From 87ac7825be98a2c9b2dc3d3dcf9e277ec2a364e9 Mon Sep 17 00:00:00 2001 From: mh Date: Thu, 9 Dec 2010 18:20:38 +0100 Subject: finish refactoring refactor everything towards class parameters and also add enable class for lastlog --- manifests/btmp/disable.pp | 6 +++-- manifests/btmp/enable.pp | 11 +++++---- manifests/debian.pp | 53 +++++++++++++++++++++----------------------- manifests/faillog/disable.pp | 19 +++++++--------- manifests/faillog/enable.pp | 24 +++++++++++--------- manifests/lastlog/disable.pp | 14 +++++------- manifests/lastlog/enable.pp | 13 +++++++++++ manifests/utmp/disable.pp | 6 +++-- manifests/utmp/enable.pp | 11 +++++---- manifests/wtmp/disable.pp | 6 +++-- manifests/wtmp/enable.pp | 11 +++++---- 11 files changed, 97 insertions(+), 77 deletions(-) create mode 100644 manifests/lastlog/enable.pp diff --git a/manifests/btmp/disable.pp b/manifests/btmp/disable.pp index 809c669..7a27126 100644 --- a/manifests/btmp/disable.pp +++ b/manifests/btmp/disable.pp @@ -1,4 +1,6 @@ -class loginrecords::btmp::disable { - file { "$btmp_file": ensure => 'absent' } +class loginrecords::btmp::disable inherits loginrecords::btmp::enable { + File[$btmp_file]{ + ensure => 'absent' + } } diff --git a/manifests/btmp/enable.pp b/manifests/btmp/enable.pp index ea19e16..c173362 100644 --- a/manifests/btmp/enable.pp +++ b/manifests/btmp/enable.pp @@ -1,5 +1,8 @@ -class loginrecords::btmp::enable { - file { "$btmp_file": - ensure => 'present', mode => 660, owner => 'root', group => 'utmp', - } +class loginrecords::btmp::enable( + $btmp_file = '/var/log/btmp' +){ + file{$btmp_file: + ensure => 'present', + owner => 'root', group => 'utmp', mode => 660; + } } diff --git a/manifests/debian.pp b/manifests/debian.pp index 2df522f..12ec571 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -1,36 +1,33 @@ class loginrecords::debian inherits loginrecords::base { - $login_defs_file = '/etc/login.defs' - $btmp_file = '/var/log/btmp' - $utmp_file = '/var/run/utmp' - $wtmp_file = '/var/log/wtmp' + if $loginrecords::disable_btmp { + class{'loginrecords::btmp::disable': } + } else { + class{'loginrecords::btmp::enable': } + } - if $loginrecords::disable_btmp { - include loginrecords::btmp::disable - } else { - include loginrecords::btmp::enable - } + if $loginrecords::disable_faillog { + class{'loginrecords::faillog::disable': } + } else { + class{'loginrecords::faillog::enable': } + } - if $loginrecords::disable_faillog { - include loginrecords::faillog::disable - } else { - include loginrecords::faillog::enable - } + if $loginrecords::disable_lastlog { + class{'loginrecords::lastlog::disable': } + } else { + class{'loginrecords::lastlog::enable': } + } - if $loginrecords::disable_lastlog { - class{'loginrecords::lastlog::disable': } - } + if $loginrecords::disable_utmp { + class{'loginrecords::utmp::disable': } + } else { + class{'loginrecords::utmp::enable': } + } - if $loginrecords::disable_utmp { - include loginrecords::utmp::disable - } else { - include loginrecords::utmp::enable - } - - if $loginrecords::disable_wtmp { - include loginrecords::wtmp::disable - } else { - include loginrecords::wtmp::enable - } + if $loginrecords::disable_wtmp { + class{'loginrecords::wtmp::disable': } + } else { + class{'loginrecords::wtmp::enable': } + } } diff --git a/manifests/faillog/disable.pp b/manifests/faillog/disable.pp index a5d2dc5..c05e6bc 100644 --- a/manifests/faillog/disable.pp +++ b/manifests/faillog/disable.pp @@ -1,12 +1,9 @@ -class loginrecords::faillog::disable { - replace { 'loginrecords-faillog-disable': - file => $login_defs_file, - pattern => '^FAILLOG_ENAB[[:space:]]+yes$', - replacement => 'FAILLOG_ENAB no', - } - line { 'loginrecords-faillog-disable': - file => $login_defs_file, - line => 'FAILLOG_ENAB no', - require => Replace['loginrecords-faillog-disable'], - } +class loginrecords::faillog::disable inherits loginrecords::faillog::enable{ + Replace['loginrecords-faillog']{ + pattern => '^FAILLOG_ENAB[[:space:]]+yes$', + replacement => 'FAILLOG_ENAB no', + } + Line['loginrecords-faillog']{ + line => 'FAILLOG_ENAB no', + } } diff --git a/manifests/faillog/enable.pp b/manifests/faillog/enable.pp index f26dc69..c714b74 100644 --- a/manifests/faillog/enable.pp +++ b/manifests/faillog/enable.pp @@ -1,12 +1,14 @@ -class loginrecords::faillog::enable { - replace { 'loginrecords-faillog-enable': - file => $login_defs_file, - pattern => '^FAILLOG_ENAB[[:space]]+no$', - replacement => 'FAILLOG_ENAB yes', - } - line { 'loginrecords-faillog-enable': - file => $login_defs_file, - line => 'FAILLOG_ENAB yes', - require => Replace['loginrecords-faillog-enable'], - } +class loginrecords::faillog::enable( + $login_defs_file = '/etc/login.defs' +) { + replace{'loginrecords-faillog': + file => $login_defs_file, + pattern => '^FAILLOG_ENAB[[:space]]+no$', + replacement => 'FAILLOG_ENAB yes', + } + line{'loginrecords-faillog': + file => $login_defs_file, + line => 'FAILLOG_ENAB yes', + require => Replace['loginrecords-faillog'], + } } diff --git a/manifests/lastlog/disable.pp b/manifests/lastlog/disable.pp index 519195f..e143477 100644 --- a/manifests/lastlog/disable.pp +++ b/manifests/lastlog/disable.pp @@ -1,13 +1,9 @@ -class loginrecords::lastlog::disable( - $pam_login_file = '/etc/pam.d/login' -){ - replace { 'loginrecords-lastlog-disable': - file => $pam_login_file, +class loginrecords::lastlog::disable inherits loginrecords::lastlog::enable { + Replace['loginrecords-lastlog']{ pattern => '^session[[:space:]]+optional[[:space:]]+pam_lastlog.so$', replacement => '#session optional pam_lastlog.so', } - file{'/var/log/lastlog': - content => '', - owner => root, group => utmp, mode => 0664; - } + File['/var/log/lastlog']{ + ensure => absent, + } } diff --git a/manifests/lastlog/enable.pp b/manifests/lastlog/enable.pp new file mode 100644 index 0000000..bd9378b --- /dev/null +++ b/manifests/lastlog/enable.pp @@ -0,0 +1,13 @@ +class loginrecords::lastlog::enable( + $pam_login_file = '/etc/pam.d/login' +){ + replace{'loginrecords-lastlog': + file => $pam_login_file, + pattern => '^#session[[:space:]]+optional[[:space:]]+pam_lastlog.so$', + replacement => 'session optional pam_lastlog.so', + } + file{'/var/log/lastlog': + ensure => present, + owner => root, group => utmp, mode => 0664; + } +} diff --git a/manifests/utmp/disable.pp b/manifests/utmp/disable.pp index 8d9145a..5b4ce07 100644 --- a/manifests/utmp/disable.pp +++ b/manifests/utmp/disable.pp @@ -1,3 +1,5 @@ -class loginrecords::utmp::disable { - file { "$utmp_file": ensure => 'absent' } +class loginrecords::utmp::disable inherits loginrecords::utmp::enable { + File[$utmp_file]{ + ensure => 'absent' + } } diff --git a/manifests/utmp/enable.pp b/manifests/utmp/enable.pp index 81e58ec..ee47b94 100644 --- a/manifests/utmp/enable.pp +++ b/manifests/utmp/enable.pp @@ -1,5 +1,8 @@ -class loginrecords::utmp::enable { - file { "$utmp_file": - ensure => 'present', mode => 660, owner => 'root', group => 'utmp', - } +class loginrecords::utmp::enable( + $utmp_file = '/var/run/utmp' +){ + file {$utmp_file: + ensure => 'present', + owner => 'root', group => 'utmp', mode => 660; + } } diff --git a/manifests/wtmp/disable.pp b/manifests/wtmp/disable.pp index c7c2b6d..c974cd9 100644 --- a/manifests/wtmp/disable.pp +++ b/manifests/wtmp/disable.pp @@ -1,3 +1,5 @@ -class loginrecords::wtmp::disable { - file { "$wtmp_file": ensure => 'absent' } +class loginrecords::wtmp::disable inherits loginrecords::wtmp::enable { + File[$wtmp_filer]{ + ensure => 'absent' + } } diff --git a/manifests/wtmp/enable.pp b/manifests/wtmp/enable.pp index 4982839..f3b5ee9 100644 --- a/manifests/wtmp/enable.pp +++ b/manifests/wtmp/enable.pp @@ -1,5 +1,8 @@ -class loginrecords::wtmp::enable { - file { "$wtmp_file": - ensure => 'present', mode => 664, owner => 'root', group => 'utmp', - } +class loginrecords::wtmp::enable( + $wtmp_file = '/var/log/wtmp' +){ + file{$wtmp_file: + ensure => 'present', + owner => 'root', group => 'utmp', mode => 664; + } } -- cgit v1.2.3