diff options
author | Michael Scherer <misc@mageia.org> | 2012-01-08 22:40:52 +0000 |
---|---|---|
committer | Michael Scherer <misc@mageia.org> | 2012-01-08 22:40:52 +0000 |
commit | 71113b2bfe3d82fd3f7187dbdf9280e5a2ba3dc9 (patch) | |
tree | 33520425bfeb010810cbd9d5f66ecfeed8cdff4b /modules/pam/manifests | |
parent | 40f0b9a4ed6ee8734a6a5fde357b10a37d6c2aed (diff) | |
download | puppet-71113b2bfe3d82fd3f7187dbdf9280e5a2ba3dc9.tar puppet-71113b2bfe3d82fd3f7187dbdf9280e5a2ba3dc9.tar.gz puppet-71113b2bfe3d82fd3f7187dbdf9280e5a2ba3dc9.tar.bz2 puppet-71113b2bfe3d82fd3f7187dbdf9280e5a2ba3dc9.tar.xz puppet-71113b2bfe3d82fd3f7187dbdf9280e5a2ba3dc9.zip |
cleanup and refactoring of pam module
Diffstat (limited to 'modules/pam/manifests')
-rw-r--r-- | modules/pam/manifests/init.pp | 69 |
1 files changed, 23 insertions, 46 deletions
diff --git a/modules/pam/manifests/init.pp b/modules/pam/manifests/init.pp index 1c6c2b11..e5f6f970 100644 --- a/modules/pam/manifests/init.pp +++ b/modules/pam/manifests/init.pp @@ -1,53 +1,30 @@ class pam { + class base { + package { ["pam_ldap","nss_ldap","nscd"]: } - class base { - package { ["pam_ldap","nss_ldap","nscd"]: - ensure => installed, - } + service { nscd: + ensure => running, + path => '/etc/init.d/nscd', + } - service { nscd: - ensure => running, - path => '/etc/init.d/nscd', - } + file { + "/etc/pam.d/system-auth": content => template("pam/system-auth"); + "/etc/nsswitch.conf": content => template("pam/nsswitch.conf"); + "/etc/ldap.conf": content => template("pam/ldap.conf"); + } - file { "system-auth": - path => "/etc/pam.d/system-auth", - owner => root, - group => root, - mode => 644, - content => template("pam/system-auth") - } - - file { "nsswitch.conf": - path => "/etc/nsswitch.conf", - owner => root, - group => root, - mode => 644, - content => template("pam/nsswitch.conf") - } - - $ldap_password = extlookup("${fqdn}_ldap_password",'x') - file { "ldap.secret": - path => "/etc/ldap.secret", - owner => root, - group => root, - mode => 600, - content => $ldap_password - } - - file { "ldap.conf": - path => "/etc/ldap.conf", - owner => root, - group => root, - mode => 644, - content => template("pam/ldap.conf") - } - } + $ldap_password = extlookup("${fqdn}_ldap_password",'x') + file { "ldap.secret": + path => "/etc/ldap.secret", + mode => 600, + content => $ldap_password + } + } - define multiple_ldap_access($access_classes,$restricted_shell = false) { - if $restricted_shell { - include restrictshell + define multiple_ldap_access($access_classes,$restricted_shell = false) { + if $restricted_shell { + include restrictshell + } + include base } - include base - } } |