summaryrefslogtreecommitdiffstats
path: root/perl-install/standalone.pm
blob: 7e94d8ba9f674cc8a317c76245a683bb5f134c87 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
package standalone; # $Id$

use c;
use strict;
use common qw(N N_ if_ backtrace);
use Config;

#- for sanity (if a use standalone is made during install, MANY problems will happen)
require 'log.pm'; #- "require log" causes some pb, perl thinking that "log" is the log() function
if ($::isInstall) {
    log::l('ERROR: use standalone made during install :-(');
    log::l('backtrace: ' . backtrace());
}
$::isStandalone = 1;

$ENV{SHARE_PATH} ||= "/usr/share";

eval { #- allow standalone.pm to be used in drakxtools-backend without perl-Locale-gettext
    c::init_setlocale();
    Locale::gettext::bindtextdomain('libDrakX', "/usr/share/locale");
};

$::license = N_("This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
");

my $progname = common::basename($0);

my %usages = (
           'diskdrake' => "[--{" . join(",", qw(hd nfs smb dav removable fileshare)) . "}]",
           'drakbackup' => N_("[--config-info] [--daemon] [--debug] [--default] [--show-conf]
Backup and Restore application

--default             : save default directories.
--debug               : show all debug messages.
--show-conf           : list of files or directories to backup.
--config-info         : explain configuration file options (for non-X users).
--daemon              : use daemon configuration. 
--help                : show this message.
--version             : show version number.
"),

           'drakboot' => N_("[--boot] [--splash]
OPTIONS:
  --boot            - enable to configure boot loader
  --splash          - enable to configure boot theme
default mode: offer to configure autologin feature"),
           'drakbug' => N_("[OPTIONS] [PROGRAM_NAME]

OPTIONS:
  --help            - print this help message.
  --report          - program should be one of Mandriva Linux tools
  --incident        - program should be one of Mandriva Linux tools"),
           'drakconnect' => N_("[--add]
  --add             - \"add a network interface\" wizard
  --del             - \"delete a network interface\" wizard
  --skip-wizard     - manage connections
  --internet        - configure internet
  --wizard          - like --add"),
           'drakfont' => N_("
Font Importation and monitoring application

OPTIONS:
--windows_import : import from all available windows partitions.
--xls_fonts      : show all fonts that already exist from xls
--install        : accept any font file and any directory.
--uninstall      : uninstall any font or any directory of font.
--replace        : replace all font if already exist
--application    : 0 none application.
                 : 1 all application available supported.
                 : name_of_application like  so for staroffice 
                 : and gs for ghostscript for only this one."),
           'draksec' => "[--debug]
--debug: print debugging information",
           'drakTermServ' => N_("[OPTIONS]...
Mandriva Linux Terminal Server Configurator
--enable         : enable MTS
--disable        : disable MTS
--start          : start MTS
--stop           : stop MTS
--adduser        : add an existing system user to MTS (requires username)
--deluser        : delete an existing system user from MTS (requires username)
--addclient      : add a client machine to MTS (requires MAC address, IP, nbi image name)
--delclient      : delete a client machine from MTS (requires MAC address, IP, nbi image name)"),
	      'drakxtv' => "[--no-guess]",
	      'drakupdate_fstab' => " [--add | --del] <device>\n",
	      'keyboardrake' => N_("[keyboard]"),
           'logdrake' => N_("[--file=myfile] [--word=myword] [--explain=regexp] [--alert]"),
           'net_monitor' => N_("[OPTIONS]
Network & Internet connection and monitoring application

--defaultintf interface : show this interface by default
--connect : connect to internet if not already connected
--disconnect : disconnect to internet if already connected
--force : used with (dis)connect : force (dis)connection.
--status : returns 1 if connected 0 otherwise, then exit.
--quiet : do not be interactive. To be used with (dis)connect."),
	      'printerdrake' => " [--skiptest] [--cups] [--lprng] [--lpd] [--pdq]",
	      'rpmdrake' => N_("[OPTION]...
  --no-confirmation      do not ask first confirmation question in Mandriva Update mode
  --no-verify-rpm        do not verify packages signatures
  --changelog-first      display changelog before filelist in the description window
  --merge-all-rpmnew     propose to merge all .rpmnew/.rpmsave files found"),
           'scannerdrake' => N_("[--manual] [--device=dev] [--update-sane=sane_source_dir] [--update-usbtable] [--dynamic=dev]"),
	      'XFdrake' => N_(" [everything]
       XFdrake [--noauto] monitor
       XFdrake resolution"),
	      );

