diff --git a/ldap/manifests/init.pp b/ldap/manifests/init.pp index 81a6e4f..5de7bbd 100644 --- a/ldap/manifests/init.pp +++ b/ldap/manifests/init.pp @@ -464,7 +464,7 @@ class ldap::server { if $::operatinsystemrelease !~ /^5\./ { file { "/etc/sysconfig/ldap": ensure => present, - source => "puppet:///modules/ldap/ldap.sysconfig", + content => template("ldap/ldap.sysconfig.erb"), mode => "0644", owner => "root", group => "root", @@ -530,16 +530,14 @@ class ldap::server { } } - if $::selinux == "true" { - selinux::manage_fcontext { "/srv/ldap(/.*)?": + selinux::manage_fcontext { "/srv/ldap(/.*)?": + type => "slapd_db_t", + before => File["/srv/ldap"], + } + if $ldap_datadir { + selinux::manage_fcontext { "${ldap_datadir}(/.*)?": type => "slapd_db_t", - before => File["/srv/ldap"], - } - if $ldap_datadir { - selinux::manage_fcontext { "${ldap_datadir}(/.*)?": - type => "slapd_db_t", - before => File[$ldap_datadir], - } + before => File[$ldap_datadir], } } diff --git a/ldap/files/ldap.sysconfig b/ldap/templates/ldap.sysconfig.erb similarity index 82% rename from ldap/files/ldap.sysconfig rename to ldap/templates/ldap.sysconfig.erb index a9f59e2..00ded90 100644 --- a/ldap/files/ldap.sysconfig +++ b/ldap/templates/ldap.sysconfig.erb @@ -1,5 +1,5 @@ # Options of slapd (see man slapd) -SLAPD_OPTIONS="-f /etc/openldap/slapd.conf" +SLAPD_OPTIONS="-f /etc/openldap/slapd.conf<% if @ipv6enabled == 'false' %> -4<% end %>" # At least one of SLAPD_LDAP, SLAPD_LDAPI and SLAPD_LDAPS must be set to 'yes'! # diff --git a/ntpd/templates/ntp.conf.erb b/ntpd/templates/ntp.conf.erb index b4d2fec..e504fc1 100644 --- a/ntpd/templates/ntp.conf.erb +++ b/ntpd/templates/ntp.conf.erb @@ -16,7 +16,9 @@ restrict -6 default nomodify notrap nopeer noquery # Local users may interrogate the ntp server more closely. restrict 127.0.0.1 nomodify +<% if @ipv6enabled == "true" -%> restrict ::1 nomodify +<% end -%> # Drift file. driftfile /var/lib/ntp/ntp.drift