From f4c5d26c1530250bee5166fb69e2c7e7f72393d2 Mon Sep 17 00:00:00 2001
From: Nicolas Vigier <boklm@mageia.org>
Date: Wed, 8 Jun 2011 14:40:47 +0000
Subject: add option to add symlinks on authorized_keys

---
 modules/openssh/manifests/init.pp | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

(limited to 'modules/openssh/manifests')

diff --git a/modules/openssh/manifests/init.pp b/modules/openssh/manifests/init.pp
index 18f921b1..38c6fdee 100644
--- a/modules/openssh/manifests/init.pp
+++ b/modules/openssh/manifests/init.pp
@@ -25,7 +25,9 @@ class openssh {
         }
     }
 
-    class ssh_keys_from_ldap inherits server {
+    # root account authorized_keys will be symlinked
+    # if you want to add symlink on other accounts, use $symlink_users parameter
+    class ssh_keys_from_ldap($symlink_users = false) inherits server {
 
         File ["/etc/ssh/sshd_config"] {
             content => template("openssh/sshd_config","openssh/sshd_config_ldap")
@@ -56,6 +58,20 @@ class openssh {
             mode => 700,
         }
 
+	if $symlink_users {
+	    file { "$pubkeys_directory/$symlink_users":
+		ensure => directory,
+		owner => $symlink_users,
+		group => $symlink_users,
+		mode => 700,
+	    }
+
+	    file { "$pubkeys_directory/$symlink_users/authorized_keys":
+		ensure => "/home/$symlink_users/.ssh/authorized_keys",
+		mode => 700,
+	    }
+	}
+
 	$sshkey2file = "/usr/local/bin/ldap-sshkey2file.py"
         $ldap_pwfile = "/etc/ldap.secret"
         file { $sshkey2file:
-- 
cgit v1.2.1