+
+ keytab = ' # Krb5KeyTab - No Keytab provided'
+ if opts['krb_httpd_keytab'] is None:
+ if os.path.exists('/etc/httpd/conf/http.keytab'):
+ keytab = ' Krb5KeyTab /etc/httpd/conf/http.keytab'
+ else:
+ if os.path.exists(opts['krb_httpd_keytab']):
+ keytab = ' Krb5KeyTab %s' % opts['krb_httpd_keytab']
+ else:
+ raise Exception('Keytab not found')
+
+ if opts['krb_realms'] is None:
+ realms = ' # KrbAuthRealms - Any trusted realm is allowed'
+ else:
+ realms = ' KrbAuthRealms %s' % opts['krb_realms']
+
+ tmpl = Template(CONF_TEMPLATE)
+ hunk = tmpl.substitute(keytab=keytab, realms=realms)
+ with open(opts['httpd_conf'], 'a') as httpd_conf:
+ httpd_conf.write(hunk)
+
+ # Add configuration data to database
+ po = PluginObject()
+ po.name = 'krb'
+ po.wipe_data()
+
+ # Update global config, put 'krb' always first
+ po.name = 'global'
+ globalconf = po.get_plugin_config(FACILITY)
+ if 'order' in globalconf:
+ order = globalconf['order'].split(',')
+ else:
+ order = []
+ order.insert(0, 'krb')
+ globalconf['order'] = ','.join(order)
+ po.set_config(globalconf)
+ po.save_plugin_config(FACILITY)