summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan Carley <dan.carley@gmail.com>2013-04-25 12:15:29 +0100
committerDan Carley <dan.carley@gmail.com>2013-04-25 12:15:29 +0100
commitfd0106ccd688a8af4b62e57d420a26e80b484731 (patch)
treea8169ea20e910c9de64be1c0fda82078f10c5819
parent2575d60f03c08a0ee97589e30434ff79e4f0dc1f (diff)
downloadpuppet-apparmor-fd0106ccd688a8af4b62e57d420a26e80b484731.tar.gz
puppet-apparmor-fd0106ccd688a8af4b62e57d420a26e80b484731.tar.bz2
Add local_only parameterHEADmaster
Boolaen value which allows the local profile to be managed without touching the contents of the parent profile. This is desired because the parent profile comes from an upstream package and we don't want to maintain a separate fork of it's contents.
-rw-r--r--manifests/profile.pp9
1 files changed, 8 insertions, 1 deletions
diff --git a/manifests/profile.pp b/manifests/profile.pp
index 10f6f51..8a03618 100644
--- a/manifests/profile.pp
+++ b/manifests/profile.pp
@@ -13,6 +13,10 @@
# Source path to the Apparmor profile. If unset (default), defaults to
# "${default_base}/${name}".
#
+# [*local_only*]
+# Boolean variable than can be true or false (default). If true, only the
+# contents of the local profile will be managed.
+#
# [*local_source*]
# Tri-state variable that can be true, false (default) or a source path to the
# local Apparmor profile. If true, uses "${default_base}/local/${name}" as the
@@ -52,6 +56,7 @@
define apparmor::profile (
$default_base = "puppet:///modules/apparmor/aa-profiles/${::lsbdistrelease}",
$source = undef,
+ $local_only = false,
$local_source = false,
$post_cmd = undef,
) {
@@ -59,7 +64,9 @@ define apparmor::profile (
include apparmor
$apparmor_d = $apparmor::apparmor_d
- if $source {
+ if ($local_only == true) {
+ $real_source = undef
+ } elsif ($source) {
$real_source = $source
} else {
$real_source = "${default_base}/${name}"