diff options
author | Michael Scherer <misc@mageia.org> | 2010-11-23 23:17:47 +0000 |
---|---|---|
committer | Michael Scherer <misc@mageia.org> | 2010-11-23 23:17:47 +0000 |
commit | 0b64c47717c4483cc519e0f739bf0d4972f2277a (patch) | |
tree | 8ce211f47cf71c609ce9d9e2fc4919d8c7025fd3 /modules/openssh/manifests | |
parent | 0773748d9802ba93ed2594f9807cd8064aeecfe5 (diff) | |
download | puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar.gz puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar.bz2 puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.tar.xz puppet-0b64c47717c4483cc519e0f739bf0d4972f2277a.zip |
move the ldap key from ssh logic to openssh module ( more logical ), and add the hook in openssh config file
Diffstat (limited to 'modules/openssh/manifests')
-rw-r--r-- | modules/openssh/manifests/init.pp | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/modules/openssh/manifests/init.pp b/modules/openssh/manifests/init.pp index e55660fd..d3d0c78c 100644 --- a/modules/openssh/manifests/init.pp +++ b/modules/openssh/manifests/init.pp @@ -22,4 +22,43 @@ class openssh { require => Package["openssh-server"], content => template("openssh/sshd_config") } + + + class ssh_keys_from_ldap { + + package { 'python-ldap': + ensure => installed, + } + + $pubkeys_directory = "/var/lib/pubkeys" + file { $pubkeys_directory: + ensure => directory, + owner => root, + group => root, + mode => 755, + # before => Class["openssh"] + } + + file { "$pubkeys_directory/root": + ensure => directory, + owner => root, + group => root, + mode => 700, + } + + file { "$pubkeys_directory/root/authorized_keys": + ensure => "/root/.ssh/authorized_keys", + mode => 700, + } + + $ldap_pwfile = "/etc/ldap.secret" + file { '/usr/local/bin/ldap-sshkey2file.py': + ensure => present, + owner => root, + group => root, + mode => 755, + content => template("restrictshell/ldap-sshkey2file.py"), + require => Package['python-ldap'] + } + } } |