Merge "Flush IP address on change for ovs_port"
diff --git a/README.rst b/README.rst
index fea2e1a..2492aaf 100644
--- a/README.rst
+++ b/README.rst
@@ -825,9 +825,28 @@
Message of the day
~~~~~~~~~~~~~~~~~~
-``pam_motd`` from package ``update-motd`` is used for dynamic messages of the
+``pam_motd`` from package ``libpam-modules`` is used for dynamic messages of the
day. Setting custom motd will cleanup existing ones.
+Setting static motd will replace existing ``/etc/motd`` and remove scripts from
+``/etc/update-motd.d``.
+
+Setting static motd:
+
+.. code-block:: yaml
+
+ linux:
+ system:
+ motd: |
+ UNAUTHORIZED ACCESS TO THIS SYSTEM IS PROHIBITED
+
+ You must have explicit, authorized permission to access or configure this
+ device. Unauthorized attempts and actions to access or use this system may
+ result in civil and/or criminal penalties.
+ All activities performed on this system are logged and monitored.
+
+Setting dynamic motd:
+
.. code-block:: yaml
linux:
diff --git a/linux/system/motd.sls b/linux/system/motd.sls
index c44b81e..4224407 100644
--- a/linux/system/motd.sls
+++ b/linux/system/motd.sls
@@ -1,27 +1,19 @@
{%- from "linux/map.jinja" import system with context %}
-{%- if system.enabled %}
+{%- if system.enabled and system.motd|length > 0 %}
-{%- if grains.os_family == 'RedHat' %}
+/etc/update-motd.d:
+ file.directory:
+ - clean: true
-{#- update-motd is not available in RedHat, so support only static motd #}
+{%- if system.motd is string %}
+
+{#- Set static motd only #}
/etc/motd:
file.managed:
- contents_pillar: linux:system:motd
{%- else %}
-{%- if grains.os == 'Ubuntu' %}
-package_update_motd:
- pkg.installed:
- - name: update-motd
- - require_in:
- - file: /etc/update-motd.d
-{%- endif %}
-
-/etc/update-motd.d:
- file.directory:
- - clean: true
-
{%- if grains.oscodename == "jessie" %}
motd_fix_pam_sshd:
file.replace:
diff --git a/linux/system/user.sls b/linux/system/user.sls
index 5e37b5d..efda1ba 100644
--- a/linux/system/user.sls
+++ b/linux/system/user.sls
@@ -15,6 +15,14 @@
{%- endif %}
{%- endfor %}
+{%- if user.gid is not defined %}
+system_group_{{ name }}:
+ group.present:
+ - name: {{ name }}
+ - require_in:
+ - user: system_user_{{ name }}
+{%- endif %}
+
system_user_{{ name }}:
user.present:
- name: {{ name }}
@@ -71,7 +79,7 @@
/etc/sudoers.d/90-salt-user-{{ name|replace('.', '-') }}:
file.absent
-
+
{%- endif %}
{%- else %}