From 8196bc7c405f1899fe894f091aa45392db78a53c Mon Sep 17 00:00:00 2001 From: Ossi Salmi Date: Sat, 19 Jan 2013 18:17:28 +0200 Subject: [PATCH] Added OpenBSD support for sasl module --- sasl/manifests/init.pp | 87 +++++++++++++++++++++++++++++++----------- 1 file changed, 64 insertions(+), 23 deletions(-) diff --git a/sasl/manifests/init.pp b/sasl/manifests/init.pp index e0da7a3..20df9ca 100644 --- a/sasl/manifests/init.pp +++ b/sasl/manifests/init.pp @@ -8,10 +8,14 @@ class sasl::client { "ubuntu" => "sasl2-bin", default => "cyrus-sasl", }, + flavor => $::operatingsystem ? { + "openbsd" => "ldap", + default => undef, + }, ensure => installed, } - if $kerberos_realm { + if $kerberos_realm and $::operatingsystem != "OpenBSD" { package { "cyrus-sasl-gssapi": name => $::operatingsystem ? { "ubuntu" => "libsasl2-modules-gssapi-mit", @@ -32,7 +36,7 @@ class sasl::client { # default. Supported mechanisms include pam, ldap and kerberos5. # # For ldap authentication, see ldap::client for required global variables. -# +# class sasl::saslauthd { require sasl::client @@ -41,27 +45,48 @@ class sasl::saslauthd { "","pam": { } "ldap": { include ldap::client - - augeas { "set-saslauthd-mech": - context => "/files/etc/sysconfig/saslauthd", - changes => "set MECH ldap", - notify => Service["saslauthd"], + + case $::operatingsystem { + "centos","fedora","redhat": { + augeas { "set-saslauthd-mech": + context => "/files/etc/sysconfig/saslauthd", + changes => "set MECH ldap", + notify => Service["saslauthd"], + } + } + "openbsd": { + Service["saslauthd"] { + start => "/usr/local/sbin/saslauthd -a ldap", + } + } } - + file { "/etc/saslauthd.conf": ensure => present, - mode => 0644, - owner => "root", - group => "root", + mode => "0644", + owner => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, content => template("sasl/saslauthd.conf.ldap.erb"), - notify => Service["saslauthd"], + notify => Service["saslauthd"], } } "kerberos5": { - augeas { "set-saslauthd-mech": - context => "/files/etc/sysconfig/saslauthd", - changes => "set MECH kerberos5", - notify => Service["saslauthd"], + case $::operatingsystem { + "centos","fedora","redhat": { + augeas { "set-saslauthd-mech": + context => "/files/etc/sysconfig/saslauthd", + changes => "set MECH kerberos5", + notify => Service["saslauthd"], + } + } + "openbsd": { + Service["saslauthd"] { + start => "/usr/local/sbin/saslauthd -a kerberos5", + } + } } } default: { @@ -78,13 +103,16 @@ class sasl::saslauthd { ensure => present, mode => "0644", owner => "root", - group => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, require => Exec["generate-sasldb2"], before => Service["saslauthd"], } exec { "generate-sasldb2": command => "saslpasswd2 -d foobar ; true", - path => "/bin:/usr/bin:/sbin:/usr/sbin", + path => "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin", creates => "/etc/sasldb2", } @@ -104,10 +132,20 @@ class sasl::saslauthd { # define sasl::saslauthd::service() { - case $architecture { - "i386": { $libdir = "/usr/lib/sasl2" } - "x86_64": { $libdir = "/usr/lib64/sasl2" } - default: { fail("Unknown architecture ${architecture}") } + case $::operatingsystem { + "centos","fedora","redhat": { + case $::architecture { + "i386": { $libdir = "/usr/lib/sasl2" } + "x86_64": { $libdir = "/usr/lib64/sasl2" } + default: { fail("Unknown architecture ${::architecture}") } + } + } + "openbsd": { + $libdir = "/usr/local/lib/sasl2" + } + default: { + fail("sasl not supported on ${::operatingsystem}") + } } file { "${libdir}/${name}.conf": @@ -118,7 +156,10 @@ define sasl::saslauthd::service() { "puppet:///modules/sasl/service.conf", ], mode => "0644", owner => "root", - group => "root", + group => $::operatingsystem ? { + "openbsd" => "wheel", + default => "root", + }, require => Service["saslauthd"], }