Skip to content

Commit

Permalink
Merge pull request #29 from jordiprats/master
Browse files Browse the repository at this point in the history 
custom rulesets
  • Loading branch information
@jordiprats
jordiprats authored Dec 10, 2019
2 parents e796118 + 7274d1e commit 3ff6130
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 1 deletion.
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# CHANGELOG

## 0.2.7

* added **audit::customfile** for custom rulesets

## 0.2.6

* added variables:
Expand Down
21 changes: 21 additions & 0 deletions manifests/customfile.pp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
define audit::customfile(
$source,
$filename = $name,
$ensure = 'present',
) {
include ::audit

if(!defined($audit::params::auditd_dir))
{
fail('Unable to set custom rules using audit::customfile on this OS')
}

file { '${audit::params::auditd_dir}/${filename}':
ensure => $ensure,
owner => 'root',
group => 'root',
mode => '0640',
require => Package[$audit::params::pkg_audit],
notify => Service['auditd'],
}
}
7 changes: 7 additions & 0 deletions manifests/params.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
/^6.*$/:
{
$audit_file='/etc/audit/audit.rules'
$auditd_dir=undef
$service_restart = '/etc/init.d/auditd restart'
$service_stop = '/etc/init.d/auditd stop'
$audispd_package=undef
Expand All @@ -28,6 +29,7 @@
/^[78].*$/:
{
$audit_file='/etc/audit/rules.d/eyp-audit.rules'
$auditd_dir='/etc/audit/rules.d'
$service_restart = '/usr/libexec/initscripts/legacy-actions/auditd/restart'
$service_stop = '/usr/libexec/initscripts/legacy-actions/auditd/stop'
$audispd_package='audispd-plugins'
Expand All @@ -53,20 +55,23 @@
/^14.*$/:
{
$audit_file='/etc/audit/audit.rules'
$auditd_dir=undef
$service_restart = '/etc/init.d/auditd restart'
$service_stop = '/etc/init.d/auditd stop'
$flush_default = 'INCREMENTAL'
}
/^16.*$/:
{
$audit_file='/etc/audit/audit.rules'
$auditd_dir=undef
$service_restart = undef
$service_stop = undef
$flush_default = 'INCREMENTAL'
}
/^18.*$/:
{
$audit_file='/etc/audit/rules.d/audit.rules'
$auditd_dir='/etc/audit/rules.d'
$service_restart = undef
$service_stop = undef
$flush_default = 'INCREMENTAL_ASYNC'
Expand Down Expand Up @@ -95,12 +100,14 @@
'11.3':
{
$audit_file='/etc/audit/audit.rules'
$auditd_dir=undef
$service_restart = '/etc/init.d/auditd restart'
$service_stop = '/etc/init.d/auditd stop'
}
/^12.[34]/:
{
$audit_file='/etc/audit/audit.rules'
$auditd_dir=undef
$service_restart = undef
$service_stop = undef
}
Expand Down
2 changes: 1 addition & 1 deletion metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "eyp-audit",
"version": "0.2.6",
"version": "0.2.7",
"author": "eyp",
"summary": "auditd management",
"license": "Apache-2.0",
Expand Down

0 comments on commit 3ff6130

Please sign in to comment.