Enable SSSD files domain unconditionally

Use authselect to update nsswitch to work with files domain
2022-04-06 10:18:21 -04:00 · 2022-04-06 10:18:21 -04:00 · bab09074b3
commit bab09074b3
parent da32f4f344
1 changed files with 23 additions and 11 deletions
--- a/src/config.jsx
+++ b/src/config.jsx
@ -397,6 +397,7 @@ class SssdConfig extends React.Component {
        this.handleSubmit = this.handleSubmit.bind(this);
        this.setConfig = this.setConfig.bind(this);
        this.confSave = this.confSave.bind(this);
+        this.restartSSSD = this.restartSSSD.bind(this);
        this.file = null;
        this.state = {
            scope: "",
@ -408,26 +409,34 @@ class SssdConfig extends React.Component {
        };
    }

+    restartSSSD() {
+        let sssd_cmd = ["systemctl", "restart", "sssd"];
+        cockpit.spawn(sssd_cmd, { superuser: "require" });
+        this.setState({ submitting: false });
+    }
+
    confSave(obj) {
+        let chmod_cmd = ["chmod", "600", "/etc/sssd/conf.d/sssd-session-recording.conf"];
+        /* Update nsswitch, this will fail on RHEL8/F34 and lower as 'with-files-domain' feature is not added there */
+        let authselect_cmd = ["authselect", "select", "sssd", "with-files-domain", "--force"];
        this.setState({ submitting: true });
        this.file.replace(obj).done(() => {
-            cockpit.spawn(
-                ["chmod", "600", "/etc/sssd/conf.d/sssd-session-recording.conf"],
-                { superuser: "require" }).done(() => {
-                cockpit.spawn(
-                    ["systemctl", "restart", "sssd"],
-                    { superuser: "require" }).done(() => {
-                    this.setState({ submitting: false });
-                })
-                        .fail((data) => console.log(data));
-            })
-                    .fail((data) => console.log(data));
+            cockpit.spawn(chmod_cmd, { superuser: "require" })
+                    .then(() => {
+                        cockpit.spawn(authselect_cmd, { superuser: "require" })
+                                .then(this.restartSSSD)
+                                .catch(this.restartSSSD);
+                    });
        });
    }

    setConfig(data) {
        if (data === null) {
            const obj = {};
+            /* Always enable files domain */
+            obj.sssd = {};
+            obj.sssd.enable_files_domain = "true";
+            obj.sssd.services = "nss";
            obj.session_recording = {};
            obj.session_recording.scope = "none";
            this.confSave(obj);
@ -459,6 +468,9 @@ class SssdConfig extends React.Component {

    handleSubmit(e) {
        const obj = {};
+        obj.sssd = {};
+        obj.sssd.enable_files_domain = "true";
+        obj.sssd.services = "nss";
        obj.session_recording = {};
        obj.session_recording.scope = this.state.scope;
        switch (this.state.scope) {