tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

selinux: Added parameter client_users for selinux::setroubleshoot

Browse source
This commit is contained in:
Ossi Salmi 2013-06-17 23:15:18 +03:00
parent c19bffd3ec
commit 300de9e57b
1 changed files with 15 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
selinux/manifests/init.pp
View file

@ -62,16 +62,21 @@ class selinux {
# #
# === Parameters # === Parameters
# #
# $client_users:
# Array of users allowed to access the setroubleshoot server.
# Defaults to ["*"].
#
# $mailto: # $mailto:
# Array of email addresses where to send SELinux alerts. # Array of email addresses where to send SELinux alerts.
# Disabled by default. # Disabled by default.
# #
class selinux::setroubleshoot($mailto=undef) { class selinux::setroubleshoot($client_users=["*"], $mailto=undef) {
if $::selinux == "true" { if $::selinux == "true" {
package { "setroubleshoot": package { "setroubleshoot":
ensure => installed, ensure => installed,
} }
if $::operatingsystem in ["CentOS","RedHat"] and $::operatingsystemrelease =~ /^[1-5]\./ { if $::operatingsystem in ["CentOS","RedHat"] and $::operatingsystemrelease =~ /^[1-5]\./ {
service { "setroubleshoot": service { "setroubleshoot":
ensure => running, ensure => running,
@ -80,6 +85,15 @@ class selinux::setroubleshoot($mailto=undef) {
require => Package["setroubleshoot"], require => Package["setroubleshoot"],
} }
} }
$client_users_real = inline_template("<%= @client_users.join(',') %>")
augeas { "set-setroubleshoot-client_users":
changes => "set access/client_users '${client_users_real}'",
incl => "/etc/setroubleshoot/setroubleshoot.conf",
lens => "Puppet.lns",
require => Package["setroubleshoot"],
}
if $mailto { if $mailto {
if !$mail_server { if !$mail_server {
$mail_server = "127.0.0.1" $mail_server = "127.0.0.1"