From ebdf85199f0f27d734264a3c4b63fce7389021eb Mon Sep 17 00:00:00 2001 From: Arne Teuke Date: Sun, 30 Jul 2017 15:09:13 +0100 Subject: [PATCH] changed user shell depending on role, on nagios server it requires bash access, else /sbin/nologin --- manifests/main/user.pp | 44 ++++++++++++++++++++++++++++++------------ manifests/params.pp | 2 +- 2 files changed, 33 insertions(+), 13 deletions(-) diff --git a/manifests/main/user.pp b/manifests/main/user.pp index 00a26e7..7816837 100644 --- a/manifests/main/user.pp +++ b/manifests/main/user.pp @@ -33,17 +33,37 @@ class cd_nagios::main::user ( allowdupe => false, } - user { $ng_user: - ensure => present, - name => $ng_user, - allowdupe => false, - comment => $ng_u_comment, - uid => $ng_u_uid, - gid => $ng_user, - groups => $ng_u_groups, - managehome => true, - home => $ng_user_home, - shell => $ng_user_shell, - require => Group[$ng_user], + if $::fqdn == $ng_nagios_server { + + user { $ng_user: + ensure => present, + name => $ng_user, + allowdupe => false, + comment => $ng_u_comment, + uid => $ng_u_uid, + gid => $ng_user, + groups => $ng_u_groups, + managehome => true, + home => $ng_user_home, + shell => '/bin/bash', + require => Group[$ng_user], + } + } + + else { + + user { $ng_user: + ensure => present, + name => $ng_user, + allowdupe => false, + comment => $ng_u_comment, + uid => $ng_u_uid, + gid => $ng_user, + groups => $ng_u_groups, + managehome => true, + home => $ng_user_home, + shell => $ng_user_shell, + require => Group[$ng_user], + } } } diff --git a/manifests/params.pp b/manifests/params.pp index c97a72f..2492241 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -703,7 +703,7 @@ $ng_u_comment = 'Nagios service user', $ng_u_uid = '1004', $ng_user_home = '/var/spool/nagios', $ng_u_groups = undef, -$ng_user_shell = '/bin/bash', +$ng_user_shell = '/sbin/nologin', # cgi settings $ng_context_help = '1',