$usages{$_} = $usages{rpmdrake} foreach qw(rpmdrake-remove MandrivaUpdate);
$usages{Xdrakres} = $usages{XFdrake};


sub exit {
    explanations('### Program is exiting ###');
    CORE::exit(@_);
}

sub __exit {
    explanations('### Program is exiting ###');
    c::_exit(@_);
}



sub version() {
    print 'Drakxtools version 10
Copyright (C) 1999-2006 Mandriva by <install@mandriva.com>
',  $::license, "\n";
}

if (!$::no_global_argv_parsing) {
my ($i, @new_ARGV);
foreach (@ARGV) {
    $i++;
    if (/^-(-help|h)$/) {
	version();
	print N("\nUsage: %s  [--auto] [--beginner] [--expert] [-h|--help] [--noauto] [--testing] [-v|--version] ", $progname),
       if_($usages{$progname}, common::translate($usages{$progname})), "\n";
#    print N("\nUsage: "), $::usage, "\n" if $::usage;
	CORE::exit(0);
    } elsif (/^-(-version|v)$/) {
	version();
	CORE::exit(0);
    } elsif (/^--embedded$/) {
	$::XID = splice @ARGV, $i, 1;
	$::isEmbedded = 1;
    } elsif (/^--expert$/) {
	$::expert = 1;
    } elsif (/^--noauto$/) {
	$::noauto = /-noauto/;
    } elsif (/^--auto$/) {
	$::auto = 1;
    } elsif (/^--testing$/) {
	$::testing = 1;
    } elsif (/^--beginner$/) {
	$::expert = 0;
    } else {
	push @new_ARGV, $_;
    }
}

@ARGV = @new_ARGV;
}

################################################################################

#- stuff will go to special /var/log/explanations file
my $standalone_name;
sub explanations { log::explanations("@_") }

our @common_functs = qw(renamef linkf symlinkf output substInFile mkdir_p rm_rf cp_af touch setVarsInSh setExportedVarsInSh setExportedVarsInCsh update_gnomekderc);
our @builtin_functs = qw(chmod chown __exit exit unlink link symlink rename system);
our @drakx_modules = qw(Xconfig::card Xconfig::default Xconfig::main Xconfig::monitor Xconfig::parse Xconfig::proprietary Xconfig::resolution_and_depth Xconfig::screen Xconfig::test Xconfig::various Xconfig::xfree any bootloader bootlook c commands crypto detect_devices devices diskdrake diskdrake::hd_gtk diskdrake::interactive diskdrake::removable diskdrake::removable_gtk diskdrake::smbnfs_gtk fs fsedit http keyboard lang log loopback lvm modules::parameters modules mouse my_gtk network network::adsl network::ethernet network::connection network::isdn_consts network::isdn network::modem network::netconnect network::network fs::remote::nfs fs::remote::smb network::tools partition_table partition_table_bsd partition_table::dos partition_table::empty partition_table::gpt partition_table::mac partition_table::raw partition_table::sun printer printerdrake proxy raid run_program scanner services steps swap timezone network::drakfirewall network::shorewall);

sub bug_handler() {
    my $progname = $0;
    $progname =~ s|.*/||;
    exec("drakbug --incident $progname") 
}
$SIG{SEGV} = \&bug_handler;
$SIG{__DIE__} = \&bug_handler;

sub import() {
    ($standalone_name = $0) =~ s|.*/||;
    c::openlog($standalone_name . "[$$]");
    explanations('### Program is starting ###');

    eval "*common::$_ = *$_" foreach @common_functs;

    foreach my $f (@builtin_functs) {
	eval "*$_" . "::$f = *$f" foreach @drakx_modules;
	eval "*" . caller() . "::$f = *$f";
    }
}


sub renamef {
    explanations "moved file $_[0] to $_[1]";
    goto &MDK::Common::File::renamef;
}

sub linkf {
    explanations "hard linked file $_[0] to $_[1]";
    goto &MDK::Common::File::linkf;
}

