[Mageia-sysadm] [785] - allow to set access without forcing the restricted shell ( should
root at mageia.org
root at mageia.org
Thu Jan 13 20:41:24 CET 2011
Revision: 785
Author: misc
Date: 2011-01-13 20:41:24 +0100 (Thu, 13 Jan 2011)
Log Message:
-----------
- allow to set access without forcing the restricted shell ( should
be done by openssh in fact, but that's easier to do like this for now )
Modified Paths:
--------------
puppet/modules/pam/manifests/init.pp
puppet/modules/pam/templates/ldap.conf
Modified: puppet/modules/pam/manifests/init.pp
===================================================================
--- puppet/modules/pam/manifests/init.pp 2011-01-13 18:59:25 UTC (rev 784)
+++ puppet/modules/pam/manifests/init.pp 2011-01-13 19:41:24 UTC (rev 785)
@@ -44,7 +44,10 @@
}
}
- define multiple_ldap_access($access_classes) {
+ define multiple_ldap_access($access_classes,$restricted_shell = false) {
+ if $restricted_shell {
+ include restricted_shell
+ }
include base
}
}
Modified: puppet/modules/pam/templates/ldap.conf
===================================================================
--- puppet/modules/pam/templates/ldap.conf 2011-01-13 18:59:25 UTC (rev 784)
+++ puppet/modules/pam/templates/ldap.conf 2011-01-13 19:41:24 UTC (rev 785)
@@ -15,7 +15,7 @@
sudoers_base ou=sudoers,<%= dc_suffix %>
#sudoers_debug 2
-<% if access_class = 'commiters' %>
+<% if restricted_shell %>
# for restricted access
nss_override_attribute_value loginShell /usr/local/bin/sv_membersh.pl
<% end %>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-sysadm/attachments/20110113/abfdb97e/attachment-0001.html>
More information about the Mageia-sysadm
mailing list