tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Improved wheel group handling for LDAP users on OpenBSD.

Browse source
This commit is contained in:
Ossi Salmi 2009-11-23 14:18:19 +02:00 committed by Timo Mkinen
parent ca1258706e
commit a2e7cc65b5
1 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
user/scripts/update-virtual.rb
View file

@ -61,7 +61,7 @@ class user::virtual {
} }
exec { "user-mod-${name}": exec { "user-mod-${name}":
command => "usermod -L ldap ${name}; groups ${name} | fgrep -q sysadm && usermod -G wheel ${name} || true", command => "usermod -L ldap ${name}",
path => "/sbin:/usr/sbin:/bin:/usr/bin", path => "/sbin:/usr/sbin:/bin:/usr/bin",
refreshonly => true, refreshonly => true,
} }
@ -110,11 +110,18 @@ conn.search(basedn, LDAP::LDAP_SCOPE_SUBTREE, 'objectClass=posixAccount',
print " shell => '%s',\n" % "/bin/bash" print " shell => '%s',\n" % "/bin/bash"
end end
if groups.length > 0 if groups.length > 0
print " groups => [ " print " groups => $operatingsystem ? {\n"
print " openbsd => [ "
groups.each do |group| groups.each do |group|
print "'" + group + "', " print "'" + group + "', "
end end
print "'wheel', " if groups.include?('sysadm')
print "],\n" print "],\n"
print " default => [ "
groups.each do |group|
print "'" + group + "', "
end
print "],\n },\n"
end end
print " requiregroups => [ Group['" + prigroup + "']," print " requiregroups => [ Group['" + prigroup + "'],"
groups.each do |group| groups.each do |group|