Puppet Class: profile::toolforge::grid::hba

Defined in:
modules/profile/manifests/toolforge/grid/hba.pp

Overview



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# File 'modules/profile/manifests/toolforge/grid/hba.pp', line 3

class profile::toolforge::grid::hba {

    $sysstore = $profile::toolforge::grid::base::store

    file { '/usr/local/sbin/project-make-shosts':
        ensure  => file,
        owner   => 'root',
        group   => 'root',
        mode    => '0755',
        content => template('profile/toolforge/project-make-shosts.erb'),
    }

    exec { 'make-shosts':
        command => '/usr/local/sbin/project-make-shosts >/etc/ssh/shosts.equiv~',
        onlyif  => "/usr/bin/test -n \"\$(/usr/bin/find ${sysstore} -maxdepth 1 \\( -type d -or -type f -name submithost-\\* \\) -newer /etc/ssh/shosts.equiv~)\" -o ! -s /etc/ssh/shosts.equiv~",
        require => File['/usr/local/sbin/project-make-shosts'],
    }

    file { '/etc/ssh/shosts.equiv':
        ensure  => file,
        owner   => 'root',
        group   => 'root',
        mode    => '0444',
        source  => '/etc/ssh/shosts.equiv~',
        require => Exec['make-shosts'],
    }

    file { '/usr/local/sbin/project-make-access':
        ensure  => file,
        owner   => 'root',
        group   => 'root',
        mode    => '0755',
        content => template('profile/toolforge/project-make-access.erb'),
    }

    exec { 'make-access':
        command => '/usr/local/sbin/project-make-access >/etc/project.access',
        onlyif  => "/usr/bin/test -n \"\$(/usr/bin/find ${sysstore} -maxdepth 1 \\( -type d -or -type f -name submithost-\\* \\) -newer /etc/project.access)\" -o ! -s /etc/project.access",
        require => File['/usr/local/sbin/project-make-access'],
    }

    security::access::config { 'toolforge-hba':
        source  => '/etc/project.access',
        require => Exec['make-access'],
    }
}