Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
H
HPCasCode
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
16
Issues
16
List
Boards
Labels
Milestones
Merge Requests
11
Merge Requests
11
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
hpc-team
HPCasCode
Compare Revisions
bfdfcc33e55d5d48da0e085b64e6b05db46d14c3...297998bbd11056cad99360c9c40a993f9acf6d7b
Source
297998bbd11056cad99360c9c40a993f9acf6d7b
Select Git revision
...
Target
bfdfcc33e55d5d48da0e085b64e6b05db46d14c3
Select Git revision
Compare
Commits (2)
pam works different on centos and ubuntu
· 2a5cc0e1
Andreas Hamacher
authored
Feb 22, 2021
2a5cc0e1
do not merge this crap. I just want a backup of it
· 297998bb
Andreas Hamacher
authored
Feb 22, 2021
297998bb
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
46 additions
and
5 deletions
+46
-5
roles/pam_sshd/tasks/main.yml
roles/pam_sshd/tasks/main.yml
+6
-5
roles/pam_sshd/templates/loginnodes_sshd_centos.j2
roles/pam_sshd/templates/loginnodes_sshd_centos.j2
+21
-0
roles/pam_sshd/templates/loginnodes_sshd_ubuntu.j2
roles/pam_sshd/templates/loginnodes_sshd_ubuntu.j2
+19
-0
No files found.
roles/pam_sshd/tasks/main.yml
View file @
297998bb
...
...
@@ -8,11 +8,12 @@
template
:
src=loginnodes_sshd.j2 dest=/etc/pam.d/sshd
become
:
true
become_user
:
root
when ostgroup = loginnodes and ubuntu
# this is intended to break !
# when: computenodepam is undefined or not computenodepam
#
- name: "Copy computenode password sshd pam config"
##
template: src=computenodes_sshd.j2 dest=/etc/pam.d/sshd
#
become: true
#
become_user: root
#
when: computenodepam is defined and computenodepam
-
name
:
"
Copy
computenode
password
sshd
pam
config"
template
:
src=computenodes_sshd.j2 dest=/etc/pam.d/sshd
become
:
true
become_user
:
root
when
:
computenodepam is defined and computenodepam
roles/pam_sshd/templates/loginnodes_sshd_centos.j2
0 → 100644
View file @
297998bb
#%PAM-1.0
auth required pam_sepermit.so
auth substack password-auth
auth include postlogin
# Used with polkit to reauthorize users in remote sessions
-auth optional pam_reauthorize.so prepare
account sufficient pam_access.so
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session include password-auth
session include postlogin
# Used with polkit to reauthorize users in remote sessions
-session optional pam_reauthorize.so prepare
roles/pam_sshd/templates/loginnodes_sshd_ubuntu.j2
0 → 100644
View file @
297998bb
#%PAM-1.0
auth required pam_sepermit.so
auth substack password-auth
auth include postlogin
# Used with polkit to reauthorize users in remote sessions
-auth optional pam_reauthorize.so prepare
account sufficient pam_access.so
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session required pam_namespace.so
session optional pam_keyinit.so force revoke
# Used with polkit to reauthorize users in remote sessions
-session optional pam_reauthorize.so prepare