From 43cba80d2ede774ecf91cb26531ecbca0f097551 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Wed, 2 Jan 2013 11:43:18 +0100
Subject: linting according to puppet-lint

---
 manifests/base.pp            |  4 ++++
 manifests/btmp/disable.pp    |  3 ++-
 manifests/btmp/enable.pp     |  9 ++++++---
 manifests/debian.pp          |  1 +
 manifests/faillog/disable.pp |  7 ++++---
 manifests/faillog/enable.pp  | 11 ++++++-----
 manifests/init.pp            | 20 +++++++++++---------
 manifests/lastlog/disable.pp |  3 ++-
 manifests/lastlog/enable.pp  | 11 +++++++----
 manifests/ramrun/disable.pp  |  7 +++----
 manifests/ramrun/enable.pp   |  9 ++++-----
 manifests/utmp/protect.pp    |  3 ++-
 manifests/utmp/unprotect.pp  |  9 ++++++---
 manifests/wtmp/disable.pp    |  3 ++-
 manifests/wtmp/enable.pp     |  9 ++++++---
 15 files changed, 66 insertions(+), 43 deletions(-)

diff --git a/manifests/base.pp b/manifests/base.pp
index 66d3477..07f4541 100644
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -1,3 +1,7 @@
+# main class to manage things
+# empty so we don't harm
+# any non supported linux
+# systems
 class loginrecords::base {
 
 }
diff --git a/manifests/btmp/disable.pp b/manifests/btmp/disable.pp
index f32d36a..77c5d1e 100644
--- a/manifests/btmp/disable.pp
+++ b/manifests/btmp/disable.pp
@@ -1,5 +1,6 @@
+# ensure that btmp is not on the system
 class loginrecords::btmp::disable inherits loginrecords::btmp::enable {
-  File[$btmp_file]{
+  File[$loginrecords::btmp::enable::btmp_file]{
     ensure => 'absent',
     backup => false,
   }
diff --git a/manifests/btmp/enable.pp b/manifests/btmp/enable.pp
index c173362..95c663d 100644
--- a/manifests/btmp/enable.pp
+++ b/manifests/btmp/enable.pp
@@ -1,8 +1,11 @@
+# manage the btmp file
 class loginrecords::btmp::enable(
   $btmp_file = '/var/log/btmp'
 ){
-  file{$btmp_file:
-    ensure => 'present',
-    owner => 'root', group => 'utmp', mode => 660;
+  file{$loginrecords::btmp::enable::btmp_file:
+    ensure  => 'present',
+    owner   => 'root',
+    group   => 'utmp',
+    mode    => '0660';
   }
 }
diff --git a/manifests/debian.pp b/manifests/debian.pp
index e68185b..0813d2f 100644
--- a/manifests/debian.pp
+++ b/manifests/debian.pp
@@ -1,3 +1,4 @@
+# how loginrecords are managed on debian
 class loginrecords::debian inherits loginrecords::base {
 
