2aca8287dc
This patch adds a task and handlers for enabling the audit daemon during the boot sequence to comply with V-38438. Deployers have the option to opt-out of the entire change, or they can apply the change without updating the active grub.cfg file. Change-Id: Ia8702b8439a5993516397363b21356f1216be403
39 lines
1.2 KiB
YAML
39 lines
1.2 KiB
YAML
---
|
|
# Copyright 2016, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# Configuration file paths
|
|
pam_auth_file: /etc/pam.d/system-auth
|
|
pam_password_file: /etc/pam.d/password-auth
|
|
vsftpd_conf_file: /etc/vsftpd/vsftpd.conf
|
|
grub_conf_file: /boot/grub2/grub.cfg
|
|
aide_cron_job_path: /etc/cron.d/aide
|
|
aide_database_file: /var/lib/aide/aide.db.gz
|
|
|
|
# Package names
|
|
auditd_pkg: audit
|
|
ldap_server_pkg: openldap-servers
|
|
telnet_server_pkg: telnet-server
|
|
tftp_pkg: tftp-server
|
|
xserver_pkg: xorg-x11-server-Xorg
|
|
ypserv_pkg: ypserv
|
|
|
|
# Service names
|
|
cron_service: crond
|
|
ssh_service: sshd
|
|
chrony_service: chronyd
|
|
|
|
# Commands
|
|
grub_update_cmd: "grub2-mkconfig -o /boot/grub/grub.conf"
|