diff --git a/manifests/.config.pp.swp b/manifests/.config.pp.swp deleted file mode 100644 index c7ea796..0000000 Binary files a/manifests/.config.pp.swp and /dev/null differ diff --git a/manifests/config.pp b/manifests/config.pp index 76d57d2..a2c9c66 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -44,6 +44,7 @@ $allow_overwrite = $proftpd::params::allow_overwrite, $transfer_log = $proftpd::params::transfer_log, $system_log = $proftpd::params::system_log, + $user_jail = $proftpd::params::user_jail, $tls_engine = $proftpd::params::tls_engine, $tls_log = $proftpd::params::tls_log, @@ -162,6 +163,12 @@ proftpd::mods {'odbc': ensure => 'absent' } } + if $ldap_engine == 'on' { + proftpd::mods {'ldap': ensure => 'present'} + } else { + proftpd::mods {'ldap': ensure => 'absent'} + } + exec { 'proftpd-reload': command => "service ${service_name} reload", logoutput => on_failure, diff --git a/manifests/params.pp b/manifests/params.pp index fd25ad5..18b4d23 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -33,6 +33,7 @@ $group = 'nogroup' $umask = '022 022' $allow_overwrite = 'on' + $user_jail = false $sql_engine = 'off' $sql_backend = 'mysql' diff --git a/templates/proftpd.conf.erb b/templates/proftpd.conf.erb index 438d0dd..38ecbf8 100644 --- a/templates/proftpd.conf.erb +++ b/templates/proftpd.conf.erb @@ -15,7 +15,10 @@ ModuleControlsACLs insmod,rmmod allow user root ModuleControlsACLs lsmod allow user * # Includes DSO modules -Include /etc/proftpd/mods-enabled/ +Include /etc/proftpd/mods-enabled/*.load +# Include config for DSO modules +# .conf files were getting loaded before the module was loaded so were getting ignored +Include /etc/proftpd/mods-enabled/*.conf # Set off to disable IPv6 support which is annoying on IPv4 only boxes. UseIPv6 <%= use_ipv6 %> @@ -41,7 +44,7 @@ ListOptions "<%= list_options %>" DenyFilter <%= deny_filter %> # Use this to jail all users in their homes -# DefaultRoot ~ +<% if user_jail == true %>DefaultRoot ~<% end %> # Users require a valid shell listed in /etc/shells to login. # Use this directive to release that constrain.