aboutsummaryrefslogtreecommitdiff
path: root/manifests/subsystem/security.pp
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2017-08-19 13:52:20 -0300
committerSilvio Rhatto <rhatto@riseup.net>2017-08-19 13:52:20 -0300
commit813436c5524f6a715de9f4bdd21439772edcc256 (patch)
tree9ba60cfd006cb0daae28575b86883125a62bd0b9 /manifests/subsystem/security.pp
parentc4aa80a8be76e08f510f6fad6395a6af2ee80cf2 (diff)
downloadpuppet-nodo-813436c5524f6a715de9f4bdd21439772edcc256.tar.gz
puppet-nodo-813436c5524f6a715de9f4bdd21439772edcc256.tar.bz2
Remove obsolete packages and configure debsecan
Diffstat (limited to 'manifests/subsystem/security.pp')
-rw-r--r--manifests/subsystem/security.pp16
1 files changed, 16 insertions, 0 deletions
diff --git a/manifests/subsystem/security.pp b/manifests/subsystem/security.pp
index faf00bb..701b586 100644
--- a/manifests/subsystem/security.pp
+++ b/manifests/subsystem/security.pp
@@ -8,4 +8,20 @@ class nodo::subsystem::security {
group => "root",
mode => "0755",
}
+
+ package { [ 'debsecan', 'debian-security-support' ]:
+ ensure => $::lsbdistcodename ? {
+ 'trusty' => absent,
+ default => present,
+ },
+ }
+
+ file { '/etc/default/debsecan' :
+ ensure => present,
+ owner => "root",
+ group => "root",
+ mode => "0644",
+ content => template("nodo/debsecan/default.erb"),
+ require => Package['debsecan'],
+ }
}