diff --git a/CHANGELOG.md b/CHANGELOG.md index fd103b7..05b9e65 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,16 @@ Changelog of Git Changelog.

No issue

+c1203c268d86892 Arne Teuke 2017-09-23 16:02:57 +

+

updated documentation

+ +

+a1d795c52da9136 Jenkins Server 2017-09-23 16:01:52 +

+

recommit for updates in build 156

+ +

e6256e44f5fb204 Arne Teuke 2017-09-18 16:57:19

added service checks for nagios host including fqdn etc. so that nagios server can be treated both as nagios process and client

diff --git a/README.md b/README.md index de9508b..3007027 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ |Repo Name| version | Build Status| |---|---|---|---| -|`cd_nagios`| 0.0.1.8 | [![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=cd_nagios)](https://jenkins.confdroid.com/job/cd_nagios/)| +|`cd_nagios`| 0.0.1.9 | [![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=cd_nagios)](https://jenkins.confdroid.com/job/cd_nagios/)| ### Synopsis Nagios is a powerful open source software solution for monitoring your IT environments. diff --git a/REPOSTRUCTURE.md b/REPOSTRUCTURE.md index df385be..2538412 100644 --- a/REPOSTRUCTURE.md +++ b/REPOSTRUCTURE.md @@ -123,6 +123,7 @@ | |-- checknagios.erb | |-- checknrpe.erb | |-- statuscgi.erb +| |-- statusdat.erb | `-- taccgi.erb |-- tests | `-- UTF_Files @@ -134,4 +135,4 @@ |-- README.md `-- REPOSTRUCTURE.md -20 directories, 114 files +20 directories, 115 files diff --git a/doc/_index.html b/doc/_index.html index 0b65b1d..e5d4b53 100644 --- a/doc/_index.html +++ b/doc/_index.html @@ -281,7 +281,7 @@ diff --git a/doc/file.README.html b/doc/file.README.html index f3c5665..bea8b8b 100644 --- a/doc/file.README.html +++ b/doc/file.README.html @@ -61,7 +61,7 @@

|Repo Name| version | Build Status| |---|---|---|---| -|cd_nagios| 0.0.1.8 | cd_nagios| 0.0.1.9 | {Build Status/]|

@@ -404,7 +404,7 @@ environments.

diff --git a/doc/index.html b/doc/index.html index 6658db2..d7e7c94 100644 --- a/doc/index.html +++ b/doc/index.html @@ -61,7 +61,7 @@

|Repo Name| version | Build Status| |---|---|---|---| -|cd_nagios| 0.0.1.8 | cd_nagios| 0.0.1.9 | {Build Status/]|

@@ -404,7 +404,7 @@ environments.

