2015-07-27 19:50:49 +02:00
|
|
|
# vim: sts=2 ts=2 sw=2 et ai
|
2018-03-17 00:32:46 +01:00
|
|
|
|
2018-07-22 17:12:05 +02:00
|
|
|
{# import defaults.yaml as defaults #}
|
|
|
|
{% import_yaml 'users/defaults.yaml' as defaults %}
|
|
|
|
|
|
|
|
{# set Os-family specific settings #}
|
2018-06-12 19:02:57 +02:00
|
|
|
{% set users = salt['grains.filter_by'](
|
|
|
|
defaults,
|
|
|
|
merge=salt['grains.filter_by']({
|
2018-03-17 00:32:46 +01:00
|
|
|
'MacOS': {
|
|
|
|
'sudoers_dir': '/etc/sudoers.d',
|
|
|
|
'sudoers_file': '/etc/sudoers',
|
|
|
|
'googleauth_dir': '/etc/google_authenticator.d',
|
|
|
|
'shell': '/bin/bash',
|
|
|
|
'visudo_shell': '/bin/bash',
|
|
|
|
'bash_package': 'bash',
|
|
|
|
'sudo_package': 'sudo',
|
|
|
|
'googleauth_package': 'google-authenticator-libpam',
|
2018-06-12 19:02:57 +02:00
|
|
|
},
|
2014-05-30 05:20:13 +02:00
|
|
|
'Debian': {
|
2014-10-25 04:57:44 +02:00
|
|
|
'sudoers_dir': '/etc/sudoers.d',
|
2014-05-30 05:20:13 +02:00
|
|
|
'sudoers_file': '/etc/sudoers',
|
2015-01-14 18:25:17 +01:00
|
|
|
'googleauth_dir': '/etc/google_authenticator.d',
|
2014-05-30 05:20:13 +02:00
|
|
|
'root_group': 'root',
|
2014-09-11 17:03:14 +02:00
|
|
|
'shell': '/bin/bash',
|
2014-05-30 05:20:13 +02:00
|
|
|
'visudo_shell': '/bin/bash',
|
2014-05-31 13:14:00 +02:00
|
|
|
'bash_package': 'bash',
|
|
|
|
'sudo_package': 'sudo',
|
2015-01-14 18:25:17 +01:00
|
|
|
'googleauth_package': 'libpam-google-authenticator',
|
2017-02-02 23:12:15 +01:00
|
|
|
'polkit_dir': '/etc/polkit-1/localauthority.conf.d',
|
|
|
|
'polkit_defaults': 'unix-group:sudo;'
|
2014-05-30 05:20:13 +02:00
|
|
|
},
|
2014-05-31 13:15:03 +02:00
|
|
|
'Gentoo': {
|
2014-10-25 04:57:44 +02:00
|
|
|
'sudoers_dir': '/etc/sudoers.d',
|
2014-05-31 13:15:03 +02:00
|
|
|
'sudoers_file': '/etc/sudoers',
|
2015-01-14 18:25:17 +01:00
|
|
|
'googleauth_dir': '/etc/google_authenticator.d',
|
2014-05-31 13:15:03 +02:00
|
|
|
'root_group': 'root',
|
2014-09-11 17:03:14 +02:00
|
|
|
'shell': '/bin/bash',
|
2014-05-31 13:15:03 +02:00
|
|
|
'visudo_shell': '/bin/bash',
|
|
|
|
'bash_package': 'app-shells/bash',
|
|
|
|
'sudo_package': 'app-admin/sudo',
|
2015-01-14 18:25:17 +01:00
|
|
|
'googleauth_package': 'libpam-google-authenticator',
|
2018-06-12 19:02:57 +02:00
|
|
|
},
|
2014-05-30 05:20:13 +02:00
|
|
|
'FreeBSD': {
|
2014-10-25 04:57:44 +02:00
|
|
|
'sudoers_dir': '/usr/local/etc/sudoers.d',
|
2014-05-30 05:20:13 +02:00
|
|
|
'sudoers_file': '/usr/local/etc/sudoers',
|
2015-01-14 18:25:17 +01:00
|
|
|
