Skip to content

Commit

Permalink
Add SLES10.x support
Browse files Browse the repository at this point in the history 
SLES10.x does not support limits fragments as
it does not traverse the limits.d catalog.
  • Loading branch information
Takeshi Larsson committed Feb 2, 2015
1 parent b9227ef commit 4001a92
Show file tree
Hide file tree
Showing 7 changed files with 206 additions and 22 deletions.
13 changes: 13 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -355,6 +355,19 @@ Mode for config_file.

- *Default*: '0640'

config_file_contents
--------------------
Limits that should be placed into limits.conf

- *Default*: undef

config_file_source
------------------
Source path to a limits.conf

- *Default*: undef


limits_d_dir
------------
Path to limits.d directory
Expand Down
59 changes: 37 additions & 22 deletions manifests/limits.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,13 @@
# Manage PAM limits.conf
#
class pam::limits (
$config_file = '/etc/security/limits.conf',
$config_file_mode = '0640',
$limits_d_dir = '/etc/security/limits.d',
$limits_d_dir_mode = '0750',
$purge_limits_d_dir = false,
$config_file = '/etc/security/limits.conf',
$config_file_contents = undef,
$config_file_source = undef,
$config_file_mode = '0640',
$limits_d_dir = '/etc/security/limits.d',
$limits_d_dir_mode = '0750',
$purge_limits_d_dir = false,
) {

# validate params
Expand All @@ -28,27 +30,40 @@
validate_bool($purge_limits_d_dir_real)

include pam

# ensure target exists
common::mkdir_p { $limits_d_dir: }

file { 'limits_d':
ensure => directory,
path => $limits_d_dir,
owner => 'root',
group => 'root',
mode => $limits_d_dir_mode,
purge => $purge_limits_d_dir_real,
recurse => $purge_limits_d_dir_real,
require => [ Package[$pam::my_package_name],
Common::Mkdir_p[$limits_d_dir],
],
if $config_file_contents == undef and $config_file_source == undef {
$content = template('pam/limits.conf.erb')
} else {
# config_file_contents takes priority over config_file_source
if $config_file_contents == undef {
$content = undef
$config_file_source_real = $config_file_source
} else {
$config_file_source_real = undef
validate_array($config_file_contents)
$content = template('pam/limits.conf.erb')
}
}
if $::osfamily == 'Suse' and $::lsbmajdistrelease == '10' {
} else {
common::mkdir_p { $limits_d_dir: }
file { 'limits_d':
ensure => directory,
path => $limits_d_dir,
owner => 'root',
group => 'root',
mode => $limits_d_dir_mode,
purge => $purge_limits_d_dir_real,
recurse => $purge_limits_d_dir_real,
require => [ Package[$pam::my_package_name],
Common::Mkdir_p[$limits_d_dir],
],
}
}

file { 'limits_conf':
ensure => file,
path => $config_file,
source => 'puppet:///modules/pam/limits.conf',
source => $config_file_source_real,
content => $content,
owner => 'root',
group => 'root',
mode => $config_file_mode,
Expand Down
3 changes: 3 additions & 0 deletions manifests/limits/fragment.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@

include pam
include pam::limits
if $::osfamily == 'Suse' and $::lsbmajdistrelease == '10' {
fail('You can not use pam::limits::fragment together with Suse 10.x releases')
}

# must specify source or list
if $source == 'UNSET' and $list == undef {
Expand Down
133 changes: 133 additions & 0 deletions spec/classes/limits_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,125 @@
}
end

context 'with config_file_source specified as an valid string' do
let(:facts) do
{
:osfamily => 'RedHat',
:lsbmajdistrelease => '6',
:operatingsystemmajrelease => '6',
}
end

let(:params) do
{
:config_file_source => 'puppet:///modules/pam/own.limits.conf',
}
end

it {
should contain_file('limits_conf').with({
'ensure' => 'file',
'path' => '/etc/security/limits.conf',
'source' => 'puppet:///modules/pam/own.limits.conf',
'content' => nil,
'owner' => 'root',
'group' => 'root',
'mode' => '0640',
'require' => [ 'Package[pam]', ],
})
}

