From 9563dd4350b3f6b9f846b547bb20bae572f744e2 Mon Sep 17 00:00:00 2001 From: Philipp Seiler Date: Mon, 18 Sep 2017 20:13:44 +0200 Subject: [PATCH 1/2] enabling more variable overwriting * overwrite path to binarys when using the module in another class * overwrite package names (useful to use modules with private sernet packages) --- manifests/classic.pp | 72 ++++++++++++++++++++--------------- manifests/dc.pp | 51 +++++++++++++++---------- manifests/dc/ppolicy_param.pp | 5 ++- manifests/log.pp | 15 ++++---- manifests/option.pp | 3 +- manifests/share.pp | 3 +- 6 files changed, 87 insertions(+), 62 deletions(-) diff --git a/manifests/classic.pp b/manifests/classic.pp index fdbb55c..ba54ef7 100644 --- a/manifests/classic.pp +++ b/manifests/classic.pp @@ -37,26 +37,36 @@ # class samba::classic( - $smbname = undef, - $domain = undef, - $realm = undef, - $strictrealm = true, - $adminuser = 'administrator', - $adminpassword = undef, - $security = 'ads', - $sambaloglevel = 1, - $join_domain = true, - $manage_winbind = true, - $krbconf = true, - $nsswitch = true, - $pam = false, - $sambaclassloglevel = undef, - $logtosyslog = false, - $globaloptions = {}, - $globalabsentoptions = [], - $joinou = undef, - $default_realm = undef, - $additional_realms = [], + $smbname = undef, + $domain = undef, + $realm = undef, + $strictrealm = true, + $adminuser = 'administrator', + $adminpassword = undef, + $security = 'ads', + $sambaloglevel = 1, + $join_domain = true, + $manage_winbind = true, + $krbconf = true, + $nsswitch = true, + $pam = false, + $sambaclassloglevel = undef, + $logtosyslog = false, + $globaloptions = {}, + $globalabsentoptions = [], + $joinou = undef, + $default_realm = undef, + $additional_realms = [], + $packagesambaclassic = $::samba::params::packagesambaclassic, + $packagesambawinbind = $::samba::params::packagesambawinbind, + $packagesambansswinbind = $::samba::params::packagesambansswinbind + $packagesambapamwinbind = $::samba::params::packagesambapamwinbind + $servivesmb = $::samba::params::servivesmb, + $servivewinbind = $::samba::params::servivewinbind, + $sambaoptsfile = $::samba::params::sambaoptsfile, + $sambaoptstmpl = $::samba::params::sambaoptstmpl, + $smbconffile = $::samba::params::smbconffile, + $krbconffile = $::samba::params::krbconffile, ) inherits ::samba::params{ @@ -109,13 +119,13 @@ file { '/etc/samba/smb_path': ensure => 'present', - content => $::samba::params::smbconffile, + content => $smbconffile, require => File['/etc/samba/'], } if $join_domain { if $krbconf { - file {$::samba::params::krbconffile: + file {$krbconffile: ensure => present, mode => '0644', content => template("${module_name}/krb5.conf.erb"), @@ -126,7 +136,7 @@ if $nsswitch { package{ 'SambaNssWinbind': ensure => 'installed', - name => $::samba::params::packagesambansswinbind + name => $packagesambansswinbind } augeas{'samba nsswitch group': @@ -154,11 +164,11 @@ if $pam { # Only add package here if different to the nss-winbind package, # or nss and pam aren't both enabled, to avoid duplicate definition. - if ($::samba::params::packagesambapamwinbind != $::samba::params::packagesambansswinbind) + if ($packagesambapamwinbind != $packagesambansswinbind) or !$nsswitch { package{ 'SambaPamWinbind': ensure => 'installed', - name => $::samba::params::packagesambapamwinbind + name => $packagesambapamwinbind } } @@ -211,13 +221,13 @@ package{ 'SambaClassic': ensure => 'installed', - name => $::samba::params::packagesambaclassic, + name => $packagesambaclassic, } if $manage_winbind { package{ 'SambaClassicWinBind': ensure => 'installed', - name => $::samba::params::packagesambawinbind, + name => $packagesambawinbind, require => File['/etc/samba/smb_path'], } Package['SambaClassicWinBind'] -> Package['SambaClassic'] @@ -225,7 +235,7 @@ service{ 'SambaSmb': ensure => 'running', - name => $::samba::params::servivesmb, + name => $servivesmb, require => [ Package['SambaClassic'], File['SambaOptsFile'] ], enable => true, } @@ -233,7 +243,7 @@ if $manage_winbind { service{ 'SambaWinBind': ensure => 'running', - name => $::samba::params::servivewinbind, + name => $servivewinbind, require => [ Package['SambaClassic'], File['SambaOptsFile'] ], enable => true, } @@ -241,8 +251,8 @@ $sambamode = 'classic' # Deploy /etc/sysconfig/|/etc/defaut/ file (startup options) file{ 'SambaOptsFile': - path => $::samba::params::sambaoptsfile, - content => template($::samba::params::sambaoptstmpl), + path => $sambaoptsfile, + content => template($sambaoptstmpl), require => Package['SambaClassic'], } diff --git a/manifests/dc.pp b/manifests/dc.pp index 6d88b44..d70c8d5 100644 --- a/manifests/dc.pp +++ b/manifests/dc.pp @@ -56,6 +56,17 @@ $globalabsentoptions = [], $netlogonabsentoptions = [], $sysvolabsentoptions = [], + $packagesambadc = $::samba::params::packagesambadc, + $packagesambaclient = $::samba::params::packagesambaclient, + $packagesambawinbind = $::samba::params::packagesambawinbind, + $servivesambadc = $::samba::params::servivesambadc, + $servivesmb = $::samba::params::servivesmb, + $sambacmd = $::samba::params::sambacmd, + $sambaclientcmd = $::samba::params::sambaclientcmd. + $sambaoptsfile = $::samba::params::sambaoptsfile, + $sambaoptstmpl = $::samba::params::sambaoptstmpl, + $smbconffile = $::samba::params::smbconffile, + $packagepyyaml = $::samba::params::packagepyyaml, ) inherits ::samba::params{ case $dnsbackend { @@ -151,31 +162,31 @@ file { '/etc/samba/smb_path': ensure => 'present', - content => $::samba::params::smbconffile, + content => $smbconffile, require => File['/etc/samba/'], } package{ 'SambaWinBind': ensure => 'installed', - name => $::samba::params::packagesambawinbind, + name => $packagesambawinbind, require => File['/etc/samba/smb_path'], } package{ 'SambaClient': ensure => 'installed', - name => $::samba::params::packagesambaclient, + name => $packagesambaclient, require => File['/etc/samba/smb_path'], } package{ 'SambaDC': ensure => 'installed', - name => $::samba::params::packagesambadc, + name => $packagesambadc, require => Package['SambaClient', 'SambaWinBind'], } service{ 'SambaClassic': ensure => 'stopped', - name => $::samba::params::servivesmb, + name => $servivesmb, enable => false, require => Package['SambaDC'], notify => Service['SambaDC'], @@ -211,19 +222,19 @@ exec{ 'provisionAD': path => '/bin:/sbin:/usr/bin:/usr/sbin', unless => "test -d '${targetdir}/state/sysvol/${realmdowncase}/'", - command => "printf '' > '${::samba::params::smbconffile}' && \ -${::samba::params::sambacmd} domain provision ${hostip} \ + command => "printf '' > '${smbconffile}' && \ +${sambacmd} domain provision ${hostip} \ --domain='${domain}' --realm='${realm}' --dns-backend='${sambadns}' \ --targetdir='${targetdir}' --use-rfc2307 \ ---configfile='${::samba::params::smbconffile}' --server-role='${role}' ${domainprovargs} -d 1 && \ -mv '${targetdir}/etc/smb.conf' '${::samba::params::smbconffile}'", +--configfile='${smbconffile}' --server-role='${role}' ${domainprovargs} -d 1 && \ +mv '${targetdir}/etc/smb.conf' '${smbconffile}'", require => Exec['CleanService'], notify => Service['SambaDC'], } service{ 'SambaDC': ensure => 'running', - name => $::samba::params::servivesambadc, + name => $servivesambadc, require => [ Exec['provisionAD'], File['SambaOptsFile'] ], enable => true, } @@ -231,15 +242,15 @@ $sambamode = 'ad' # Deploy /etc/sysconfig/|/etc/defaut/ file (startup options) file{ 'SambaOptsFile': - path => $::samba::params::sambaoptsfile, - content => template($::samba::params::sambaoptstmpl), + path => $sambaoptsfile, + content => template($sambaoptstmpl), require => Package['SambaDC'], notify => Service['SambaDC'], } package{ 'PyYaml': ensure => 'installed', - name => $::samba::params::packagepyyaml, + name => $packagepyyaml, } file{ 'SambaOptsAdditionnalTool': @@ -265,7 +276,7 @@ if $dnsforwarder != undef { smb_setting { 'global/dns forwarder': ensure => present, - path => $::samba::params::smbconffile, + path => $smbconffile, section => 'global', setting => 'dns forwarder', value => $dnsforwarder, @@ -284,9 +295,9 @@ # Check and set administrator password unless $adminpassword == undef { exec{ 'setAdminPassword': - unless => "${::samba::params::sambaclientcmd} \ + unless => "${sambaclientcmd} \ //localhost/netlogon ${adminpassword} -Uadministrator -c 'ls'", - command => "${::samba::params::sambacmd} user setpassword \ + command => "${sambacmd} user setpassword \ Administrator --newpassword=${adminpassword} -d 1", require => Service['SambaDC'], } @@ -295,9 +306,9 @@ # Configure Domain function level exec{ 'setDomainFunctionLevel': path => '/bin:/sbin:/usr/bin:/usr/sbin', - unless => "${::samba::params::sambacmd} domain level show -d 1\ + unless => "${sambacmd} domain level show -d 1\ | grep 'Domain function level' | grep -q \"${domainlevel}$\"", - command => "${::samba::params::sambacmd} domain \ + command => "${sambacmd} domain \ level raise --domain-level='${strdomainlevel}' -d 1", require => Service['SambaDC'], } @@ -305,9 +316,9 @@ # Configure Forest function level exec{ 'setForestFunctionLevel': path => '/bin:/sbin:/usr/bin:/usr/sbin', - unless => "${::samba::params::sambacmd} domain level show -d 1\ + unless => "${sambacmd} domain level show -d 1\ | grep 'Forest function level' | grep -q '${domainlevel}$'", - command => "${::samba::params::sambacmd} domain \ + command => "${sambacmd} domain \ level raise --forest-level='${strdomainlevel}' -d 1", require => Exec['setDomainFunctionLevel'], } diff --git a/manifests/dc/ppolicy_param.pp b/manifests/dc/ppolicy_param.pp index def69d8..93bfac3 100644 --- a/manifests/dc/ppolicy_param.pp +++ b/manifests/dc/ppolicy_param.pp @@ -4,6 +4,7 @@ $option, $show_string, $value, + $sambacmd = $::samba::params::sambacmd, ){ validate_re( @@ -29,10 +30,10 @@ path => '/bin:/sbin:/usr/bin:/usr/sbin', require => Service['SambaDC'], unless => "[ \ -\"\$( ${::samba::params::sambacmd} domain passwordsettings show -d 1 | \ +\"\$( ${sambacmd} domain passwordsettings show -d 1 | \ sed 's/${show_string} *//p;d' )\" = \ '${value}' ]", - command => "${::samba::params::sambacmd} domain passwordsettings set -d 1 \ + command => "${sambacmd} domain passwordsettings set -d 1 \ ${option}='${value}'", } } diff --git a/manifests/log.pp b/manifests/log.pp index 02729d3..8b0b47a 100644 --- a/manifests/log.pp +++ b/manifests/log.pp @@ -5,6 +5,7 @@ $logtosyslog, $settingsignored, $sambaclassloglevel = undef, + $smbconffile = $::samba:params::smbconffile, ) { unless is_integer($sambaloglevel) @@ -40,7 +41,7 @@ unless member($settingsignored, 'log level'){ smb_setting { 'global/log level': ensure => present, - path => $::samba::params::smbconffile, + path => $smbconffile, section => 'global', setting => 'log level', value => "${sambaloglevel}${logadditional}", @@ -53,7 +54,7 @@ unless member($settingsignored, 'syslog'){ smb_setting { 'global/syslog': ensure => present, - path => $::samba::params::smbconffile, + path => $smbconffile, section => 'global', setting => 'syslog', value => "${sambaloglevel}${logadditional}", @@ -63,7 +64,7 @@ unless member($settingsignored, 'syslog only'){ smb_setting { 'global/syslog only': ensure => present, - path => $::samba::params::smbconffile, + path => $smbconffile, section => 'global', setting => 'syslog only', value => 'yes', @@ -73,7 +74,7 @@ unless member($settingsignored, 'logging'){ smb_setting { 'global/logging': ensure => present, - path => $::samba::params::smbconffile, + path => $smbconffile, section => 'global', setting => 'logging', value => $syslog_loglevel, @@ -87,7 +88,7 @@ unless member($settingsignored, 'syslog only'){ smb_setting { 'global/syslog only': ensure => present, - path => $::samba::params::smbconffile, + path => $smbconffile, section => 'global', setting => 'syslog only', value => 'no', @@ -97,7 +98,7 @@ unless member($settingsignored, 'syslog'){ smb_setting { 'global/syslog': ensure => absent, - path => $::samba::params::smbconffile, + path => $smbconffile, section => 'global', setting => 'syslog', } @@ -106,7 +107,7 @@ unless member($settingsignored, 'logging'){ smb_setting { 'global/logging': ensure => absent, - path => $::samba::params::smbconffile, + path => $smbconffile, section => 'global', setting => 'logging', } diff --git a/manifests/option.pp b/manifests/option.pp index bda5a9e..f91d5eb 100644 --- a/manifests/option.pp +++ b/manifests/option.pp @@ -4,6 +4,7 @@ $options, $section, $settingsignored = [], + $smbconffile = $::samba::params::smbconffile, ){ $optionssetting = regsubst($title, '^\[.*\](.*)$', '\1') $optionsvalue = $options[$optionssetting] @@ -11,7 +12,7 @@ unless member($settingsignored, $optionssetting){ smb_setting { "${section}/${optionssetting}": ensure => present, - path => $::samba::params::smbconffile, + path => $smbconffile, section => $section, setting => $optionssetting, value => $optionsvalue, diff --git a/manifests/share.pp b/manifests/share.pp index 5bdaea8..a7959d5 100644 --- a/manifests/share.pp +++ b/manifests/share.pp @@ -45,6 +45,7 @@ $mode = '0777', $acl = undef, $manage_directory = true, + $smbconffile = $::samba::params::smbconffile, ) { if defined(Package['SambaClassic']){ @@ -77,7 +78,7 @@ } smb_setting { "${name}/path": - path => $::samba::params::smbconffile, + path => $smbconffile, section => $name, setting => 'path', value => $path, From 837fcc2cbbefeb925fba374e28206c614c7e8316 Mon Sep 17 00:00:00 2001 From: Philipp Seiler Date: Mon, 18 Sep 2017 20:41:32 +0200 Subject: [PATCH 2/2] fixed syntax errors --- manifests/classic.pp | 4 ++-- manifests/dc.pp | 2 +- manifests/log.pp | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/classic.pp b/manifests/classic.pp index ba54ef7..0e38670 100644 --- a/manifests/classic.pp +++ b/manifests/classic.pp @@ -59,8 +59,8 @@ $additional_realms = [], $packagesambaclassic = $::samba::params::packagesambaclassic, $packagesambawinbind = $::samba::params::packagesambawinbind, - $packagesambansswinbind = $::samba::params::packagesambansswinbind - $packagesambapamwinbind = $::samba::params::packagesambapamwinbind + $packagesambansswinbind = $::samba::params::packagesambansswinbind, + $packagesambapamwinbind = $::samba::params::packagesambapamwinbind, $servivesmb = $::samba::params::servivesmb, $servivewinbind = $::samba::params::servivewinbind, $sambaoptsfile = $::samba::params::sambaoptsfile, diff --git a/manifests/dc.pp b/manifests/dc.pp index d70c8d5..3793ba9 100644 --- a/manifests/dc.pp +++ b/manifests/dc.pp @@ -62,7 +62,7 @@ $servivesambadc = $::samba::params::servivesambadc, $servivesmb = $::samba::params::servivesmb, $sambacmd = $::samba::params::sambacmd, - $sambaclientcmd = $::samba::params::sambaclientcmd. + $sambaclientcmd = $::samba::params::sambaclientcmd, $sambaoptsfile = $::samba::params::sambaoptsfile, $sambaoptstmpl = $::samba::params::sambaoptstmpl, $smbconffile = $::samba::params::smbconffile, diff --git a/manifests/log.pp b/manifests/log.pp index 8b0b47a..1bd9b0c 100644 --- a/manifests/log.pp +++ b/manifests/log.pp @@ -5,7 +5,7 @@ $logtosyslog, $settingsignored, $sambaclassloglevel = undef, - $smbconffile = $::samba:params::smbconffile, + $smbconffile = $::samba::params::smbconffile, ) { unless is_integer($sambaloglevel)