|_ad|_bd|_cd|_dd|_ed|_fd|_gd|_hd|_id|_jd|_kd|_lt<|_md|_nd|_od|_pt|_qtrr$y trjr�|_n|jnjs�Wq$ttk
r q$Xntu�|_vtw|jx|jydmdng�tw|jzddodpg�tw|j{|j|dqdrdsg�tw|j}ddtdudvdwdxdyg�tw|j~ddzg�tw|jdd{g�tw|j�dd|d}d~dd�d�d�d�g�tw|j�dd�d�d�d�d�d�d�d�g�tw|j�|j�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�g�tw|j�dd�d�g�tw|j�dd�d�d�d�d�g�tw|j�|j�d�d�d�d�d�d�d�d�d�d�d�g�tw|j�dd�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�g�tw|j�dd�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�g'�tw|j�dd�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�d�dddddddddd	d
g!�tw|j�ddg�tw|j�ddg�twd|j|d
g�twd|j�dg�twd|j�dddddg�twd|j�ddddddg�twd|j�ddg�g|_�dS(NRIt9t1t0sdeny=4 unlock_time=1200s
umask=0077tenableCacheR'timplicitSSSDt	hesiodLHSR�t	hesiodRHSt	nisDomainR�tnisLocalDomaint	nisServerR2R4R6R8R:tpasswordAlgorithmt
passMinLentpassMinClasst
passMaxRepeattpassMaxClassRepeattpassReqLowertpassReqUppertpassReqDigittpassReqOtherR@R<tsmbSecuritytsmbRealmt
smbServersR>tkerberosRealmviaDNStkerberosKDCviaDNSRBtenableSmartcardtforceSSSDUpdatet
enableLDAPtenableKerberostenableLDAPAuthtenableIPAv2tsmartcardActiontsmartcardModulet
enableFprintdtforceSmartcardtsmbWorkgroupt
smbIdmapRangetwinbindSeparatortwinbindTemplateHomedirtwinbindTemplateShelltwinbindUseDefaultDomaintwinbindOfflinetwinbindKrb5tenableDBtenableDirectoriest
enableWinbindtenableOdbcbindt
enableNIS3t	enableNIStenableLDAPbindtenableHesiodbindtenableHesiodt
enableDBIbindtenableDBbindtenableCompatt
enableWINSt
enableMDNStenableMyhostnamet
enableSSSDtpreferDNSinHostst
pwqualityArgstpasswdqcArgstfaillockArgstenableFaillockt
localuserArgst
pamAccessArgstenablePAMAccesst
mkhomedirArgstenableMkHomeDirt
algoRoundstenableShadowtenableNullOktforceBrokenShadowtenableWinbindAutht	enableAFStenableAFSKerberostenablePWQualityt	enableEPStenableEcryptfst	enableOTPtenablePasswdQCtenableLocAuthorizetenableSysNetAuthtenableSSSDAutht	pamLinkedtimplicitSSSDAuthtsystemdArgstuidMintenableForceLegacytipav2Servertipav2Domaint
ipav2RealmtipaDomainJoinedt
ipav2NoNTP(senableCacheR'(simplicitSSSDR'(s	hesiodLHSR�(s	hesiodRHSR�(s	nisDomainR�(snisLocalDomainR�(s	nisServerR�(s
ldapServerR�(s
ldapBaseDNR�(senableLDAPSR'(s
ldapSchemaR�(s
ldapCacertDirR�(spasswordAlgorithmR�(spasswordAlgorithmR�(spasswordAlgorithmR�(s
passMinLenR�(spassMinClassR�(s
passMaxRepeatR�(spassMaxClassRepeatR�(spassReqLowerR'(spassReqUpperR'(spassReqDigitR'(spassReqOtherR'(s
kerberosRealmR�(skerberosKDCR�(ssmbSecurityR�(ssmbRealmR�(s
smbServersR�(skerberosAdminServerR�(skerberosRealmviaDNSR'(skerberosKDCviaDNSR'(s
ldapServerR�(s
ldapBaseDNR�(senableLDAPSR'(s
ldapSchemaR�(s
ldapCacertDirR�(senableCacheCredsR'(senableSmartcardR'(s
kerberosRealmR�(skerberosKDCR�(skerberosAdminServerR�(sforceSSSDUpdateR'(s
enableLDAPR'(senableKerberosR'(senableLDAPAuthR'(senableIPAv2R'(ssmartcardActionR�(ssmartcardModuleR�(ssmartcardActionR�(ssmartcardModuleR�(s
enableFprintdR'(senableSmartcardR'(sforceSmartcardR'(ssmbWorkgroupR�(s
smbServersR�(ssmbRealmR�(ssmbSecurityR�(s
smbIdmapRangeR�(swinbindSeparatorR�(swinbindTemplateHomedirR�(swinbindTemplateShellR�(swinbindUseDefaultDomainR'(swinbindOfflineR'(swinbindKrb5R'(senableDBR'(senableDirectoriesR'(s
enableWinbindR'(senableOdbcbindR'(s
enableNIS3R'(s	enableNISR'(senableLDAPbindR'(s
enableLDAPR'(senableHesiodbindR'(senableHesiodR'(s
enableDBIbindR'(senableDBbindR'(senableCompatR'(s
enableWINSR'(s
enableMDNSR'(senableMyhostnameR'(s
enableNIS3R'(s	enableNISR'(senableIPAv2R'(s
enableSSSDR'(spreferDNSinHostsR'(simplicitSSSDR'(s
pwqualityArgsR�(spasswdqcArgsR�(sfaillockArgsR�(senableFaillockR'(s
localuserArgsR�(s
pamAccessArgsR�(senablePAMAccessR'(s
mkhomedirArgsR�(senableMkHomeDirR'(s
algoRoundsR�(spasswordAlgorithmR�(senableShadowR'(s	enableNISR'(senableNullOkR'(sforceBrokenShadowR'(senableLDAPAuthR'(senableKerberosR'(senableSmartcardR'(sforceSmartcardR'(senableWinbindAuthR'(senableMkHomeDirR'(s	enableAFSR'(senableAFSKerberosR'(senablePWQualityR'(s	enableEPSR'(senableEcryptfsR'(s	enableOTPR'(senablePasswdQCR'(senableLocAuthorizeR'(senableSysNetAuthR'(swinbindOfflineR'(swinbindKrb5R'(senableSSSDAuthR'(s
enableFprintdR'(s	pamLinkedR'(simplicitSSSDAuthR'(ssystemdArgsR�(suidMinR�(senableIPAv2R'(spasswordAlgorithmR�(senableShadowR'(s	enableNISR'(s
enableLDAPR'(senableLDAPAuthR'(senableKerberosR'(senableEcryptfsR'(senableSmartcardR'(sforceSmartcardR'(senableWinbindAuthR'(s
enableWinbindR'(swinbindKrb5R'(senableDBR'(senableHesiodR'(senablePWQualityR'(senablePasswdQCR'(senableFaillockR'(sfaillockArgsR�(senableLocAuthorizeR'(senablePAMAccessR'(senableCacheCredsR'(senableMkHomeDirR'(senableSysNetAuthR'(s
enableFprintdR'(s
enableSSSDR'(senableSSSDAuthR'(senableForceLegacyR'(sipav2ServerR�(sipav2DomainR�(s
ipav2RealmR�(senableIPAv2R'(sipaDomainJoinedR'(s
ipav2NoNTPR'(s	nisDomainR�(senableShadowR'(s	enableNISR'(senableMkHomeDirR'(s
enableLDAPR'(senableLDAPAuthR'(simplicitSSSDR'(simplicitSSSDAuthR'(senableForceLegacyR'(simplicitSSSDR'(simplicitSSSDAuthR'(senableIPAv2R'(s
enableSSSDR'(senableSSSDAuthR'(senableForceLegacyR'(s
enableWinbindR'(senableWinbindAuthR'(�t	messageCBt	backupDirR�RJRKR2R4RR@R[R<R\R>RNRLRMRgRYRZRXRhRiRjRkRlRmRnR�R�R�R�RR�tipaUninstallRdRcRHRzRoRpRwR_R6RtRsRyRxRvRuRrRqR{R|R}RR~RbtenableAltfilesR�R�R%R�R�R�R�R`RaROR�R�R�R�R�R�R�R�R�R�R]R�tbrokenShadowR�RfReR�RIR�RBRPRQRRRSRTRURVRWR�R�tjoinUsertjoinPasswordR�R�R�R�R�R�R:t
ldapCacertURLR8R�t
sssdConfigt
sssdDomainR^tsssdConfigPresentt
SSSDConfigt
new_configR=tsetttoggleFunctionsR�R$ttoggleCachingServicetwriteHesiodtwriteNISttoggleNisServicet	writeLDAPtwriteLibusertwriteLogindefstwritePWQualityt
writeKerberost	writeSSSDttoggleSSSDServicetwriteSmartcardt
writeDConftwriteWinbindttoggleWinbindServicetwriteNSStwritePAMtwriteSysconfigtwriteNetworkttoggleShadowttoggleOddjobServicettoggleLDAPServicetsave_groups(R�R�((s!/usr/share/authconfig/authinfo.pyR�&sr																																																																																																															
																											cCsZt||�}||krVt|||�|t||�krV|jj|�qVndS(N(R�tsetattrR�tappend(R�tattrR#treftoldval((s!/usr/share/authconfig/authinfo.pytsetParam�s
cCs>yt|�}Wntk
r$dSX|j|t|�|�S(N(R(R+R�R'(R�R�R#R�((s!/usr/share/authconfig/authinfo.pytsetIntParams

