Version information
This version is compatible with:
- Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x
- Puppet >= 7.0.0 < 9.0.0
- , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'simp-gdm', '7.10.0'Learn more about managing modules with a PuppetfileDocumentation
Table of Contents
This is a SIMP module
This module is a component of the System Integrity Management Platform, a compliance-management framework built on Puppet.
If you find any issues, they can be submitted to our JIRA.
Module Description
simp-gdm provides the ability to manage GDM on supported systems.
Setup
What gdm affects
gdm installs the GNOME Display Manager and sets sensible defaults.
The module has the ability to configure GDM settings via dconf.
Usage
Generally, you only need to use include gdm to get full management.
In the case that you have hidepid=2 set on /proc, you may need to run puppet
one additional time to allow the facts to hook into the system fully.
Reference
See REFERENCE.md
Development
Please read our Contribution Guide.
If you find any issues, they can be submitted to our JIRA.
Reference
Table of Contents
Classes
Public Classes
gdm: This class configures, installs, and ensures GDM is running.gdm::config: Configuration items for GDMgdm::service: Ensures the GDM service is properly configured
Private Classes
gdm::install: Install the GDM components
Defined types
gdm::set: This define allows you to set individual configuration elements in
Data types
Gdm::ConfSection: Top level sections in /etc/gdm/custom.confGdm::CustomConf: Configuration for /etc/gdm/custom.conf
Classes
gdm
@see dconf(5) @see data/common.yaml
Parameters
The following parameters are available in the gdm class:
dconf_hashpackagessettingspackage_ensureinclude_secauditdpamdisplay_mgr_userbannersimp_bannerbanner_content
dconf_hash
Data type: Dconf::SettingsHash
dconf settings applicable to GDM
packages
Data type: Hash[String[1], Optional[Hash]]
A Hash of packages to be installed
- NOTE: Setting this will override the default package list
- The ensure value can be set in the hash of each package, like the example below:
@example Override packages { 'gdm' => { 'ensure' => '1.2.3' } }
@see data/common.yaml
settings
Data type: Gdm::CustomConf
A Hash of settings that will be applied to /etc/gdm/custom.conf
The top-level section keys are well defined but the sub-keys will not be validated
@example Set [chooser] and [daemon] options { 'chooser' => { 'Multicast' => 'false' }, 'daemon' => { 'TimedLoginEnable' => 'false' 'TimedLoginDelay' => 30 } }
package_ensure
Data type: Simplib::PackageEnsure
The SIMP global catalyst to set the default ensure settings for packages
managed with this module.
Default value: simplib::lookup('simp_options::package_ensure', { 'default_value' => 'installed' })
include_sec
Data type: Boolean
Boolean This no longer has any effect
Default value: true
auditd
Data type: Boolean
Enable auditd support for this module via the simp-auditd module
Default value: simplib::lookup('simp_options::auditd', { 'default_value' => false })
pam
Data type: Boolean
Enable pam support for this module via the simp-pam module
Default value: simplib::lookup('simp_options::pam', { 'default_value' => false })
display_mgr_user
Data type: String[1]
The name of the local user that runs the display manager. If pam is enabled this user will be given local access to the system to it can start the service.
Default value: 'gdm'
banner
Data type: Boolean
Enable a login screen banner
- NOTE: any banner settings set via
dconf_hashwill take precedence
Default value: true
simp_banner
Data type: String[1]
The name of a banner from the simp_banners module that should be used
- Has no effect if
banneris not set - Has no effect if
banner_contentis set
Default value: 'simp'
banner_content
Data type: Optional[String[1]]
The full content of the banner, without alteration
- GDM cannot handle '\n' sequences so any banner will need to have those replaced with the literal '\n' string.
Default value: undef
gdm::config
Configuration items for GDM
gdm::service
This will NOT switch the runlevel by default since this is a potentially dangerous activity if graphics drivers are having issues.
Parameters
The following parameters are available in the gdm::service class:
services
Data type: Optional[Array[String[1]]]
A list of services relevant to the proper functioning of GDM
- These services will not be individually managed. Instead, this list
will be used for ensuring that the services are not disabled by the
svckillmodule if it is present.
