[Mageia-sysadm] [406] - rewrite restricted_shell, and split the shell in its own subclass
root at mageia.org
root at mageia.org
Tue Nov 23 02:11:07 CET 2010
Revision: 406
Author: misc
Date: 2010-11-23 02:11:07 +0100 (Tue, 23 Nov 2010)
Log Message:
-----------
- rewrite restricted_shell, and split the shell in its own subclass
Modified Paths:
--------------
puppet/modules/pam/manifests/init.pp
puppet/modules/restrictshell/manifests/init.pp
Modified: puppet/modules/pam/manifests/init.pp
===================================================================
--- puppet/modules/pam/manifests/init.pp 2010-11-22 23:30:59 UTC (rev 405)
+++ puppet/modules/pam/manifests/init.pp 2010-11-23 01:11:07 UTC (rev 406)
@@ -52,6 +52,7 @@
# for server where people can connect with ssh ( git, svn )
class commiters_access inherits base {
+ include restricted_shell::shell
$access_class = "commiters"
}
}
Modified: puppet/modules/restrictshell/manifests/init.pp
===================================================================
--- puppet/modules/restrictshell/manifests/init.pp 2010-11-22 23:30:59 UTC (rev 405)
+++ puppet/modules/restrictshell/manifests/init.pp 2010-11-23 01:11:07 UTC (rev 406)
@@ -1,55 +1,55 @@
class restrictshell {
- $allow_svn = "0"
- $allow_git = "0"
- $allow_rsync = "0"
- $allow_pkgsubmit = "0"
+ class shell {
+ file { '/usr/local/bin/sv_membersh.pl':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 755,
+ content => template("restrictshell/sv_membersh.pl"),
+ }
+ }
- $ldap_pwfile = "/etc/ldap.secret"
+ class base {
+ include shell
+ $allow_svn = "0"
+ $allow_git = "0"
+ $allow_rsync = "0"
+ $allow_pkgsubmit = "0"
- class allow_svn_git_pkgsubmit {
- $allow_svn = "1"
- $allow_git = "1"
- $allow_pkgsubmit = "1"
- }
+ $ldap_pwfile = "/etc/ldap.secret"
+ file { '/etc/membersh-conf.pl':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 755,
+ content => template("restrictshell/membersh-conf.pl"),
+ }
- file { '/usr/local/bin/sv_membersh.pl':
- ensure => present,
- owner => root,
- group => root,
- mode => 755,
- content => template("restrictshell/sv_membersh.pl"),
- }
+ package { 'python-ldap':
+ ensure => installed,
+ }
- file { '/etc/membersh-conf.pl':
- ensure => present,
- owner => root,
- group => root,
- mode => 755,
- content => template("restrictshell/membersh-conf.pl"),
- }
+ $pubkeys_directory = "/var/lib/pubkeys"
+ file { $pubkeys_directory:
+ ensure => directory,
+ owner => root,
+ group => root,
+ mode => 755,
+ }
- package { 'python-ldap':
- ensure => installed,
- }
+ file { '/usr/local/bin/ldap-sshkey2file.py':
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 755,
+ content => template("restrictshell/ldap-sshkey2file.py"),
+ requires => Package['python-ldap']
+ }
+ }
- $pubkeys_directory = "/var/lib/pubkeys"
- file { $pubkeys_directory:
- ensure => directory,
- owner => root,
- group => root,
- mode => 755,
- }
-
- file { '/usr/local/bin/ldap-sshkey2file.py':
- ensure => present,
- owner => root,
- group => root,
- mode => 755,
- content => template("restrictshell/ldap-sshkey2file.py"),
- requires => Package['python-ldap']
- }
-
-
-
-
+ class allow_svn_git_pkgsubmit inherits base {
+ $allow_svn = "1"
+ $allow_git = "1"
+ $allow_pkgsubmit = "1"
+ }
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-sysadm/attachments/20101123/6e7a009e/attachment.html>
More information about the Mageia-sysadm
mailing list