cross version supprot

NTTCom-MS · Oct 18, 2018 · 07689b0 · 07689b0
1 parent 6ebbbca
commit 07689b0
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 16 deletions.
diff --git a/Rakefile b/Rakefile
@@ -3,7 +3,9 @@ require 'puppetlabs_spec_helper/rake_tasks'
 require 'puppet-lint/tasks/puppet-lint'
 require 'metadata-json-lint/rake_task'
 PuppetLint.configuration.send('disable_80chars')
+PuppetLint.configuration.send('disable_140chars')
 PuppetLint.configuration.send('disable_documentation')
+PuppetLint.configuration.send('disable_arrow_on_right_operand_line')
 PuppetLint.configuration.send('disable_class_inherits_from_params_class')
 PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"]
 

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -26,6 +26,7 @@
               $log_priv_commands      = false,
               $log_changes_login_logs = false,
               $tcp_listen_port        = undef,
+              $flush                  = $audit::params::flush_default,
             ) inherits audit::params {
 
   package { $audit::params::pkg_audit:

diff --git a/manifests/params.pp b/manifests/params.pp
@@ -17,19 +17,21 @@
       $sysconfig=true
       case $::operatingsystemrelease
       {
-        /^[5-6].*$/:
+        /^6.*$/:
         {
           $audit_file='/etc/audit/audit.rules'
           $service_restart = '/etc/init.d/auditd restart'
           $service_stop = '/etc/init.d/auditd stop'
           $audispd_package=undef
+          $flush_default = 'INCREMENTAL'
         }
         /^7.*$/:
         {
           $audit_file='/etc/audit/rules.d/eyp-audit.rules'
           $service_restart = '/usr/libexec/initscripts/legacy-actions/auditd/restart'
           $service_stop = '/usr/libexec/initscripts/legacy-actions/auditd/stop'
           $audispd_package='audispd-plugins'
+          $flush_default = 'INCREMENTAL_ASYNC'
         }
         default: { fail("Unsupported RHEL/CentOS version! - ${::operatingsystemrelease}")  }
       }
@@ -53,18 +55,21 @@
               $audit_file='/etc/audit/audit.rules'
               $service_restart = '/etc/init.d/auditd restart'
               $service_stop = '/etc/init.d/auditd stop'
+              $flush_default = 'INCREMENTAL'
             }
             /^16.*$/:
             {
               $audit_file='/etc/audit/audit.rules'
               $service_restart = undef
               $service_stop = undef
+              $flush_default = 'INCREMENTAL'
             }
             /^18.*$/:
             {
               $audit_file='/etc/audit/rules.d/audit.rules'
               $service_restart = undef
               $service_stop = undef
+              $flush_default = 'INCREMENTAL_ASYNC'
             }
             default: { fail("Unsupported Ubuntu version! - ${::operatingsystemrelease}")  }
           }

diff --git a/metadata.json b/metadata.json
@@ -15,23 +15,23 @@
   "operatingsystem_support": [
     {
       "operatingsystem": "RedHat",
-      "operatingsystemrelease": [ "5", "6", "7" ]
+      "operatingsystemrelease": [ "6", "7" ]
     },
     {
       "operatingsystem": "CentOS",
-      "operatingsystemrelease": [ "5", "6", "7" ]
+      "operatingsystemrelease": [ "6", "7" ]
     },
     {
       "operatingsystem": "Scientific",
-      "operatingsystemrelease": [ "5", "6", "7" ]
+      "operatingsystemrelease": [ "6", "7" ]
     },
     {
       "operatingsystem": "OEL",
-      "operatingsystemrelease": [ "5", "6", "7" ]
+      "operatingsystemrelease": [ "6", "7" ]
     },
     {
       "operatingsystem": "OracleLinux",
-      "operatingsystemrelease": [ "5", "6", "7" ]
+      "operatingsystemrelease": [ "6", "7" ]
     },
     {
       "operatingsystem": "Ubuntu",

diff --git a/templates/auditdconf.erb b/templates/auditdconf.erb
@@ -4,12 +4,10 @@
 # This file controls the configuration of the audit daemon
 #
 
-local_events = yes
-write_logs = yes
 log_file = /var/log/audit/audit.log
 log_group = root
 log_format = RAW
-flush = INCREMENTAL_ASYNC
+flush = <%= @flush %>
 freq = 50
 max_log_file = 8
 num_logs = 5
@@ -21,7 +19,6 @@ name_format = NONE
 max_log_file_action = ROTATE
 space_left = 75
 space_left_action = SYSLOG
-verify_email = yes
 action_mail_acct = root
 admin_space_left = 50
 admin_space_left_action = SUSPEND
@@ -30,14 +27,8 @@ disk_error_action = SUSPEND
 use_libwrap = yes
 <% defined?(@tcp_listen_port) -%>
 tcp_listen_port = <%= @tcp_listen_port %>
-<% else -%>
-##tcp_listen_port =
 <% end -%>
 tcp_listen_queue = 5
 tcp_max_per_addr = 1
 ##tcp_client_ports = 1024-65535
 tcp_client_max_idle = 0
-enable_krb5 = no
-krb5_principal = auditd
-##krb5_key_file = /etc/audit/audit.key
-distribute_network = no