zentyal-users 2.3.15+quantal1 / usr / share / perl5 / EBox / KerberosModule.pm

This file is indexed.

/usr/share/perl5/EBox/KerberosModule.pm is in zentyal-users 2.3.15+quantal1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
# Copyright (C) 2012 eBox Technologies S.L.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License, version 2, as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

package EBox::KerberosModule;

use strict;
use warnings;

use Error qw( :try );
use EBox::Util::Random;

sub new
{
	my $class = shift;
	my $self = {};
	bless ($self, $class);
	return $self;
}

sub kerberosServicePrincipals
{
    my ($self) = @_;

    return [];
}

sub kerberosCreatePrincipals
{
    my ($self) = @_;

    my $sysinfo = EBox::Global->modInstance('sysinfo');
    my $hostname = $sysinfo->hostName();
    my $hostdomain = $sysinfo->hostDomain();

    my $data = $self->kerberosServicePrincipals();
    EBox::Sudo::silentRoot("rm -f $data->{keytab}");

    my $pass = EBox::Util::Random::generate(20);
    foreach my $service (@{$data->{principals}}) {
        $service = uc ($service);
        my $principal = "$service/$hostname.$hostdomain";

        # TODO Generate all principals with the same password to import them into samba
        my @cmds=();
        push (@cmds, 'kadmin -l add ' .
                  "--password='$pass' " .
                  "--max-ticket-life='1 day' " .
                  "--max-renewable-life='1 week' " .
                  "--attributes='' " .
                  "--expiration-time=never " .
                  "--pw-expiration-time=never " .
                  "--policy=default '$principal'");
        push (@cmds, "kadmin -l ext -k '$data->{keytab}' '$principal'");
        push (@cmds, "chown root:$data->{keytabUser} '$data->{keytab}'");
        push (@cmds, "chmod 440 '$data->{keytab}'");
        EBox::Sudo::silentRoot("kadmin -l del $principal");
        EBox::debug("Creating service principal $principal");
        EBox::Sudo::root(@cmds);
    }

    # Import service principals from Zentyal to samba
    if (EBox::Global->modExists('samba')) {
        my $sambaModule = EBox::Global->modInstance('samba');
        if ($sambaModule->isEnabled() and $sambaModule->isProvisioned()) {
            $sambaModule->ldb->ldapServicePrincipalsToLdb();
        }
    }
}

1;

APT Browse - Built by Thomas Orozco.