From bd5ccf4211b3b277ad7734f9cfe5d8ed1730fc2b Mon Sep 17 00:00:00 2001 From: Ossi Salmi Date: Mon, 18 Apr 2016 15:13:58 +0300 Subject: [PATCH 1/4] nfs: Merge from parameterize branch --- nfs/manifests/init.pp | 98 ++++++++++++++++++++++------- nfs/templates/nfs-kernel-server.erb | 22 +++++++ nfs/templates/nfs.sysconfig.erb | 8 +-- 3 files changed, 100 insertions(+), 28 deletions(-) create mode 100644 nfs/templates/nfs-kernel-server.erb diff --git a/nfs/manifests/init.pp b/nfs/manifests/init.pp index fe99921..4517c18 100644 --- a/nfs/manifests/init.pp +++ b/nfs/manifests/init.pp @@ -1,4 +1,3 @@ - # Install NFS client. # class nfs::client { @@ -13,12 +12,31 @@ class nfs::client { }, } - if $::operatingsystem == "Fedora" and $::operatingsystemrelease >= 16 { - # https://bugzilla.redhat.com/show_bug.cgi?id=692008 - service { "NetworkManager-wait-online": - ensure => stopped, - enable => true, + case $::operatingsystem { + "fedora": { + # https://bugzilla.redhat.com/show_bug.cgi?id=692008 + service { "NetworkManager-wait-online": + ensure => stopped, + enable => true, + } } + "ubuntu": { + file { "/etc/modprobe.d/lockd.conf": + ensure => present, + mode => "0644", + owner => "root", + group => "root", + content => "options lockd nlm_tcpport=4001 nlm_udpport=4001\n", + before => Package["nfs-utils"], + } + augeas { "set-nfs-common": + context => "/files/etc/default/nfs-common", + changes => "set STATDOPTS '\"--port 4000\"'", + notify => Service["nfslock"], + require => Package["nfs-utils"], + } + } + default: { } } service { "nfslock": @@ -26,8 +44,8 @@ class nfs::client { enable => true, name => $::operatingsystem ? { "centos" => $::operatingsystemrelease ? { - /^[1-6]/ => "nfslock", - default => "rpc-statd", + /^[1-6]/ => "nfslock", + default => "rpc-statd", }, "fedora" => $::operatingsystemrelease ? { /^([1-9]|1[0-5])$/ => "nfslock", @@ -45,30 +63,62 @@ class nfs::client { # Install and configure NFS server. # -class nfs::server { +# === Parameters +# +# $servers: +# Number of nfs server processes to be started. Defaults to 8. +# +# $versions: +# Array of NFS versions to enable. Defaults to [ "3" ]. +# +class nfs::server( + $servers="8", + $versions=["3"], +) { + + $default_versions = [ "2", "3", "4" ] + $disable_versions = inline_template('<%= (@default_versions - @versions).map { |v| "-N %s" % v }.join(" ") %>') require nfs::client file { "/etc/exports": - ensure => present, - source => [ + ensure => present, + source => [ "puppet:///files/nfs/exports.${::homename}", "puppet:///modules/nfs/exports", ], - mode => "0644", - owner => "root", - group => "root", - require => Package["nfs-utils"], - notify => Exec["exportfs"], + mode => "0644", + owner => "root", + group => "root", + notify => Exec["exportfs"], } - file { "/etc/sysconfig/nfs": - ensure => present, - content => template("nfs/nfs.sysconfig.erb"), - mode => "0644", - owner => "root", - group => "root", - notify => Service["nfs"], + case $::operatingsystem { + "centos","redhat","fedora": { + file { "/etc/sysconfig/nfs": + ensure => present, + mode => "0644", + owner => "root", + group => "root", + content => template("nfs/nfs.sysconfig.erb"), + notify => Service["nfs"], + } + } + "ubuntu": { + package { "nfs-kernel-server": + ensure => installed, + } + file { "/etc/default/nfs-kernel-server": + ensure => present, + mode => "0644", + owner => "root", + group => "root", + content => template("nfs/nfs-kernel-server.erb"), + require => Package["nfs-kernel-server"], + notify => Service["nfs"], + } + } + default: { } } service { "nfs": @@ -78,11 +128,11 @@ class nfs::server { /^([1-9]|1[0-5])$/ => "nfs", default => "nfs-server", }, + "ubuntu" => "nfs-kernel-server", default => "nfs", }, enable => true, hasstatus => true, - require => Service["nfslock"], } exec { "exportfs": diff --git a/nfs/templates/nfs-kernel-server.erb b/nfs/templates/nfs-kernel-server.erb new file mode 100644 index 0000000..9cdb420 --- /dev/null +++ b/nfs/templates/nfs-kernel-server.erb @@ -0,0 +1,22 @@ +# Number of servers to start up +RPCNFSDCOUNT=<%= @servers %> + +# Runtime priority of server (see nice(1)) +RPCNFSDPRIORITY=0 + +# Options for rpc.mountd. +# If you have a port-based firewall, you might want to set up +# a fixed port here using the --port option. For more information, +# see rpc.mountd(8) or http://wiki.debian.org/SecuringNFS +# To disable NFSv4 on the server, specify '--no-nfs-version 4' here +RPCMOUNTDOPTS="--manage-gids --port 4002 <%= @disable_versions %>" + +# Do you want to start the svcgssd daemon? It is only required for Kerberos +# exports. Valid alternatives are "yes" and "no"; the default is "no". +NEED_SVCGSSD="" + +# Options for rpc.svcgssd. +RPCSVCGSSDOPTS="" + +# Options for rpc.nfsd. +RPCNFSDOPTS="<%= @disable_versions %>" diff --git a/nfs/templates/nfs.sysconfig.erb b/nfs/templates/nfs.sysconfig.erb index 462404a..c33b620 100644 --- a/nfs/templates/nfs.sysconfig.erb +++ b/nfs/templates/nfs.sysconfig.erb @@ -26,20 +26,20 @@ LOCKD_UDPPORT=4001 # Turn off v2 and v3 protocol support #RPCNFSDARGS="-N 2 -N 3" # Turn off v4 protocol support -RPCNFSDARGS="-N 4" +RPCNFSDARGS="<%= @disable_versions %>" # Number of nfs server processes to be started. # The default is 8. -RPCNFSDCOUNT=64 +RPCNFSDCOUNT=<%= @servers %> # Stop the nfsd module from being pre-loaded #NFSD_MODULE="noload" # # <% if @operatingsystem == 'Fedora' -%> # Optional arguments passed to rpc.mountd. See rpc.mountd(8) -RPCMOUNTDOPTS="--no-nfs-version 4 -p 4002" +RPCMOUNTDOPTS="<%= @disable_versions %> -p 4002" <% else -%> # Optional arguments passed to rpc.mountd. See rpc.mountd(8) -RPCMOUNTDOPTS="--no-nfs-version 4" +RPCMOUNTDOPTS="<%= @disable_versions %>" # Port rpc.mountd should listen on. MOUNTD_PORT=4002 <% end -%> From 55c8b7bd5fa0e26c9809c8cf5c471c31614a069e Mon Sep 17 00:00:00 2001 From: Ossi Salmi Date: Mon, 18 Apr 2016 15:15:31 +0300 Subject: [PATCH 2/4] dhcp: Merge from parameterize branch --- dhcp/manifests/init.pp | 119 +++++++++++++-------------------- dhcp/templates/dhcpd.sysconfig | 4 +- 2 files changed, 48 insertions(+), 75 deletions(-) diff --git a/dhcp/manifests/init.pp b/dhcp/manifests/init.pp index b92699c..caa54a1 100644 --- a/dhcp/manifests/init.pp +++ b/dhcp/manifests/init.pp @@ -1,6 +1,6 @@ # Install common parts of DHCP server # -class dhcp::server::common { +class dhcp::server::common($interface=undef) { case $::operatingsystem { "centos","redhat": { @@ -21,6 +21,13 @@ class dhcp::server::common { $confdir = "/etc" $package = "isc-dhcp-server" $service = "isc_dhcpd" + + Service["dhcpd"] { + flags => $interface ? { + undef => "-q -user _isc-dhcp -group _isc-dhcp", + default => "-q -user _isc-dhcp -group _isc-dhcp ${interface}", + }, + } } "ubuntu": { if versioncmp($::operatingsystemrelease, "12.04") >= 0 { @@ -57,7 +64,7 @@ class dhcp::server::common { file { "/var/db/dhcpd.leases": ensure => present, - mode => 0644, + mode => "0644", owner => "root", group => "wheel", before => Service["dhcpd"], @@ -68,36 +75,25 @@ class dhcp::server::common { ensure => running, enable => true, name => $service, - binary => $::operatingsystem ? { - "openbsd" => "/usr/local/sbin/dhcpd", - default => undef, - }, - start => $::operatingsystem ? { - "openbsd" => $dhcp_server_interface ? { - "" => "/usr/local/sbin/dhcpd -q", - default => "/usr/local/sbin/dhcpd -q ${dhcp_server_interface}", - }, - default => undef, - }, require => Package["dhcp"], } - if $dhcp_server_interface { + if $interface { case $::operatingsystem { - "centos","redhat": { + "fedora","centos","redhat": { file { "/etc/sysconfig/dhcpd": ensure => present, - content => template("dhcp/dhcpd.sysconfig"), mode => "0644", owner => "root", group => "root", + content => template("dhcp/dhcpd.sysconfig"), require => Package["dhcp"], notify => Service["dhcpd"], } } "openbsd": {} default: { - fail("Variable \${dhcp_server_interface} not supported in ${::operatinsystem}") + fail("Parameter interface not supported in ${::operatinsystem}") } } } @@ -107,24 +103,30 @@ class dhcp::server::common { # Install DHCP server with static config. # -# === Global variables +# === Parameters # -# $dhcp_server_interface: +# $interface: # Interface that DHCP server should listen. Defaults to all. # -class dhcp::server inherits dhcp::server::common { +class dhcp::server($interface=undef) { + + class { "dhcp::server::common": + interface => $interface, + } file { "dhcpd.conf": - name => "${confdir}/dhcpd.conf", ensure => present, - source => [ "puppet:///files/dhcp/dhcpd.conf.${::homename}", - "puppet:///files/dhcp/dhcpd.conf", ], + name => "${dhcp::server::common::confdir}/dhcpd.conf", mode => "0644", owner => "root", group => $::operatingsystem ? { "openbsd" => "wheel", default => "root", }, + source => [ + "puppet:///files/dhcp/dhcpd.conf.${::homename}", + "puppet:///files/dhcp/dhcpd.conf", + ], notify => Service["dhcpd"], } @@ -133,38 +135,46 @@ class dhcp::server inherits dhcp::server::common { # Install DHCP server and generate config from LDAP. # -# === Global variables +# === Parameters # -# $dhcp_server_interface: +# $interface: # Interface that DHCP server should listen. Defaults to all. # -class dhcp::server::ldap inherits dhcp::server::common { +class dhcp::server::ldap($interface=undef) { - include python - include ldap::client + class { "dhcp::server::common": + interface => $interface, + } + + require python + require ldap::client file { "/usr/local/sbin/dhcpdump.py": - ensure => present, - source => "puppet:///modules/dhcp/dhcpdump.py", - mode => "0755", - owner => "root", - group => $::operatingsystem ? { + ensure => present, + mode => "0755", + owner => "root", + group => $::operatingsystem ? { "openbsd" => "wheel", default => "root", }, + source => "puppet:///modules/dhcp/dhcpdump.py", } + $confdir = $dhcp::server::common::confdir + file { "dhcpd.conf.in": ensure => present, name => "${confdir}/dhcpd.conf.in", - source => [ "puppet:///files/dhcp/dhcpd.conf.in.