diff options
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/server/ads.pp | 47 | ||||
| -rw-r--r--[-rwxr-xr-x] | manifests/server/share.pp | 66 |
2 files changed, 89 insertions, 24 deletions
diff --git a/manifests/server/ads.pp b/manifests/server/ads.pp index 757d091..7e2ffe0 100644 --- a/manifests/server/ads.pp +++ b/manifests/server/ads.pp @@ -21,7 +21,8 @@ class samba::server::ads($ensure = present, $map_system = 'no', $map_archive = 'no', $map_readonly = 'no', - $target_ou = 'Nix_Mashine') { + $target_ou = 'Nix_Mashine', + $perform_join = true) { $krb5_user_package = $::osfamily ? { 'RedHat' => 'krb5-workstation', @@ -38,7 +39,7 @@ class samba::server::ads($ensure = present, $winbind_package = 'winbind' } - package{ + package { $krb5_user_package: ensure => installed; $winbind_package: ensure => installed; 'expect': ensure => installed; @@ -49,18 +50,24 @@ class samba::server::ads($ensure = present, # notify winbind samba::server::option { - 'realm': value => $realm, - notify => Class['Samba::Server::Winbind']; - 'winbind uid': value => $winbind_uid, - notify => Class['Samba::Server::Winbind']; - 'winbind gid': value => $winbind_gid, - notify => Class['Samba::Server::Winbind']; - 'winbind enum groups': value => $winbind_enum_groups, - notify => Class['Samba::Server::Winbind']; - 'winbind enum users': value => $winbind_enum_users, - notify => Class['Samba::Server::Winbind']; - 'winbind use default domain': value => $winbind_use_default_domain, - notify => Class['Samba::Server::Winbind']; + 'realm': + value => $realm, + notify => Class['Samba::Server::Winbind']; + 'winbind uid': + value => $winbind_uid, + notify => Class['Samba::Server::Winbind']; + 'winbind gid': + value => $winbind_gid, + notify => Class['Samba::Server::Winbind']; + 'winbind enum groups': + value => $winbind_enum_groups, + notify => Class['Samba::Server::Winbind']; + 'winbind enum users': + value => $winbind_enum_users, + notify => Class['Samba::Server::Winbind']; + 'winbind use default domain': + value => $winbind_use_default_domain, + notify => Class['Samba::Server::Winbind']; } samba::server::option { @@ -122,10 +129,12 @@ class samba::server::ads($ensure = present, 'samba-winbind use default domain'], Service['winbind'] ], } - exec {'join-active-directory': - # join the domain configured in samba.conf - command => '/sbin/configure_active_directory -j', - unless => '/sbin/verify_active_directory', - require => [ File['configure_active_directory', 'verify_active_directory'], Service['winbind'] ], + if ($perform_join) { + exec {'join-active-directory': + # join the domain configured in samba.conf + command => '/sbin/configure_active_directory -j', + unless => '/sbin/verify_active_directory', + require => [ File['configure_active_directory', 'verify_active_directory'], Service['winbind'] ], + } } } diff --git a/manifests/server/share.pp b/manifests/server/share.pp index b0690bb..5544caf 100755..100644 --- a/manifests/server/share.pp +++ b/manifests/server/share.pp @@ -20,16 +20,26 @@ define samba::server::share($ensure = present, $veto_oplock_files = '', $read_only = '', $public = '', + $read_list = '', $write_list = '', $writable = '', $printable = '', $valid_users = '', $follow_symlinks = '', $wide_links = '', + $acl_group_control = '', $map_acl_inherit = '', + $profile_acls = '', $store_dos_attributes = '', $strict_allocate = '', $hide_dot_files = '', + $root_preexec = '', + $inherit_permissions = '', + $inherit_acls = '', + $delete_readonly = '', + $printer_name = '', + $msdfs_root = '', + $guest_account = '', ) { $incl = $samba::server::incl @@ -143,11 +153,21 @@ define samba::server::share($ensure = present, false => "set \"${target}/wide links\" no", default => "rm \"${target}/wide links\"", }, + $acl_group_control ? { + true => "set \"${target}/acl group control\" yes", + false => "set \"${target}/acl group control\" no", + default => "rm \"${target}/acl group control\"", + }, $map_acl_inherit ? { true => "set \"${target}/map acl inherit\" yes", false => "set \"${target}/map acl inherit\" no", default => "rm \"${target}/map acl inherit\"", }, + $profile_acls ? { + true => "set \"${target}/profile acls\" yes", + false => "set \"${target}/profile acls\" no", + default => "rm \"${target}/profile acls\"", + }, $store_dos_attributes ? { true => "set \"${target}/store dos attributes\" yes", false => "set \"${target}/store dos attributes\" no", @@ -159,23 +179,27 @@ define samba::server::share($ensure = present, default => "rm \"${target}/strict allocate\"", }, $valid_users ? { - '' => "rm \"${target}/valid users\"", + '' => "rm \"${target}/valid users\"", default => "set \"${target}/valid users\" '${valid_users}'", }, $op_locks ? { - '' => "rm \"${target}/oplocks\"", + '' => "rm \"${target}/oplocks\"", default => "set \"${target}/oplocks\" '${op_locks}'", }, $level2_oplocks ? { - '' => "rm \"${target}/level2 oplocks\"", + '' => "rm \"${target}/level2 oplocks\"", default => "set \"${target}/level2 oplocks\" '${level2_oplocks}'", }, $veto_oplock_files ? { - '' => "rm \"${target}/veto oplock files\"", + '' => "rm \"${target}/veto oplock files\"", default => "set \"${target}/veto oplock files\" '${veto_oplock_files}'", }, + $read_list ? { + '' => "rm \"${target}/read list\"", + default => "set \"${target}/read list\" '${read_list}'", + }, $write_list ? { - '' => "rm \"${target}/write list\"", + '' => "rm \"${target}/write list\"", default => "set \"${target}/write list\" '${write_list}'", }, $hide_dot_files ? { @@ -183,6 +207,38 @@ define samba::server::share($ensure = present, false => "set \"${target}/hide dot files\" no", default => "rm \"${target}/hide dot files\"", }, + $root_preexec ? { + '' => "rm \"${target}/root preexec\"", + default => "set \"${target}/root preexec\" '${root_preexec}'", + }, + $inherit_permissions ? { + true => "set \"${target}/inherit permissions\" yes", + false => "set \"${target}/inherit permissions\" no", + default => "rm \"${target}/inherit permissions\"", + }, + $inherit_acls ? { + true => "set \"${target}/inherit acls\" yes", + false => "set \"${target}/inherit acls\" no", + default => "rm \"${target}/inherit acls\"", + }, + $delete_readonly ? { + true => "set \"${target}/delete readonly\" yes", + false => "set \"${target}/delete readonly\" no", + default => "rm \"${target}/delete readonly\"", + }, + $printer_name ? { + '' => "rm \"${target}/printer name\"", + default => "set \"${target}/printer name\" '${printer_name}'", + }, + $msdfs_root ? { + true => "set \"${target}/msdfs root\" yes", + false => "set \"${target}/msdfs root\" no", + default => "rm \"${target}/msdfs root\"", + }, + $guest_account ? { + '' => "rm \"${target}/guest account\"", + default => "set \"${target}/guest account\" '${guest_account}'", + }, ] augeas { "${name}-changes": |