Closed bufferoverflow closed 1 year ago
+1 to that.
I'd like a feature addition to allow only modifying the limits.d files while I "work up" to managing the /etc/pam.d files. Right now it's all or nothing and I've broken more than a few servers by pushing out the wrong /etc/pam.d/ settings.
Here's something that I'm working on that attempts to provide this functionality.
We are not interested in putting in the effort to add a manage_
parameter for every file this module touches as the normal use case is to embrace the module in its totality. You could override this in a profile with things like
File <| title == 'common_ac-or-whatever' |> {
replace => false,
}
I would like to change only the
/etc/pam.d/common-auth
and maybe later other files. However, the module is touching all the files instead. Is there an easy way to achieve that? Especially for client machines I prefer to only touch the files we have to change.