MINI MINI MANI MO

Current File : //usr/share/authconfig/authinfo.pyo
ó
ß8„Yc;@sddlZddlZddlZddlZddlZddlZddlZddlZddlZddl	Z	ddl
Z
ddlZddlZddl
Z
ddlZddlZddlZddlTddlZddlZejZyddlaWnek
r danXdZdZdZdZdZdZd	Zd
Z dZ!dZ"d
Z#dZ$de%e&ƒdƒkr‹dZ'ndZ'e'dZ(dZ)dZ*dZ+dZ,dZ-dZ.dZ/dZ0dZ1dZ2dZ3e'dZ4e'd Z5ej6j7e5ƒse'd Z5ne'd!Z8e'd"Z9e'd#Z:e'd$Z;e'd%Z<e'd&Z=e(d'Z>e(d(Z?e(d)Z@e(d*ZAe(d+ZBe(d,ZCe'd-ZDd.ZEd/ZFd0ZGd1ZHd2ZId3ZJed4ZKd5ZLd6ZMd7ZNd8ZOd9ZPd:ZQd;ZRd<ZSd=ZTd>ZUd?ZVd@ZWdAZXdBZYdC„ZZdD„Z[dE„Z\dF„Z]dG„Z^dH„Z_dI„Z`dJ„ZadK„ZbdL„ZcdM„ZddN„ZedO„ZfdP„ZgdQ„ZhdR„ZidS„ZjdTgZkdTdUgZldVgZmdVgZndTdWdXdYgZodZgZpdVgZqdUgZrgZsd[gZtd[d\gZud]gZvdVgZwdVd^gZxdUgZydVgZzdUgZ{dVgZ|d_d`dagZ}dbd`dcgZ~dddcdegZdfdcdegZ€dVgZdUgZ‚dVgZƒdUgZ„dggZ…dhgZ†dhgZ‡dhgZˆdidjdcgZ‰dkdlgZŠdmdndlgZ‹dogZŒdpdqdrdsdtgZeŽdudvƒ\ZZZ‘Z’dwdxdydzgZ“eŽdud{ƒ\Z”Z•Z–Z—Z˜eŽdud{ƒ\Z™ZšZ›ZœZge™eše›eœefD]Zžg^q©ZŸe eeLd|gge eeLd}eŒge¡eeLd~ddmgge¡eeVd€e€ge¡eeRdetge¡eeOd‚exge¡eeNdƒgge¡eeNd„gge¡eeYd€e}ge¡eeYd…gge eeNd†ekge¡eeMd€e}ge¡eeNd‡eƒge¡eeNdˆemge¡eeNd‰emge¡eeNdŠeqge¡eeNd‚ewge¡eeNd‹ezge¡eeNdŒe|ge¡eeNdege¡eeLd~dŽgge eeLdgge¡eeLdgge¡eeLd~gge eeLd†gge¡eeNd…gge eeNd€e~ge¡eePd‡gge¡eePd‹gge¡eePd‚gge¡eePdgge eeLdƒgge¡e’eMd‘eoge¡e’eMd’epge e’eNd†elge¡e’eNd‡e„ge¡e’eNdˆenge¡e’eNd‰enge¡e’eNd“erge¡e’eNd‚eyge¡e’eNd‹e{ge¡e’eNde‚ge e’eLdgge e‘eOd”e…ge e‘eLd•gge e‘eOd–gge¡e‘eOd—gge e‘eVd€ege e‘eLd†gge¡e‘eOd‡gge¡e‘eOdˆgge¡e‘eOd‰gge¡e‘eOd‚gge¡e‘eOd‹gge¡e‘eOdggg7eŸe™<e¡eeOd˜e†ge¡e’eOd˜e‡ge¡e‘eOd˜eˆge e‘eVd€e‰ge e‘eXd™eŠge e‘eOd™e‹ggeŸeš<e eeLd|gge eeLd}eŒge¡eeLd~ddmgge¡eeLdgge¡eeYd€e}ge¡eeYd…gge eeNd†ekge¡eeMd€e}ge¡eeNd‡eƒge¡eeNdˆemge¡eeNd‰emge¡eeNdŠeqge¡eeNd‚ewge¡eeNd‹ezge¡eeNdŒe|ge¡eeNdege eeLdgge¡eeLdgge¡eeLd~gge eeLd†gge¡eeNd…gge eeNd€e~ge¡eePd‡gge¡eePd‹gge¡eePd‚gge¡eePdgge eeLdƒgge¡e’eMd‘eoge¡e’eMd’epge e’eNd†elge¡e’eNd‡e„ge¡e’eNdˆenge¡e’eNd‰enge¡e’eNd“erge¡e’eNd‚eyge¡e’eNd‹e{ge¡e’eNde‚ge¡eeLd~dŽgge e’eLdgge e‘eOd”e…ge e‘eLd•gge e‘eOd–gge¡e‘eOd—gge e‘eVd€ege e‘eLd†gge¡e‘eOd‡gge¡e‘eOdˆgge¡e‘eOd‰gge¡e‘eOd‚gge¡e‘eOd‹gge¡e‘eOdggg3eŸe›<e eeLd|gge¡eeLd~ddmgge¡eeLdgge¡eeNd„gge¡eeLd~dŽgge eeLdgge¡eeLdgge¡eeLd~gge eeLd†gge¡eeNd…gge eeNd€e~ge¡eePd‡gge¡eePd‹gge¡eePd‚gge¡eePdgge eeLdƒgge e’eLdgge e‘eOd”e…ge e‘eLd•gge e‘eOd–gge¡e‘eOd—gge e‘eVd€ege e‘eLd†gge¡e‘eOd‡gge¡e‘eOdˆgge¡e‘eOd‰gge¡e‘eOd‚gge¡e‘eOd‹gge¡e‘eOdgggeŸeœ<e eeLd|gge¡eeLd~ddmgge¡eeNd‡evge¡eeRdeuge¡eeOd‚exge¡eeNdƒgge¡eeLd~dŽgge eeLdgge¡eeLdgge¡eeLd~gge eeLd†gge¡eeNd…gge eeNd€e~ge¡eePd‡gge¡eePd‹gge¡eePd‚gge¡eePdgge eeLdƒgge¡e’eLdgge e‘eOd”e…ge e‘eLd•gge e‘eOd–gge¡e‘eOd—gge e‘eVd€ege e‘eLd†gge¡e‘eOd‡gge¡e‘eOdˆgge¡e‘eOd‰gge¡e‘eOd‚gge¡e‘eOd‹gge¡e‘eOdgggeŸe<dš„Z¢d›Z£ej¤dœƒZ¥ej¤dƒZ¦dždýdŸ„ƒYZ§d dþd¡„ƒYZ¨y.d–ej©d¢ƒkr e¨ƒZªn	e§ƒZªWne«k
rÆe§ƒZªnXd£„Z¬d¤„Zd¥„Z®d¦„Z¯d§„Z°d¨„Z±d©„Z²dª„Z³d«dÿd¬„ƒYZ´ddd®„ƒYZµd¯dd°„ƒYZ¶d±„Z·d²„Z¸d³e¶fd´„ƒYZ¹eŽdudµƒ\ZºZ»Z¼Z½Z¾Z¿ZÀZÁZÂZÃZÄZÅZÆZÇZÈZÉZÊZËZÌZÍZÎZÏZÐZÑZÒZÓZÔZÕZÖZ×e¶d¶ed·ƒe¶d¸ed¹ƒe¶dºed»ƒe¶d¼ed½ƒe¶d¾ed¿ƒe¶dÀedÁƒe¶dÂedÃƒe¶dÄedÅƒe¶dÆedÇƒe¶dÈedÉƒe¶dÊedËƒe¶dÌedÍƒe¹dÎdÏƒe¶dedÐeƒe¶dedÐeƒe¶d	edÐeƒe¶dedÐe!ƒe¶d
edÐe#ƒe¶dÑedÒƒe¶dÓedÔƒe¶dÕedÖƒe¶d×edØƒe¶dÙedÚƒe¶dÛeKƒe¶dÜedÝƒe¶dÞedßƒe¶dàedáƒe¶dâedãƒe¶däedåƒe¶dæedçƒgZØdddddddd	d
dg
ZÙdûddü„ƒYZÚdS(
iÿÿÿÿN(t*s/etcssystem-authssystem-auth-act	postloginspostlogin-acs
password-authspassword-auth-acsfingerprint-authsfingerprint-auth-acssmartcard-authssmartcard-auth-actdefaulttlib64tacutils
/usr/lib64s/usr/libs	/securitys/usr/sbin/pwconvs
/sbin/rpcbinds/usr/sbin/nscds/usr/sbin/nslcds/usr/sbin/winbindds/usr/sbin/sssds/usr/sbin/ypbinds/usr/sbin/oddjobds/usr/sbin/setsebools/usr/bin/pkcs11_eventmgrs/usr/bin/pkcs11_setups/libnss_db.so.2s/libnss_ldap.so.2s/libnss_nis.so.2s/libnss_hesiod.so.2s/libnss_odbcbind.so.2s/libnss_winbind.so.2s/libnss_wins.so.2s/libnss_sss.so.2s/pam_krb5.sos/pam_ldap.sos/pam_winbind.sos/pam_pkcs11.sos/pam_fprintd.sos/pam_sss.sos/sssd/modules/libsss_autofs.sos$/var/lib/sss/pubconf/krb5.include.d/s/usr/bin/nets/usr/sbin/ipa-client-installs/etc/openldap/cacertssauthconfig_downloaded.pems/var/lib/authconfigs/sssd/sssd.conftrequiredt	requisitet
sufficienttoptionals,[default=bad success=ok user_unknown=ignore]sJ[default=bad success=ok auth_err=ignore user_unknown=ignore ignore=ignore]s@[success=done authinfo_unavail=ignore ignore=ignore default=die]s([success=done ignore=ignore default=die]s4[success=ok authinfo_unavail=2 ignore=2 default=die]s![success=ok ignore=2 default=die]s[success=1 default=ignore]s[success=3 default=ignore]s[default=1]s$[default=1 ignore=ignore success=ok]cCs|jddƒdjƒS(Ns
ii(tsplittrstrip(ts((s!/usr/share/authconfig/authinfo.pyt
snipStringŒscCs;|s
|S|jddƒ}djtd|jdƒƒƒS(Ns	t t,(treplacetjointfiltertNoneR	(tlstR((s!/usr/share/authconfig/authinfo.pyt	cleanListscCs+|j|ƒr#|t|ƒjƒStSdS(N(t
startswithtlentlstriptFalse(tlinetkey((s!/usr/share/authconfig/authinfo.pytmatchKey–scCs5|j|ƒr-|t|ƒjtjdƒStSdS(Nt=(RRRtstringt
whitespaceR(RR((s!/usr/share/authconfig/authinfo.pytmatchKeyEqualsscCs
|j|ƒS(N(R(RR((s!/usr/share/authconfig/authinfo.pyt	matchLine¤scCs|jƒj|jƒƒS(N(tlowerR(RR((s!/usr/share/authconfig/authinfo.pyt
matchLineI§scCs|r|d|S|SdS(NR((Rtvalue((s!/usr/share/authconfig/authinfo.pytcommaAppendªscCsN|r|rtS|s |r$tS|r4||kS|jƒ|jƒkSdS(N(RtTrueR!(tatbtcase_sensitive((s!/usr/share/authconfig/authinfo.pyt
stringsDiffer¯s
cCsF|jƒjddƒ}t|ƒdkr.tSd|dkrBtStS(NRiiR
i(RR	RRR%(R#R((s!/usr/share/authconfig/authinfo.pytcheckDNºscCs't||ƒ}|rt|ƒStSdS(N(RR*R(RRR#((s!/usr/share/authconfig/authinfo.pyt
matchBaseLineÂs
cCsá|jddƒ}t|ƒdkr1|d}nd}t|ƒ}x—trÜ|j||ƒ}|dkrndS|dkrž||djƒrž||7}qFn||t|ƒkrØ|||jƒrØ||7}qFn|SWdS(Nt:ii(R	RR%tfindRtisalnum(t
configurationt	candidateRtstarttclen((s!/usr/share/authconfig/authinfo.pytcheckNSSÊs"
	 
