From c1f4d78e2fcff271570bedbb8453121c720abee0 Mon Sep 17 00:00:00 2001
From: Lars Beckers <lars.beckers@rwth-aachen.de>
Date: Sun, 10 May 2015 23:25:48 +0159
Subject: [PATCH] aufs for guests

---
 nfs-client/files/pam_common-session | 29 -----------------------------
 nfs-client/tasks/umask.yml          |  2 +-
 2 files changed, 1 insertion(+), 30 deletions(-)
 delete mode 100644 nfs-client/files/pam_common-session

diff --git a/nfs-client/files/pam_common-session b/nfs-client/files/pam_common-session
deleted file mode 100644
index 2e652e5..0000000
--- a/nfs-client/files/pam_common-session
+++ /dev/null
@@ -1,29 +0,0 @@
-#
-# /etc/pam.d/common-session - session-related modules common to all services
-#
-# This file is included from other service-specific PAM config files,
-# and should contain a list of modules that define tasks to be performed
-# at the start and end of sessions of *any* kind (both interactive and
-# non-interactive).
-#
-# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
-# To take advantage of this, it is recommended that you configure any
-# local modules either before or after the default block, and use
-# pam-auth-update to manage selection of other modules.  See
-# pam-auth-update(8) for details.
-
-# here are the per-package modules (the "Primary" block)
-session	[default=1]			pam_permit.so
-# here's the fallback if no module succeeds
-session	requisite			pam_deny.so
-# prime the stack with a positive return value if there isn't one already;
-# this avoids us returning an error just because nothing sets a success code
-# since the modules above will each just jump around
-session	required			pam_permit.so
-# and here are more per-package modules (the "Additional" block)
-session	optional			pam_krb5.so minimum_uid=1000
-session	required	pam_unix.so 
-session	[success=ok default=ignore]	pam_ldap.so minimum_uid=1000
-session	optional			pam_ck_connector.so nox11
-session optional			pam_umask.so
-# end of pam-auth-update config
diff --git a/nfs-client/tasks/umask.yml b/nfs-client/tasks/umask.yml
index 8d72256..0fc288c 100644
--- a/nfs-client/tasks/umask.yml
+++ b/nfs-client/tasks/umask.yml
@@ -8,7 +8,7 @@
     - config
 
 - name: activate pam.d session modules to set default umask
-  copy: src=pam_common-session dest=/etc/pam.d/common-session owner=root group=root mode=0644
+  lineinfile: dest=/etc/pam.d/common-session line=session optional                        pam_umask.so
   tags:
     - umask
     - pam
-- 
GitLab