Puppet Class: psick::hardening::tcpwrappers

Defined in:

manifests/hardening/tcpwrappers.pp

Overview

Generic class to manage tcpwrappers

Parameters:

• hosts_allow_template (String) (defaults to: 'psick/hardening/tcpwrappers/hosts.allow.erb') —

  The erb template (as used in template()) to use to manage the content of /etc/hosts.allow Set it to an empty string to avoid to manage it.

• hosts_deny_template (String) (defaults to: 'psick/hardening/tcpwrappers/hosts.deny.erb') —

  The erb template (as used in template()) to use to manage the content of /etc/hosts.deny Set it to an empty string to avoid to manage it.

• manage (Boolean) (defaults to: $psick::manage)
• noop_manage (Boolean) (defaults to: $psick::noop_manage)
• noop_value (Boolean) (defaults to: $psick::noop_value)

# File 'manifests/hardening/tcpwrappers.pp', line 10

class psick::hardening::tcpwrappers (
  String $hosts_allow_template = 'psick/hardening/tcpwrappers/hosts.allow.erb',
  String $hosts_deny_template  = 'psick/hardening/tcpwrappers/hosts.deny.erb',
  Boolean $manage              = $psick::manage,
  Boolean $noop_manage         = $psick::noop_manage,
  Boolean $noop_value          = $psick::noop_value,
) {
  if $manage {
    if $noop_manage {
      noop($noop_value)
    }
    if $hosts_allow_template != '' {
      file { '/etc/hosts.allow':
        ensure  => file,
        mode    => '0644',
        owner   => 'root',
        group   => 'root',
        content => template($hosts_allow_template),
      }
    }

    if $hosts_deny_template != '' {
      file { '/etc/hosts.deny':
        ensure  => file,
        mode    => '0644',
        owner   => 'root',
        group   => 'root',
        content => template($hosts_deny_template),
      }
    }
  }
}