*
cCsºd}yQtj|||ƒ}|tjkrCtj|tjƒntj|tjƒWn\tk
rµ\}}|dkr£ytj	|ƒWq£tk
rŸq£Xnt
||ƒ‚nX|S(N(RtostopentO_RDONLYtfcntltlockftLOCK_SHtLOCK_EXtOSErrortclosetIOError(tfilenametmodetpermstfdterrnotstrerr((s!/usr/share/authconfig/authinfo.pytopenfdLockedÝs
cCs&tjt|tjtjB|ƒdƒS(Nsr+(R4tfdopenRDtO_RDWRtO_CREAT(R>R@((s!/usr/share/authconfig/authinfo.pyt
openLockedîscCsEd}|jdƒ}x)|D]!}|r|d|d7}qqW|S(NtRs  kdc = s
(R	(tkdclisttoutputtkdc((s!/usr/share/authconfig/authinfo.pytkrbKdcòs
cCsKd}|jdƒ}x/|D]'}|r|d7}||d7}qqW|S(NRIRs  admin_server = s
(R	(tadminserversRKtadminserver((s!/usr/share/authconfig/authinfo.pytkrbAdminServerús

cCsOd}|rK|d|d7}|t|ƒ7}|t|ƒ7}|d7}n|S(NRIR
s = {
s }

(RMRP(trealmRJRNRK((s!/usr/share/authconfig/authinfo.pytkrbRealms
cCs‰|jddƒ}t|ƒdkr-d}n
|d}|djƒjdƒ}|jƒjdƒ}||kr…|jtjdƒStS(NRiiRIi(R	RR!RRRRR(RRtlinelsttparamtkeylst((s!/usr/share/authconfig/authinfo.pytmatchLineSMBs	
ttry_first_passtuse_authtoktuse_first_passtlocal_users_onlysretry=3s
authtok_type=s
enforce=userstnodebugt
wait_for_cardtallow_missing_nametno_subsequent_promptsuid >=t500t
quiet_successsuid <tquietsservice in crondtuse_uidsKservice notin login:gdm:xdm:kdm:xscreensaver:gnome-screensaver:kscreensavertrevoketunwrapsservice !~ gdm*sservice !~ su*tnowtmpt
showfailedtsilenttnoupdates
delay=2000000tdescrypttbigcrypttmd5tsha256tsha512iitauthtaccounttsessiontpassworditenvt	faildelaytfaillocktpreautht
succeed_iftpkcs11tkrb5tpermittfprintdt	localusertunixtssstafssafs.krbteps_authtldaptotptwinbindtauthfailtdenytaccesst	pwqualitytpasswdqct
eps_passwdtkeyinittlimitstsystemdt	mkhomedirtecryptfstlastlogcCs/d}|jdƒ}||jddƒ7}|S(NsDC=t.s,DC=(R
R(tdomainRK((s!/usr/share/authconfig/authinfo.pyt	domain2dnCsis7^[ \t]*([^ \t]+)[ \t][ \t"]*(([^"]*)".*|([^"]*\S)?\s*)$s&^.*[ \t]*uid[ \t]+(<|>=)[ \t]+([0-9]+)tSysVInitServicecBs>eZd„Zd„Zd„Zd„Zd„Zd„ZRS(cCstjd|dƒdS(Ns/sbin/service s start(R4tsystem(tselftservice((s!/usr/share/authconfig/authinfo.pyR1WscCstjd|dƒdS(Ns/sbin/service s stop >/dev/null 2>&1(R4R“(R”R•((s!/usr/share/authconfig/authinfo.pytstopZscCs*tjd|ƒtjd|dƒdS(Ns/sbin/chkconfig --add s/sbin/chkconfig --level 345 s on(R4R“(R”R•((s!/usr/share/authconfig/authinfo.pytenable]scCstjd|dƒdS(Ns/sbin/chkconfig --level 345 s off(R4R“(R”R•((s!/usr/share/authconfig/authinfo.pytdisableascCs9tjd|dƒ}tj|ƒo8tj|ƒdkS(Ns/sbin/chkconfig s >/dev/null 2>&1i(R4R“t	WIFEXITEDtWEXITSTATUS(R”R•trv((s!/usr/share/authconfig/authinfo.pyt	isEnableddscCstjd|dƒdS(Ns/sbin/service s condrestart >/dev/null 2>&1(R4R“(R”R•((s!/usr/share/authconfig/authinfo.pyt
tryRestarths(t__name__t
__module__R1R–R—R˜RœR(((s!/usr/share/authconfig/authinfo.pyR’Vs					tSystemdServicecBs>eZd„Zd„Zd„Zd„Zd„Zd„ZRS(cCstjd|dƒdS(Ns/bin/systemctl start s.service(R4R“(R”R•((s!/usr/share/authconfig/authinfo.pyR1lscCstjd|dƒdS(Ns/bin/systemctl stop s.service >/dev/null 2>&1(R4R“(R”R•((s!/usr/share/authconfig/authinfo.pyR–oscCstjd|dƒdS(Ns/bin/systemctl enable s.service >/dev/null 2>&1(R4R“(R”R•((s!/usr/share/authconfig/authinfo.pyR—rscCstjd|dƒdS(Ns/bin/systemctl disable s.service >/dev/null 2>&1(R4R“(R”R•((s!/usr/share/authconfig/authinfo.pyR˜uscCs9tjd|dƒ}tj|ƒo8tj|ƒdkS(Ns/bin/systemctl is-enabled s.service >/dev/null 2>&1i(R4R“R™Rš(R”R•R›((s!/usr/share/authconfig/authinfo.pyRœxscCstjd|dƒdS(Ns/bin/systemctl try-restart s.service >/dev/null 2>&1(R4R“(R”R•((s!/usr/share/authconfig/authinfo.pyR|s(RžRŸR1R–R—R˜RœR(((s!/usr/share/authconfig/authinfo.pyR ks					s
/sbin/initcCsÂ|r^yAtj|ƒtj|ƒ|sFtj|ƒtj|ƒnWq¾tk
rZq¾Xn`yLtj|ƒ|sœytj|ƒWqœtk
r˜qœXntj|ƒWntk
r½nXtS(N(	R4tstattServiceR—R–R1R;R˜R%(R—tpathtnametnostart((s!/usr/share/authconfig/authinfo.pyttoggleSplatbindService‡s(






cCs|r
dSdSdS(Ntenabledtdisabled((tval((s!/usr/share/authconfig/authinfo.pyt
formatBoolžscCsýytjƒ\}}Wntk
r*dSX|s§|rOt|gdtƒ}n5t|gdtdtƒ}|jd|p|ddƒ|jƒ|j}tj	|ƒnd\}}	y7t
j
|t
jƒ}
t
j
|t
j|
tj
@ƒWntk
rýnXt}xk|sqy7g}g}
tj|gg|gdƒ\}}}
Wn4tjk
rz\}}tjjd|dƒnX|r¢|
r¢tj|ƒt}qnd}ytj|d	ƒ}Wntk
rM\}}|tjksG|tjkr÷q|tjkrtj|ƒt}qtjjd
|dƒtj|ƒt}qnX|r[y½||7}|	|7}	|r„tjj|ƒn|r||kr|	jdƒ}tj||p·dƒtj|dƒ|dkrèd|	| }	nd}	d}|rtjjd
ƒqnWqntk
rW\}}tjjd|dƒtj|ƒt}qnXqtj|ƒt}qWytj|tjƒWntk
rœnXd}ytj|dƒ\}}Wn1tk
rò\}}tjjd|dƒnX||	fS(NiÿtshelltstdintinputRIs
i<sselect: isread: s
iÿÿÿÿs<...>
swrite: is	waitpid: (RIRI( R4tforkptyR;tPopenR%tPIPEtcommunicatetwaitt
returncodet_exitR7tF_GETFLtF_SETFLt
O_NONBLOCKR=RtselectterrortsyststderrtwriteR<treadRBtEINTRtEAGAINtEIOtrfindtkilltsignaltSIGTERMtwaitpid(tcommandtechotquerytresponsetpidtmastertchildtstatusRKR¹titeoftifdstefdstofdsterrttexttctindex((s!/usr/share/authconfig/authinfo.pytfeedFork¤s–

	"
	+

	






cCs‚ytj|ƒ}Wntk
r'tSXxS|D]K}y1tj|d|ƒ}tj|jƒretSWq/tk
ryq/Xq/WtS(Nt/(R4tlistdirR;R%R¡tS_ISREGtst_modeR(R£RR>tst((s!/usr/share/authconfig/authinfo.pyt
isEmptyDirþs


cCs|ycttg|dtƒ}|jƒdjdƒ}|jdkrHdS|ddkrb|d3nWntk
rwdSX|S(Ntstdoutis
iÿÿÿÿRI(R¯tPATH_SCSETUPR°R±R	R³RR;(toptionsRÌR((s!/usr/share/authconfig/authinfo.pytcallPKCS11Setups
cCs#tdgƒ}|dkrgS|S(Ntlist_modules(RáR(tmods((s!/usr/share/authconfig/authinfo.pytgetSmartcardModulesscCstdƒtdƒgS(NtLocktIgnore(t_(((s!/usr/share/authconfig/authinfo.pytgetSmartcardActions scCst|ƒ}|jƒ|S(N(tAuthInfoR½(tmsgcbtinfo((s!/usr/share/authconfig/authinfo.pyR½#s
t	SaveGroupcBseZd„Zd„ZRS(cCs||_||_||_dS(N(tsaveFunctionttoggleFunctiontattrlist(R”tsavefunct
togglefuncRï((s!/usr/share/authconfig/authinfo.pyt__init__)s		cCsÐxÉ|jD]¾\}}||jkr)tS|dkrZt||ƒt||ƒkrÈtSq
|dkr‘tt||ƒt||ƒtƒrÈtSq
|dkr
tt||ƒt||ƒtƒrÈtSq
q
WtS(NR'RÕRÎ(RïtinconsistentAttrsR%tgetattrR)R(R”R&R'tanametatype((s!/usr/share/authconfig/authinfo.pytattrsDiffer.s$$(RžRŸRòR÷(((s!/usr/share/authconfig/authinfo.pyRì(s	tSafeFilecBs5eZd„Zd„Zd„Zd„Zd„ZRS(cCstjj|ƒ\}}t|_tjd|d|dtƒ|_t	dd||jj
gdtjdtjƒƒdkr t|_tj
|jjƒ|ƒn||_dS(	Ntdirtprefixtdeletes/bin/cps-afR»s	/dev/nulli(R4R£R	RtmissingttempfiletNamedTemporaryFileR%tfiletcallR¤R5tO_WRONLYtfchmodtfilenoR>(R”R>tdefault_modetbaseR¤((s!/usr/share/authconfig/authinfo.pyRò>s	!	cCst|jjƒtj|jjƒƒtj|jj|jƒ|jrpt	d|jgdtj
dtjƒƒndS(Ns/usr/sbin/restoreconR»s	/dev/null(RÿtflushR4tfsyncRtrenameR¤R>RüRR5R(R”((s!/usr/share/authconfig/authinfo.pytsaveJs
	cCs)y|jjƒWntk
r$nXdS(N(RÿR<R;(R”((s!/usr/share/authconfig/authinfo.pyR<Rs
cCs|jj|ƒS(N(RÿR¼(R”R((s!/usr/share/authconfig/authinfo.pyR¼YscCs$|jjdƒ|jjdƒdS(Ni(Rÿtseekttruncate(R”((s!/usr/share/authconfig/authinfo.pytrewind\s(RžRŸRòR	R<R¼R(((s!/usr/share/authconfig/authinfo.pyRø=s
				t
FileBackupcBs,eZd„Zd„Zd„Zd„ZRS(cCs||_||_dS(N(t
backupNametorigPath(R”t
backupnametorigpath((s!/usr/share/authconfig/authinfo.pyRòas	cCs©t}d}d}yt|tjdƒ}Wntk
r?tSXytjtj|ƒj	ƒ}Wn%tt
fk
r†tj|ƒtSXyt||ƒ}|j
ƒWntk
r½t}nXyLxE|rtj|dƒ}|sìt}Pntj|jjƒ|ƒqÄWWntt
fk
r)t}nXy|rCtj|ƒnWntt
fk
r]nXy'|r„|r„|jƒ|jƒnWntt
fk
r¤t}nX|S(Nii(R%RRDR4R6R=R¡tS_IMODEtfstatRÛR;R<RøRRR½R¼RÿRR	(R”tsrctdestR›tsrcfdtdestfileR?R'((s!/usr/share/authconfig/authinfo.pytsafeCopyesL


	!


cCst}y&tjj|ƒs+tj|ƒnWnttfk
rKt}nX|d|j}|r{|j	|j
|ƒ}n|S(NRØ(R%R4R£tisdirtmkdirR;R=RRRR(R”tdestdirR›t
backuppath((s!/usr/share/authconfig/authinfo.pytbackups
cCsÔt}ytjj|ƒstSWnttfk
r?t}nX|d|j}|rtjj|ƒr|j	||j
ƒ}ny5|rµtd|j
gdtjdtj
ƒƒnWnttfk
rÏnX|S(NRØs/usr/sbin/restoreconR»s	/dev/null(R%R4R£RRR=R;RtisfileRRRR5R(R”t	backupdirR›R((s!/usr/share/authconfig/authinfo.pytrestorežs 
(RžRŸRòRRR (((s!/usr/share/authconfig/authinfo.pyR
`s		*	cCs
tjdƒS(Ntnscd(R¢Rœ(((s!/usr/share/authconfig/authinfo.pyt	readCache³scCsL|rtjdƒn2ytjtƒtjdƒWntk
rGnXtS(NR!(R¢R—R4R¡t	PATH_NSCDR˜R;R%(R§((s!/usr/share/authconfig/authinfo.pyt
writeCache¶s

tCacheBackupcBseZd„Zd„ZRS(cCst}y&tjj|ƒs+tj|ƒnWnttfk
rKt}nX|d|j}|rÎd}y5t
ƒ}t|dƒ}|jt
t|ƒƒƒWntk
r·t}nX|rÎ|jƒqÎn|süytj|ƒWqütk
røqüXn|S(NRØtw(R%R4R£RRR;R=RRRR"R5R¼tstrtintR<tunlink(R”RR›RRR§((s!/usr/share/authconfig/authinfo.pyRÂs.
	

cCsÛt}ytjj|ƒstSWnttfk
r?t}nX|d|j}|r×tjj|ƒr×d}y/t
|dƒ}t|jƒƒ}t
|ƒWn tttfk
rÀt}nX|r×|jƒq×n|S(NRØtr(R%R4R£RRR=R;RRRR5R(R½R$t
ValueErrorR<(R”RR›RRR§((s!/usr/share/authconfig/authinfo.pyR Þs$

