Improvements sambox-client.
This commit is contained in:
Andreas B. Mundt
Andreas B. Mundt
parent
06973c015b
commit
d7d767fea9
3 changed files with 20 additions and 2 deletions
|
|
@ -9,6 +9,7 @@
|
|||
name:
|
||||
- di-netboot-assistant
|
||||
- "{{ di_pkg }}"
|
||||
state: latest # noqa package-latest
|
||||
notify:
|
||||
- bind mount images
|
||||
- rebuild di-netboot-assistant menu
|
||||
|
|
@ -26,3 +27,4 @@
|
|||
path: /etc/hosts
|
||||
regexp: '^(127\.0\.1\.1.*)$'
|
||||
replace: '#\1\n{{ ipaddr_lan | ipaddr("address") }} {{ ansible_hostname }}.{{ ansible_domain }} {{ ansible_hostname }}'
|
||||
when: ipaddr_lan is defined
|
||||
|
|
|
|||
|
|
@ -89,6 +89,15 @@
|
|||
before: '\[.+\]'
|
||||
notify: restart smbd
|
||||
|
||||
- name: make smb homes writable
|
||||
replace:
|
||||
path: /etc/samba/smb.conf
|
||||
regexp: '^(\s*create mask =) 0700'
|
||||
replace: '\1 0600'
|
||||
after: '\[homes\]'
|
||||
before: '\[.+\]'
|
||||
notify: restart smbd
|
||||
|
||||
- name: slurp admin password for samba setup
|
||||
slurp:
|
||||
src: "{{ ldap_admin_pwd_file }}"
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@
|
|||
- libpam-mount
|
||||
- cifs-utils
|
||||
- sshfs
|
||||
- hxtools
|
||||
state: latest # noqa package-latest
|
||||
|
||||
- name: add URI to ldap.conf
|
||||
|
|
@ -32,7 +33,7 @@
|
|||
mode: 0600
|
||||
notify: restart sssd
|
||||
|
||||
- name: configure pam_mount
|
||||
- name: configure pam_mount # interesting options: posix,mfsymlinks,nomapposix,noperm
|
||||
blockinfile:
|
||||
dest: /etc/security/pam_mount.conf.xml
|
||||
block: |
|
||||
|
|
@ -41,7 +42,7 @@
|
|||
server="{{ home_server }}"
|
||||
path="%(USER)"
|
||||
mountpoint="/home/lan/%(USER)"
|
||||
options="dir_mode=0750,file_mode=0640"
|
||||
options="idsfromsid,modefromsid,mfsymlinks"
|
||||
><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume -->
|
||||
<volume
|
||||
fstype="fuse"
|
||||
|
|
@ -52,6 +53,12 @@
|
|||
><not><or><user>root</user><user>ansible</user><user>Debian-gdm</user></or></not></volume>
|
||||
insertafter: "<!-- Volume definitions -->"
|
||||
|
||||
- name: make sure umount is not blocked
|
||||
replace:
|
||||
path: /etc/security/pam_mount.conf.xml
|
||||
regexp: '<logout wait="0".*'
|
||||
replace: '<logout wait="3000" hup="yes" term="yes" kill="yes"/>'
|
||||
|
||||
- name: make sure .ssh exists
|
||||
file:
|
||||
path: /root/.ssh
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue