Puppet Class: usbguard::config

Defined in:
manifests/config.pp

Summary

A short summary of the purpose of this class

Overview

usbguard::config

Examples:

this is a private class


9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'manifests/config.pp', line 9

class usbguard::config {
  $ipc_allowed_users = join($::usbguard::daemon_ipc_allowed_users, ' ')
  $ipc_allowed_groups= join($::usbguard::daemon_ipc_allowed_groups, ' ')

  $daemon_conf = @("CONTENT")
    # Managed by puppet
    RuleFile=${::usbguard::daemon_rule_file}
    ImplicitPolicyTarget=${::usbguard::daemon_implicit_policy_target}
    PresentDevicePolicy=${::usbguard::daemon_present_device_policy}
    PresentControllerPolicy=${::usbguard::daemon_present_controller_policy}
    IPCAllowedUsers=${ipc_allowed_users}
    IPCAllowedGroups=${ipc_allowed_groups}
    DeviceRulesWithPort=${::usbguard::daemon_device_rules_with_port}
    AuditFilePath=${::usbguard::daemon_audit_file_path}
    | CONTENT

  file { '/etc/usbguard/usbguard-daemon.conf':
    ensure  => 'file',
    owner   => 'root',
    group   => 'root',
    mode    => '0600',
    content => $daemon_conf,
  }

  if $::usbguard::manage_rules_file {
    # unfortunatly no comments allowed in the rules file (v0.7)
    # can't add header "Managed by puppet"
    concat { $::usbguard::daemon_rule_file:
      ensure => present,
      owner  => 'root',
      group  => 'root',
      mode   => '0600',
    }
  }
}