| 1 |
class pam { |
class pam { |
| 2 |
|
class base { |
| 3 |
|
package { ["pam_ldap","nss_ldap","nscd"]: } |
| 4 |
|
|
| 5 |
class base { |
service { nscd: |
| 6 |
package { ["pam_ldap","nss_ldap","nscd"]: |
ensure => running, |
| 7 |
ensure => installed, |
path => '/etc/init.d/nscd', |
| 8 |
} |
} |
| 9 |
|
|
| 10 |
service { nscd: |
file { |
| 11 |
ensure => running, |
"/etc/pam.d/system-auth": content => template("pam/system-auth"); |
| 12 |
path => '/etc/init.d/nscd', |
"/etc/nsswitch.conf": content => template("pam/nsswitch.conf"); |
| 13 |
} |
"/etc/ldap.conf": content => template("pam/ldap.conf"); |
| 14 |
|
} |
| 15 |
file { "system-auth": |
|
| 16 |
path => "/etc/pam.d/system-auth", |
$ldap_password = extlookup("${fqdn}_ldap_password",'x') |
| 17 |
owner => root, |
file { "ldap.secret": |
| 18 |
group => root, |
path => "/etc/ldap.secret", |
| 19 |
mode => 644, |
mode => 600, |
| 20 |
content => template("pam/system-auth") |
content => $ldap_password |
| 21 |
} |
} |
| 22 |
|
} |
|
file { "nsswitch.conf": |
|
|
path => "/etc/nsswitch.conf", |
|
|
owner => root, |
|
|
group => root, |
|
|
mode => 644, |
|
|
content => template("pam/nsswitch.conf") |
|
|
} |
|
|
|
|
|
$ldap_password = extlookup("${fqdn}_ldap_password",'x') |
|
|
file { "ldap.secret": |
|
|
path => "/etc/ldap.secret", |
|
|
owner => root, |
|
|
group => root, |
|
|
mode => 600, |
|
|
content => $ldap_password |
|
|
} |
|
|
|
|
|
file { "ldap.conf": |
|
|
path => "/etc/ldap.conf", |
|
|
owner => root, |
|
|
group => root, |
|
|
mode => 644, |
|
|
content => template("pam/ldap.conf") |
|
|
} |
|
|
} |
|
| 23 |
|
|
| 24 |
define multiple_ldap_access($access_classes,$restricted_shell = false) { |
define multiple_ldap_access($access_classes,$restricted_shell = false) { |
| 25 |
if $restricted_shell { |
if $restricted_shell { |
| 26 |
include restrictshell |
include restrictshell |
| 27 |
|
} |
| 28 |
|
include base |
| 29 |
} |
} |
|
include base |
|
|
} |
|
| 30 |
} |
} |
Parent Directory
| 
Revision Log
| 
Patch