| 1 |
class pam { |
| 2 |
|
| 3 |
class base { |
| 4 |
package { ["pam_ldap","nss_ldap"]: |
| 5 |
ensure => installed, |
| 6 |
} |
| 7 |
|
| 8 |
file { "system-auth": |
| 9 |
path => "/etc/pam.d/system-auth", |
| 10 |
owner => root, |
| 11 |
group => root, |
| 12 |
mode => 644, |
| 13 |
content => template("pam/system-auth") |
| 14 |
} |
| 15 |
|
| 16 |
file { "nsswitch.conf": |
| 17 |
path => "/etc/nsswitch.conf", |
| 18 |
owner => root, |
| 19 |
group => root, |
| 20 |
mode => 644, |
| 21 |
content => template("pam/nsswitch.conf") |
| 22 |
} |
| 23 |
|
| 24 |
$nssldap_password = extlookup("nssldap_password",'x') |
| 25 |
|
| 26 |
file { "ldap.conf": |
| 27 |
path => "/etc/ldap.conf", |
| 28 |
owner => root, |
| 29 |
group => root, |
| 30 |
mode => 644, |
| 31 |
content => template("pam/ldap.conf") |
| 32 |
} |
| 33 |
} |
| 34 |
|
| 35 |
# for server where only admin can connect |
| 36 |
class admin_access inherits base { |
| 37 |
$access_class = "admin" |
| 38 |
# not sure if this line is needed anymore, wil check later |
| 39 |
} |
| 40 |
|
| 41 |
# for server where people can connect with ssh ( git, svn ) |
| 42 |
class commiters_access inherits base { |
| 43 |
$access_class = "commiters" |
| 44 |
} |
| 45 |
} |
Parent Directory
| 
Revision Log