Comments (6)
This is a duplicate of #105
from puppet-augeasproviders.
Is this really a duplicate issue? Definitely a different problem although I suppose the fix could apply to both issues.
I tried the latest augeasproviders from git and these two entries overwrite each other even though they have a different key or path in terms of type/control/module. It seems like the unique identifier is being treated as the type/module and the control value is ignored?
from puppet-augeasproviders.
Sorry, my bad, it is a duplicate of #101, not #105.
from puppet-augeasproviders.
I know this was marked a duplicate of a now closed issue, so let me know if I should open a new issue. I tried out the latest augeasproviders (from Git earlier today as downloaded by puppet-librarian) and I am still seeing only one of the two entries I am trying to add with the pam provider using the following config. Is it possible the pam provider just doesn't let you have two entries with the same type and module (but a different control)?
pam { 'Set invalid login 3 times deny in password-auth -fail':
ensure => present,
service => 'password-auth',
type => 'auth',
control => '[default=die]',
module => 'pam_faillock.so',
arguments => ['authfail','deny=3','unlock_time=604800','fail_interval=900'],
position => 'after *[type="auth" and module="pam_unix.so"]',
}
pam { 'Set invalid login 3 times deny in password-auth -success':
ensure => present,
service => 'password-auth',
type => 'auth',
control => 'required',
module => 'pam_faillock.so',
arguments => ['authsucc','deny=3','unlock_time=604800','fail_interval=900'],
position => 'before *[type="auth" and module="pam_succeed_if.so"]',
}
I am getting one of the two entries like the following and it is at the end of the password-auth file.
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_tally.so deny=3
auth required pam_deny.so
If I comment out the first puppet "pam" and run again then it shows the other entry (see below). At one point I had the position attribute on the entry that wasn't showing up referencing a module/type combination that didn't exist so the entry was going to the end of the password-auth file and was being overwritten there by the entry that was actually showing up.
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth required pam_faillock.so authsucc deny=3 unlock_time=604800 fail_interval=900
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_tally.so deny=3
auth required pam_deny.so
from puppet-augeasproviders.
Indeed, control
is a property, not a parameter, so it is meant to converge for a given combination of service
and type
. If you think this is a bug, please open a new ticket to request control
to be used as a parameter instead.
from puppet-augeasproviders.
Issue #114 deals with this now.
from puppet-augeasproviders.
Related Issues (20)
- Create type/provider for resolv.conf edits
- Clarify herculesteam-augeasproviders vs domcleal-augeasproviders ? HOT 3
- Not possible to add multiple kernel parameters with the same name. HOT 2
- Please add Spacevars.lns provider
- Error: Could not prefetch mailalias provider 'augeas': Augeas didn't load /etc/aliases with Aliases.lns from /var/lib/puppet/lib/augeas/lenses: Iterated lens matched less than it should (line:6, character:0) HOT 8
- Rsyslog.conf parsing failed in Ubuntu 16 with Rainerscript HOT 3
- Create a type provider for systemd
- puppet 4 ? HOT 1
- augeasproviders_syslog: should provide meaningful error message for missing `action_type`
- allow "-" to prepend pam type value.
- spaces in group names breaks augeasproviders_ssh HOT 1
- XML types
- Create a provider for multipath HOT 1
- README.md link to "Puppet/Augeas pre-requisites" broken HOT 1
- Renewing Puppet Forge Approved Status
- Incorrect dependency for augeasproviders_grub HOT 1
- Current release tarball (2.2.1) contains .git directory HOT 2
- Dependency Issue with Librarian HOT 1
- Sysctl lense fails for keys that contain colons (":") HOT 1
- Puppet7 support
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppet-augeasproviders.