aboutsummaryrefslogtreecommitdiffstats
path: root/modules/openssh
Commit message (Collapse)AuthorAgeFilesLines
* openssh: Return failure when no keys are updated.Colin Guthrie2015-01-181-2/+15
| | | | We can then use this exit status to run other commands when keys are updated.
* openssh: Only write authorized_keys file when it's differentColin Guthrie2015-01-181-7/+20
| | | | | This saves disk churn and will eventually allow us to take further action when keys actually change.
* openssh: Use temp file when writing keys from LDAP.Colin Guthrie2015-01-181-7/+12
| | | | | | | This helps avoid a race condition when the file is not yet written properly when a new SSH connection from that user comes in. This isn't really a problem in practice, but we may as well do it.
* Revert "Temporary hack to work around LDAP server sync problem"Colin Guthrie2014-09-231-6/+0
| | | | | | This reverts commit cc302084ccf54fb8f067f8dd5d7f7c07ed50b019. Slave LDAP now back cookin' on gas!
* Temporary hack to work around LDAP server sync problemColin Guthrie2014-09-161-0/+6
|
* Partially revert part of r3378 which wasn't meant to be in the commit :(Colin Guthrie2013-12-051-2/+0
|
* Add mgaonline to the freeze exception pkg regexpColin Guthrie2013-12-051-0/+2
|
* openssh::ssh_keys_from_ldap: remove unused parameterNicolas Vigier2013-07-061-1/+1
|
* openssh: switch to standard path for authorized_keys fileNicolas Vigier2013-07-064-53/+1
|
* ldap-sshkey2file.py: export ssh keys to /home directoryNicolas Vigier2013-07-061-5/+14
| | | | Thanks to Colin for help on this
* More mga-common mga_common remaningNicolas Vigier2013-06-191-1/+1
|
* Rename mga-common module to mga_common.Nicolas Vigier2013-06-191-1/+1
| | | | New puppet version doesn't like modules with a - in their name.
* Local_script -> Mga-common::Local_scriptNicolas Vigier2012-12-101-1/+1
|
* openssh: use mga-common::local_scriptNicolas Vigier2012-12-101-1/+1
|
* add explicit variable for the directory holding pubkeysMichael Scherer2012-04-021-0/+2
|
* split a module pubkeys_directory, so we can include it from symlink_user and ↵Michael Scherer2012-04-023-16/+20
| | | | make sure everything is correctly declared
* split ssh_keys_from_ldap in a different fileMichael Scherer2012-04-022-47/+46
|
* fix the definition of the define, and move file to match the nameMichael Scherer2012-03-191-1/+1
|
* rename define to match the real nameMichael Scherer2012-03-191-0/+0
|
* fix missing commaMichael Scherer2012-03-191-1/+1
|
* split symlink into a separate fileMichael Scherer2012-03-192-16/+17
|
* style cleaning, and various fix ( for symlink )Michael Scherer2012-03-191-28/+30
|
* split server in a separate file, and clean the moduleMichael Scherer2012-03-192-18/+16
|
* do not use start tls on ldaps connection, as this produce a tracebackMichael Scherer2012-01-281-1/+2
|
* iuse the new get_ldap_servers to get the list of all ldap serversMichael Scherer2012-01-222-1/+5
|
* clean openssh serviceMichael Scherer2012-01-161-3/+1
|
* fix another errorMichael Scherer2012-01-081-2/+2
|
* fix manifestMichael Scherer2012-01-081-1/+1
|
* cleaning of the openssh moduleMichael Scherer2012-01-081-25/+6
|
* move ldap-sshkey2file.py to openssh module (where it is used)Nicolas Vigier2011-08-212-1/+93
|
* fix openssh manifest, as having a empty template do not work ( contrary to ↵Michael Scherer2011-06-161-1/+1
| | | | what I (wrongly) tested :/ )
* allow to set a extension to the openssh config ( used toMichael Scherer2011-06-151-2/+3
| | | | add Match block )
* fix link for user and ssh keysMichael Scherer2011-06-081-1/+2
|
* use a define to avoid array flattening by puppetMichael Scherer2011-06-081-12/+15
|
* fix syntaxNicolas Vigier2011-06-081-1/+1
|
* add option to add symlinks on authorized_keysNicolas Vigier2011-06-081-1/+17
|
* fix syntaxNicolas Vigier2011-05-241-1/+1
|
* add cron for ldap-sshkey2file every 10 minutesNicolas Vigier2011-05-241-1/+10
|
* - seems I cannot use the variable in the templateMichael Scherer2011-01-171-1/+1
|
* - fix directory ( this prevent login on rabbit )Michael Scherer2011-01-171-1/+1
|
* reenable the module, to use on rabbitMichael Scherer2011-01-141-3/+3
|
* disable update of sshd_config with ldap for nowNicolas Vigier2011-01-071-3/+3
|
* disable tcp forwarding, so people cannot use our svn server to bounce to ↵Michael Scherer2011-01-071-1/+1
| | | | others server
* the previous trick didn't work as tags are dependent in the order ofMichael Scherer2010-11-233-24/+28
| | | | declaration ( and that's bad (tm) ). This one is safer.
* move the ldap key from ssh logic to openssh module ( more logical ), and add ↵Michael Scherer2010-11-232-0/+44
| | | | the hook in openssh config file
* - use pam for openssh ( I am not sure if we need to restrict its useMichael Scherer2010-11-231-1/+1
| | | | only on ldap hosts )
* - do not let file with passwords to be world readable Michael Scherer2010-11-201-6/+1
| | | | | | | | ( even if being readable by apache is not good either, but needed as the password is used by apache ) - use ldaps for sympa - use the 2 new facter macro and remove the version copied everywhere - remove hardcoded domain in bugzilla and others
* - add openssh moduleMichael Scherer2010-10-262-0/+152
generated by cgit v1.2.1 (git 2.21.0) at 2024-07-21 23:44:45 +0000