Merge pull request #58 from willshersystems/centos7usepam

Add note about UsePAM on RHEL 7

Vagrantfile

@@ -4,22 +4,25 @@
 VAGRANTFILE_API_VERSION = "2"
 
 Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
+
+  config.vm.synced_folder ".", "/vagrant", type: "nfs"
+
   config.vm.define "ubuntu" do |ubuntu|
     ubuntu.vm.box = "boxcutter/ubuntu1604"
-#    ubuntu.vm.provision "shell", inline: <<-SHELL
+  #  ubuntu.vm.provision "shell", inline: <<-SHELL
-#      sudo add-apt-repository -y ppa:ansible/ansible
+  #    sudo add-apt-repository -y ppa:ansible/ansible
-#      sudo apt-get update -qq
+  #    sudo apt-get update -qq
-#      sudo apt-get -qq install ansible
+  #    sudo apt-get -qq install ansible
-#    SHELL
+  #  SHELL
   end
 
-#  config.vm.define "centos7" do |centos|
+ config.vm.define "centos7" do |centos|
-#    centos.vm.box = "boxcutter/centos72"
+   centos.vm.box = "centos/7"
 
-#    centos.vm.provision "shell", inline: <<-SHELL
+   centos.vm.provision "shell", inline: <<-SHELL
-#      sudo yum install -y libselinux-python
+     sudo yum install -y libselinux-python
-#    SHELL
+   SHELL
-#  end
+ end
 
   config.vm.provision "shell", inline: <<-SHELL
     test -e /vagrant/tests/roles/ansible-sshd || ln -s /vagrant /vagrant/tests/roles/ansible-sshd

vars/RedHat_7.yml

@@ -14,6 +14,8 @@ sshd_defaults:
   ChallengeResponseAuthentication: no
   GSSAPIAuthentication: yes
   GSSAPICleanupCredentials: yes
+# Note that UsePAM: no is not supported under RHEL/CentOS. See
+# https://github.com/willshersystems/ansible-sshd/pull/51#issuecomment-287333218
   UsePAM: yes
   X11Forwarding: yes
   UsePrivilegeSeparation: sandbox