added define to manage sftponly users

author: mh <mh@immerda.ch> 2008-10-20 20:51:36 +0000
committer: mh <mh@immerda.ch> 2008-10-20 20:51:36 +0000
commit: cb995bebc0eb713b7062f3590cf0cbb02f6366cb (patch)
tree: 6e1bd9907878da98c610c8317c28163c3866fb53
parent: d6839221b86fc1dde6a355bb9c55c9a88855e90e (diff)
2 files changed, 40 insertions, 18 deletions
diff --git a/manifests/defines.pp b/manifests/defines.pp
index c800b88..1373aa3 100644
--- a/manifests/defines.pp
+++ b/manifests/defines.pp
@@ -44,11 +44,28 @@ define user::define_user(
         membership => $membership,
     }
 
-   file{"$real_homedir":
-        ensure => directory,
-        require => User[$name],
-        owner => $name, mode => $homedir_mode;
-    } 
+    
+    case $managehome {
+        'true': {
+            file{"$real_homedir":
+                ensure => directory,
+                require => User[$name],
+                owner => $name, mode => $homedir_mode;
+            } 
+            case $gid {
+                'absent': { 
+                    File[$real_homedir]{
+                        group => $name,
+                    }
+                }
+                default: { 
+                    File[$real_homedir]{
+                        group => $gid,
+                    }
+                }
+            }
+        }
+    }
 
     case $uid {
         'absent': { info("Not defining a uid for user $name") }
@@ -87,19 +104,6 @@ define user::define_user(
 	    }
     }
 
-    case $gid {
-        'absent': { 
-            File[$real_homedir]{
-                group => $name,
-            }
-        }
-        default: { 
-            File[$real_homedir]{
-                group => $gid,
-            }
-        }
-    }
-
 	case $sshkey {
 		'absent': { info("no sshkey to manage for user $name") }
 		default: {
@@ -116,4 +120,15 @@ define user::sftp_only(
 
 ) {
     include user::groups::sftponly
+    user::define_user{"${name}":
+        name_comment => "SFTP-only user: ${name}",
+        groups => [ 'sftponly' ],        
+        managehome => 'false',        
+        shell => $operatingsystem ? {
+            debian => '/usr/sbin/nologin',
+            ubuntu => '/usr/sbin/nologin',
+            default => '/sbin/nologin'
+        },
+        require => Group['sftponly'],
+    }
 }
diff --git a/manifests/groups/sftponly.pp b/manifests/groups/sftponly.pp
new file mode 100644
index 0000000..f23a08c
--- /dev/null
+++ b/manifests/groups/sftponly.pp
@@ -0,0 +1,7 @@
+# manifests/groups/sftponly.pp
+
+class user::groups::sftponly {
+    group{'sftponly':
+        ensure => present,
+    }
+}
author	mh <mh@immerda.ch>	2008-10-20 20:51:36 +0000
committer	mh <mh@immerda.ch>	2008-10-20 20:51:36 +0000
commit	cb995bebc0eb713b7062f3590cf0cbb02f6366cb (patch)
tree	6e1bd9907878da98c610c8317c28163c3866fb53
parent	d6839221b86fc1dde6a355bb9c55c9a88855e90e (diff)