'googleauth_dir': '/usr/local/etc/google_authenticator.d',
|
2014-05-30 05:20:13 +02:00
|
|
|
'root_group': 'wheel',
|
2014-09-11 17:03:14 +02:00
|
|
|
'shell': '/bin/csh',
|
2014-05-30 05:20:13 +02:00
|
|
|
'visudo_shell': '/usr/local/bin/bash',
|
2014-05-31 13:14:00 +02:00
|
|
|
'bash_package': 'bash',
|
|
|
|
'sudo_package': 'sudo',
|
2019-02-22 10:15:55 +01:00
|
|
|
'googleauth_package': 'pam_google_authenticator',
|
|
|
|
},
|
|
|
|
'OpenBSD': {
|
|
|
|
'sudoers_dir': '/etc/sudoers.d',
|
|
|
|
'sudoers_file': '/etc/sudoers',
|
|
|
|
'googleauth_dir': '/etc/google_authenticator.d',
|
|
|
|
'root_group': 'wheel',
|
|
|
|
'shell': '/bin/csh',
|
|
|
|
'visudo_shell': '/usr/local/bin/bash',
|
|
|
|
'bash_package': 'bash',
|
|
|
|
'sudo_package': 'sudo',
|
2015-01-14 18:25:17 +01:00
|
|
|
'googleauth_package': 'pam_google_authenticator',
|
2018-06-12 19:02:57 +02:00
|
|
|
},
|
2017-06-05 15:41:53 +02:00
|
|
|
'Solaris': {
|
|
|
|
'sudoers_dir': '/opt/local/etc/sudoers.d',
|
|
|
|
'sudoers_file': '/opt/local/etc/sudoers',
|
|
|
|
'googleauth_dir': '/opt/local/etc/google_authenticator.d',
|
|
|
|
'root_group': 'root',
|
|
|
|
'shell': '/bin/bash',
|
|
|
|
'visudo_shell': '/bin/bash',
|
|
|
|
'bash_package': 'bash',
|
|
|
|
'sudo_package': 'sudo',
|
|
|
|
'googleauth_package': 'libpam-google-authenticator',
|
2018-06-12 19:02:57 +02:00
|
|
|
},
|
2014-05-30 05:20:13 +02:00
|
|
|
'default': {
|
2014-10-25 04:57:44 +02:00
|
|
|
'sudoers_dir': '/etc/sudoers.d',
|
2014-05-30 05:20:13 +02:00
|
|
|
'sudoers_file': '/etc/sudoers',
|
2015-01-14 18:25:17 +01:00
|
|
|
'googleauth_dir': '/etc/google_authenticator.d',
|
2014-05-30 05:20:13 +02:00
|
|
|
'root_group': 'root',
|
2014-09-11 17:03:14 +02:00
|
|
|
'shell': '/bin/bash',
|
2014-05-30 05:20:13 +02:00
|
|
|
'visudo_shell': '/bin/bash',
|
2014-05-31 13:14:00 +02:00
|
|
|
'bash_package': 'bash',
|
|
|
|
'sudo_package': 'sudo',
|
2015-01-14 18:25:17 +01:00
|
|
|
'googleauth_package': 'libpam-google-authenticator',
|
2017-02-02 23:12:15 +01:00
|
|
|
'polkit_dir': '/etc/polkit-1/localauthority.conf.d',
|
|
|
|
'polkit_defaults': 'unix-group:sudo;'
|
2018-06-12 19:02:57 +02:00
|
|
|
},
|
|
|
|
}, merge=salt['pillar.get']('users-formula:lookup')),
|
|
|
|
base='users',
|
|
|
|
) %}
|
2018-03-17 00:32:46 +01:00
|
|
|
|
|
|
|
{% if grains.os == 'MacOS' %}
|
|
|
|
{% set group = salt['cmd.run']("stat -f '%Sg' /dev/console") %}
|
2019-06-11 16:16:19 +02:00
|
|
|
{% do users.update({'root_group': group,
|
|
|
|
'prime_group': group}) %}
|
2019-06-19 09:23:30 +02:00
|
|
|
{%- endif %}
|