From 61cd3efcebe6752a3090fa7518a1546eae849544 Mon Sep 17 00:00:00 2001 From: Michele Bussolotto Date: Wed, 17 Apr 2024 11:43:23 +0200 Subject: [PATCH] Enable SSSD authentication by default in containers: uyuni-tools changes (#224) --- mgradm/shared/templates/postUpgradeScriptTemplate.go | 8 ++++++++ shared/utils/volumes.go | 4 +++- uyuni-tools.changes.mbussolotto.pam | 1 + 3 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 uyuni-tools.changes.mbussolotto.pam diff --git a/mgradm/shared/templates/postUpgradeScriptTemplate.go b/mgradm/shared/templates/postUpgradeScriptTemplate.go index f56812a5f..08b55e627 100644 --- a/mgradm/shared/templates/postUpgradeScriptTemplate.go +++ b/mgradm/shared/templates/postUpgradeScriptTemplate.go @@ -19,6 +19,14 @@ else sed 's/uyuni_authentication_endpoint.*/uyuni_authentication_endpoint: http:\/\/localhost/' -i /etc/cobbler/settings.yaml; fi {{ end }} + +grep pam_auth_service /etc/rhn/rhn.conf +if [ $? -eq 1 ]; then + echo 'pam_auth_service = susemanager' >> /etc/rhn/rhn.conf +else + sed 's/pam_auth_service.*/pam_auth_service = susemanager/' -i /etc/rhn/rhn.conf; +fi +{{ end }} ` // PostUpgradeTemplateData represents information used to create post upgrade. diff --git a/shared/utils/volumes.go b/shared/utils/volumes.go index b11fa222b..395211083 100644 --- a/shared/utils/volumes.go +++ b/shared/utils/volumes.go @@ -40,9 +40,10 @@ var EtcServerVolumeMounts = []types.VolumeMount{ {MountPath: "/etc/cobbler", Name: "etc-cobbler"}, {MountPath: "/etc/sysconfig", Name: "etc-sysconfig"}, {MountPath: "/etc/postfix", Name: "etc-postfix"}, + {MountPath: "/etc/sssd", Name: "etc-sssd"}, } -// EtcServerVolumeMounts represents volumes used for configuration. +// EtcServerVolumes represents volumes used for configuration. var EtcServerVolumes = []types.Volume{ {Name: "etc-apache2", PersistentVolumeClaim: &types.PersistentVolumeClaim{ClaimName: "etc-apache2"}}, {Name: "etc-systemd-multi", PersistentVolumeClaim: &types.PersistentVolumeClaim{ClaimName: "etc-systemd-multi"}}, @@ -53,6 +54,7 @@ var EtcServerVolumes = []types.Volume{ {Name: "etc-sysconfig", PersistentVolumeClaim: &types.PersistentVolumeClaim{ClaimName: "etc-sysconfig"}}, {Name: "etc-postfix", PersistentVolumeClaim: &types.PersistentVolumeClaim{ClaimName: "etc-postfix"}}, {Name: "etc-rhn", PersistentVolumeClaim: &types.PersistentVolumeClaim{ClaimName: "etc-rhn"}}, + {Name: "etc-sssd", PersistentVolumeClaim: &types.PersistentVolumeClaim{ClaimName: "etc-sssd"}}, } var etcAndPgsqlVolumeMounts = append(PgsqlRequiredVolumeMounts, EtcServerVolumeMounts[:]...) diff --git a/uyuni-tools.changes.mbussolotto.pam b/uyuni-tools.changes.mbussolotto.pam new file mode 100644 index 000000000..49f234599 --- /dev/null +++ b/uyuni-tools.changes.mbussolotto.pam @@ -0,0 +1 @@ +- Allow PAM and LDAP authentication using SSSD