tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed ldap password change on centos 6.

Browse source
This commit is contained in:
Timo Mkinen 2011-11-08 10:23:35 +02:00
parent 047dcbd2bd
commit 9a85a1217f
1 changed files with 11 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
ldap/manifests/init.pp
View file

@ -26,11 +26,12 @@ class ldap::auth inherits ldap::client {
exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --update": exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --update":
path => "/bin:/usr/bin:/sbin:/usr/sbin", path => "/bin:/usr/bin:/sbin:/usr/sbin",
unless => 'cat /etc/sysconfig/authconfig | egrep "^USELDAPAUTH=yes$|^USELDAP=yes$" | wc -l | egrep "^2$"', unless => 'cat /etc/sysconfig/authconfig | egrep "^USELDAPAUTH=yes$|^USELDAP=yes$" | wc -l | egrep "^2$"',
before => [ Augeas["pam-ldap-conf"], before => [ Augeas["nslcd-conf"],
Augeas["pam-ldap-conf"],
File["/etc/openldap/ldap.conf"], ], File["/etc/openldap/ldap.conf"], ],
require => Package["nss-pam-ldapd"], require => Package["nss-pam-ldapd"],
} }
augeas { "pam-ldap-conf": augeas { "nslcd-conf":
changes => [ "set pagesize 500", changes => [ "set pagesize 500",
"set ssl on", "set ssl on",
"set tls_reqcert never", ], "set tls_reqcert never", ],
@ -41,6 +42,14 @@ class ldap::auth inherits ldap::client {
lens => "Spacevars.simple_lns", lens => "Spacevars.simple_lns",
notify => Service["nslcd"], notify => Service["nslcd"],
} }
augeas { "pam-ldap-conf":
changes => [ "set ssl on",
"set pam_password exop", ],
onlyif => [ "get ssl != on",
"get pam_password != exop", ],
incl => "/etc/pam_ldap.conf",
lens => "Spacevars.simple_lns",
}
service { "nslcd": service { "nslcd":
ensure => running, ensure => running,
enable => true, enable => true,