From afdc138987db8246be1f3a0948967f10c3011bb8 Mon Sep 17 00:00:00 2001
From: Steven Hardy <shardy@redhat.com>
Date: Wed, 18 Jan 2017 12:25:56 +0000
Subject: Add AuditD composable service

This patch allows the management of the AuditD service and its associated
files (such as `audit.rules`)

This is achieved by means of the `puppet-auditd` puppet module.

Also places ssh banner capabilities map on top of patch

Change-Id: Ib8bb52dde88304cb58b051bced9779c97a314d0d
Depends-On: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
---
 puppet/services/auditd.yaml | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 puppet/services/auditd.yaml

(limited to 'puppet/services/auditd.yaml')

diff --git a/puppet/services/auditd.yaml b/puppet/services/auditd.yaml
new file mode 100644
index 00000000..639631e1
--- /dev/null
+++ b/puppet/services/auditd.yaml
@@ -0,0 +1,34 @@
+heat_template_version: ocata
+
+description: >
+  AuditD configured with Puppet
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  AuditdRules:
+    description: Mapping of auditd rules
+    type: json
+    default: {}
+
+outputs:
+  role_data:
+    description: Role data for the auditd service
+    value:
+      service_name: auditd
+      config_settings:
+        auditd::rules: {get_param: AuditdRules}
+      step_config: |
+        include ::tripleo::profile::base::auditd
-- 
cgit 1.2.3-korg