   if $loginrecords::disable_btmp {
diff --git a/manifests/faillog/disable.pp b/manifests/faillog/disable.pp
index c05e6bc..4e1df4e 100644
--- a/manifests/faillog/disable.pp
+++ b/manifests/faillog/disable.pp
@@ -1,9 +1,10 @@
+# do not log any faillog
 class loginrecords::faillog::disable inherits loginrecords::faillog::enable{
   Replace['loginrecords-faillog']{
-    pattern   => '^FAILLOG_ENAB[[:space:]]+yes$',
-    replacement => 'FAILLOG_ENAB		no',
+    pattern     => '^FAILLOG_ENAB[[:space:]]+yes$',
+    replacement => "FAILLOG_ENAB\tno",
   }
   Line['loginrecords-faillog']{
-    line  => 'FAILLOG_ENAB		no',
+    line  => "FAILLOG_ENAB\tno",
   }
 }
diff --git a/manifests/faillog/enable.pp b/manifests/faillog/enable.pp
index c714b74..d600f6f 100644
--- a/manifests/faillog/enable.pp
+++ b/manifests/faillog/enable.pp
@@ -1,14 +1,15 @@
+# manage faillog logging
 class loginrecords::faillog::enable(
   $login_defs_file = '/etc/login.defs'
 ) {
   replace{'loginrecords-faillog':
-    file    => $login_defs_file,
-    pattern   => '^FAILLOG_ENAB[[:space]]+no$',
-    replacement => 'FAILLOG_ENAB		yes',
+    file        => $loginrecords::faillog::enable::login_defs_file,
+    pattern     => '^FAILLOG_ENAB[[:space]]+no$',
+    replacement => "FAILLOG_ENAB\tyes",
   }
   line{'loginrecords-faillog':
-    file  => $login_defs_file,
-    line  => 'FAILLOG_ENAB		yes',
+    file    => $loginrecords::faillog::enable::login_defs_file,
+    line    => "FAILLOG_ENAB\tyes",
     require => Replace['loginrecords-faillog'],
   }
 }
diff --git a/manifests/init.pp b/manifests/init.pp
index 5c9f800..dd0e48e 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,17 +1,19 @@
+# manage how login records are
+# stored on the system
 class loginrecords(
-  $disable_btmp = true,
-  $disable_faillog = true,
-  $disable_lastlog = true,
-  $protect_utmp = true,
-  $disable_wtmp = true,
+  $disable_btmp       = true,
+  $disable_faillog    = true,
+  $disable_lastlog    = true,
+  $protect_utmp       = true,
+  $disable_wtmp       = true,
   $ramdisk_on_var_run = true
 ){
   # Include main class
   case $::kernel {
-    "Linux": {
-      case  $::operatingsystem {
-        "debian", "ubuntu": { include loginrecords::debian }
-        default:            { include loginrecords::base   }
+    Linux: {
+      case $::operatingsystem {
+        debian, ubuntu: { include loginrecords::debian }
+        default:        { include loginrecords::base }
       }
     }
     default: {
diff --git a/manifests/lastlog/disable.pp b/manifests/lastlog/disable.pp
index 69e13d5..f97c49c 100644
--- a/manifests/lastlog/disable.pp
+++ b/manifests/lastlog/disable.pp
@@ -1,6 +1,7 @@
+# disable lastlog loggin of pam
 class loginrecords::lastlog::disable inherits loginrecords::lastlog::enable {
   Replace['loginrecords-lastlog']{
-    pattern   => '^session[[:space:]]+optional[[:space:]]+pam_lastlog.so$',
+    pattern     => '^session[[:space:]]+optional[[:space:]]+pam_lastlog.so$',
     replacement => '#session  optional   pam_lastlog.so',
   }
   File['/var/log/lastlog']{
diff --git a/manifests/lastlog/enable.pp b/manifests/lastlog/enable.pp
index bd9378b..b8dec35 100644
--- a/manifests/lastlog/enable.pp
+++ b/manifests/lastlog/enable.pp
@@ -1,13 +1,16 @@
+# manage the lastlog logging of pam
 class loginrecords::lastlog::enable(
   $pam_login_file = '/etc/pam.d/login'
 ){
   replace{'loginrecords-lastlog':
-    file => $pam_login_file,
-    pattern   => '^#session[[:space:]]+optional[[:space:]]+pam_lastlog.so$',
+    file        => $pam_login_file,
+    pattern     => '^#session[[:space:]]+optional[[:space:]]+pam_lastlog.so$',
     replacement => 'session  optional   pam_lastlog.so',
   }
   file{'/var/log/lastlog':
-    ensure => present,
-    owner => root, group => utmp, mode => 0664;
+    ensure  => present,
+    owner   => 'root',
+    group   => 'utmp',
+    mode    => '0664';
   }
 }
diff --git a/manifests/ramrun/disable.pp b/manifests/ramrun/disable.pp
index 3d282a3..d745bf0 100644
--- a/manifests/ramrun/disable.pp
+++ b/manifests/ramrun/disable.pp
@@ -1,7 +1,6 @@
+# do not put /var/run on a ramdisk
 class loginrecords::ramrun::disable inherits loginrecords::ramrun::enable {
-
-  Augeas["ramdisk-on-var-run"]{
-    changes => "set RAMRUN yes",
+  Augeas['ramdisk-on-var-run']{
+    changes => 'set RAMRUN yes',
   }
-
 }
diff --git a/manifests/ramrun/enable.pp b/manifests/ramrun/enable.pp
index 564ef06..27bf409 100644
--- a/manifests/ramrun/enable.pp
+++ b/manifests/ramrun/enable.pp
@@ -1,8 +1,7 @@
+# put /var/run on a ramdisk?
 class loginrecords::ramrun::enable {
-
-  augeas { "ramdisk-on-var-run":
-    context => "/files/etc/default/rcS",
-    changes => "set RAMRUN yes",
+  augeas{'ramdisk-on-var-run':
+    context => '/files/etc/default/rcS',
+    changes => 'set RAMRUN yes',
   }
-
 }
diff --git a/manifests/utmp/protect.pp b/manifests/utmp/protect.pp
index 166df5e..603064e 100644
--- a/manifests/utmp/protect.pp
+++ b/manifests/utmp/protect.pp
@@ -1,5 +1,6 @@
+# make the unprotect file protected from global read
 class loginrecords::utmp::protect inherits loginrecords::utmp::unprotect {
-  File[$utmp_file]{
+  File[$loginrecords::utmp::protect::utmp_file]{
     mode => 660,
   }
 }
diff --git a/manifests/utmp/unprotect.pp b/manifests/utmp/unprotect.pp
index 9da7517..54d821b 100644
--- a/manifests/utmp/unprotect.pp
+++ b/manifests/utmp/unprotect.pp
@@ -1,8 +1,11 @@
+# manage the utmp file
 class loginrecords::utmp::unprotect(
   $utmp_file = '/var/run/utmp'
 ){
-  file{$utmp_file:
-    ensure => 'present',
-    owner => 'root', group => 'utmp', mode => 664;
+  file{$loginrecords::utmp::unprotect::utmp_file:
+    ensure  => 'present',
+    owner   => 'root',
+    group   => 'utmp',
+    mode    => '0664';
   }
 }
diff --git a/manifests/wtmp/disable.pp b/manifests/wtmp/disable.pp
index 0d53e57..f98e201 100644
--- a/manifests/wtmp/disable.pp
+++ b/manifests/wtmp/disable.pp
@@ -1,5 +1,6 @@
+# ensure that wtmp is not on the system
 class loginrecords::wtmp::disable inherits loginrecords::wtmp::enable {
-  File[$wtmp_file]{
+  File[$loginrecords::wtmp::enable::wtmp_file]{
     ensure => 'absent',
     backup => false,
   }
diff --git a/manifests/wtmp/enable.pp b/manifests/wtmp/enable.pp
index f3b5ee9..4ba57ee 100644
--- a/manifests/wtmp/enable.pp
+++ b/manifests/wtmp/enable.pp
@@ -1,8 +1,11 @@
+# manage wtmp
 class loginrecords::wtmp::enable(
   $wtmp_file = '/var/log/wtmp'
 ){
-  file{$wtmp_file:
-    ensure => 'present',
-    owner => 'root', group => 'utmp', mode => 664;
+  file{$loginrecords::wtmp::enable::wtmp_file:
+    ensure  => 'present',
+    owner   => 'root',
+    group   => 'utmp',
+    mode    => '0664';
   }
 }
-- 
cgit v1.2.3