sub symlinkf {
    explanations "symlinked file $_[0] to $_[1]";
    goto &MDK::Common::File::symlinkf;
}

sub output {
    explanations "created file $_[0]";
    goto &MDK::Common::File::output;
}

sub substInFile(&@) {
    explanations "modified file $_[1]";
    goto &MDK::Common::File::substInFile;
}

sub mkdir_p {
    explanations "created directory $_[0] (and parents if necessary)";
    goto &MDK::Common::File::mkdir_p;
}

sub rm_rf {
    explanations "removed files/directories (recursively) @_";
    goto &MDK::Common::File::rm_rf;
}

sub cp_af {
    my $retval = MDK::Common::File::cp_af(@_);
    my $dest = pop @_;
    explanations "copied recursively @_ to $dest";
    return $retval;
}

sub touch {
    explanations "touched file @_";
    goto &MDK::Common::File::touch;
}

sub setVarsInSh {
    explanations "modified file $_[0]";
    goto &MDK::Common::System::setVarsInSh;
}

sub setExportedVarsInSh {
    explanations "modified file $_[0]";
    goto &MDK::Common::System::setExportedVarsInSh;
}

sub setExportedVarsInCsh {
    explanations "modified file $_[0]";
    goto &MDK::Common::System::setExportedVarsInCsh;
}

sub update_gnomekderc {
    explanations "modified file $_[0]";
    goto &MDK::Common::System::update_gnomekderc;
}


sub chmod {
    my $retval = CORE::chmod(@_);
    my $mode = shift @_;
    explanations sprintf("changed mode of %s to %o", $_, $mode) foreach @_;
    return $retval;
}

sub chown {
    my $retval = CORE::chown(@_);
    my $uid = shift @_;
    my $gid = shift @_;
    explanations sprintf("changed owner of $_ to $uid.$gid") foreach @_;
    return $retval;
}

sub unlink {
    explanations "removed files/directories @_";
    CORE::unlink(@_);
}

sub link {
    explanations "hard linked file $_[0] to $_[1]";
    CORE::link($_[0], $_[1]);
}

sub symlink {
    explanations "symlinked file $_[0] to $_[1]";
    CORE::symlink($_[0], $_[1]);
}

sub rename {
    explanations "renamed file $_[0] to $_[1]" if -r $_[0];
    CORE::rename($_[0], $_[1]);
}

sub system {
    explanations "launched command: @_";
    CORE::system(@_);
}

1;
uthentication Wizard"), title => 1 }, {}, { label => N("You have selected LDAP authentication. Please review the configuration options below "), }, {}, { label => N("LDAP Server"), val => \$authentication->{LDAP_server} }, { label => N("Base dn"), val => \$authentication->{LDAPDOMAIN} }, { val => N("Fetch base Dn "), type => 'button' , clicked_may_quit => sub { $authentication->{LDAPDOMAIN} = fetch_dn($authentication->{LDAP_server}); 0 } }, {}, { text => N("Use encrypt connection with TLS "), val => \$authentication->{cafile}, type => 'bool' }, { val => N("Download CA Certificate "), type => 'button' , disabled => sub { !$authentication->{cafile} }, clicked_may_quit => sub { $authentication->{file} = add_cafile(); 0 } }, { text => N("Use Disconnect mode "), val => \$authentication->{ccreds}, type => 'bool' }, { text => N("Use anonymous BIND "), val => \$authentication->{anonymous}, type => 'bool' , advanced => 1 }, { text => N(" "), advanced => 1 }, { label => N("Bind DN "), val => \$authentication->{LDAP_binddn}, disabled => sub { !$authentication->{anonymous} }, advanced => 1 }, { label => N("Bind Password "), val => \$authentication->{LDAP_bindpwd}, disabled => sub { !$authentication->{anonymous} }, advanced => 1 }, { text => N(" "), advanced => 1 }, { text => N("Advanced path for group "), val => \$authentication->{nssgrp}, type => 'bool' , advanced => 1 }, { text => N(" "), advanced => 1 }, { label => N("Password base"), val => \$authentication->{nss_pwd}, disabled => sub { !$authentication->{nssgrp} }, advanced => 1 }, { label => N("Group base"), val => \$authentication->{nss_grp}, disabled => sub { !$authentication->{nssgrp} }, advanced => 1 }, { label => N("Shadow base"), val => \$authentication->{nss_shadow}, disabled => sub { !$authentication->{nssgrp} }, advanced => 1 }, { text => N(" "), advanced => 1 }, ]) or return; } elsif ($kind eq 'KRB5') { $authentication->{AD_domain} ||= $net->{resolv}{DOMAINNAME}; $in->do_pkgs->ensure_are_installed([ 'perl-Net-DNS' ], 1) or return; my @srvs = query_srv_names($authentication->{AD_domain}); #FIXME: update this list if the REALM has changed $authentication->{AD_server} ||= $srvs[0] if @srvs; my $AD_user = $authentication->{AD_user} =~ /(.*)\@\Q$authentication->{AD_domain}\E$/ ? $1 : $authentication->{AD_user}; $authentication->{ccreds} = 1; $in->ask_from('', N(" "), [ { label => N("Welcome to the Authentication Wizard"), title => 1 }, {}, { label => N("You have selected Kerberos 5 authentication. Please review the configuration options below "), }, {}, { label => N("Realm "), val => \$authentication->{AD_domain} }, {}, { label => N("KDCs Servers"), title => 1, val => \$authentication->{AD_server} , list => \@srvs , not_edit => 0, title => 1 }, {}, { text => N("Use DNS to locate KDC for the realm"), val => \$authentication->{KRB_host_lookup}, type => 'bool' }, { text => N("Use DNS to locate realms"), val => \$authentication->{KRB_dns_lookup}, type => 'bool' }, { text => N("Use Disconnect mode "), val => \$authentication->{ccreds}, type => 'bool' }, ]) or return; my %level = ( 1 => N("Use local file for users information"), 2 => N("Use LDAP for users information"), ); $in->ask_from('', N(" "), [ { label => N(" "), title => 1 }, {}, { label => N("You have selected Kerberos 5 for authentication, now you must choose the type of users information "), }, {}, { label => "" , val => \$authentication->{nsskrb}, type => 'list', list => [ keys %level ], format => sub { $level{$_[0]} } }, {}, { label => N("LDAP Server"), val => \$authentication->{LDAP_server}, disabled => sub { $authentication->{nsskrb} eq "1" } }, { label => N("Base dn"), val => \$authentication->{LDAPDOMAIN} , disabled => sub { $authentication->{nsskrb} eq "1" } }, { val => N("Fecth base Dn "), type => 'button' , clicked_may_quit => sub { $authentication->{LDAPDOMAIN} = fetch_dn($authentication->{LDAP_server}); 0 }, disabled => sub { $authentication->{nsskrb} eq "1" } }, {}, { text => N("Use encrypt connection with TLS "), val => \$authentication->{cafile}, type => 'bool',, disabled => sub { $authentication->{nsskrb} eq "1" } }, { val => N("Download CA Certificate "), type => 'button' , disabled => sub { !