Puppet module to manage login records. E.g. disable successful and failed login records. All functionality is currently only available on Debian GNU/Linux. Bits should be made available for other operating systems after checking they are configured the same way. Defaults to disable all supported login records. Dependencies ============ - the lsb module: git://labs.riseup.net/shared-lsb - the stdlib module from puppetlabs: http://forge.puppetlabs.com/puppetlabs/stdlib Configuration ============= You can set the following parameters for the loginrecords class. If you just include the class loginrecords this will disable all loginlogs. $disable_btmp, $disable_wtmp ---------------------------- Default: /var/log/btmp and /var/log/wtmp are ensured to be absent. These variables, when set to a false, non-empty value, have these files created and their logging enabled again. $protect_utmp ------------- Default: /var/run/utmp is ensured to be present, but chmod'ed 660. When set to a false, non-empty value, /var/run/utmp is ensured to be present, and chmod'ed 664. $disable_faillog ---------------- Default: faillog is disabled. When set to false, faillog is enabled. $disable_lastlog ---------------- Default: lastlog is disabled. When set to a false, non-empty value, lastlog is not changed. $ramdisk_on_var_run ------------------- Default: have the initscripts mount a ramdisk on /var/run. When set to a false, non-empty value, the mounting of a ramdisk on /var/run is disabled. This has no effect on Debian Wheezy or later: a ramdisk is always mounted on /run, regardless of this setting. Please note that the changes only take effect on reboot. When enabling this feature, you probably want to get rid of any file previously stored on the files (such as utmp) stored in the non-ramdisk underlying /var/run directory. Copyright ========= Copyright (c) 2010-2013 intrigeri Licence ======= GPL-3+