pam: Make mkhomedir umask configurable. Tested with CentOS 6.

pam/manifests/init.pp

@@ -26,7 +26,11 @@ class pam::common {
 
 # Enable pam_mkhomedir module
 #
-class pam::mkhomedir {
+#   $umask:
+#     The user file-creation mask is set to mask. The default value of
+#     mask is 0077.
+#
+class pam::mkhomedir ($umask=0077) {
 
   include pam::common
 
@@ -37,6 +41,16 @@ class pam::mkhomedir {
         unless  => "egrep '^USEMKHOMEDIR=yes\$' /etc/sysconfig/authconfig",
         require => Package["authconfig"],
       }
+      augeas { "system-auth-pam_mkhomedir-umask":
+        context => "/files/etc/pam.d/system-auth/",
+        changes => "set *[module='pam_mkhomedir.so']/argument umask=${umask}",
+        require => Exec["authconfig --enablemkhomedir --update"],
+      }
+      augeas { "password-auth-pam_mkhomedir-umask":
+        context => "/files/etc/pam.d/password-auth/",
+        changes => "set *[module='pam_mkhomedir.so']/argument umask=${umask}",
+        require => Exec["authconfig --enablemkhomedir --update"],
+      }
     }
     "ubuntu": {
       file { "/usr/share/pam-configs/pam_mkhomedir":