diff options
Diffstat (limited to 'zarb-ml/mageia-sysadm/attachments/20101117/15a9175d/attachment.html')
| -rw-r--r-- | zarb-ml/mageia-sysadm/attachments/20101117/15a9175d/attachment.html | 252 |
1 files changed, 252 insertions, 0 deletions
diff --git a/zarb-ml/mageia-sysadm/attachments/20101117/15a9175d/attachment.html b/zarb-ml/mageia-sysadm/attachments/20101117/15a9175d/attachment.html new file mode 100644 index 000000000..db2a7a0ba --- /dev/null +++ b/zarb-ml/mageia-sysadm/attachments/20101117/15a9175d/attachment.html @@ -0,0 +1,252 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" +"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /> +<title>[265] - add a proto module for taking care of pam ( need pam_ldap, etc support, and a review of the pam config file too )</title> +</head> +<body> + +<style type="text/css"><!-- +#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; } +#msg dl.meta dt { float: left; width: 6em; font-weight: bold; } +#msg dt:after { content:':';} +#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; } +#msg dl a { font-weight: bold} +#msg dl a:link { color:#fc3; } +#msg dl a:active { color:#ff0; } +#msg dl a:visited { color:#cc6; } +h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; } +#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; } +#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; } +#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; } +#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; } +#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; } +#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; } +#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; } +#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; } +#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; } +#logmsg pre { background: #eee; padding: 1em; } +#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;} +#logmsg dl { margin: 0; } +#logmsg dt { font-weight: bold; } +#logmsg dd { margin: 0; padding: 0 0 0.5em 0; } +#logmsg dd:before { content:'\00bb';} +#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; } +#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; } +#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; } +#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; } +#logmsg table th.Corner { text-align: left; } +#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; } +#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; } +#patch { width: 100%; } +--></style> +<div id="msg"> +<dl class="meta"> +<dt>Revision</dt> <dd>265</dd> +<dt>Author</dt> <dd>misc</dd> +<dt>Date</dt> <dd>2010-11-17 16:35:10 +0100 (Wed, 17 Nov 2010)</dd> +</dl> + +<h3>Log Message</h3> +<pre>- add a proto module for taking care of pam ( need pam_ldap, etc support, and a review of the pam config file too )</pre> + +<h3>Modified Paths</h3> +<ul> +<li><a href="#puppetmodulesapachetemplatesvhost_catalyst_appconf">puppet/modules/apache/templates/vhost_catalyst_app.conf</a></li> +<li><a href="#puppetmodulesapachetemplatesvhost_django_appconf">puppet/modules/apache/templates/vhost_django_app.conf</a></li> +<li><a href="#puppetmodulesbuildsystemmanifestsinitpp">puppet/modules/buildsystem/manifests/init.pp</a></li> +<li><a href="#puppetmodulespostfixmanifestsinitpp">puppet/modules/postfix/manifests/init.pp</a></li> +<li><a href="#puppetmodulestransifexmanifestsinitpp">puppet/modules/transifex/manifests/init.pp</a></li> +</ul> + +<h3>Added Paths</h3> +<ul> +<li>puppet/modules/pam/</li> +<li>puppet/modules/pam/manifests/</li> +<li><a href="#puppetmodulespammanifestsinitpp">puppet/modules/pam/manifests/init.pp</a></li> +<li>puppet/modules/pam/templates/</li> +<li><a href="#puppetmodulespamtemplatessystemauth">puppet/modules/pam/templates/system-auth</a></li> +</ul> + +</div> +<div id="patch"><pre> +<a id="puppetmodulesapachetemplatesvhost_catalyst_appconf">Modified: puppet/modules/apache/templates/vhost_catalyst_app.conf</a> +=================================================================== +--- puppet/modules/apache/templates/vhost_catalyst_app.conf 2010-11-17 15:13:07 UTC (rev 264) ++++ puppet/modules/apache/templates/vhost_catalyst_app.conf 2010-11-17 15:35:10 UTC (rev 265) +@@ -15,6 +15,8 @@ + ServerName <%= name %> + # Serve static content directly + DocumentRoot /dev/null ++# header ++ + <% if location then %> + Alias /static <%= location %>/root/static + <% end %> + +<a id="puppetmodulesapachetemplatesvhost_django_appconf">Modified: puppet/modules/apache/templates/vhost_django_app.conf</a> +=================================================================== +--- puppet/modules/apache/templates/vhost_django_app.conf 2010-11-17 15:13:07 UTC (rev 264) ++++ puppet/modules/apache/templates/vhost_django_app.conf 2010-11-17 