Use tasks to configure automount nsswitch settings

authselect doesn't allow one to directly write to
/etc/nsswitch.conf. It will complain bitterly if it
detects it and will refuse to work until reset.

Instead it wants the user to write to
/etc/authselect/user-nsswitch.conf and then it will handle
merging in any differences.

To complicate matters some databases are not user configurable
like passwd, group and of course, automount. There are some
undocumented options to allow one to override these though so
we utilize that.

tasks are used so that authselect-based installations can still
write directly to /etc/nsswitch.conf and operate as it used to.

Reviewed-By: Francois Cami <fcami@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>

ipaplatform/redhat/paths.py

@@ -39,6 +39,7 @@ class RedHatPathNamespace(BasePathNamespace):
     AUTHCONFIG = '/usr/sbin/authconfig'
     AUTHSELECT = '/usr/bin/authselect'
     SYSCONF_NETWORK = '/etc/sysconfig/network'
+    NSSWITCH_CONF = '/etc/authselect/user-nsswitch.conf'
 
 
 paths = RedHatPathNamespace()

ipaplatform/redhat/tasks.py

@@ -744,4 +744,23 @@ class RedHatTaskNamespace(BaseTaskNamespace):
 
         return filenames
 
+    def enable_ldap_automount(self, statestore):
+        """
+        Point automount to ldap in nsswitch.conf.
+        This function is for non-SSSD setups only.
+        """
+        super(RedHatTaskNamespace, self).enable_ldap_automount(statestore)
+
+        authselect_cmd = [paths.AUTHSELECT, "enable-feature",
+                          "with-custom-automount"]
+        ipautil.run(authselect_cmd)
+
+    def disable_ldap_automount(self, statestore):
+        """Disable ldap-based automount"""
+        super(RedHatTaskNamespace, self).disable_ldap_automount(statestore)
+
+        authselect_cmd = [paths.AUTHSELECT, "disable-feature",
+                          "with-custom-automount"]
+        ipautil.run(authselect_cmd)
+
 tasks = RedHatTaskNamespace()