From 69db866b10405b5777d6e203f63909d591986a7c Mon Sep 17 00:00:00 2001 From: Robin Sonnabend <robin@fsmpi.rwth-aachen.de> Date: Thu, 5 Nov 2020 20:36:32 +0100 Subject: [PATCH] Fix pam mkhomedir The config file is provided by pam-modules, but with Default: no. We need to call pam-auth-update to enable or disable it. --- ssh-server/handlers/main.yml | 5 ----- ssh-server/tasks/main.yml | 22 +++++++++++++--------- 2 files changed, 13 insertions(+), 14 deletions(-) diff --git a/ssh-server/handlers/main.yml b/ssh-server/handlers/main.yml index 9fc709c..d796ac6 100644 --- a/ssh-server/handlers/main.yml +++ b/ssh-server/handlers/main.yml @@ -4,8 +4,3 @@ service: name: ssh state: restarted - -- name: regenerate pam config - command: pam-auth-update --force - environment: - DEBIAN_FRONTEND: noninteractive diff --git a/ssh-server/tasks/main.yml b/ssh-server/tasks/main.yml index 5ea696c..8974d73 100644 --- a/ssh-server/tasks/main.yml +++ b/ssh-server/tasks/main.yml @@ -46,16 +46,20 @@ tags: - ssh -- name: ensure pam creates a home dir if necessary - copy: - src: pam/mkhomedir - dest: /usr/share/pam-configs/mkhomedir - owner: root - group: root - mode: '0644' +- name: ensure pam creates a home directory + command: pam-auth-update --enable mkhomedir --force + environment: + DEBIAN_FRONTEND: noninteractive when: ssh_mkhomedir - notify: - - regenerate pam config + tags: + - ssh + - pam + +- name: ensure pam creates a home directory + command: pam-auth-update --remove mkhomedir --force + environment: + DEBIAN_FRONTEND: noninteractive + when: not ssh_mkhomedir tags: - ssh - pam -- GitLab