$authentication->{cafile} }, clicked_may_quit => sub { $authentication->{file} = add_cafile(); 0 } }, { text => N("Use anonymous BIND "), val => \$authentication->{anonymous}, type => 'bool', disabled => sub { $authentication->{nsskrb} eq "1" } }, { label => N("Bind DN "), val => \$authentication->{LDAP_binddn}, disabled => sub { !$authentication->{anonymous} } }, { label => N("Bind Password "), val => \$authentication->{LDAP_bindpwd}, disabled => sub { !$authentication->{anonymous} } }, {}, ]) or return; $authentication->{AD_user} = !$AD_user || $authentication->{sub_kind} eq 'anonymous' ? '' : $AD_user =~ /@/ ? $AD_user : "$AD_user\@$authentication->{AD_domain}"; $authentication->{AD_password} = '' if !$authentication->{AD_user}; } elsif ($kind eq 'NIS') { $authentication->{NIS_server} ||= 'broadcast'; $net->{network}{NISDOMAIN} ||= $net->{resolv}{DOMAINNAME}; $in->ask_from('', N(" "), [ { label => N("Welcome to the Authentication Wizard"), title => 1 }, {}, { label => N("You have selected NIS authentication. Please review the configuration options below "), }, {}, { label => N("NIS Domain"), val => \$net->{network}{NISDOMAIN} }, { label => N("NIS Server"), val => \$authentication->{NIS_server}, list => ["broadcast"], not_edit => 0 }, {}, ]) or return; } elsif ($kind eq 'winbind') { #- maybe we should browse the network like diskdrake --smb and get the 'doze server names in a list #- but networking is not setup yet necessarily # my @sec_domain = ( "Windows Active Directory Domain", "Windows NT4 Domain", ); $authentication->{DNS_domain} ||= $net->{resolv}{DOMAINNAME}; $authentication->{WINDOMAIN} ||= $net->{resolv}{DOMAINNAME}; $in->do_pkgs->ensure_are_installed([ 'samba-client' ], 1) or return; my @domains=list_domains(); $in->ask_from('', N(" "), [ { label => N("Welcome to the Authentication Wizard"), title => 1 }, {}, { label => N("You have selected Windows Domain authentication. Please review the configuration options below "), }, {}, { label => N("Windows Domain"), val => \$authentication->{WINDOMAIN}, list => \@domains, not_edit => 1 }, {}, { label => N("Domain Model "), val => \$authentication->{model}, list => \@sec_domain , not_edit => 1 }, {}, { label => N("Active Directory Realm "), val => \$authentication->{AD_domain} , disabled => sub { $authentication->{model} eq "Windows NT4 Domain" } }, { label => N("DNS Domain"), val => \$authentication->{DNS_domain} , disabled => sub { $authentication->{model} eq "Windows NT4 Domain" } }, { label => N("DC Server"), val => \$authentication->{AD_server} , disabled => sub { $authentication->{model} eq "Windows NT4 Domain" } }, {}, ]) or return; } $authentication->{$kind} ||= 1; 1; } sub ask_root_password_and_authentication { my ($in, $net, $superuser, $authentication, $meta_class, $security) = @_; my $kind = to_kind($authentication); my @kinds = kinds($in->do_pkgs, $meta_class); $in->ask_from_({ title => N("Authentication"), messages => N("Set administrator (root) password"), advanced_label => N("Authentication method"), advanced_messages => kind2description(@kinds), interactive_help_id => "setRootPassword", cancel => ($security <= 2 ? #-PO: keep this short or else the buttons will not fit in the window N("No password") : ''), focus_first => 1, callbacks => { complete => sub { check_given_password($in, $superuser, 2 * $security) or return 1,0; return 0; } } }, [ { label => N("Password"), val => \$superuser->{password}, hidden => 1 }, { label => N("Password (again)"), val => \$superuser->{password2}, hidden => 1 }, { label => N("Authentication"), val => \$kind, type => 'list', list => \@kinds, format => \&kind2name, advanced => 1 }, ]) or delete $superuser->{password}; ask_parameters($in, $net, $authentication, $kind) or goto &ask_root_password_and_authentication; } sub check_given_password { my ($in, $u, $min_length) = @_; if ($u->{password} ne $u->{password2}) { $in->ask_warn('', [ N("The passwords do not match"), N("Please try again") ]); 0; } elsif (length $u->{password} < $min_length) { $in->ask_warn('', N("This password is too short (it must be at least %d characters long)", $min_length)); 0; } else { 1; } } sub get() { my $system_auth = cat_("/etc/pam.d/system-auth"); my $authentication = { blowfish => to_bool($system_auth =~ /\$2a\$/), md5 => to_bool($system_auth =~ /md5/), shadow => to_bool($system_auth =~ /shadow/), }; my @pam_kinds = get_pam_authentication_kinds(); if (my $kind = find { intersection(\@pam_kinds, $kind2pam_kind{$_}) } keys %kind2pam_kind) { $authentication->{$kind} = ''; } else { #- we can't use pam to detect NIS if (my $yp_conf = read_yp_conf()) { $authentication->{NIS} = 1; map_each { $authentication->{"NIS_$::a"} = $::b } %$yp_conf; } } $authentication; } sub install_needed_packages { my ($do_pkgs, $kind, $ccreds) = @_; if (my $pkgs = $kind2packages{$kind}) { # install ccreds if required $ccreds and push(@$pkgs, 'pam_ccreds'); #- automatic during install $do_pkgs->ensure_are_installed($pkgs, $::isInstall) or return; } else { log::l("ERROR: $kind not listed in kind2packages"); } 1; } sub set { my ($in, $net, $authentication, $o_when_network_is_up) = @_; install_needed_packages($in->do_pkgs, to_kind($authentication), $authentication->{ccreds}) or return; set_raw($net, $authentication, $o_when_network_is_up); require services; services::set_status('network-auth', to_kind($authentication) ne 'local', 'dont_apply'); } sub set_raw { my ($net, $authentication, $o_when_network_is_up) = @_; my $conf_file = "$::prefix/etc/sysconfig/drakauth"; my $when_network_is_up = $o_when_network_is_up || sub { my ($f) = @_; $f->() }; enable_shadow() if $authentication->{shadow}; my $kind = to_kind($authentication); log::l("authentication::set $kind"); my $pam_modules = $kind2pam_kind{$kind} or log::l("kind2pam_kind does not know $kind"); $pam_modules ||= []; set_pam_authentication($pam_modules, $authentication->{ccreds}); my $nsswitch = $kind2nsswitch{$kind} or log::l("kind2nsswitch does not know $kind"); $nsswitch ||= []; set_nsswitch_priority($nsswitch, $authentication->{ccreds}); if ($kind eq 'local') { output($conf_file, <<EOF); auth=Local File server=none realm=none EOF } elsif ($kind eq 'SmartCard') { } elsif ($kind eq 'LDAP') { configure_nss_ldap($authentication); output($conf_file, <<EOF); auth=LDAP Directory server=$authentication->{LDAP_server} realm=$authentication->{LDAPDOMAIN} EOF if ($authentication->{ccreds}) { run_program::rooted($::prefix, '/usr/sbin/nss_updatedb.cron'); # updates offline cache. } } elsif ($kind eq 'KRB5') { configure_krb5_for_AD($authentication); configure_nss_ldap($authentication); output($conf_file, <<EOF); auth=Kerberos 5 server=$authentication->{AD_server} realm=$authentication->{AD_domain} EOF } elsif ($kind eq 'NIS') { my $domain = $net->{network}{NISDOMAIN}; my $NIS_server = $authentication->{NIS_server}; $domain || $NIS_server ne "broadcast" or die N("Cannot use broadcast with no NIS domain"); my $t = $domain ? ($NIS_server eq 'broadcast' ? "domain $domain broadcast" : "domain $domain server $NIS_server") : "server $NIS_server"; substInFile { if (/^#/) { $_ = '' if /^#\Q[PREVIOUS]/; } else { $_ = "#[PREVIOUS] $_"; } $_ .= "$t\n" if eof; } "$::prefix/etc/yp.conf"; #- no need to modify system-auth for nis $when_network_is_up->(sub { run_program::rooted($::prefix, 'nisdomainname', $domain); run_program::rooted($::prefix, 'service', 'ypbind', 'restart'); }); output($conf_file, <<EOF); auth=$kind server=$NIS_server realm=$domain EOF } elsif ($kind eq 'winbind') { my $domain = uc $authentication->{WINDOMAIN}; ($authentication->{winuser}, $authentication->{winpass}) = auth(); if ($authentication->{model} eq "Windows NT4 Domain") { require fs::remote::smb; fs::remote::smb::write_smb_conf($domain); run_program::rooted($::prefix, "chkconfig", "--level", "35", "winbind", "on"); mkdir_p("$::prefix/home/$domain"); run_program::rooted($::prefix, 'service', 'smb', 'restart'); run_program::rooted($::prefix, 'service', 'winbind', 'restart'); #- defer running smbpassword until the network is up $when_network_is_up->(sub { run_program::raw({ root => $::prefix, sensitive_arguments => 1 }, #'net', 'join', $domain, '-U', $authentication->{winuser} . '%' . $authentication->{winpass}); 'echo', '"', 'net', 'join', $domain, '-U', $authentication->{winuser} . '%' . $authentication->{winpass}, '"'); }); output($conf_file, <<EOF); auth=Windows NT4 Domain server= none realm=$domain EOF } else { # FIXME: the DC isn't named ads.domain... try to do reserve lookup? $authentication->{AD_server} ||= 'ads.' . $authentication->{AD_domain}; my $domain = uc $authentication->{WINDOMAIN}; my $realm = $authentication->{AD_domain}; ($authentication->{winuser}, $authentication->{winpass}) = auth(); configure_krb5_for_AD($authentication); require fs::remote::smb;