From c19bffd3ec5aed919d0232d970f0f4f4ca1fc454 Mon Sep 17 00:00:00 2001 From: Ossi Salmi Date: Mon, 17 Jun 2013 22:36:04 +0300 Subject: [PATCH] selinux: Added email support to setroubleshoot --- selinux/manifests/init.pp | 27 +++++++++++++++++++- selinux/templates/email_alert_recipients.erb | 3 +++ 2 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 selinux/templates/email_alert_recipients.erb diff --git a/selinux/manifests/init.pp b/selinux/manifests/init.pp index b81e5bc..a8cd734 100644 --- a/selinux/manifests/init.pp +++ b/selinux/manifests/init.pp @@ -60,7 +60,13 @@ class selinux { # Install setroubleshoot # -class selinux::setroubleshoot { +# === Parameters +# +# $mailto: +# Array of email addresses where to send SELinux alerts. +# Disabled by default. +# +class selinux::setroubleshoot($mailto=undef) { if $::selinux == "true" { package { "setroubleshoot": @@ -74,6 +80,25 @@ class selinux::setroubleshoot { require => Package["setroubleshoot"], } } + if $mailto { + if !$mail_server { + $mail_server = "127.0.0.1" + } + augeas { "set-setroubleshoot-smtp_host": + changes => "set email/smtp_host '${mail_server}'", + incl => "/etc/setroubleshoot/setroubleshoot.conf", + lens => "Puppet.lns", + require => Package["setroubleshoot"], + } + file { "/var/lib/setroubleshoot/email_alert_recipients": + ensure => present, + mode => "0600", + owner => "root", + group => "root", + content => template("selinux/email_alert_recipients.erb"), + require => Augeas["set-setroubleshoot-smtp_host"], + } + } } } diff --git a/selinux/templates/email_alert_recipients.erb b/selinux/templates/email_alert_recipients.erb new file mode 100644 index 0000000..6ba0eda --- /dev/null +++ b/selinux/templates/email_alert_recipients.erb @@ -0,0 +1,3 @@ +<% @mailto.each do |email| -%> +<%= email %> filter_type=after_first +<% end -%>