Puppet Class: centrify::config

Defined in:
manifests/config.pp

Overview

Class centrify::config

This class is called from centrify for service config.



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'manifests/config.pp', line 5

class centrify::config {
  $_allow_users         = $::centrify::allow_users
  $_allow_groups        = $::centrify::allow_groups
  $_deny_users          = $::centrify::deny_users
  $_deny_groups         = $::centrify::deny_groups

  file { 'centrifydc_config':
    ensure => file,
    path   => $::centrify::dc_config_file,
    owner  => 'root',
    group  => 'root',
    mode   => '0644',
  }

  file { 'centrifydc_sshd_config':
    ensure => $::centrify::sshd_config_ensure,
    path   => $::centrify::sshd_config_file,
    owner  => 'root',
    group  => 'root',
    mode   => '0600',
  }

  if $_allow_users {
    file { 'allow_users_file':
      ensure  => file,
      path    => $::centrify::allow_users_file,
      owner   => 'root',
      group   => 'root',
      mode    => '0644',
      content => inline_template('<% @_allow_users.sort.each { |user|%><%= user + "\n" %><% } %>'),
    }->
    centrifydc_line {'pam.allow.users':
      ensure => present,
      value  => "file:${::centrify::allow_users_file}",
    }
  }

  if $_allow_groups {
    file { 'allow_groups_file':
      ensure  => file,
      path    => $::centrify::allow_groups_file,
      owner   => 'root',
      group   => 'root',
      mode    => '0644',
      content => inline_template('<% @_allow_groups.sort.each { |group|%><%= group + "\n" %><% } %>'),
    }->
    centrifydc_line {'pam.allow.groups':
      ensure => present,
      value  => "file:${::centrify::allow_groups_file}",
    }
  }

  if $_deny_users {
    file { 'deny_users_file':
      ensure  => file,
      path    => $::centrify::deny_users_file,
      owner   => 'root',
      group   => 'root',
      mode    => '0644',
      content => inline_template('<% @_deny_users.sort.each { |user|%><%= user + "\n" %><% } %>'),
    }->
    centrifydc_line {'pam.deny.users':
      ensure => present,
      value  => "file:${::centrify::deny_users_file}",
    }
  }

  if $_deny_groups {
    file { 'deny_groups_file':
      ensure  => file,
      path    => $::centrify::deny_groups_file,
      owner   => 'root',
      group   => 'root',
      mode    => '0644',
      content => inline_template('<% @_deny_groups.sort.each { |group|%><%= group + "\n" %><% } %>'),
    }->
    centrifydc_line {'pam.deny.groups':
      ensure => present,
      value  => "file:${::centrify::deny_groups_file}",
    }
  }
}