Puppet Class: auditd

Inherited by:
auditd::audisp
Defined in:
manifests/init.pp

Summary

audit daemon

Overview

Parameters:

  • buffer_size (Integer) (defaults to: 8192)

    The buffer size to use

  • failure_mode (Integer) (defaults to: 1)

    The failure mode (defaults to printing failure message)

  • immutable (Boolean) (defaults to: false)

    Set if the configuration should be immutable

  • dir (Stdlib::Absolutepath) (defaults to: '/etc/audit')

    The auditd configuration directory path (e.g. /etc/audit)

  • mode (Stdlib::Filemode) (defaults to: '0750')

    The auditd configuration directory mode

  • owner (Variant[String[1], Integer]) (defaults to: 0)

    The auditd configuration directory owner

  • group (Variant[String[1], Integer]) (defaults to: 0)

    The auditd configuration directory group

  • config (Auditd::Conf) (defaults to: {})

    auditd.conf configuration hash

  • config_path (Stdlib::Absolutepath) (defaults to: '/etc/audit/auditd.conf')

    auditd.conf configuration filepath (e.g. /etc/audit/auditd.conf)

  • config_mode (Stdlib::Filemode) (defaults to: '0600')

    The configurtion file mode

  • config_owner (Variant[String[1], Integer]) (defaults to: 0)

    The configurtion file mode owner

  • config_group (Variant[String[1], Integer]) (defaults to: 0)

    The configurtion file mode group

  • package_name (String[1]) (defaults to: 'auditd')

    The package name to use

  • package_ensure (String) (defaults to: 'installed')

    The package state to set

  • package_manage (Boolean) (defaults to: true)

    If the auditd package should be managed

  • service_enable (Boolean) (defaults to: true)

    The service enable state

  • service_name (String[1]) (defaults to: 'auditd')

    The service name to use

  • service_ensure (Stdlib::Ensure::Service) (defaults to: 'running')

    The service ensure state

  • service_manage (Boolean) (defaults to: true)

    If the auditd service should be managed

  • service_override (Optional[String]) (defaults to: undef)

    auditd service override content

  • plugin_dir (Stdlib::Absolutepath) (defaults to: '/etc/audit/plugins.d')

    The plugin directory path to manage

  • plugin_dir_mode (Stdlib::Filemode) (defaults to: '0750')

    The plugin directory mode

  • plugin_dir_owner (Variant[String[1], Integer]) (defaults to: 0)

    The plugin directory owner

  • plugin_dir_group (Variant[String[1], Integer]) (defaults to: 0)

    The plugin directory group

  • plugins (Hash[String, Auditd::Plugins]) (defaults to: {})

    Hash of auditd plugin configuration files to create

  • rules_dir (Stdlib::Absolutepath) (defaults to: '/etc/audit/rules.d')

    The rules directory path to manage

  • rules_dir_mode (Stdlib::Filemode) (defaults to: '0750')

    The rules directory mode

  • rules_dir_owner (Variant[String[1], Integer]) (defaults to: 0)

    The rules directory owner

  • rules_dir_group (Variant[String[1], Integer]) (defaults to: 0)

    The rules directory group

  • rules_file (Stdlib::Absolutepath) (defaults to: '/etc/audit/rules.d/audit.rules')

    The rules filepath

  • rules_file_mode (Stdlib::Filemode) (defaults to: '0600')

    The rules file mode

  • rules_file_owner (Variant[String[1], Integer]) (defaults to: 0)

    The rules file owner

  • rules_file_group (Variant[String[1], Integer]) (defaults to: 0)

    The rules file group

  • rules (Hash[String, Auditd::Rules]) (defaults to: {})

    Hash of auditd rules to set

Author:

  • Dan Gibbs <dev@dangibbs.co.uk>



107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
 
# File 'manifests/init.pp', line 107

class auditd (
  Integer $buffer_size                             = 8192,
  Integer $failure_mode                            = 1,
  Boolean $immutable                               = false,
  Stdlib::Absolutepath $dir                        = '/etc/audit',
  Stdlib::Filemode $mode                           = '0750',
  Variant[String[1], Integer] $owner               = 0,
  Variant[String[1], Integer] $group               = 0,
  Auditd::Conf $config                             = {},
  Stdlib::Absolutepath $config_path                = '/etc/audit/auditd.conf',
  Stdlib::Filemode $config_mode                    = '0600',
  Variant[String[1], Integer] $config_owner        = 0,
  Variant[String[1], Integer] $config_group        = 0,
  String[1] $package_name                          = 'auditd',
  String $package_ensure                           = 'installed',
  Boolean $package_manage                          = true,
  Boolean $service_enable                          = true,
  String[1] $service_name                          = 'auditd',
  Stdlib::Ensure::Service $service_ensure          = 'running',
  Boolean $service_manage                          = true,
  Optional[String] $service_override               = undef,
  Stdlib::Absolutepath $plugin_dir                 = '/etc/audit/plugins.d',
  Stdlib::Filemode $plugin_dir_mode                = '0750',
  Variant[String[1], Integer] $plugin_dir_owner    = 0,
  Variant[String[1], Integer] $plugin_dir_group    = 0,
  Hash[String, Auditd::Plugins] $plugins           = {},
  Stdlib::Absolutepath $rules_dir                  = '/etc/audit/rules.d',
  Stdlib::Filemode $rules_dir_mode                 = '0750',
  Variant[String[1], Integer] $rules_dir_owner     = 0,
  Variant[String[1], Integer] $rules_dir_group     = 0,
  Stdlib::Absolutepath $rules_file                 = '/etc/audit/rules.d/audit.rules',
  Stdlib::Filemode $rules_file_mode                = '0600',
  Variant[String[1], Integer] $rules_file_owner    = 0,
  Variant[String[1], Integer] $rules_file_group    = 0,
  Hash[String, Auditd::Rules] $rules               = {},
) {
  contain auditd::package
  contain auditd::config
  contain auditd::service

  Class['auditd::package']
  -> Class['auditd::config']
  -> Class['auditd::service']

  $rules.each |$name, $parameters| {
    auditd::rule { $name:
      * => $parameters,
    }
  }

  $plugins.each |$name, $parameters| {
    auditd::plugin { $name:
      * => $parameters,
    }
  }
}