1 |
misc |
265 |
class pam { |
2 |
misc |
2228 |
class base { |
3 |
|
|
package { ["pam_ldap","nss_ldap","nscd"]: } |
4 |
misc |
265 |
|
5 |
misc |
2228 |
service { nscd: |
6 |
misc |
2412 |
require => Package['nscd'], |
7 |
misc |
2228 |
} |
8 |
misc |
265 |
|
9 |
misc |
2228 |
file { |
10 |
|
|
"/etc/pam.d/system-auth": content => template("pam/system-auth"); |
11 |
|
|
"/etc/nsswitch.conf": content => template("pam/nsswitch.conf"); |
12 |
|
|
"/etc/ldap.conf": content => template("pam/ldap.conf"); |
13 |
misc |
2413 |
"/etc/openldap/ldap.conf": content => template("pam/openldap.ldap.conf"); |
14 |
misc |
2228 |
} |
15 |
misc |
390 |
|
16 |
misc |
2228 |
$ldap_password = extlookup("${fqdn}_ldap_password",'x') |
17 |
|
|
file { "ldap.secret": |
18 |
|
|
path => "/etc/ldap.secret", |
19 |
|
|
mode => 600, |
20 |
|
|
content => $ldap_password |
21 |
|
|
} |
22 |
|
|
} |
23 |
misc |
267 |
|
24 |
misc |
2228 |
define multiple_ldap_access($access_classes,$restricted_shell = false) { |
25 |
|
|
if $restricted_shell { |
26 |
|
|
include restrictshell |
27 |
|
|
} |
28 |
|
|
include base |
29 |
misc |
785 |
} |
30 |
misc |
265 |
} |