diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2017-08-19 13:52:20 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2017-08-19 13:52:20 -0300 |
commit | 813436c5524f6a715de9f4bdd21439772edcc256 (patch) | |
tree | 9ba60cfd006cb0daae28575b86883125a62bd0b9 /manifests/subsystem/security.pp | |
parent | c4aa80a8be76e08f510f6fad6395a6af2ee80cf2 (diff) | |
download | puppet-nodo-813436c5524f6a715de9f4bdd21439772edcc256.tar.gz puppet-nodo-813436c5524f6a715de9f4bdd21439772edcc256.tar.bz2 |
Remove obsolete packages and configure debsecan
Diffstat (limited to 'manifests/subsystem/security.pp')
-rw-r--r-- | manifests/subsystem/security.pp | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/manifests/subsystem/security.pp b/manifests/subsystem/security.pp index faf00bb..701b586 100644 --- a/manifests/subsystem/security.pp +++ b/manifests/subsystem/security.pp @@ -8,4 +8,20 @@ class nodo::subsystem::security { group => "root", mode => "0755", } + + package { [ 'debsecan', 'debian-security-support' ]: + ensure => $::lsbdistcodename ? { + 'trusty' => absent, + default => present, + }, + } + + file { '/etc/default/debsecan' : + ensure => present, + owner => "root", + group => "root", + mode => "0644", + content => template("nodo/debsecan/default.erb"), + require => Package['debsecan'], + } } |