Imran Iqbal
984317fca1
Use contents_pillar to work with multiple-line authorized_keys file
2016-07-03 16:36:07 +01:00
adnanJP
8aa062c08e
Properly handle dependencies on ssh_auth when home is not create with the formula.
2016-07-01 08:20:20 +02:00
Raphaël Hertzog
cf122d1bd6
Create a system usergroup if user is a system user
...
If the user to be created is a system user, it makes no sense to create
him a primary group which is not a system group too.
2016-06-22 12:08:39 +02:00
Imran Iqbal
846634bfd7
Resolve `git.config` error where minion does not have Git installed #115
2016-06-09 09:13:32 +01:00
Ion Dulgheru
78914053ae
also load ssh keys from pillar data
2016-02-02 15:58:39 +02:00
Leif Ringstad
90021bf848
Use the primary group for the user when creating authorized_keys
...
If a primary group is set on the user, and a authorized_keys is provied in ssh_auth_file, the formula fails. This solves that by using the user_group set earlier in the formula
2015-12-15 21:21:00 +01:00
root
3760fea1f5
Mitigate Salt issue #29004 , fixes "expire" on *BSD
...
Unreasonable values for 'expire' (after 9999-12-31
on Linux, before 1975-01-01 on *BSD) get divided
by 86400 (number of seconds in a day) when too big
or multiplied by 86400 when too small.
Tested on CentOS 6 (Salt 2015.5.5) and FreeBSD 10.2
(Salt 2015.8.0) with following values:
- 24854 (2038-01-18 in days since epoch)
- 157766400 (1975-01-01 00:00:00 UTC in seconds since epoch)
- 3313526400 (2075-01-01 00:00:00 UTC in seconds since epoch)
- 16000 (2013-10-22 in days since epoch)
- 18000 (2019-04-14 in days since epoch)
(Sponsored by av.tu-berlin.de and fokus.fraunhofer.de)
2015-11-18 16:13:55 +01:00
Forrest
76f646ec06
Merge pull request #87 from smlloyd/master
...
Don't add sudo group by default.
2015-11-13 12:35:08 -08:00
outime
965372d0d2
Changed 'empty_password' key retrieval method
2015-09-27 18:59:09 +02:00
outime
441d3cb635
Fixed typo and 'empty_password' key check
2015-09-27 17:46:29 +02:00
outime
851a59e952
Adds 'empty_password' statement for states.user.present
2015-09-27 16:20:45 +02:00
Serg Kand
819d73a596
changing visudo checking to avoid wrong reporting when launched with test=true
2015-09-20 16:21:34 +03:00
Heinz Wiesinger
221f1ccef4
Fix minor bug for ssh known_hosts management with salt >= 2015.5.5.
...
This version complains that "argument port can not be used in
conjunction with argument hash_hostname", so add hash_hostname
to the fields we handle in the formula so we can override it
if needed.
2015-09-17 10:04:38 +02:00
maschinetheist
f087f165f3
Added ability to specify room number, home phone, and work phone as per https://docs.saltstack.com/en/develop/ref/states/all/salt.states.user.html
2015-09-12 16:22:42 -05:00
Heinz Wiesinger
452b8ee8cf
Add possibility to manage the user's global git configuration.
2015-09-11 13:25:19 +02:00
Heinz Wiesinger
74d5f6cc3c
Add possibility to manage ssh's known_hosts file.
2015-08-28 11:49:38 +02:00
Shane Poage
b986e1e7f2
Skips user if it's enabled without a specified source, and their directory does not exist.
2015-08-21 20:03:20 -05:00
Shane Poage
cdb862e968
Added feature to allow syncing arbitrary sets of files per user.
2015-08-21 15:42:25 -05:00
Shane Poage
a0d7d9fa6e
Fixed indentation in key contents for authorized_keys
2015-08-21 11:20:07 -05:00
Shane Poage
ff189c1613
Added ability to provide pillar path for ssh_auth.
2015-08-21 05:17:49 -05:00
Florian Ermisch
99a1a66010
break some of those horribly long lines
...
sry, could not resist.
2015-08-18 16:27:25 +02:00
Florian Ermisch
17cc04c041
iteritems() -> items() for python3
2015-08-18 16:12:36 +02:00
Simon Lloyd
60e94564d1
Don't add sudo group by default.
...
This formula doesn't really require the sudo group (unless
there are actually users in that group). Moreover, on FreeBSD
the 'admin' group would be wheel and not sudo.
2015-08-13 23:57:09 +02:00
Thibault Cohen
3df9d8ae21
Add missing ssh_config test to create .ssh folder
2015-08-04 01:08:28 -04:00
puneet kandhari
ba11c68c24
Revert "@XenophonF made me do it"
...
This reverts commit a0392693e3
.
2015-07-27 12:50:49 -05:00
puneet kandhari
a0392693e3
@XenophonF made me do it
2015-07-27 12:45:56 -05:00
Matthew X. Economou
c201269d1d
Do not escape value of `enforce_password`
...