cCsWyt|�}Wntk
r$dSX|dkrD|j|t|�S|j|t|�S(Ni(R(R+R�R%R(R�R�R#R�((s!/usr/share/authconfig/authinfo.pytsetClassReqParam
s
cCs�|js|jrtSd
}d}d}d}d
}x>|D]6}t|d|�r<||kretS|d7}q<q<W|dkr�tSd
}x>|D]6}t|d|�r�||kr�tS|d7}q�q�W|dkr�tS|jr�|jr�tStS(NtNIStLDAPtWinbindtHesiodtIPAv2tKerberostLDAPAuthtWinbindAutht	SmartcardiR�i(R�R�R�R�R�(R�R�R�R�(R�R�(R�R�RR�R`R[R%(R�tnssalltpamalltidsupportedt
authsupportedtnumtt((s!/usr/share/authconfig/authinfo.pyt
sssdSupporteds2

cCs�ytjttj�}Wntk
r.tSX|jdt|j	d��|�|jdt|j	d��|�|j
�tS(NRJtlhsRKtrhs(tshvfileR�tall_configst
CFG_HESIODRR=RR�RtgetValueR<R%(R�R�tshv((s!/usr/share/authconfig/authinfo.pyt
readHesiod2s
""
cCsJytttjd�}Wntk
r.tSXd}x�|D]�}|j�}t|d�}|r�|jr�t	||�}q<nt|d�}|r<|j
dd�}t|�dkr�q<n|d|jkr�q<nt|�dkr�q<n|d}t|d�}|r%t	||�}q%q<q<W|j
d	||�|j�tS(
NR*RItypserverR�iiitserverRN(R5R�tCFG_YPRR=RtstripRRMR$R	RRR�R<R%(R�R�tft	nisserverRR#((s!/usr/share/authconfig/authinfo.pytreadNISCs6



cCssd|kr|jd�}n|j�}xB|D]:}ytj|�j}Wq1ttjfk
rjtSXq1WtS(s&
		Check whether LDAP URI is valid.
		R(R	turlparsetportR+tsocketR�RR%(R�Rturisturitp((s!/usr/share/authconfig/authinfo.pytvalidateLDAPURIms
	cCs�d|kr|jd�}n|j�}d}xU|D]M}|r7|rV|d7}nd|kro||7}q�|d|d7}q7q7W|r�|j|�r�|jtd��n|S(NRRIs://sldap://R�sInvalid LDAP URI.(R	R�R�R�(R�Rtvalidatetltrettitem((s!/usr/share/authconfig/authinfo.pytldapHostsToURIs|s


cCst|_ytttjd�}Wn�tk
r�ytttjd�}Wq�tk
r�ytttjd�}Wq�tk
r�yttt	jd�}Wq�tk
r�t
SXq�Xq�XnXx|D]
}|j�}t|d�}|rt
|�r|jd||�q�nt|d�}|rC|jd||�q�nt|d�}|rq|jd||�q�nt|d�}|r�|jdt|d	�|�q�nt|d
�}|r�|jd||�q�q�q�W|jt|j�t
�|_|j�tS(NR*RR4thostR2R�tsslR6t	start_tlst
nss_schemaR8(tPATH_LDAP_CACERTSR:R5R�tCFG_NSSLDAPRR=t	CFG_NSLCDtCFG_PAMLDAPtCFG_LDAPRR�RR*R�R R�RR2R<R%(R�R�R�RR#((s!/usr/share/authconfig/authinfo.pytreadLDAP�sN	






cCs(y|j|SWntk
r#dSXdS(NRI(tallKerberosKDCstKeyError(R�RQ((s!/usr/share/authconfig/authinfo.pytgetKerberosKDC�s
cCs(y|j|SWntk
r#dSXdS(NRI(tallKerberosAdminServersR(R�RQ((s!/usr/share/authconfig/authinfo.pytgetKerberosAdminServer�s
cCs�d}i|_i|_t}ytttjd�}Wntk
rLtSXx
|D]}|jd�d}|j	�}|dd!dkr�|dd!}d}qTn|dkrbt
|d	�}|r�|jd
||�t}qTnt
|d�}|r"|jdt
|d
�dk|�qTnt
|d�}|rY|jdt
|d
�dk|�qTqYqT|dkrT|s�|jdd�}t|�dkr�qTn|d}qY|dd!dkr�d}qTn|js�||_t}nt
|d�}|rt|j|�|�|j|<qTnt
|d�}|rYt|j|�|�|j|<qYqTqTW|j�|r�|jr�|jd|j|j�|�|jd|j|j�|�q�n/|jr�|jjd
�n|jd
d|�tS(NRIR*t#iit[i����tlibdefaultst
default_realmR@tdns_lookup_kdcR\ttruetdns_lookup_realmR[trealmst}RLtadmin_serverR<R>(RRRR5R�tCFG_KRB5RR=R	R�RR�R%RRRR@R$RR	R<R�R�(R�R�tsectiontrealm_foundR�Rt
subsectionR#((s!/usr/share/authconfig/authinfo.pytreadKerberos�sr		


""	
			)
	%	cCs�d}ytttjd�}Wntk
r4tSXx�|D]�}|j�}|dd!dkrz|dd!}d}q<n|dkr<t|d�}|r�|jd	|j	�|�q<q�q<q<W|j
�tS(
NRIR*iiRi����tdefaultstcrypt_styleRO(R5R�tCFG_LIBUSERRR=RR�RR�R!R<R%(R�R�RR�RRR#((s!/usr/share/authconfig/authinfo.pytreadLibusers$




cCshytttjd�}Wntk
r.tSXx(|D] }tj|�}|dk	r6|j	d�}|j
d�r{q6n|j	d�}|dkr�|j	d�}n|dkr�d}q�nq6|dkr�|dkr�|jd	d
|�q6n|dkr4|dkrd
}n|jd	|j�|�q6n|dkr6|jd||�q6q6W|j
�tS(NR*iR
iiRItMD5_CRYPT_ENABtyesRORktENCRYPT_METHODtDESRitUID_MINR�(R5R�tCFG_LOGIN_DEFSRR=Rt
ld_line_retmatchRR1RR�R!R<R%(R�R�R�RR$R�R#((s!/usr/share/authconfig/authinfo.pyt
readLogindefs:s8

	
cCs�d}ytttjd�}Wntk
r4tSXx�|D]�}|jd�d}|j�}t|d�}|r�|j	d||�q<nt|d�}|r�|j	d||�q<nt|d	�}|r�|j	d
||�q<nt|d�}|r|j	d||�q<nt|d
�}|rG|j
d||�q<nt|d�}|ru|j
d||�q<nt|d�}|r�|j
d||�q<nt|d�}|r<|j
d||�q<q<q<W|j�tS(NRIR*R
itminlenRPtminclassRQt	maxrepeatRRtmaxclassrepeatRStlcreditRTtucreditRUtdcreditRVtocreditRW(
R5R�t
CFG_PWQUALITYRR=RR	R�RR�R�R<R%(R�R�RR�RR#((s!/usr/share/authconfig/authinfo.pyt
readPWQuality\sT



c	Cs%|js
tStj�|_y$|jjttj�t|_Wn6ttj	fk
rxtj�|_|jj
�nXy|jjt�}|_
Wn�tjk
ruy|jj�d}Wn=tk
r�y|jj�d}Wqtk
r�tSXnX|jj|�}y|jd�}Wntjk
rAd}nXy|jd�}Wqvtjk
rqd}qvXnXx�tD]�\}}y}|j|�}|dkr�dj|jd��}n0|dkr�|dkr�w}n|d	kr�w}n|j|||�Wq}tjk
rq}Xq}WdS(
Nitid_providert
auth_providerR3R
RR9trfc2307RD(R�R%R�t
import_configR�tCFG_SSSDRR�R=tParsingErrorR�t
get_domaintSSSD_AUTHCONFIG_DOMAINR�t
NoDomainErrortlist_active_domainst
IndexErrortlist_domainst
get_optiont
NoOptionErrorRtsssd_optionsRR	R�(	R�R�R�tdomnametidprovtauthprovR�toptR�((s!/usr/share/authconfig/authinfo.pytreadSSSD�sP	


	
cCs�t}tdg�}|dkr.d|_tS|jd|d|�tdg�}|dkrdtSx#|D]}d|krkt}qkqkW|r�|jdtd�|�n|jdtd	�|�tS(
Nt
use_moduleRIRdit	rm_actions
lockhelper.shRcR�R�(RR�RRdR�R%R�(R�R�tlocktsmartcardmodulet	rmactionstaction((s!/usr/share/authconfig/authinfo.pyt
readSmartcard�s 	

cCs�d}d}ytttjd�}Wntk
r:|SXx�|D]�}|j�}t|d�riqBnt|d�r~qBnt|d�}|r�|jd�dj	�}qBn|sB|dkr�qBnt
||�}|rB|}qBqBW|j�|S(	NRIR*R
t;Rt]itglobal(R5R�tCFG_SMBRR=R�R RR	R!RVR<(R�RtresultRR�RR#tres((s!/usr/share/authconfig/authinfo.pytreadWinbindGlobal�s.



