IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

advise: configure TLS in redhat_nss_pam_ldapd and redhat_nss_ldap plugins

Browse Source 
authconfig in config_redhat_nss_ldap and config_redhat_nss_pam_ldapd got
new option --enableldaptls

It should have effect primarily on el5 systems.

https://fedorahosted.org/freeipa/ticket/5654

Reviewed-By: Tomas Babej <tbabej@redhat.com>
This commit is contained in:
Petr Vobornik
2016-02-25 15:25:12 +01:00
committed by Tomas Babej
parent 271086ebdd
commit 02d3ea1062
2 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ipaserver/advise/plugins/legacy_clients.py
View File

@@ -195,7 +195,7 @@ class config_redhat_nss_pam_ldapd(config_base_legacy_client):
self.log.comment('Use the authconfig to configure nsswitch.conf ' self.log.comment('Use the authconfig to configure nsswitch.conf '
'and the PAM stack') 'and the PAM stack')
self.log.command('authconfig --updateall --enableldap ' self.log.command('authconfig --updateall --enableldap --enableldaptls '
'--enableldapauth --ldapserver=%s --ldapbasedn=%s\n' '--enableldapauth --ldapserver=%s --ldapbasedn=%s\n'
% (uri, base)) % (uri, base))
@@ -363,7 +363,7 @@ class config_redhat_nss_ldap(config_base_legacy_client):
self.log.comment('Use the authconfig to configure nsswitch.conf ' self.log.comment('Use the authconfig to configure nsswitch.conf '
'and the PAM stack') 'and the PAM stack')
self.log.command('authconfig --updateall --enableldap ' self.log.command('authconfig --updateall --enableldap --enableldaptls '
'--enableldapauth --ldapserver=%s --ldapbasedn=%s\n' '--enableldapauth --ldapserver=%s --ldapbasedn=%s\n'
% (uri, base)) % (uri, base))

7
ipatests/test_integration/test_advise.py
View File

@@ -104,7 +104,8 @@ class TestAdvice(IntegrationTest):
advice_regex = "\#\!\/bin\/sh.*" \ advice_regex = "\#\!\/bin\/sh.*" \
"yum[\s]+install[\s]+\-y[\s]+curl[\s]+openssl[\s]+nss_ldap" \ "yum[\s]+install[\s]+\-y[\s]+curl[\s]+openssl[\s]+nss_ldap" \
"[\s]+authconfig.*authconfig[\s]+\-\-updateall" \ "[\s]+authconfig.*authconfig[\s]+\-\-updateall" \
"[\s]+\-\-enableldap[\s]+\-\-enableldapauth[\s]+" \ "[\s]+\-\-enableldap[\s]+\-\-enableldaptls"\
"[\s]+\-\-enableldapauth[\s]+" \
"\-\-ldapserver=.*[\s]+\-\-ldapbasedn=.*" "\-\-ldapserver=.*[\s]+\-\-ldapbasedn=.*"
raiseerr = True raiseerr = True
@@ -116,8 +117,8 @@ class TestAdvice(IntegrationTest):
advice_regex = "\#\!\/bin\/sh.*" \ advice_regex = "\#\!\/bin\/sh.*" \
"yum[\s]+install[\s]+\-y[\s]+curl[\s]+openssl[\s]+" \ "yum[\s]+install[\s]+\-y[\s]+curl[\s]+openssl[\s]+" \
"nss\-pam\-ldapd[\s]+pam_ldap[\s]+authconfig.*" \ "nss\-pam\-ldapd[\s]+pam_ldap[\s]+authconfig.*" \
"authconfig[\s]+\-\-updateall[\s]+" \ "authconfig[\s]+\-\-updateall[\s]+\-\-enableldap"\
"\-\-enableldap[\s]+\-\-enableldapauth[\s]+" \ "[\s]+\-\-enableldaptls[\s]+\-\-enableldapauth[\s]+" \
"\-\-ldapserver=.*[\s]+\-\-ldapbasedn=.*" "\-\-ldapserver=.*[\s]+\-\-ldapbasedn=.*"
raiseerr = True raiseerr = True