Showing with 484 additions and 6 deletions.
  1. +1 −1 Modulefile
  2. +1 −0 README.md
  3. +119 −3 manifests/init.pp
  4. +1 −1 metadata.json
  5. +343 −1 spec/classes/init_spec.rb
  6. +10 −0 templates/login.suse12.erb
  7. +9 −0 templates/sshd.suse12.erb
2 changes: 1 addition & 1 deletion Modulefile
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name 'ghoneycutt-pam'
version '2.8.0'
version '2.9.0'
source 'git://github.com/ghoneycutt/puppet-module-pam.git'
author 'ghoneycutt'
license 'Apache License, Version 2.0'
Expand Down
1 change: 1 addition & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ This module has been tested to work on the following systems using Puppet v3 wit
* Suse 9
* Suse 10
* Suse 11
* Suse 12
* Ubuntu 12.04 LTS

===
Expand Down
122 changes: 119 additions & 3 deletions manifests/init.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -247,7 +247,6 @@
'session required pam_unix2.so']
}
}

'11': {
$default_pam_d_login_template = 'pam/login.suse11.erb'
$default_pam_d_sshd_template = 'pam/sshd.suse11.erb'
Expand Down Expand Up @@ -287,8 +286,47 @@
'session optional pam_umask.so']
}
}
'12': {
$default_pam_d_login_template = 'pam/login.suse12.erb'
$default_pam_d_sshd_template = 'pam/sshd.suse12.erb'
$default_package_name = 'pam'

if $ensure_vas == 'present' {
$default_pam_auth_lines = [ 'auth required pam_env.so',
'auth sufficient pam_vas3.so create_homedir get_nonvas_pass',
'auth requisite pam_vas3.so echo_return',
'auth required pam_unix2.so use_first_pass']

$default_pam_account_lines = [ 'account sufficient pam_vas3.so',
'account requisite pam_vas3.so echo_return',
'account required pam_unix2.so']

$default_pam_password_lines = [ 'password sufficient pam_vas3.so',
'password requisite pam_vas3.so echo_return',
'password requisite pam_pwcheck.so nullok cracklib',
'password required pam_unix2.so use_authtok nullok']

$default_pam_session_lines = [ 'session required pam_limits.so',
'session required pam_vas3.so create_homedir',
'session requisite pam_vas3.so echo_return',
'session required pam_unix2.so',
'session optional pam_umask.so']
} else {
$default_pam_auth_lines = [ 'auth required pam_env.so',
'auth required pam_unix2.so']

$default_pam_account_lines = [ 'account required pam_unix2.so']

$default_pam_password_lines = [ 'password required pam_pwcheck.so nullok cracklib',
'password required pam_unix2.so nullok use_authtok']

$default_pam_session_lines = [ 'session required pam_limits.so',
'session required pam_unix2.so',
'session optional pam_umask.so']
}
}
default: {
fail("Pam is only supported on Suse 10 and 11. Your lsbmajdistrelease is identified as <${::lsbmajdistrelease}>.")
fail("Pam is only supported on Suse 10, 11, and 12. Your lsbmajdistrelease is identified as <${::lsbmajdistrelease}>.")
}
}
}
Expand Down Expand Up @@ -805,8 +843,86 @@
require => Package[$my_package_name],
}
}
'12': {

file { 'pam_common_auth_pc':
ensure => file,
path => $common_auth_pc_file,
content => template('pam/common-auth-pc.erb'),
owner => 'root',
group => 'root',
mode => '0644',
require => Package[$my_package_name],
}

file { 'pam_common_account_pc':
ensure => file,
path => $common_account_pc_file,
content => template('pam/common-account-pc.erb'),
owner => 'root',
group => 'root',
mode => '0644',
require => Package[$my_package_name],
}

file { 'pam_common_password_pc':
ensure => file,
path => $common_password_pc_file,
content => template('pam/common-password-pc.erb'),
owner => 'root',
group => 'root',
mode => '0644',
require => Package[$my_package_name],
}

file { 'pam_common_session_pc':
ensure => file,
path => $common_session_pc_file,
content => template('pam/common-session-pc.erb'),
owner => 'root',
group => 'root',
mode => '0644',
require => Package[$my_package_name],
}

file { 'pam_common_session':
ensure => symlink,
path => $common_session_file,
target => $common_session_pc_file,
owner => 'root',
group => 'root',
require => Package[$my_package_name],
}

file { 'pam_common_password':
ensure => symlink,
path => $common_password_file,
target => $common_password_pc_file,
owner => 'root',
group => 'root',
require => Package[$my_package_name],
}

file { 'pam_common_account':
ensure => symlink,
path => $common_account_file,
target => $common_account_pc_file,
owner => 'root',
group => 'root',
require => Package[$my_package_name],
}

file { 'pam_common_auth':
ensure => symlink,
path => $common_auth_file,
target => $common_auth_pc_file,
owner => 'root',
group => 'root',
require => Package[$my_package_name],
}
}
default : {
fail("Pam is only supported on Suse 9, 10 and 11. Your lsbmajdistrelease is identified as <${::lsbmajdistrelease}>.")
fail("Pam is only supported on Suse 9, 10, 11 and 12. Your lsbmajdistrelease is identified as <${::lsbmajdistrelease}>.")
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "ghoneycutt-pam",
"version": "2.8.0",
"version": "2.9.0",
"author": "ghoneycutt",
"summary": "Manage PAM",
"license": "Apache License, Version 2.0",
Expand Down
Loading