/[adm]/puppet/modules/pam/manifests/base.pp
ViewVC logotype

Annotation of /puppet/modules/pam/manifests/base.pp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2935 - (hide annotations) (download)
Tue Dec 11 18:56:35 2012 UTC (10 years, 11 months ago) by boklm
File size: 690 byte(s) 
Make pam::multiple_ldap_access a class instead of a define

pam::multiple_ldap_access can only be included once. If it is included
multiple time, the value of the variable $access_classes used in
templates/system-auth is random. As it can only be included once, it
should be a parameterized class and not a defined resource.
1 misc 2597 class pam::base {
2 boklm 2935 include pam::multiple_ldap_access
3 misc 2597 package { ['pam_ldap','nss_ldap','nscd']: }
4    
5     service { 'nscd':
6     require => Package['nscd'],
7     }
8    
9     file {
10     '/etc/pam.d/system-auth':
11     content => template('pam/system-auth');
12     '/etc/nsswitch.conf':
13     content => template('pam/nsswitch.conf');
14     '/etc/ldap.conf':
15     content => template('pam/ldap.conf');
16     '/etc/openldap/ldap.conf':
17     content => template('pam/openldap.ldap.conf');
18     }
19    
20     $ldap_password = extlookup("${::fqdn}_ldap_password",'x')
21     file { '/etc/ldap.secret':
22     mode => '0600',
23     content => $ldap_password
24     }
25     }
  ViewVC Help
Powered by ViewVC 1.1.28