root

pdk
root account module

Trey Dockendorf

treydock

5,664 downloads

773 latest version

5.0 quality score

Version information

  • 4.6.0 (latest)
  • 4.5.0
  • 4.4.0
  • 4.3.0
  • 4.2.0
  • 4.1.1
  • 4.1.0
  • 4.0.0
released Oct 26th 2020
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x
  • Puppet >= 5.0.0 < 7.0.0
  • RedHat
    ,
    CentOS

Start using this module

Tags: root

Documentation

treydock/root — version 4.6.0 Oct 26th 2020

puppet-root

Puppet Forge Build Status

Table of Contents

  1. Overview
  2. Usage - Configuration options
  3. Reference - Parameter and detailed reference to all options
  4. Limitations - OS compatibility, etc.
  5. Development - Guide for contributing to the module

Overview

This module manages the Linux root user.

Puppet 6 has soft dependencies on the following modules:

Usage

root

include ::root

Manage root and define mailaliases, ssh_authorized_keys and set a password.

root::mailaliases:
  - 'root@example.com'
root::password: '$1$Bp8B.dWo$DUVekjsAsU0ttWZmS37P5'
root::ssh_authorized_keys:
  - 'ssh-rsa somelonghash== user@fqdn'

Authorized keys can also be set using a hash.

root::ssh_authorized_keys:
  user@fqdn:
    type: 'ssh-rsa'
    key: 'somelonghash=='

To export a system's root RSA key

root::export_key: true

To collect exported root RSA keys from multiple tags

root::collect_exported_keys: true
root::collect_exported_keys_tags:
  - "${::domain}"
  - 'foo'

Add Kerberos principals to /root/.k5login:

root::kerberos_login_principals:
  - user1@EXAMPLE.COM
  - user2@EXAMPLE.COM

Add Kerberos principals and commands to /root/.k5users. Note that user3 and user4 will not have commands defined. The examples also illustrate defining commands as strings or arrays.

root::kerberos_users_commands:
  user1@EXAMPLE.COM:
    - /bin/systemctl
    - /bin/cat
  user2@EXAMPLE.COM: /bin/systemctl /bin/cat
  user3@EXAMPLE.COM: ''
  user4@EXAMPLE.COM: []

If a different module manages Kerberos for root, disable Kerberos in this module:

root::manage_kerberos: false

Set an automatic logout for idle interactive shells (in seconds):

root::logout_timeout: 600

Reference

http://treydock.github.io/puppet-module-root/

Limitations

This module has been tested on:

  • RedHat & CentOS 6 x86_64
  • RedHat & CentOS 7 x86_64

Development

Testing

Testing requires the following dependencies:

  • rake
  • bundler

Install gem dependencies

bundle install

Run unit tests

bundle exec rake test

If you have Vagrant >= 1.2.0 installed you can run system tests

bundle exec rake acceptance