15:35:10 UTC (rev 265) +@@ -4,7 +4,7 @@ + DocumentRoot /dev/null + + WSGIScriptAlias / /usr/local/lib/wsgi/<%= name %>.wsgi +- ++#footer + <Location /> + Allow from all + </Location> + +<a id="puppetmodulesbuildsystemmanifestsinitpp">Modified: puppet/modules/buildsystem/manifests/init.pp</a> +=================================================================== +--- puppet/modules/buildsystem/manifests/init.pp 2010-11-17 15:13:07 UTC (rev 264) ++++ puppet/modules/buildsystem/manifests/init.pp 2010-11-17 15:35:10 UTC (rev 265) +@@ -4,6 +4,22 @@ + include iurt + } + ++ class scheduler { ++ # ulri ++ } ++ ++ class dispatcher { ++ # emi ++ } ++ ++ class repsys { ++ package { 'repsys': ++ ++ } ++ ++ ++ } ++ + class iurt { + include sudo + + +<a id="puppetmodulespammanifestsinitpp">Added: puppet/modules/pam/manifests/init.pp</a> +=================================================================== +--- puppet/modules/pam/manifests/init.pp (rev 0) ++++ puppet/modules/pam/manifests/init.pp 2010-11-17 15:35:10 UTC (rev 265) +@@ -0,0 +1,27 @@ ++class pam { ++ ++ package { ["pam_ldap","nss_ldap", "pam_mkhomedir"]: ++ ensure => installed, ++ } ++ ++ ++ file { "system-auth": ++ path => "/etc/pam.d/system-auth", ++ owner => root, ++ group => root, ++ mode => 644, ++ content => template("openldap/system-auth") ++ } ++ ++ # for server where only admin can connect ++ class admin_access { ++ $access_class = "admin" ++ file { "system-auth": } ++ } ++ ++ # for server where people can connect with ssh ( git, svn ) ++ class commiters_access { ++ $access_class = "commiters" ++ file { "system-auth": } ++ } ++} + +<a id="puppetmodulespamtemplatessystemauth">Added: puppet/modules/pam/templates/system-auth</a> +=================================================================== +--- puppet/modules/pam/templates/system-auth (rev 0) ++++ puppet/modules/pam/templates/system-auth 2010-11-17 15:35:10 UTC (rev 265) +@@ -0,0 +1,35 @@ ++auth required pam_env.so ++# this part is here if the module don't exist ++# basically, the idea is to copy the exact detail of sufficient, ++# and add abort=ignore ++auth [abort=ignore success=done new_authtok_reqd=done default=ignore] pam_tcb.so shadow fork nullok prefix=$2a$ count=8 ++auth sufficient pam_unix.so likeauth nullok ++auth sufficient pam_ldap.so use_first_pass ++<% if access_class = 'admin' %> ++auth required pam_wheel.so group=mga-sysadmin ++<% end %> ++<% if access_class = 'commiters' %> ++auth required pam_wheel.so group=mga-commiters ++<% end %> ++auth required pam_deny.so ++ ++ ++account sufficient pam_localuser.so ++account sufficient pam_ldap.so ++account required pam_deny.so ++ ++ ++password required pam_cracklib.so retry=3 minlen=8 dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1 dcredit=0 ucredit=0 ucredit=0 ++# TODO check this part too ++password sufficient pam_tcb.so use_authtok shadow write_to=shadow fork nullok prefix=$2a$ count=8 abort=ignore ++password sufficient pam_ldap.so use_authtok ++password sufficient pam_unix.so use_authtok nullok md5 shadow ++password required pam_deny.so ++ ++session optional pam_keyinit.so revoke ++# optional if there is a problem when creating the account ++session optional pam_mkhomedir.so ++session required pam_limits.so ++session required pam_unix.so ++session optional pam_ldap.so ++ + +<a id="puppetmodulespostfixmanifestsinitpp">Modified: puppet/modules/postfix/manifests/init.pp</a> +=================================================================== +--- puppet/modules/postfix/manifests/init.pp 2010-11-17 15:13:07 UTC (rev 264) ++++ puppet/modules/postfix/manifests/init.pp 2010-11-17 15:35:10 UTC (rev 265) +@@ -4,7 +4,7 @@ + package { postfix: + ensure => installed + } +- package { 'nail': ++ package { 'nail': + ensure => installed + } + service { postfix: +@@ -30,4 +30,17 @@ + content => template("postfix/simple_relay_main.cf"), + } + } ++ ++ class primary_smtp inherits base { ++ file { '/etc/postfix/main.cf': ++ content => template("postfix/primary_main.cf"), ++ } ++ } ++ ++ class secondary_smtp inherits base { ++ file { '/etc/postfix/main.cf': ++ content => template("postfix/secondary_main.cf"), ++ } ++ } ++ + } + +<a id="puppetmodulestransifexmanifestsinitpp">Modified: puppet/modules/transifex/manifests/init.pp</a> +=================================================================== +--- puppet/modules/transifex/manifests/init.pp 2010-11-17 15:13:07 UTC (rev 264) ++++ puppet/modules/transifex/manifests/init.pp 2010-11-17 15:35:10 UTC (rev 265) +@@ -12,4 +12,8 @@ + mode => 755, + content => template("transifex/20-engines.conf") + } ++ ++ apache::vhost_django_app { "transifex.$domain": ++ module => "transifex" ++ } + } + +</pre></div> + +</body> +</html>
\ No newline at end of file |