Puppet Class: auditd::audisp

Inherits:

auditd

Defined in:

manifests/audisp.pp

Summary

audit event dispatcher

Overview

Parameters:

• dir (Stdlib::Absolutepath) (defaults to: '/etc/audisp') —

  The auditd configuration directory path

• mode (Stdlib::Filemode) (defaults to: '0750') —

  The auditd configuration directory mode

• owner (Variant[String[1], Integer]) (defaults to: 0) —

  The auditd configuration directory owner

• group (Variant[String[1], Integer]) (defaults to: 0) —

  The auditd configuration directory group

• config (Auditd::Audisp::Conf) (defaults to: {}) —

  audispd.conf configuration hash

• config_path (Stdlib::Absolutepath) (defaults to: '/etc/audisp/audispd.conf') —

  audispd.conf file path

• config_mode (Stdlib::Filemode) (defaults to: '0600') —

  audispd.conf file mode

• config_owner (Variant[String[1], Integer]) (defaults to: 0) —

  audispd.conf file owner

• config_group (Variant[String[1], Integer]) (defaults to: 0) —

  audispd.conf file group

• package_name (String[1]) (defaults to: 'audispd-plugins') —

  The audisp plugins package name

• package_ensure (String) (defaults to: 'installed') —

  The package state to set

• package_manage (Boolean) (defaults to: true) —

  If the audisp plugin package should be managed

• plugin_dir (Stdlib::Absolutepath) (defaults to: '/etc/audisp/plugins.d') —

  The plugin directory path to manage

• plugin_dir_mode (Stdlib::Filemode) (defaults to: '0750') —

  The plugin directory mode

• plugin_dir_owner (Variant[String[1], Integer]) (defaults to: 0) —

  The plugin directory owner

• plugin_dir_group (Variant[String[1], Integer]) (defaults to: 0) —

  The plugin directory group

• plugins (Hash[String, Auditd::Plugins]) (defaults to: {}) —

  Hash of audisp plugin configuration files to create

Author:

• Dan Gibbs <dev@dangibbs.co.uk>

# File 'manifests/audisp.pp', line 56

class auditd::audisp (
  Stdlib::Absolutepath $dir                        = '/etc/audisp',
  Stdlib::Filemode $mode                           = '0750',
  Variant[String[1], Integer] $owner               = 0,
  Variant[String[1], Integer] $group               = 0,
  Auditd::Audisp::Conf $config                     = {},
  Stdlib::Absolutepath $config_path                = '/etc/audisp/audispd.conf',
  Stdlib::Filemode $config_mode                    = '0600',
  Variant[String[1], Integer] $config_owner        = 0,
  Variant[String[1], Integer] $config_group        = 0,
  String[1] $package_name                          = 'audispd-plugins',
  String $package_ensure                           = 'installed',
  Boolean $package_manage                          = true,
  Stdlib::Absolutepath $plugin_dir                 = '/etc/audisp/plugins.d',
  Stdlib::Filemode $plugin_dir_mode                = '0750',
  Variant[String[1], Integer] $plugin_dir_owner    = 0,
  Variant[String[1], Integer] $plugin_dir_group    = 0,
  Hash[String, Auditd::Plugins] $plugins           = {},
) inherits auditd {
  if $package_manage {
    package { $package_name:
      ensure => $package_ensure,
    }
  }

  if $dir != $auditd::dir {
    file { $dir:
      ensure => directory,
      owner  => $owner,
      group  => $group,
      mode   => $mode,
    }
  }

  if $plugin_dir != $auditd::plugin_dir {
    file { $plugin_dir:
      ensure => directory,
      owner  => $plugin_dir_owner,
      group  => $plugin_dir_group,
      mode   => $plugin_dir_mode,
    }
  }

  if $config_path != $auditd::config_path {
    file { $config_path:
      ensure  => file,
      owner   => $config_owner,
      group   => $config_group,
      mode    => $config_mode,
      content => epp('auditd/audisp.conf.epp', {
          config => $config,
      }),
    }
  }

  file { '/sbin/audispd':
    ensure => file,
    mode   => '0750',
  }

  $plugins.each |$name, $parameters| {
    auditd::plugin { $name:
      *           => $parameters,
      plugin_type => 'audisp',
    }
  }
}