Permit override of package names

lib/facter/samba_version.rb

@@ -8,11 +8,11 @@
 
 case distid
     when /RedHatEnterprise|CentOS|Fedora|RHEL/
-        if  FileTest.exists?("/usr/bin/yum")
+        if  FileTest.exist?("/usr/bin/yum")
             version = Facter::Util::Resolution.exec('/usr/bin/yum info samba | sed \'s/Version *: \([0-9\.]\+\)/\1/gp;d\' | head -n 1')
         end
     when /Ubuntu|Debian/
-        if  FileTest.exists?("/usr/bin/apt-cache")
+        if  FileTest.exist?("/usr/bin/apt-cache")
             version = Facter::Util::Resolution.exec('apt-cache show samba | sed \'s/Version:.*:\([0-9\.]\+\).*/\1/gp;d\' | head -n 1')
         end
     when 'Archlinux'

manifests/classic.pp

@@ -46,6 +46,8 @@
   $security                       = 'ads',
   $sambaloglevel                  = 1,
   $join_domain                    = true,
+  Boolean $force_join             = false,
+  $join_dns_update                = true,
   $manage_winbind                 = true,
   $krbconf                        = true,
   $nsswitch                       = true,
@@ -55,21 +57,24 @@
   $globaloptions                  = {},
   $globalabsentoptions            = [],
   $joinou                         = undef,
+  Optional[String] $machinepass   = undef,
   Optional[String] $default_realm = undef,
   Array $additional_realms        = [],
+  $packagesambadc                 = $::samba::params::packagesambadc,
+  $packagesambaclassic            = $::samba::params::packagesambaclassic,
+  $packagesambawinbind            = $::samba::params::packagesambawinbind,
+  $packagesambansswinbind         = $::samba::params::packagesambansswinbind,
+  $packagesambapamwinbind         = $::samba::params::packagesambapamwinbind,
+  $packagesambaclient             = $::samba::params::packagesambaclient,
 ) inherits samba::params{
 
 
-  unless is_domain_name($realm){
+  unless $realm =~ Stdlib::Host {
     fail('realm must be a valid domain')
   }
 
-  unless is_domain_name($realm){
-    fail('realm must be a valid domain')
-  }
-
-  validate_slength($smbname, 15)
-  unless is_domain_name("${smbname}.${realm}"){
+  assert_type(String[1, 15], $smbname)
+  unless "${smbname}.${realm}" =~ Stdlib::Host {
     fail('smbname must be a valid domain')
   }
 
@@ -118,7 +123,7 @@
     if $nsswitch {
       package{ 'SambaNssWinbind':
         ensure => 'installed',
-        name   => $samba::params::packagesambansswinbind
+        name   => $packagesambansswinbind
       }
 
       augeas{'samba nsswitch group':
@@ -146,11 +151,11 @@
     if $pam {
       # Only add package here if different to the nss-winbind package,
       # or nss and pam aren't both enabled, to avoid duplicate definition.
-      if ($samba::params::packagesambapamwinbind != $samba::params::packagesambansswinbind)
+      if ($packagesambapamwinbind != $packagesambansswinbind)
       or !$nsswitch {
         package{ 'SambaPamWinbind':
           ensure => 'installed',
-          name   => $::samba::params::packagesambapamwinbind
+          name   => $packagesambapamwinbind
         }
       }
 
@@ -203,13 +208,13 @@
 
   package{ 'SambaClassic':
     ensure => 'installed',
-    name   => $samba::params::packagesambaclassic,
+    name   => $packagesambaclassic,
   }
 
