diff --git a/README.md b/README.md index 2e326650..8c5b0436 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,7 @@ This module has been tested to work on the following systems using Puppet v3 wit * EL 5 * EL 6 + * Solaris 9 * Solaris 10 * Solaris 11 * Suse 9 diff --git a/manifests/init.pp b/manifests/init.pp index c07a8b7a..cdd4b4ac 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -360,6 +360,29 @@ } 'Solaris': { case $::kernelrelease { + '5.9': { + $default_pam_auth_lines = [ 'login auth requisite pam_authtok_get.so.1', + 'login auth required pam_dhkeys.so.1', + 'login auth required pam_unix_auth.so.1', + 'login auth required pam_dial_auth.so.1', + 'passwd auth required pam_passwd_auth.so.1', + 'other auth requisite pam_authtok_get.so.1', + 'other auth required pam_dhkeys.so.1', + 'other auth required pam_unix_auth.so.1'] + + $default_pam_account_lines = ['cron account required pam_projects.so.1', + 'cron account required pam_unix_account.so.1', + 'other account requisite pam_roles.so.1', + 'other account required pam_projects.so.1', + 'other account required pam_unix_account.so.1'] + + $default_pam_password_lines = [ 'other password required pam_dhkeys.so.1', + 'other password requisite pam_authtok_get.so.1', + 'other password requisite pam_authtok_check.so.1', + 'other password required pam_authtok_store.so.1'] + + $default_pam_session_lines = ['other session required pam_unix_session.so.1'] + } '5.10': { $default_pam_auth_lines = [ 'login auth requisite pam_authtok_get.so.1', 'login auth required pam_dhkeys.so.1', @@ -404,7 +427,7 @@ } default: { - fail("Pam is only supported on Solaris 10 and 11. Your kernelrelease is identified as <${::kernelrelease}>.") + fail("Pam is only supported on Solaris 9, 10 and 11. Your kernelrelease is identified as <${::kernelrelease}>.") } } } @@ -732,7 +755,7 @@ 'Solaris': { case $::kernelrelease { - '5.10': { + '5.9','5.10': { file { 'pam_conf': ensure => file, path => $pam_conf_file, @@ -753,7 +776,7 @@ } } default: { - fail("Pam is only supported on Solaris 10 and 11. Your kernelrelease is identified as <${::kernelrelease}>.") + fail("Pam is only supported on Solaris 9, 10 and 11. Your kernelrelease is identified as <${::kernelrelease}>.") } } } diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index d9bef0c3..242fef22 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -60,17 +60,17 @@ end end - context 'with defaults params on Solaris 9' do + context 'with defaults params on Solaris 8' do let(:facts) do { :osfamily => 'Solaris', - :kernelrelease => '5.9', + :kernelrelease => '5.8', } end it 'should fail' do expect { should contain_class('pam') - }.to raise_error(Puppet::Error,/Pam is only supported on Solaris 10 and 11. Your kernelrelease is identified as <5.9>./) + }.to raise_error(Puppet::Error,/Pam is only supported on Solaris 9, 10 and 11. Your kernelrelease is identified as <5.8>./) end end end @@ -156,6 +156,17 @@ } end + context 'with default params on Solaris 9' do + let :facts do + { + :osfamily => 'Solaris', + :kernelrelease => '5.9', + } + end + + it { should_not contain_package('pam_package') } + end + context 'with default params on Solaris 10' do let :facts do { @@ -934,6 +945,55 @@ } end + context 'with default params on osfamily Solaris with kernelrelease 5.9' do + let :facts do + { + :osfamily => 'Solaris', + :kernelrelease => '5.9', + } + end + + it { + should contain_file('pam_conf').with({ + 'ensure' => 'file', + 'path' => '/etc/pam.conf', + 'owner' => 'root', + 'group' => 'sys', + 'mode' => '0644', + }) + } + + it { should contain_file('pam_conf').with_content("# This file is being maintained by Puppet. +# DO NOT EDIT +# Auth +login auth requisite pam_authtok_get.so.1 +login auth required pam_dhkeys.so.1 +login auth required pam_unix_auth.so.1 +login auth required pam_dial_auth.so.1 +passwd auth required pam_passwd_auth.so.1 +other auth requisite pam_authtok_get.so.1 +other auth required pam_dhkeys.so.1 +other auth required pam_unix_auth.so.1 + +# Account +cron account required pam_projects.so.1 +cron account required pam_unix_account.so.1 +other account requisite pam_roles.so.1 +other account required pam_projects.so.1 +other account required pam_unix_account.so.1 + +# Password +other password required pam_dhkeys.so.1 +other password requisite pam_authtok_get.so.1 +other password requisite pam_authtok_check.so.1 +other password required pam_authtok_store.so.1 + +# Session +other session required pam_unix_session.so.1 +") + } + end + context 'with default params on osfamily Solaris with kernelrelease 5.10' do let :facts do {