From 36c0149f58efb23e0cf3f50a6c649f0957366f5e Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Thu, 9 Mar 2017 10:54:32 -0300
Subject: Adds order param at nodo::subsystem::grsec

---
 manifests/subsystem/grsec.pp | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/manifests/subsystem/grsec.pp b/manifests/subsystem/grsec.pp
index 185454f..9cc8ba6 100644
--- a/manifests/subsystem/grsec.pp
+++ b/manifests/subsystem/grsec.pp
@@ -1,11 +1,18 @@
 class nodo::subsystem::grsec {
   include nodo::utils::security::grsec
 
+  nodo::subsystem::sysctl::entry { 'kernel.grsecurity.grsec_lock':
+    order => 'zz',
+    value => 1,
+  }
+
   nodo::subsystem::sysctl::entry { 'kernel.grsecurity.rwxmap_logging':
+    order => 'xx',
     value => 0,
   }
 
-  nodo::subsystem::sysctl::entry { 'kernel.grsecurity.grsec_lock':
-    value => 1,
+  # Old configs
+  file { [ '/etc/sysctl.d/kernel.grsecurity.rwxmap_logging.conf', '/etc/sysctl.d/kernel.grsecurity.grsec_lock.conf' ]:
+    ensure => absent,
   }
 }
-- 
cgit v1.2.3