ASDPLNG-80: Create puppet-profile_motd

2021-03-04 08:23:12 -06:00 · 2021-03-04 08:23:12 -06:00 · f91dc48802
commit f91dc48802
parent 7384f0857a
3 changed files with 2 additions and 55 deletions
--- a/1
+++ b/1
@ -16,6 +16,7 @@ mod 'ncsa/profile_allow_ssh_from_bastion', tag: 'v0.2.0', git: 'https://github.c
 # mod 'ncsa/profile_chrony', tag: 'v0.1.0', git: 'https://github.com/ncsa/puppet-profile_chrony'
 # mod 'ncsa/profile_email', tag: 'v0.1.0', git: 'https://github.com/ncsa/puppet-profile_email'
 # mod 'ncsa/profile_firewall', tag: 'v1.0.1', git: 'https://github.com/ncsa/puppet-profile_firewall'
+mod 'ncsa/profile_motd', tag: 'v0.1.0', git: 'https://github.com/ncsa/puppet-profile_motd'
 mod 'ncsa/profile_pam_access', tag: 'v0.0.4', git: 'https://github.com/ncsa/puppet-profile_pam_access'
 # mod 'ncsa/profile_puppet_master', tag: 'v0.1.0', git: 'https://github.com/ncsa/puppet-profile_puppet_master'
 mod 'ncsa/profile_sudo', tag: 'v0.1.1', git: 'https://github.com/ncsa/puppet-profile_sudo'
--- a/site-modules/profile/manifests/base.pp
+++ b/site-modules/profile/manifests/base.pp
@ -5,10 +5,10 @@ class profile::base {
  include ::profile_additional_yumrepos
  include ::profile_allow_ssh_from_bastion
 #  include ::profile_email
+  include ::profile_motd
  include ::profile_pam_access
  include ::profile_sudo
 #  include ::profile_timezone
-#  include ::profile::sssd
  include ::profile_system_auth
  include ::profile_virtual
  include ::sshd
--- a/site-modules/profile/manifests/sssd.pp
+++ b/site-modules/profile/manifests/sssd.pp
@ -1,54 +0,0 @@
-# Configure SSSD for use with LDAP and Kerberos
-#
-# @summary Configure SSSD for use with LDAP and Kerberos
-# Requires ncsa/sssd and bodgit/sssd as dependancy. 
-#
-# @example
-#   include profile::sssd
-class profile::sssd (
-    # PARAMETERS: general
-    Boolean       $enablemkhomedir,
-    Array[String] $authconfig_pkgs,
-    #String        $cacert-content,
-    #String        $cacert-file-path,
-
-) {
-
-    # INSTALL INCOMMON ROOT CA
-    # TODO - make this a paramter, then use a hiera interpolation lookup in hiera
-    #file { ${cacert-file-path} :
-    #    content => "${cacert-content}",
-    #    mode   => '0444',
-    #    before => Service['sssd'],
-    #}
-
-    include ::sssd
-
-    # ENABLE MKHOMEDIR (create homedir on first login)
-    ensure_packages( $authconfig_pkgs )
-    # create appropriate args
-    if $enablemkhomedir {
-        $authconfig_args = ['--enablemkhomedir', '--enablesssd', '--enablesssdauth']
-    }
-    else {
-        $authconfig_args = ['--disablemkhomedir', '--enablesssd', '--enablesssdauth']
-    }
-    $authconfig_args_f = join($authconfig_args, ' ')
-    # run authconfig
-    exec { 'enablesssdauth':
-        path    => '/bin/:/sbin/:/usr/bin/:/usr/sbin/',
-        onlyif  => 'test `grep -i "SSSD" /etc/sysconfig/authconfig | grep "=yes" | wc -l` -lt 2',
-        command => "authconfig ${authconfig_args_f} --updateall", # should we just be using '--update'?
-    }
-
-    # ENSURE SSSD SERVICE IS RESTARTED IF/WHEN ANY KRB5 CFG FILES CHANGE
-#    $krb_cfgfile_data = lookup( 'system_authnz::kerberos::cfg_file_settings',
-#                                Hash,
-#                                'hash' )
-#    # setup a "notify" relationship from filename to service
-#    $krb_cfgfile_data.each() | $filename, $junk | {
-#        File[ $filename ] ~> Class[ '::sssd::service' ]
-#    }
-
-}
-