Skip to content

Commit 701da11

Browse files
sjpbsjpb
committed
enable mkhomedir
1 parent 243be0f commit 701da11

File tree

4 files changed

+23
-2
lines changed

4 files changed

+23
-2
lines changed

ansible/roles/sssd/README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,8 @@ The only required configuration is to create a [sssd.conf](https://www.mankier.c
1010
- `sssd_packages`: Optional list. Packages to install.
1111
- `sssd_ldap_install`: Optional bool. Whether to install packages enabling SSSD to authenticate against LDAP. Default `false`.
1212
- `sssd_ldap_packages`: Optional list. Packages to install when using `sssd_ldap_install`.
13+
- `sssd_enable_mkhomedir`: Optional bool. Whether to enable creation of home directories on login. Default `false`.
14+
- `sssd_mkhomedir_packages`: Optional list. Packages to install when using `sssd_enable_mkhomedir`.
1315
- `sssd_conf_src`: Optional string. Path to `sssd.conf` template. Default (which must be created) is `{{ appliances_environment_root }}/files/sssd.conf.j2`.
1416
- `sssd_conf_dest`: Optional string. Path to destination for `sssd.conf`. Default `/etc/sssd/sssd.conf`.
1517
- `sssd_started`: Optional bool. Whether `sssd` service should be started.

ansible/roles/sssd/defaults/main.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,9 @@ sssd_packages:
33
sssd_install_ldap: false
44
sssd_ldap_packages:
55
- sssd-ldap
6+
sssd_enable_mkhomedir: false
7+
sssd_mkhomedir_packages:
8+
- oddjob-mkhomedir
69
sssd_conf_src: "{{ appliances_environment_root }}/files/sssd.conf.j2"
710
sssd_conf_dest: /etc/sssd/sssd.conf
811
sssd_started: true

ansible/roles/sssd/tasks/configure.yml

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
- name: Write sssd.conf
1+
- name: Manage sssd.conf configuration
22
template:
33
src: "{{ sssd_conf_src }}"
44
dest: "{{ sssd_conf_dest }}"
@@ -14,3 +14,15 @@
1414
name: sssd
1515
state: "{{ 'started' if sssd_started | bool else 'stopped' }}"
1616
enabled: "{{ sssd_enabled | bool }}"
17+
18+
- name: Get current authselect configuration
19+
command: authselect current --raw
20+
changed_when: false
21+
failed_when:
22+
- _authselect_current.rc != 0
23+
- "'No existing configuration detected' not in _authselect_current.stdout"
24+
register: _authselect_current # stdout: sssd with-mkhomedir
25+
26+
- name: Configure nsswitch and PAM for SSSD
27+
command: "authselect select sssd --force{% if sssd_enable_mkhomedir | bool %} with-mkhomedir{% endif %}"
28+
when: "'sssd' not in _authselect_current.stdout"

ansible/roles/sssd/tasks/install.yml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
- name: Install sssd packages
1+
- name: Ensure sssd packages are installed
22
dnf:
33
name: "{{ sssd_packages + sssd_ldap_packages if (sssd_install_ldap | bool) else [] }}"
44

@@ -7,3 +7,7 @@
77
systemd:
88
name: sssd
99
enabled: "{{ sssd_enabled | bool }}"
10+
11+
- name: Ensure mkhomedir packages are installed if required
12+
dnf:
13+
name: "{{ sssd_mkhomedir_packages }}"

0 commit comments

Comments
 (0)