diff --git a/Rakefile b/Rakefile index 0cb1bcd..167ccdf 100644 --- a/Rakefile +++ b/Rakefile @@ -3,7 +3,9 @@ require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-lint/tasks/puppet-lint' require 'metadata-json-lint/rake_task' PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_140chars') PuppetLint.configuration.send('disable_documentation') +PuppetLint.configuration.send('disable_arrow_on_right_operand_line') PuppetLint.configuration.send('disable_class_inherits_from_params_class') PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] diff --git a/manifests/init.pp b/manifests/init.pp index 8c82301..e41b2a5 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -26,6 +26,7 @@ $log_priv_commands = false, $log_changes_login_logs = false, $tcp_listen_port = undef, + $flush = $audit::params::flush_default, ) inherits audit::params { package { $audit::params::pkg_audit: diff --git a/manifests/params.pp b/manifests/params.pp index 6af6d3e..0e232e1 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -17,12 +17,13 @@ $sysconfig=true case $::operatingsystemrelease { - /^[5-6].*$/: + /^6.*$/: { $audit_file='/etc/audit/audit.rules' $service_restart = '/etc/init.d/auditd restart' $service_stop = '/etc/init.d/auditd stop' $audispd_package=undef + $flush_default = 'INCREMENTAL' } /^7.*$/: { @@ -30,6 +31,7 @@ $service_restart = '/usr/libexec/initscripts/legacy-actions/auditd/restart' $service_stop = '/usr/libexec/initscripts/legacy-actions/auditd/stop' $audispd_package='audispd-plugins' + $flush_default = 'INCREMENTAL_ASYNC' } default: { fail("Unsupported RHEL/CentOS version! - ${::operatingsystemrelease}") } } @@ -53,18 +55,21 @@ $audit_file='/etc/audit/audit.rules' $service_restart = '/etc/init.d/auditd restart' $service_stop = '/etc/init.d/auditd stop' + $flush_default = 'INCREMENTAL' } /^16.*$/: { $audit_file='/etc/audit/audit.rules' $service_restart = undef $service_stop = undef + $flush_default = 'INCREMENTAL' } /^18.*$/: { $audit_file='/etc/audit/rules.d/audit.rules' $service_restart = undef $service_stop = undef + $flush_default = 'INCREMENTAL_ASYNC' } default: { fail("Unsupported Ubuntu version! - ${::operatingsystemrelease}") } } diff --git a/metadata.json b/metadata.json index f0769b5..9cc71fc 100644 --- a/metadata.json +++ b/metadata.json @@ -15,23 +15,23 @@ "operatingsystem_support": [ { "operatingsystem": "RedHat", - "operatingsystemrelease": [ "5", "6", "7" ] + "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "CentOS", - "operatingsystemrelease": [ "5", "6", "7" ] + "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "Scientific", - "operatingsystemrelease": [ "5", "6", "7" ] + "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "OEL", - "operatingsystemrelease": [ "5", "6", "7" ] + "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ "5", "6", "7" ] + "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "Ubuntu", diff --git a/templates/auditdconf.erb b/templates/auditdconf.erb index 663482c..664d96b 100644 --- a/templates/auditdconf.erb +++ b/templates/auditdconf.erb @@ -4,12 +4,10 @@ # This file controls the configuration of the audit daemon # -local_events = yes -write_logs = yes log_file = /var/log/audit/audit.log log_group = root log_format = RAW -flush = INCREMENTAL_ASYNC +flush = <%= @flush %> freq = 50 max_log_file = 8 num_logs = 5 @@ -21,7 +19,6 @@ name_format = NONE max_log_file_action = ROTATE space_left = 75 space_left_action = SYSLOG -verify_email = yes action_mail_acct = root admin_space_left = 50 admin_space_left_action = SUSPEND @@ -30,14 +27,8 @@ disk_error_action = SUSPEND use_libwrap = yes <% defined?(@tcp_listen_port) -%> tcp_listen_port = <%= @tcp_listen_port %> -<% else -%> -##tcp_listen_port = <% end -%> tcp_listen_queue = 5 tcp_max_per_addr = 1 ##tcp_client_ports = 1024-65535 tcp_client_max_idle = 0 -enable_krb5 = no -krb5_principal = auditd -##krb5_key_file = /etc/audit/audit.key -distribute_network = no