Default value: undef
Defined types
gdm::set
/etc/gdm/custom.conf without explicitly needing to use an inifile
resource.
If you wish to simply use inifile, that is perfectly valid!
For particular configuration parameters, please see: http://projects.gnome.org/gdm/docs/2.16/configuration.html
Parameters
The following parameters are available in the gdm::set defined type:
section
Data type: Gdm::ConfSection
The section that you wish to manipulate. Valid values are 'daemon', 'security','xdmcp', 'gui','greeter', 'chooser', 'debug', 'servers', 'server-Standard', 'server-Terminal', and 'server-Chooser'
key
Data type: String
The actual key value that you wish to change under $section.
value
Data type: Variant[Boolean,String]
The value to which $key should be set under $section
Data types
Gdm::ConfSection
Top level sections in /etc/gdm/custom.conf
Alias of Enum['daemon', 'security', 'xdmcp', 'gui', 'greeter', 'chooser', 'debug', 'servers', 'server-Standard', 'server-Terminal', 'server-Chooser']
Gdm::CustomConf
Configuration for /etc/gdm/custom.conf
Alias of
Hash[Gdm::ConfSection, Hash[
String[1],
NotUndef
]]
- Fri Sep 13 2024 Steven Pritchard steve@sicura.us - 7.10.0
- [puppetsync] Update module dependencies to support simp-iptables 7.x
- Wed Feb 07 2024 Mike Riddle mike@sicura.us - 7.9.0
- [puppetsync] Update metadata upper bounds for puppet-nsswitch, puppet-gitlab, puppet-snmp, simp-pam, and simp-useradd
- Mon Oct 23 2023 Steven Pritchard steve@sicura.us - 7.8.0
- [puppetsync] Add EL9 support
- Wed Oct 11 2023 Steven Pritchard steve@sicura.us - 7.7.0
- [puppetsync] Updates for Puppet 8
- These updates may include the following:
- Update Gemfile
- Add support for Puppet 8
- Drop support for Puppet 6
- Update module dependencies
- These updates may include the following:
- Wed Aug 23 2023 Steven Pritchard steve@sicura.us - 7.6.0
- Add AlmaLinux 8 support
- Mon Jun 12 2023 Chris Tessmer chris.tessmer@onyxpoint.com - 7.5.0
- Add RockyLinux 8 support
- Sat Jul 30 2022 Trevor Vaughan trevor@sicura.us - 7.4.1
- Support puppetlabs-inifile < 6
- Fri Jun 03 2022 Chris Tessmer chris.tessmer@onyxpoint.com - 7.4.0
- Update from camptocamp/systemd to puppet/systemd
- Tue Jun 15 2021 Chris Tessmer chris.tessmer@onyxpoint.com - 7.3.0
- Removed support for Puppet 5
- Ensured support for Puppet 7 in requirements and stdlib
- Wed Feb 24 2021 Steven Pritchard steven.pritchard@onyxpoint.com - 7.3.0
- Fix minor error in compliance_markup data
- Tue Dec 22 2020 Jeanne Greulich jeanne.greulich@onyxpoint.com - 7.3.0
- Added EL8 support
- Added check for hidepid on /proc. If it is on, update the systemd-logind service entry to include the hidepid group as a supplementary group and restart the systemd-logind service.
- Added pam access entry for gdm user so greeter session can start.
- Added error message if gdm version older than 3.0 is used.
- Added the following parameters: gdm::pam - indicates if pam is controlled by simp. If this is set to true then a pam access rule is added to allow the gdm user local access to the system. Defaults to simp_options::pam. gdm::display_mgr_user - the name of the user that the gdm service will run under. Defaults to 'gdm'
- simp/gnome and simp/auditd were removed from the dependencies in metadata.json.
- simp/pam was added to optional dependencies and is needed if gdm:pam is set to true.
- removed pulseaudio from list of packages because gdm has dependency on it so it will automatically be installed.
- Thu Dec 17 2020 Chris Tessmer chris.tessmer@onyxpoint.com - 7.2.4
- Removed EL6 support
- Wed Jul 29 2020 Jeanne Greulich jeanne.greulich@onyxpoint.com - 7.2.3-0
- update the upper bound of puppetlabs/inifiles for SIMP 6.5 release
- Thu Jul 23 2020 Jeanne Greulich jeanne.greulich@onyxpoint.com - 7.2.2-0
- update the upper bound of simplib for SIMP 6.5 release
- Fri Aug 02 2019 Robert Vincent pillarsdotnet@gmail.com - 7.2.1-0
- Support puppetlabs/inifile 3.x.
