[Mageia-sysadm] [406] - rewrite restricted_shell, and split the shell in its own subclass

root at mageia.org root at mageia.org
Tue Nov 23 02:11:07 CET 2010


Revision: 406
Author:   misc
Date:     2010-11-23 02:11:07 +0100 (Tue, 23 Nov 2010)
Log Message:
-----------
- rewrite restricted_shell, and split the shell in its own subclass

Modified Paths:
--------------
    puppet/modules/pam/manifests/init.pp
    puppet/modules/restrictshell/manifests/init.pp

Modified: puppet/modules/pam/manifests/init.pp
===================================================================
--- puppet/modules/pam/manifests/init.pp	2010-11-22 23:30:59 UTC (rev 405)
+++ puppet/modules/pam/manifests/init.pp	2010-11-23 01:11:07 UTC (rev 406)
@@ -52,6 +52,7 @@
 
   # for server where people can connect with ssh ( git, svn )
   class commiters_access inherits base {
+    include restricted_shell::shell
     $access_class = "commiters"
   }
 }

Modified: puppet/modules/restrictshell/manifests/init.pp
===================================================================
--- puppet/modules/restrictshell/manifests/init.pp	2010-11-22 23:30:59 UTC (rev 405)
+++ puppet/modules/restrictshell/manifests/init.pp	2010-11-23 01:11:07 UTC (rev 406)
@@ -1,55 +1,55 @@
 class restrictshell {
-  $allow_svn = "0"
-  $allow_git = "0"
-  $allow_rsync = "0"
-  $allow_pkgsubmit = "0"
+    class shell {
+        file { '/usr/local/bin/sv_membersh.pl':
+            ensure => present,
+            owner => root,
+            group => root,
+            mode => 755,
+            content => template("restrictshell/sv_membersh.pl"),
+        }
+    }
 
-  $ldap_pwfile = "/etc/ldap.secret"
+    class base {
+        include shell
+        $allow_svn = "0"
+        $allow_git = "0"
+        $allow_rsync = "0"
+        $allow_pkgsubmit = "0"
 
-  class allow_svn_git_pkgsubmit {
-    $allow_svn = "1"
-    $allow_git = "1"
-    $allow_pkgsubmit = "1"
-  }
+        $ldap_pwfile = "/etc/ldap.secret"
+        file { '/etc/membersh-conf.pl':
+            ensure => present,
+            owner => root,
+            group => root,
+            mode => 755,
+            content => template("restrictshell/membersh-conf.pl"),
+        }
 
-  file { '/usr/local/bin/sv_membersh.pl':
-    ensure => present,
-    owner => root,
-    group => root,
-    mode => 755,
-    content => template("restrictshell/sv_membersh.pl"),
-  }
+        package { 'python-ldap':
+            ensure => installed,
+        }
 
-  file { '/etc/membersh-conf.pl':
-    ensure => present,
-    owner => root,
-    group => root,
-    mode => 755,
-    content => template("restrictshell/membersh-conf.pl"),
-  }
+        $pubkeys_directory = "/var/lib/pubkeys"
+        file { $pubkeys_directory:
+            ensure => directory,
+            owner => root,
+            group => root,
+            mode => 755,
+        }
 
-  package { 'python-ldap':
-    ensure => installed,
-  }
+        file { '/usr/local/bin/ldap-sshkey2file.py':
+            ensure => present,
+            owner => root,
+            group => root,
+            mode => 755,
+            content => template("restrictshell/ldap-sshkey2file.py"),
+            requires => Package['python-ldap']
+        } 
+    }
 
-  $pubkeys_directory = "/var/lib/pubkeys"
-  file { $pubkeys_directory:
-    ensure => directory,
-    owner => root,
-    group => root,
-    mode => 755,
-  }
-
-  file { '/usr/local/bin/ldap-sshkey2file.py':
-    ensure => present,
-    owner => root,
-    group => root,
-    mode => 755,
-    content => template("restrictshell/ldap-sshkey2file.py"),
-    requires => Package['python-ldap']
-  } 
-
-
-
-
+    class allow_svn_git_pkgsubmit inherits base {
+        $allow_svn = "1"
+        $allow_git = "1"
+        $allow_pkgsubmit = "1"
+    }
 }
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-sysadm/attachments/20101123/6e7a009e/attachment.html>


More information about the Mageia-sysadm mailing list