Add posinxgroup.pp

d2e2edeb · Srinivas Rao Puttagunta · 2c9a428f · d2e2edeb · d2e2edeb
Commit d2e2edeb authored 5 years ago by Srinivas Rao Puttagunta
--- a/manifests/ldapadmin.pp
+++ b/manifests/ldapadmin.pp
@@ -51,14 +51,6 @@ class su_ldap::ldapadmin (
    require => File['/etc/ldapadmin'],
  }

-  # Configuration for Remctl posixgroup 
-  file { '/etc/ldapadmin/ldap-group-maint.conf':
-    ensure  => $ensure,
-    mode    => '0644',
-    content => template('su_ldap/etc/ldapadmin/ldap-group-maint.conf.erb'),
-    require => File['/etc/ldapadmin'],
-  }
-
  # Get the database credentials used by LDAPadmin.pm
  #
  # These two credentials files would be combined into a
@@ -126,5 +118,10 @@ class su_ldap::ldapadmin (
    ensure => $ensure_ldap_watcher,
  }

+  # The LDAP  remctl wrapper script that invokes ldap-group-maint and
+  # restricts the options to setting up or showing a posix group.
+  class { 'su_ldap::ldapadmin::posixgroup':
+    ensure => $ensure_posixgroup,
+  }

 }
--- a/manifests/ldapadmin/posixgroup.pp
+++ b/manifests/ldapadmin/posixgroup.pp
+# This class manages the configuration for the script
+# /usr/bin/ldap-posix-group. From the script's man page: "This is a remctl
+# wrapper script that invokes ldap-group-maint and restricts the options
+# to setting up or showing a posix group.
+
+class su_ldap::ldapadmin::posixgroup(
+  Enum['present', 'absent'] $ensure,
+) {
+
+  if ($ensure == 'present')) {
+    fail("missing $ensure parameter")
+  }
+
+  # Configuration for Remctl posixgroup
+  file { '/etc/ldapadmin/ldap-group-maint.conf':
+    ensure  => $ensure,
+    mode    => '0644',
+    content => template('su_ldap/etc/ldapadmin/ldap-group-maint.conf.erb'),
+    require => File['/etc/ldapadmin'],
+  }
+
+  # Keytab used to access mailman and Posixgroup.
+  if ($ensure == 'present') {
+    base::wallet { 'service/lists':
+      ensure  => 'present',
+      path    => '/etc/ldap/service-lists.keytab',
+      owner   => 'root',
+      require => File['/etc/ldapadmin'],
+    }
+  }
+
+}