- name: load distribution-specific variables
  include_vars: '{{ item }}'
  with_first_found:
  - '{{ ansible_distribution }}.yml'
  - '{{ ansible_os_family }}.yml'
  - defaults.yml

- name: ensure authconfig is not installed
  package:
    name=authconfig
    state=absent
- name: ensure authconfig PAM configuration is reset
  command:
    mv /etc/pam.d/{{ item }}-ac /etc/pam.d/{{ item }}
    removes=/etc/pam.d/{{ item }}-ac
  with_items:
  - fingerprint-auth
  - password-auth
  - postlogin
  - smartcard-auth
  - system-auth
- name: ensure authselect is disabled
  file:
    path: /etc/authselect/authselect.conf
    state: absent

- name: ensure mkhomedir package is installed
  package:
    name={{ mkhomedir_pkg }}
  when: pam_mkhomedir
- name: ensure oddjobd starts at boot
  service:
    name=oddjobd
    enabled=true
  when: pam_mkhomedir and pam_oddjob_mkhomedir
- name: ensure oddjobd is running
  service:
    name=oddjobd
    state=started
  when: pam_mkhomedir and pam_oddjob_mkhomedir

- name: ensure pam configuration is set
  template:
    src={{ item.template }}
    dest=/etc/pam.d/{{ item.name }}
    mode=0644
  with_items: '{{ pam_system_auth_conf }}'