Puppet Class: auditd

Inherited by:: auditd::config
auditd::install
auditd::service

Defined in:: manifests/init.pp

Summary

Manage auditd service, configuration and rules.

Overview

This will ensure that the auditd package is installed, deploy an auditd.conf file and an auditd.rules file. The config is built from a default config hash stored in module Hiera with over-rides being passed in via the $auditd_conf parameter. Rules will use the default set in module Hiera unless an array of rules is passed in via $auditd_rules, which will replace the default ruleset.

Examples:

include auditd

Parameters:

service_manage (Boolean) —

Specify whether to manage the auditd service with Puppet. Default value: true
service_ensure (String) —

Specify the auditd service desired state. Default value: ‘running’
service_enable (Boolean) —

Specify whether or not to enable the auditd service to run at startup. Default value: true
service_name (String) —

The name for the auditd service. Default value: ‘auditd’
service_hasstatus (Boolean) —

Specify whether the auditd service supports the status command. Default value: true
service_hasrestart (Boolean) —

Specify whether the auditd service support the restart command. Default value: true
package_name (String) —

Name of the auditd package to install. Default value: ‘auditd’
package_ensure (String) —

Package ‘ensure’ value. Can be used to specifiy a specific version if required. Default value: ‘present’
auditd_file (String) —

Location of the auditd config file. Default value: ‘/etc/audit/auditd.conf’
auditd_file_ensure (String) —

Ensure state of the auditd config file. Default value: file
auditd_file_owner (String) —

Owner of the auditd config file. Default value: ‘root’
auditd_file_group (String) —

Group for the auditd config file. Default value: ‘root’
auditd_file_mode (String) —

Permissions for the auditd config file. Default value: ‘0640’
auditd_rules_file (String) —

Location of the auditd rules file. Default value: ‘/etc/audit/auditd.rules’
auditd_rules_file_ensure (String) —

Ensure state of the auditd rules file. Default value: file
auditd_rules_file_owner (String) —

Owner of the auditd rules file. Default value: ‘root’
auditd_rules_file_group (String) —

Group for the auditd rules file. Default value: ‘root’
auditd_rules_file_mode (String) —

Permissions for the auditd rules file. Default value: ‘0640’
auditd_rules (Array) —

Array of rules to place in the auditd.rules file. Default value is found in in-module Hiera data. If any values are passed in via this parameter, they will take precedence and no default rules will be applied.
auditd_buffer (String) (defaults to: '8192') —

Size of the auditd buffer. Default value ‘8192’
auditd_conf (Hash) (defaults to: {}) —

Hash of auditd config entries as key:value pairs. Default value is found in in-module Hiera data. If any values are passed in via this paramter, they will NOT wipe out the defaults. If a key matches one in the default hash, it will overwrite the value for that key. If a key is not found in the default hash, it will be added to the default set.

# File 'manifests/init.pp', line 81

class auditd (
  Boolean $service_manage,
  String $service_ensure,
  Boolean $service_enable,
  String $service_name,
  Boolean $service_hasstatus,
  Boolean $service_hasrestart,
  String $package_name,
  String $package_ensure,
  String $auditd_file,
  String $auditd_file_ensure,
  String $auditd_file_owner,
  String $auditd_file_group,
  String $auditd_file_mode,
  String $auditd_rules_file,
  String $auditd_rules_file_ensure,
  String $auditd_rules_file_owner,
  String $auditd_rules_file_group,
  String $auditd_rules_file_mode,
  Array  $auditd_rules,
  String $auditd_buffer = '8192',
  Hash   $auditd_conf = {},
) {
  $_conf = lookup('auditd::conf') + $auditd_conf

  contain auditd::install
  contain auditd::config
  contain auditd::service

  Class['auditd::install']
  -> Class['auditd::config']
  ~> Class['auditd::service']
}