diff --git a/CHANGELOG.md b/CHANGELOG.md index 1c8ffc2..d27c801 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # CHANGELOG +## 0.2.7 + +* added **audit::customfile** for custom rulesets + ## 0.2.6 * added variables: diff --git a/manifests/customfile.pp b/manifests/customfile.pp new file mode 100644 index 0000000..c9ce100 --- /dev/null +++ b/manifests/customfile.pp @@ -0,0 +1,21 @@ +define audit::customfile( + $source, + $filename = $name, + $ensure = 'present', + ) { + include ::audit + + if(!defined($audit::params::auditd_dir)) + { + fail('Unable to set custom rules using audit::customfile on this OS') + } + + file { '${audit::params::auditd_dir}/${filename}': + ensure => $ensure, + owner => 'root', + group => 'root', + mode => '0640', + require => Package[$audit::params::pkg_audit], + notify => Service['auditd'], + } +} diff --git a/manifests/params.pp b/manifests/params.pp index 254cfd3..d9f0dba 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -20,6 +20,7 @@ /^6.*$/: { $audit_file='/etc/audit/audit.rules' + $auditd_dir=undef $service_restart = '/etc/init.d/auditd restart' $service_stop = '/etc/init.d/auditd stop' $audispd_package=undef @@ -28,6 +29,7 @@ /^[78].*$/: { $audit_file='/etc/audit/rules.d/eyp-audit.rules' + $auditd_dir='/etc/audit/rules.d' $service_restart = '/usr/libexec/initscripts/legacy-actions/auditd/restart' $service_stop = '/usr/libexec/initscripts/legacy-actions/auditd/stop' $audispd_package='audispd-plugins' @@ -53,6 +55,7 @@ /^14.*$/: { $audit_file='/etc/audit/audit.rules' + $auditd_dir=undef $service_restart = '/etc/init.d/auditd restart' $service_stop = '/etc/init.d/auditd stop' $flush_default = 'INCREMENTAL' @@ -60,6 +63,7 @@ /^16.*$/: { $audit_file='/etc/audit/audit.rules' + $auditd_dir=undef $service_restart = undef $service_stop = undef $flush_default = 'INCREMENTAL' @@ -67,6 +71,7 @@ /^18.*$/: { $audit_file='/etc/audit/rules.d/audit.rules' + $auditd_dir='/etc/audit/rules.d' $service_restart = undef $service_stop = undef $flush_default = 'INCREMENTAL_ASYNC' @@ -95,12 +100,14 @@ '11.3': { $audit_file='/etc/audit/audit.rules' + $auditd_dir=undef $service_restart = '/etc/init.d/auditd restart' $service_stop = '/etc/init.d/auditd stop' } /^12.[34]/: { $audit_file='/etc/audit/audit.rules' + $auditd_dir=undef $service_restart = undef $service_stop = undef } diff --git a/metadata.json b/metadata.json index 6caa95e..e146748 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "eyp-audit", - "version": "0.2.6", + "version": "0.2.7", "author": "eyp", "summary": "auditd management", "license": "Apache-2.0",