   if $manage_winbind {
     package{ 'SambaClassicWinBind':
       ensure  => 'installed',
-      name    => $samba::params::packagesambawinbind,
+      name    => $packagesambawinbind,
       require => File['/etc/samba/smb_path'],
     }
     Package['SambaClassicWinBind'] -> Package['SambaClassic']
@@ -227,6 +232,7 @@
       ensure  => 'running',
       name    => $samba::params::servivewinbind,
       require => [ Package['SambaClassic'], File['SambaOptsFile'] ],
+      before  => [ Service['SambaSmb'] ], # required for smbd to run now
       enable  => true,
     }
   }
@@ -331,13 +337,40 @@
         default => "createcomputer=\"${joinou}\"",
         undef   => '',
       }
+      $no_dns_updates = $join_dns_update ? {
+        false   => '--no-dns-updates',
+        default => '',
+      }
+      if $machinepass {
+        # Debug output -- put pass on command-line  :)
+        #$pass = "machinepass=\"\${MACHINE_PASSWORD}\""
+        #$machinepass_env = [ "MACHINE_PASSWORD=${machinepass}", ]
+        #notify { "samba domain join being attempted with machinepass=${machinepass}": }
+        $pass = "machinepass=${machinepass}"
+        $machinepass_env = [ ]
+      } else {
+        $pass = ''
+        $machinepass_env = [ ]
+      }
+
+      if $force_join {
+        $unlesstest = 'false'
+      } else {
+        $unlesstest = 'net ads testjoin'
+      }
+
       exec{ 'Join Domain':
-        path    => '/bin:/sbin:/usr/sbin:/usr/bin/',
-        unless  => 'net ads testjoin',
-        command => "echo '${adminpassword}'| net ads join -U '${adminuser}' ${ou}",
-        notify  => Service['SambaWinBind'],
-        require => [ Package['SambaClassic'], Service['SambaSmb'] ],
+        path        => '/bin:/sbin:/usr/sbin:/usr/bin/',
+        unless      => $unlesstest,
+        #unless      => 'net ads testjoin',
+        environment => [ "NET_PASSWORD=${adminpassword}", ] + $machinepass_env,
+        command     => "echo \$NET_PASSWORD | net ads join -U '${adminuser}' ${no_dns_updates} ${ou} ${pass}",
+        notify      => Service['SambaWinBind'],
+        require     => Package['SambaClassic'],
       }
+
+      # Add dependency for domain join to require all config options applied
+      Samba::Option <| |> -> Exec['Join Domain']
     }
   }
 }

manifests/dc.pp

@@ -57,6 +57,9 @@
   $netlogonabsentoptions                                          = [],
   $sysvolabsentoptions                                            = [],
   Optional[String] $cleanup                                       = undef,
+  $packagesambawinbind                                            = $::samba::params::packagesambawinbind,
+  $packagesambaclient                                             = $::samba::params::packagesambaclient,
+  $packagesambadc                                                 = $::samba::params::packagesambadc,
 ) inherits ::samba::params{
 
   case $dnsbackend {

manifests/params.pp

@@ -9,13 +9,13 @@
     case $facts['os']['family'] {
       'redhat': {
           $cleanup                = undef
+          # for now, this is not supported by RedHat
           $packagesambadc         = 'samba-dc'
           $packagesambaclassic    = 'samba'
           $packagesambawinbind    = 'samba-winbind'
           $packagesambansswinbind = 'samba-winbind-clients'
           $packagesambapamwinbind = 'samba-winbind-clients'
           $packagesambaclient     = 'samba-client'
-          # for now, this is not supported by Debian
           $servivesambadc         = undef
           $servivesmb             = 'smb'
           $servivewinbind         = 'winbind'

metadata.json

@@ -1,6 +1,6 @@
 {
   "name": "kakwa-samba",
-  "version": "2.0.0",
+  "version": "2.1.0",
   "author": "kakwa",
   "summary": "Module managing Samba, including Samba as a AD Domain Controller",
   "license": "MIT",
@@ -11,7 +11,7 @@
   "dependencies": [
     {
       "name": "puppetlabs-stdlib",
-      "version_requirement": ">= 3.0.0 < 5.0.0"
+      "version_requirement": ">= 9.0.0 < 10.0.0"
     },
     {
       "name": "herculesteam-augeasproviders_pam",
@@ -22,39 +22,35 @@
     {
       "operatingsystem": "RedHat",
       "operatingsystemrelease": [
-        "6",
-        "7"
+        "8"
       ]
     },
     {
-      "operatingsystem": "CentOS",
+      "operatingsystem": "Rocky",
       "operatingsystemrelease": [
-        "6",
-        "7"
+        "8"
       ]
     },
     {
       "operatingsystem": "Debian",
       "operatingsystemrelease": [
-        "7",
-        "8"
+        "11",
+        "12"
       ]
     },
     {
       "operatingsystem": "Ubuntu",
       "operatingsystemrelease": [
-        "14.04",
-        "16.04"
+        "20.04",
+        "22.04",
+        "24.04"
       ]
-    },
-    {
-      "operatingsystem": "Archlinux"
     }
   ],
   "requirements": [
     {
       "name": "puppet",
-      "version_requirement": ">= 4.10.0 < 6.0.0"
+      "version_requirement": ">= 6.0.0 < 9.0.0"
     }
   ]
 }