[MediaWiki-commits] [Gerrit] ldap: group sudo-ldap settings and comment them - change (operations/puppet)

Wed, 21 Oct 2015 07:20:14 -0700 

Alexandros Kosiaris has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/247838

Change subject: ldap: group sudo-ldap settings and comment them
......................................................................

ldap: group sudo-ldap settings and comment them

Have all sudo-ldap settings present in /etc/ldap/ldap.conf together and
comment them accordingly

Change-Id: I08016b3d736a8f662ecacb7a7b141cd610889835
---
M modules/ldap/templates/open_ldap.erb
1 file changed, 3 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/38/247838/1

diff --git a/modules/ldap/templates/open_ldap.erb 
b/modules/ldap/templates/open_ldap.erb
index 0eed249..9d8283f 100644
--- a/modules/ldap/templates/open_ldap.erb
+++ b/modules/ldap/templates/open_ldap.erb
@@ -1,8 +1,10 @@
 BASE            <%= @ldapconfig["basedn"] %>
 URI             <% @ldapconfig["servernames"].each do |servername| 
-%>ldap://<%= servername %>:389 <% end -%>
-# The next 2 settings are not honored by OpenLDAP but are honored by sudo-ldap 
and /etc/sudo-ldap.conf is a symlink to /etc/ldap/ldap.conf
+
+# The next settings are not honored by OpenLDAP but are honored by sudo-ldap 
and /etc/sudo-ldap.conf is a symlink to /etc/ldap/ldap.conf
 BINDDN          cn=proxyagent,ou=profile,<%= @ldapconfig["basedn"] %>
 BINDPW          <%= @ldapconfig["proxypass"] %>
+<% if @ldapincludes.include?('sudo') then %>SUDOERS_BASE    <%= 
@ldapconfig["sudobasedn"] %><% end -%>
 
 SSL             start_tls
 TLS_CHECKPEER   yes
@@ -10,4 +12,3 @@
 TLS_CACERTDIR   /etc/ssl/certs
 TLS_CACERTFILE  /etc/ssl/certs/<%= @ldapconfig["ca"] %>
 TLS_CACERT      /etc/ssl/certs/<%= @ldapconfig["ca"] %>
-<% if @ldapincludes.include?('sudo') then %>SUDOERS_BASE    <%= 
@ldapconfig["sudobasedn"] %><% end %>

-- 
To view, visit https://gerrit.wikimedia.org/r/247838
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I08016b3d736a8f662ecacb7a7b141cd610889835
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Alexandros Kosiaris <akosia...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to