ldap: Ugly kludges to get ldap::auth working on Fedora 19.

2013-09-17 14:35:53 +03:00 · 2013-09-17 14:35:53 +03:00 · d399d3d05a
commit d399d3d05a
parent 1fbe904a13
1 changed files with 25 additions and 7 deletions
--- a/ldap/manifests/init.pp
+++ b/ldap/manifests/init.pp
@ -95,14 +95,32 @@ class ldap::auth inherits ldap::client {
            }
        }
        Fedora: {
-            package { [ "sssd", "pam_ldap", ]:
+            package { "sssd":
                ensure => installed,
            }
-            exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --enablesssd --krb5realm='' --update":
+            if $::operatingsystemrelease < 19 {
-                path    => "/bin:/usr/bin:/sbin:/usr/sbin",
+                package { "pam_ldap":
-                unless  => 'cat /etc/sysconfig/authconfig | egrep "^USELDAPAUTH=yes$|^USELDAP=yes$" | wc -l | egrep "^2$"',
+                    ensure => installed,
-                before  => Augeas["sssd-conf"],
+                    before => Package["sssd"],
-                require => Package["authconfig", "sssd", "pam_ldap"],
+                }
                exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --enablesssd --krb5realm='' --update":
                    path    => "/bin:/usr/bin:/sbin:/usr/sbin",
                    unless  => 'cat /etc/sysconfig/authconfig | egrep "^USELDAPAUTH=yes$|^USELDAP=yes$" | wc -l | egrep "^2$"',
                    before  => Augeas["sssd-conf"],
                    require => [ Package["authconfig"], Package["sssd"], ],
                }
            } else {
                exec { "authconfig --enableldap --enableldapauth --ldapserver='${ldap_uri}' --ldapbasedn='${ldap_basedn}' --krb5realm='' --update":
                    path    => "/bin:/usr/bin:/sbin:/usr/sbin",
                    creates => "/etc/sssd/sssd.conf",
                    require => [ Package["authconfig"], Package["sssd"], ],
                    notify  => Exec["authconfig --enablesssd --update"],
                }
                exec { "authconfig --enablesssd --update":
                    path        => "/bin:/usr/bin:/sbin:/usr/sbin",
                    refreshonly => true,
                    before      => Augeas["sssd-conf"],
                }
            }
            augeas { "sssd-conf":
                changes => [
@ -113,7 +131,7 @@ class ldap::auth inherits ldap::client {
                ],
                incl    => "/etc/sssd/sssd.conf",
                lens    => "MySQL.lns",
-                before  => Service["sssd"],
+                notify  => Service["sssd"],
            }
            service { "sssd":
                ensure => running,