1
0
mirror of https://github.com/laurivosandi/certidude synced 2024-12-22 16:25:17 +00:00

config: Add 'mail suffix' for POSIX accounts to derive e-mail

This commit is contained in:
Lauri Võsandi 2018-04-10 09:28:47 +00:00
parent 1bf3298a21
commit d911e5da33
3 changed files with 4 additions and 1 deletions

View File

@ -13,6 +13,7 @@ AUTHENTICATION_BACKENDS = set([j for j in
cp.get("authentication", "backends").split(" ") if j]) # kerberos, pam, ldap cp.get("authentication", "backends").split(" ") if j]) # kerberos, pam, ldap
AUTHORIZATION_BACKEND = cp.get("authorization", "backend") # whitelist, ldap, posix AUTHORIZATION_BACKEND = cp.get("authorization", "backend") # whitelist, ldap, posix
ACCOUNTS_BACKEND = cp.get("accounts", "backend") # posix, ldap ACCOUNTS_BACKEND = cp.get("accounts", "backend") # posix, ldap
MAIL_SUFFIX = cp.get("accounts", "mail suffix")
KERBEROS_KEYTAB = cp.get("authentication", "kerberos keytab") KERBEROS_KEYTAB = cp.get("authentication", "kerberos keytab")
LDAP_AUTHENTICATION_URI = cp.get("authentication", "ldap uri") LDAP_AUTHENTICATION_URI = cp.get("authentication", "ldap uri")

View File

@ -21,6 +21,8 @@ kerberos keytab = FILE:{{ kerberos_keytab }}
# updated automatically by /etc/cron.hourly/certidude # updated automatically by /etc/cron.hourly/certidude
backend = posix backend = posix
mail suffix = example.lan
;backend = ldap ;backend = ldap
ldap gssapi credential cache = /run/certidude/krb5cc ldap gssapi credential cache = /run/certidude/krb5cc
ldap uri = ldap://dc.example.lan ldap uri = ldap://dc.example.lan

View File

@ -39,7 +39,7 @@ class PosixUserManager(object):
_, _, _, _, gecos, _, _ = pwd.getpwnam(username) _, _, _, _, gecos, _, _ = pwd.getpwnam(username)
gecos = gecos.split(",") gecos = gecos.split(",")
full_name = gecos[0] full_name = gecos[0]
mail = "%s@%s" % ("tteearu", "k-space.ee") # username, "k-space.ee") # const.DOMAIN) mail = "%s@%s" % (username, config.MAIL_SUFFIX)
if full_name and " " in full_name: if full_name and " " in full_name:
given_name, surname = full_name.split(" ", 1) given_name, surname = full_name.split(" ", 1)
return User(username, mail, given_name, surname) return User(username, mail, given_name, surname)