Maintenance: GitLab GKE platform upgrade and software upgrade on Friday Oct. 22 at 9 p.m. Service may not be available between 9 p.m. and 9:20 p.m.

keytab.pp 1.04 KB
Newer Older
1
2
3
4
5
6
7
8
9
define base::wallet::keytab(
  $kstart_cmd,
  $path,
  $primary = true,
  $mode    = '0600',
  $owner   = 'root',
  $group   = 'root',
  $heimdal = false
) {
10
  include base::wallet::client
Adam Lewenberg's avatar
Adam Lewenberg committed
11
12
13
14
15
16
17

  if ($::lsbdistcodename == 'wheezy') {
    $ktutil_exe = '/usr/sbin/ktutil'
  } else {
    $ktutil_exe = '/usr/bin/ktutil'
  }

18
19
20
21
22
  $wallet_opts = "-f '$path' get keytab '$name'"
  exec { "wallet $wallet_opts":
    path    => '/bin:/usr/bin:/usr/local/bin:/usr/kerberos/bin',
    command => "${kstart_cmd} wallet ${wallet_opts}",
    unless  => $heimdal ? {
Adam Lewenberg's avatar
Adam Lewenberg committed
23
      true  => "${ktutil_exe} -k '$path' list | grep -i -q '$name'",
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
      false => "klist -k '$path' | grep -i -q '$name'",
    },
    require => [ Package['kstart'], Package['wallet-client'] ],
  }
  case $primary {
    true, 'true': {
      file { $path:
        mode    => $mode,
        owner   => $owner,
        group   => $group,
        require => Exec["wallet $wallet_opts"],
      }
    }
    false, 'false': { }
    default: {
      crit "Invalid value for primary: $primary (not true or false)"
    }
  }
}