diff options
author | intrigeri <intrigeri@boum.org> | 2010-10-17 20:13:20 +0200 |
---|---|---|
committer | intrigeri <intrigeri@boum.org> | 2010-10-17 20:13:20 +0200 |
commit | 7fcec706fd74b5f958e74d7960640ff5ec8b19be (patch) | |
tree | 2fbe542b5b7c9bcd88998736f0b84422234ce929 | |
parent | 96a39b816a4922cb9e710e6bdd044125708d8411 (diff) | |
download | puppet-loginrecords-7fcec706fd74b5f958e74d7960640ff5ec8b19be.tar.gz puppet-loginrecords-7fcec706fd74b5f958e74d7960640ff5ec8b19be.tar.bz2 |
Support disabling btmp and wtmp.
-rw-r--r-- | README | 7 | ||||
-rw-r--r-- | manifests/btmp.pp | 7 | ||||
-rw-r--r-- | manifests/debian.pp | 16 | ||||
-rw-r--r-- | manifests/init.pp | 6 | ||||
-rw-r--r-- | manifests/wtmp.pp | 7 |
5 files changed, 43 insertions, 0 deletions
@@ -16,6 +16,13 @@ Dependencies Configuration ============= +$disable_btmp, $disable_wtmp +---------------------------- + +Default: /var/log/btmp and /var/log/wtmp are ensured to be absent. +These variables, when set to a false, non-empty value, have these +files created and their logging enabled again. + $disable_faillog ---------------- diff --git a/manifests/btmp.pp b/manifests/btmp.pp new file mode 100644 index 0000000..4d40654 --- /dev/null +++ b/manifests/btmp.pp @@ -0,0 +1,7 @@ +class loginrecords::btmp::disable { + file { "$btmp_file": ensure => 'absent' } +} + +class loginrecords::btmp::enable { + file { "$btmp_file": ensure => 'present' } +} diff --git a/manifests/debian.pp b/manifests/debian.pp index 8cf95f1..d8432d6 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -2,6 +2,15 @@ class loginrecords::debian inherits loginrecords::base { $pam_login_file = '/etc/pam.d/login' $login_defs_file = '/etc/login.defs' + $btmp_file = '/var/log/btmp' + $wtmp_file = '/var/log/wtmp' + + if $disable_btmp { + include loginrecords::btmp::disable + } + else { + include loginrecords::btmp::enable + } if $disable_faillog { include loginrecords::faillog::disable @@ -14,4 +23,11 @@ class loginrecords::debian inherits loginrecords::base { include loginrecords::lastlog::disable } + if $disable_wtmp { + include loginrecords::wtmp::disable + } + else { + include loginrecords::wtmp::enable + } + } diff --git a/manifests/init.pp b/manifests/init.pp index 6826c32..e575dee 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -3,12 +3,18 @@ import "*.pp" class loginrecords { # Default settings + if $disable_btmp == '' { + $disable_btmp = true + } if $disable_faillog == '' { $disable_faillog = true } if $disable_lastlog == '' { $disable_lastlog = true } + if $disable_wtmp == '' { + $disable_wtmp = true + } # Include main class case $kernel { diff --git a/manifests/wtmp.pp b/manifests/wtmp.pp new file mode 100644 index 0000000..36cea0e --- /dev/null +++ b/manifests/wtmp.pp @@ -0,0 +1,7 @@ +class loginrecords::wtmp::disable { + file { "$wtmp_file": ensure => 'absent' } +} + +class loginrecords::wtmp::enable { + file { "$wtmp_file": ensure => 'present' } +} |