${hostname}", - "puppet:///files/dhcp/dhcpd.conf.in", ], mode => "0644", owner => "root", group => $::operatingsystem ? { "openbsd" => "wheel", default => "root", }, + source => [ + "puppet:///files/dhcp/dhcpd.conf.in.${::hostname}", + "puppet:///files/dhcp/dhcpd.conf.in", + ], require => Package["dhcp"], } @@ -172,45 +182,8 @@ class dhcp::server::ldap inherits dhcp::server::common { path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin", command => "dhcpdump.py ${confdir}/dhcpd.conf.in* > ${confdir}/dhcpd.conf", unless => "dhcpdump.py ${confdir}/dhcpd.conf.in* | diff ${confdir}/dhcpd.conf -", - require => [ - File["dhcpd.conf.in"], - File["/usr/local/sbin/dhcpdump.py"], - Class["python"], - Class["ldap::client"], - ], + require => File["dhcpd.conf.in", "/usr/local/sbin/dhcpdump.py"], notify => Service["dhcpd"], } } - - -# Configure DHCP relay -# -# === Parameters -# -# $name: -# Relay name (can be anything). -# $interface: -# IP address for interface to listen. -# $server_addr: -# Address for DHCP server to relay requests. -# -# === Sample usage -# -# dhcp::relay { "relay0": interface => "em2", server_addr => "10.20.110.11" } -# -define dhcp::relay($interface, $server_addr) { - - service { $name: - ensure => running, - provider => "base", - hasrestart => false, - hasstatus => false, - pattern => "/usr/sbin/dhcrelay -i ${interface} ${server_addr}", - start => $::operatingsystem ? { - "openbsd" => "/usr/sbin/dhcrelay -i ${interface} ${server_addr}", - default => undef, - } - } - -} diff --git a/dhcp/templates/dhcpd.sysconfig b/dhcp/templates/dhcpd.sysconfig index f253de2..4817fe5 100644 --- a/dhcp/templates/dhcpd.sysconfig +++ b/dhcp/templates/dhcpd.sysconfig @@ -1,6 +1,6 @@ <% if @operatingsystemrelease =~ /^6\./ -%> -DHCPDARGS="-chroot ${statedir} -lf /dhcpd.leases -pf /dhcpd.pid <%= @dhcp_server_interface %>" +DHCPDARGS="-chroot ${statedir} -lf /dhcpd.leases -pf /dhcpd.pid <%= @interface %>" pidfile="${statedir}/dhcpd.pid" <% else -%> -DHCPDARGS="<%= @dhcp_server_interface %>" +DHCPDARGS="<%= @interface %>" <% end -%> From a0c2c84e0d696c194163259d58e724042520e9f9 Mon Sep 17 00:00:00 2001 From: Ossi Salmi Date: Mon, 18 Apr 2016 15:31:52 +0300 Subject: [PATCH 3/4] nginx: Merge from parameterize branch --- nginx/manifests/init.pp | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/nginx/manifests/init.pp b/nginx/manifests/init.pp index c85fcc0..3829279 100644 --- a/nginx/manifests/init.pp +++ b/nginx/manifests/init.pp @@ -1,6 +1,15 @@ # Install and configure nginx. # +# === Parameters +# +# $chroot: +# Use chroot on OpenBSD. Defaults to true. +# +# $workers: +# Number of worker processes. Defaults to $processorcount. +# class nginx( + $chroot=true, $workers=$::processorcount, ) { @@ -9,6 +18,12 @@ class nginx( $user = 'www' $group = 'www' $logdir = '/var/www/logs' + + if ! $chroot { + Service['nginx'] { + flags => '-u', + } + } } 'ubuntu': { $user = 'www-data' @@ -59,10 +74,6 @@ class nginx( service { 'nginx': ensure => running, enable => true, - start => $::operatingsystem ? { - 'openbsd' => '/usr/sbin/nginx -u', - default => undef, - }, } } From b0bec99e0c8c00ef93d7d7fc6cbfec5add2a7ea3 Mon Sep 17 00:00:00 2001 From: Ossi Salmi Date: Mon, 18 Apr 2016 15:32:47 +0300 Subject: [PATCH 4/4] Use native service provider on OpenBSD --- avahi/manifests/init.pp | 7 +- firewall/manifests/init.pp | 2 - ifstated/manifests/init.pp | 1 - inetd/manifests/init.pp | 5 +- ldap/manifests/init.pp | 4 - oidentd/manifests/init.pp | 4 - portmap/manifests/init.pp | 4 - puppet/lib/puppet/provider/service/openbsd.rb | 150 ------------------ sasl/manifests/init.pp | 4 +- smtpd/manifests/init.pp | 4 - spamassassin/manifests/init.pp | 21 ++- tftp/manifests/init.pp | 8 +- 12 files changed, 17 insertions(+), 197 deletions(-) delete mode 100644 puppet/lib/puppet/provider/service/openbsd.rb diff --git a/avahi/manifests/init.pp b/avahi/manifests/init.pp index 44a5d21..b82386d 100644 --- a/avahi/manifests/init.pp +++ b/avahi/manifests/init.pp @@ -12,10 +12,9 @@ class avahi::daemon { } if $::operatingsystem == "OpenBSD" { - service { "dbus-daemon": + service { "messagebus": ensure => running, enable => true, - start => "install -d -o _dbus -g _dbus /var/run/dbus && /usr/local/bin/dbus-daemon --system", before => Service["avahi-daemon"], } } @@ -24,10 +23,6 @@ class avahi::daemon { ensure => running, enable => true, status => "avahi-daemon -c", - start => $::operatingsystem ? { - "openbsd" => "avahi-daemon -D", - default => undef, - }, require => Package["avahi"], } diff --git a/firewall/manifests/init.pp b/firewall/manifests/init.pp index d2da3d0..7f32cc1 100644 --- a/firewall/manifests/init.pp +++ b/firewall/manifests/init.pp @@ -315,8 +315,6 @@ class firewall::ftpproxy { service { "ftpproxy": ensure => running, enable => true, - binary => "/usr/sbin/ftp-proxy", - start => "/usr/sbin/ftp-proxy", } } diff --git a/ifstated/manifests/init.pp b/ifstated/manifests/init.pp index 5142320..7efb299 100644 --- a/ifstated/manifests/init.pp +++ b/ifstated/manifests/init.pp @@ -17,7 +17,6 @@ class ifstated { service { "ifstated": ensure => running, enable => true, - binary => "/usr/sbin/ifstated", } } diff --git a/inetd/manifests/init.pp b/inetd/manifests/init.pp index 5705368..75bc03f 100644 --- a/inetd/manifests/init.pp +++ b/inetd/manifests/init.pp @@ -64,9 +64,8 @@ class inetd::server::inetd { } service { "inetd": - ensure => running, - start => "/usr/sbin/inetd", - enable => true, + ensure => running, + enable => true, } } diff --git a/ldap/manifests/init.pp b/ldap/manifests/init.pp index 8058104..d308ada 100644 --- a/ldap/manifests/init.pp +++ b/ldap/manifests/init.pp @@ -518,10 +518,6 @@ class ldap::server { service { "slapd": name => $service_name, - start => $::operatingsystem ? { - "openbsd" => "/usr/local/libexec/slapd -u _openldap -h ldap:///\\ ldaps:///\\ ldapi:///", - default => undef, - }, ensure => running, enable => true, require => Package["openldap-server"] diff --git