diff --git a/syslog/manifests/init.pp b/syslog/manifests/init.pp index 7eaa66d..d398ceb 100644 --- a/syslog/manifests/init.pp +++ b/syslog/manifests/init.pp @@ -121,6 +121,10 @@ class syslog::client::rsyslog { # $syslog_datadir: # Directory where to store logs. Defaults to /srv/log. # +# $syslog_group: +# Group name which has permissions to read logs. Defaults to +# wheel or root depending on operating system. +# class syslog::standalone { if !$syslog_type { @@ -132,46 +136,44 @@ class syslog::standalone { } } + if $syslog_group { + $group = $syslog_group + } else { + if $operatingsystem == "OpenBSD" { + $group = "wheel" + } else { + $group = "root" + } + } + if $syslog_datadir { file { $syslog_datadir: ensure => directory, - mode => 0750, + mode => 2750, owner => "root", - group => $operatingsystem ? { - "openbsd" => "wheel", - default => "root", - }, + group => $group, } file { "/srv/log": ensure => link, target => $syslog_datadir, owner => "root", - group => $operatingsystem ? { - "openbsd" => "wheel", - default => "root", - }, + group => $group, require => File[$syslog_datadir], } } else { file { "/srv/log": ensure => directory, - mode => 0755, + mode => 2750, owner => "root", - group => $operatingsystem ? { - "openbsd" => "wheel", - default => "root", - }, + group => $group, } } file { "/srv/log/archive": ensure => directory, - mode => 0755, + mode => 2750, owner => "root", - group => $operatingsystem ? { - "openbsd" => "wheel", - default => "root", - }, + group => $group, require => File["/srv/log"], }