diff --git a/ldap/manifests/init.pp b/ldap/manifests/init.pp index 7e9efac..a59883a 100644 --- a/ldap/manifests/init.pp +++ b/ldap/manifests/init.pp @@ -95,14 +95,32 @@ class ldap::auth inherits ldap::client { } } Fedora: { - package { [ "sssd", "pam_ldap", ]: + package { "sssd": ensure => installed, } - exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --enablesssd --krb5realm='' --update": - path => "/bin:/usr/bin:/sbin:/usr/sbin", - unless => 'cat /etc/sysconfig/authconfig | egrep "^USELDAPAUTH=yes$|^USELDAP=yes$" | wc -l | egrep "^2$"', - before => Augeas["sssd-conf"], - require => Package["authconfig", "sssd", "pam_ldap"], + if $::operatingsystemrelease < 19 { + package { "pam_ldap": + ensure => installed, + before => Package["sssd"], + } + exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --enablesssd --krb5realm='' --update": + path => "/bin:/usr/bin:/sbin:/usr/sbin", + unless => 'cat /etc/sysconfig/authconfig | egrep "^USELDAPAUTH=yes$|^USELDAP=yes$" | wc -l | egrep "^2$"', + before => Augeas["sssd-conf"], + require => [ Package["authconfig"], Package["sssd"], ], + } + } else { + exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --krb5realm='' --update": + path => "/bin:/usr/bin:/sbin:/usr/sbin", + creates => "/etc/sssd/sssd.conf", + require => [ Package["authconfig"], Package["sssd"], ], + notify => Exec["authconfig --enablesssd --update"], + } + exec { "authconfig --enablesssd --update": + path => "/bin:/usr/bin:/sbin:/usr/sbin", + refreshonly => true, + before => Augeas["sssd-conf"], + } } augeas { "sssd-conf": changes => [ @@ -113,7 +131,7 @@ class ldap::auth inherits ldap::client { ], incl => "/etc/sssd/sssd.conf", lens => "MySQL.lns", - before => Service["sssd"], + notify => Service["sssd"], } service { "sssd": ensure => running,