pap-secrets 1.8 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344
  1. #
  2. # /etc/ppp/pap-secrets (Salt managed)
  3. #
  4. # This is a pap-secrets file to be used with the AUTO_PPP function of
  5. # mgetty. mgetty-0.99 is preconfigured to startup pppd with the login option
  6. # which will cause pppd to consult /etc/passwd (and /etc/shadow in turn)
  7. # after a user has passed this file. Don't be disturbed therefore by the fact
  8. # that this file defines logins with any password for users. /etc/passwd
  9. # (again, /etc/shadow, too) will catch passwd mismatches.
  10. #
  11. # This file should block ALL users that should not be able to do AUTO_PPP.
  12. # AUTO_PPP bypasses the usual login program so it's necessary to list all
  13. # system userids with regular passwords here.
  14. #
  15. # ATTENTION: The definitions here can allow users to login without a
  16. # password if you don't use the login option of pppd! The mgetty Debian
  17. # package already provides this option; make sure you don't change that.
  18. # INBOUND connections
  19. # Every regular user can use PPP and has to use passwords from /etc/passwd
  20. * hostname "" *
  21. # UserIDs that cannot use PPP at all. Check your /etc/passwd and add any
  22. # other accounts that should not be able to use pppd!
  23. guest hostname "*" -
  24. master hostname "*" -
  25. root hostname "*" -
  26. support hostname "*" -
  27. stats hostname "*" -
  28. # OUTBOUND connections
  29. # Here you should add your userid password to connect to your providers via
  30. # PAP. The * means that the password is to be used for ANY host you connect
  31. # to. Thus you do not have to worry about the foreign machine name. Just
  32. # replace password with your password.
  33. # If you have different providers with different passwords then you better
  34. # remove the following line.
  35. # * password
  36. {%- set user = salt['pillar.get']('nodes:' ~ grains['id'] ~ ':pppoe:user', 'WRONG USER') %}
  37. {%- set pass = salt['pillar.get']('nodes:' ~ grains['id'] ~ ':pppoe:pass', 'NO PASS') %}
  38. "{{ user }}" * "{{ pass }}"