Skip to content

Commit

Permalink
Revert syscall flags adding custom rules template
Browse files Browse the repository at this point in the history
  • Loading branch information
Joan Manel Calaseit committed Aug 10, 2022
1 parent c841fe3 commit ad074f8
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 1 deletion.
14 changes: 14 additions & 0 deletions manifests/customrule.pp
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
# Rules for non contempled cases
#
# Literal String set
#
define audit::customrule (
$customrules [],
) {
#
concat::fragment{ "${audit::params::audit_file} custom rule"
target => $audit::params::audit_file,
order => '12',
content => template("${module_name}/customrule.erb"),
}
}
1 change: 1 addition & 0 deletions manifests/init.pp
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
# 02 default security rules
# 10 fsrules
# 11 syscallrules
# 12 customrules
#
class audit (
$buffers = '320',
Expand Down
1 change: 1 addition & 0 deletions templates/customrule.erb
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
<% @customrules.each do |rule| %> <%= rule %><% end %>
2 changes: 1 addition & 1 deletion templates/syscallrule.erb
Original file line number Diff line number Diff line change
@@ -1 +1 @@
-a <%= @action %> <% @fields_eq.each do |field, value| %> -F <%= field %>=<%= value %><% end %><% @fields_neq.each do |field, value| %> -F <%= field %>!=<%= value %><% end %><% @fields.each do |field| %> -F <%= field %><% end %> -S <%= @syscall %> -k <%= @keyname %>
-a <%= @action %> -S <%= @syscall %> <% @fields_eq.each do |field, value| %> -F <%= field %>=<%= value %><% end %><% @fields_neq.each do |field, value| %> -F <%= field %>!=<%= value %><% end %><% @fields.each do |field| %> -F <%= field %><% end %> -k <%= @keyname %>

0 comments on commit ad074f8

Please sign in to comment.