a >h @sbddlZddlZddlmZmZmZmZGdddeZGdddeeZGdddeeeZ dS) N)Plugin RedHatPlugin DebianPlugin UbuntuPluginc@s0eZdZdZdZdZdZdZddZdd Z dS) Krb5a:This plugin handles the collection of kerberos authentication config files and logging. Users should expect to see their krb5 config(s) in the final archive, along with krb5 logging and `klist` output. kdc configs and acls will also be collected from the distribution-spcecific kdc directory. zKerberos authenticationZkrb5)identitysystemNcCs\|dd|jd|jddg||jddd|d |jd |d dS) Nz/etc/krb5.confz/etc/krb5.conf.d/*z /kadm5.aclz /kdc.confz/var/log/kadmind.logz/var/log/krb5kdc.logZkerberos_kdc_log)tagsz klist -ket z/.k5*zklist -ket /etc/krb5.keytab)Z add_copy_speckdcdir collect_kinitadd_cmd_output)selfr;/usr/lib/python3.9/site-packages/sos/report/plugins/krb5.pysetups  z Krb5.setupcCst}d}||rt|ddd}|D]j}td|tjrn|dddd }| d |d qtd |tjr*| d |d qq*Wdn1s0YdS)a) Collect the kinit command output for the system with id_provider "AD" or "IPA" domains. While integrating the Linux M/c with AD the realmd will create a computer object on the AD side. The realmd and AD restrict the Hostname/SPN to 15 Characters. z/etc/sssd/sssd.confrzutf-8)encodingz\s*id_provider\s*=\s*ad.rNzMKRB5_TRACE=/dev/stdout kinit -k 'z$'z\s*id_provider\s*=\s*ipa') socketZgetfqdnZ path_isfileopenrematch IGNORECASEsplitupperr )r hostnameZ sssd_confflinerrrr +s(    zKrb5.collect_kinit) __name__ __module__ __qualname____doc__Z short_descZ plugin_nameZprofilesr rr rrrrrs rc@seZdZdZdZdS) RedHatKrb5)z krb5-libsz krb5-serverz/var/kerberos/krb5kdcNr r!r"Zpackagesr rrrrr$Gsr$c@seZdZdZdZdS) UbuntuKrb5)zkrb5-kdcz krb5-configz krb5-userz/var/lib/krb5kdcNr%rrrrr&Msr&) rrZsos.report.pluginsrrrrrr$r&rrrr s 7