cCsT|j|�}|rP|j�dksE|j�dksE|dkrItStSndS(NRRRF(RQR!R%RR(R�Rttmp((s!/usr/share/authconfig/authinfo.pytreadWinbindGlobalBool�s0cCs�|jd�}|r+|jd||�n|jd�}|rV|jd||�n|jd�}|r�|jd||�n|jd�}|r�|jd||�n|js�d	|_n|jd
�}|r�|jd||�n|jsd|_n|jd
�}|r,|jd||�n|jd�}|rW|jd||�n|jd�}|r�|jd||�n|js�d|_n|jd�}|dkr�|jd||�n|jd�}|dkr�|jd||�ntS(Nt	workgroupRgspassword serverRZRQRYtsecurityRXtusersidmap config * : rangeRhs16777216-33554431swinbind separatorRistemplate homedirRjstemplate shellRks
/bin/falseswinbind use default domainRlswinbind offline logonRm(RQR�RXRhRkRSRR%(R�R�RR((s!/usr/share/authconfig/authinfo.pytreadWinbind�sJ			c
Cs]d}d}ytttjd�}Wntk
r:tSXxM|D]E}|j�}t|d�}|rr|}qBt|d�}|rit|d�r�|j	dt
|�nt|d�r�|j	dt
|�nt|d	�r�|j	d
t
|�nt|d�}|dkr#t|d�}nt|d�}|dkr�|dkr�|j	d
||k|�q�qBt|d�}|rB|}qBqBW|rOd#d$d%d&d'd(d)d*d+f	}	x=|	D]5\}
}t||�r�|j	d |
t
|�q�q�W|r*t|d!�r*t|d!�r*|jj
d"�n|j	d"tt|d!��|�n|j�t
S(,NRIR*spasswd:shosts:twinsR{smdns4_minimal [NOTFOUND=return]R|t
myhostnameR}tnistdnsRsinitgroups:tCompattcompattDBtdbtDirectoriestdirectoriesR�thesiodR�R�R�tAltfilestaltfilestNIS3tnisplusR�R�R�R}RI(R\R](R^R_(R`Ra(sHesiodshesiod(sLDAPR�(sNISRZ(RcRd(ReRf(sWinbindR�(R5R�tCFG_NSSWITCHRR=RR�RR3R�R%RR�R�tboolR<(R�R�t	nssconfigt
initgroupsR�RR#tnispostdnspostnssmapR�tnssentry((s!/usr/share/authconfig/authinfo.pytreadNSS sR

	
	%%
cCs|jdt�|�tS(NRH(R�R"R%(R�R�((s!/usr/share/authconfig/authinfo.pyR"WscCs�ytttjd�}WnAtk
r]yttdtd�}Wq^tk
rYtSXnX|j||�|j	�yttt
jd�}WnAtk
r�yttdtd�}Wq�tk
r�tSXnX|j||�|j	�tS(NR*s/pam.d/(
R5R�tCFG_PAMRR=t
SYSCONFDIRtAUTH_PAM_SERVICERtreadPAMFileR<tCFG_POSTLOGIN_PAMtPOSTLOGIN_PAM_SERVICER%(R�R�R�((s!/usr/share/authconfig/authinfo.pytreadPAM\s&

	


	
cCs"d}x||D]t}|jdd�}t|�dkrD|d}n|j�}|ddkrx||d d7}q
n||}d}|j�}d}|jdd�}t|�dkr�q
n|\}}|d	kr|d
kr|dkr|dkrq
n|jd
�r*|jdd�}n|jdd�}t|�dkrTq
n|ddkrjq
n|d}|jd
�r�|d7}n|d}|jdd�}t|�dkr�q
n|djd�d\}	t|�dkr�|d}n|	jd�s|	jd�rP|jdt|�|r
|jd||�q
q
n|	jd�rx|jdt|�q
n|	jd�r�|jdt|�q
n|	jd�r�|jdt|�q
n|	jd�r%|jdt|�d|kr|jdt|�q
|jdt|�q
n|	jd�rM|jd t|�q
n|	jd!�r�|jd"t|�|r
|jd#||�q
q
n|	jd$�r�|jd%t|�|jd&|j	d'�dk|�q
n|	jd(�r|jd)t|�q
n|	jd*�rG|jd+t|�|r
|jd,||�q
q
n|	jd-�se|	jd.�r�|jd/t|�|r
||_
q
q
n|	jd0�r�|jd1t|�|r
|jd2||�q
q
n|	jd3�r|r
|jd4||�q
q
n|dkr|	jd5�rx9tD]1}
|j	|
�dkr'|jd6|
|�q'q'WyP|jd7�}||d8jdd�}|jd9t
t|d��|�Wnttfk
r�nXy$tjd:�|jd;t|�Wqtk
r|jd;t|�qXqn|d	kr�|	jd5�rW|jd<|j	d=�dk|�n|	jd>�r�|jd?t|�|r
d@|kr
|jd@d�j�}|jdA||�q
q
q�n|d
kr|	jd5�r|jdB|j	dC�dk|�qn|d	ks|d
kr
|	jdD�r�tj|�}
|
dkr~|
jd�dkr~|jdE|
jd�|�q~q�q
q
W|jr�|jr�|jd"t|�n|jr�|jr�|jdt|�n|jr|jr|jr|jr|jr|j rt|_!ndS(FNRIR
iii����s\R
iRnRoRqRpRRLtincludeR�tpam_cracklibt
pam_pwqualityR�R�tpam_ecryptfsR�tpam_krb5R`tpam_ldapRat
pam_pkcs11R]tauthinfo_unavailRftpam_fprintdRetpam_passwdqcR�R�tpam_winbindR�Rnt	krb5_authtpam_sssR�t
pam_accessR�R�t
pam_mkhomedirtpam_oddjob_mkhomedirR�t
pam_localuserR�R�tpam_systemdR�tpam_unixROsrounds=iR�s/etc/shadowR�R�tnulloktpam_faillockR�R�R�R�t
broken_shadowtpam_succeed_ifR�("R	RR
RRRR�R%RR-R�tpassword_algorithmsR�R'R(R+R:R4R�R;RR�t
succ_if_reR$R1R�R�R�RaR`R�R�R]R�(R�R�R�tprevlineRRtargststacktcontroltmoduletalgotridxtroundsR$((s!/usr/share/authconfig/authinfo.pyRsws






"
'

%	(!)cCsSy;tjttj�}y|jd�|_Wntk
rBnXy|jd�|_Wntk
rlnXy|jd�|_	Wntk
r�nXy|jd�|_
Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
rnXy|jd�|_
Wntk
r>nXy(|jd�|_|jd	�|_Wntk
rznXy|jd
�|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd
�|_Wntk
r"nXy|jd�|_Wntk
rLnXy|jd�|_Wntk
rvnXy|jd�|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
rnXy|jd�|_Wntk
rHnXy.|jd�}|rmd|_n	d|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
r�nXy|jd�|_Wntk
rnXy|jd�|_ Wntk
r2nXy|jd�|_!Wntk
r\nXy|jd�|_"Wntk
r�nXy|jd�|_#Wntk
r�nXy|jd�|_$Wntk
r�nXy|jd �|_%Wntk
rnXy|jd!�|_&Wntk
r.nXy|jd"�|_'Wntk
rXnXy|jd#�|_(Wntk
r�nXy|jd$�|_)Wntk
r�nXy|jd%�|_*Wntk
r�nXy|jd&�|_+Wntk
rnXy|jd'�|_,Wntk
r*nXy|jd(�|_-Wntk
rTnXy|jd)�|_.Wntk
r~nXy|jd*�|_/Wntk
r�nXy|jd+�|_0Wntk
r�nX|jd,�|_1|jd-�|_2|jd.�|_3|jd/�}|t4kr0||_n|j5�Wnt6k
rNnXt7S(0NtUSEAFStUSEAFSKERBEROStUSEDBtUSEPWQUALITYt	USEDBBINDt
USEDBIBINDtUSEDIRECTORIEStUSEFAILLOCKtFAILLOCKARGStUSEECRYPTFStUSEEPSt	USEHESIODt
USEHESIODBINDtUSEKERBEROStUSELDAPtUSELDAPAUTHtUSESMARTCARDt
USEFPRINTDtFORCESMARTCARDtUSELDAPBINDtUSEMD5RkRitUSENISt
USENISPLUStUSEODBCBINDtUSEOTPtUSEPASSWDQCt	USESHADOWt
USEWINBINDtUSEWINBINDAUTHtWINBINDKRB5tUSESSSDtUSESSSDAUTHtUSELOCAUTHORIZEtUSEPAMACCESStUSEMKHOMEDIRt
USESYSNETAUTHtFORCELEGACYtCACHECREDENTIALStUSEIPAV2tIPADOMAINJOINEDt
IPAV2NONTPtIPAV2SERVERtIPAV2DOMAINt
IPAV2REALMtPASSWDALGORITHM(8R�R�R�tCFG_AUTHCONFIGRtgetBoolValueR�R+R�RoR�RyRxRpR�R�R�R�R�RwRvR`R_RaR]ReRfRuRORttenableNISP3RrR�R�R�RqR�RnR~R�R�R�R�R�R�RBRbR�R�R�R�R�R�R<R=R%(R�R�t	enableMD5R�((s!/usr/share/authconfig/authinfo.pyt
readSysconfig	s`









































cCs�ytjttj�}Wntk
r.tSX|jd�}|rP||_n|j	�|jr||j
d|j|�ntS(Nt	NISDOMAINRL(R�R�R�tCFG_NETWORKRR=RR�RMR<R�R%(R�R�R�RR((s!/usr/share/authconfig/authinfo.pytreadNetwork�	s

	cCsh|j�}t|j�|ks6t|j�|kr:tSx'|jD]}|j||�rDtSqDWtS(N(R�RhRIR�R%R�R�R(R�R't
sssdsupportedR1((s!/usr/share/authconfig/authinfo.pytdiffers�	s*cCs�t|j�|_t|j�|_t|j�|_t|j�|_|j|j|�|_|jdkr�|jr�|jj	�|_q�n|j
j�|_
|jdkr�t|_n|jdkr�d|_ndS(NtadsRI(RRZR�R<R>R�R2RXRYtupperROR!RBRR%R@(R�R�((s!/usr/share/authconfig/authinfo.pytupdate�	s	cCs�|j�}|j�|j|�|j|�|j|�|j�}|jr�|r�|jr�|jdt	|�t
|_n|jr�|r�|jr�|jdt	|�t
|_n|j|�|j
|�|j|�|j|�|j|�|j|�|jr-|jr-|j|�n|j|�|j|�|jsY|jri|j|�n|j|�|j|�|j�dS(NR~R�(tcopyR�RoRRvR�RIRbR�R%RR�R%R/R�RWR�R�RCRRRJR"R�(R�R�treallyimplicit((s!/usr/share/authconfig/authinfo.pyR�
s6













