pam: Make mkhomedir umask configurable. Tested with CentOS 6.
This commit is contained in:
Ossi Herrala
parent
2f7b76a47b
commit
782bc36cf1
1 changed files with 34 additions and 20 deletions
|
|
@ -26,29 +26,43 @@ class pam::common {
|
||||||
|
|
||||||
# Enable pam_mkhomedir module
|
# Enable pam_mkhomedir module
|
||||||
#
|
#
|
||||||
class pam::mkhomedir {
|
# $umask:
|
||||||
|
# The user file-creation mask is set to mask. The default value of
|
||||||
|
# mask is 0077.
|
||||||
|
#
|
||||||
|
class pam::mkhomedir ($umask=0077) {
|
||||||
|
|
||||||
include pam::common
|
include pam::common
|
||||||
|
|
||||||
case $::operatingsystem {
|
case $::operatingsystem {
|
||||||
"centos","redhat","fedora": {
|
"centos","redhat","fedora": {
|
||||||
exec { "authconfig --enablemkhomedir --update":
|
exec { "authconfig --enablemkhomedir --update":
|
||||||
path => "/bin:/usr/bin:/sbin:/usr/sbin",
|
path => "/bin:/usr/bin:/sbin:/usr/sbin",
|
||||||
unless => "egrep '^USEMKHOMEDIR=yes\$' /etc/sysconfig/authconfig",
|
unless => "egrep '^USEMKHOMEDIR=yes\$' /etc/sysconfig/authconfig",
|
||||||
require => Package["authconfig"],
|
require => Package["authconfig"],
|
||||||
}
|
}
|
||||||
}
|
augeas { "system-auth-pam_mkhomedir-umask":
|
||||||
"ubuntu": {
|
context => "/files/etc/pam.d/system-auth/",
|
||||||
file { "/usr/share/pam-configs/pam_mkhomedir":
|
changes => "set *[module='pam_mkhomedir.so']/argument umask=${umask}",
|
||||||
source => "puppet:///modules/pam/pam_mkhomedir",
|
require => Exec["authconfig --enablemkhomedir --update"],
|
||||||
mode => "0644",
|
}
|
||||||
owner => "root",
|
augeas { "password-auth-pam_mkhomedir-umask":
|
||||||
group => "root",
|
context => "/files/etc/pam.d/password-auth/",
|
||||||
require => Package["libpam-runtime"],
|
changes => "set *[module='pam_mkhomedir.so']/argument umask=${umask}",
|
||||||
notify => Exec["pam-auth-update"],
|
require => Exec["authconfig --enablemkhomedir --update"],
|
||||||
}
|
}
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
"ubuntu": {
|
||||||
|
file { "/usr/share/pam-configs/pam_mkhomedir":
|
||||||
|
source => "puppet:///modules/pam/pam_mkhomedir",
|
||||||
|
mode => "0644",
|
||||||
|
owner => "root",
|
||||||
|
group => "root",
|
||||||
|
require => Package["libpam-runtime"],
|
||||||
|
notify => Exec["pam-auth-update"],
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue