Name: pam-cookbook
Owner: Datadog, Inc.
Description: Cookbook to manage PAM (Pluggable Authentication Module)
Forked from: evertrue/pam-cookbook
Created: 2016-07-14 22:54:48.0
Updated: 2016-07-14 22:54:49.0
Pushed: 2016-07-14 23:01:10.0
Homepage: null
Size: 16
Language: Ruby
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Manages PAM services in /etc/pam.d
This cookbook will not set up PAM if you do not already have it installed. It will only modify an existing configuration.
Also, currently it only includes defaults for /etc/pam.d/su. If you want to override any other PAM services, you will first need to transcribe the entire service configuration into the appropriate node attibute, otherwise the PAM file will be overwritten with only the attributes you configure (and your system will become unusable).
This cookbook should work fine on Red Hat systems, however it has only been tested on Ubuntu 12.04.
node['pam_d']['services']
- Example:
=> {
ain' => {
'pam_env' => {
'interface' => 'session',
'control_flag' => 'required',
'name' => 'pam_env.so',
'args' => 'readenv=1',
'disabled' => false
}
ncludes' => %w(
common-something
NOTE: pam_env
in this case is just a placeholder so that we can use a keyed hash instead of an array. disabled
is optional but if it is present and set to true, it will prevent the entry from showing up in the PAM service file.
Include pam
in a recipe:
ude_recipe 'pam'
add-new-recipe
)Author:: EverTrue, Inc. (eric.herot@evertrue.com)