Commit da647e68 authored by Bill MacAllister's avatar Bill MacAllister
Browse files

Add base::noipmi

This allows "odd" machines to suppress loading ipmi support and
running the exec that disables cipher zero.
parent 53c51952
release/003.033 (2014-08-31)
Add base::noipmi. This allows "odd" machines to suppress loading ipmi
support and running the exec that disables cipher zero. (whm)
release/003.032 (2014-08-27)
Remove yuelu from filter syslog exceptions. (whm)
......
# ipmi class to load ipmi client modules except on VMware platforms
# base::ipmi and base::noipmi
#
# ipmi classes to load, and suppress loading, ipmi client modules.
# Loading of ipmi is automatically suppressed on VMware platforms.
class base::ipmi {
......@@ -94,9 +97,23 @@ class base::ipmi {
# Disable cipher zero. Some IPMI report the ciphers backwards so we work
# around it. Puppet 2.6.3 doesn't support provider param for exec.
# Working around it.
# Working around it. The signal file /etc/noipmi allows this execution to
# be suppressed on systems that don't have ipmi.
exec { 'ipmitool lan set 1 cipher_privs XaaaaaaaaaaaaaX':
unless => 'bash -c \'if ! `ipmitool lan print | grep -q "Cipher Suite Priv Max : Not Available"`; then ipmitool lan print | grep "Cipher Suite Priv Max" | cut -d: -f2 | egrep -q "^ XaaaaaaaaaaaaaX"; fi\'',
unless => 'bash -c \'if [ ! -e /etc/noipmi ] && ! `ipmitool lan print | grep -q "Cipher Suite Priv Max : Not Available"`; then ipmitool lan print | grep "Cipher Suite Priv Max" | cut -d: -f2 | egrep -q "^ XaaaaaaaaaaaaaX"; fi\'',
}
}
}
class base::noipmi inherits base::ipmi {
Base::Os::Kernel-module['ipmi_si'] { ensure => absent }
Base::Os::Kernel-module['ipmi_devintf'] { ensure => absent }
File['/etc/default/ipmievd'] { ensure => absent }
Service['ipmievd'] { ensure => stopped }
file { '/etc/noipmi':
mode => '0644',
content => "ipmi is not supported on this system\n",
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment