cluster_configure - template substitutions depending on auth_type

These are horrible but can probably be made a bit cleaner later on.

Signed-off-by: Martin Schwenke <martin@meltin.net>

diff --git a/base/all/root/scripts/cluster_configure/templates/rhel/files/00.ctdb/1.2.4#/files/etc/sysconfig/ctdb b/base/all/root/scripts/cluster_configure/templates/rhel/files/00.ctdb/1.2.4#/files/etc/sysconfig/ctdb
index 65ad64a42430eeedcc8ec3e737f31ec59806dda0..24a2814cb22bee85612991aaa56f489f3e157f47 100644 (file)
--- a/base/all/root/scripts/cluster_configure/templates/rhel/files/00.ctdb/1.2.4#/files/etc/sysconfig/ctdb
+++ b/base/all/root/scripts/cluster_configure/templates/rhel/files/00.ctdb/1.2.4#/files/etc/sysconfig/ctdb
@@ -12,9 +12,9 @@ CTDB_PUBLIC_INTERFACE=eth0
 # should ctdb manage starting/stopping the Samba service for you?
 # default is to not manage Samba
 CTDB_MANAGES_SAMBA=yes
-# should ctdb manage starting/stopping the winbind service for you?
-# default is autodetect
-CTDB_MANAGES_WINBIND=no
+# should ctdb manage starting/stopping Winbind service?
+# if left comented out then it will be autodetected based on smb.conf
+CTDB_MANAGES_WINBIND=!!|"yes" if self.config.get("package:ctdb", "auth_method") == "winbind" else "no"!!
 # should ctdb monitor GPFS filesystems and disks
 CTDB_MANAGES_GPFS=yes
 # you may wish to raise the file descriptor limit for ctdb

diff --git a/base/all/root/scripts/cluster_configure/templates/rhel/files/40.vsftpd/2.0#/files/etc/pam.d/vsftpd b/base/all/root/scripts/cluster_configure/templates/rhel/files/40.vsftpd/2.0#/files/etc/pam.d/vsftpd
index b689813323a1c873ecb4fb57dc486edaaf7d8902..8abc181f91f850e076c9cf0ac08da1bc2a91715b 100644 (file)
--- a/base/all/root/scripts/cluster_configure/templates/rhel/files/40.vsftpd/2.0#/files/etc/pam.d/vsftpd
+++ b/base/all/root/scripts/cluster_configure/templates/rhel/files/40.vsftpd/2.0#/files/etc/pam.d/vsftpd
@@ -2,7 +2,9 @@
 session    optional     pam_keyinit.so    force revoke
 auth       required     pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
 #auth       required     pam_shells.so
+!!|"" if self.config.get("package:vsftpd", "auth_method") == "winbind" else "#"!!auth       sufficient   pam_winbind.so
 auth       include      system-auth
+!!|"" if self.config.get("package:vsftpd", "auth_method") == "winbind" else "#"!!account    sufficient   pam_winbind.so
 account    include      system-auth
 session    include      system-auth
 session    required     pam_loginuid.so

diff --git a/base/all/root/scripts/cluster_configure/templates/rhel/files/50.samba/3.4#/files/etc/samba/smb.conf b/base/all/root/scripts/cluster_configure/templates/rhel/files/50.samba/3.4#/files/etc/samba/smb.conf
index 8e7363e56244c21611c3b3d242f42330f5837dea..6071476ce3b292b9e5b888f9f339071d8eb45aff 100644 (file)
--- a/base/all/root/scripts/cluster_configure/templates/rhel/files/50.samba/3.4#/files/etc/samba/smb.conf
+++ b/base/all/root/scripts/cluster_configure/templates/rhel/files/50.samba/3.4#/files/etc/samba/smb.conf
@@ -4,8 +4,8 @@
        ctdb:registry.tdb=yes
        private dir=!!gpfs_default_mountpoint!!/.ctdb/
 
-       security = user
-       auth methods = guest sam
+       security = !!|"ADS" if self.config.get("package:samba", "auth_method") == "winbind" else "USER"!!
+       auth methods = guest sam !!|"winbind" if self.config.get("package:samba", "auth_method") == "winbind" else ""!!
 
        netbios name = !!cluster!!
        workgroup = !!workgroup!!
@@ -19,6 +19,10 @@
        gpfs:leases = yes
        passdb backend = tdbsam
        preferred master = no
+       !!|"" if self.config.get("package:samba", "auth_method") == "winbind" else "#"!!idmap backend = tdb2
+       !!|"" if self.config.get("package:samba", "auth_method") == "winbind" else "#"!!idmap:cache = no
+       !!|"" if self.config.get("package:samba", "auth_method") == "winbind" else "#"!!idmap gid = 10000000-11000000
+       !!|"" if self.config.get("package:samba", "auth_method") == "winbind" else "#"!!idmap uid = 10000000-11000000
        kernel oplocks = yes
        syslog = 1
        host msdfs = no
@@ -40,6 +44,10 @@
        nfs4:sidmap = /etc/samba/sidmap.tdb
        map readonly = no
        ea support = yes
+       !!|"" if self.config.get("package:samba", "auth_method") == "winbind" else "#"!!groupdb:backend = tdb
+       !!|"" if self.config.get("package:samba", "auth_method") == "winbind" else "#"!!winbind:online check timeout = 30
+       !!|"" if self.config.get("package:samba", "auth_method") == "winbind" else "#"!!template shell = /usr/bin/rssh
+       !!|"" if self.config.get("package:samba", "auth_method") == "winbind" else "#"!!template homedir = !!chroot_dir!!
        dmapi support = no
 
 !!%export:format("[%s]\n\tpath = %s\n\tcomment = %s\n\tguest ok = yes\n\tread only = no\n\tbrowseable = yes\n\n", ["name", "directory", "comment"])!!