(RžRŸRR (((s!/usr/share/authconfig/authinfo.pyR%Ás	ishesiod.confs/hesiod.confsyp.confs/yp.confs	ldap.confs
/ldap.confs
nss_ldap.confs/nss_ldap.confs
pam_ldap.confs/pam_ldap.confs
nslcd.confs/nslcd.confs
openldap.confs/openldap/ldap.confs	krb5.confs
/krb5.confskrb.confs	/krb.confspam_pkcs11.confs/pam_pkcs11/pam_pkcs11.confssmb.confs/samba/smb.confs
nsswitch.confs/nsswitch.confscacheenabled.confRIs/pam.d/t
authconfigs/sysconfig/authconfigtnetworks/sysconfig/networkslibuser.confs
/libuser.confspwquality.confs/security/pwquality.confs
login.defss/login.defss	sssd.conftshadows/shadowtpasswds/passwdtgshadows/gshadowtgroups/groups
10-authconfigs /dconf/db/distro.d/10-authconfigs10-authconfig-lockss,/dconf/db/distro.d/locks/10-authconfig-lockst
ldapServertldap_urit
ldapBaseDNtldap_search_basetenableLDAPStldap_id_use_start_tlst
ldapSchematldap_schemat
ldapCacertDirtldap_tls_cacertdirtkerberosKDCtkrb5_servertkerberosAdminServertkrb5_kpasswdt
kerberosRealmt
krb5_realmtenableCacheCredstcache_credentialstkrb5_store_password_if_offlineRécBsäeZd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Z	d„Z
d	„Zd
„Zd„Z
d„Zd
„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Zd„Zed„Zd„Z d„Z!d„Z"d „Z#d!„Z$d"„Z%d#„Z&d$„Z'd%„Z(d&„Z)d'„Z*d(„Z+d)„Z,d*„Z-d+„Z.d,„Z/d-„Z0d.„Z1d/„Z2d0„Z3d1„Z4d2„Z5d3„Z6d4„Z7d5„Z8d6„Z9d7„Z:d8„Z;d9„Z<d:„Z=d;„Z>d<„Z?d=„Z@d>„ZAd?„ZBd@„ZCdA„ZDdB„ZEdC„ZFdD„ZGdE„ZHdF„ZIdG„ZJdH„ZKdI„ZLdJ„ZMdK„ZNdL„ZOdM„ZPdN„ZQdO„ZRdP„ZSRS(Qc8Csâ||_d|_g|_d|_d|_d|_d|_d|_d|_	d|_
d|_d|_d|_
d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_d|_t|_ t|_!d|_"d|_#d|_$d|_%d|_&d|_'d|_(d|_)d|_*d|_+d|_,d|_-d|_.d|_/d|_0d|_1d|_2d|_3d|_4d|_5d|_6d|_7d|_8d|_9d|_:d|_;t<|_=d|_>d|_?d|_@d|_Ad|_Bd|_Cd|_Dd|_Ed|_Fd|_Gd|_Hd|_Id|_Jd|_Kd|_Ld|_Md|_Nd|_Od|_Pd|_Qd|_Rd|_Sd|_Tt|_Ut|_Vd|_Wd|_Xd|_Yd|_Zd|_[d|_\d|_]d|_^d|__d|_`d|_ad|_bd|_cd|_dd|_ed|_fd|_gd|_hd|_id|_jd|_kd|_lt<|_md|_nd|_od|_pt|_qtrr$y trjrƒ|_n|jnjsƒWq$ttk
r q$Xntuƒ|_vtw|jx|jydmdngƒtw|jzddodpgƒtw|j{|j|dqdrdsgƒtw|j}ddtdudvdwdxdygƒtw|j~ddzgƒtw|jdd{gƒtw|j€dd|d}d~dd€dd‚dƒgƒtw|jdd„d…d†d‡dˆd‰dŠd‹gƒtw|j‚|jƒdŒddŽddd‘d’d“d”d•d–d—d˜d™dšgƒtw|j„dd›dœgƒtw|j…dddždŸd d¡gƒtw|j†|j‡d¢d£d¤d¥d¦d§d¨d©dªd«d¬gƒtw|jˆddd®d¯d°d±d²d³d´dµd¶d·d¸d¹dºd»d¼d½d¾d¿dÀdÁdÂgƒtw|j‰ddÃdÄdÅdÆdÇdÈdÉdÊdËdÌdÍdÎdÏdÐdÑdÒdÓdÔdÕdÖd×dØdÙdÚdÛdÜdÝdÞdßdàdádâdãdädådædçdèdég'ƒtw|jŠddêdëdìdídîdïdðdñdòdódôdõdöd÷dødùdúdûdüdýdþdÿdddddddddd	d
g!ƒtw|j‹ddgƒtw|jŒddgƒtwd|j|d
gƒtwd|jdgƒtwd|jŽdddddgƒtwd|jƒddddddgƒtwd|j‡ddgƒg|_dS(NRIt9t1t0sdeny=4 unlock_time=1200s
umask=0077tenableCacheR'timplicitSSSDt	hesiodLHSRÎt	hesiodRHSt	nisDomainRÕtnisLocalDomaint	nisServerR2R4R6R8R:tpasswordAlgorithmt
passMinLentpassMinClasst
passMaxRepeattpassMaxClassRepeattpassReqLowertpassReqUppertpassReqDigittpassReqOtherR@R<tsmbSecuritytsmbRealmt
smbServersR>tkerberosRealmviaDNStkerberosKDCviaDNSRBtenableSmartcardtforceSSSDUpdatet
enableLDAPtenableKerberostenableLDAPAuthtenableIPAv2tsmartcardActiontsmartcardModulet
enableFprintdtforceSmartcardtsmbWorkgroupt
smbIdmapRangetwinbindSeparatortwinbindTemplateHomedirtwinbindTemplateShelltwinbindUseDefaultDomaintwinbindOfflinetwinbindKrb5tenableDBtenableDirectoriest
enableWinbindtenableOdbcbindt
enableNIS3t	enableNIStenableLDAPbindtenableHesiodbindtenableHesiodt
enableDBIbindtenableDBbindtenableCompatt
enableWINSt
enableMDNStenableMyhostnamet
enableSSSDtpreferDNSinHostst
pwqualityArgstpasswdqcArgstfaillockArgstenableFaillockt
localuserArgst
pamAccessArgstenablePAMAccesst
mkhomedirArgstenableMkHomeDirt
algoRoundstenableShadowtenableNullOktforceBrokenShadowtenableWinbindAutht	enableAFStenableAFSKerberostenablePWQualityt	enableEPStenableEcryptfst	enableOTPtenablePasswdQCtenableLocAuthorizetenableSysNetAuthtenableSSSDAutht	pamLinkedtimplicitSSSDAuthtsystemdArgstuidMintenableForceLegacytipav2Servertipav2Domaint
ipav2RealmtipaDomainJoinedt
ipav2NoNTP(senableCacheR'(simplicitSSSDR'(s	hesiodLHSRÎ(s	hesiodRHSRÎ(s	nisDomainRÕ(snisLocalDomainRÕ(s	nisServerRÕ(s
ldapServerRÎ(s
ldapBaseDNRÕ(senableLDAPSR'(s
ldapSchemaRÕ(s
ldapCacertDirRÕ(spasswordAlgorithmRÎ(spasswordAlgorithmRÎ(spasswordAlgorithmRÎ(s
passMinLenRÕ(spassMinClassRÕ(s
passMaxRepeatRÕ(spassMaxClassRepeatRÕ(spassReqLowerR'(spassReqUpperR'(spassReqDigitR'(spassReqOtherR'(s
kerberosRealmRÕ(skerberosKDCRÎ(ssmbSecurityRÎ(ssmbRealmRÕ(s
smbServersRÎ(skerberosAdminServerRÎ(skerberosRealmviaDNSR'(skerberosKDCviaDNSR'(s
ldapServerRÎ(s
ldapBaseDNRÕ(senableLDAPSR'(s
ldapSchemaRÕ(s
ldapCacertDirRÕ(senableCacheCredsR'(senableSmartcardR'(s
kerberosRealmRÕ(skerberosKDCRÎ(skerberosAdminServerRÎ(sforceSSSDUpdateR'(s
enableLDAPR'(senableKerberosR'(senableLDAPAuthR'(senableIPAv2R'(ssmartcardActionRÎ(ssmartcardModuleRÕ(ssmartcardActionRÎ(ssmartcardModuleRÕ(s
enableFprintdR'(senableSmartcardR'(sforceSmartcardR'(ssmbWorkgroupRÎ(s
smbServersRÎ(ssmbRealmRÕ(ssmbSecurityRÎ(s
smbIdmapRangeRÎ(swinbindSeparatorRÕ(swinbindTemplateHomedirRÕ(swinbindTemplateShellRÕ(swinbindUseDefaultDomainR'(swinbindOfflineR'(swinbindKrb5R'(senableDBR'(senableDirectoriesR'(s
enableWinbindR'(senableOdbcbindR'(s
enableNIS3R'(s	enableNISR'(senableLDAPbindR'(s
enableLDAPR'(senableHesiodbindR'(senableHesiodR'(s
enableDBIbindR'(senableDBbindR'(senableCompatR'(s
enableWINSR'(s
enableMDNSR'(senableMyhostnameR'(s
enableNIS3R'(s	enableNISR'(senableIPAv2R'(s
enableSSSDR'(spreferDNSinHostsR'(simplicitSSSDR'(s
pwqualityArgsRÕ(spasswdqcArgsRÕ(sfaillockArgsRÕ(senableFaillockR'(s
localuserArgsRÕ(s
pamAccessArgsRÕ(senablePAMAccessR'(s
mkhomedirArgsRÕ(senableMkHomeDirR'(s
algoRoundsRÕ(spasswordAlgorithmRÎ(senableShadowR'(s	enableNISR'(senableNullOkR'(sforceBrokenShadowR'(senableLDAPAuthR'(senableKerberosR'(senableSmartcardR'(sforceSmartcardR'(senableWinbindAuthR'(senableMkHomeDirR'(s	enableAFSR'(senableAFSKerberosR'(senablePWQualityR'(s	enableEPSR'(senableEcryptfsR'(s	enableOTPR'(senablePasswdQCR'(senableLocAuthorizeR'(senableSysNetAuthR'(swinbindOfflineR'(swinbindKrb5R'(senableSSSDAuthR'(s
enableFprintdR'(s	pamLinkedR'(simplicitSSSDAuthR'(ssystemdArgsRÕ(suidMinRÎ(senableIPAv2R'(spasswordAlgorithmRÎ(senableShadowR'(s	enableNISR'(s
enableLDAPR'(senableLDAPAuthR'(senableKerberosR'(senableEcryptfsR'(senableSmartcardR'(sforceSmartcardR'(senableWinbindAuthR'(s
enableWinbindR'(swinbindKrb5R'(senableDBR'(senableHesiodR'(senablePWQualityR'(senablePasswdQCR'(senableFaillockR'(sfaillockArgsRÕ(senableLocAuthorizeR'(senablePAMAccessR'(senableCacheCredsR'(senableMkHomeDirR'(senableSysNetAuthR'(s
enableFprintdR'(s
enableSSSDR'(senableSSSDAuthR'(senableForceLegacyR'(sipav2ServerRÎ(sipav2DomainRÎ(s
ipav2RealmRÕ(senableIPAv2R'(sipaDomainJoinedR'(s
ipav2NoNTPR'(s	nisDomainRÕ(senableShadowR'(s	enableNISR'(senableMkHomeDirR'(s
enableLDAPR'(senableLDAPAuthR'(simplicitSSSDR'(simplicitSSSDAuthR'(senableForceLegacyR'(simplicitSSSDR'(simplicitSSSDAuthR'(senableIPAv2R'(s
enableSSSDR'(senableSSSDAuthR'(senableForceLegacyR'(s
enableWinbindR'(senableWinbindAuthR'(t	messageCBt	backupDirRóRJRKR2R4RR@R[R<R\R>RNRLRMRgRYRZRXRhRiRjRkRlRmRnRRžRŸR¡RR tipaUninstallRdRcRHRzRoRpRwR_R6RtRsRyRxRvRuRrRqR{R|R}RR~RbtenableAltfilesRŽRR%R‹RR’R‘R`RaROR‰R›R“R”RŠRR•R†R–RˆR]R—tbrokenShadowRŒRfReRœRIR™RBRPRQRRRSRTRURVRWRƒR‚tjoinUsertjoinPasswordR€RR„R…R‡RšR:t
ldapCacertURLR8R˜t
sssdConfigt
sssdDomainR^tsssdConfigPresentt
SSSDConfigt
new_configR=tsetttoggleFunctionsRìR$ttoggleCachingServicetwriteHesiodtwriteNISttoggleNisServicet	writeLDAPtwriteLibusertwriteLogindefstwritePWQualityt
writeKerberost	writeSSSDttoggleSSSDServicetwriteSmartcardt
writeDConftwriteWinbindttoggleWinbindServicetwriteNSStwritePAMtwriteSysconfigtwriteNetworkttoggleShadowttoggleOddjobServicettoggleLDAPServicetsave_groups(R”Rê((s!/usr/share/authconfig/authinfo.pyRò&sr																																																																																																															
																											cCsZt||ƒ}||krVt|||ƒ|t||ƒkrV|jj|ƒqVndS(N(RôtsetattrRótappend(R”tattrR#treftoldval((s!/usr/share/authconfig/authinfo.pytsetParamüs
cCs>yt|ƒ}Wntk
r$dSX|j|t|ƒ|ƒS(N(R(R+RÍR'(R”RÊR#RË((s!/usr/share/authconfig/authinfo.pytsetIntParams

cCsWyt|ƒ}Wntk
r$dSX|dkrD|j|t|ƒS|j|t|ƒS(Ni(R(R+RÍR%R(R”RÊR#RË((s!/usr/share/authconfig/authinfo.pytsetClassReqParam
s
cCs÷|js|jrtSd
}d}d}d}d
}x>|D]6}t|d|ƒr<||kretS|d7}q<q<W|dkr†tSd
}x>|D]6}t|d|ƒr“||kr¼tS|d7}q“q“W|dkrÝtS|jró|jrótStS(NtNIStLDAPtWinbindtHesiodtIPAv2tKerberostLDAPAuthtWinbindAutht	SmartcardiR—i(RÐRÑRÒRÓRÔ(RÕRÖR×RØ(RÕRÖ(RœRªRRôR`R[R%(R”tnssalltpamalltidsupportedt
authsupportedtnumtt((s!/usr/share/authconfig/authinfo.pyt
sssdSupporteds2

cCsytjttjƒ}Wntk
r.tSX|jdt|j	dƒƒ|ƒ|jdt|j	dƒƒ|ƒ|j
ƒtS(NRJtlhsRKtrhs(tshvfileR½tall_configst
CFG_HESIODRR=RRÍRtgetValueR<R%(R”RËtshv((s!/usr/share/authconfig/authinfo.pyt
readHesiod2s
""
cCsJytttjdƒ}Wntk
r.tSXd}xñ|D]é}|jƒ}t|dƒ}|r|jrt	||ƒ}q<nt|dƒ}|r<|j
ddƒ}t|ƒdkrÀq<n|d|jkrÙq<nt|ƒdkrñq<n|d}t|dƒ}|r%t	||ƒ}q%q<q<W|j
d	||ƒ|jƒtS(
NR*RItypserverRiiitserverRN(R5RãtCFG_YPRR=RtstripRRMR$R	RRRÍR<R%(R”RËtft	nisserverRR#((s!/usr/share/authconfig/authinfo.pytreadNISCs6