cCs%tj|�}d|_d|_|S(NRI(R�R�R�(R�R�((s!/usr/share/authconfig/authinfo.pyR�&
s		cCs/ttj|j�t|jo'|j�tS(N(R�t	CFG_CACHERR�R$RHRIR%(R�((s!/usr/share/authconfig/authinfo.pyR$,
scCs�ttj|j�ytjttj�}Wntk
rBtSX|j	d|j
�|j	d|j�|jd�|j
�tS(NR�R�i�(R�R�RR�R�trcreateRR=RtsetValueRJRKR�R<R%(R�R�((s!/usr/share/authconfig/authinfo.pyR�1
s


c	Cs�t}d}d}ttj|j�z�tttjd�}x�|jD]�}|j	�}t
|d�}|r}|jdd�}t|�dkr�qIn|d|j
kr�|d|jkr�||7}qIn|r�|j
r�|d|j
7}|jjd�}|jr'|d7}||d7}n
|d	7}|d
7}|d}x)|D]!}|rL|d|d
7}qLqLWt}q�qIt|d�r�|r�|j
r�|jr�|jjd�}x)|D]!}|r�|d|d
7}q�q�Wt}q�qI||7}qIW|s�|jjd�}|j
rv|d|j
7}|dr_|d7}||d7}|d}n
|d	7}|d
7}nx,|D]!}|r}|d|d
7}q}q}Wn|j�|j|�|j�Wdy|r�|j�nWntk
r�nXXtS(
NRIi�R�iisdomain Rs server s
 broadcasts
s	ypserver R�(RRR�R�RR�R�RR�R�RR	RRLRMRNR%R RR�R	R<R=(	R�twrittenR�RKRtlsR#tserversR((s!/usr/share/authconfig/authinfo.pyR�@
sv&
	





	








cCs�t}t}	t}
t}t}t}
d}d}|jr`|jdkr`|jdkr`d}nd}z�t|d�}xJ|jD]?}|j�}t||�r�|	r�|jr�||d7}|dj|jj	d��7}|d	7}t
}	q�q�t||�r"|jr�|d
|7}q�q�t||�rr|r�|jr�||d7}||j7}|d	7}t
}q�q�|r�t|d�r�|
s�|d7}|j
r�|d
7}n
|d7}|d	7}t
}
q�q�|rt|d�r|r�|jr�|d7}||j7}|d	7}t
}q�q�t|d�rx|
s�|rG|d7}n
|d7}|d|j7}|d	7}t
}
q�q�|r�t|d�r�|s�|d|7}|d	7}t
}q�q�||7}q�W|	r|jr||d7}|dj|jj	d��7}|d	7}n|rG|jrG||d7}||j7}|d	7}n|r�|
r�|d7}|j
rt|d
7}n
|d7}|d	7}n|r�|r�|jr�|d7}||j7}|d	7}n|
s|r�|d7}n
|d7}|d|j7}|d	7}n|r.|r.|d|7}|d	7}n|j�|j|�|j�Wdy|ri|j�nWntk
r}nXXt
S(NRIRiRjRktcrypti�R
Rs
R
R�sssl R�tnoR�snss_schema t
tls_cacertdirt
TLS_CACERTDIRtpam_passwords
pam_password (RRROR�R�R�R R2RR	R%R+R4R6R8R"R:RR�R	R<R=(R�R>R�R�Rt	writepadltwriteschematwritepamtwrotebasedntwroteservertwrotessltwroteschemat	wrotepasstwrotecacertdirR�RKtpassalgoRR�((s!/usr/share/authconfig/authinfo.pyt
writeLDAP2�
s�	
	


	














	













cCs�tjjttj�rVttj|j�|jttjdddt	t	t	�ntjjtt
j�r�tt
j|j�|jtt
jdddt	t	t�ntjjttj�rttj|j�|jttjdddt	tt	�ntjjtt
j�rXtt
j|j�|jtt
jdddt	tt�nttj|j�|jttjdddttt�}|S(NR�R�RtURItHOSTtBASE(R4R�RR�RRRR�R�R%RRRRtCFG_OPENLDAP(R�R�((s!/usr/share/authconfig/authinfo.pyR�
s(cCsRd}|jdkr|dS|jdks;|jdkrF||jS|dSdS(Nscrypt_style = RkRlRmtdes(RO(R�R�((s!/usr/share/authconfig/authinfo.pyt
cryptStyle scCs�t}t}d}d}d}ttj|j�zDtttjd�}x�|jD]�}|j	�}|dkr�t
|d�r�||j�d7}t}qUnt
|d�r|dkr�|r�||j�d7}t}n|dj
dd�d	}|dkrt}qn||7}qUW|sT|d
7}||j�d7}t}t}n|j�|j|�|j�Wdy|r�|j�nWntk
r�nXXtS(NRIi�RRs
RiRLis[defaults]
(RRR�RRR�R�RR�R�R R�R%R	RR�R	R<R=(R�twrotecryptstylet
wrotedefaultsRR�RKRR�((s!/usr/share/authconfig/authinfo.pyR�*sH	
	


c	Cst}t}d}d}d}ttj|j�|jdkrJd}nd}|jdksn|jdkrwd}nd|jj�d	}z^tttj	d
�}x�|j
D]�}tj|�}	|	dk	rE|	j
d�}
|
jd�r||7}q�n|	j
d
�}|dkr-|	j
d�}n|dkrRd}qRn
||7}q�|
dkrt||7}t}q�n|
dkr�||7}t}q�n||7}q�W|s�||7}n|s�||7}n|j�|j|�|j�Wdy|r|j�nWntk
rnXXtS(NRIRksMD5_CRYPT_ENAB yes
sMD5_CRYPT_ENAB no
RiRjsENCRYPT_METHOD DES
sENCRYPT_METHOD s
i�iR
iiRR(RRR�R"RR�ROR�R�RR�R#R$R1RR%RR�R	R<R=(R�t
wrotemd5crypttwroteencmethodRR�RKtmd5cryptt	encmethodRR$R�R#((s!/usr/share/authconfig/authinfo.pyR�_sd		








cCs�|jd�}t|�dkr3|jd�}nt|�dkr�yat|d�}|dkrh|S|r�|dkr�|ddS|r�|dkr�|ddSWq�tk
r�q�Xn|r�d}nd}|dd	|S(
NRiR
is = -1s = 0s-1RGs = (R	RR(RR+(R�RR#R�R�((s!/usr/share/authconfig/authinfo.pytformatClassReqParam�s$
	c
Cs�t}t}t}t}t}t}t}t}d}	d}
ttj|j�zjtttjd�}	x|	jD]}|j	d�dj
�}t|d�r�|ss|
d|jd7}
t
}qsqsnt|d�r|ss|
d	|jd7}
t
}qsqsnt|d
�r=|ss|
d|jd7}
t
}qsqsnt|d�rv|ss|
d
|jd7}
t
}qsqsnt|d�r�|ss|
|j||j�d7}
t
}qsqsnt|d�r�|ss|
|j||j�d7}
t
}qsqsnt|d�r9|ss|
|j||j�d7}
t
}qsqsnt|d�rz|ss|
|j||j�d7}
t
}qsqsn|
|7}
qsW|s�|
d|jd7}
n|s�|
d	|jd7}
n|s�|
d|jd7}
n|s|
d
|jd7}
n|s&|
|jd|j�d7}
n|sL|
|jd|j�d7}
n|sr|
|jd|j�d7}
n|s�|
|jd|j�d7}
n|	j�|	j|
�|	j�Wdy|	r�|	j�nWntk
r�nXXt
S(NRIi�R
iR&s	minlen = s
R'sminclass = R(smaxrepeat = R)smaxclassrepeat = R*R+R,R-(RRR�R.RR�R�RR�R	R�R RPR%RQRRRSR�RTRURVRWRR�R	R<R=(
R�twroteminlent
wroteminclasstwrotemaxrepeattwrotemaxclassrepeatt
wrotereqlowert
wroterequppert
wrotereqdigitt
wrotereqotherR�RKRR�((s!/usr/share/authconfig/authinfo.pyR��s�								    


