diff --git a/manifests/server/config.pp b/manifests/server/config.pp index 92df2e0c..6f25a382 100644 --- a/manifests/server/config.pp +++ b/manifests/server/config.pp @@ -71,7 +71,7 @@ # preseeding files so we need to manualy bootstrap cn=config (but not the # databases). exec { 'bootstrap cn=config': - command => "/bin/sed -e 's/@BACKEND@/mdb/g' -e '/^# The database definition.$/q' /usr/share/slapd/slapd.init.ldif | /usr/sbin/slapadd -F ${openldap::server::confdir} -b cn=config", + command => "/bin/sed -e 's/@BACKEND@/mdb/g' -e '/^# The database definition.$/q' /usr/share/slapd/slapd.init.ldif | /usr/sbin/slapadd -F ${openldap::server::confdir.stdlib::shell_escape} -b cn=config", provider => 'shell', creates => "${openldap::server::confdir}/cn=config.ldif", user => $openldap::server::owner, @@ -162,7 +162,7 @@ $ldif = file('openldap/cn-config.ldif') exec { 'bootstrap cn=config': path => '/usr/local/sbin', - command => "echo '${ldif}' | slapadd -n 0 -F ${openldap::server::confdir}", + command => "echo ${ldif.stdlib::shell_escape} | slapadd -n 0 -F ${openldap::server::confdir.stdlib::shell_escape}", creates => "${openldap::server::confdir}/cn=config.ldif", provider => 'shell', user => $openldap::server::owner, diff --git a/manifests/server/install.pp b/manifests/server/install.pp index 7940d5fb..ccb73638 100644 --- a/manifests/server/install.pp +++ b/manifests/server/install.pp @@ -11,7 +11,7 @@ # installation will succed. The module will then be able to tune slapd # accoding to the user needs and finally start (and unmak) the service. exec { 'mask-before-openldap-install': - command => "systemctl mask ${openldap::server::service}", + command => "systemctl mask ${openldap::server::service.stdlib::shell_escape}", unless => 'test -x /usr/sbin/slapd', creates => "/etc/systemd/system/${openldap::server::service}.service", path => '/bin:/usr/bin',