mirror of
https://github.com/willshersystems/ansible-sshd
synced 2024-11-05 11:23:29 +01:00
Add note about UsePAM
This commit is contained in:
parent
b5a1b14ab1
commit
fffdf9df08
3 changed files with 18 additions and 12 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1,2 +1,3 @@
|
|||
.vagrant
|
||||
tests/roles/ansible-sshd
|
||||
tests/test.retry
|
||||
|
|
27
Vagrantfile
vendored
27
Vagrantfile
vendored
|
@ -4,25 +4,28 @@
|
|||
VAGRANTFILE_API_VERSION = "2"
|
||||
|
||||
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
|
||||
|
||||
config.vm.synced_folder ".", "/vagrant", type: "nfs"
|
||||
|
||||
config.vm.define "ubuntu" do |ubuntu|
|
||||
ubuntu.vm.box = "boxcutter/ubuntu1604"
|
||||
# ubuntu.vm.provision "shell", inline: <<-SHELL
|
||||
# sudo add-apt-repository -y ppa:ansible/ansible
|
||||
# sudo apt-get update -qq
|
||||
# sudo apt-get -qq install ansible
|
||||
# SHELL
|
||||
# ubuntu.vm.provision "shell", inline: <<-SHELL
|
||||
# sudo add-apt-repository -y ppa:ansible/ansible
|
||||
# sudo apt-get update -qq
|
||||
# sudo apt-get -qq install ansible
|
||||
# SHELL
|
||||
end
|
||||
|
||||
# config.vm.define "centos7" do |centos|
|
||||
# centos.vm.box = "boxcutter/centos72"
|
||||
config.vm.define "centos7" do |centos|
|
||||
centos.vm.box = "centos/7"
|
||||
|
||||
# centos.vm.provision "shell", inline: <<-SHELL
|
||||
# sudo yum install -y libselinux-python
|
||||
# SHELL
|
||||
# end
|
||||
centos.vm.provision "shell", inline: <<-SHELL
|
||||
sudo yum install -y libselinux-python
|
||||
SHELL
|
||||
end
|
||||
|
||||
config.vm.provision "shell", inline: <<-SHELL
|
||||
test -e /vagrant/tests/roles/ansible-sshd || ln -s /vagrant /vagrant/tests/roles/ansible-sshd
|
||||
test -e /vagrant/tests/roles/ansible-sshd || ln -s /vagrant /vagrant/tests/roles/ansible-sshd
|
||||
SHELL
|
||||
|
||||
config.vm.provision "ansible_local" do |ansible|
|
||||
|
|
|
@ -14,6 +14,8 @@ sshd_defaults:
|
|||
ChallengeResponseAuthentication: no
|
||||
GSSAPIAuthentication: yes
|
||||
GSSAPICleanupCredentials: yes
|
||||
# Note that UsePAM: no is not supported under RHEL/CentOS. See
|
||||
# https://github.com/willshersystems/ansible-sshd/pull/51#issuecomment-287333218
|
||||
UsePAM: yes
|
||||
X11Forwarding: yes
|
||||
UsePrivilegeSeparation: sandbox
|
||||
|
|
Loading…
Reference in a new issue