Hi all,
Now, I know this question has probably been answered before, but could
you please answer it again?
I have this setup where I want to build a list of allowed login groups
for PAM based on their place in the node inheritance chain.
I have created a class which takes an array as a parameter and simply
writes this array to a text file (/etc/login.groups.allow). I want to
build this array as the interpreter steps down the inheritance chain
from the default node which starts with the "root" group.
Here's an example (default node at the bottom):
node "some.client" inherits clients { }
node "clients" inherits default {
# add the clients group
....
}
node "login-server" inherits servers {
# add the clients group
}
node "normal-server" inherits servers { }
node "servers" inherits default {
# add the serveradmins group
....
}
node default {
# start off with the root group
}
So, every client should end up with a file containing "root" and
"clients", every server should end up with a file containing "root"
and "serveradmins" and the login-server should have "root",
"serveradmins" and "clients".
This is the class which shall receive the final list of groups:
class login_groups ($logingroups) {
file { "/etc/login.groups.allow":
owner => root,
group => root,
mode => 600,
content => template("login_groups/
login.groups.allow.erb"),
}
}
This is the template:
<% logingroups.each do |val| -%>
<%= val %>
<% end -%>
Is there any way of doing this or should I just give up on the idea? I
have done much searching and reading, but cannot find a suitable way
of solving this problem.
Thanks,
Tor Martin.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