cCssd|kr|jdƒ}n|jƒ}xB|D]:}ytj|ƒj}Wq1ttjfk
rjtSXq1WtS(s&
		Check whether LDAP URI is valid.
		R(R	turlparsetportR+tsocketR¹RR%(R”Rturisturitp((s!/usr/share/authconfig/authinfo.pytvalidateLDAPURIms
	cCs¸d|kr|jdƒ}n|jƒ}d}xU|D]M}|r7|rV|d7}nd|kro||7}q„|d|d7}q7q7W|r´|j|ƒr´|jtdƒƒn|S(NRRIs://sldap://RØsInvalid LDAP URI.(R	RõR¢Rç(R”Rtvalidatetltrettitem((s!/usr/share/authconfig/authinfo.pytldapHostsToURIs|s


cCst|_ytttjdƒ}Wnœtk
rÁytttjdƒ}WqÂtk
r½ytttjdƒ}Wq¾tk
r¹yttt	jdƒ}Wqºtk
rµt
SXq¾XqÂXnXx|D]
}|jƒ}t|dƒ}|rt
|ƒr|jd||ƒqÉnt|dƒ}|rC|jd||ƒqÉnt|dƒ}|rq|jd||ƒqÉnt|dƒ}|r¨|jdt|d	ƒ|ƒqÉnt|d
ƒ}|rÉ|jd||ƒqÉqÉqÉW|jt|jƒt
ƒ|_|jƒtS(NR*RR4thostR2RótsslR6t	start_tlst
nss_schemaR8(tPATH_LDAP_CACERTSR:R5RãtCFG_NSSLDAPRR=t	CFG_NSLCDtCFG_PAMLDAPtCFG_LDAPRRëRR*RÍR RúRR2R<R%(R”RËRìRR#((s!/usr/share/authconfig/authinfo.pytreadLDAPsN	






cCs(y|j|SWntk
r#dSXdS(NRI(tallKerberosKDCstKeyError(R”RQ((s!/usr/share/authconfig/authinfo.pytgetKerberosKDCÈs
cCs(y|j|SWntk
r#dSXdS(NRI(tallKerberosAdminServersR(R”RQ((s!/usr/share/authconfig/authinfo.pytgetKerberosAdminServerÎs
cCsíd}i|_i|_t}ytttjdƒ}Wntk
rLtSXx
|D]}|jdƒd}|j	ƒ}|dd!dkr¥|dd!}d}qTn|dkrbt
|d	ƒ}|rå|jd
||ƒt}qTnt
|dƒ}|r"|jdt
|d
ƒdk|ƒqTnt
|dƒ}|rY|jdt
|d
ƒdk|ƒqTqYqT|dkrT|s«|jddƒ}t|ƒdkržqTn|d}qY|dd!dkrÊd}qTn|jså||_t}nt
|dƒ}|rt|j|ƒ|ƒ|j|<qTnt
|dƒ}|rYt|j|ƒ|ƒ|j|<qYqTqTW|jƒ|rº|jré|jd|j|jƒ|ƒ|jd|j|jƒ|ƒqén/|jrÖ|jjd
ƒn|jd
d|ƒtS(NRIR*t#iit[iÿÿÿÿtlibdefaultst
default_realmR@tdns_lookup_kdcR\ttruetdns_lookup_realmR[trealmst}RLtadmin_serverR<R>(RRRR5RãtCFG_KRB5RR=R	RëRRÍR%RRRR@R$RR	R<RóRÉ(R”RËtsectiontrealm_foundRìRt
subsectionR#((s!/usr/share/authconfig/authinfo.pytreadKerberosÔsr		


""	
			)
	%	cCsÏd}ytttjdƒ}Wntk
r4tSXx‰|D]}|jƒ}|dd!dkrz|dd!}d}q<n|dkr<t|dƒ}|r½|jd	|j	ƒ|ƒq<q½q<q<W|j
ƒtS(
NRIR*iiRiÿÿÿÿtdefaultstcrypt_styleRO(R5RãtCFG_LIBUSERRR=RRëRRÍR!R<R%(R”RËRRìRRR#((s!/usr/share/authconfig/authinfo.pytreadLibusers$



cCshytttjdƒ}Wntk
r.tSXx(|D] }tj|ƒ}|dk	r6|j	dƒ}|j
dƒr{q6n|j	dƒ}|dkr¨|j	dƒ}n|dkrÃd}qÃnq6|dkrô|dkrô|jd	d
|ƒq6n|dkr4|dkrd
}n|jd	|jƒ|ƒq6n|dkr6|jd||ƒq6q6W|j
ƒtS(NR*iR
iiRItMD5_CRYPT_ENABtyesRORktENCRYPT_METHODtDESRitUID_MINR›(R5RãtCFG_LOGIN_DEFSRR=Rt
ld_line_retmatchRR1RRÍR!R<R%(R”RËRìRR$R¤R#((s!/usr/share/authconfig/authinfo.pyt
readLogindefs:s8

	
cCsãd}ytttjdƒ}Wntk
r4tSXx|D]•}|jdƒd}|jƒ}t|dƒ}|r|j	d||ƒq<nt|dƒ}|r½|j	d||ƒq<nt|d	ƒ}|rë|j	d
||ƒq<nt|dƒ}|r|j	d||ƒq<nt|d
ƒ}|rG|j
d||ƒq<nt|dƒ}|ru|j
d||ƒq<nt|dƒ}|r£|j
d||ƒq<nt|dƒ}|r<|j
d||ƒq<q<q<W|jƒtS(NRIR*R
itminlenRPtminclassRQt	maxrepeatRRtmaxclassrepeatRStlcreditRTtucreditRUtdcreditRVtocreditRW(
R5Rãt
CFG_PWQUALITYRR=RR	RëRRÎRÏR<R%(R”RËRRìRR#((s!/usr/share/authconfig/authinfo.pyt
readPWQuality\sT



c	Cs%|js
tStjƒ|_y$|jjttjƒt|_Wn6ttj	fk
rxtjƒ|_|jj
ƒnXy|jjtƒ}|_
WnÝtjk
ruy|jjƒd}Wn=tk
rÿy|jjƒd}Wqtk
rûtSXnX|jj|ƒ}y|jdƒ}Wntjk
rAd}nXy|jdƒ}Wqvtjk
rqd}qvXnXx¨tD] \}}y}|j|ƒ}|dkrÂdj|jdƒƒ}n0|dkrà|dkràw}n|d	kròw}n|j|||ƒWq}tjk
rq}Xq}WdS(
Nitid_providert
auth_providerR3R
RR9trfc2307RD(RªR%Rt
import_configRãtCFG_SSSDRR¬R=tParsingErrorR®t
get_domaintSSSD_AUTHCONFIG_DOMAINR«t
NoDomainErrortlist_active_domainst
IndexErrortlist_domainst
get_optiont
NoOptionErrorRtsssd_optionsRR	RÍ(	R”RËRtdomnametidprovtauthprovRÊtoptR©((s!/usr/share/authconfig/authinfo.pytreadSSSDsP	


	
cCsÉt}tdgƒ}|dkr.d|_tS|jd|d|ƒtdgƒ}|dkrdtSx#|D]}d|krkt}qkqkW|r¬|jdtdƒ|ƒn|jdtd	ƒ|ƒtS(
Nt
use_moduleRIRdit	rm_actions
lockhelper.shRcRåRæ(RRáRRdRÍR%Rç(R”RËtlocktsmartcardmodulet	rmactionstaction((s!/usr/share/authconfig/authinfo.pyt
readSmartcard·s 	

cCsûd}d}ytttjdƒ}Wntk
r:|SXx¯|D]§}|jƒ}t|dƒriqBnt|dƒr~qBnt|dƒ}|r²|jdƒdj	ƒ}qBn|sB|dkrËqBnt
||ƒ}|rB|}qBqBW|jƒ|S(	NRIR*R
t;Rt]itglobal(R5RãtCFG_SMBRR=RëR RR	R!RVR<(R”RtresultRRìRR#tres((s!/usr/share/authconfig/authinfo.pytreadWinbindGlobalËs.


cCsT|j|ƒ}|rP|jƒdksE|jƒdksE|dkrItStSndS(NRRRF(RQR!R%RR(R”Rttmp((s!/usr/share/authconfig/authinfo.pytreadWinbindGlobalBoolës0cCsý|jdƒ}|r+|jd||ƒn|jdƒ}|rV|jd||ƒn|jdƒ}|r|jd||ƒn|jdƒ}|r¬|jd||ƒn|jsÁd	|_n|jd
ƒ}|rì|jd||ƒn|jsd|_n|jd
ƒ}|r,|jd||ƒn|jdƒ}|rW|jd||ƒn|jdƒ}|r‚|jd||ƒn|js—d|_n|jdƒ}|dkrÈ|jd||ƒn|jdƒ}|dkrù|jd||ƒntS(Nt	workgroupRgspassword serverRZRQRYtsecurityRXtusersidmap config * : rangeRhs16777216-33554431swinbind separatorRistemplate homedirRjstemplate shellRks
/bin/falseswinbind use default domainRlswinbind offline logonRm(RQRÍRXRhRkRSRR%(R”RËRR((s!/usr/share/authconfig/authinfo.pytreadWinbindõsJ			c
Cs]d}d}ytttjdƒ}Wntk
r:tSXxM|D]E}|jƒ}t|dƒ}|rr|}qBt|dƒ}|rit|dƒr¬|j	dt
|ƒnt|dƒrÑ|j	dt
|ƒnt|d	ƒrö|j	d
t
|ƒnt|dƒ}|dkr#t|dƒ}nt|dƒ}|dkr‡|dkr‡|j	d
||k|ƒq‡qBt|dƒ}|rB|}qBqBW|rOd#d$d%d&d'd(d)d*d+f	}	x=|	D]5\}
}t||ƒr¹|j	d |
t
|ƒq¹q¹W|r*t|d!ƒr*t|d!ƒr*|jj
d"ƒn|j	d"tt|d!ƒƒ|ƒn|jƒt
S(,NRIR*spasswd:shosts:twinsR{smdns4_minimal [NOTFOUND=return]R|t
myhostnameR}tnistdnsRsinitgroups:tCompattcompattDBtdbtDirectoriestdirectoriesRÓthesiodRÑR€RÐtAltfilestaltfilestNIS3tnisplusRÒR‚R—R}RI(R\R](R^R_(R`Ra(sHesiodshesiod(sLDAPR€(sNISRZ(RcRd(ReRf(sWinbindR‚(R5RãtCFG_NSSWITCHRR=RRëRR3RÍR%RRóRÉtboolR<(R”RËt	nssconfigt
initgroupsRìRR#tnispostdnspostnssmapRÊtnssentry((s!/usr/share/authconfig/authinfo.pytreadNSS sR

	
	%%
cCs|jdtƒ|ƒtS(NRH(RÍR"R%(R”RË((s!/usr/share/authconfig/authinfo.pyR"WscCsôytttjdƒ}WnAtk
r]yttdtdƒ}Wq^tk
rYtSXnX|j||ƒ|j	ƒyttt
jdƒ}WnAtk
rÕyttdtdƒ}WqÖtk
rÑtSXnX|j||ƒ|j	ƒtS(NR*s/pam.d/(
R5RãtCFG_PAMRR=t
SYSCONFDIRtAUTH_PAM_SERVICERtreadPAMFileR<tCFG_POSTLOGIN_PAMtPOSTLOGIN_PAM_SERVICER%(R”RËRì((s!/usr/share/authconfig/authinfo.pytreadPAM\s&

	


	
cCs"d}x||D]t}|jddƒ}t|ƒdkrD|d}n|jƒ}|ddkrx||d d7}q
n||}d}|jƒ}d}|jddƒ}t|ƒdkrÄq
n|\}}|d	kr|d
kr|dkr|dkrq
n|jd
ƒr*|jddƒ}n|jddƒ}t|ƒdkrTq
n|ddkrjq
n|d}|jd
ƒr|d7}n|d}|jddƒ}t|ƒdkrÄq
n|djdƒd\}	t|ƒdkrý|d}n|	jdƒs|	jdƒrP|jdt|ƒ|r
|jd||ƒq
q
n|	jdƒrx|jdt|ƒq
n|	jdƒr |jdt|ƒq
n|	jdƒrÈ|jdt|ƒq
n|	jdƒr%|jdt|ƒd|kr|jdt|ƒq
|jdt|ƒq
n|	jdƒrM|jd t|ƒq
n|	jd!ƒr‘|jd"t|ƒ|r
|jd#||ƒq
q
n|	jd$ƒrÛ|jd%t|ƒ|jd&|j	d'ƒdk|ƒq
n|	jd(ƒr|jd)t|ƒq
n|	jd*ƒrG|jd+t|ƒ|r
|jd,||ƒq
q
n|	jd-ƒse|	jd.ƒr|jd/t|ƒ|r
||_
q
q
n|	jd0ƒrÔ|jd1t|ƒ|r
|jd2||ƒq
q
n|	jd3ƒr|r
|jd4||ƒq
q
n|dkr|	jd5ƒrx9tD]1}
|j	|
ƒdkr'|jd6|
|ƒq'q'WyP|jd7ƒ}||d8jddƒ}|jd9t
t|dƒƒ|ƒWnttfk
rÅnXy$tjd:ƒ|jd;t|ƒWqtk
r|jd;t|ƒqXqn|d	krÂ|	jd5ƒrW|jd<|j	d=ƒdk|ƒn|	jd>ƒrÂ|jd?t|ƒ|r
d@|kr
|jd@dƒjƒ}|jdA||ƒq
q
qÂn|d
kr|	jd5ƒr|jdB|j	dCƒdk|ƒqn|d	ks|d
kr
|	jdDƒrtj|ƒ}
|
dkr~|
jdƒdkr~|jdE|
jdƒ|ƒq~qq
q
W|jr|jr|jd"t|ƒn|jr×|jr×|jdt|ƒn|jr|jr|jr|jr|jr|j rt|_!ndS(FNRIR
iiiÿÿÿÿs\R
iRnRoRqRpRRLtincludeRØtpam_cracklibt
pam_pwqualityRR€tpam_ecryptfsR’tpam_krb5R`tpam_ldapRat
pam_pkcs11R]tauthinfo_unavailRftpam_fprintdRetpam_passwdqcR”Rtpam_winbindRRnt	krb5_authtpam_sssR™t
pam_accessR†R…t
pam_mkhomedirtpam_oddjob_mkhomedirRˆt
pam_localuserR•R„tpam_systemdRštpam_unixROsrounds=iR‰s/etc/shadowRŠR‹tnulloktpam_faillockRƒRƒR‚R¦t
broken_shadowtpam_succeed_ifR›("R	RR
RRRRÍR%RR-R‡tpassword_algorithmsRÖR'R(R+R:R4R¡R;RRët
succ_if_reR$R1RR”R¦RaR`RR—R]RŒ(R”RËRìtprevlineRRtargststacktcontroltmoduletalgotridxtroundsR$((s!/usr/share/authconfig/authinfo.pyRsws





