Skip to content

IvanBayan/puppet-krb5

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
files
files
 
 
manifests
manifests
 
 
spec
spec
 
 
templates
templates
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
.project
.project
 
 
Modulefile
Modulefile
 
 
README
README
 
 
metadata.json
metadata.json
 
 

Repository files navigation

This is a puppet module for managing krb5 libs and krb5.conf

This module now support Debian 6, CentOS and Ubuntu
Module depend on 'ripienaar/concat' module, when i have been writing and testing module i use last version from https://github.com/ripienaar/puppet-concat

As a base i use next module  http://agileinf.web.cern.ch/agileinf/gitweb?p=punch-modules.git;a=tree;f=kerberos;hb=HEAD
Also as a template i use saz/ntp module. 
Thanks to all contributors.

Sample usage:

You can configure thru 'krb5' class next things:

autoupgrade - Upgrade packages automatically, if there is a newer version.
Default: true.

ensure - Ensure if present or absent.
Default: present.

package -  Name of the package (or packages). Only set this, if your platform is not supported or you know, what you're doing.
Default: auto-set (in params.pp), platform specific

config_file - Main configuration file.  Only set this, if your platform is not supported or you know, what you're doing.
Default: auto-set (in params.pp), platform specific

config_file_static - Copy configuration file from specified location. Set location if you want to replicate static config file.
Default: undef

class{ 'krb5':
	config_file	=> '/tmp/krb5.conf',
	package		=> [ 'libkrb53', 'krb5-user' ]
}

You can configure thru 'krb5::config' part of libdefaults and appdefaults options:

Look at config.pp for supported options and it is default values.

class{ 'krb5::config':
	krb5default => 'TEST.RU',
	krb5ticket_lifetime => '25h',
	krb5renew_lifetime  => '120h',
	krb5forwardable     => 'true',
	krb5proxiable       => 'true',
	krb5enctype         => ['arcfour-hmac-md5','aes256-cts','aes128-cts','des3-cbc-sha1','des-cbc-md5','des-cbc-crc'],
	krb5pam             => {'external'         => 'true',
                          'krb4_convert'     => 'false',
                          'krb4_convert_524' => 'false',
                          'krb4_use_as_req'  => 'false'
                         }
...	
}

You can configure thru 'krb5::realm' class, your realms. For supported values, look at config.pp

krb5::realm{ 'TEST.RU':
	default_domain  => 'test.ru',
	kdc             => ['dc1.test.ru:88', 'dc2.test.ru:88' ],
	kpasswd_server  => 'kpass.test.ru',
	admin_server    => 'kadmin.test.ru',
	v4_name_convert => { 'host' => { 'rcmd' => 'host' }  
}

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

6 stars

Watchers

4 watching

Forks

17 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages