aboutsummaryrefslogtreecommitdiffstats
path: root/modules/openssh/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'modules/openssh/manifests')
-rw-r--r--modules/openssh/manifests/pubkeys_directory.pp17
-rw-r--r--modules/openssh/manifests/server.pp3
-rw-r--r--modules/openssh/manifests/ssh_keys_from_ldap.pp26
-rw-r--r--modules/openssh/manifests/symlink_user.pp19
4 files changed, 9 insertions, 56 deletions
diff --git a/modules/openssh/manifests/pubkeys_directory.pp b/modules/openssh/manifests/pubkeys_directory.pp
deleted file mode 100644
index cbcaeb88..00000000
--- a/modules/openssh/manifests/pubkeys_directory.pp
+++ /dev/null
@@ -1,17 +0,0 @@
-class openssh::pubkeys_directory {
- $pubkeys_directory = '/var/lib/pubkeys'
- file { $pubkeys_directory:
- ensure => directory,
- }
-
- file { "$pubkeys_directory/root":
- ensure => directory,
- mode => '0700',
- }
-
- file { "$pubkeys_directory/root/authorized_keys":
- ensure => link,
- target => '/root/.ssh/authorized_keys',
- mode => '0700',
- }
-}
diff --git a/modules/openssh/manifests/server.pp b/modules/openssh/manifests/server.pp
index ce60646b..c45268d2 100644
--- a/modules/openssh/manifests/server.pp
+++ b/modules/openssh/manifests/server.pp
@@ -1,6 +1,7 @@
class openssh::server {
# some trick to manage sftp server, who is arch dependent on mdv
- $path_to_sftp = "$::lib_dir/ssh/"
+ # TODO: the path changed on Mageia 6 to /usr/libexec/openssh/sftp-server
+ $path_to_sftp = "${::lib_dir}/ssh/"
package { 'openssh-server': }
diff --git a/modules/openssh/manifests/ssh_keys_from_ldap.pp b/modules/openssh/manifests/ssh_keys_from_ldap.pp
index d35f4d2a..9ea6c139 100644
--- a/modules/openssh/manifests/ssh_keys_from_ldap.pp
+++ b/modules/openssh/manifests/ssh_keys_from_ldap.pp
@@ -1,32 +1,20 @@
-class openssh::ssh_keys_from_ldap($symlink_users = [],
- $config = '') inherits server {
- # root account authorized_keys will be symlinked
- # if you want to add symlink on other accounts, use $symlink_users parameter
-
- File ['/etc/ssh/sshd_config'] {
- content => template('openssh/sshd_config','openssh/sshd_config_ldap')
- }
-
- package { 'python-ldap': }
-
- include openssh::pubkeys_directory
- $pubkeys_directory = $openssh::pubkeys_directory::pubkeys_directory
-
- symlink_user { $symlink_users: }
+class openssh::ssh_keys_from_ldap inherits server {
+ package { 'python3-ldap': }
$ldap_pwfile = '/etc/ldap.secret'
+ $nslcd_conf_file = '/etc/nslcd.conf'
$ldap_servers = get_ldap_servers()
- mga-common::local_script { 'ldap-sshkey2file.py':
+ mga_common::local_script { 'ldap-sshkey2file.py':
content => template('openssh/ldap-sshkey2file.py'),
- require => Package['python-ldap']
+ require => Package['python3-ldap']
}
cron { 'sshkey2file':
- command => '/usr/local/bin/ldap-sshkey2file.py',
+ command => '/bin/bash -c "/usr/local/bin/ldap-sshkey2file.py && ( [[ -f /usr/bin/mgagit && -d /var/lib/git/.gitolite ]] && /bin/su -c \'/usr/bin/mgagit glrun\' - git ) ||:"',
hour => '*',
minute => '*/10',
user => 'root',
environment => 'MAILTO=root',
- require => Local_script['ldap-sshkey2file.py'],
+ require => Mga_common::Local_script['ldap-sshkey2file.py'],
}
}
diff --git a/modules/openssh/manifests/symlink_user.pp b/modules/openssh/manifests/symlink_user.pp
deleted file mode 100644
index f2e107b1..00000000
--- a/modules/openssh/manifests/symlink_user.pp
+++ /dev/null
@@ -1,19 +0,0 @@
-define openssh::symlink_user() {
- include openssh::pubkeys_directory
- $pubkeys_directory = $openssh::pubkeys_directory::pubkeys_directory
- file { "$pubkeys_directory/$name":
- ensure => directory,
- owner => $name,
- group => $name,
- mode => '0700',
- }
-
- file { "$pubkeys_directory/$name/authorized_keys":
- # FIXME : fragile approximation for $HOME
- ensure => link,
- target => "/home/$name/.ssh/authorized_keys",
- mode => '0700',
- }
-}
-
-
generated by cgit v1.2.1 (git 2.21.0) at 2025-11-15 00:22:48 +0000