Fixes #82 .
2015-07-27 11:13:11 -04:00
puneet kandhari
0e72cc20b9
Merge pull request #77 from irtnog/add-managed-file-permissions-to-ssh_keys_pillar-states
...
Rework ssh_keys_pillar-related states
2015-07-25 15:32:33 -05:00
Seth Miller
7dca1ebfd2
Adding support for the enforce_password option.
...
This will allow users change their passwords after the initial setting in Salt.
2015-07-17 10:18:38 -05:00
Cole Kowalski
7dda5571db
the user's .ssh directory should be created if ssh_auth_file is supplied
2015-07-16 15:23:43 -04:00
Matthew X. Economou
2f4c088e5d
Rework ssh_keys_pillar-related states
...
SSH key pairs deployed via the user's ssh_keys_pillar dict aren't
handled the same as the user's ssh_keys, e.g., file ownership and
permissions aren't specified, and the keying material gets copied
directly into the SLS file. This change rewrites the two templated
file.managed states to behave as follows:
- set the files' owner to be the user
- set the files' group to be the user's primary group
- for the public key, set the mode to 644 (u=rw,go=r)
- for the private key, set the mode to 600 (u=rw,g=)
- pull the files' contents directly from pillar
2015-07-13 15:22:45 -04:00
René Jochum
a1d6591447
Fix users/init.sls.
...
Signed-off-by: René Jochum <rene@jochums.at>
2015-07-13 13:51:02 +02:00
René Jochum
2c4ed3edc9
Merge branch 'master' of github.com:pcdummy/saltstack-users-formula
...
Signed-off-by: René Jochum <rene@jochums.at>
Conflicts:
pillar.example
users/init.sls
2015-07-13 13:27:27 +02:00
René Jochum
00cc889683
Fix some smaller bugs.
...
Signed-off-by: René Jochum <rene@jochums.at>
2015-07-11 10:35:15 +02:00
Bohdan Kmit
a467d2a80f
fix permission of GA config file
2015-07-01 18:39:53 +03:00
Sander Klein
3a8d72b947
Add "Do Not Edit" part
2015-05-16 09:56:20 +02:00
Sander Klein
57c82f3324
Add ~/.ssh/config management
...
This adds the ability to manage the ~/.ssh/config file for users.
2015-05-15 21:47:40 +02:00
Florian Bittner
701326e23f
Add prefix 'users_' to all first level keys to prevent duplicate ids (e.g. in combination with zabbix-formula and key zabbis_user).
2015-05-07 00:07:06 +02:00
Alex Ciobica
031d6ce81f
Add pulling keys from other pillar.
...
Example pillar:
ssh_keys:
id_rsa:
privkey: |
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2HcWUVBgh+vY
U7sCwx/dH6+VvNwmCoqmNnP+8gTPKGl1vgAObJAnMT623dMXjVKwnEagZPRJIxDy
B/HaAre9euNiY3LvIzBTWRSeMfT+rWvIKVBpvwlgGrfgz70m0pqxu+UyFbAGLin+
GpxzZAMaFpZw4sSbIlRuissXZj/sHpQb8p9M5IeO4Z3rjkCP1cxI
-----END RSA PRIVATE KEY-----
pubkey: |
ssh-rsa MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2H....
2015-05-01 18:48:28 +03:00
tiger-seo
1546e2d186
possibility to define user-specific Defaults
2015-04-06 22:34:59 +03:00
Andrew Vant
1f80412da8
Added option to source ssh public keys from files.
2015-04-02 13:01:30 -04:00
root
d416b6d839
Move ssh_auth_file key processing to before ssh_auth key to extend instead of overwrite functionality.
2015-03-13 13:32:39 +01:00
René Jochum
c1b383d78b
Add ability to create system users.
2015-03-12 23:27:31 +01:00
root
fdc2fc2dfc
Add 'ssh_auth_file' pillar key to generate an authorized_keys file from given ssh public keys.
2015-02-12 23:09:56 +01:00
René Jochum
6ca7aa0078
Remove leading whitespaces.
2015-01-23 20:52:14 +01:00
Bohdan Kmit
89d6672887
google auth package and config installation
2015-01-14 17:25:17 +00:00
Thomas Juberg
7aa32881b7
Clean up logic check to remove redundant check.
2014-12-31 09:46:03 +01:00
Thomas Juberg
518b06281a
If createhome is set to false, don't touch the home directory or its
...
permissions.
2014-12-22 14:32:41 +01:00
Thomas Juberg
e35045801c
Add support for setting user expire
2014-12-22 14:22:46 +01:00
Tim Jones
add153e060
Allow '!' prefix in password for locked\disabled accounts.
...
Signed-off-by: Tim Jones <me@prototim.com>
2014-12-17 22:57:54 +01:00