Winbind support is now an optional component that can be enabled

deb2fe6c · Jonathan Gazeley · a2bbfb76 · deb2fe6c · deb2fe6c · deb2fe6c
Commit deb2fe6c authored Oct 30, 2014 by Jonathan Gazeley
--- a/README.md
+++ b/README.md
@@ -50,16 +50,18 @@ of the global settings to increase flexibility. Patches are welcome.
 * `utils_support` Install FreeRADIUS utils. Default: `false`
 * `ldap_support` Install support for LDAP. Default: `false`
 * `wpa_supplicant`. Install wpa_supplicant utility. Default: `false`
+ * `winbind_support`. Add the radius user to the winbind privileged group. You must install winbind separately. Default: `false`.

 ```puppet
 class { 'freeradius':
-  control_socket => true,
-  max_requests   => 4096,
-  max_servers    => 4096,
-  mysql_support  => true,
-  perl_support   => true,
-  utils_support  => true,
-  wpa_supplicant => true,
+  control_socket  => true,
+  max_requests    => 4096,
+  max_servers     => 4096,
+  mysql_support   => true,
+  perl_support    => true,
+  utils_support   => true,
+  wpa_supplicant  => true,
+  winbind_support => true,
 }
 ```


--- a/manifests/init.pp
+++ b/manifests/init.pp
 # Base class to install FreeRADIUS
 class freeradius (
-  $control_socket = false,
-  $max_servers    = '4096',
-  $max_requests   = '4096',
-  $mysql_support  = false,
-  $perl_support   = false,
-  $utils_support  = false,
-  $ldap_support   = false,
-  $wpa_supplicant = false,
+  $control_socket  = false,
+  $max_servers     = '4096',
+  $max_requests    = '4096',
+  $mysql_support   = false,
+  $perl_support    = false,
+  $utils_support   = false,
+  $ldap_support    = false,
+  $wpa_supplicant  = false,
+  $winbind_support = false,
 ) inherits freeradius::params {

-  include samba
-
  file { 'radiusd.conf':
    name    => "${fr_basepath}/radiusd.conf",
    mode    => '0640',
@@ -122,7 +121,6 @@ class freeradius (
      File['radiusd.conf'],
      User['radiusd'],
      Package[$fr_package],
-      Service['winbind']
    ],
    enable     => true,
    hasstatus  => true,
@@ -134,8 +132,11 @@ class freeradius (
    ensure  => present,
    uid     => '95',
    gid     => 'radiusd',
-    groups  => 'wbpriv',
-    require => Package[$fr_package, 'samba-winbind'],
+    groups  => $winbind_support ? {
+      true    => $fr_wbpriv_user,
+      default => undef,
+    },
+    require => Package[$fr_package],
  }

  # Install a few modules required on all FR installations

--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -49,4 +49,11 @@ class freeradius::params {
    'Debian' => 'freerad',
    default  => 'radiusd',
  }
+
+  # Privileged winbind user
+  $fr_wbpriv_user = $::osfamily ? {
+    'RedHat' => 'wbpriv',
+    'Debian' => 'winbindd_priv',
+    default  => 'wbpriv',
+  }
 }