/[pdpsoft]/trunk/egi-pilot/robotCA/DS/ansible/roles/cafrontend/tasks/iptables.yml
ViewVC logotype

Diff of /trunk/egi-pilot/robotCA/DS/ansible/roles/cafrontend/tasks/iptables.yml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

trunk/egi-pilot/robotCA/DS/ansible/roles/cafrontend/tasks/access.yml revision 2915 by msalle, Mon Mar 21 08:15:28 2016 UTC trunk/egi-pilot/robotCA/DS/ansible/roles/cafrontend/tasks/iptables.yml revision 2926 by msalle, Wed Mar 23 11:33:28 2016 UTC
# Line 36  Line 36 
36  #  service: name=network state=restarted enabled=yes  #  service: name=network state=restarted enabled=yes
37  #  when: iptables_config.changed or ip6tables_config.changed  #  when: iptables_config.changed or ip6tables_config.changed
38    
 # Configure access to machine with authconfig  
   
 - name: add access.conf file  
   template:  
     src: access.conf.j2  
     dest: "/etc/security/access.conf"  
     owner: "root"  
     group: "root"  
     mode: 0644  
   register: pamaccess_config  
   
 - name: execute authconfig  
   command: "/usr/sbin/authconfig --kickstart --disablemd5 --passalgo=sha512  --enableshadow --enablecache --enablepamaccess --enablelocauthorize --disablesssd --disablesssdauth --disableldaptls --disableldap --disableldapauth --enablerfc2307 "  
   when: pamaccess_config.changed  
   
 - name: fix authconfig bug (sets PATH_LDAP_CACERTS to the wrong in /usr/share/authconfig/authinfo.py)  
   file:  
     src: /etc/openldap/certs  
     dest: /etc/openldap/cacerts  
     owner: root  
     state: link  
   

Legend:
Removed from v.2915  
changed lines
  Added in v.2926

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28