'trust' instances will be changed to 'ident' after 'ident'
instances
are changed to 'md5', effectively bumping the securily level 'up' one
for existing trust/ident instances
---
recipes/aeolus/manifests/conductor.pp | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/recipes/aeolus/manifests/conductor.pp
b/recipes/aeolus/manifests/conductor.pp
index 282d79c..200100d 100644
--- a/recipes/aeolus/manifests/conductor.pp
+++ b/recipes/aeolus/manifests/conductor.pp
@@ -103,12 +103,18 @@ class aeolus::conductor inherits aeolus {
group => 'postgres',
notify => Service['postgresql']}
}
- exec{ "pgauthuser":
+ exec{ "pg_auth_sys_user":
command => "/usr/bin/sed -i s/ident/md5/
/var/lib/pgsql/data/pg_hba.conf",
onlyif => '/bin/grep -q ident /var/lib/pgsql/data/pg_hba.conf',
require => Exec["pginitdb"],
notify => Service["postgresql"]
}
+ exec{ "pg_auth_all_user":
+ command => "/usr/bin/sed -i s/trust/ident/
/var/lib/pgsql/data/pg_hba.conf",
+ onlyif => '/bin/grep -q trust /var/lib/pgsql/data/pg_hba.conf',
+ require => [Exec["pginitdb"],
Exec["pg_auth_sys_user"]],
+ notify => Service["postgresql"]
+ }
postgres::user{"aeolus":
password => "v23zj59an",
roles => "CREATEDB",
@@ -119,7 +125,7 @@ class aeolus::conductor inherits aeolus {
aeolus::rails::create::db{"create_aeolus_database":
cwd => "/usr/share/aeolus-conductor",
rails_env => "production",
- require => [Postgres::User[aeolus], Exec['pgauthuser'],
Package['aeolus-conductor']] }
+ require => [Postgres::User[aeolus],
Exec['pg_auth_all_user'], Package['aeolus-conductor']] }
aeolus::rails::migrate::db{"migrate_aeolus_database":
cwd => "/usr/share/aeolus-conductor",
rails_env => "production",
--
1.7.10.2
Show replies by date