confdroid/confdroid_nagios
3
0
Fork 0
Code Issues Projects Wiki Activity

added selinux policy for checknrpe

Browse Source
This commit is contained in:
Arne Teuke
2017-07-30 15:40:07 +01:00
parent 4154041de6
commit cf807acd56
3 changed files with 24 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
manifests/params.pp
View File

@@ -703,7 +703,7 @@ $ng_u_comment = 'Nagios service user',
$ng_u_uid = '1004',
$ng_user_home = '/var/spool/nagios',
$ng_u_groups = undef,
$ng_user_shell = '/sbin/nologin',
$ng_user_shell = '/bin/bash',
# cgi settings
$ng_context_help = '1',
@@ -937,6 +937,7 @@ $ng_htpasswd_head = 'cd_nagios/nagios/htpasswd_head.erb'
$ng_htpasswd_rule = 'cd_nagios/nagios/htpasswd_rule.erb'
$ng_taccgi_erb = 'cd_nagios/selinux/taccgi.erb'
$ng_statcgi_erb = 'cd_nagios/selinux/statuscgi.erb'
$ng_checknrpe_erb = 'cd_nagios/selinux/checknrpe.erb'
$ng_nagios_conf = '/etc/httpd/conf.d/nagios.conf'
$ng_nagios_conf_erb = 'cd_nagios/httpd/nagios_conf.erb'
$ng_welcome_conf = '/etc/httpd/conf.d/welcome.conf'
@@ -992,8 +993,6 @@ $ng_cntctgrps_rule_erb = 'cd_nagios/nagios/contactgroups_cfg_rule.erb'
$ng_target_command = "${ng_conf_d_dir}/nagios_commands_base.cfg"
$ng_nagios_service_cmd = 'check_nagios!/var/log/nagios/status.dat!5!/usr/sbin/nagios'
# nrpe
$ng_nrpe_file = "${ng_main_dir}/nrpe.cfg"
# includes must be last

21
manifests/selinux/config.pp
View File

@@ -73,5 +73,26 @@ class cd_nagios::selinux::config (
refreshonly => true,
notify => Service[$ng_service],
}
# sealert check_nrpe
exec { 'create_policy_checknrpe':
command => template($ng_checknrpe_erb),
path => ['/usr/bin','/usr/sbin'],
cwd => $ng_user_home,
creates => "${ng_user_home}/my-checknrpe.pp",
notify => Exec['semodule_checknrpe'],
}
exec { 'semodule_checknrpe':
command => 'semodule -i my-checknrpe.pp',
path => ['/usr/bin','/usr/sbin'],
cwd => $ng_user_home,
require => Exec['create_policy_checknrpe'],
refreshonly => true,
notify => Service[$ng_service],
}
}
}