- Mon Jul 22 2019 Trevor Vaughan tvaughan@onyxpoint.com - 7.2.0-0
- Fixed an issue where gdm::settings was not being applied to the system
- Added REFERENCE.md
- Thu Jun 06 2019 Steven Pritchard steven.pritchard@onyxpoint.com -7.2.0-0
- Add v2 compliance_markup data
- Thu Mar 07 2019 Liz Nemsick lnemsick.simp@gmail.com - 7.1.1-0
- Update the upper bound of stdlib to < 6.0.0
- Update a URL in the README.md
- Mon Oct 29 2018 Liz Nemsick lnemsick.simp@gmail.com - 7.1.0-0
- Update contribution guide URL in README.md
- Update Hiera 4 to Hiera 5
- Mon Jul 16 2018 Trevor Vaughan tvaughan@onyxpoint.com - 7.1.0-0
- Add Puppet 5 and OEL support
- Wed Jun 27 2018 Trevor Vaughan tvaughan@onyxpoint.com - 7.1.0-0
- Moved the default banner selection to
simp_banners - Added support for setting dconf options for GDM
- Moved package list to data in modules for easy merging and overwriting
- Added acceptance tests that go through the stages of setting up both GDM and GNOME for inspection
- Update version range of auditd dependency in metadata.json
- Wed Jul 12 2017 Liz Nemsick lnemsick.simp@gmail.com - 7.0.3-0
- Harden acceptance test
- Thu Jul 06 2017 Liz Nemsick lnemsick.simp@gmail.com - 7.0.2-0
- Update puppet dependency in metadata.json
- Wed Feb 22 2017 Nick Miller nick.miller@onyxpoint.com - 7.0.1-0
- Added the following services on EL7:
display-managerupower- replaced hal, used by gnomertkit-daemon- used by pulseaudio and gdm
- Mon Jan 30 2017 Trevor Vaughan tvaughan@onyxpoint.com - 7.0.0-0
- Changed calls to auditd to the new layout (breaking change)
- Added acceptance tests
- Ensure GDM starts at boot time on EL7
- Add notice that two runs are required
- Tue Dec 13 2016 Liz Nemsick lnemsick.simp@gmail.com - 6.0.0-0
- Add strong typing of parameters
- Thu Dec 08 2016 Liz Nemsick lnemsick.simp@gmail.com - 6.0.0-0
- Use simp_options module for global catalysts
- Fri Dec 02 2016 Nick Markowski nmarkowski@keywcorp.com - 6.0.0-0
- Renamed 'xwindows' to 'gdm'
- Refactored the module to be less fugly.
- Tue Nov 22 2016 Liz Nemsick lnemsick.simp@gmail.com - 5.0.0-0
- Update version to reflect SIMP6 dependencies
- Update auditd dependency for SIMP6
- Minor cleanup
- Mon Nov 21 2016 Chris Tessmer chris.tessmer@onyxpoint.com - 4.1.4-0
- Minor cleanup
- Wed Nov 16 2016 Liz Nemsick lnemsick.simp@gmail.com - 4.1.3-0
- Removed OBE iptables dependency
- Fri Nov 11 2016 Liz Nemsick lnemsick.simp@gmail.com - 4.1.3-0
- Removed unused gconf type.
- Thu Jun 09 2016 Nick Markowski nmarkowski@keywcorp.com - 4.1.1-0
- Moved the gdm_version fact to simplib.
- Mon Nov 09 2015 Chris Tessmer chris.tessmer@onypoint.com - 4.1.0-4
- migration to simplib and simpcat (lib/ only)
- Fri Jan 16 2015 Trevor Vaughan tvaughan@onyxpoint.com - 4.1.0-3
- Changed puppet-server requirement to puppet
- Tue Sep 30 2014 Nick Markowski nmarkowski@keywcorp.com - 4.1.0-2
- Updating for RHEL7
- Mon May 05 2014 Trevor Vaughan tvaughan@onyxpoint.com - 4.1.0-1
- Removed the fix-etc-gconf exec since it is no longer required.
