Added support for OpenBSD and added initial version of krb5.conf template.

2009-09-04 00:26:24 +03:00 · 2009-09-04 00:26:24 +03:00 · d5a361c764
commit d5a361c764
parent b4ce8a5313
2 changed files with 74 additions and 7 deletions
--- a/kerberos/manifests/init.pp
+++ b/kerberos/manifests/init.pp
@ -9,11 +9,16 @@ class kerberos::client {
 	}
    }

-    file { "/etc/krb5.conf":
-	ensure => present,
-	mode   => 0644,
-	owner  => root,
-	group  => $operatingsystem ? {
+    file { "krb5.conf":
+	path    => $operatingsystem ? {
+	    openbsd => "/etc/kerberosV/krb5.conf",
+	    default => "/etc/krb5.conf",
+	},
+	ensure  => present,
+	content => template("kerberos/krb5.conf.erb"),
+	mode    => 0644,
+	owner   => root,
+	group   => $operatingsystem ? {
 	    openbsd => wheel,
 	    default => root,
 	},
@ -31,14 +36,47 @@ class kerberos::server inherits kerberos::client {
 }


-define kerberos::keytab($principals = [], $ensure = present, $owner = "root", $group = "root", $mode = "0600") {
+# Create keytab file.
+#
+# === Parameters
+#
+#   $name:
+#       Keytab file path.
+#   $principals:
+#	List of principals to be added into keytab
+#   $ensure:
+#	Set to present to create keytab and absent to remove it
+#   $owner:
+#	Owner for keytab file
+#   $group:
+#	Group for keytab file
+#   $mode:
+#	Permissions for keytab file
+#
+# === Sample usage
+#
+# kerberos::keytab { "/etc/krb5.keytab":
+#     ensure     => present,
+#     principals => [ "testhost.foo.sh@FOO.SH" ],
+# }
+#
+define kerberos::keytab($principals = [], $ensure = present, $owner = "root", $group = "", $mode = "0600") {
+
+    case $group {
+	"": {
+	    case $operatingsystem {
+		openbsd: { $real_group = "wheel" }
+		default: { $real_group = "root" }
+	    }
+	}
+    }

    file { "${name}":
 	ensure  => $ensure,
 	content => template("kerberos/keytab.erb"),
 	mode    => "${mode}",
 	owner   => "${owner}",
-	group   => "${group}",
+	group   => "${real_group}",
    }

 }