Commit 23a4e42c authored by Alex Tayts's avatar Alex Tayts
Browse files

update README.md

parent 1601ef80
......@@ -22,14 +22,13 @@ The resource depends on the presence of the following binaries:
Wallet resource accepts the following arguments:
#### ensure
Can be `present` or `absent`, downloading an object from wallet or removing its local copy. Defaults to _present_.
#### name
A name of an object in wallet. _Required_.
#### ensure
Can be `present` or `absent`, downloading an object from wallet or removing its local copy. Optional, defaults to _present_.
#### path
......@@ -37,34 +36,34 @@ The name of a file for a downloaded wallet object. _Required_.
#### type
A type of a wallet object like `file`, `keytab` or `pam-duo`. Defaults to _file_.
A type of a wallet object like `file`, `keytab` or `pam-duo`. Optional, defaults to _keytab_.
#### auth_principal
A kerberos principal used for authentication to wallet, by default a server's host principal. Defaults to a first entry in a keytab.
A kerberos principal used for authentication to wallet, by default a server's host principal. Optional, defaults to a first entry in a keytab.
#### auth_keytab
A keytab file where `auth_principal` keys are stored. Must be an absolute path. Defaults to _/etc/krb5.keytab_.
A keytab file where `auth_principal` keys are stored. Must be an absolute path. Optional, defaults to _/etc/krb5.keytab_.
#### owner
A desired owner of a file created out of a wallet object. Can be given as a numeric _uid_ (like _1001_), string representation of a numeric _uid_ (like _"1001"_) or a user name (like _jdoe_). Defaults to not settingan owner. Since typically puppet runs as root, that would be a default owner of a file.
A desired owner of a file created out of a wallet object. Can be given as a numeric _uid_ (like _1001_), string representation of a numeric _uid_ (like _"1001"_) or a user name (like _jdoe_). Optional, defaults to not setting an owner. Since typically puppet runs as root, that would be a default owner of a file.
#### group
A desired group of a file created out of a wallet object. Can be given as a numeric _gid_ (like _1001_), string representation of a numeric _gid_ (like _"1001"_) or a group name (like _operator_). Defaults to not setting a group. Since typically puppet runs as root, that would be a default group of a file.
A desired group of a file created out of a wallet object. Can be given as a numeric _gid_ (like _1001_), string representation of a numeric _gid_ (like _"1001"_) or a group name (like _operator_). Optional, defaults to not setting a group. Since typically puppet runs as root, that would be a default group of a file.
#### mode
A desired mode of a file created out of a wallet object. Can be given as a numeric _uid_ (like _1001_) or a string representation of a numeric _uid_ (like _"1001"_). Defaults to not setting a mode. Wallet client automatically sets mode to 600, which would be a natural default.
A desired mode of a file created out of a wallet object. Can be given as a numeric _uid_ (like _1001_) or a string representation of a numeric _uid_ (like _"1001"_). Optional, defaults to not setting a mode. Wallet client automatically sets mode to 600, which would be a natural default.
#### heimdal
Kerberos distribution, heimdal if true, otherwise MIT.
Kerberos distribution, Heimdal if true, otherwise MIT. Optional, defaults to _false_.
#### verify
A boolean enabling or disabling verification of a local copy of a wallet object. If verification fails for any reason (file is missing, modified, stale keytab, etc.), it is downloaded from wallet again. Defaults to _false_.
A boolean enabling or disabling verification of a local copy of a wallet object. If verification fails for any reason (file is missing, modified, stale keytab, etc.), it is downloaded from wallet again. Optional, defaults to _false_.
## Examples
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment