Pfmooney-mit_krb5 : define mit_krb5::realm

Hi,

is it possible to get help for this module because i don't find the
solution ? :cry:

I try to use the module pfmooney-mit_krb5 but i don't understand how to
work "define mit_krb5::realm"
I tried different things explain here :
http://projects.theforeman.org/projects/foreman/wiki/Instantiate_Puppet_resources
but i have always an error, my last error is :
no implicit conversion of String into Hash at
/etc/puppet/environments/production/modules/mit_krb5/manifests/init.pp:289

changes in red :

my init.pp :

> class mit_krb5(
> $default_realm = '',
> $default_keytab_name = '',
> $default_tgs_enctypes = [],
> $default_tkt_enctypes = [],
> $default_ccache_name = '',
> $permitted_enctypes = [],
> $allow_weak_crypto = '',
> $clockskew = '',
> $ignore_acceptor_hostname = '',
> $k5login_authoritative = '',
> $k5login_directory = '',
> $kdc_timesync = '',
> $kdc_req_checksum_type = '',
> $ap_req_checksum_type = '',
> $safe_checksum_type = '',
> $preferred_preauth_types = '',
> $ccache_type = '',
> $dns_lookup_kdc = '',
> $dns_lookup_realm = '',
> $dns_fallback = '',
> $realm_try_domains = '',
> $extra_addresses = [],
> $udp_preference_limit = '',
> $verify_ap_req_nofail = '',
> $ticket_lifetime = '',
> $renew_lifetime = '',
> $noaddresses = '',
> $forwardable = '',
> $proxiable = '',
> $rdns = '',
> $plugin_base_dir = '',
> $krb5_conf_path = '/etc/krb5.conf',
> $krb5_conf_owner = 'root',
> $krb5_conf_group = 'root',
> $krb5_conf_mode = '0444',
> $resources = {}
> ) {
> # SECTION: Parameter validation {
> validate_string(
> $default_realm,
> $default_ccache_name,
> $default_keytab_name,
> $clockskew,
> $k5login_directory,
> $kdc_timesync,
> $kdc_req_checksum_type,
> $ap_req_checksum_type,
> $safe_checksum_type,
> $preferred_preauth_types,
> $ccache_type,
> $realm_try_domains,
> $udp_preference_limit,
> $ticket_lifetime,
> $renew_lifetime,
> $plugin_base_dir,
> $krb5_conf_path,
> $krb5_conf_owner,
> $krb5_conf_group,
> $krb5_conf_mode
> )
> if $default_realm == '' {
> fail('default_realm must be set manually or via Hiera')
> }
> # END Parameter validation }
> # SECTION: Resource creation {
> anchor { 'mit_krb5::begin': }
> include mit_krb5::install
> concat { $krb5_conf_path:
> owner => $krb5_conf_owner,
> group => $krb5_conf_group,
> mode => $krb5_conf_mode,
> }
> concat::fragment { 'mit_krb5::libdefaults':
> target => $krb5_conf_path,
> order => '01libdefaults',
> content => template('mit_krb5/libdefaults.erb'),
> }
> anchor { 'mit_krb5::end': }
> # END Resource creation }
> # SECTION: Resource ordering {
> Anchor['mit_krb5::begin'] -> Class['mit_krb5::install'] ->
> Concat[$krb5_conf_path] -> Anchor['mit_krb5::end']
> # END Resource ordering }
> create_resources('mit_krb5::realm', $resources)
> }

and realm.pp :

define mit_krb5::realm(
> $kdc = '',
> $admin_server = {},
> $database_module = '',
> $default_domain = '',
> $v4_instance_convert = '',
> $v4_realm = '',
> $auth_to_local_names = '',
> $auth_to_local = '',
> $pkinit_anchors = '',
> ) {
> include mit_krb5
> ensure_resource('concat::fragment', 'mit_krb5::realm_header', {
> target => $mit_krb5::krb5_conf_path,
> order => '10realm_header',
> content => "[realms]\n",
> })
> concat::fragment { "mit_krb5::realm::${title}":
> target => $mit_krb5::krb5_conf_path,
> order => "11realm_${title}",
> content => template('mit_krb5/realm.erb'),
> }
>
> }

In foreman, resources key type is hash, i have test many different values
but nothing works.

Thanks for your help.
I'm still looking for.

Have a good day !!

Can you show your ENC YAML output for the host? It's in the UI, click the
YAML button.

Hi,

My ENC YAML :

classes:
mit_krb5:
default_ccache_name: KEYRING:persistent:%{uid}
default_realm: MYDOMAIN.LOCAL
dns_lookup_realm: 'false'
forwardable: 'true'
rdns: 'false'
renew_lifetime: 'false'
resources:
default_domain: MYDOMAIN.LOCAL {}
ticket_lifetime: 24h
mit_krb5::logging:
admin_server: FILE:/var/log/kadmind.log
default: FILE:/var/log/krb5libs.log
kdc: FILE:/var/log/krb5kdc.log
parameters:
puppetmaster: tnbilminf03.mydomain.local
domainname: ''
root_pw: "hidden"
puppet_ca: tnbilminf03.mydomain.local
foreman_env: production
owner_name: Admin administrateur
owner_email: servicedesk@mydomain.com
foreman_subnets:

  • network: 172.23.2.0
    mask: 255.255.255.192
    name: ILM_DEV
    vlanid: '104'
    gateway: 172.23.2.62
    dns_primary: 10.0.10.1
    dns_secondary: 10.0.10.2
    from: ''
    to: ''
    boot_mode: DHCP
    ipam: DHCP
    foreman_interfaces:
  • mac: 00:50:56:aa:c2:35
    ip: 172.23.2.28
    type: Interface
    name: tnbilminf05.mydomain.local
    attrs:
    netmask: 255.255.255.192
    mtu: '1500'
    network: 172.23.2.0
    virtual: false
    link: true
    identifier: eno16777728
    managed: true
    primary: true
    provision: true
    subnet:
    network: 172.23.2.0
    mask: 255.255.255.192
    name: ILM_DEV
    vlanid: '104'
    gateway: 172.23.2.62
    dns_primary: 10.0.10.1
    dns_secondary: 10.0.10.2
    from: ''
    to: ''
    boot_mode: DHCP
    ipam: DHCP

environment: production

This should be a hash of params/properties for the 'default_domain'
resource, but it's a string (hence the error saying it can't convert a
string to a hash).

What precisely is in the smart class parameter field? It probably isn't
formatted correctly, especially if it's YAML. Ensure it's a hash of hashes.

··· On 26/05/16 13:33, Benoit Pluchet wrote: > > classes: > mit_krb5: > resources: > default_domain: MYDOMAIN.LOCAL {}


Dominic Cleal
dominic@cleal.org