Improved wheel group handling for LDAP users on OpenBSD.
This commit is contained in:
Ossi Salmi
parent
ca1258706e
commit
a2e7cc65b5
1 changed files with 9 additions and 2 deletions
|
|
@ -61,7 +61,7 @@ class user::virtual {
|
|||
}
|
||||
|
||||
exec { "user-mod-${name}":
|
||||
command => "usermod -L ldap ${name}; groups ${name} | fgrep -q sysadm && usermod -G wheel ${name} || true",
|
||||
command => "usermod -L ldap ${name}",
|
||||
path => "/sbin:/usr/sbin:/bin:/usr/bin",
|
||||
refreshonly => true,
|
||||
}
|
||||
|
|
@ -110,11 +110,18 @@ conn.search(basedn, LDAP::LDAP_SCOPE_SUBTREE, 'objectClass=posixAccount',
|
|||
print " shell => '%s',\n" % "/bin/bash"
|
||||
end
|
||||
if groups.length > 0
|
||||
print " groups => [ "
|
||||
print " groups => $operatingsystem ? {\n"
|
||||
print " openbsd => [ "
|
||||
groups.each do |group|
|
||||
print "'" + group + "', "
|
||||
end
|
||||
print "'wheel', " if groups.include?('sysadm')
|
||||
print "],\n"
|
||||
print " default => [ "
|
||||
groups.each do |group|
|
||||
print "'" + group + "', "
|
||||
end
|
||||
print "],\n },\n"
|
||||
end
|
||||
print " requiregroups => [ Group['" + prigroup + "'],"
|
||||
groups.each do |group|
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue