Adds service for managing securetty

This adds the ability to manage the securetty file. By allowing management of securetty, operators can limit root console access and improve security through hardening. Change-Id: I0767c9529b40a721ebce1eadc2dea263e0a5d4d7 Partial-Bug: #1665042 Depends-On: Ic4647fb823bd112648c5b8d102913baa8b4dac1c
author: lhinds <lhinds@redhat.com> 2017-03-23 13:41:42 +0000
committer: lhinds <lhinds@redhat.com> 2017-04-06 13:30:50 +0100
commit: 99455380692f233f64c7fb68eb8a11105d39f5ac (patch)
tree: 70987a55443cf1cb176c039d900fb82fd69360bd /environments
parent: cd6128d0a54989926709f42b7be80bf5daba2f8f (diff)
2 files changed, 13 insertions, 0 deletions
diff --git a/environments/hyperconverged-ceph.yaml b/environments/hyperconverged-ceph.yaml
index 8f74ec35..7b778aad 100644
--- a/environments/hyperconverged-ceph.yaml
+++ b/environments/hyperconverged-ceph.yaml
@@ -13,6 +13,7 @@ parameter_defaults:
     - OS::TripleO::Services::Ntp
     - OS::TripleO::Services::Snmp
     - OS::TripleO::Services::Sshd
+    - OS::TripleO::Services::Securetty
     - OS::TripleO::Services::NovaCompute
     - OS::TripleO::Services::NovaLibvirt
     - OS::TripleO::Services::Kernel
diff --git a/environments/securetty.yaml b/environments/securetty.yaml
new file mode 100644
index 00000000..cdadf376
--- /dev/null
+++ b/environments/securetty.yaml
@@ -0,0 +1,12 @@
+resource_registry:
+  OS::TripleO::Services::Securetty: ../puppet/services/securetty.yaml
+
+parameter_defaults:
+  TtyValues:
+    - console
+    - tty1
+    - tty2
+    - tty3
+    - tty4
+    - tty5
+    - tty6
author	lhinds <lhinds@redhat.com>	2017-03-23 13:41:42 +0000
committer	lhinds <lhinds@redhat.com>	2017-04-06 13:30:50 +0100
commit	99455380692f233f64c7fb68eb8a11105d39f5ac (patch)
tree	70987a55443cf1cb176c039d900fb82fd69360bd /environments
parent	cd6128d0a54989926709f42b7be80bf5daba2f8f (diff)