pam

A Puppet module for managing PAM

Johan Lyheden

jpl

8,875 downloads

8,223 latest version

4.6 quality score

Version information

  • 0.2.0 (latest)
  • 0.1.0
released Sep 21st 2015
This version is compatible with:
  • Debian
    ,
    Ubuntu

Start using this module

Tags: pam

Documentation

jpl/pam — version 0.2.0 Sep 21st 2015

Module: pam

Build Status

This is the Puppet module for managing PAM - Pluggable Authentication Module.

Dependencies

Usage: pam

The base pam module is not particularly useful, it ensures that the base pam packages are installed - which they are by default anyway.

include pam

Usage: pam ldap

To install the ldap pam packages and enable them in the system pam configuration section:

include pam::ldap

Usage: pam mkhomedir

To enable automatic creation of user home directories:

include pam::mkhomedir

Custom settings can be provided for umask and skeleton directory:

class { 'pam::mkhomedir':
    ensure => present,
    umask  => '0022',
    skel   => '/etc/skel'
}

Usage: pam access

To control server access via the PAM access module:

include pam::access

Custom settings can be applied, like delimiter character (which is useful when handling groups with whitespaces - Domain Admins for example), and other settings. See access.pp for details:

class { 'pam::access':
    ensure     => present,
    accessfile => '/etc/security/access.conf',
    debug      => true,
    listsep    => ',',
}

To manage individual access entries in access.conf:

pam::access::entry { 'allow_domain_users_group':
    ensure      => present,
    object      => 'Domain Users',
    object_type => 'group',
    permission  => 'allow',
    origins     => 'ALL',
}