Skip to content

FreeIPA environment mkhomedir fails #664

New issue
New issue
Closed
Closed
FreeIPA environment mkhomedir fails#664
Labels
bug
@imp1sh

Description

@imp1sh
imp1sh
opened on Apr 20, 2023

Description

I assume this is a bug but I'm not 100% sure.

In a FreeIPA based environment system-auth and password-auth both expect to have this line:

session     optional      pam_oddjob_mkhomedir.so umask=0077

Can you please embed a variable for the rhel_auth.j2 template so both files can be provided with the line?

Reproduction steps

It's a bit hard to reproduce, since you would need some kind of LDAP based authentication.

Current Behavior

Automatic creation of home directory fails.

Expected Behavior

Home directory should be created automatically.

OS / Environment

CentOS 7.9

Ansible Version

╰─$ ansible --version    
ansible [core 2.11.6] 
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/jochen/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/jochen/env/lbb-kubernetes-ansible/lib/python3.8/site-packages/ansible
  ansible collection location = /home/jochen/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/jochen/env/lbb-kubernetes-ansible/bin/ansible
  python version = 3.8.16 (default, Jan 20 2023, 00:00:00) [GCC 13.0.1 20230117 (Red Hat 13.0.1-0)]
  jinja version = 2.11.3
  libyaml = True

Collection Version

- name: devsec.hardening
    version: 8.1.0

Additional information

I can make a pull request if you prefer.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions