diff options
| author | Nicolas Vigier <boklm@mageia.org> | 2013-07-06 15:14:38 +0000 |
|---|---|---|
| committer | Nicolas Vigier <boklm@mageia.org> | 2013-07-06 15:14:38 +0000 |
| commit | f883d4afa9d46a4091bd1cd99fd0677643c779a5 (patch) | |
| tree | 82fdd0c048274199ee241288825ed4d693462de3 /modules/openssh | |
| parent | 93e656447c3f5201ee30e6e17a1841c65acc5269 (diff) | |
| download | puppet-f883d4afa9d46a4091bd1cd99fd0677643c779a5.tar puppet-f883d4afa9d46a4091bd1cd99fd0677643c779a5.tar.gz puppet-f883d4afa9d46a4091bd1cd99fd0677643c779a5.tar.bz2 puppet-f883d4afa9d46a4091bd1cd99fd0677643c779a5.tar.xz puppet-f883d4afa9d46a4091bd1cd99fd0677643c779a5.zip | |
openssh: switch to standard path for authorized_keys file
Diffstat (limited to 'modules/openssh')
| -rw-r--r-- | modules/openssh/manifests/pubkeys_directory.pp | 17 | ||||
| -rw-r--r-- | modules/openssh/manifests/ssh_keys_from_ldap.pp | 15 | ||||
| -rw-r--r-- | modules/openssh/manifests/symlink_user.pp | 19 | ||||
| -rw-r--r-- | modules/openssh/templates/sshd_config_ldap | 3 |
4 files changed, 1 insertions, 53 deletions
diff --git a/modules/openssh/manifests/pubkeys_directory.pp b/modules/openssh/manifests/pubkeys_directory.pp deleted file mode 100644 index cbcaeb88..00000000 --- a/modules/openssh/manifests/pubkeys_directory.pp +++ /dev/null @@ -1,17 +0,0 @@ -class openssh::pubkeys_directory { - $pubkeys_directory = '/var/lib/pubkeys' - file { $pubkeys_directory: - ensure => directory, - } - - file { "$pubkeys_directory/root": - ensure => directory, - mode => '0700', - } - - file { "$pubkeys_directory/root/authorized_keys": - ensure => link, - target => '/root/.ssh/authorized_keys', - mode => '0700', - } -} diff --git a/modules/openssh/manifests/ssh_keys_from_ldap.pp b/modules/openssh/manifests/ssh_keys_from_ldap.pp index 4615647c..d29cc7ae 100644 --- a/modules/openssh/manifests/ssh_keys_from_ldap.pp +++ b/modules/openssh/manifests/ssh_keys_from_ldap.pp @@ -1,19 +1,6 @@ -class openssh::ssh_keys_from_ldap($symlink_users = [], - $config = '') inherits server { - # root account authorized_keys will be symlinked - # if you want to add symlink on other accounts, use $symlink_users parameter - - File ['/etc/ssh/sshd_config'] { - content => template('openssh/sshd_config','openssh/sshd_config_ldap') - } - +class openssh::ssh_keys_from_ldap($config = '') inherits server { package { 'python-ldap': } - include openssh::pubkeys_directory - $pubkeys_directory = $openssh::pubkeys_directory::pubkeys_directory - - symlink_user { $symlink_users: } - $ldap_pwfile = '/etc/ldap.secret' $ldap_servers = get_ldap_servers() mga_common::local_script { 'ldap-sshkey2file.py': diff --git a/modules/openssh/manifests/symlink_user.pp b/modules/openssh/manifests/symlink_user.pp deleted file mode 100644 index f2e107b1..00000000 --- a/modules/openssh/manifests/symlink_user.pp +++ /dev/null @@ -1,19 +0,0 @@ -define openssh::symlink_user() { - include openssh::pubkeys_directory - $pubkeys_directory = $openssh::pubkeys_directory::pubkeys_directory - file { "$pubkeys_directory/$name": - ensure => directory, - owner => $name, - group => $name, - mode => '0700', - } - - file { "$pubkeys_directory/$name/authorized_keys": - # FIXME : fragile approximation for $HOME - ensure => link, - target => "/home/$name/.ssh/authorized_keys", - mode => '0700', - } -} - - diff --git a/modules/openssh/templates/sshd_config_ldap b/modules/openssh/templates/sshd_config_ldap deleted file mode 100644 index 31b29e21..00000000 --- a/modules/openssh/templates/sshd_config_ldap +++ /dev/null @@ -1,3 +0,0 @@ - -AuthorizedKeysFile /var/lib/pubkeys/%u/authorized_keys - |