"
'

%	(!)cCsSy;tjttjƒ}y|jdƒ|_Wntk
rBnXy|jdƒ|_Wntk
rlnXy|jdƒ|_	Wntk
r–nXy|jdƒ|_
Wntk
rÀnXy|jdƒ|_Wntk
rênXy|jdƒ|_Wntk
rnXy|jdƒ|_
Wntk
r>nXy(|jdƒ|_|jd	ƒ|_Wntk
rznXy|jd
ƒ|_Wntk
r¤nXy|jdƒ|_Wntk
rÎnXy|jdƒ|_Wntk
rønXy|jd
ƒ|_Wntk
r"nXy|jdƒ|_Wntk
rLnXy|jdƒ|_Wntk
rvnXy|jdƒ|_Wntk
r nXy|jdƒ|_Wntk
rÊnXy|jdƒ|_Wntk
rônXy|jdƒ|_Wntk
rnXy|jdƒ|_Wntk
rHnXy.|jdƒ}|rmd|_n	d|_Wntk
rŠnXy|jdƒ|_Wntk
r´nXy|jdƒ|_Wntk
rÞnXy|jdƒ|_Wntk
rnXy|jdƒ|_ Wntk
r2nXy|jdƒ|_!Wntk
r\nXy|jdƒ|_"Wntk
r†nXy|jdƒ|_#Wntk
r°nXy|jdƒ|_$Wntk
rÚnXy|jd ƒ|_%Wntk
rnXy|jd!ƒ|_&Wntk
r.nXy|jd"ƒ|_'Wntk
rXnXy|jd#ƒ|_(Wntk
r‚nXy|jd$ƒ|_)Wntk
r¬nXy|jd%ƒ|_*Wntk
rÖnXy|jd&ƒ|_+Wntk
rnXy|jd'ƒ|_,Wntk
r*nXy|jd(ƒ|_-Wntk
rTnXy|jd)ƒ|_.Wntk
r~nXy|jd*ƒ|_/Wntk
r¨nXy|jd+ƒ|_0Wntk
rÒnX|jd,ƒ|_1|jd-ƒ|_2|jd.ƒ|_3|jd/ƒ}|t4kr0||_n|j5ƒWnt6k
rNnXt7S(0NtUSEAFStUSEAFSKERBEROStUSEDBtUSEPWQUALITYt	USEDBBINDt
USEDBIBINDtUSEDIRECTORIEStUSEFAILLOCKtFAILLOCKARGStUSEECRYPTFStUSEEPSt	USEHESIODt
USEHESIODBINDtUSEKERBEROStUSELDAPtUSELDAPAUTHtUSESMARTCARDt
USEFPRINTDtFORCESMARTCARDtUSELDAPBINDtUSEMD5RkRitUSENISt
USENISPLUStUSEODBCBINDtUSEOTPtUSEPASSWDQCt	USESHADOWt
USEWINBINDtUSEWINBINDAUTHtWINBINDKRB5tUSESSSDtUSESSSDAUTHtUSELOCAUTHORIZEtUSEPAMACCESStUSEMKHOMEDIRt
USESYSNETAUTHtFORCELEGACYtCACHECREDENTIALStUSEIPAV2tIPADOMAINJOINEDt
IPAV2NONTPtIPAV2SERVERtIPAV2DOMAINt
IPAV2REALMtPASSWDALGORITHM(8RâR½RãtCFG_AUTHCONFIGRtgetBoolValueRŽR+RRoRRyRxRpRƒRåR‚R’R‘RwRvR`R_RaR]ReRfRuRORttenableNISP3RrR“R”RŠRqRRnR~R—R•R†RˆR–RœRBRbR R¡RRžRŸRŽR<R=R%(R”Ræt	enableMD5R•((s!/usr/share/authconfig/authinfo.pyt
readSysconfig	s`









































cCs€ytjttjƒ}Wntk
r.tSX|jdƒ}|rP||_n|j	ƒ|jr||j
d|j|ƒntS(Nt	NISDOMAINRL(RâR½RãtCFG_NETWORKRR=RRåRMR<RÍR%(R”RËRæRR((s!/usr/share/authconfig/authinfo.pytreadNetworkË	s

	cCsh|jƒ}t|jƒ|ks6t|jƒ|kr:tSx'|jD]}|j||ƒrDtSqDWtS(N(RßRhRIR™R%RÇR÷R(R”R't
sssdsupportedR1((s!/usr/share/authconfig/authinfo.pytdiffersß	s*cCsÜt|jƒ|_t|jƒ|_t|jƒ|_t|jƒ|_|j|j|ƒ|_|jdkr|jr|jj	ƒ|_qn|j
jƒ|_
|jdkr½t|_n|jdkrØd|_ndS(NtadsRI(RRZRR<R>RúR2RXRYtupperROR!RBRR%R@(R”Rö((s!/usr/share/authconfig/authinfo.pytupdateò	s	cCs‘|jƒ}|jƒ|j|ƒ|j|ƒ|j|ƒ|jƒ}|jr‚|r‚|jr‚|jdt	|ƒt
|_n|jr»|r»|jr»|jdt	|ƒt
|_n|j|ƒ|j
|ƒ|j|ƒ|j|ƒ|j|ƒ|j|ƒ|jr-|jr-|j|ƒn|j|ƒ|j|ƒ|jsY|jri|j|ƒn|j|ƒ|j|ƒ|jƒdS(NR~R—(tcopyRÉRoRRvRßRIRbRÍR%RR™R%R/RçRWRÌRîRCRRRJR"RÑ(R”RËtreallyimplicit((s!/usr/share/authconfig/authinfo.pyR½
s6













cCs%tj|ƒ}d|_d|_|S(NRI(RÒR§R¨(R”Rø((s!/usr/share/authconfig/authinfo.pyRÒ&
s		cCs/ttj|jƒt|jo'|jƒtS(N(Rãt	CFG_CACHERR£R$RHRIR%(R”((s!/usr/share/authconfig/authinfo.pyR$,
scCs„ttj|jƒytjttjƒ}Wntk
rBtSX|j	d|j
ƒ|j	d|jƒ|jdƒ|j
ƒtS(NRàRái¤(RãRäRR£RâtrcreateRR=RtsetValueRJRKR¼R<R%(R”Ræ((s!/usr/share/authconfig/authinfo.pyR²1
s

c	Csút}d}d}ttj|jƒz¡tttjdƒ}x¼|jD]±}|j	ƒ}t
|dƒ}|r}|jddƒ}t|ƒdkršqIn|d|j
krÐ|d|jkrÐ||7}qIn|rú|j
rú|d|j
7}|jjdƒ}|jr'|d7}||d7}n
|d	7}|d
7}|d}x)|D]!}|rL|d|d
7}qLqLWt}qúqIt|dƒrð|rú|j
rú|jrú|jjdƒ}x)|D]!}|r¿|d|d
7}q¿q¿Wt}qúqI||7}qIW|s¥|jjdƒ}|j
rv|d|j
7}|dr_|d7}||d7}|d}n
|d	7}|d
7}nx,|D]!}|r}|d|d
7}q}q}Wn|jƒ|j|ƒ|jƒWdy|rà|jƒnWntk
rônXXtS(
NRIi¤Riisdomain Rs server s
 broadcasts
s	ypserver Rè(RRRãRêRR£RøRRÿRëRR	RRLRMRNR%R RR¼R	R<R=(	R”twrittenRìRKRtlsR#tserversR((s!/usr/share/authconfig/authinfo.pyR³@
sv&
	





	







cCsƒt}t}	t}
t}t}t}
d}d}|jr`|jdkr`|jdkr`d}nd}zêt|dƒ}xJ|jD]?}|jƒ}t||ƒrö|	rÁ|jrÁ||d7}|dj|jj	dƒƒ7}|d	7}t
}	qÁq‚t||ƒr"|jrÁ|d
|7}qÁq‚t||ƒrr|rÁ|jrÁ||d7}||j7}|d	7}t
}qÁq‚|rÍt|dƒrÍ|
sÁ|d7}|j
r|d
7}n
|d7}|d	7}t
}
qÁq‚|rt|dƒr|rÁ|jrÁ|d7}||j7}|d	7}t
}qÁq‚t|dƒrx|
sÁ|rG|d7}n
|d7}|d|j7}|d	7}t
}
qÁq‚|r·t|dƒr·|sÁ|d|7}|d	7}t
}qÁq‚||7}q‚W|	r|jr||d7}|dj|jj	dƒƒ7}|d	7}n|rG|jrG||d7}||j7}|d	7}n|r‹|
r‹|d7}|j
rt|d
7}n
|d7}|d	7}n|rÅ|rÅ|jrÅ|d7}||j7}|d	7}n|
s|rÞ|d7}n
|d7}|d|j7}|d	7}n|r.|r.|d|7}|d	7}n|jƒ|j|ƒ|jƒWdy|ri|jƒnWntk
r}nXXt
S(NRIRiRjRktcrypti¤R
Rs
R
Rüsssl RýtnoRþsnss_schema t
tls_cacertdirt
TLS_CACERTDIRtpam_passwords
pam_password (RRRORøRÿRëR R2RR	R%R+R4R6R8R"R:RR¼R	R<R=(R”R>RóRûRt	writepadltwriteschematwritepamtwrotebasedntwroteservertwrotessltwroteschemat	wrotepasstwrotecacertdirRìRKtpassalgoRRØ((s!/usr/share/authconfig/authinfo.pyt
writeLDAP2•
s¾	
	

	










	










cCs˜tjjttjƒrVttj|jƒ|jttjdddt	t	t	ƒntjjtt
jƒr¬tt
j|jƒ|jtt
jdddt	t	tƒntjjttjƒrttj|jƒ|jttjdddt	tt	ƒntjjtt
jƒrXtt
j|jƒ|jtt
jdddt	ttƒnttj|jƒ|jttjdddtttƒ}|S(NRóRûRtURItHOSTtBASE(R4R£RRãRRRR£RéR%RRRRtCFG_OPENLDAP(R”Rø((s!/usr/share/authconfig/authinfo.pyRµ
s(cCsRd}|jdkr|dS|jdks;|jdkrF||jS|dSdS(Nscrypt_style = RkRlRmtdes(RO(R”Rø((s!/usr/share/authconfig/authinfo.pyt
cryptStyle scCs©t}t}d}d}d}ttj|jƒzDtttjdƒ}xÓ|jD]È}|j	ƒ}|dkr¢t
|dƒr¢||jƒd7}t}qUnt
|dƒr|dkrá|rá||jƒd7}t}n|dj
ddƒd	}|dkrt}qn||7}qUW|sT|d
7}||jƒd7}t}t}n|jƒ|j|ƒ|jƒWdy|r|jƒnWntk
r£nXXtS(NRIi¤RRs
RiRLis[defaults]
(RRRãRRR£RøRRÿRëR RïR%R	RR¼R	R<R=(R”twrotecryptstylet
wrotedefaultsRRìRKRRØ((s!/usr/share/authconfig/authinfo.pyR¶*sH	
	


c	Cst}t}d}d}d}ttj|jƒ|jdkrJd}nd}|jdksn|jdkrwd}nd|jjƒd	}z^tttj	d
ƒ}xú|j
D]ï}tj|ƒ}	|	dk	rE|	j
dƒ}
|
jdƒr||7}q±n|	j
d
ƒ}|dkr-|	j
dƒ}n|dkrRd}qRn
||7}q±|
dkrt||7}t}q±n|
dkr–||7}t}q±n||7}q±W|s·||7}n|sÊ||7}n|jƒ|j|ƒ|jƒWdy|r|jƒnWntk
rnXXtS(NRIRksMD5_CRYPT_ENAB yes
sMD5_CRYPT_ENAB no
RiRjsENCRYPT_METHOD DES
sENCRYPT_METHOD s
i¤iR
iiRR(RRRãR"RR£RORÐRøRRÿR#R$R1RR%RR¼R	R<R=(R”t
wrotemd5crypttwroteencmethodRRìRKtmd5cryptt	encmethodRR$R¤R#((s!/usr/share/authconfig/authinfo.pyR·_sd		







cCsâ|jdƒ}t|ƒdkr3|jdƒ}nt|ƒdkr½yat|dƒ}|dkrh|S|r†|dkr†|ddS|r¥|dkr¥|ddSWq½tk
r¹q½Xn|rÌd}nd}|dd	|S(
NRiR
is = -1s = 0s-1RGs = (R	RR(RR+(R”RR#RØRÌ((s!/usr/share/authconfig/authinfo.pytformatClassReqParam¡s$
	c
Csít}t}t}t}t}t}t}t}d}	d}
ttj|jƒzjtttjdƒ}	x|	jD]}|j	dƒdj
ƒ}t|dƒrË|ss|
d|jd7}
t
}qsqsnt|dƒr|ss|
d	|jd7}
t
}qsqsnt|d
ƒr=|ss|
d|jd7}
t
}qsqsnt|dƒrv|ss|
d
|jd7}
t
}qsqsnt|dƒr·|ss|
|j||jƒd7}
t
}qsqsnt|dƒrø|ss|
|j||jƒd7}
t
}qsqsnt|dƒr9|ss|
|j||jƒd7}
t
}qsqsnt|dƒrz|ss|
|j||jƒd7}
t
}qsqsn|
|7}
qsW|s¦|
d|jd7}
n|sÄ|
d	|jd7}
n|sâ|
d|jd7}
n|s|
d
|jd7}
n|s&|
|jd|jƒd7}
n|sL|
|jd|jƒd7}
n|sr|
|jd|jƒd7}
n|s˜|
|jd|jƒd7}
n|	jƒ|	j|
ƒ|	jƒWdy|	rÓ|	jƒnWntk
rçnXXt
S(NRIi¤R
iR&s	minlen = s
R'sminclass = R(smaxrepeat = R)smaxclassrepeat = R*R+R,R-(RRRãR.RR£RøRRÿR	RëR RPR%RQRRRSRöRTRURVRWRR¼R	R<R=(
R”twroteminlent
wroteminclasstwrotemaxrepeattwrotemaxclassrepeatt
wrotereqlowert
wroterequppert
wrotereqdigitt
wrotereqotherRìRKRRØ((s!/usr/share/authconfig/authinfo.pyR¸·s¢								    


