Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | pam: remove "dynamic lookup" warnings | Nicolas Vigier | 2012-12-18 | 2 | -1/+5 |
| | |||||
* | Make pam::multiple_ldap_access a class instead of a define | Nicolas Vigier | 2012-12-11 | 2 | -1/+2 |
| | | | | | | | pam::multiple_ldap_access can only be included once. If it is included multiple time, the value of the variable $access_classes used in templates/system-auth is random. As it can only be included once, it should be a parameterized class and not a defined resource. | ||||
* | split pam module into 3 files | Michael Scherer | 2012-03-17 | 3 | -30/+31 |
| | |||||
* | manage /etc/openldap/ldap.conf by puppet | Michael Scherer | 2012-02-15 | 2 | -0/+27 |
| | |||||
* | clean nscd service | Michael Scherer | 2012-02-15 | 1 | -2/+1 |
| | |||||
* | cleanup and refactoring of pam module | Michael Scherer | 2012-01-08 | 1 | -46/+23 |
| | |||||
* | we do not use mdns on servers, so remove it as it seems to cause trouble | Michael Scherer | 2011-05-24 | 1 | -1/+1 |
| | | | | | on mandriva 2010.0, as used on gandi vm | ||||
* | fix wrong class name | Michael Scherer | 2011-01-13 | 1 | -1/+1 |
| | |||||
* | - allow to set access without forcing the restricted shell ( should | Michael Scherer | 2011-01-13 | 2 | -2/+5 |
| | | | | be done by openssh in fact, but that's easier to do like this for now ) | ||||
* | move the type of access_class to deployment ( as this is tied to our group ↵ | Michael Scherer | 2011-01-13 | 1 | -26/+0 |
| | | | | name ) | ||||
* | allow to use multiple group for the access with pam | Michael Scherer | 2011-01-13 | 2 | -11/+21 |
| | |||||
* | restrict login to people of the group mga-commiters ( previous try was | Michael Scherer | 2010-11-24 | 2 | -9/+13 |
| | | | | not working with ssh key ) | ||||
* | s/commiters/committers/, to be in sync with the ldap group name and the ↵ | Michael Scherer | 2010-11-24 | 2 | -4/+4 |
| | | | | dictionnary | ||||
* | move the group restriction at the top of the file, or they are useless | Michael Scherer | 2010-11-24 | 1 | -7/+7 |
| | |||||
* | pam_wheel is made to be used with su only. pam_succeed_if seems to be the ↵ | Michael Scherer | 2010-11-24 | 1 | -2/+2 |
| | | | | proper module | ||||
* | remove empty line from the result file ( <% vs <%- ) | Michael Scherer | 2010-11-24 | 1 | -4/+4 |
| | |||||
* | - add a comment so I do not have the impression to have | Michael Scherer | 2010-11-23 | 1 | -2/+6 |
| | | | | lost 4h on debugging pam_ldap and openssh | ||||
* | class was renamed 3 commits ago | Michael Scherer | 2010-11-23 | 1 | -1/+1 |
| | |||||
* | - rewrite restricted_shell, and split the shell in its own subclass | Michael Scherer | 2010-11-23 | 1 | -0/+1 |
| | |||||
* | Add timelimits for nss_ldap, enable password policy | Buchan Milne | 2010-11-22 | 1 | -1/+3 |
| | |||||
* | - set the ldap password in /etc/ldap.secret | Michael Scherer | 2010-11-22 | 1 | -1/+8 |
| | |||||
* | - make sure nscd is installed and running | Michael Scherer | 2010-11-22 | 1 | -1/+6 |
| | |||||
* | - use the rootbinddn as preconized by buchan ( and let all access goes | Michael Scherer | 2010-11-22 | 1 | -2/+2 |
| | | | | through nscd ) | ||||
* | - use the first pass if proposed ( or pam ask the password 2 times ) | Michael Scherer | 2010-11-22 | 1 | -1/+1 |
| | |||||
* | - add default password of x, so manifests do not fail on test vms | Michael Scherer | 2010-11-22 | 1 | -1/+1 |
| | |||||
* | - add nssldap password handling | Michael Scherer | 2010-11-22 | 2 | -1/+5 |
| | |||||
* | - ldaps is required ( ie no unencrypted connection ) | Michael Scherer | 2010-11-22 | 1 | -1/+1 |
| | |||||
* | - remove erronous line ( and uneeded ), as this cause error when applying ↵ | Michael Scherer | 2010-11-22 | 1 | -2/+0 |
| | | | | about "ressource already declared" | ||||
* | - pam_mkhomedir is in pam, not in a separate rpm | Michael Scherer | 2010-11-22 | 1 | -1/+1 |
| | |||||
* | - do not let file with passwords to be world readable | Michael Scherer | 2010-11-20 | 1 | -3/+0 |
| | | | | | | | | ( even if being readable by apache is not good either, but needed as the password is used by apache ) - use ldaps for sympa - use the 2 new facter macro and remove the version copied everywhere - remove hardcoded domain in bugzilla and others | ||||
* | - fix templates ( again ) | Michael Scherer | 2010-11-17 | 2 | -1/+30 |
| | | | | | - add ldap.conf | ||||
* | - fix templates | Michael Scherer | 2010-11-17 | 2 | -1/+25 |
| | | | | | - add nsswitch.conf | ||||
* | - better use heritance | Michael Scherer | 2010-11-17 | 1 | -13/+15 |
| | |||||
* | - add a proto module for taking care of pam ( need pam_ldap, etc support, ↵ | Michael Scherer | 2010-11-17 | 2 | -0/+62 |
and a review of the pam config file too ) |