Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
#
# Sets up basic PAM configuration for Debian, separated out from the original
# kerberos configuration.
class base::pam::debian {
package { 'libpam-krb5': ensure => present }
case $::lsbdistcodename {
'etch': {
package { 'libpam-openafs-session': ensure => present }
file {
'/etc/pam.d/common-auth':
source => 'puppet:///modules/base/pam/etc/pam.d/common-auth',
require => [ Package['libpam-openafs-session'],
Package['libpam-krb5'] ];
'/etc/pam.d/common-session':
source => 'puppet:///modules/base/pam/etc/pam.d/common-session',
require => [ Package['libpam-openafs-session'],
Package['libpam-krb5'] ];
}
}
default: {
package { 'libpam-afs-session': ensure => present }
file {
'/etc/pam.d/common-auth':
source => 'puppet:///modules/base/pam/etc/pam.d/common-auth.lenny',
require => [ Package['libpam-afs-session'],
Package['libpam-krb5'] ];
'/etc/pam.d/common-session':
source => 'puppet:///modules/base/pam/etc/pam.d/common-session.lenny',
require => [ Package['libpam-afs-session'],
Package['libpam-krb5'] ];
}
}
}
file { '/etc/pam.d/common-account':
source => 'puppet:///modules/base/pam/etc/pam.d/common-account',
require => [ Package['libpam-krb5'] ];
}
}
# FIXME: move libpam-foreground and config (in pam.d/global/common-session)
# to the timeshare class, or something similar
class base::pam::debian::ldap inherits base::pam::debian {
package {
'libpam-ldap': ensure => 'present';
'libnss-ldap': ensure => 'present';
'libpam-openafs-kaserver': ensure => 'absent';
}
# A lot of this stuff is taken from s_timeshare, which is where it was
# originally implemented.
file {
'/etc/ldap.conf':
source => 'puppet:///modules/base/pam/etc/ldap.conf';
'/etc/libnss-ldap.conf':
source => 'puppet:///modules/base/pam/etc/libnss-ldap.conf';
'/etc/nsswitch.conf':
source => 'puppet:///modules/base/pam/etc/nsswitch.conf';
'/etc/pam.d/common-password':
source => 'puppet:///modules/base/pam/etc/pam.d/global/common-password',
require => [ Package['libpam-krb5'] ];
'/etc/pam_ldap.conf':
source => 'puppet:///modules/base/pam/etc/pam_ldap.conf';
}
File['/etc/pam.d/common-account'] {
source => 'puppet:///modules/base/pam/etc/pam.d/global/common-account'
}
File['/etc/pam.d/common-auth'] {
source => 'puppet:///modules/base/pam/etc/pam.d/global/common-auth'
}
File['/etc/pam.d/common-session'] {
source => 'puppet:///modules/base/pam/etc/pam.d/global/common-session'
}
}