This is also covers the following CIS items
* CIS 1.7.1.5 Ensure permissions on /etc/issue are configured (Scored)
Change-Id: If8c237ff4db7e9ab7ee244278d28f632e73ecb56
Related-Prod: PROD-19166
saltstack 2017.7 is failing to create user when default group for user is not present, commit which changes this behavior from 2016.3 is a18dbe0c11
Change-Id: I478d632e8aa7303ab2ee32b033478148c18c473d
This patch unifies /etc/motd managing approach for both RedHat and
Ubuntu systems. Providing a string value via linux:system:motd
pillar will configure static /etc/motd and remove dynamic scripts
from /etc/update-motd.d (if present).
update-motd can safely be removed because Ubuntu supports dynamic
motd by pam_motd means since 2009.
Related-Prod: PROD-17287
Change-Id: Ic9b7e18abb12cfe8704717b14dc1237e40715319
Allow hugepages to be used right away. This is a best effort attempt,
as memory might be too fragmented to free enough contiguous regions
for all hugepages, so early allocation during boot remains the norm.
This allows using ovs-switchd-dpdk without rebooting the node first.
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
The 'system.kernel.elevator' and 'system.kernel.isolcpu' options
have been kept for backward compatibility and should be used in new
fashion way with system.kernel.boot_options parameter.
Change-Id: I51f7167b8b8946500df2065ee6b02bcf21809bc9
This patch implements pam ldap integration for linux host.
Related Prod: PROD-16022
Customer-Found
Change-Id: I2a05cfb4821d176724f03c61253700ef1f4d0bd8
The patches fixes the situation when repo is not defined but
formula tries to get access to source parameter of the repo.
Change-Id: Ifa7b8475bfc2cece6803ab7da7b2d0d5cc12b652
Related-PROD: PROD-17001
* This merge request gives the ability to add shared libaries without set LD_LIBRARY_PATH variable.
1. Generate file in /etc/ld.so.conf.d/
2. update /etc/ld.so.cache with ldconfig command
example pillars:
linux:
system:
enabled: True
ld:
libraries:
java:
- /usr/lib/jvm/jre-openjdk/lib/amd64/server
- /opt/java/jre/lib/amd64/server
* fix format in README.rst for Shared Libraries
* Fix for #137 - change pillar libraries key to library
* make all change in selinux mode persistent
* rework code to correspond with comments obtain from review about duplicity and useless code
* repair bad indent, remove bracket
- skip_verify: {{ true if package.verify else false }}
will be true when package:verify is set to true
And that confuses.
"skip verify" means "skip any verify process" and package should
not be verified during installation
Currently, for disabling verification we use:
linux:
system:
package:
netapp-offload-tool:
verify: true
And anyone who is reading reclass model can be easily perplexed.
Patchset fixes that issue.
Change-Id: I38d60ff3dbe651e14898c4937fc7dddad36204be
- Add posibility do delete user password
- Delete any password, if no other option has been passed
- Allow to pass hash\plain password
- Allow to unchange password
Change-Id: Id2b7234ca5d4417475b2114e74840292fc57d0de
Dmitry Teselkin
Ondrej Smola
Dzmitry Stremkouski
Alexandru Avadanii
Michael Fladischer
Richard Felkl
Bruno Binet
cristinapauna
Sergey Otpuschennikov
Michael Polenchuk
Oleh Hryhorov
Jiri Broulik
Petr Michalec
Nick Metz
Simon Schneider
Marek Celoud
Filip Pytloun
tomas kamm
chnyda
Consatntine Kalinovskiy
car-da
Serhiy Ovsianikov
Yuriy Taraday
azvyagintsev