1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-sysadm] [450] s/commiters/committers/, to be in sync with the ldap group name and the dictionnary
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5B450%5D%20s/commiters/committers/%2C%0A%20to%20be%20in%20sync%20with%20the%20ldap%20group%20name%20and%20the%20dictionnary&In-Reply-To=%3C20101124020832.74C203FD42%40valstar.mageia.org%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000883.html">
<LINK REL="Next" HREF="000885.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-sysadm] [450] s/commiters/committers/, to be in sync with the ldap group name and the dictionnary</H1>
<B>root at mageia.org</B>
<A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5B450%5D%20s/commiters/committers/%2C%0A%20to%20be%20in%20sync%20with%20the%20ldap%20group%20name%20and%20the%20dictionnary&In-Reply-To=%3C20101124020832.74C203FD42%40valstar.mageia.org%3E"
TITLE="[Mageia-sysadm] [450] s/commiters/committers/, to be in sync with the ldap group name and the dictionnary">root at mageia.org
</A><BR>
<I>Wed Nov 24 03:08:32 CET 2010</I>
<P><UL>
<LI>Previous message: <A HREF="000883.html">[Mageia-sysadm] [449] move the group restriction at the top of the file, or they are useless
</A></li>
<LI>Next message: <A HREF="000885.html">[Mageia-sysadm] [451] restrict login to people of the group mga-commiters ( previous try was
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#884">[ date ]</a>
<a href="thread.html#884">[ thread ]</a>
<a href="subject.html#884">[ subject ]</a>
<a href="author.html#884">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>Revision: 450
Author: misc
Date: 2010-11-24 03:08:32 +0100 (Wed, 24 Nov 2010)
Log Message:
-----------
s/commiters/committers/, to be in sync with the ldap group name and the dictionnary
Modified Paths:
--------------
puppet/manifests/nodes.pp
puppet/modules/pam/manifests/init.pp
puppet/modules/pam/templates/system-auth
Modified: puppet/manifests/nodes.pp
===================================================================
--- puppet/manifests/nodes.pp 2010-11-24 01:39:17 UTC (rev 449)
+++ puppet/manifests/nodes.pp 2010-11-24 02:08:32 UTC (rev 450)
@@ -22,7 +22,7 @@
include ssh::auth::keymaster
include buildsystem::mainnode
- include pam::commiters_access
+ include pam::committers_access
include restrictshell::allow_svn
subversion::snapshot { "/etc/puppet":
Modified: puppet/modules/pam/manifests/init.pp
===================================================================
--- puppet/modules/pam/manifests/init.pp 2010-11-24 01:39:17 UTC (rev 449)
+++ puppet/modules/pam/manifests/init.pp 2010-11-24 02:08:32 UTC (rev 450)
@@ -50,13 +50,13 @@
}
# for server where people can connect with ssh ( git, svn )
- class commiters_access inherits base {
+ class committers_access inherits base {
# this is required, as we force the shell to be the restricted one
# openssh will detect if the file do not exist and while refuse to log the
# user, and erase the password ( see pam_auth.c in openssh code, seek badpw )
# so the file must exist
# permission to use svn, git, etc must be added separatly
include restrictshell::shell
- $access_class = "commiters"
+ $access_class = "committers"
}
}
Modified: puppet/modules/pam/templates/system-auth
===================================================================
--- puppet/modules/pam/templates/system-auth 2010-11-24 01:39:17 UTC (rev 449)
+++ puppet/modules/pam/templates/system-auth 2010-11-24 02:08:32 UTC (rev 450)
@@ -2,8 +2,8 @@
<%- if access_class = 'admin' -%>
auth required pam_succeed_if.so quiet user ingroup mga-sysadmin
<%- end -%>
-<%- if access_class = 'commiters' -%>
-auth required pam_succeed_if.so quiet user ingroup mga-commiters
+<%- if access_class = 'committers' -%>
+auth required pam_succeed_if.so quiet user ingroup mga-committers
<%- end -%>
# this part is here if the module don't exist
# basically, the idea is to copy the exact detail of sufficient,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-sysadm/attachments/20101124/1488153c/attachment.html>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000883.html">[Mageia-sysadm] [449] move the group restriction at the top of the file, or they are useless
</A></li>
<LI>Next message: <A HREF="000885.html">[Mageia-sysadm] [451] restrict login to people of the group mga-commiters ( previous try was
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#884">[ date ]</a>
<a href="thread.html#884">[ thread ]</a>
<a href="subject.html#884">[ subject ]</a>
<a href="author.html#884">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm
mailing list</a><br>
</body></html>
|
