Merge branch 'master' of bitbucket.org:tmakinen/puppet

sendmail/manifests/init.pp

@@ -167,12 +167,16 @@ class sendmail::client::msa inherits sendmail::client {
         $ssl_key = basename($sendmail_ssl_key)
         $ssl_cert = basename($sendmail_ssl_cert)
         file { "${ssl::private}/${ssl_key}":
-            ensure => present,
+            ensure  => present,
-            mode   => "0640",
+            mode    => "0640",
-            owner  => "root",
+            owner   => "root",
-            group  => "smmsp",
+            group   => "smmsp",
-            source => $sendmail_ssl_key,
+            source  => $sendmail_ssl_key,
-            notify => Service["sendmail"],
+            require => $::operatingsystem ? {
+                "openbsd" => undef,
+                default   => Package["sendmail"],
+            },
+            notify  => Service["sendmail"],
         }
         file { "${ssl::certs}/${ssl_cert}":
             ensure => present,

sudo/files/fakesudo

@@ -0,0 +1,24 @@
+#!/bin/sh
+
+trap report SIGINT SIGTERM
+
+function askpw {
+    read -s -p "Password:" password
+    password=""
+    echo ""
+    echo "Sorry, try again."
+}
+
+function report {
+    stty echo # Fix echo if ^C during password prompt
+    ( whoami ; date ) | mailx -s "Someone sudo'ed (`id -un`, ${SSH_CONNECTION})" root
+    exit 1
+}
+
+function main {
+    for try in 1 2 3; do askpw; done
+    echo "sudo: 3 incorrect password attempts"
+    report
+}
+
+main

sudo/manifests/init.pp

@@ -37,6 +37,20 @@ class sudo {
 
 }
 
+# Install fake sudo
+#
+class sudo::fake {
+
+  file { "/usr/bin/sudo":
+    ensure => present,
+    mode   => 0555,
+    owner  => "root",
+    group  => "root",
+    source => "puppet:///modules/sudo/fakesudo",
+  }
+  
+}
+
 # Add sudoer.
 #
 # === Parameters