Commit Graph

103 Commits

Author SHA1 Message Date
Niels Abspoel e5e9cd8fcf Merge pull request #156 from qno/master
fixed insertion of multiple authorized keys via ssh_auth_pillar
2017-09-22 20:03:40 +02:00
Silvio Kunaschk 23c5df2130 fixed insertion of multiple authorized keys via ssh_auth_pillar 2017-07-09 16:06:17 +02:00
Ashok Raja R 8f4bbf58f1 Fixing Conflicting ID
Fixing my previous change which errors in a particular scenario.

Error: Conflicting ID 'users_ssh_auth_source_username_0' when keys are added and removed simultaneously.
2017-07-07 22:51:48 +05:30
Ashok Raja 9c6e829e1e Replace periods in username with underscores
Fixing the conflict and sending a new pull request

Fixes #118
Duplicate of #120
2017-06-16 13:18:18 +05:30
Ashok Raja 29d7176040 Add support for ssh_auth_sources.absent
Fixes: 150
2017-06-12 16:50:12 +05:30
Maximilian Zettler 8c6bbafd9b add ability to configure prime_group without gid (#141)
* add ability to configure prime_group without gid
2017-02-02 21:03:36 +00:00
Sonia Hamilton e81f6e695c temp fix on git executable 2016-12-08 03:29:03 +00:00
Fabian Niepelt 153d07452c Add support for hash_password 2016-12-01 16:59:51 +01:00
Matthias Nüssle 0d7ca5728c fix wrong variable name in absent_users 2016-11-30 16:33:38 +01:00
Karsten Kosmala 5985275022 Merge branch 'master' of https://github.com/saltstack-formulas/users-formula 2016-11-29 16:15:16 +01:00
Niels Abspoel 15ce6493cc fix warning on managed file state for /etc/sudoers.d/username 2016-08-30 17:36:29 +02:00
Eric Veiras Galisson 57fce16643 fixing removing of users based on pillar['absent_users'], fix #126 2016-08-10 10:32:46 +02:00
jraby 5538eb18ab Support for optional_groups 2016-08-05 14:05:12 -04:00
Wolodja Wentland 4caa3f8d4b Merge pull request #121 from tomduijf/master
Keep existing user's home and shell unless explicitly defined
2016-07-04 19:34:25 +02:00
Imran Iqbal b94514529d Display "managed by Salt" header in user sudoers files 2016-07-03 16:38:02 +01:00
Imran Iqbal 984317fca1 Use contents_pillar to work with multiple-line authorized_keys file 2016-07-03 16:36:07 +01:00
adnanJP 8aa062c08e Properly handle dependencies on ssh_auth when home is not create with the formula. 2016-07-01 08:20:20 +02:00
Tom Duijf 2ac21426af use already available home variable for user's ssh-key configuration 2016-06-23 21:19:17 +02:00
Raphaël Hertzog cf122d1bd6 Create a system usergroup if user is a system user
If the user to be created is a system user, it makes no sense to create
him a primary group which is not a system group too.
2016-06-22 12:08:39 +02:00
Karsten Kosmala c9fecc1d96 renamed variables 2016-06-13 17:24:43 +02:00
Karsten Kosmala fa02b954a5 set user and group of user dir in pillar 2016-06-13 17:24:43 +02:00
Imran Iqbal 846634bfd7 Resolve `git.config` error where minion does not have Git installed #115 2016-06-09 09:13:32 +01:00
Ion Dulgheru 78914053ae also load ssh keys from pillar data 2016-02-02 15:58:39 +02:00
Leif Ringstad 90021bf848 Use the primary group for the user when creating authorized_keys
If a primary group is set on the user, and a authorized_keys is provied in ssh_auth_file, the formula fails. This solves that by using the user_group set earlier in the formula
2015-12-15 21:21:00 +01:00
root 3760fea1f5 Mitigate Salt issue #29004, fixes "expire" on *BSD
Unreasonable values for 'expire' (after 9999-12-31
on Linux, before 1975-01-01 on *BSD) get divided
by 86400 (number of seconds in a day) when too big
or multiplied by 86400 when too small.

