summaryrefslogtreecommitdiffstats
path: root/perl-install/authentication.pm
diff options
context:
space:
mode:
Diffstat (limited to 'perl-install/authentication.pm')
-rw-r--r--perl-install/authentication.pm37
1 files changed, 29 insertions, 8 deletions
diff --git a/perl-install/authentication.pm b/perl-install/authentication.pm
index c757a4b5d..e8606b8db 100644
--- a/perl-install/authentication.pm
+++ b/perl-install/authentication.pm
@@ -49,6 +49,17 @@ my %kind2nsswitch = (
SMBKRB => ['winbind'],
);
+my %kind2packages = (
+ local => [],
+ SmartCard => [ 'castella-pam' ],
+ LDAP => [ 'openldap-clients', 'nss_ldap', 'pam_ldap', 'autofs' ],
+ AD => [ 'nss_ldap', 'pam_krb5', 'libsasl2-plug-gssapi' ],
+ NIS => [ 'ypbind', 'autofs' ],
+ winbind => [ 'samba-winbind' ],
+ SMBKRB => [ 'samba-winbind', 'pam_krb5', 'samba-server', 'samba-client' ],
+);
+
+
sub kind2description {
my (@kinds) = @_;
my %kind2description = (
@@ -203,9 +214,27 @@ sub get() {
};
}
+sub install_needed_packages {
+ my ($do_pkgs, $kind) = @_;
+ if (my $pkgs = $kind2packages{$kind}) {
+ #- automatic during install
+ $do_pkgs->ensure_are_installed($pkgs, $::isInstall) or return;
+ } else {
+ log::l("ERROR: $kind not listed in kind2packages");
+ }
+ 1;
+}
+
sub set {
my ($in, $net, $authentication, $o_when_network_is_up) = @_;
+ install_needed_packages($in->do_pkgs, to_kind($authentication)) or return;
+ set_raw($net, $authentication, $o_when_network_is_up);
+}
+
+sub set_raw {
+ my ($net, $authentication, $o_when_network_is_up) = @_;
+
my $when_network_is_up = $o_when_network_is_up || sub { my ($f) = @_; $f->() };
enable_shadow() if $authentication->{shadow};
@@ -225,10 +254,7 @@ sub set {
if ($kind eq 'local') {
} elsif ($kind eq 'SmartCard') {
- $in->do_pkgs->ensure_are_installed([ 'castella-pam' ], 1) or return;
} elsif ($kind eq 'LDAP') {
- $in->do_pkgs->ensure_are_installed([ qw(openldap-clients nss_ldap pam_ldap autofs) ]) or return;
-
my $domain = $authentication->{LDAPDOMAIN} || do {
my $s = run_program::rooted_get_stdout($::prefix, 'ldapsearch', '-x', '-h', $authentication->{LDAP_server}, '-b', '', '-s', 'base', '+');
first($s =~ /namingContexts: (.+)/);
@@ -242,7 +268,6 @@ sub set {
nss_base_group => $domain . "?sub",
);
} elsif ($kind eq 'AD') {
- $in->do_pkgs->ensure_are_installed([ qw(nss_ldap pam_krb5 libsasl2-plug-gssapi) ]) or return;
my $port = "389";
my $ssl = {
@@ -302,7 +327,6 @@ sub set {
configure_krb5_for_AD($authentication);
} elsif ($kind eq 'NIS') {
- $in->do_pkgs->ensure_are_installed([ qw(ypbind autofs) ], 1) or return;
my $domain = $net->{network}{NISDOMAIN};
$domain || $authentication->{NIS_server} ne "broadcast" or die N("Can not use broadcast with no NIS domain");
my $t = $domain ? "domain $domain" . ($authentication->{NIS_server} ne "broadcast" && " server") : "ypserver";
@@ -325,8 +349,6 @@ sub set {
my $domain = uc $authentication->{WINDOMAIN};
- $in->do_pkgs->ensure_are_installed([ 'samba-winbind' ], 1) or return;
-
require network::smb;
network::smb::write_smb_conf($domain);
run_program::rooted($::prefix, "chkconfig", "--level", "35", "winbind", "on");
@@ -345,7 +367,6 @@ sub set {
my $realm = $authentication->{AD_domain};
configure_krb5_for_AD($authentication);
- $in->do_pkgs->ensure_are_installed([ 'samba-winbind', 'pam_krb5', 'samba-server', 'samba-client' ]) or return;
require network::smb;
network::smb::write_smb_ads_conf($domain,$realm);