- Wed Mar 19 2014 Nick Markowski nmarkowski@keywcorp.com - 4.1.0-0
- Refactored module for puppet3/hiera, and added spec tests.
- gdm::conf was deprecated and has been removed. All gdm config is set by gdm::set.
- Tue Oct 08 2013 Kendall Moore kmoore@keywcorp.com - 4.0.0-7
- Updated all erb templates to properly scope variables.
- Wed Oct 02 2013 Trevor Vaughan tvaughan@onyxpoint.com - 4.0.0-6
- Use 'versioncmp' for all version comparisons.
- Tue Dec 11 2012 Maintenance 4.0.0-5
- Created a Cucumber test to install xwindows from the xwindows module and ensure that all dependecnies were properly installed with it.
- Created a Cucumber test to ensure that the system runlevel changes to 5 and installing xwindows.
- Fri May 25 2012 Maintenance 4.0.0-4
- Now use augeas to manage /etc/gdm/custom.conf
- Added a xwindows::gdm::sec class that applies common security settings using the gconf type.
- Created a new native type for manipulating gconf settings via gconftool-2.
- Moved mit-tests to /usr/share/simp...
- Updated pp files to better meet Puppet's recommended style guide.
- Fri Mar 02 2012 Maintenance 4.0.0-3
- Improved test stubs.
- Mon Dec 26 2011 Maintenance 4.0.0-2
- Updated the spec file to not require a separate file list.
- Scoped all of the top level variables.
- Mon Dec 05 2011 Maintenance 4.0.0-1
- Fixed the restart for GDM to work with RHEL6.
- Started work on the new custom.conf file for RHEL6 but it still needs work.
- Wed Nov 02 2011 Maintenance 4.0.0-0
- Updated to handle RHEL6
- Mon Oct 10 2011 Maintenance 2.0.0-3
- Updated to put quotes around everything that need it in a comparison statement so that puppet > 2.5 doesn't explode with an undef error.
- Wed Jun 08 2011 Maintenance - 2.0.0-2
- Now install all packages before attempting to switch to runlevel 5. This fixes the problem where X wouldn't start until the next puppet run (if at all).
- Updated documentation reference comment.
- Now spawn X with -audit 4 and -s 15 by default.
- Fri Feb 04 2011 Maintenance - 2.0.0-1
- Changed all instances of defined(Class['foo']) to defined('foo') per the directions from the Puppet mailing list.
- Tue Jan 11 2011 Maintenance 2.0.0-0
- Refactored for SIMP-2.0.0-alpha release
- Tue Oct 26 2010 Maintenance - 1-1
- Converting all spec files to check for directories prior to copy.
- Mon May 24 2010 Maintenance 1.0-0
- Code refactor.
- Thu Oct 08 2009 Maintenance 0.1-5
- Added a patch for checking the permissions on the GDM directory since having a strict root umask appears to mess things up.
- Fri Oct 2 2009 Maintenance 0.1-4
- Fixed the gdm ordering issues. GDM will now install properly and the conf file will get placed appropriately.
- Thu Oct 1 2009 Maintenance 0.1-3
- Fixed the GDM template
- Set DESKTOP="GNOME" in /etc/sysconfig/desktop
- Tue Sep 29 2009 Maintenance 0.1-0
- Initial configuration module
Dependencies
- simp/simp_banners (>= 0.1.0 < 1.0.0)
- simp/dconf (>= 0.0.1 < 1.0.0)
- simp/simplib (>= 4.9.0 < 5.0.0)
- puppetlabs/inifile (>= 2.5.0 < 7.0.0)
- puppetlabs/stdlib (>= 8.0.0 < 10.0.0)
pupmod-simp-gdm - A Puppet Module for managing X Windows
--
Per Section 105 of the Copyright Act of 1976, these works are not entitled to
domestic copyright protection under US Federal law.
The US Government retains the right to pursue copyright protections outside of
the United States.
The United States Government has unlimited rights in this software and all
derivatives thereof, pursuant to the contracts under which it was developed and
the License under which it falls.
---
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.