This role configures PAM on systems using authselect.
None
None
Available variables are listed below, along with default values (see defaults/main.yml):
authselect_packages:
- authselect
- sssdControls the packages that will be installed.
authselect_user_nsswitch_conf:
passwd: sss files systemd
shadow: files
...Manages the user-nsswitch.conf file in authselect. Check
authselect_user_nsswitch_conf_defaults variable in defaults/main.yml for
the default settings. If you provide changes by setting
authselect_user_nsswitch.conf, they will be merged with the default values -
so in the example above only the passwd and shadow entry will be
overwritten.
authselect_profile: sssdSet the authselect profile that should be used. Note that this role does not create custom profiles.
authselect_features: []A list of features that should be enabled for the specified profile.
authselect_force: falseApplies the --force flag to the authselect select command. Note that this
will implicitly set to true when the role detects that no profile is
configured yet (otherwise authselect would throw errors)
- hosts: servers
roles:
- smlloyd.authselectBeer License.