end

context 'with config_file_contents specified as an valid array' do
let(:facts) do
{
:osfamily => 'RedHat',
:lsbmajdistrelease => '6',
:operatingsystemmajrelease => '6',
}
end

let(:params) do
{
:config_file_contents => [ '* soft nofile 2048', '* hard nofile 8192', ]
}
end

it {
should contain_file('limits_conf').with({
'ensure' => 'file',
'path' => '/etc/security/limits.conf',
'source' => nil,
'owner' => 'root',
'group' => 'root',
'mode' => '0640',
'require' => [ 'Package[pam]', ],
})
}

it { should contain_file('limits_conf').with_content(/^\* soft nofile 2048$/) }
it { should contain_file('limits_conf').with_content(/^\* hard nofile 8192$/) }

end

context 'with config_file_contents specified as an invalid string' do
let(:facts) do
{
:osfamily => 'RedHat',
:lsbmajdistrelease => '6',
:operatingsystemmajrelease => '6',
}
end

let(:params) do
{
:config_file_contents => '* soft nofile 2048',

}
end

it 'should fail' do
expect {
should contain_class('pam::limits')
}.to raise_error(Puppet::Error,/is not an Array. It looks to be a String/)
end

end

context 'with config_file_source specified as an valid string and config_file_contents specified as an valid array' do
let(:facts) do
{
:osfamily => 'RedHat',
:lsbmajdistrelease => '6',
:operatingsystemmajrelease => '6',
}
end

let(:params) do
{
:config_file_source => 'puppet:///modules/pam/own.limits.conf',
:config_file_contents => [ '* soft nofile 2048', '* hard nofile 8192', ]
}
end

it {
should contain_file('limits_conf').with({
'ensure' => 'file',
'path' => '/etc/security/limits.conf',
'source' => nil,
'owner' => 'root',
'group' => 'root',
'mode' => '0640',
'require' => [ 'Package[pam]', ],
})
}

it { should contain_file('limits_conf').with_content(/^\* soft nofile 2048$/) }
it { should contain_file('limits_conf').with_content(/^\* hard nofile 8192$/) }

end

context 'with config_file specified as an invalid path' do
let(:params) { { :config_file => 'custom/security/limits.conf' } }
let(:facts) do
Expand Down Expand Up @@ -241,5 +360,19 @@
}.to raise_error(Puppet::Error,/str2bool/)
end
end

context 'without fragments support on Suse 10' do
let(:facts) do
{
:osfamily => 'Suse',
:lsbmajdistrelease => '10',
}
end

it { should contain_class('pam') }
it { should_not contain_common__mkdir_p('/etc/security/limits.d') }
it { should_not contain_file('limits_d') }
end

end
end
15 changes: 15 additions & 0 deletions spec/defines/limits/fragment_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,4 +114,19 @@
}.to raise_error(Puppet::Error,/pam::limits::fragment must specify source or list./)
end
end

context 'on unsupported platform Suse 10.x' do
let(:title) { '80-nproc' }
let(:facts) {
{
:osfamily => 'Suse',
:lsbmajdistrelease => '10',
}
}
it 'should fail' do
expect {
should contain_class('pam::limits::fragment')
}.to raise_error(Puppet::Error,/You can not use pam::limits::fragment together with Suse 10.x releases/)
end
end
end
Empty file added spec/fixtures/manifests/site.pp
View file
Empty file.
5 changes: 5 additions & 0 deletions files/limits.conf → templates/limits.conf.erb
100755 → 100644
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,5 +49,10 @@
#@faculty hard nproc 50
#ftp hard nproc 0
#@student - maxlogins 4
<% unless @config_file_contents.nil? -%>
<% @config_file_contents.each do |line| -%>
<%= line %>
<% end -%>
<% end -%>

# End of file

0 comments on commit 4001a92

Please sign in to comment.