andylytical commented 3 years ago

Steps to reproduce

git clone https://github.com/puppetlabs/pupperware
cd pupperware
docker-compose up -d
docker-compose exec puppet bash
puppet module install MiamiOH-pam_access

>/etc/puppetlabs/code/environments/production/manifests/site.pp cat <<ENDHERE

class { 'pam_access': }
pam_access::entry { 'Default Deny':
user       => 'ALL',
origin     => 'ALL',
permission => '-',
position   => 'after',
}
pam_access::entry { 'Default Allow - all root from local':
user       => 'root',
origin     => 'LOCAL cron crond 127.0.0.1 :0 tty',
permission => '+',
position   => 'before',
}
ENDHERE

cat /etc/puppetlabs/code/environments/production/manifests/site.pp
>/etc/security/access.conf
wc -l /etc/security/access.conf
puppet agent -t
cat /etc/security/access.conf

What I expect to happen

I expect the access.conf file to contain these two lines:

+ : root : LOCAL cron crond 127.0.0.1 :0 tty
- : ALL : ALL

What actually happens

access.conf looks like this:

+ : root : LOCAL
- : ALL : ALL

edestecd commented 3 years ago

interesting. I guess we have never hit this b/c all of our origins are one word. Would you mind submitting a PR. It looks like you have a commit that may fix this?

andylytical commented 3 years ago

See PR #10

MiamiOH / puppet-pam_access

Origin is silently truncated to first word #9

Steps to reproduce

What I expect to happen

What actually happens