c'Cs�
t}t}t}t}t}t}t}t}t}	t}
t}t}t}
t}t}tjttj�}d}d}d}d}ttj|j	�|j
r�|jr�|j}n?|js�|j
r�|jdkr�|jr�|j}n	|j}|j|jkrt}nze	tttjd�}x,|jD]!}|j�}t|dt�rq|s7t}qqq7n|dkr�|r�||jkr�t|d�r�|s7|jr�|t|j�7}nt}q7q7n|dkrH|jdkrH|rH||jkrHt|d�rH|s7|jr9|t|j�7}nt}q7q7n|dkr�|r�||jkr�t|d�r�|s7|jr�|t|j�7}nt}q7q7n|dkrB|rB|jdd�}t|�dkr�||7}q7n|d	}|jr||jkrt}n|jrB||jkrBt}qBn|dkr|rt|d
�r|jr�||jkr�|s�|t|j�7}t}n|s�|t|j�7}t}q�n|jr�||jkr�|s�|t|j�7}t}q�nd}n|dkr]t|d�r]|r7|
r7|d
7}||7}|d7}t}
q7q7n|dkr�t|d�r�|s7|d7}|tt|j��j �7}|d7}t}q7q7n|dkr#t|d�r#|s7|d7}|tt|j!��j �7}|d7}t}q7q7n|dkr�|jr�t||jj ��slt|d|jj ��r�||7}t}
q7nt|d�rN|s�|dtd7}t}n|dkr�|jr�|r�|t"|j|j|j�7}t}n|dkr7|jr7|r7|t"|j|jd�7}t}n|dkr|rw|
rw|d
7}||7}|d7}t}
n|jdkr�|r�|d7}|tt|j��j �7}|d7}t}n|j!dkr|r|d7}|tt|j!��j �7}|d7}t}qn|dkr�|jr�|
r�|d|jj �7}|d|j7}|d7}|d|jj �7}|d|j7}|d7}t}
q�n|r�|dkr�t}q�|dkr�t}	q�|dkr�t}q�n|djdd�d	}|dkr!t}qN|dkr6t}qN|dkrNt}qNn||7}q7W|	s>	|su|d7}n|r�|
r�|d
7}||7}|d7}n|jdkr�|r�|d7}|tt|j��j �7}|d7}n|j!dkr>	|r>	|d7}|tt|j!��j �7}|d7}q>	n|r�	|jsW	|jr�	|sj	|d7}n|s�	|t"|j|j|j�7}n|s�	|t"|j|jd�7}q�	n|rW
|jrW
|s�	|d7}n|jrW
|
rW
|d|jj �7}|d|j7}|d7}|d|jj �7}|d|j7}|d7}qW
n|j#�|j$|�|j%�Wdy|r�
|j&�nWnt'k
r�
nXXtS(NRIR�i�sincludedir RRLRiiRRR
s default_realm = s
Rs dns_lookup_realm = Rs dns_lookup_kdc = tdomain_realmR�RR
s = s .RLs[libdefaults]
s	[realms]
s[domain_realm]
((RR4R�tPATH_KRB5_INCLUDEDIRtR_OKRR�RRR�R`R@RqR�RXRYR%R�RR�R�R R<RMRZR>RPR	RR'RhR[R!R\RRRR�R	R<R=(R�t
wroterealmtwrotekdct
wroteadmint
wrotesmbrealmtwrotesmbkdctwroterealmstwrotelibdefaultstwroterealms2twrotelibdefaults2twrotedefaultrealmt
wrotednsrealmtwrotednskdctwroteourdomrealmt
wrotedomrealmtwrotedomrealm2twroteincdirRRR�RKtdefaultrealmRR�R#((s!/usr/share/authconfig/authinfo.pyR�s�	!			!		!		!		

	!		



	

	

	-
	
		



	

	



				








"




cCssy|j|d�}Wntjk
r3d}nX||kro|dkr\|j|�n|j||�ndS(Nt	_provider(R<R�R=Rtremove_providertadd_provider(R�R�tnewprovidertsubtypetprov((s!/usr/share/authconfig/authinfo.pytchangeProvider
s
cCs|js
tS|jr%|jr%tSy|jjd�}Wn&tjk
rc|jjd�}nX|jr�|j	r�|j
dkr�|jdd�n(y|jd�Wntj
k
r�nX|jj|�|ry|jjttj�Wqtk
rqXntS(Ntpamtsssdt
pam_cert_authR%(R�R%R�RItget_serviceR�tNoServiceErrortnew_serviceR]R�Rdt
set_optiont
remove_optionR=tsave_serviceR�R�R4RR=(R�twrite_configR((s!/usr/share/authconfig/authinfo.pytwriteSSSDPAM
s*	!
cCs�|js
tSttj|j�|jt�|jr;tS|j	s�|j
sQtSy|jjt�|_	Wq�t
jk
r�|jjt�|_	q�Xn|j	}y|jjd�Wn$t
jk
r�|jjd�nX|jjd�t}|jr+t}|j|dd�|j|dd�n|jr]|j|dd�|j|dd�n2|jr�|j|dd�|j|dd�nx�tD]�\}}y�t||�}|dkr�t|�}nt|�tkr�|j||�nHt|�tkr/|r|j||�q<|j|�n
|j|�Wq�t
j k
rSq�Xq�W|jj!|�|r�|jj"|j#��n|jj$|j#��y|jj%ttj&�Wnt'k
r�nXtS(NtautofsR�tidRxRntchpassR3((R�R%R�R4RR�R$RRbR�RIt
new_domainR7R�tDomainAlreadyExistsErrorR6RRRtactivate_serviceR_RR`RaR>R�RttypeRhR R'R!R=tsave_domaintactivate_domaintget_nametdeactivate_domainR�RR=(R�R�tactivateR�toptionR�((s!/usr/share/authconfig/authinfo.pyR�1
sj	
							
cCs�|jdkrtSttj|j�d}d}d}|jtd�krk|d7}|d7}d}nt	d|jd|d	|g�tS(
Ns/usr/sbin/gdm-safe-restarttnoneR�s ,/etc/pkcs11/lockhelper.sh -locks&,/etc/pkcs11/lockhelper.sh -deactivatetlock_screensuse_module=sins_action=s
rm_action=(
RdRR%R�tCFG_PAM_PKCS11RR�RcR�R�(R�tinsacttrmactRF((s!/usr/share/authconfig/authinfo.pyR�w
s

	
c
Cs0d}d}d}ttj|j�ttj|j�tjjttj	�}tjj
|�s�|jr~tj|�q�t
Sndtjd�d}d}|js�|jr�||7}d}||7}d}|d7}|d7}n|jr6|jr6||7}d}||7}d}|d7}|d	7}n|js[|jr�|jr�|jr�||7}d}||7}d}|d
7}|d7}nd}|jtd
�kr�||7}d}||7}d}|d7}|d7}nytjttj	�Wntk
rnXytjttj	�Wntk
r;nX|dkrz;tttj	d�}|j�|j|�|j�Wdy|r�|j�nWntk
r�nXXz;tttj	d�}|j�|j|�|j�Wdy|r|j�nWntk
rnXXntjd�t
S(NRIs# Generated by authconfig on s%Y/%m/%d %H:%M:%Ss
s
[org/gnome/login-screen]
s&enable-smartcard-authentication=false
s7/org/gnome/login-screen/enable-smartcard-authentications%enable-password-authentication=false
s7/org/gnome/login-screen/enable-password-authentication
s(enable-fingerprint-authentication=false
s:/org/gnome/login-screen/enable-fingerprint-authentication
s3
[org/gnome/settings-daemon/peripherals/smartcard]
R�sremoval-action='lock-screen'
s1/org/gnome/settings-daemon/peripherals/smartcard
i�sdconf update(RR�t	CFG_DCONFRR�tCFG_DCONF_LOCKSR4R�tdirnameRRR]tmakedirsR%ttimetstrftimeRdRfReRcR�R)R;R�RR�R	R<R=R�(R�R�RKtlockstlocksdirtheadertgroupHeader((s!/usr/share/authconfig/authinfo.pyR��
s�	







%
















cCsod}|d7}|dtjd�d7}|d7}|d7}|d7}|jrv|d7}||j7}|d7}n|jr�|d7}||jjd	d
�7}|d7}n|jr�|d7}||j7}|d7}n|jr	|d7}||j7}|d7}n|jr6|d
7}||j7}|d7}n|jrc|d7}||j7}|d7}n|j	r�|d7}||j	7}|d7}n|j
r�|d7}||j
7}|d7}n|jr�|d7}|d7}n|d7}|d7}|d7}|tt
|j��j�7}|d7}|d7}|tt
|j��j�7}|d7}|d7}|d7}|S(Ns#--authconfig--start-line--
s
s# Generated by authconfig on s%Y/%m/%d %H:%M:%SsF# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
sE# Any modification may be deleted or altered by authconfig in future
s   workgroup = s   password server = RR
s   realm = s   security = s   idmap config * : range = s   winbind separator = s   template homedir = s   template shell = s'   kerberos method = secrets and keytabs!   kerberos method = secrets onlys    winbind use default domain = s   winbind offline logon = s#--authconfig--end-line--
(R;R<RgRZRRYRXRhRiRjRkRnR'RhRlR!Rm(R�RK((s!/usr/share/authconfig/authinfo.pyt
paramsWinbind�
sh



	


	

	


	


	


	


	


	


	









cCs>d}x'|D]}t||�r
d}Pq
q
W||7}|S(NRIRK(RV(R�RR�R�RKRB((s!/usr/share/authconfig/authinfo.pytcheckLineWinbinds

c
Cs$t}t}d}ttj|j�dddddddd	d
ddd
ddg}d}d}z�tttjd�}x.|jD]#}|j	�}|r�t
|d�r�t}q�q�nt
|d�r�t}q�nt
|d�s�t
|d�r||7}q�nt|d�}	|	rsd|	krs|	j
d�dj�}||7}|dkr�||j�7}t}q�q�n|dkr�||j|||�7}q�n||7}q�W|s�|d7}||j�7}n|j�|j|�|j�Wdy|r
|j�nWntk
rnXXtS(NRIRTspassword serverRQRUs
domain logonss
domain masters	idmap uids	idmap gidswinbind separatorstemplate homedirstemplate shellswinbind use default domainswinbind offline logonskerberos methodi�s#--authconfig--end-line--s#--authconfig--start-line--RKR
RRLiRMs	[global]
(RR�RNRR�RR�RR�R�R R%RR	R!RARBRR�R	R<R=(
R�tauthsectiontwroteauthsectionRR�R�RKRR�R#((s!/usr/share/authconfig/authinfo.pyR�(sb	

