1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
$ipa_client_package = case $facts['os']['family'] {
'Debian': { 'freeipa-client' }
'RedHat': { 'ipa-client' }
default: { fail($facts['os']['family']) }
}
if $facts['os']['family'] == 'Debian' and $facts['os']['release']['major'] == "11" {
class {'debian::backports':}
->
Package[$ipa_client_package]
service {['sssd-pac.service', 'sssd-pac.socket']:
ensure => stopped,
enable => mask,
}
}
if $facts['os']['family'] == 'Debian' and $facts['os']['release']['major'] == "12" {
# TODO
service {['sssd-ssh.socket', 'sssd-pam-priv.socket', 'sssd-nss.socket', 'sssd-sudo.socket', 'sssd-pam.socket']:
ensure => stopped,
enable => mask,
}
~>
exec {'/usr/bin/systemctl reset-failed':
refreshonly => true,
}
}
package {$ipa_client_package:}
package {'sudo':}
if 'lxc' in lookup("group_names") {
service {['var-lib-nfs-rpc_pipefs.mount', 'chronyd.service', 'sys-kernel-config.mount', 'sys-kernel-debug.mount', 'auth-rpcgss-module.service', 'rtkit-daemon.service', 'low-memory-monitor.service']:
ensure => stopped,
enable => mask,
}
~>
exec {'/usr/bin/systemctl reset-failed':
refreshonly => true,
}
}
|
