add

STNS · Jul 3, 2016 · 4f52f4b · 4f52f4b
1 parent fc28379
commit 4f52f4b
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 18 deletions.
diff --git a/manifests/client.pp b/manifests/client.pp
@@ -80,23 +80,39 @@
   }
 
   if $handle_sudo_config {
-    validate_string($sudoers_name)
+    if $sudoers_name {
+      validate_string($sudoers_name)
 
-    augeas {'sudo pam with stns':
-      context => '/files/etc/pam.d/sudo',
-      changes => [
-        'ins "01" after #comment',
-        'set 01/type auth',
-        'set 01/control sufficient',
-        'set 01/module libpam_stns.so',
-        'set 01/argument[1] sudo',
-        "set 01/argument[2] ${sudoers_name}",
-      ],
-      onlyif  => [
-        "values *[type = 'auth']/module not_include libpam_stns.so",
-        "match *[module = 'libpam_stns.so']/argument size < 2",
-        "match *[module = 'libpam_stns.so']/argument != ['sudo', ${sudoers_name}]",
-      ],
+      augeas {'sudo pam with stns':
+        context => '/files/etc/pam.d/sudo',
+        changes => [
+          'ins "01" after #comment',
+          'set 01/type auth',
+          'set 01/control sufficient',
+          'set 01/module libpam_stns.so',
+          'set 01/argument[1] sudo',
+          "set 01/argument[2] ${sudoers_name}",
+        ],
+        onlyif  => [
+          "values *[type = 'auth']/module not_include libpam_stns.so",
+          "match *[module = 'libpam_stns.so']/argument size < 2",
+          "match *[module = 'libpam_stns.so']/argument != ['sudo', ${sudoers_name}]",
+        ],
+      }
+    } else {
+      augeas {'sudo pam with stns':
+        context => '/files/etc/pam.d/sudo',
+        changes => [
+          'ins "01" after #comment',
+          'set 01/type auth',
+          'set 01/control sufficient',
+          'set 01/module libpam_stns.so',
+        ],
+        onlyif  => [
+          "values *[type = 'auth']/module not_include libpam_stns.so",
+          "match *[module = 'libpam_stns.so']/argument size == 0",
+        ],
+      }
     }
   }
 

diff --git a/spec/acceptance/client_spec.rb b/spec/acceptance/client_spec.rb
@@ -31,7 +31,6 @@ class { '::stns::client':
         handle_nsswitch    => true,
         handle_sshd_config => true,
         handle_sudo_config => true,
-        sudoers_name       => 'example_user',
       }
     EOS
   end
@@ -80,6 +79,6 @@ class { '::stns::client':
   end
 
   describe file('/etc/pam.d/sudo') do
-    its(:content) { should match /^#%PAM-1.0\nauth\s+sufficient\s+libpam_stns.so\s+sudo\s+example_user$/ }
+    its(:content) { should match /^#%PAM-1.0\nauth\s+sufficient\s+libpam_stns.so$/ }
   end
 end