	



c
Cs�d}d}d}t}t}t}t}t}t}	t}
t}d}d}
ttj|j�z�tttjd�}|jr�|d7}n|d7}|j	r�|d7}n|}|j
r�|d7}n|jr�|d7}n|jr�|d7}n|j
r|d	7}n|js*|js*|jrA|d
7}|d
7}n|jrW|d7}n|jrw|jrw|d7}n|jr�|d
7}n|jr�|d7}n|jr�|d7}n|jr�|d7}n|}|jr�|jdd�}n|}|jr|d7}ntjttj�s`|jrK|jrK|jdd�}q`|jd
d�}n|d7}|jr�|d7}n|jr�|d7}n|j r�|d7}n|jr�|d7}n|j
r�|d	7}n|js�|d7}n|j!r|d7}nx|j"D]
}|j#�}t$|d�r_|s|
d7}
|
|7}
|
d7}
t%}qqt$|d�r�|s|
d7}
|
|7}
|
d7}
t%}qqt$|d�r�|s|
d 7}
|
|7}
|
d7}
t%}qqt$|d!�r|
s|
d"7}
|
|7}
t%}
qqt$|d#�rQ|s|
d$7}
|
|7}
|
d7}
t%}qqt$|d%�r�|s|
d&7}
|
|7}
|
d7}
t%}qqt$|d'�r�|	s|
d(7}
|
|7}
|
d7}
t%}	qqt$|d)�r|s|
d*7}
|
|7}
|
d7}
t%}qq|
|7}
qW|sC|
d7}
|
|7}
|
d7}
n|sj|
d7}
|
|7}
|
d7}
n|s�|
d 7}
|
|7}
|
d7}
n|s�|
d$7}
|
|7}
|
d7}
n|s�|
d&7}
|
|7}
|
d7}
n|	s|
d(7}
|
|7}
|
d7}
n|s-|
d*7}
|
|7}
|
d7}
n|j&�|j'|
�|j(�Wdy|rh|j)�nWnt*k
r|nXXt%S(+NRIi�s dbs filess	 altfiless directoriess	 odbcbinds nispluss niss ssss	 ldapbinds ldaps hesiodbinds hesiods dbibinds dbbindtfilesR]s winbindR}R�s  mdns4_minimal [NOTFOUND=return]s dnss winss myhostnamespasswd:spasswd:    s
sshadow:sshadow:    sgroup:sgroup:     sinitgroups:R
s	netgroup:snetgroup:  s
automount:sautomount: shosts:shosts:     s	services:sservices:  (+RRR�RgRR�R�RRoR�RpRrRsRtR~RIRbRuR_RvRwRxRyRzRRqR4R�tPATH_LIBSSS_AUTOFSRR|RR{R}R�R�R R%RR�R	R<R=(R�tuserstnormalthoststwrotepasswdt
wrotegrouptwroteshadowt
wrotenetgrouptwroteautomountt
wrotehoststwroteinitgroupst
wroteservicesR�RKtservicestnetgroupRR�((s!/usr/share/authconfig/authinfo.pyR�ps:	

	
	
	
	
	


	

	
	
	
	
		

	
	
	
	
	
	
	















































c
Csft|t}|t}|t}d}|rX|rXd}|dkr�|dkr�|r�|jrjt}nt}djt�}q�|jr�t	}q�n|dkr�|dkr�|j
r�t}q�t}n|dkr]|dkr|t
kr|jrZt}qZq]|dks|dkr]|jdkrZ|td}	|j|	d	<dj|	�}qZq]n|d
kr�|dkr�|js�|js�|jr�|jr�t}n|dkr�tjdtd
ftj�r�d
}n|dkr�|d7}t}n|d|||f7}|ro||jkrotjdt|ftj�ro|jtdt|f��t|j|<n|dkr�|j }n|dkr�|j!}n|dkr�|j"}n|dkr�|j#}n|dks�|d
kr�|j$}n|dkr|j%}n|dkrG|dkrG|jrG|tt&krGd}n|rn|trndj|t�}n|dkr�|j'r�|dkr�|d7}n|dkr�|j(r�|d7}n|d
kr�|dkrd|j)r|j)dkr|d|j)7}n|j*r|d|j*7}n|j+r5|d7}n|jrK|d7}n|j,rd|d 7}qdn|dkr�|j,r�|d 7}q�n|dkr�|j-s�|j.s�|js�|j/r�|d!7}q�q�n|d"kr|dkrdj|t�d|j0}n|dkr>|dkr>|t1kr>|j2d#d$�}n|rX|d|7}qXn|d%7}|S(&NRIRwRnR
RxRoRviiR|R�s%s/pam_%s.sotoddjob_mkhomedirR�t-s%-12s%-13s pam_%s.sos_Authentication module %s/pam_%s.so is missing. Authentication process might not work correctly.R�R�R{R�R}tforward_passR�Rqs
 cached_logins# krb5_auth krb5_ccache_type=KEYRINGRis rounds=s shadows niss nulloks broken_shadowRtR`Ras
(3t
pam_stackstSTACKtLOGICtNAMER`tLOGIC_FORCE_PKCS11_KRB5tLOGIC_FORCE_PKCS11Rtargv_force_pkcs11_authtLOGIC_PKCS11_KRB5R]tLOGIC_IGNORE_AUTH_ERRtLOGIC_IGNORE_UNKNOWNtLOGIC_SKIPNEXTtLOGIC_SKIPNEXT3R�RtARGVR�R�RbRttLOGIC_SUFFICIENTR4R�tAUTH_MODULE_DIRtX_OKRtmodule_missingR�R�R%R�R�R�R�R�R�targv_sssd_missing_nameRmRnROR�R�R�R�RaR�R�tLOGIC_SKIPNEXT_ON_FAILURER(
R�R�t
forcescardtwarnR�tlogicR�RKR�targv((s!/usr/share/authconfig/authinfo.pytformatPAMModule4s�

							
!		
	3	!

		
	
		!$
cCs�tjj|�}tjj|�}|r1|s>|r�|r�ytj|�Wntk
rbnXytj||�Wq�tk
r�q�XndS(N(R4R�RtislinkR)R;tsymlink(R�RRR�R�((s!/usr/share/authconfig/authinfo.pytlinkPAMService�s

cCs}xvtttttgD]_}td|}tjj|�}tjj	|�}|r[|sh|r|rt
|_dSqWdS(Ns/pam.d/(RrRutPASSWORD_AUTH_PAM_SERVICEtFINGERPRINT_AUTH_PAM_SERVICEtSMARTCARD_AUTH_PAM_SERVICERqR4R�RRoRR�(R�RR�R�((s!/usr/share/authconfig/authinfo.pytcheckPAMLinked�s	cUCs[d}d}t|j|j�z�tt|jd�}|d7}|d7}|d7}|d7}|j}|j}|j}	t	}
|t
kr�t}
n|tkr�t}	n|t
kr�t}t}n|jo�|jdk}g}xt|D]�}
|r|
t|tkr|d7}n|
}|
ts�|jrF|
td	ks�|jr_|
td
ks�|jrx|
tdks�|jr�|
tdks�|jr�|
td
ks�|jr�|
tdks�|jr�|jr�|
tdkr�|
ttks�|jrF|rF|
tdkr&|
ttks�|
tdkrF|
ttks�|jri|jri|
tdks�|r�|r�|
tdkr�|
tt ks�|r�|r�|
ttkr�|
tdkr�|
t!t"ks�|r�|r�|
tdks�|r|r|r|
tdks�|r.|r.|
tdks�|	rD|
tdks�|j#r]|
tdks�|j$rv|
tdks�|j%r�|
tdks�|js�|js�|j&r�|
tdkr�|
tt ks�|js�|js�|j&r9|j'r9|
tdks)|
tdkr9|
t!t(kr9|j)r9|
ttks�|j*rb|
tdkrb|
tt+ks�|j,r{|
tdks�|j-r�|
tdks�|j)r�|
ttkr�|
tdkr�|
t!t.kr�||j/|
||
�7}q�q�W|j0�|j1|�|j2�Wdy|r)|j3�nWnt4k
r=nXX|j5|t6d|�tS(NRIi�s
#%PAM-1.0
s# This file is auto-generated.
s/# User changes will be destroyed the next time sauthconfig is run.
Rs
R~safs.krbR�RtR�tepsRxRyR�R}RvRwR�RzR�R�R�R{R�R�s/pam.d/(7RR�RR�R�RRfR]ReRtSTANDARDR%tFINGERPRINTt	SMARTCARDR�Rdtpam_modulesRXt	MANDATORYR�RZR�R�R�R�R�R`R�Rctargv_krb5_sc_authtAUTHRaRhRYRaR�R�R�RbRtRiR�R�tACCOUNTR�R�tLOGIC_REQUISITERnRR�R	R<R=RqRq(R�R�tcfgtcfg_basenametcfg_linkR�RKRfR]ReRktuse_sssd_smartcard_supportt
prevmoduleR�((s!/usr/share/authconfig/authinfo.pytwritePAMService�s�



						

#  #, #;*)  


cCs{i|_|jtttt�|jtttt	�|jt
ttt
�|jtttt�|jtttt�tS(N(RgR�RwRptAUTH_PAM_SERVICE_ACRrt	POSTLOGINRttPOSTLOGIN_PAM_SERVICE_ACRut
PASSWORD_ONLYtCFG_PASSWORD_PAMtPASSWORD_AUTH_PAM_SERVICE_ACRrRxtCFG_FINGERPRINT_PAMtFINGERPRINT_AUTH_PAM_SERVICE_ACRsRytCFG_SMARTCARD_PAMtSMARTCARD_AUTH_PAM_SERVICE_ACRtR%(R�((s!/usr/share/authconfig/authinfo.pyR�s	cCs�ttj|j�ytjttj�}Wntk
rBtSX|j	d|j
�|j	d|j�|jd|j
�|j	d|j�|j	d|j�|j	d|j�|j	d|j�|j	d|j�|j	d	|j�|j	d
|j�|j	d|j�|j	d|j�|j	d
|j�|j	d|j�|j	d|j�|j	d|j�|j	d|j�|jd|j�|jdd�|j	d|j�|j	d|j�|j	d|j �|j	d|j!�|j	d|j"�|j	d|j#�|j	d|j$�|j	d|j%�|j	d|j&�|j	d|j'�|j	d|j(�|j	d|j)�|jd |j*�|jd!|j+�|jd"|j,�|j-d#�|j.�t/S($NR�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�i�(0R�R�RR�R�R�RR=RtsetBoolValueR�R�R�R�RoRwR_RtR�R�RqRnR~R`RaR]RfReRORR�R�R�R�R�R�R�R�RBRbR�R�R�R�R�R�R<R%(R�R�((s!/usr/share/authconfig/authinfo.pyR�sT


cCsqttj|j�ytjttj�}Wntk
rBtSX|j	d|j
�|jd�|j�t
S(NR�i�(R�R�RR�R�R�RR=RR�RLR�R<R%(R�R�((s!/usr/share/authconfig/authinfo.pyR�:s


cCs�|j}|j�|_|_|jrY|jrY|jrY|rY|jjd�qYnt�}t|�dkr�|j	|kr�|d|_	n|j
r�|jr�t|_
t
|_ndS(NR^i(RIR�R�R~R�R�R�R�RRdR�RbRR%R�(R�toldimplicittmodules((s!/usr/share/authconfig/authinfo.pytprewriteUpdateHs		!	cCsd|jt�|j�|jtd�y�|j�}|oF|j�}|oX|j�}|jry|os|j	�}n|j
s�|jr�|o�|j�}n|j
s�|jr�|jdkr�|o�|j�}n|jr�|o�|j�}n|jr|o|j�}n|js$|jr9|o3|j�}n|jsK|jr`|oZ|j�}n!|jr�|o{|jt�}n|o�|j�}|o�|j�}|o�|j�}|o�|j�}|o�|j �}|o�|j!�}Wn<t"t#fk
r,t$j%j&t't$j(�d�d�t)SXx0|j*D]%}|j+r7|j,j-|j+�q7q7W|S(Ns/lastR�is
(.R�R%R�tsetupBackuptPATH_CONFIG_BACKUPSR�R�R$RwR�R_RaR�R`R�RXR�R]R�RtR�RqR�RIR�R�R�R$R�R�R�R�R�R�R;R=R�R�R�R'texc_infoRR�R�R�tadd(R�R�R1((s!/usr/share/authconfig/authinfo.pyR�VsL

						$	cCs�|j�|jt�|j�|jtd�t}yjxc|jD]X}|j||�rE|jr{|ou|j�}n|j	r�|j
j|j	�q�qEqEWWn<tt
fk
r�tjjttj�d�d�tSX|S(Ns/lastis
(RuR�R%R�R�R�R�R�R�R�R�R�R;R=R�R�R�R'R�R(R�R�R�R1((s!/usr/share/authconfig/authinfo.pytwriteChangeds 


		!$cCs�d}d}g}g}tjdgtjdgtjdgtjdgg}tj�}|sddS|jd�s�|d7}n||jd�}d|}tj|tjtj�}xJ|D]B}|j	tjkr�|j
jjd�|_
t|�|_q�q�Wd|}tj|tjtj�}|sXd|}tj|tjtj�}nx?|D]7}|j	tjkr_|j
j|_|jr�Pq�q_q_W|jrd|j}tj|tjtj�}x�|D]{}|j	tjkr�|j
jjd�}|j
jr"|d	|j
j7}n|jrA|jd
|7_qM||_q�q�Wd|j}tj|tjtj�}x�|D]{}|j	tjkr�|j
jjd�}|j
jr�|d	|j
j7}n|jr�|jd
|7_q�||_q�q�Wnx�|D]�}|d|}tj||d
tj�}xV|D]N}|j	tjkr@|j|kr@d|d|_|jd�|_Pq@q@Wq	WdS(NRIthstnsR�s
_ldap._tcps
_kerberos.t	_kerbeross_kerberos._udp.R,Rs_kerberos-adm._udp.ii(t	dnsclienttDNS_C_INtDNS_C_HSR�tgetfqdntendswithR-R�t	DNS_T_SRVtdns_typetrdataR�R
R2R�R4t	DNS_T_TXTtdataR@R�R<R>t	DNS_T_SOAtdns_nameRJRK(R�thostnametqnametresultsRORbR�th((s!/usr/share/authconfig/authinfo.pytprobe�sx





		

	

	

c
Csdt|j�GHdGHdt|j�GHdt|j�GHdt|j�GHd|jGHd|jGHdt|j�GHd	t|j�GHd
|j	GHd|j
GHdt|j�GHd
|jGHd|j
GHdt|j�GHdt|j�GHd|jGHd|jGHd|jGHd|jGHd|jGHd|jGHdt|j�GHdt|j�GHdt|j�GHdt|j�GHdt|j�GHdGHdt|j�GHd|jGHdt|j�GHd |jGHd!t|j�GHd"|j GHd#t|j!�GHd$|j"GHd%t|j#�GHd	t|j�GHd
|j	GHd|j
GHd&|j$pYd'GHd(t|j%o�|j&o�|j'd)k�GHd*t|j%o�|j&o�|j'd)k�GHd+t|j(�GHd,|j'GHd-|j)GHd.t|j*�GHd/t|j+�GHd0t|j,�GHd|jGHd|jGHd|jGHd|jGHd1t|j&�GHd2t|j-�GHd3t|j.�GHd4t|j/�GHd5|j0r�d6p�d7GHd8|j1GHd9|j2GHd:|j3GHd;t|j4�|j5fGHd<t|j6�|j7fGHd=t|j8�|j9fGHd>t|j:�|j;fGHd?t|j<�|j=fGHd@t|j>�|j?fGHdAt|j@�GHdS(BNs
caching is %ssnss_files is always enabledsnss_compat is %ssnss_db is %ssnss_hesiod is %ss hesiod LHS = "%s"s hesiod RHS = "%s"snss_ldap is %ss LDAP+TLS is %ss LDAP server = "%s"s LDAP base DN = "%s"s
nss_nis is %ss NIS server = "%s"s NIS domain = "%s"snss_nisplus is %ssnss_winbind is %ss SMB workgroup = "%s"s SMB servers = "%s"s SMB security = "%s"s SMB realm = "%s"s Winbind template shell = "%s"s SMB idmap range = "%s"snss_sss is %s by defaultsnss_wins is %ssnss_mdns4_minimal is %ssmyhostname is %ss%DNS preference over NSS or WINS is %sspam_unix is always enableds shadow passwords are %ss! password hashing algorithm is %sspam_krb5 is %ss krb5 realm = "%s"s krb5 realm via dns is %ss krb5 kdc = "%s"s krb5 kdc via dns is %ss krb5 admin server = "%s"spam_ldap is %ss LDAP schema = "%s"R2spam_pkcs11 is %sRsSSSD smartcard support is %ss# use only smartcard for login is %ss smartcard module = "%s"s  smartcard removal action = "%s"spam_fprintd is %sspam_ecryptfs is %sspam_winbind is %sspam_sss is %s by defaults! credential caching in SSSD is %ss6 SSSD use instead of legacy services if possible is %ssIPAv2 is %ssIPAv2 domain was %sjoinedsnot RIs IPAv2 server = "%s"s IPAv2 realm = "%s"s IPAv2 domain = "%s"spam_pwquality is %s (%s)spam_passwdqc is %s (%s)spam_access is %s (%s)spam_faillock is %s (%s)s0pam_mkhomedir or pam_oddjob_mkhomedir is %s (%s)s'Always authorize local users is %s (%s)s;Authenticate system accounts against network services is %s(AR�RHRzRoRwRJRKR_R6R2R4RtRNRLRsRqRgRZRXRYRkRhR~R{R|R}RR�ROR`R@R[R<R\R>RaR8R]R�RdRfRcReR�R�RBR�RbR�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�(R�((s!/usr/share/authconfig/authinfo.pyt	printInfo�s�+*cCsux.ttttfD]}t|j|j�qW|jrWtj	d�tj	d�ntj	d�tj	d�t
S(Ns/usr/sbin/pwconvs/usr/sbin/grpconvs/usr/sbin/pwunconvs/usr/sbin/grpunconv(t
CFG_SHADOWt
CFG_PASSWDtCFG_GSHADOWt	CFG_GROUPR�RR�R�R4R�R%(R�R�((s!/usr/share/authconfig/authinfo.pyR�0s	


c
Cs�d}|js|jr�|jr�|jjdd�djdd�djdd�d}|j}|j}|s{d}n|dkr�|dkr�dStd|r�d	p�d
||r�dp�d
||jf}|r�tj	j
d|�n|js�|rt||d
|j�\}}n(t
|gdt�}|j�|j}|rp|dkr�|jtd��q�q�|dkr�td�}	|	d|7}	|j|	�q�n|dkS(NiRiR
s	R�R�s join %s%s %s%s -U %ss-w RIs-S s[%s]
ssword:R�s'Winbind domain join was not successful.s]Winbind domain join was not successful. The net join command failed with the following error:s
(RqR�R�RZR	RgRXtPATH_WINBIND_NETR�R�R�R�R�R�R%R�R�R�R�(
R�R�R�R�R�tprotocoltcmdR�R�terrmsg((s!/usr/share/authconfig/authinfo.pyt
joinDomain<s89			!
	c
Cs�d}|jr�|j}|j}|j}|j}|j}|jrNd}nd}td|rfdpid||rxdp{d||r�dp�d||r�dp�d|||r�d	p�d
f
}	|rtj	j
d|	�t|	gdt�}
|
j
�|
j}nt|	|d|�\}}|dkr5t|_n|r`|dkr�|jtd
��q�q�|dkr�td�}|d|7}|j|�q�n|dkS(Nis-NRIs! --noac %s%s %s%s %s%s %s%s %s %ss	--domain=s	--server=s--realm=s--principal=s--unattendeds-Ws[%s]
R�s%IPAv2 domain join was not successful.seIPAv2 domain join was not successful. The ipa-client-install command failed with the following error:s
(RbR�R�R�R�R�R�tPATH_IPA_CLIENT_INSTALLR�R�R�R�R%R�R�R�R�R�R�(
R�R�R�R�R�RQt	principalRqtnontpR�R�R�R�((s!/usr/share/authconfig/authinfo.pyt
joinIPADomain_sB								
cCstd}tj|�dS(Ns  --uninstall --noac --unattended(R�R4R�(R�R�((s!/usr/share/authconfig/authinfo.pytuninstallIPA�s
cCsX|sT|jr,tjd�tjd�qTytjd�WqTtk
rPqTXntS(NR!(RHR�R�R1R;R%(R�R�((s!/usr/share/authconfig/authinfo.pyR��s	

