From 941610fa2019b7ad0b9353b049204b5069b0e6a0 Mon Sep 17 00:00:00 2001
From: Michael Porter <michael.porter@ingramcontent.com>
Date: Wed, 30 Sep 2015 13:41:40 -0400
Subject: [PATCH 1/2] Make repo management optional

---
 README.md         |  6 +++++-
 manifests/apt.pp  | 43 ++++++++++++++++++++++---------------------
 manifests/init.pp |  1 +
 manifests/yum.pp  | 17 ++++++++++-------
 4 files changed, 38 insertions(+), 29 deletions(-)

diff --git a/README.md b/README.md
index ace58d8..f5889bf 100644
--- a/README.md
+++ b/README.md
@@ -100,7 +100,11 @@ Configures usage of the http_proxy environment variable. There is not default
 for this setting.
 
 ####`manage_ssh [optional]`
-Configures whether or not to allow the module to manage the SSH service/package. 
+Configures whether or not to allow the module to manage the SSH service/package.
+The default is *true*.
+
+####`manage_repo [optional]`
+Configures whether or not to allow the module to add/manage the apt/yum repository.
 The default is *true*.
 
 ####`pam_unix_control [optional]`
diff --git a/manifests/apt.pp b/manifests/apt.pp
index a530060..38a586e 100644
--- a/manifests/apt.pp
+++ b/manifests/apt.pp
@@ -18,30 +18,31 @@
   }
 
   package { $duo_unix::duo_package:
-    ensure  => $package_state,
-    require => [
-      File[$repo_file],
-      Exec['Duo Security GPG Import'],
-      Exec['duo-security-apt-update']
-    ]
+    ensure  => $package_state
   }
 
-  file { $repo_file:
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0644',
-    content => "deb ${repo_uri}/${::operatingsystem} ${::lsbdistcodename} main",
-    notify  => Exec['duo-security-apt-update']
-  }
+  if $duo_unix::manage_repo {
+    file { $repo_file:
+      owner   => 'root',
+      group   => 'root',
+      mode    => '0644',
+      content => "deb ${repo_uri}/${::operatingsystem} ${::lsbdistcodename} main",
+      notify  => Exec['duo-security-apt-update'],
+      before  => Package[$duo_unix::duo_package]
+    }
 
-  exec { 'duo-security-apt-update':
-    command     => '/usr/bin/apt-get update',
-    refreshonly => true
-  }
+    exec { 'duo-security-apt-update':
+      command     => '/usr/bin/apt-get update',
+      refreshonly => true,
+      require     => File[$repo_file],
+      before      => Package[$duo_unix::duo_package]
+    }
 
-  exec { 'Duo Security GPG Import':
-    command => '/usr/bin/apt-key add /etc/apt/DEB-GPG-KEY-DUO',
-    unless  => '/usr/bin/apt-key list | grep "Duo Security"',
-    notify  => Exec['duo-security-apt-update']
+    exec { 'Duo Security GPG Import':
+      command => '/usr/bin/apt-key add /etc/apt/DEB-GPG-KEY-DUO',
+      unless  => '/usr/bin/apt-key list | grep "Duo Security"',
+      notify  => Exec['duo-security-apt-update'],
+      before  => Package[$duo_unix::duo_package]
+    }
   }
 }
diff --git a/manifests/init.pp b/manifests/init.pp
index 0d21b5e..918bd6b 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -20,6 +20,7 @@
   $prompts = '3',
   $accept_env_factor = 'no',
   $manage_ssh = true,
+  $manage_repo = true,
   $pam_unix_control = 'requisite',
   $package_version = 'installed',
 ) {
diff --git a/manifests/yum.pp b/manifests/yum.pp
index 2e53bd7..b1f4d45 100644
--- a/manifests/yum.pp
+++ b/manifests/yum.pp
@@ -26,12 +26,15 @@
     $releasever = '$releasever'
   }
 
-  yumrepo { 'duosecurity':
-    descr    => 'Duo Security Repository',
-    baseurl  => "${repo_uri}/${os}/${releasever}/\$basearch",
-    gpgcheck => '1',
-    enabled  => '1',
-    require  => File['/etc/pki/rpm-gpg/RPM-GPG-KEY-DUO'];
+  if $duo_unix::manage_repo {
+    yumrepo { 'duosecurity':
+      descr    => 'Duo Security Repository',
+      baseurl  => "${repo_uri}/${os}/${releasever}/\$basearch",
+      gpgcheck => '1',
+      enabled  => '1',
+      require  => File['/etc/pki/rpm-gpg/RPM-GPG-KEY-DUO'],
+      before   => Package[$duo_unix::duo_package];
+    }
   }
 
   if $duo_unix::manage_ssh {
@@ -42,7 +45,7 @@
 
   package {  $duo_unix::duo_package:
     ensure  => $package_state,
-    require => [ Yumrepo['duosecurity'], Exec['Duo Security GPG Import'] ];
+    require => [ Exec['Duo Security GPG Import'] ];
   }
 
   exec { 'Duo Security GPG Import':

From e831954f2c8282501869796724f1384685226a52 Mon Sep 17 00:00:00 2001
From: Kevin Sonney <ksonney@apptio.com>
Date: Wed, 8 Jun 2016 11:56:28 -0400
Subject: [PATCH 2/2] change releasever to $::operatingsystemmajrelease to work
 with non-integer releases of CentOS and RHEL

---
 manifests/yum.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifests/yum.pp b/manifests/yum.pp
index c1c3738..eec6dca 100644
--- a/manifests/yum.pp
+++ b/manifests/yum.pp
@@ -27,7 +27,7 @@
     $releasever = '$releasever'
   } else {
     $os = $::operatingsystem
-    $releasever = '$releasever'
+    $releasever = $::operatingsystemmajrelease
   }
 
   yumrepo { 'duosecurity':