c'Cs¬
t}t}t}t}t}t}t}t}t}	t}
t}t}t}
t}t}tjttjƒ}d}d}d}d}ttj|j	ƒ|j
rº|jrº|j}n?|jsÌ|j
rð|jdkrð|jrð|j}n	|j}|j|jkrt}nze	tttjdƒ}x,|jD]!}|jƒ}t|dtƒrq|s7t}qqq7n|dkrÕ|rÕ||jkrÕt|dƒrÕ|s7|jrÆ|t|jƒ7}nt}q7q7n|dkrH|jdkrH|rH||jkrHt|dƒrH|s7|jr9|t|jƒ7}nt}q7q7n|dkr¬|r¬||jkr¬t|dƒr¬|s7|jr|t|jƒ7}nt}q7q7n|dkrB|rB|jddƒ}t|ƒdkró||7}q7n|d	}|jr||jkrt}n|jrB||jkrBt}qBn|dkr|rt|d
ƒr|jrÂ||jkrÂ|s|t|jƒ7}t}n|sÂ|t|jƒ7}t}qÂn|jrÿ||jkrÿ|sÿ|t|jƒ7}t}qÿnd}n|dkr]t|dƒr]|r7|
r7|d
7}||7}|d7}t}
q7q7n|dkrÀt|dƒrÀ|s7|d7}|tt|jƒƒj ƒ7}|d7}t}q7q7n|dkr#t|dƒr#|s7|d7}|tt|j!ƒƒj ƒ7}|d7}t}q7q7n|dkr‚|jr‚t||jj ƒƒslt|d|jj ƒƒr‚||7}t}
q7nt|dƒrN|s²|dtd7}t}n|dkrö|jrö|rö|t"|j|j|jƒ7}t}n|dkr7|jr7|r7|t"|j|jdƒ7}t}n|dkr|rw|
rw|d
7}||7}|d7}t}
n|jdkrÉ|rÉ|d7}|tt|jƒƒj ƒ7}|d7}t}n|j!dkr|r|d7}|tt|j!ƒƒj ƒ7}|d7}t}qn|dkrª|jrª|
rª|d|jj ƒ7}|d|j7}|d7}|d|jj ƒ7}|d|j7}|d7}t}
qªn|rò|dkrÅt}qò|dkrÚt}	qò|dkròt}qòn|djddƒd	}|dkr!t}qN|dkr6t}qN|dkrNt}qNn||7}q7W|	s>	|su|d7}n|r£|
r£|d
7}||7}|d7}n|jdkrï|rï|d7}|tt|jƒƒj ƒ7}|d7}n|j!dkr>	|r>	|d7}|tt|j!ƒƒj ƒ7}|d7}q>	n|rº	|jsW	|jrº	|sj	|d7}n|s’	|t"|j|j|jƒ7}n|sº	|t"|j|jdƒ7}qº	n|rW
|jrW
|sÝ	|d7}n|jrW
|
rW
|d|jj ƒ7}|d|j7}|d7}|d|jj ƒ7}|d|j7}|d7}qW
n|j#ƒ|j$|ƒ|j%ƒWdy|r’
|j&ƒnWnt'k
r¦
nXXtS(NRIRÏi¤sincludedir RRLRiiRRR
s default_realm = s
Rs dns_lookup_realm = Rs dns_lookup_kdc = tdomain_realmRRR
s = s .RLs[libdefaults]
s	[realms]
s[domain_realm]
((RR4R…tPATH_KRB5_INCLUDEDIRtR_OKRRãRRR£R`R@RqRRXRYR%RøRRÿRëR R<RMRZR>RPR	RR'RhR[R!R\RRRR¼R	R<R=(R”t
wroterealmtwrotekdct
wroteadmint
wrotesmbrealmtwrotesmbkdctwroterealmstwrotelibdefaultstwroterealms2twrotelibdefaults2twrotedefaultrealmt
wrotednsrealmtwrotednskdctwroteourdomrealmt
wrotedomrealmtwrotedomrealm2twroteincdirRRRìRKtdefaultrealmRRØR#((s!/usr/share/authconfig/authinfo.pyR¹s˜	!			!		!		!		

	!		


	

	

	-
	
		


	

	



				







"




cCssy|j|dƒ}Wntjk
r3d}nX||kro|dkr\|j|ƒn|j||ƒndS(Nt	_provider(R<RR=Rtremove_providertadd_provider(R”Rtnewprovidertsubtypetprov((s!/usr/share/authconfig/authinfo.pytchangeProvider
s
cCs|js
tS|jr%|jr%tSy|jjdƒ}Wn&tjk
rc|jjdƒ}nX|jr˜|j	r˜|j
dkr˜|jddƒn(y|jdƒWntj
k
r¿nX|jj|ƒ|ry|jjttjƒWqtk
rqXntS(Ntpamtsssdt
pam_cert_authR%(RªR%R¬RItget_serviceRtNoServiceErrortnew_serviceR]R—Rdt
set_optiont
remove_optionR=tsave_serviceR¼RãR4RR=(R”twrite_configR((s!/usr/share/authconfig/authinfo.pytwriteSSSDPAM
s*	!
cCsÐ|js
tSttj|jƒ|jtƒ|jr;tS|j	s™|j
sQtSy|jjtƒ|_	Wq™t
jk
r•|jjtƒ|_	q™Xn|j	}y|jjdƒWn$t
jk
rÜ|jjdƒnX|jjdƒt}|jr+t}|j|ddƒ|j|ddƒn|jr]|j|ddƒ|j|ddƒn2|jr|j|ddƒ|j|ddƒnxÆtD]¾\}}y›t||ƒ}|dkrÏt|ƒ}nt|ƒtkrô|j||ƒnHt|ƒtkr/|r|j||ƒq<|j|ƒn
|j|ƒWq–t
j k
rSq–Xq–W|jj!|ƒ|r‡|jj"|j#ƒƒn|jj$|j#ƒƒy|jj%ttj&ƒWnt'k
rËnXtS(NtautofsR€tidRxRntchpassR3((RªR%RãR4RR£R$RRbR«RIt
new_domainR7RtDomainAlreadyExistsErrorR6RRRtactivate_serviceR_RR`RaR>RôRttypeRhR R'R!R=tsave_domaintactivate_domaintget_nametdeactivate_domainR¼RR=(R”RtactivateRÊtoptionR©((s!/usr/share/authconfig/authinfo.pyRº1
sj	
							
cCs‘|jdkrtSttj|jƒd}d}d}|jtdƒkrk|d7}|d7}d}nt	d|jd|d	|gƒtS(
Ns/usr/sbin/gdm-safe-restarttnoneRås ,/etc/pkcs11/lockhelper.sh -locks&,/etc/pkcs11/lockhelper.sh -deactivatetlock_screensuse_module=sins_action=s
rm_action=(
RdRR%RãtCFG_PAM_PKCS11RR£RcRçRá(R”tinsacttrmactRF((s!/usr/share/authconfig/authinfo.pyR¼w
s

	
c
Cs0d}d}d}ttj|jƒttj|jƒtjjttj	ƒ}tjj
|ƒs…|jr~tj|ƒq…t
Sndtjdƒd}d}|js¶|jrí||7}d}||7}d}|d7}|d7}n|jr6|jr6||7}d}||7}d}|d7}|d	7}n|js[|jr’|jr’|jr’||7}d}||7}d}|d
7}|d7}nd}|jtd
ƒkrä||7}d}||7}d}|d7}|d7}nytjttj	ƒWntk
rnXytjttj	ƒWntk
r;nX|dkrz;tttj	dƒ}|jƒ|j|ƒ|jƒWdy|rœ|jƒnWntk
r°nXXz;tttj	dƒ}|jƒ|j|ƒ|jƒWdy|r|jƒnWntk
rnXXntjdƒt
S(NRIs# Generated by authconfig on s%Y/%m/%d %H:%M:%Ss
s
[org/gnome/login-screen]
s&enable-smartcard-authentication=false
s7/org/gnome/login-screen/enable-smartcard-authentications%enable-password-authentication=false
s7/org/gnome/login-screen/enable-password-authentication
s(enable-fingerprint-authentication=false
s:/org/gnome/login-screen/enable-fingerprint-authentication
s3
[org/gnome/settings-daemon/peripherals/smartcard]
Råsremoval-action='lock-screen'
s1/org/gnome/settings-daemon/peripherals/smartcard
i¤sdconf update(RRãt	CFG_DCONFRR£tCFG_DCONF_LOCKSR4R£tdirnameRRR]tmakedirsR%ttimetstrftimeRdRfReRcRçR)R;RøRR¼R	R<R=R“(R”RìRKtlockstlocksdirtheadertgroupHeader((s!/usr/share/authconfig/authinfo.pyR½ˆ
s	







%
















cCsod}|d7}|dtjdƒd7}|d7}|d7}|d7}|jrv|d7}||j7}|d7}n|jr¯|d7}||jjd	d
ƒ7}|d7}n|jrÜ|d7}||j7}|d7}n|jr	|d7}||j7}|d7}n|jr6|d
7}||j7}|d7}n|jrc|d7}||j7}|d7}n|j	r|d7}||j	7}|d7}n|j
r½|d7}||j
7}|d7}n|jrÝ|d7}|d7}n|d7}|d7}|d7}|tt
|jƒƒjƒ7}|d7}|d7}|tt
|jƒƒjƒ7}|d7}|d7}|d7}|S(Ns#--authconfig--start-line--
s
s# Generated by authconfig on s%Y/%m/%d %H:%M:%SsF# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
sE# Any modification may be deleted or altered by authconfig in future
s   workgroup = s   password server = RR
s   realm = s   security = s   idmap config * : range = s   winbind separator = s   template homedir = s   template shell = s'   kerberos method = secrets and keytabs!   kerberos method = secrets onlys    winbind use default domain = s   winbind offline logon = s#--authconfig--end-line--
(R;R<RgRZRRYRXRhRiRjRkRnR'RhRlR!Rm(R”RK((s!/usr/share/authconfig/authinfo.pyt
paramsWinbindá
sh



	


	

	


	


	


	


	


	


	








cCs>d}x'|D]}t||ƒr
d}Pq
q
W||7}|S(NRIRK(RV(R”RRØRàRKRB((s!/usr/share/authconfig/authinfo.pytcheckLineWinbinds

c
Cs$t}t}d}ttj|jƒdddddddd	d
ddd
ddg}d}d}ztttjdƒ}x.|jD]#}|j	ƒ}|r»t
|dƒr…t}q…q…nt
|dƒrÖt}q…nt
|dƒsôt
|dƒr||7}q…nt|dƒ}	|	rsd|	krs|	j
dƒdjƒ}||7}|dkr…||jƒ7}t}q…q…n|dkrž||j|||ƒ7}q…n||7}q…W|sÏ|d7}||jƒ7}n|jƒ|j|ƒ|jƒWdy|r
|jƒnWntk
rnXXtS(NRIRTspassword serverRQRUs
domain logonss
domain masters	idmap uids	idmap gidswinbind separatorstemplate homedirstemplate shellswinbind use default domainswinbind offline logonskerberos methodi¤s#--authconfig--end-line--s#--authconfig--start-line--RKR
RRLiRMs	[global]
(RRãRNRR£RRøRRÿRëR R%RR	R!RARBRR¼R	R<R=(
R”tauthsectiontwroteauthsectionRRàRìRKRRØR#((s!/usr/share/authconfig/authinfo.pyR¾(sb	

	



c
Cs‚d}d}d}t}t}t}t}t}t}	t}
t}d}d}
ttj|jƒzítttjdƒ}|jr‘|d7}n|d7}|j	r±|d7}n|}|j
rÍ|d7}n|jrã|d7}n|jrù|d7}n|j
r|d	7}n|js*|js*|jrA|d
7}|d
7}n|jrW|d7}n|jrw|jrw|d7}n|jr|d
7}n|jr£|d7}n|jr¹|d7}n|jrÏ|d7}n|}|jró|jddƒ}n|}|jr|d7}ntjttjƒs`|jrK|jrK|jddƒ}q`|jd
dƒ}n|d7}|jr€|d7}n|jr–|d7}n|j r¬|d7}n|jrÂ|d7}n|j
rØ|d	7}n|jsî|d7}n|j!r|d7}nx|j"D]
}|j#ƒ}t$|dƒr_|s|
d7}
|
|7}
|
d7}
t%}qqt$|dƒrž|s|
d7}
|
|7}
|
d7}
t%}qqt$|dƒrÝ|s|
d 7}
|
|7}
|
d7}
t%}qqt$|d!ƒr|
s|
d"7}
|
|7}
t%}
qqt$|d#ƒrQ|s|
d$7}
|
|7}
|
d7}
t%}qqt$|d%ƒr|s|
d&7}
|
|7}
|
d7}
t%}qqt$|d'ƒrÏ|	s|
d(7}
|
|7}
|
d7}
t%}	qqt$|d)ƒr|s|
d*7}
|
|7}
|
d7}
t%}qq|
|7}
qW|sC|
d7}
|
|7}
|
d7}
n|sj|
d7}
|
|7}
|
d7}
n|s‘|
d 7}
|
|7}
|
d7}
n|s¸|
d$7}
|
|7}
|
d7}
n|sß|
d&7}
|
|7}
|
d7}
n|	s|
d(7}
|
|7}
|
d7}
n|s-|
d*7}
|
|7}
|
d7}
n|j&ƒ|j'|
ƒ|j(ƒWdy|rh|j)ƒnWnt*k
r|nXXt%S(+NRIi¤s dbs filess	 altfiless directoriess	 odbcbinds nispluss niss ssss	 ldapbinds ldaps hesiodbinds hesiods dbibinds dbbindtfilesR]s winbindR}R€s  mdns4_minimal [NOTFOUND=return]s dnss winss myhostnamespasswd:spasswd:    s
sshadow:sshadow:    sgroup:sgroup:     sinitgroups:R
s	netgroup:snetgroup:  s
automount:sautomount: shosts:shosts:     s	services:sservices:  (+RRRãRgRR£RøRRoR¥RpRrRsRtR~RIRbRuR_RvRwRxRyRzRRqR4R…tPATH_LIBSSS_AUTOFSRR|RR{R}RÿRëR R%RR¼R	R<R=(R”tuserstnormalthoststwrotepasswdt
wrotegrouptwroteshadowt
wrotenetgrouptwroteautomountt
wrotehoststwroteinitgroupst
wroteservicesRìRKtservicestnetgroupRRØ((s!/usr/share/authconfig/authinfo.pyRÀps:	
	
