[Mageia-sysadm] [264] update binddn and password file
root at mageia.org
root at mageia.org
Wed Nov 17 16:13:07 CET 2010
Revision: 264
Author: boklm
Date: 2010-11-17 16:13:07 +0100 (Wed, 17 Nov 2010)
Log Message:
-----------
update binddn and password file
Modified Paths:
--------------
puppet/modules/restrictshell/manifests/init.pp
puppet/modules/restrictshell/templates/ldap-sshkey2file.py
Modified: puppet/modules/restrictshell/manifests/init.pp
===================================================================
--- puppet/modules/restrictshell/manifests/init.pp 2010-11-17 14:28:30 UTC (rev 263)
+++ puppet/modules/restrictshell/manifests/init.pp 2010-11-17 15:13:07 UTC (rev 264)
@@ -1,10 +1,11 @@
-#TODO: add support for pkgsubmit
class restrictshell {
$allow_svn = "0"
$allow_git = "0"
$allow_rsync = "0"
$allow_pkgsubmit = "0"
+ $ldap_pwfile = "/etc/ldap.secret"
+
class allow_svn_git_pkgsubmit {
$allow_svn = "1"
$allow_git = "1"
Modified: puppet/modules/restrictshell/templates/ldap-sshkey2file.py
===================================================================
--- puppet/modules/restrictshell/templates/ldap-sshkey2file.py 2010-11-17 14:28:30 UTC (rev 263)
+++ puppet/modules/restrictshell/templates/ldap-sshkey2file.py 2010-11-17 15:13:07 UTC (rev 264)
@@ -18,8 +18,8 @@
random.shuffle(uris)
uri = " ".join(uris)
timeout=5
-binddn="uid=sshkeyreader,ou=System Accounts,%s" % basedn
-pwfile="/etc/sshkeyreader.pw"
+binddn="cn=<%= fqdn %>,ou=Hosts," % basedn
+pwfile="<%= ldap_pwfile %>"
# filter out disabled accounts also
# too bad uidNumber doesn't support >= filters
filter="(&(objectClass=inetOrgPerson)(objectClass=ldapPublicKey)(objectClass=posixAccount)(sshPublicKey=*)(!(shadowExpire=*)))"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-sysadm/attachments/20101117/9a3e1b4a/attachment-0001.html>
More information about the Mageia-sysadm
mailing list