quiet you

author Stephen Gran <steve@lobefin.net>

Thu, 5 Apr 2012 12:09:55 +0000 (13:09 +0100)

committer Stephen Gran <steve@lobefin.net>

Thu, 5 Apr 2012 12:09:55 +0000 (13:09 +0100)
author Stephen Gran <steve@lobefin.net>
Thu, 5 Apr 2012 12:09:55 +0000 (13:09 +0100)
committer Stephen Gran <steve@lobefin.net>
Thu, 5 Apr 2012 12:09:55 +0000 (13:09 +0100)
diff --git a/modules/debian-org/manifests/init.pp b/modules/debian-org/manifests/init.pp

index 30998c35b35bf4928a1ebcf19a4c418156f57bd4..554c083489db78958e58c607ad6ddb0cf49bf482 100644 (file)
--- a/modules/debian-org/manifests/init.pp
+++ b/modules/debian-org/manifests/init.pp
@@ -8,13 +8,19 @@ class debian-org {
                 'paravoid@debian.org'
         ]
  
+       package { [
+                       'klogd',
+                       'sysklogd',
+                       'rsyslog',
+               ]:
+                       ensure => purged,
+       }
         package { [
                         'apt-utils',
                         'bash-completion',
                         'debian.org',
                         'dnsutils',
                         'dsa-munin-plugins',
-                       'klogd',
                         'less',
                         'lsb-release',
                         'libfilesystem-ruby1.8',
@@ -22,8 +28,6 @@ class debian-org {
                         'mtr-tiny',
                         'nload',
                         'pciutils',
-                       'rsyslog',
-                       'sysklogd',
                 ]:
                         ensure => installed,
         }
@@ -131,8 +135,8 @@ class debian-org {
                 require => Package['debian.org']
         }
  
-  # set mmap_min_addr to 4096 to mitigate
-  # Linux NULL-pointer dereference exploits
+       # set mmap_min_addr to 4096 to mitigate
+       # Linux NULL-pointer dereference exploits
         site::sysctl { 'mmap_min_addr':
                 key   => 'vm.mmap_min_addr',
                 value => '4096',
diff --git a/modules/ferm/manifests/init.pp b/modules/ferm/manifests/init.pp

index 44872de480c73198ddf799c7acf675f43da67b39..2ad975073281b59005f5357b4b20a07b9a773062 100644 (file)
--- a/modules/ferm/manifests/init.pp
+++ b/modules/ferm/manifests/init.pp
@@ -37,6 +37,7 @@ class ferm {
         }
         file { '/etc/ferm/dsa.d':
                 ensure => directory,
+               mode   => '0555',
                 purge   => true,
                 force   => true,
                 recurse => true,
@@ -44,11 +45,13 @@ class ferm {
         }
         file { '/etc/ferm/conf.d':
                 ensure => directory,
+               mode   => '0555',
         }
         file { '/etc/default/ferm':
                 source  => 'puppet:///modules/ferm/ferm.default',
                 require => Package['ferm'],
                 notify  => Service['ferm'],
+               mode    => '0444',
         }
         file { '/etc/ferm/ferm.conf':
                 source  => 'puppet:///modules/ferm/ferm.conf',
@@ -63,7 +66,8 @@ class ferm {
                 content => template('ferm/interfaces.conf.erb'),
         }
         file { '/etc/logrotate.d/ulogd':
-               source => 'puppet:///modules/ferm/logrotate-ulogd',
+               source  => 'puppet:///modules/ferm/logrotate-ulogd',
+               mode    => '0444',
                 require => Package['debian.org'],
         }
  
diff --git a/modules/named/manifests/geodns.pp b/modules/named/manifests/geodns.pp

index 1dd571137d28311a11ef93c83a627a896eec092d..b12593dac8b139cc42c0ae36197ef2a329ecf7fe 100644 (file)
--- a/modules/named/manifests/geodns.pp
+++ b/modules/named/manifests/geodns.pp
@@ -9,11 +9,14 @@ class named::geodns inherits named {
  
         file { '/etc/bind/':
                 ensure  => directory,
+               group  => bind,
+               mode   => '2755',
                 require => Package['bind9'],
                 notify  => Service['bind9'],
         }
         file { '/etc/bind/geodns':
                 ensure => directory,
+               mode   => '0755',
         }
         file { '/etc/bind/named.conf.options':
                 content => template('named/named.conf.options.erb'),
@@ -28,12 +31,13 @@ class named::geodns inherits named {
                 ensure => directory,
                 owner  => geodnssync,
                 group  => geodnssync,
-               mode   => '0755',
+               mode   => '2755',
         }
         file { '/etc/bind/geodns/named.conf.geo':
                 source => 'puppet:///modules/named/common/named.conf.geo',
         }
         file { '/etc/bind/geodns/trigger':
+               mode   => '0555',
                 source => 'puppet:///modules/named/common/trigger',
         }
         file { '/etc/ssh/userkeys/geodnssync':
diff --git a/modules/ntp/manifests/client.pp b/modules/ntp/manifests/client.pp