	
	
	
	


	

	
	
	
	
		

	
	
	
	
	
	
	















































c
Csft|t}|t}|t}d}|rX|rXd}|dkr—|dkr—|r‚|jrjt}nt}djtƒ}q—|jr—t	}q—n|dkrÊ|dkrÊ|j
rÁt}qÊt}n|dkr]|dkr|t
kr|jrZt}qZq]|dks|dkr]|jdkrZ|td}	|j|	d	<dj|	ƒ}qZq]n|d
kr£|dkr£|js|js|jr£|jr£t}n|dkr×tjdtd
ftjƒr×d
}n|dkrö|d7}t}n|d|||f7}|ro||jkrotjdt|ftjƒro|jtdt|fƒƒt|j|<n|dkr‡|j }n|dkrŸ|j!}n|dkr·|j"}n|dkrÏ|j#}n|dksç|d
kró|j$}n|dkr|j%}n|dkrG|dkrG|jrG|tt&krGd}n|rn|trndj|tƒ}n|dkrœ|j'rœ|dkrœ|d7}n|dkr¾|j(r¾|d7}n|d
krÌ|dkrd|j)r|j)dkr|d|j)7}n|j*r|d|j*7}n|j+r5|d7}n|jrK|d7}n|j,rd|d 7}qdn|dkr‰|j,r‰|d 7}q‰n|dkrÌ|j-s¹|j.s¹|js¹|j/rÉ|d!7}qÉqÌn|d"kr|dkrdj|tƒd|j0}n|dkr>|dkr>|t1kr>|j2d#d$ƒ}n|rX|d|7}qXn|d%7}|S(&NRIRwRnR
RxRoRviiR|RŒs%s/pam_%s.sotoddjob_mkhomedirR‹t-s%-12s%-13s pam_%s.sos_Authentication module %s/pam_%s.so is missing. Authentication process might not work correctly.R†R‡R{R…R}tforward_passR‚Rqs
 cached_logins# krb5_auth krb5_ccache_type=KEYRINGRis rounds=s shadows niss nulloks broken_shadowRtR`Ras
(3t
pam_stackstSTACKtLOGICtNAMER`tLOGIC_FORCE_PKCS11_KRB5tLOGIC_FORCE_PKCS11Rtargv_force_pkcs11_authtLOGIC_PKCS11_KRB5R]tLOGIC_IGNORE_AUTH_ERRtLOGIC_IGNORE_UNKNOWNtLOGIC_SKIPNEXTtLOGIC_SKIPNEXT3R›RtARGVR—R™RbRttLOGIC_SUFFICIENTR4R…tAUTH_MODULE_DIRtX_OKRtmodule_missingR¢RçR%R€RR„R…R‡Rštargv_sssd_missing_nameRmRnROR‰RŠR‹RŒRaRR‚tLOGIC_SKIPNEXT_ON_FAILURER(
R”R”t
forcescardtwarnR’tlogicR¤RKR‘targv((s!/usr/share/authconfig/authinfo.pytformatPAMModule4s´

							
!		
	3	!

		
	
		!$
cCs’tjj|ƒ}tjj|ƒ}|r1|s>|rŽ|rŽytj|ƒWntk
rbnXytj||ƒWqŽtk
rŠqŽXndS(N(R4R£RtislinkR)R;tsymlink(R”RRRìR÷((s!/usr/share/authconfig/authinfo.pytlinkPAMService–s

cCs}xvtttttgD]_}td|}tjj|ƒ}tjj	|ƒ}|r[|sh|r|rt
|_dSqWdS(Ns/pam.d/(RrRutPASSWORD_AUTH_PAM_SERVICEtFINGERPRINT_AUTH_PAM_SERVICEtSMARTCARD_AUTH_PAM_SERVICERqR4R£RRoRR˜(R”RRìR÷((s!/usr/share/authconfig/authinfo.pytcheckPAMLinked¤s	cUCs[d}d}t|j|jƒzðtt|jdƒ}|d7}|d7}|d7}|d7}|j}|j}|j}	t	}
|t
kr—t}
n|tkr¬t}	n|t
krÇt}t}n|joÜ|jdk}g}xt|D]ú}
|r|
t|tkr|d7}n|
}|
tsÎ|jrF|
td	ksÎ|jr_|
td
ksÎ|jrx|
tdksÎ|jr‘|
tdksÎ|jrª|
td
ksÎ|jrÃ|
tdksÎ|jr÷|jr÷|
tdkr÷|
ttksÎ|jrF|rF|
tdkr&|
ttksÎ|
tdkrF|
ttksÎ|jri|jri|
tdksÎ|r•|r•|
tdkr•|
tt ksÎ|rÒ|rÒ|
ttkrÒ|
tdkrÒ|
t!t"ksÎ|rï|rï|
tdksÎ|r|r|r|
tdksÎ|r.|r.|
tdksÎ|	rD|
tdksÎ|j#r]|
tdksÎ|j$rv|
tdksÎ|j%r|
tdksÎ|jsª|jsª|j&rÊ|
tdkrÊ|
tt ksÎ|jså|jså|j&r9|j'r9|
tdks)|
tdkr9|
t!t(kr9|j)r9|
ttksÎ|j*rb|
tdkrb|
tt+ksÎ|j,r{|
tdksÎ|j-r”|
tdksÎ|j)rð|
ttkrð|
tdkrð|
t!t.krð||j/|
||
ƒ7}qðqðW|j0ƒ|j1|ƒ|j2ƒWdy|r)|j3ƒnWnt4k
r=nXX|j5|t6d|ƒtS(NRIi¤s
#%PAM-1.0
s# This file is auto-generated.
s/# User changes will be destroyed the next time sauthconfig is run.
Rs
R~safs.krbR†RtRtepsRxRyR€R}RvRwR„RzRR‡R‚R{R…RŒs/pam.d/(7RRãRR£RøRRfR]ReRtSTANDARDR%tFINGERPRINTt	SMARTCARDR—Rdtpam_modulesRXt	MANDATORYRŽRZRRRƒR’R‘R`R™Rctargv_krb5_sc_authtAUTHRaRhRYRaR“R”RRbRtRiR–R•tACCOUNTR†RˆtLOGIC_REQUISITERnRR¼R	R<R=RqRq(R”R•tcfgtcfg_basenametcfg_linkRìRKRfR]ReRktuse_sssd_smartcard_supportt
prevmoduleR”((s!/usr/share/authconfig/authinfo.pytwritePAMService®sŒ



						

#  #, #;*)  


cCs{i|_|jttttƒ|jtttt	ƒ|jt
ttt
ƒ|jttttƒ|jttttƒtS(N(RgR…RwRptAUTH_PAM_SERVICE_ACRrt	POSTLOGINRttPOSTLOGIN_PAM_SERVICE_ACRut
PASSWORD_ONLYtCFG_PASSWORD_PAMtPASSWORD_AUTH_PAM_SERVICE_ACRrRxtCFG_FINGERPRINT_PAMtFINGERPRINT_AUTH_PAM_SERVICE_ACRsRytCFG_SMARTCARD_PAMtSMARTCARD_AUTH_PAM_SERVICE_ACRtR%(R”((s!/usr/share/authconfig/authinfo.pyRÁs	cCsáttj|jƒytjttjƒ}Wntk
rBtSX|j	d|j
ƒ|j	d|jƒ|jd|j
ƒ|j	d|jƒ|j	d|jƒ|j	d|jƒ|j	d|jƒ|j	d|jƒ|j	d	|jƒ|j	d
|jƒ|j	d|jƒ|j	d|jƒ|j	d
|jƒ|j	d|jƒ|j	d|jƒ|j	d|jƒ|j	d|jƒ|jd|jƒ|jddƒ|j	d|jƒ|j	d|jƒ|j	d|j ƒ|j	d|j!ƒ|j	d|j"ƒ|j	d|j#ƒ|j	d|j$ƒ|j	d|j%ƒ|j	d|j&ƒ|j	d|j'ƒ|j	d|j(ƒ|j	d|j)ƒ|jd |j*ƒ|jd!|j+ƒ|jd"|j,ƒ|j-d#ƒ|j.ƒt/S($NR›RŸR RšR£R¦RR¡R±R³RµR¶R¥R§R¨RªR©RÄR¬R²R´R·R¸R¹RºR»R¼R½R¾R¿RÀRÁRÂRÃi¤(0RãRÅRR£RâRÕRR=RtsetBoolValueRRƒRÖR‚RoRwR_RtR’R”RqRnR~R`RaR]RfReRORRŠRR—R•R†RˆR–RœRBRbR R¡RRžRŸR¼R<R%(R”Ræ((s!/usr/share/authconfig/authinfo.pyRÂsT

cCsqttj|jƒytjttjƒ}Wntk
rBtSX|j	d|j
ƒ|jdƒ|jƒt
S(NRÊi¤(RãRËRR£RâRÕRR=RRÖRLR¼R<R%(R”Ræ((s!/usr/share/authconfig/authinfo.pyRÃ:s

cCs¿|j}|jƒ|_|_|jrY|jrY|jrY|rY|jjdƒqYntƒ}t|ƒdkr“|j	|kr“|d|_	n|j
r»|jr»t|_
t
|_ndS(NR^i(RIRßR™R~R—RóRÉRäRRdR RbRR%R¤(R”toldimplicittmodules((s!/usr/share/authconfig/authinfo.pytprewriteUpdateHs		!	cCsd|jtƒ|jƒ|jtdƒyÆ|jƒ}|oF|jƒ}|oX|jƒ}|jry|os|j	ƒ}n|j
s‹|jr |oš|jƒ}n|j
sÁ|jrÖ|jdkrÖ|oÐ|jƒ}n|jrô|oî|jƒ}n|jr|o|jƒ}n|js$|jr9|o3|jƒ}n|jsK|jr`|oZ|jƒ}n!|jr|o{|jtƒ}n|o|jƒ}|o¢|jƒ}|o´|jƒ}|oÆ|jƒ}|oØ|j ƒ}|oê|j!ƒ}Wn<t"t#fk
r,t$j%j&t't$j(ƒdƒdƒt)SXx0|j*D]%}|j+r7|j,j-|j+ƒq7q7W|S(Ns/lastRÏis
(.RÑR%R“tsetupBackuptPATH_CONFIG_BACKUPSR¶R·R$RwR²R_RaRµR`RRXR¹R]R¼RtR³RqR¾RIR™RºR—R$RÀRÁRÂRÃRÄR½R;R=RºR»R¼R'texc_infoRRÇRîR°tadd(R”RøR1((s!/usr/share/authconfig/authinfo.pyR¼VsL
						$	cCså|jƒ|jtƒ|jƒ|jtdƒt}yjxc|jD]X}|j||ƒrE|jr{|ou|jƒ}n|j	r|j
j|j	ƒqqEqEWWn<tt
fk
ràtjjttjƒdƒdƒtSX|S(Ns/lastis
(RuRÑR%R“R”R•RÇR÷RíRîR°R—R;R=RºR»R¼R'R–R(R”RËRøR1((s!/usr/share/authconfig/authinfo.pytwriteChangeds 

		!$cCsšd}d}g}g}tjdgtjdgtjdgtjdgg}tjƒ}|sddS|jdƒs€|d7}n||jdƒ}d|}tj|tjtjƒ}xJ|D]B}|j	tjkr¿|j
jjdƒ|_
t|ƒ|_q¿q¿Wd|}tj|tjtjƒ}|sXd|}tj|tjtjƒ}nx?|D]7}|j	tjkr_|j
j|_|jr–Pq–q_q_W|jrd|j}tj|tjtjƒ}xƒ|D]{}|j	tjkrÒ|j
jjdƒ}|j
jr"|d	|j
j7}n|jrA|jd
|7_qM||_qÒqÒWd|j}tj|tjtjƒ}x†|D]{}|j	tjkr€|j
jjdƒ}|j
jrÐ|d	|j
j7}n|jrï|jd
|7_qû||_q€q€Wnx‘|D]‰}|d|}tj||d
tjƒ}xV|D]N}|j	tjkr@|j|kr@d|d|_|jdƒ|_Pq@q@Wq	WdS(NRIthstnsRs
_ldap._tcps
_kerberos.t	_kerbeross_kerberos._udp.R,Rs_kerberos-adm._udp.ii(t	dnsclienttDNS_C_INtDNS_C_HSRñtgetfqdntendswithR-RÈt	DNS_T_SRVtdns_typetrdataRéR
R2R‘R4t	DNS_T_TXTtdataR@RðR<R>t	DNS_T_SOAtdns_nameRJRK(R”thostnametqnametresultsRORbRth((s!/usr/share/authconfig/authinfo.pytprobe‘sx





		

	