cCsc|jr�|jr�|s/tjd|j�nyAtjd�tjt�tjd�|sotjd�nWnt	k
r�nXyAtjt
�tjd�|s�tjd�tjd�nWq_t	k
r�q_Xn�|s�tjd�nyYtjd�tjt
�|s=ytjd�Wq=t	k
r9q=Xntjd�Wnt	k
r^nXt
S(Ns/bin/domainname sG[[ $(getsebool allow_ypbind) == *off* ]] && setsebool -P allow_ypbind 1trpcbindtypbinds/bin/domainname "(none)"sF[[ $(getsebool allow_ypbind) == *on* ]] && setsebool -P allow_ypbind 0(RtRLR4R�R�tPATH_RPCBINDR�R�R1R;tPATH_YPBINDR�R�R%(R�R�((s!/usr/share/authconfig/authinfo.pyR��sB











cCs�t|js|jo|jtd|�|jrZytjd�Wqtk
rVqXn%ytjd�Wntk
r~nXtS(Ntnslcdse[[ $(getsebool authlogin_nsswitch_use_ldap) == *off* ]] && setsebool -P authlogin_nsswitch_use_ldap 1sd[[ $(getsebool authlogin_nsswitch_use_ldap) == *on* ]] && setsebool -P authlogin_nsswitch_use_ldap 0(	R�R_RaRIt
PATH_NSLCDR4R�R;R%(R�R�((s!/usr/share/authconfig/authinfo.pyR��s
	

cCs#t|jp|jtd|�dS(NR�(R�RqR�tPATH_WINBIND(R�R�((s!/usr/share/authconfig/authinfo.pyR��scCs�|jr|jpE|jr-tjjt�pE|joEtjjt�}|jpf|jpf|jpf|}t	|t
d|p�|o�|jp�|jp�|j�dS(NR(R~R�R4R�texiststPATH_SSSD_CONFIGRIR�RbR�t	PATH_SSSD(R�R�texplicitenableR�((s!/usr/share/authconfig/authinfo.pyR��scCsB|jr>tjdtdftj�r>tttd|�ndS(Ns%s/pam_%s.soRTtoddjobd(R�R4R�ReRfR�R%tPATH_ODDJOBD(R�R�((s!/usr/share/authconfig/authinfo.pyR��s
cCs8x|jD]}||�q
W|jr4|j�ndS(N(R�R�R�(R�R�R�((s!/usr/share/authconfig/authinfo.pytpost�s	cCsx|js|jrtytj|j�Wn>tk
rf\}}|tjkrgtj|jd�qgnXt	|j�St
S(Ni�(R_RaR4R�R:R;RBtENOENTRR�R(R�R�R�((s!/usr/share/authconfig/authinfo.pyttestLDAPCACerts�s
cCsE|js|jrA|js*d|jkrAtjd|j�ndS(Nsldaps:s/usr/sbin/cacertdir_rehash (R_RaR6R2R4R�R:(R�((s!/usr/share/authconfig/authinfo.pytrehashLDAPCACerts�scCs�|js
tS|j�yWtj|j�}t|jdtd�}|j|j	��|j
�|j
�Wn.ttt
fk
r�|jtd��tSX|j�tS(NR�i�s Error downloading CA certificate(R�RR�turllib2turlopenRHR:tLDAP_CACERT_DOWNLOADEDR�R�R<R=R;R+R�R�R�R%(R�treadftwritef((s!/usr/share/authconfig/authinfo.pytdownloadLDAPCACert�s	


cCs�|ddkr!td|}n||_t|�s�yQtj|�}x;|D]3}ytj|d|�WqOtk
r�qOXqOWWq�tk
r�q�XndS(NiR�s/backup-(R�R�R�R4R�R)R;(R�RRR>((s!/usr/share/authconfig/authinfo.pyR�	s	


cCs@|j|�t}x&tD]}|j|j�o5|}qW|S(N(R�R%R�RR�(R�RR�R�((s!/usr/share/authconfig/authinfo.pyt
saveBackups


cCsQ|ddkr!td|}nt}x#tD]}|j|�oF|}q.W|S(NiR�s/backup-(R�R%R�R (R�RR�R�((s!/usr/share/authconfig/authinfo.pyt
restoreBackups
cCs|jtd�S(Ns/last(R�R�(R�((s!/usr/share/authconfig/authinfo.pytrestoreLast's(TR�R�R�R�R�R�R�R�R�R�R�RRR	RRR%R/RCRJRQRSRWRoR"RvRsR�R�R�RR�R�R�R$R�R�R�R�R�R�R�R�R�R�RR$R�R�R�RARBR�R�RnRqRuR�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�(((s!/usr/share/authconfig/authinfo.pyR�%s�	�							*			9			K		"	1	*		 	
	+	7			�	�			"				U	u		
	5	B		\	�	
		F		Y	:	
	H	�	b		
	T			/			)		S	L		#	(			$											((((((s
ldapServersldap_uri(s
ldapBaseDNR5(senableLDAPSR7(s
ldapSchemasldap_schema(s
ldapCacertDirR;(skerberosKDCR=(skerberosAdminServerR?(s
kerberosRealmRA(senableCacheCredsRC(senableCacheCredsskrb5_store_password_if_offline((�RtreR4R�R7R�R�R�R�R�R�R�RBR�R�R;R�t
subprocessRtgettexttlgettextR�R�tImportErrorRRqRrR�RuR�RrR�RsR�RtR�R7R'tglobalstLIBDIRRetPATH_PWCONVR�R#R�R�R�R�R�tPATH_SEBOOLt
PATH_SCEVENTDR�tPATH_LIBNSS_DBtPATH_LIBNSS_LDAPR�RtPATH_LIBNSS_NIStPATH_LIBNSS_HESIODtPATH_LIBNSS_ODBCBINDtPATH_LIBNSS_WINBINDtPATH_LIBNSS_WINStPATH_LIBNSS_SSSt
PATH_PAM_KRB5t
PATH_PAM_LDAPtPATH_PAM_WINBINDtPATH_PAM_PKCS11tPATH_PAM_FPRINTDtPATH_PAM_SSSRFRR�R�R�R�R�R�tLOGIC_REQUIREDRRdtLOGIC_OPTIONALR`R_tLOGIC_PKCS11R\R^R[RaRbtLOGIC_ALWAYS_SKIPRiRRRRR R"R$R)R*R+R3RDRHRMRPRRRVtargv_unix_authtargv_unix_passwordt
argv_afs_authtargv_afs_passwordtargv_pwquality_passwordtargv_passwdqc_passwordt
argv_eps_authtargv_eps_passwordtargv_fprintd_authtargv_pkcs11_authR]Rhtargv_krb5_authR|targv_krb5_passwordtargv_ldap_authtargv_ldap_passwordt
argv_otp_authtargv_succeed_if_authtargv_succeed_if_accounttargv_succeed_if_sessiontargv_succeed_if_nonlogintargv_winbind_authtargv_winbind_passwordt
argv_sss_authtargv_sss_passwordtargv_keyinit_sessiontargv_ecryptfs_authtargv_ecryptfs_passwordtargv_ecryptfs_sessiontargv_succeed_if_not_gdmtargv_lastlog_gdmtargv_lastlog_not_gdmtargv_faildelayR�trangeR}R~tSESSIONtPASSWORDRWR{RXRYRZRcRwR�R�RxRyR�RzR%RR�tDEFAULT_DNS_QUERY_SIZEtcompileR#R�R�R�treadlinkR�R;R�R�R�R�R�R�R�R�R�R�R
R"R$R%R�R�RRRRR�RtCFG_KRBR4RNRgR�RpRtR�R�R�R�R�RR.R"R4R�R�R�R�R7R8R�R>R�(((s!/usr/share/authconfig/authinfo.pyt<module>s�
	

	

















																																																			(																																																																																																																																																																																																																																																																																																																																												


			Z					#S		7i	

Filemanager

DIR : / usr/ share/ authconfig/
Name Type Size Permission Actions
.authconfig-tui.pyo.40009 File 39.98 KB 0644
.authconfig.pyo.40009 File 39.83 KB 0644
.authinfo.pyo.40009 File 109.54 KB 0644
.dnsclient.pyo.40009 File 11.38 KB 0644
.msgarea.pyo.40009 File 9.73 KB 0644
.shvfile.pyo.40009 File 4.45 KB 0644
authconfig-tui.py File 43.49 KB 0755
authconfig-tui.pyc File 39.98 KB 0644
authconfig-tui.pyo File 39.98 KB 0644
authconfig.py File 43.49 KB 0755
authconfig.pyc File 39.83 KB 0644
authconfig.pyo File 39.83 KB 0644
authinfo.py File 136.44 KB 0644
authinfo.pyc File 109.54 KB 0644
authinfo.pyo File 109.54 KB 0644
dnsclient.py File 10.14 KB 0644
dnsclient.pyc File 11.38 KB 0644
dnsclient.pyo File 11.38 KB 0644
msgarea.py File 10.4 KB 0644
msgarea.pyc File 9.73 KB 0644
msgarea.pyo File 9.73 KB 0644
shvfile.py File 3.69 KB 0644
shvfile.pyc File 4.45 KB 0644
shvfile.pyo File 4.45 KB 0644