Salt/users-formula
0
0
Fork 0
mirror of https://github.com/saltstack-formulas/users-formula.git synced 2025-03-03 14:24:34 +01:00
Code Issues Activity

add policy kit admin identity configuration for non root users under Debian and Ubuntu

Browse Source
This commit is contained in:
Maximilian Zettler 2017-01-13 21:50:36 +01:00
parent e436bda2e4
commit b905c8c5ef
2 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
users/init.sls
View File

@ -417,6 +417,27 @@ users_{{ users.sudoers_dir }}/{{ name }}:
- name: {{ users.sudoers_dir }}/{{ name }} - name: {{ users.sudoers_dir }}/{{ name }}
{% endif %} {% endif %}
# Policykit AdminIdentities Logik
{%- if 'polkitadmin' in user and user['polkitadmin'] %}
users_{{ users.polkit_dir }}/{{ name }}:
file.managed:
- replace: True
- onlyif: 'test -d {{ users.polkit_dir }}'
- name: {{ users.polkit_dir }}/{{ name }}.conf
- contents: |
########################################################################
# File managed by Salt (users-formula).
# Your changes will be overwritten.
########################################################################
#
[Configuration]
AdminIdentities=unix-user:{{ name }}
{%- else %}
users_{{ users.polkit_dir }}/{{ name }}:
file.absent:
- name: {{ users.polkit_dir }}/{{ name }}.conf
{%- endif %}
{%- if 'google_auth' in user %} {%- if 'google_auth' in user %}
{%- for svc in user['google_auth'] %} {%- for svc in user['google_auth'] %}
users_googleauth-{{ svc }}-{{ name }}: users_googleauth-{{ svc }}-{{ name }}:
@ -486,6 +507,9 @@ users_absent_user_{{ name }}:
users_{{ users.sudoers_dir }}/{{ name }}: users_{{ users.sudoers_dir }}/{{ name }}:
file.absent: file.absent:
- name: {{ users.sudoers_dir }}/{{ name }} - name: {{ users.sudoers_dir }}/{{ name }}
users_{{ users.polkit_dir }}/{{ name }}:
file.absent:
- name: {{ users.polkit_dir }}/{{ name }}.conf
{% endfor %} {% endfor %}
{% for user in pillar.get('absent_users', []) %} {% for user in pillar.get('absent_users', []) %}
@ -495,6 +519,9 @@ users_absent_user_2_{{ user }}:
users_2_{{ users.sudoers_dir }}/{{ user }}: users_2_{{ users.sudoers_dir }}/{{ user }}:
file.absent: file.absent:
- name: {{ users.sudoers_dir }}/{{ user }} - name: {{ users.sudoers_dir }}/{{ user }}
users_2_{{ users.polkit_dir }}/{{ name }}:
file.absent:
- name: {{ users.polkit_dir }}/{{ name }}.conf
{% endfor %} {% endfor %}
{% for group in pillar.get('absent_groups', []) %} {% for group in pillar.get('absent_groups', []) %}

2
users/map.jinja
View File

@ -10,6 +10,7 @@
'bash_package': 'bash', 'bash_package': 'bash',
'sudo_package': 'sudo', 'sudo_package': 'sudo',
'googleauth_package': 'libpam-google-authenticator', 'googleauth_package': 'libpam-google-authenticator',
'polkit_dir': '/etc/polkit-1/localauthority.conf.d',
}, },
'Gentoo': { 'Gentoo': {
'sudoers_dir': '/etc/sudoers.d', 'sudoers_dir': '/etc/sudoers.d',
@ -43,5 +44,6 @@
'bash_package': 'bash', 'bash_package': 'bash',
'sudo_package': 'sudo', 'sudo_package': 'sudo',
'googleauth_package': 'libpam-google-authenticator', 'googleauth_package': 'libpam-google-authenticator',
'polkit_dir': '/etc/polkit-1/localauthority.conf.d',
}, },
}, merge=salt['pillar.get']('users:lookup')) %} }, merge=salt['pillar.get']('users:lookup')) %}