	

c
Csdt|jƒGHdGHdt|jƒGHdt|jƒGHdt|jƒGHd|jGHd|jGHdt|jƒGHd	t|jƒGHd
|j	GHd|j
GHdt|jƒGHd
|jGHd|j
GHdt|jƒGHdt|jƒGHd|jGHd|jGHd|jGHd|jGHd|jGHd|jGHdt|jƒGHdt|jƒGHdt|jƒGHdt|jƒGHdt|jƒGHdGHdt|jƒGHd|jGHdt|jƒGHd |jGHd!t|jƒGHd"|j GHd#t|j!ƒGHd$|j"GHd%t|j#ƒGHd	t|jƒGHd
|j	GHd|j
GHd&|j$pYd'GHd(t|j%o|j&o€|j'd)kƒGHd*t|j%o«|j&o«|j'd)kƒGHd+t|j(ƒGHd,|j'GHd-|j)GHd.t|j*ƒGHd/t|j+ƒGHd0t|j,ƒGHd|jGHd|jGHd|jGHd|jGHd1t|j&ƒGHd2t|j-ƒGHd3t|j.ƒGHd4t|j/ƒGHd5|j0rd6p d7GHd8|j1GHd9|j2GHd:|j3GHd;t|j4ƒ|j5fGHd<t|j6ƒ|j7fGHd=t|j8ƒ|j9fGHd>t|j:ƒ|j;fGHd?t|j<ƒ|j=fGHd@t|j>ƒ|j?fGHdAt|j@ƒGHdS(BNs
caching is %ssnss_files is always enabledsnss_compat is %ssnss_db is %ssnss_hesiod is %ss hesiod LHS = "%s"s hesiod RHS = "%s"snss_ldap is %ss LDAP+TLS is %ss LDAP server = "%s"s LDAP base DN = "%s"s
nss_nis is %ss NIS server = "%s"s NIS domain = "%s"snss_nisplus is %ssnss_winbind is %ss SMB workgroup = "%s"s SMB servers = "%s"s SMB security = "%s"s SMB realm = "%s"s Winbind template shell = "%s"s SMB idmap range = "%s"snss_sss is %s by defaultsnss_wins is %ssnss_mdns4_minimal is %ssmyhostname is %ss%DNS preference over NSS or WINS is %sspam_unix is always enableds shadow passwords are %ss! password hashing algorithm is %sspam_krb5 is %ss krb5 realm = "%s"s krb5 realm via dns is %ss krb5 kdc = "%s"s krb5 kdc via dns is %ss krb5 admin server = "%s"spam_ldap is %ss LDAP schema = "%s"R2spam_pkcs11 is %sRsSSSD smartcard support is %ss# use only smartcard for login is %ss smartcard module = "%s"s  smartcard removal action = "%s"spam_fprintd is %sspam_ecryptfs is %sspam_winbind is %sspam_sss is %s by defaults! credential caching in SSSD is %ss6 SSSD use instead of legacy services if possible is %ssIPAv2 is %ssIPAv2 domain was %sjoinedsnot RIs IPAv2 server = "%s"s IPAv2 realm = "%s"s IPAv2 domain = "%s"spam_pwquality is %s (%s)spam_passwdqc is %s (%s)spam_access is %s (%s)spam_faillock is %s (%s)s0pam_mkhomedir or pam_oddjob_mkhomedir is %s (%s)s'Always authorize local users is %s (%s)s;Authenticate system accounts against network services is %s(ARªRHRzRoRwRJRKR_R6R2R4RtRNRLRsRqRgRZRXRYRkRhR~R{R|R}RRŠROR`R@R[R<R\R>RaR8R]R—RdRfRcReR’RRBRœRbR RRŸRžRR€R”RR†R…RƒR‚RˆR‡R•R„R–(R”((s!/usr/share/authconfig/authinfo.pyt	printInfoäs”+*cCsux.ttttfD]}t|j|jƒqW|jrWtj	dƒtj	dƒntj	dƒtj	dƒt
S(Ns/usr/sbin/pwconvs/usr/sbin/grpconvs/usr/sbin/pwunconvs/usr/sbin/grpunconv(t
CFG_SHADOWt
CFG_PASSWDtCFG_GSHADOWt	CFG_GROUPRãRR£RŠR4R“R%(R”R€((s!/usr/share/authconfig/authinfo.pyRÄ0s	


c
Cs³d}|js|jr©|jr©|jjddƒdjddƒdjddƒd}|j}|j}|s{d}n|dkr—|dkr—dStd|r©d	p¬d
||r»dp¾d
||jf}|rìtj	j
d|ƒn|jsü|rt||d
|jƒ\}}n(t
|gdtƒ}|jƒ|j}|rp|dkr¦|jtdƒƒq¦q©|dkr©tdƒ}	|	d|7}	|j|	ƒq©n|dkS(NiRiR
s	RÏRs join %s%s %s%s -U %ss-w RIs-S s[%s]
ssword:R«s'Winbind domain join was not successful.s]Winbind domain join was not successful. The net join command failed with the following error:s
(RqRR§RZR	RgRXtPATH_WINBIND_NETRºR»R¼R¨R×R¯R%R±R³R¢Rç(
R”RÇRÍRéRtprotocoltcmdR¹RÌterrmsg((s!/usr/share/authconfig/authinfo.pyt
joinDomain<s89			!
	c
Cs£d}|jr™|j}|j}|j}|j}|j}|jrNd}nd}td|rfdpid||rxdp{d||rŠdpd||rœdpŸd|||r²d	pµd
f
}	|rtj	j
d|	ƒt|	gdtƒ}
|
j
ƒ|
j}nt|	|d|ƒ\}}|dkr5t|_n|r`|dkr–|jtd
ƒƒq–q™|dkr™tdƒ}|d|7}|j|ƒq™n|dkS(Nis-NRIs! --noac %s%s %s%s %s%s %s%s %s %ss	--domain=s	--server=s--realm=s--principal=s--unattendeds-Ws[%s]
R«s%IPAv2 domain join was not successful.seIPAv2 domain join was not successful. The ipa-client-install command failed with the following error:s
(RbRRžRŸR§R¨R¡tPATH_IPA_CLIENT_INSTALLRºR»R¼R¯R%R±R³R×R R¢Rç(
R”RÇRÍRéRRQt	principalRqtnontpR´RÌR¹Rµ((s!/usr/share/authconfig/authinfo.pyt
joinIPADomain_sB								
cCstd}tj|ƒdS(Ns  --uninstall --noac --unattended(R·R4R“(R”R´((s!/usr/share/authconfig/authinfo.pytuninstallIPA‡s
cCsX|sT|jr,tjdƒtjdƒqTytjdƒWqTtk
rPqTXntS(NR!(RHR¢R–R1R;R%(R”R¥((s!/usr/share/authconfig/authinfo.pyR±‹s	

cCsc|jrÜ|jrÜ|s/tjd|jƒnyAtjdƒtjtƒtjdƒ|sotjdƒnWnt	k
rƒnXyAtjt
ƒtjdƒ|sÄtjdƒtjdƒnWq_t	k
rØq_Xnƒ|sòtjdƒnyYtjdƒtjt
ƒ|s=ytjdƒWq=t	k
r9q=XntjdƒWnt	k
r^nXt
S(Ns/bin/domainname sG[[ $(getsebool allow_ypbind) == *off* ]] && setsebool -P allow_ypbind 1trpcbindtypbinds/bin/domainname "(none)"sF[[ $(getsebool allow_ypbind) == *on* ]] && setsebool -P allow_ypbind 0(RtRLR4R“R¡tPATH_RPCBINDR¢R—R1R;tPATH_YPBINDR–R˜R%(R”R¥((s!/usr/share/authconfig/authinfo.pyR´–sB











cCsƒt|js|jo|jtd|ƒ|jrZytjdƒWqtk
rVqXn%ytjdƒWntk
r~nXtS(Ntnslcdse[[ $(getsebool authlogin_nsswitch_use_ldap) == *off* ]] && setsebool -P authlogin_nsswitch_use_ldap 1sd[[ $(getsebool authlogin_nsswitch_use_ldap) == *on* ]] && setsebool -P authlogin_nsswitch_use_ldap 0(	R¦R_RaRIt
PATH_NSLCDR4R“R;R%(R”R¥((s!/usr/share/authconfig/authinfo.pyRÆºs
	

cCs#t|jp|jtd|ƒdS(NR‚(R¦RqRtPATH_WINBIND(R”R¥((s!/usr/share/authconfig/authinfo.pyR¿ËscCs¢|jr|jpE|jr-tjjtƒpE|joEtjjtƒ}|jpf|jpf|jpf|}t	|t
d|pš|oš|jp™|jp™|jƒdS(NR(R~R—R4R£texiststPATH_SSSD_CONFIGRIR™RbR¦t	PATH_SSSD(R”R¥texplicitenableR—((s!/usr/share/authconfig/authinfo.pyR»ÐscCsB|jr>tjdtdftjƒr>tttd|ƒndS(Ns%s/pam_%s.soRTtoddjobd(RˆR4R…ReRfR¦R%tPATH_ODDJOBD(R”R¥((s!/usr/share/authconfig/authinfo.pyRÅÛs
cCs8x|jD]}||ƒq
W|jr4|jƒndS(N(R°R¤R»(R”R¥Rñ((s!/usr/share/authconfig/authinfo.pytpostãs	cCsx|js|jrtytj|jƒWn>tk
rf\}}|tjkrgtj|jdƒqgnXt	|jƒSt
S(Nií(R_RaR4R¡R:R;RBtENOENTRRÝR(R”RÓRÔ((s!/usr/share/authconfig/authinfo.pyttestLDAPCACertsés
cCsE|js|jrA|js*d|jkrAtjd|jƒndS(Nsldaps:s/usr/sbin/cacertdir_rehash (R_RaR6R2R4R“R:(R”((s!/usr/share/authconfig/authinfo.pytrehashLDAPCACertsôscCs|js
tS|jƒyWtj|jƒ}t|jdtdƒ}|j|j	ƒƒ|j
ƒ|j
ƒWn.ttt
fk
rž|jtdƒƒtSX|jƒtS(NRØi¤s Error downloading CA certificate(R©RRËturllib2turlopenRHR:tLDAP_CACERT_DOWNLOADEDR¼R½R<R=R;R+R¢RçRÌR%(R”treadftwritef((s!/usr/share/authconfig/authinfo.pytdownloadLDAPCACertùs	


cCs¢|ddkr!td|}n||_t|ƒsžyQtj|ƒ}x;|D]3}ytj|d|ƒWqOtk
rqOXqOWWqžtk
ršqžXndS(NiRØs/backup-(R•R£RÝR4RÙR)R;(R”RRR>((s!/usr/share/authconfig/authinfo.pyR”	s	


cCs@|j|ƒt}x&tD]}|j|jƒo5|}qW|S(N(R”R%RãRR£(R”RRøR€((s!/usr/share/authconfig/authinfo.pyt
saveBackups


cCsQ|ddkr!td|}nt}x#tD]}|j|ƒoF|}q.W|S(NiRØs/backup-(R•R%RãR (R”RRøR€((s!/usr/share/authconfig/authinfo.pyt
restoreBackups
cCs|jtdƒS(Ns/last(RÔR•(R”((s!/usr/share/authconfig/authinfo.pytrestoreLast's(TRžRŸRòRÍRÎRÏRßRçRîRõRúRRR	RRR%R/RCRJRQRSRWRoR"RvRsRÉRÌRÎRRÑR½RÒR$R²R³RéRµRïR¶R·RöR¸R¹RR$RºR¼R½RARBR¾RÀRnRqRuR…RÁRÂRÃR“R¼R˜R¬RRÄR¶RºR»R±R´RÆR¿R»RÅRÉRËRÌRÒR”RÓRÔRÕ(((s!/usr/share/authconfig/authinfo.pyRé%s¢	Ö							*			9			K		"	1	*		 	
	+	7			œ	¸			"				U	u		
	5	B		\	õ	
		F		Y	:	
	H	Ä	b		
	T			/			)		S	L		#	(			$											((((((s
ldapServersldap_uri(s
ldapBaseDNR5(senableLDAPSR7(s
ldapSchemasldap_schema(s
ldapCacertDirR;(skerberosKDCR=(skerberosAdminServerR?(s
kerberosRealmRA(senableCacheCredsRC(senableCacheCredsskrb5_store_password_if_offline((ÛRtreR4RÒR7RñR¸RÃR¡RâRœRºRBRÍRïR;Rýt
subprocessRtgettexttlgettextRçRtImportErrorRRqRrR†RuRˆRrR‹RsRRtRR7R'tglobalstLIBDIRRetPATH_PWCONVR¾R#RÁRÂRÅR¿RÈtPATH_SEBOOLt
PATH_SCEVENTDRßtPATH_LIBNSS_DBtPATH_LIBNSS_LDAPR£RtPATH_LIBNSS_NIStPATH_LIBNSS_HESIODtPATH_LIBNSS_ODBCBINDtPATH_LIBNSS_WINBINDtPATH_LIBNSS_WINStPATH_LIBNSS_SSSt
PATH_PAM_KRB5t
PATH_PAM_LDAPtPATH_PAM_WINBINDtPATH_PAM_PKCS11tPATH_PAM_FPRINTDtPATH_PAM_SSSRFRR²R·RÿRÏR•RÄtLOGIC_REQUIREDRRdtLOGIC_OPTIONALR`R_tLOGIC_PKCS11R\R^R[RaRbtLOGIC_ALWAYS_SKIPRiRRRRR R"R$R)R*R+R3RDRHRMRPRRRVtargv_unix_authtargv_unix_passwordt
argv_afs_authtargv_afs_passwordtargv_pwquality_passwordtargv_passwdqc_passwordt
argv_eps_authtargv_eps_passwordtargv_fprintd_authtargv_pkcs11_authR]Rhtargv_krb5_authR|targv_krb5_passwordtargv_ldap_authtargv_ldap_passwordt
argv_otp_authtargv_succeed_if_authtargv_succeed_if_accounttargv_succeed_if_sessiontargv_succeed_if_nonlogintargv_winbind_authtargv_winbind_passwordt
argv_sss_authtargv_sss_passwordtargv_keyinit_sessiontargv_ecryptfs_authtargv_ecryptfs_passwordtargv_ecryptfs_sessiontargv_succeed_if_not_gdmtargv_lastlog_gdmtargv_lastlog_not_gdmtargv_faildelayRŽtrangeR}R~tSESSIONtPASSWORDRWR{RXRYRZRcRwR‡R‰RxRyR•RzR%RR‘tDEFAULT_DNS_QUERY_SIZEtcompileR#RR’R treadlinkR¢R;R¦RªR×RÝRáRäRèR½RìRøR
R"R$R%RäRêRRRRRíRtCFG_KRBR4RNRgRÔRpRtRŠRŒRŽRÅRËRR.R"R4R®R¯R°R±R7R8RãR>Ré(((s!/usr/share/authconfig/authinfo.pyt<module>s‚
	
	
















																																																			(																																																																																																																																																																																																																																																																																																																																												


			Z					#S		7i
OHA YOOOO