[Mageia-sysadm] [437] the previous trick didn't work as tags are dependent in the order of
root at mageia.org
root at mageia.org
Wed Nov 24 00:17:49 CET 2010
Revision: 437
Author: misc
Date: 2010-11-24 00:17:48 +0100 (Wed, 24 Nov 2010)
Log Message:
-----------
the previous trick didn't work as tags are dependent in the order of
declaration ( and that's bad (tm) ). This one is safer.
Modified Paths:
--------------
puppet/manifests/common.pp
puppet/modules/openssh/manifests/init.pp
puppet/modules/openssh/templates/sshd_config
Added Paths:
-----------
puppet/modules/openssh/templates/sshd_config_ldap
Modified: puppet/manifests/common.pp
===================================================================
--- puppet/manifests/common.pp 2010-11-23 23:17:47 UTC (rev 436)
+++ puppet/manifests/common.pp 2010-11-23 23:17:48 UTC (rev 437)
@@ -87,7 +87,7 @@
class default_mageia_server {
include timezone
- include openssh
+ include openssh::server
include default_ssh_root_key
include base_packages
include ntp
Modified: puppet/modules/openssh/manifests/init.pp
===================================================================
--- puppet/modules/openssh/manifests/init.pp 2010-11-23 23:17:47 UTC (rev 436)
+++ puppet/modules/openssh/manifests/init.pp 2010-11-23 23:17:48 UTC (rev 437)
@@ -1,31 +1,36 @@
class openssh {
+ class server {
+ # some trick to manage sftp server, who is arch dependent on mdv
+ $path_to_sftp = "$lib_dir/ssh/"
- # some trick to manage sftp server, who is arch dependent on mdv
- $path_to_sftp = "$lib_dir/ssh/"
+ package { "openssh-server":
+ ensure => installed
+ }
- package { "openssh-server":
- ensure => installed
- }
+ service { sshd:
+ ensure => running,
+ path => "/etc/init.d/sshd",
+ subscribe => [ Package["openssh-server"] ]
+ }
- service { sshd:
- ensure => running,
- path => "/etc/init.d/sshd",
- subscribe => [ Package["openssh-server"], File["sshd_config"] ]
- }
- file { "sshd_config":
- path => "/etc/ssh/sshd_config",
- ensure => present,
- owner => root,
- group => root,
- mode => 644,
- require => Package["openssh-server"],
- content => template("openssh/sshd_config")
+ file { "/etc/ssh/sshd_config":
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 644,
+ require => Package["openssh-server"],
+ content => template("openssh/sshd_config"),
+ notify => Service["sshd"]
+ }
}
-
- class ssh_keys_from_ldap {
+ class ssh_keys_from_ldap inherits server {
+ File ["/etc/ssh/sshd_config"] {
+ content => template("openssh/sshd_config","openssh/sshd_config_ldap")
+ }
+
package { 'python-ldap':
ensure => installed,
}
Modified: puppet/modules/openssh/templates/sshd_config
===================================================================
--- puppet/modules/openssh/templates/sshd_config 2010-11-23 23:17:47 UTC (rev 436)
+++ puppet/modules/openssh/templates/sshd_config 2010-11-23 23:17:48 UTC (rev 437)
@@ -45,11 +45,7 @@
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
-<% if all_tags.include?('openssh::ssh_keys_from_ldap') %>
-AuthorizedKeysFile /var/lib/config/pubkeys/%u/authorized_keys
-<% end %>
-
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
Added: puppet/modules/openssh/templates/sshd_config_ldap
===================================================================
--- puppet/modules/openssh/templates/sshd_config_ldap (rev 0)
+++ puppet/modules/openssh/templates/sshd_config_ldap 2010-11-23 23:17:48 UTC (rev 437)
@@ -0,0 +1,3 @@
+
+AuthorizedKeysFile /var/lib/config/pubkeys/%u/authorized_keys
+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-sysadm/attachments/20101124/ed0d31e3/attachment.html>
More information about the Mageia-sysadm
mailing list