diff options
author | Michael Scherer <misc@mageia.org> | 2011-01-13 18:12:32 +0000 |
---|---|---|
committer | Michael Scherer <misc@mageia.org> | 2011-01-13 18:12:32 +0000 |
commit | 92d55871e5bc152f00464daffd5b80f8871d1a15 (patch) | |
tree | 973faad776df49061ff5ae95b9f306c77686a25a /modules/pam/manifests | |
parent | d3afcb16658f3486a4a41fcd57a2b067e4848ce7 (diff) | |
download | puppet-92d55871e5bc152f00464daffd5b80f8871d1a15.tar puppet-92d55871e5bc152f00464daffd5b80f8871d1a15.tar.gz puppet-92d55871e5bc152f00464daffd5b80f8871d1a15.tar.bz2 puppet-92d55871e5bc152f00464daffd5b80f8871d1a15.tar.xz puppet-92d55871e5bc152f00464daffd5b80f8871d1a15.zip |
move the type of access_class to deployment ( as this is tied to our group name )
Diffstat (limited to 'modules/pam/manifests')
-rw-r--r-- | modules/pam/manifests/init.pp | 26 |
1 files changed, 0 insertions, 26 deletions
diff --git a/modules/pam/manifests/init.pp b/modules/pam/manifests/init.pp index 732957c4..246bb4f6 100644 --- a/modules/pam/manifests/init.pp +++ b/modules/pam/manifests/init.pp @@ -47,30 +47,4 @@ class pam { define multiple_ldap_access($access_classes) { include base } - - # beware , this two classes are exclusives - # if you need multiple group access, you need to define you own class - # of access - - # for server where only admins can connect - class admin_access { - multiple_ldap_access { "admin_access": - access_classes => ['mga-sysadmin'] - } - } - - # for server where people can connect with ssh ( git, svn ) - class committers_access { - # this is required, as we force the shell to be the restricted one - # openssh will detect if the file do not exist and while refuse to log the - # user, and erase the password ( see pam_auth.c in openssh code, seek badpw ) - # so the file must exist - # permission to use svn, git, etc must be added separatly - - include restrictshell::shell - - multiple_ldap_access { "committers_access": - access_classes => ['mga-commiters'] - } - } } |