Tested on CentOS 6 (Salt 2015.5.5) and FreeBSD 10.2
(Salt 2015.8.0) with following values:

  - 24854 (2038-01-18 in days since epoch)
  - 157766400 (1975-01-01 00:00:00 UTC in seconds since epoch)
  - 3313526400 (2075-01-01 00:00:00 UTC in seconds since epoch)
  - 16000 (2013-10-22 in days since epoch)
  - 18000 (2019-04-14 in days since epoch)

(Sponsored by av.tu-berlin.de and fokus.fraunhofer.de)
2015-11-18 16:13:55 +01:00
Forrest 76f646ec06 Merge pull request #87 from smlloyd/master
Don't add sudo group by default.
2015-11-13 12:35:08 -08:00
outime 965372d0d2 Changed 'empty_password' key retrieval method 2015-09-27 18:59:09 +02:00
outime 441d3cb635 Fixed typo and 'empty_password' key check 2015-09-27 17:46:29 +02:00
outime 851a59e952 Adds 'empty_password' statement for states.user.present 2015-09-27 16:20:45 +02:00
Serg Kand 819d73a596 changing visudo checking to avoid wrong reporting when launched with test=true 2015-09-20 16:21:34 +03:00
Heinz Wiesinger 221f1ccef4 Fix minor bug for ssh known_hosts management with salt >= 2015.5.5.
This version complains that "argument port can not be used in
conjunction with argument hash_hostname", so add hash_hostname
to the fields we handle in the formula so we can override it
if needed.
2015-09-17 10:04:38 +02:00
maschinetheist f087f165f3 Added ability to specify room number, home phone, and work phone as per https://docs.saltstack.com/en/develop/ref/states/all/salt.states.user.html 2015-09-12 16:22:42 -05:00
Heinz Wiesinger 452b8ee8cf Add possibility to manage the user's global git configuration. 2015-09-11 13:25:19 +02:00
Heinz Wiesinger 74d5f6cc3c Add possibility to manage ssh's known_hosts file. 2015-08-28 11:49:38 +02:00
Shane Poage b986e1e7f2 Skips user if it's enabled without a specified source, and their directory does not exist. 2015-08-21 20:03:20 -05:00
Shane Poage cdb862e968 Added feature to allow syncing arbitrary sets of files per user. 2015-08-21 15:42:25 -05:00
Shane Poage a0d7d9fa6e Fixed indentation in key contents for authorized_keys 2015-08-21 11:20:07 -05:00
Shane Poage ff189c1613 Added ability to provide pillar path for ssh_auth. 2015-08-21 05:17:49 -05:00
Florian Ermisch 99a1a66010 break some of those horribly long lines
sry, could not resist.
2015-08-18 16:27:25 +02:00
Florian Ermisch 17cc04c041 iteritems() -> items() for python3 2015-08-18 16:12:36 +02:00
Simon Lloyd 60e94564d1 Don't add sudo group by default.
This formula doesn't really require the sudo group (unless
there are actually users in that group). Moreover, on FreeBSD
the 'admin' group would be wheel and not sudo.
2015-08-13 23:57:09 +02:00
Thibault Cohen 3df9d8ae21 Add missing ssh_config test to create .ssh folder 2015-08-04 01:08:28 -04:00
puneet kandhari ba11c68c24 Revert "@XenophonF made me do it"
This reverts commit a0392693e3.
2015-07-27 12:50:49 -05:00
puneet kandhari a0392693e3 @XenophonF made me do it 2015-07-27 12:45:56 -05:00
Matthew X. Economou c201269d1d Do not escape value of `enforce_password`
Fixes #82.
2015-07-27 11:13:11 -04:00
puneet kandhari 0e72cc20b9 Merge pull request #77 from irtnog/add-managed-file-permissions-to-ssh_keys_pillar-states
Rework ssh_keys_pillar-related states
2015-07-25 15:32:33 -05:00
Seth Miller 7dca1ebfd2 Adding support for the enforce_password option.
This will allow users change their passwords after the initial setting in Salt.
2015-07-17 10:18:38 -05:00
Cole Kowalski 7dda5571db the user's .ssh directory should be created if ssh_auth_file is supplied 2015-07-16 15:23:43 -04:00
Matthew X. Economou 2f4c088e5d Rework ssh_keys_pillar-related states
SSH key pairs deployed via the user's ssh_keys_pillar dict aren't
handled the same as the user's ssh_keys, e.g., file ownership and
permissions aren't specified, and the keying material gets copied
directly into the SLS file.  This change rewrites the two templated
file.managed states to behave as follows:

  - set the files' owner to be the user

  - set the files' group to be the user's primary group

  - for the public key, set the mode to 644 (u=rw,go=r)

  - for the private key, set the mode to 600 (u=rw,g=)

  - pull the files' contents directly from pillar
2015-07-13 15:22:45 -04:00
René Jochum a1d6591447 Fix users/init.sls.
Signed-off-by: René Jochum <rene@jochums.at>
2015-07-13 13:51:02 +02:00