On Jan 27, 2011, at 3:16 PM, Matthew Ceroni wrote:
> I am using augeas to update the PAM configuration (ie: to LDAP enable my
> systems).
>
> …
>
> My question is, is there a simpler way to do what I am doing. Meaning can I
> combine all these seperate calls into one?
You didn’t say what OS this is for, but if it happens to be RHEL or CentOS,
there’s a much easier way.
# configure PAM for LDAP
augeas { "authconfig":
require => Augeas["ldapauth"],
context => "/files/etc/sysconfig/authconfig",
changes => [
"set USELDAP yes",
"set USELDAPAUTH yes",
"set USEMKHOMEDIR yes",
"set USELOCAUTHORIZE yes”,
],
}
exec { "authconfig":
path => "/usr/bin:/usr/sbin:/bin",
command => "authconfig --updateall",
subscribe => Augeas["authconfig"],
refreshonly => true,
}
Of course you need to do a lot of other things as well (install packages,
configure /etc/ldap.conf, distribute CA certs), but this covers the PAM stuff.
The Augeas[“ldapauth”] line refers to /etc/ldap.conf, which Augeas can also
manage.
If you’re on a different OS, let me know and I’ll see if there’s a simpler way
to do the PAM stuff.
--
Rob McBroom
<http://www.skurfer.com/>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
