From 7b54ecfdf8396c62b16cf71c2ed7bb9817643cd7 Mon Sep 17 00:00:00 2001 From: Edvin Norlin Date: Wed, 6 Jul 2016 13:12:27 +0200 Subject: [PATCH 1/2] Removal of sss as standard on rhel7 sss shoulden't be forced to be installed by the users to run a standard rhel 7. Fix issue #42 RHEL7: sudoers and value sss --- manifests/init.pp | 14 +++++++------- spec/classes/init_spec.rb | 14 +++++++------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index f42f737..bfd5bee 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -63,17 +63,17 @@ } 'RedHat': { if $::operatingsystemmajrelease == '7' { - $default_passwd = 'files sss' - $default_sudoers = 'files sss' - $default_shadow = 'files sss' - $default_group = 'files sss' + $default_passwd = 'files' + $default_sudoers = 'files' + $default_shadow = 'files' + $default_group = 'files' $default_hosts = 'files dns myhostname' - $default_automount = 'files sss' - $default_services = 'files sss' + $default_automount = 'files' + $default_services = 'files' $default_bootparams = 'nisplus [NOTFOUND=return] files' $default_aliases = 'files nisplus' $default_publickey = 'nisplus' - $default_netgroup = 'files sss' + $default_netgroup = 'files' } else { $default_passwd = 'files' $default_sudoers = 'files' diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 6172ece..059840c 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -138,11 +138,11 @@ %{# This file is being maintained by Puppet. # DO NOT EDIT -passwd: files sss -shadow: files sss -group: files sss +passwd: files +shadow: files +group: files -sudoers: files sss +sudoers: files hosts: files dns myhostname @@ -152,10 +152,10 @@ networks: files protocols: files rpc: files -services: files sss -netgroup: files sss +services: files +netgroup: files publickey: nisplus -automount: files sss +automount: files aliases: files nisplus }) } From 4ff4a2490150025663834d137881836971ec0eac Mon Sep 17 00:00:00 2001 From: Edvin Norlin Date: Tue, 12 Jul 2016 10:07:15 +0200 Subject: [PATCH 2/2] Revrting sss for all standard rhel7 for all but sudo Since nsswitch ships with sss as standard on all but sudo. Seems that sudo isn't a part of nsswitch standard conf. --- manifests/init.pp | 12 ++++++------ spec/classes/init_spec.rb | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index bfd5bee..5a0fcf0 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -63,17 +63,17 @@ } 'RedHat': { if $::operatingsystemmajrelease == '7' { - $default_passwd = 'files' + $default_passwd = 'files sss' $default_sudoers = 'files' - $default_shadow = 'files' - $default_group = 'files' + $default_shadow = 'files sss' + $default_group = 'files sss' $default_hosts = 'files dns myhostname' - $default_automount = 'files' - $default_services = 'files' + $default_automount = 'files sss' + $default_services = 'files sss' $default_bootparams = 'nisplus [NOTFOUND=return] files' $default_aliases = 'files nisplus' $default_publickey = 'nisplus' - $default_netgroup = 'files' + $default_netgroup = 'files sss' } else { $default_passwd = 'files' $default_sudoers = 'files' diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 059840c..7e13af2 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -138,9 +138,9 @@ %{# This file is being maintained by Puppet. # DO NOT EDIT -passwd: files -shadow: files -group: files +passwd: files sss +shadow: files sss +group: files sss sudoers: files @@ -152,10 +152,10 @@ networks: files protocols: files rpc: files -services: files -netgroup: files +services: files sss +netgroup: files sss publickey: nisplus -automount: files +automount: files sss aliases: files nisplus }) }