diff options
author | Michael Scherer <misc@mageia.org> | 2012-03-22 15:18:21 +0000 |
---|---|---|
committer | Michael Scherer <misc@mageia.org> | 2012-03-22 15:18:21 +0000 |
commit | 040e85305d9d750c7e9d7792aa6abfa4317cbf44 (patch) | |
tree | c3335954b6e80a6270803523554e9185db107e06 /deployment/access_classes/manifests/committers.pp | |
parent | 9440cbe275586919e2c10bbf904609938e34f537 (diff) | |
download | puppet-040e85305d9d750c7e9d7792aa6abfa4317cbf44.tar puppet-040e85305d9d750c7e9d7792aa6abfa4317cbf44.tar.gz puppet-040e85305d9d750c7e9d7792aa6abfa4317cbf44.tar.bz2 puppet-040e85305d9d750c7e9d7792aa6abfa4317cbf44.tar.xz puppet-040e85305d9d750c7e9d7792aa6abfa4317cbf44.zip |
split the module in several file
Diffstat (limited to 'deployment/access_classes/manifests/committers.pp')
-rw-r--r-- | deployment/access_classes/manifests/committers.pp | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/deployment/access_classes/manifests/committers.pp b/deployment/access_classes/manifests/committers.pp new file mode 100644 index 00000000..81dbdb13 --- /dev/null +++ b/deployment/access_classes/manifests/committers.pp @@ -0,0 +1,14 @@ +# for server where people can connect with ssh ( git, svn ) +class access_classes::committers { + # this is required, as we force the shell to be the restricted one + # openssh will detect if the file do not exist and while refuse to log the + # user, and erase the password ( see pam_auth.c in openssh code, + # seek badpw ) + # so the file must exist + # permission to use svn, git, etc must be added separatly + + pam::multiple_ldap_access { 'committers': + access_classes => ['mga-shell_access'], + restricted_shell => true, + } +} |