[Mageia-sysadm] [269] - fix templates ( again )
root at mageia.org
root at mageia.org
Wed Nov 17 17:25:42 CET 2010
Revision: 269
Author: misc
Date: 2010-11-17 17:25:42 +0100 (Wed, 17 Nov 2010)
Log Message:
-----------
- fix templates ( again )
- add ldap.conf
Modified Paths:
--------------
puppet/modules/pam/manifests/init.pp
Added Paths:
-----------
puppet/modules/pam/templates/ldap.conf
Modified: puppet/modules/pam/manifests/init.pp
===================================================================
--- puppet/modules/pam/manifests/init.pp 2010-11-17 15:58:10 UTC (rev 268)
+++ puppet/modules/pam/manifests/init.pp 2010-11-17 16:25:42 UTC (rev 269)
@@ -18,8 +18,15 @@
owner => root,
group => root,
mode => 644,
- content => template("pam/system-auth")
+ content => template("pam/nsswitch.conf")
}
+ file { "ldap.conf":
+ path => "/etc/ldap.conf",
+ owner => root,
+ group => root,
+ mode => 644,
+ content => template("pam/ldap.conf")
+ }
}
# for server where only admin can connect
Added: puppet/modules/pam/templates/ldap.conf
===================================================================
--- puppet/modules/pam/templates/ldap.conf (rev 0)
+++ puppet/modules/pam/templates/ldap.conf 2010-11-17 16:25:42 UTC (rev 269)
@@ -0,0 +1,22 @@
+<%
+dc_suffix = 'dc=' + domain.gsub('.',',dc=')
+%>
+
+uri ldap://ldap.<%= domain %>
+base <%= dc_suffix %>
+pam_lookup_policy no
+pam_password exop
+nss_base_passwd ou=People,<%= dc_suffix %>?one
+nss_base_shadow ou=People,<%= dc_suffix %>?one
+nss_base_group ou=Group,<%= dc_suffix %>?one
+
+nss_schema rfc2307bis
+nss_map_attribute uniqueMember member
+sudoers_base ou=sudoers,<%= dc_suffix %>
+#sudoers_debug 2
+
+<% if access_class = 'commiters' %>
+# for restricted access
+nss_override_attribute_value loginShell /usr/local/bin/sv_membersh.pl
+<% end %>
+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-sysadm/attachments/20101117/9b32b042/attachment.html>
More information about the Mageia-sysadm
mailing list