From 8a6dc6bf58f6a2cd91182dce5b9c6ea5cb2969ae Mon Sep 17 00:00:00 2001
From: Adam Henry Lewenberg <adamhl@stanford.edu>
Date: Wed, 8 Mar 2017 12:59:14 -0800
Subject: [PATCH] move filtersyslog to its own base: class

---
 NEWS                                          |  3 +++
 .../etc/filter-syslog.conf                    |  0
 manifests/filtersyslog.pp                     | 22 +++++++++++++++++++
 manifests/newsyslog.pp                        |  9 +++++---
 4 files changed, 31 insertions(+), 3 deletions(-)
 rename files/{newsyslog => filtersyslog}/etc/filter-syslog.conf (100%)
 create mode 100644 manifests/filtersyslog.pp

diff --git a/NEWS b/NEWS
index ec788e7..f561930 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,8 @@
 release/005.007 (unreleased)
 
+    [newsyslog] Pull out filter-syslog from newsyslog so filtersyslog can
+    be used separately from newsyslog. [adamhl]
+
     [ssh] Change the method by which we specify a list of sunetids too
     filter via filter-syslog. If you install this version of base you will
     need to add to hiera the list of sunetids whose authentication failure
diff --git a/files/newsyslog/etc/filter-syslog.conf b/files/filtersyslog/etc/filter-syslog.conf
similarity index 100%
rename from files/newsyslog/etc/filter-syslog.conf
rename to files/filtersyslog/etc/filter-syslog.conf
diff --git a/manifests/filtersyslog.pp b/manifests/filtersyslog.pp
new file mode 100644
index 0000000..2c100dc
--- /dev/null
+++ b/manifests/filtersyslog.pp
@@ -0,0 +1,22 @@
+# Install filter-syslog, which we use for auditing system logs, and its
+# basic configuration.
+
+class base::filtersyslog {
+
+  # Install the filter-syslog package.
+  package { 'filter-syslog':
+    ensure => present
+  }
+
+  # Install the default filter-syslog configuration.
+  file {
+    '/etc/filter-syslog.conf':
+      source  => 'puppet:///modules/base/filtersyslog/etc/filter-syslog.conf';
+    '/etc/filter-syslog':
+      ensure  => directory,
+      recurse => true,
+      purge   => true,
+  }
+
+
+}
diff --git a/manifests/newsyslog.pp b/manifests/newsyslog.pp
index 38eaa39..f08597c 100644
--- a/manifests/newsyslog.pp
+++ b/manifests/newsyslog.pp
@@ -4,9 +4,12 @@
 # logs, and its basic configuration.
 
 class base::newsyslog {
-  package {
-    'filter-syslog': ensure => present;
-    'newsyslog':     ensure => present;
+
+  # Install the basic filter-syslog system
+  include base::filtersyslog
+
+  package {'newsyslog':
+    ensure => present;
   }
 
   # Disable logrotate, since otherwise it will fight with newsyslog.  We could
-- 
GitLab