diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2017-08-19 13:52:20 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2017-08-19 13:52:20 -0300 |
| commit | 813436c5524f6a715de9f4bdd21439772edcc256 (patch) | |
| tree | 9ba60cfd006cb0daae28575b86883125a62bd0b9 | |
| parent | c4aa80a8be76e08f510f6fad6395a6af2ee80cf2 (diff) | |
| download | puppet-nodo-813436c5524f6a715de9f4bdd21439772edcc256.tar.gz puppet-nodo-813436c5524f6a715de9f4bdd21439772edcc256.tar.bz2 | |
Remove obsolete packages and configure debsecan
| -rw-r--r-- | manifests/subsystem/security.pp | 16 | ||||
| -rw-r--r-- | manifests/utils.pp | 14 | ||||
| -rw-r--r-- | manifests/utils/android.pp | 11 | ||||
| -rw-r--r-- | manifests/utils/development/ide.pp | 9 | ||||
| -rw-r--r-- | manifests/utils/development/toolchain.pp | 2 | ||||
| -rw-r--r-- | manifests/utils/latex.pp | 9 | ||||
| -rw-r--r-- | templates/debsecan/default.erb | 17 |
7 files changed, 61 insertions, 17 deletions
diff --git a/manifests/subsystem/security.pp b/manifests/subsystem/security.pp index faf00bb..701b586 100644 --- a/manifests/subsystem/security.pp +++ b/manifests/subsystem/security.pp @@ -8,4 +8,20 @@ class nodo::subsystem::security { group => "root", mode => "0755", } + + package { [ 'debsecan', 'debian-security-support' ]: + ensure => $::lsbdistcodename ? { + 'trusty' => absent, + default => present, + }, + } + + file { '/etc/default/debsecan' : + ensure => present, + owner => "root", + group => "root", + mode => "0644", + content => template("nodo/debsecan/default.erb"), + require => Package['debsecan'], + } } diff --git a/manifests/utils.pp b/manifests/utils.pp index 0bd6b59..d033b09 100644 --- a/manifests/utils.pp +++ b/manifests/utils.pp @@ -4,14 +4,7 @@ class nodo::utils inherits nodo::utils::base { ensure => present, } - package { 'debian-security-support': - ensure => $::lsbdistcodename ? { - 'trusty' => absent, - default => present, - }, - } - - package { [ 'debsecan', 'needrestart' ]: + package { 'needrestart': ensure => present, } @@ -22,11 +15,6 @@ class nodo::utils inherits nodo::utils::base { } } - # To be considered - #package { 'needrestart': - # ensure => present, - #} - if !defined(Package['git']) { package { 'git': ensure => latest, diff --git a/manifests/utils/android.pp b/manifests/utils/android.pp index b3f9d29..ad68608 100644 --- a/manifests/utils/android.pp +++ b/manifests/utils/android.pp @@ -4,8 +4,17 @@ class nodo::utils::android ( package { [ 'android-tools-adb', 'android-tools-fastboot', + ]: + ensure => $ensure, + } + + # Not available on stretch + package { [ 'android-tools-fsutils', ]: - ensure => $ensure, + ensure => $::lsbdistcodename ? { + 'stretch' => undef, + default => present, + }, } } diff --git a/manifests/utils/development/ide.pp b/manifests/utils/development/ide.pp index 99f9112..70045b0 100644 --- a/manifests/utils/development/ide.pp +++ b/manifests/utils/development/ide.pp @@ -3,7 +3,7 @@ class nodo::utils::development::ide ( ) { # In use package { [ - 'mr', + 'myrepos', 'stow', 'hexedit', 'ack-grep', @@ -25,4 +25,11 @@ class nodo::utils::development::ide ( ]: ensure => $ensure, } + + # Old stuff + package { [ + 'mr', + ]: + ensure => absent, + } } diff --git a/manifests/utils/development/toolchain.pp b/manifests/utils/development/toolchain.pp index 8adec01..5678d4e 100644 --- a/manifests/utils/development/toolchain.pp +++ b/manifests/utils/development/toolchain.pp @@ -3,7 +3,6 @@ class nodo::utils::development::toolchain ( ) { package { [ 'emdebian-archive-keyring', - 'scratchbox2', 'qemu-user-static', 'multistrap', 'fakechroot', @@ -15,6 +14,7 @@ class nodo::utils::development::toolchain ( package { [ 'xapt', 'pdebuild-cross', + 'scratchbox2', ]: ensure => absent, } diff --git a/manifests/utils/latex.pp b/manifests/utils/latex.pp index d95b49b..c8c8086 100644 --- a/manifests/utils/latex.pp +++ b/manifests/utils/latex.pp @@ -8,11 +8,18 @@ class nodo::utils::latex ( 'texlive-latex-extra', 'texlive-fonts-extra', 'texlive-lang-portuguese', + 'texlive-extra-utils', 'vim-latexsuite', - 'pdfjam', 'pdftk', #'pdfsam', ]: ensure => $ensure, } + + # Old stuff + package { [ + 'pdfjam', + ]: + ensure => absent, + } } diff --git a/templates/debsecan/default.erb b/templates/debsecan/default.erb new file mode 100644 index 0000000..7fc18e2 --- /dev/null +++ b/templates/debsecan/default.erb @@ -0,0 +1,17 @@ +# Configuration file for debsecan. Contents of this file should +# adhere to the KEY=VALUE shell syntax. This file may be edited by +# debsecan's scripts, but your modifications are preserved. + +# If true, enable daily reports, sent by email. +REPORT=true + +# For better reporting, specify the correct suite here, using the code +# name (that is, "sid" instead of "unstable"). +SUITE=<%= scope.lookupvar('::lsbdistcodename') %> + +# Mail address to which reports are sent. +MAILTO=root + +# The URL from which vulnerability data is downloaded. Empty for the +# built-in default. +SOURCE= |