diff --git a/doc/puppet_classes/cd_nagios.html b/doc/puppet_classes/cd_nagios.html index 7651997..63ca01e 100644 --- a/doc/puppet_classes/cd_nagios.html +++ b/doc/puppet_classes/cd_nagios.html @@ -139,7 +139,7 @@ class cd_nagios { diff --git a/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html b/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html index 951c97a..d5d9c38 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html +++ b/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html @@ -230,7 +230,7 @@ class cd_nagios::certbot::certs ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html b/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html index 0a66c5b..ef9449d 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html +++ b/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html @@ -384,7 +384,7 @@ class cd_nagios::client::target ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html b/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html index e0027bd..c6038f1 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html +++ b/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html @@ -207,7 +207,7 @@ class cd_nagios::firewall::iptables ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html index ceedfca..a40fda9 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html @@ -195,7 +195,7 @@ class cd_nagios::main::config ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html index 77f80bc..763106f 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html @@ -468,7 +468,7 @@ class cd_nagios::main::dirs ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html index 1bc50cd..f329a10 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html @@ -213,7 +213,7 @@ class cd_nagios::main::install ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html index 3708f19..06ea809 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html @@ -194,7 +194,7 @@ class cd_nagios::main::user ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contact_rules.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contact_rules.html index 7ce7153..4da1f11 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contact_rules.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contact_rules.html @@ -217,7 +217,7 @@ class cd_nagios::nagios::objects::add_contact_rules ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contactgroups_rules.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contactgroups_rules.html index 8173f4f..4d96856 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contactgroups_rules.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contactgroups_rules.html @@ -215,7 +215,7 @@ class cd_nagios::nagios::objects::add_contactgroups_rules ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_hostgroup_rules.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_hostgroup_rules.html index 33ea1e1..17f157d 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_hostgroup_rules.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_hostgroup_rules.html @@ -214,7 +214,7 @@ class cd_nagios::nagios::objects::add_hostgroup_rules ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_servicegroup_rules.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_servicegroup_rules.html index da27cc8..c594c3e 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_servicegroup_rules.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_servicegroup_rules.html @@ -214,7 +214,7 @@ class cd_nagios::nagios::objects::add_servicegroup_rules ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_timeperiod_rules.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_timeperiod_rules.html index 40b8f61..c2029c5 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_timeperiod_rules.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_timeperiod_rules.html @@ -222,7 +222,7 @@ class cd_nagios::nagios::objects::add_timeperiod_rules ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acommands.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acommands.html index f4909b9..25d5d24 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acommands.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acommands.html @@ -575,7 +575,7 @@ class cd_nagios::nagios::objects::commands ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aconfig.html index f8e9e0d..3c35ec6 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aconfig.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aconfig.html @@ -182,7 +182,7 @@ class cd_nagios::nagios::objects::config ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acontactgroups.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acontactgroups.html index 114ce6c..7b2126b 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acontactgroups.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acontactgroups.html @@ -237,7 +237,7 @@ class cd_nagios::nagios::objects::contactgroups ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acontacts.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acontacts.html index 3568cd9..844e3f1 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acontacts.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Acontacts.html @@ -280,7 +280,7 @@ class cd_nagios::nagios::objects::contacts ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Ahostgroups.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Ahostgroups.html index e10c4f2..277782a 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Ahostgroups.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Ahostgroups.html @@ -551,7 +551,7 @@ class cd_nagios::nagios::objects::hostgroups ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aservicegroups.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aservicegroups.html index 27ab4b1..ce1355b 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aservicegroups.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aservicegroups.html @@ -235,7 +235,7 @@ class cd_nagios::nagios::objects::servicegroups ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atemplate_rules.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atemplate_rules.html index f8fb845..995d846 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atemplate_rules.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atemplate_rules.html @@ -305,7 +305,7 @@ class cd_nagios::nagios::objects::template_rules ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atimeperiods.html b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atimeperiods.html index 9eb5533..ddd31a2 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atimeperiods.html +++ b/doc/puppet_classes/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atimeperiods.html @@ -285,7 +285,7 @@ class cd_nagios::nagios::objects::timeperiods ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Aparams.html b/doc/puppet_classes/cd_nagios_3A_3Aparams.html index a9f7dd9..6027780 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Aparams.html +++ b/doc/puppet_classes/cd_nagios_3A_3Aparams.html @@ -5294,7 +5294,8 @@ particular item.

1008 1009 1010 -1011 +1011 +1012 
# File 'manifests/params.pp', line 653
@@ -5595,6 +5596,7 @@ $ng_htpasswd_head           = 'cd_nagios/nagios/htpasswd_head.erb'
 $ng_htpasswd_rule           = 'cd_nagios/nagios/htpasswd_rule.erb'
 $ng_taccgi_erb              = 'cd_nagios/selinux/taccgi.erb'
 $ng_statcgi_erb             = 'cd_nagios/selinux/statuscgi.erb'
+$ng_statdat_erb             = 'cd_nagios/selinux/statusdat.erb'
 $ng_checknrpe_erb           = 'cd_nagios/selinux/checknrpe.erb'
 $ng_checknagios_erb         = 'cd_nagios/selinux/checknagios.erb'
 $ng_nagios_conf             = '/etc/httpd/conf.d/nagios.conf'
@@ -5665,7 +5667,7 @@ $ng_nagios_service_cmd      = 'check_nagios!/var/log/nagios/status.dat!5!/us
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
index a981483..a46dc3d 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
@@ -220,7 +220,26 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses/.

 111
 112
 113
-114
+114 +115 +116 +117 +118 +119 +120 +121 +122 +123 +124 +125 +126 +127 +128 +129 +130 +131 +132 +133 
# File 'manifests/selinux/config.pp', line 23
@@ -315,6 +334,25 @@ class cd_nagios::selinux::config (
       refreshonly =>  true,
       notify      =>  Service[$ng_service],
     }
+
+    # sealert status.dat
+
+    exec { 'create_policy_statusdat':
+      command     =>  template($ng_statdat_erb),
+      path        =>  ['/usr/bin','/usr/sbin'],
+      cwd         =>  $ng_user_home,
+      creates     =>  "${ng_user_home}/my-http.pp",
+      notify      =>  Exec['semodule_statusdat'],
+    }
+
+    exec { 'semodule_statusdat':
+      command     =>  'semodule -i my-http.pp',
+      path        =>  ['/usr/bin','/usr/sbin'],
+      cwd         =>  $ng_user_home,
+      require     =>  Exec['create_policy_statusdat'],
+      refreshonly =>  true,
+      notify      =>  Service[$ng_service],
+    }
   }
 }
@@ -324,7 +362,7 @@ class cd_nagios::selinux::config ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html index 7525db4..96d45cf 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html +++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html @@ -195,7 +195,7 @@ class cd_nagios::server::access_rules ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html index a6a0f0f..8d0e9db 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html +++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html @@ -334,7 +334,7 @@ class cd_nagios::server::files ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html index 20900d7..3141f9f 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html +++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html @@ -532,7 +532,7 @@ class cd_nagios::server::service ( diff --git a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contact.html b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contact.html index 7ccc1e0..0488984 100644 --- a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contact.html +++ b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contact.html @@ -285,7 +285,7 @@ $ng_contacts_rule_erb = $::cd_nagios::params::ng_contacts_rule_erb diff --git a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contactgroups.html b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contactgroups.html index 6368487..fd7c5c2 100644 --- a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contactgroups.html +++ b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_contactgroups.html @@ -237,7 +237,7 @@ $ng_cntctgrps_rule_erb = $::cd_nagios::params::ng_cntctgrps_rule_erb diff --git a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_hostgroups.html b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_hostgroups.html index ff9b9cc..34bf53f 100644 --- a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_hostgroups.html +++ b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_hostgroups.html @@ -245,7 +245,7 @@ $ng_tgt_hostgrp_rule_erb = $::cd_nagios::params::ng_tgt_hostgrp_rule_erb diff --git a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_servicegroups.html b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_servicegroups.html index 40964a0..6d010dd 100644 --- a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_servicegroups.html +++ b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_servicegroups.html @@ -245,7 +245,7 @@ $ng_tgt_svcgrp_rule_erb = $::cd_nagios::params::ng_tgt_svcgrp_rule_erb diff --git a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_timeperiods.html b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_timeperiods.html index 9dcae98..bfacf75 100644 --- a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_timeperiods.html +++ b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Aadd_timeperiods.html @@ -370,7 +370,7 @@ $ng_tgt_timep_rule_erb = $::cd_nagios::params::ng_tgt_timep_rule_erb diff --git a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atemplates.html b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atemplates.html index b576c2c..a344cd9 100644 --- a/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atemplates.html +++ b/doc/puppet_defined_types/cd_nagios_3A_3Anagios_3A_3Aobjects_3A_3Atemplates.html @@ -906,7 +906,7 @@ $ng_templates_rule_erb = $::cd_nagios::params::ng_templates_rule_erb diff --git a/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html b/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html index 745ac22..ef95d3e 100644 --- a/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html +++ b/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html @@ -220,7 +220,7 @@ $ng_service = $::cd_nagios::params::ng_service diff --git a/doc/top-level-namespace.html b/doc/top-level-namespace.html index caf2dad..d25c8ff 100644 --- a/doc/top-level-namespace.html +++ b/doc/top-level-namespace.html @@ -90,7 +90,7 @@ diff --git a/manifests/params.pp b/manifests/params.pp index d0da057..4958ca5 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -946,6 +946,7 @@ $ng_htpasswd_head = 'cd_nagios/nagios/htpasswd_head.erb' $ng_htpasswd_rule = 'cd_nagios/nagios/htpasswd_rule.erb' $ng_taccgi_erb = 'cd_nagios/selinux/taccgi.erb' $ng_statcgi_erb = 'cd_nagios/selinux/statuscgi.erb' +$ng_statdat_erb = 'cd_nagios/selinux/statusdat.erb' $ng_checknrpe_erb = 'cd_nagios/selinux/checknrpe.erb' $ng_checknagios_erb = 'cd_nagios/selinux/checknagios.erb' $ng_nagios_conf = '/etc/httpd/conf.d/nagios.conf' diff --git a/manifests/selinux/config.pp b/manifests/selinux/config.pp index 1820fc0..0476c27 100644 --- a/manifests/selinux/config.pp +++ b/manifests/selinux/config.pp @@ -110,5 +110,24 @@ class cd_nagios::selinux::config ( refreshonly => true, notify => Service[$ng_service], } + + # sealert status.dat + + exec { 'create_policy_statusdat': + command => template($ng_statdat_erb), + path => ['/usr/bin','/usr/sbin'], + cwd => $ng_user_home, + creates => "${ng_user_home}/my-http.pp", + notify => Exec['semodule_statusdat'], + } + + exec { 'semodule_statusdat': + command => 'semodule -i my-http.pp', + path => ['/usr/bin','/usr/sbin'], + cwd => $ng_user_home, + require => Exec['create_policy_statusdat'], + refreshonly => true, + notify => Service[$ng_service], + } } } diff --git a/templates/selinux/statusdat.erb b/templates/selinux/statusdat.erb new file mode 100644 index 0000000..7ecd4c0 --- /dev/null +++ b/templates/selinux/statusdat.erb @@ -0,0 +1 @@ +ausearch -c 'httpd' --raw | audit2allow -M my-httpd