Allow the specification of custom rules as a file or a template

NEWS

+release/001.006 (2015-03-24)
+
+    Allow the specification of custom rules as a file or a
+    template. (whm)
+
 release/001.005 (2015-02-25)
 
     Remove use of auditd message protocol.  Use syslog to send audit

manifests/auditd.pp

@@ -23,6 +23,8 @@
 #  audit::auditd { "{$::hostname}.stanford.edu": ensure => present }
 
 define audit::auditd (
+  $content             = 'NONE',
+  $source              = 'NONE',
   $client_source_port  = '650',
   $max_log_file        = 1000,
   $max_log_file_action = 'ROTATE',
@@ -47,13 +49,25 @@ define audit::auditd (
       }
 
       # What to audit
-      file {
-        '/etc/audit/audit.rules':
-          source  => "$afile/etc/audit/audit.rules",
-          require => Package['auditd'];
-        '/etc/audit/auditd.conf':
-          content => template('audit/etc/audit/auditd.conf.erb'),
-          require => Package['auditd'];
+      if $content == 'NONE' {
+        if $source == 'NONE' {
+          $src_rules = "$afile/etc/audit/audit.rules"
+        } else {
+          $src_rules = $source
+        }
+        file { '/etc/audit/audit.rules':
+          source  => $src_rules,
+          require => Package['auditd'],
+        }
+      } else {
+        file { '/etc/audit/audit.rules':
+          content => template($content),
+          require => Package['auditd'],
+        }
+      }
+      file { '/etc/audit/auditd.conf':
+        content => template('audit/etc/audit/auditd.conf.erb'),
+        require => Package['auditd'],
       }
 
       # Where to send the audit