a/oidentd/manifests/init.pp b/oidentd/manifests/init.pp index 8350651..8f260fd 100644 --- a/oidentd/manifests/init.pp +++ b/oidentd/manifests/init.pp @@ -42,10 +42,6 @@ class oidentd($config=undef) { service { "oidentd": ensure => running, enable => true, - start => $::operatingsystem ? { - "openbsd" => "/usr/local/sbin/oidentd -e -u _identd -g _identd", - default => undef, - }, } } diff --git a/portmap/manifests/init.pp b/portmap/manifests/init.pp index 771b251..cf8a5f4 100644 --- a/portmap/manifests/init.pp +++ b/portmap/manifests/init.pp @@ -47,10 +47,6 @@ class portmap::server { service { "portmap": ensure => running, name => $service, - start => $::operatingsystem ? { - "openbsd" => "/usr/sbin/portmap", - default => undef, - }, enable => true, } diff --git a/puppet/lib/puppet/provider/service/openbsd.rb b/puppet/lib/puppet/provider/service/openbsd.rb deleted file mode 100644 index f2fcd62..0000000 --- a/puppet/lib/puppet/provider/service/openbsd.rb +++ /dev/null @@ -1,150 +0,0 @@ -# Manage OpenBSD services. Enable/disable using /etc/rc.conf.local - -Puppet::Type.type(:service).provide :openbsd, :parent => :base do - - desc "OpenBSD service management." - - confine :operatingsystem => :openbsd - defaultfor :operatingsystem => :openbsd - - def rc_dir() '/etc/rc.d' end - def rcconf() '/etc/rc.conf' end - def rcconf_local() '/etc/rc.conf.local' end - - def rcscript - return File.join(rc_dir, @resource[:name]) - end - - def rcvar - name = @resource[:name] - File.open(rcconf).each do |line| - if line =~ /^#{name}(_flags)?=/ - line = line.sub(/#.*/, "") - return line.strip.split("=", 2) - end - end - nil - end - - def rcvar_local - name = @resource[:name] - if File.file?(rcconf_local) - File.open(rcconf_local).each do |line| - if line =~ /^#{name}(_flags)?=/ - line = line.sub(/#.*/, "") - return line.strip.split("=", 2) - end - end - end - nil - end - - def rcvar_name - [self.rcvar_local, self.rcvar].each do |rcvar| - return rcvar[0] unless rcvar.nil? - end - "%s_flags" % @resource[:name] - end - - def rcvar_value - [self.rcvar_local, self.rcvar].each do |rcvar| - return rcvar[1].gsub(/"?([^"]*)"?/, '\1') unless rcvar.nil? - end - nil - end - - def pkg_scripts - if File.file?(rcconf_local) - File.open(rcconf_local).each do |line| - if line =~ /^pkg_scripts=/ - return line.strip.gsub(/pkg_scripts="?([^"]*)"?/, '\1').split - end - end - end - Array.new - end - - def enabled? - name = @resource[:name] - rcvar = self.rcvar - rcvar_name = self.rcvar_name - rcvar_value = self.rcvar_value - pkg_scripts = self.pkg_scripts - if rcvar_name.end_with?("_flags") - return :false if rcvar.nil? and not pkg_scripts.include?(name) - return :false if rcvar_value.nil? or rcvar_value == "NO" - else - return :false if rcvar_value != "YES" - end - :true - end - - def enable - name = @resource[:name] - rcvar = self.rcvar - rcvar_name = self.rcvar_name - rcvar_value = "" - pkg_scripts = self.pkg_scripts - start = @resource[:start] - binary = @resource[:binary] - s = "" - if File.file?(rcconf_local) - File.open(rcconf_local).each do |line| - next if line =~ /^(#{rcvar_name}|pkg_scripts)=/ - s += line - end - end - unless start.nil? - if binary.nil? - rcvar_value = start[/^\S+\s*(.*)/, 1] - else - rcvar_value = start[/^#{binary}\s*(.*)/, 1] - end - end - if rcvar_name.end_with?("_flags") - s += "%s=\"%s\"\n" % [rcvar_name, rcvar_value] - else - s += "%s=YES\n" % rcvar_name - end - pkg_scripts << name if rcvar.nil? and not pkg_scripts.include?(name) - s += "pkg_scripts=\"%s\"\n" % pkg_scripts.join(" ") - File.open(rcconf_local, "w") { |f| f << s } - end - - def disable - name = @resource[:name] - rcvar = self.rcvar - rcvar_name = self.rcvar_name - pkg_scripts = self.pkg_scripts - s = "" - if File.file?(rcconf_local) - File.open(rcconf_local).each do |line| - next if line =~ /^(#{rcvar_name}|pkg_scripts)=/ - s += line - end - end - s += "%s=NO\n" % rcvar_name unless rcvar.nil? - pkg_scripts.delete(name) - s += "pkg_scripts=\"%s\"\n" % pkg_scripts.join(" ") - File.open(rcconf_local, "w") { |f| f << s } - end - - def startcmd - if File.exists?(self.rcscript) - [self.rcscript, :start] - end - end - - def stopcmd - if File.exists?(self.rcscript) - [self.rcscript, :stop] - end - end - - def statuscmd - if File.exists?(self.rcscript) - [self.rcscript, :check] - end - end - -end diff --git a/sasl/manifests/init.pp b/sasl/manifests/init.pp index d7c2804..259a2fb 100644 --- a/sasl/manifests/init.pp +++ b/sasl/manifests/init.pp @@ -63,7 +63,7 @@ class sasl::saslauthd { } "openbsd": { Service["saslauthd"] { - start => "/usr/local/sbin/saslauthd -a ldap", + flags => "-a ldap", } } "ubuntu": { @@ -108,7 +108,7 @@ class sasl::saslauthd { } "openbsd": { Service["saslauthd"] { - start => "/usr/local/sbin/saslauthd -a kerberos5", + flags => "-a kerberos5", } } "ubuntu": { diff --git a/smtpd/manifests/init.pp b/smtpd/manifests/init.pp index d8fefbf..9a8c11d 100644 --- a/smtpd/manifests/init.pp +++ b/smtpd/manifests/init.pp @@ -159,10 +159,6 @@ class smtpd( service { $service: ensure => running, enable => true, - start => $::operatingsystem ? { - 'openbsd' => '/usr/sbin/smtpd', - default => undef, - }, } if $listen == true or $config { diff --git a/spamassassin/manifests/init.pp b/spamassassin/manifests/init.pp index c14e5bf..63a38ed 100644 --- a/spamassassin/manifests/init.pp +++ b/spamassassin/manifests/init.pp @@ -29,18 +29,15 @@ class spamassassin::common { } service { "spamassassin": - ensure => running, - enable => true, - binary => $::operatingsystem ? { - "openbsd" => "/usr/local/bin/spamd -d", - default => undef, - }, - start => $::operatingsystem ? { - "openbsd" => "/usr/local/bin/spamd -d -c -H -m 5", - default => undef, - }, - hasstatus => true, - require => Package["spamassassin"], + ensure => running, + enable => true, + require => Package["spamassassin"], + } + + if $::operatingsystem == "OpenBSD" { + Service["spamassassin"] { + flags => "-c -H -P", + } } } diff --git a/tftp/manifests/init.pp b/tftp/manifests/init.pp index b3cc313..b99e6e4 100644 --- a/tftp/manifests/init.pp +++ b/tftp/manifests/init.pp @@ -124,11 +124,9 @@ class tftp::server { } } else { service { "tftpd": - ensure => running, - hasstatus => true, - enable => true, - start => "/usr/sbin/tftpd /tftpboot", - require => File["/tftpboot"], + ensure => running, + enable => true, + require => File["/tftpboot"], } } }