index aa877a1a0c2e2b1b45f212c0f10c714e302fdaf2..6e8765c44fe00ba4d747317b66b9363e056bf3cd 100644 (file)
--- a/modules/ntp/manifests/client.pp
+++ b/modules/ntp/manifests/client.pp
@@ -4,11 +4,6 @@ class ntp::client {
                 require => Package['ntp'],
                 notify  => Service['ntp']
         }
-       file { '/etc/ntp.keys.d/':
-               ensure  => directory,
-               require => Package['ntp'],
-               notify  => Service['ntp']
-       }
         file { '/etc/ntp.keys.d/ntpkey_iff_merikanto':
                 source => 'puppet:///modules/ntp/ntpkey_iff_merikanto.pub',
         }
diff --git a/modules/ntp/manifests/init.pp b/modules/ntp/manifests/init.pp

index 26aa2d4f8fcb5ccd7168f5a9b0e3ee248f7621fa..35f0669d076751702aaef4887f83b5b45835894b 100644 (file)
--- a/modules/ntp/manifests/init.pp
+++ b/modules/ntp/manifests/init.pp
@@ -25,14 +25,14 @@ class ntp {
         file { '/etc/ntp.conf':
                 content => template('ntp/ntp.conf'),
                 notify  => Service['ntp'],
-               require => Package['ntp']
+               require => Package['ntp'],
         }
         file { '/etc/ntp.keys.d':
                 ensure  => directory,
-               group   => ntp,
+               group   => 'ntp',
                 mode    => '0750',
                 notify  => Service['ntp'],
-               require => Package['ntp']
+               require => Package['ntp'],
         }
  
         if getfromhash($site::nodeinfo, 'timeserver') {
diff --git a/modules/samhain/manifests/init.pp b/modules/samhain/manifests/init.pp

index cfee73e10bb9602fecf9b72d3acc76d027fd780c..c373ed04ec01e8a9486b5605abf7e71466f7c5d3 100644 (file)
--- a/modules/samhain/manifests/init.pp
+++ b/modules/samhain/manifests/init.pp
@@ -6,6 +6,8 @@ class samhain {
  
         service { 'samhain':
                 ensure => running
+               hasstatus => false,
+               pattern   => 'samhain',
         }
  
         file { '/etc/samhain/samhainrc':
diff --git a/modules/syslog-ng/manifests/init.pp b/modules/syslog-ng/manifests/init.pp

index 36704e2083eb02bce55d4aa70cffe9b1f05fe429..5b5518b7d107868bb18ec71d3b78e3c253b514e5 100644 (file)
--- a/modules/syslog-ng/manifests/init.pp
+++ b/modules/syslog-ng/manifests/init.pp
@@ -5,6 +5,8 @@ class syslog-ng {
  
         service { 'syslog-ng':
                 ensure => running
+               hasstatus => false,
+               pattern   => 'syslog-ng',
         }
  
         file { '/etc/syslog-ng/syslog-ng.conf':
diff --git a/modules/unbound/manifests/init.pp b/modules/unbound/manifests/init.pp

index 9a110df2fd5597eee7f910d729218a59062865de..13a6adba300df218760430c870ad5c67fa625c70 100644 (file)
--- a/modules/unbound/manifests/init.pp
+++ b/modules/unbound/manifests/init.pp
@@ -6,6 +6,8 @@ class unbound {
  
         service { 'unbound':
                 ensure => running,
+               hasstatus => false,
+               pattern   => 'unbound',
         }
  
         file { '/var/lib/unbound':
author	Stephen Gran <steve@lobefin.net>
	Thu, 5 Apr 2012 12:09:55 +0000 (13:09 +0100)
committer	Stephen Gran <steve@lobefin.net>
	Thu, 5 Apr 2012 12:09:55 +0000 (13:09 +0100)
modules/debian-org/manifests/init.pp		patch \| blob \| history
modules/ferm/manifests/init.pp		patch \| blob \| history
modules/named/manifests/geodns.pp		patch \| blob \| history
modules/ntp/manifests/client.pp		patch \| blob \| history
modules/ntp/manifests/init.pp		patch \| blob \| history
modules/samhain/manifests/init.pp		patch \| blob \| history
modules/syslog-ng/manifests/init.pp		patch \| blob \| history
modules/unbound/manifests/init.pp		patch \| blob \| history