sysprep: remove kerberos data in the guest

Remove the generated kerberos data in the guest.

Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>

po/POTFILES-ml

@@ -19,6 +19,7 @@ sysprep/sysprep_operation_dhcp_server_state.ml
 sysprep/sysprep_operation_dovecot_data.ml
 sysprep/sysprep_operation_flag_reconfiguration.ml
 sysprep/sysprep_operation_hostname.ml
+sysprep/sysprep_operation_kerberos_data.ml
 sysprep/sysprep_operation_logfiles.ml
 sysprep/sysprep_operation_mail_spool.ml
 sysprep/sysprep_operation_net_hwaddr.ml

sysprep/Makefile.am

@@ -43,6 +43,7 @@ SOURCES = \
 	sysprep_operation_dovecot_data.ml \
 	sysprep_operation_flag_reconfiguration.ml \
 	sysprep_operation_hostname.ml \
+	sysprep_operation_kerberos_data.ml \
 	sysprep_operation_logfiles.ml \
 	sysprep_operation_mail_spool.ml \
 	sysprep_operation_net_hwaddr.ml \
@@ -79,6 +80,7 @@ OBJECTS = \
 	sysprep_operation_dovecot_data.cmx \
 	sysprep_operation_flag_reconfiguration.cmx \
 	sysprep_operation_hostname.cmx \
+	sysprep_operation_kerberos_data.cmx \
 	sysprep_operation_logfiles.cmx \
 	sysprep_operation_mail_spool.cmx \
 	sysprep_operation_net_hwaddr.cmx \

sysprep/sysprep_operation_kerberos_data.ml

@@ -0,0 +1,52 @@
+(* virt-sysprep
+ * Copyright (C) 2012 FUJITSU LIMITED
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *)
+
+open Sysprep_operation
+open Sysprep_gettext.Gettext
+
+module StringSet = Set.Make (String)
+module G = Guestfs
+
+let kerberos_data_perform g root =
+  let typ = g#inspect_get_type root in
+  if typ <> "windows" then (
+    let excepts = [ "/var/kerberos/krb5kdc/kadm5.acl";
+                    "/var/kerberos/krb5kdc/kdc.conf"; ] in
+    let paths = Array.to_list (g#glob_expand "/var/kerberos/krb5kdc/*") in
+    let set = List.fold_right StringSet.add paths StringSet.empty in
+    let excepts = List.fold_right StringSet.add excepts StringSet.empty in
+    let set = StringSet.diff set excepts in
+    StringSet.iter (
+      fun filename ->
+        try g#rm filename with G.Error _ -> ()
+    ) set;
+
+    []
+  )
+  else []
+
+let kerberos_data_op = {
+  name = "kerberos-data";
+  enabled_by_default = false;
+  heading = s_"Remove Kerberos data in the guest";
+  pod_description = None;
+  extra_args = [];
+  perform = kerberos_data_perform;
+}
+
+let () = register_operation kerberos_data_op