Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#
# Rules specific to Red Hat systems. Try to keep this rule set to an
# absolute minimum. Part of the goal of Puppet is to make our systems
# look as similar as possible given the inherent differences between the
# distributions, and that means that changes should be wrapped in
# conceptual packages that do equivalent things on both distributions.
# The newsyslog module provides the /etc/filter-syslog directory, which we
# need to install rules.
class base::os::redhat {
include base::newsyslog,
base::rpm
package {
'emacs-nox': ensure => present;
'kstart':
ensure => present,
require => Base::Rpm::Import['stanford-rpmkey'];
'libxml2': ensure => present; # needed for dell firmware updates
'mailx': ensure => present;
'procmail': ensure => present; # needed for dell firmware updates
}
base::rpm::import { 'stanford-rpmkey':
url => 'http://yum.stanford.edu/STANFORD-GPG-KEY',
signature => 'gpg-pubkey-af476543-44720559';
}
case $::lsbmajdistrelease {
# RHEL4
'4': {
base::rpm::import { 'redhat-rpmkey':
url => '/usr/share/rhn/RPM-GPG-KEY',
signature => 'gpg-pubkey-db42a60e-37ea5438';
}
package {
'kernel-utils': ensure => present;
'slocate': ensure => present;
}
}
# RHEL5 & 6
default: {
base::rpm::import { 'redhat-rpmkey':
url => '/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release',
signature => $::lsbmajdistrelease ? {
'5' => 'gpg-pubkey-37017186-45761324',
'6' => 'gpg-pubkey-fd431d51-4ae0493b',
};
}
base::rpm::import { 'dag-rpmkey':
url =>
'/usr/share/doc/rpmforge-release-0.3.6/RPM-GPG-KEY-rpmforge-dag',
signature => 'gpg-pubkey-6b8d79e6-3f49313d';
}
package {
'mlocate': ensure => present;
}
}
}
# RHEL4 and 5 need links to krb utils
case $::lsbmajdistrelease {
'4','5': {
file {
'/usr/bin/kinit':
ensure => link,
target => '/usr/kerberos/bin/kinit';
'/usr/bin/kdestroy':
ensure => link,
target => '/usr/kerberos/bin/kdestroy';
'/usr/bin/ksu':
ensure => link,
target => '/usr/kerberos/bin/ksu';
}
}
# RHEL6 just needs a link for fdformat since it moved to /usr/sbin
'6': {
file { '/usr/bin/fdformat':
ensure => link,
target => '/usr/sbin/fdformat';
}
}
default: {}
}
file {
'/etc/filter-syslog/redhat':
source => 'puppet:///modules/base/os/etc/filter-syslog/redhat',
require => Package['filter-syslog'];
'/etc/profile.d/usrlocal.sh':
source => 'puppet:///modules/base/os/etc/profile.d/usrlocal.sh';
'/etc/profile.d/usrlocal.csh':
source => 'puppet:///modules/base/os/etc/profile.d/usrlocal.csh';
'/etc/profile.d/krbsu.sh':
source => 'puppet:///modules/base/os/etc/profile.d/krbsu.sh';
'/etc/profile.d/krbsu.csh':
source => 'puppet:///modules/base/os/etc/profile.d/krbsu.csh';
'/etc/profile.d/prompt.sh':
source => 'puppet:///modules/base/os/etc/profile.d/prompt.sh';
'/etc/sysconfig/selinux':
ensure => link,
target => '/etc/selinux/config';
'/etc/selinux':
ensure => directory;
'/etc/selinux/config':
source => 'puppet:///modules/base/os/etc/selinux/config';
'/etc/cron.daily/prelink':
ensure => absent;
}
# Set kernel.sysrq = 1 for RH systems
base::sysctl { 'kernel.sysrq': ensure => 1 }
# Disable zeroconf
base::textline { 'NOZEROCONF=yes': ensure => '/etc/sysconfig/network' }
}