diff options
| author | Nicolas Vigier <boklm@mageia.org> | 2012-12-18 12:48:30 +0000 |
|---|---|---|
| committer | Nicolas Vigier <boklm@mageia.org> | 2012-12-18 12:48:30 +0000 |
| commit | dc5548977b2bf0e31b5a730ceab8b5e49bffde91 (patch) | |
| tree | c15cfda3f302e18b94118a2313054265fe9a8509 /modules/pam | |
| parent | 16edcd1b3301c4ef3832b131d1957881904b7772 (diff) | |
| download | puppet-dc5548977b2bf0e31b5a730ceab8b5e49bffde91.tar puppet-dc5548977b2bf0e31b5a730ceab8b5e49bffde91.tar.gz puppet-dc5548977b2bf0e31b5a730ceab8b5e49bffde91.tar.bz2 puppet-dc5548977b2bf0e31b5a730ceab8b5e49bffde91.tar.xz puppet-dc5548977b2bf0e31b5a730ceab8b5e49bffde91.zip | |
pam: remove "dynamic lookup" warnings
Diffstat (limited to 'modules/pam')
| -rw-r--r-- | modules/pam/templates/ldap.conf | 5 | ||||
| -rw-r--r-- | modules/pam/templates/system-auth | 1 |
2 files changed, 5 insertions, 1 deletions
diff --git a/modules/pam/templates/ldap.conf b/modules/pam/templates/ldap.conf index a1d751cf..5e550661 100644 --- a/modules/pam/templates/ldap.conf +++ b/modules/pam/templates/ldap.conf @@ -15,7 +15,10 @@ nss_map_attribute uniqueMember member sudoers_base ou=sudoers,<%= dc_suffix %> #sudoers_debug 2 -<% if restricted_shell %> +<%- +restricted_shell = scope.lookupvar('pam::multiple_ldap_access::restricted_shell') +if restricted_shell +-%> # for restricted access nss_override_attribute_value loginShell /usr/local/bin/sv_membersh.pl <% end %> diff --git a/modules/pam/templates/system-auth b/modules/pam/templates/system-auth index 4df9555e..de985687 100644 --- a/modules/pam/templates/system-auth +++ b/modules/pam/templates/system-auth @@ -11,6 +11,7 @@ auth required pam_deny.so account sufficient pam_localuser.so # not sure if the following bring something useful account required pam_ldap.so +<%- access_classes = scope.lookupvar('pam::multiple_ldap_access::access_classes') -%> <%- if access_classes -%> <%- access_classes.each { |ldap_group| -%> account sufficient pam_succeed_if.so quiet user ingroup <%= ldap_group %> |