/[adm]/puppet/modules/pam/manifests/init.pp
ViewVC logotype

Annotation of /puppet/modules/pam/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 410 - (hide annotations) (download)
Tue Nov 23 01:11:14 2010 UTC (13 years, 4 months ago) by misc
File size: 1393 byte(s) 
class was renamed 3 commits ago
1 misc 265 class pam {
2    
3 misc 266 class base {
4 misc 390 package { ["pam_ldap","nss_ldap","nscd"]:
5 misc 266 ensure => installed,
6     }
7 misc 265
8 misc 390 service { nscd:
9     ensure => running,
10     path => '/etc/init.d/nscd',
11     }
12    
13 misc 266 file { "system-auth":
14     path => "/etc/pam.d/system-auth",
15     owner => root,
16     group => root,
17     mode => 644,
18 misc 267 content => template("pam/system-auth")
19 misc 266 }
20 misc 267
21     file { "nsswitch.conf":
22     path => "/etc/nsswitch.conf",
23     owner => root,
24     group => root,
25     mode => 644,
26 misc 269 content => template("pam/nsswitch.conf")
27 misc 267 }
28 misc 377
29 misc 391 $ldap_password = extlookup("${fqdn}_ldap_password",'x')
30     file { "ldap.secret":
31     path => "/etc/ldap.secret",
32     owner => root,
33     group => root,
34     mode => 600,
35     content => $ldap_password
36     }
37 misc 377
38 misc 269 file { "ldap.conf":
39     path => "/etc/ldap.conf",
40     owner => root,
41     group => root,
42     mode => 644,
43     content => template("pam/ldap.conf")
44     }
45 misc 266 }
46 misc 265
47     # for server where only admin can connect
48 misc 266 class admin_access inherits base {
49 misc 265 $access_class = "admin"
50 misc 266 # not sure if this line is needed anymore, wil check later
51 misc 265 }
52    
53     # for server where people can connect with ssh ( git, svn )
54 misc 266 class commiters_access inherits base {
55 misc 410 include restrictshell::shell
56 misc 265 $access_class = "commiters"
57     }
58     }
  ViewVC Help
Powered by ViewVC 1.1.30