more instance variable cleanup

a8a3004b · Adam Lewenberg · d6d037da · a8a3004b · a8a3004b · a8a3004b
Commit a8a3004b authored 8 years ago by Adam Lewenberg
--- a/NEWS
+++ b/NEWS
 release/005.001 (2016-12-07)

    Add "path" attributes to several exec resources. This will be required
-    in the next version of Puppet [adamhl].
+    in the next version of Puppet. [adamhl]
+
+    [puppetclient] Replace "local" variables with what is really intended:
+    instance variables defined in the calling manifest (or defiend as a
+    Puppet fact). While not strictly necessary right now, in a future
+    version of Puppet will stop interpreting ERB local variables as
+    instance variables so we might as well fix them now. [adamhl]
+
+    [puppetclient] Remove some conditional code that made sense when we
+    used very old versions of Puppet. [adamhl]
+
+    [ssh] More of the instance variable cleanup. [adamhl]
+
+    [syslog] More of the instance variable cleanup. [adamhl]
+
+    [xinetd] More of the instance variable cleanup. [adamhl]

 release/005.000 (2016-11-21)


--- a/templates/ssh/sshd_config.erb
+++ b/templates/ssh/sshd_config.erb
@@ -43,7 +43,7 @@ HostKey /etc/ssh/ssh_host_ed25519_key
 LoginGraceTime 300

 # Prevent attackers from running long password guessing attacks.
-MaxAuthTries <%= max_tries %>
+MaxAuthTries <%= @max_tries %>

 <% if @osfamily == 'RedHat' then -%>
 # Some Red Hat systems are old enough that this has to be explicitly enabled.
@@ -54,9 +54,9 @@ UsePrivilegeSeparation yes
 # since we use GSS-API (or passwords).
 IgnoreRhosts yes
 RSAAuthentication no
-PubkeyAuthentication <%= pubkey ? 'yes' : 'no' %>
+PubkeyAuthentication <%= @pubkey ? 'yes' : 'no' %>
 RhostsRSAAuthentication no
-HostbasedAuthentication <%= hostbased ? 'yes' : 'no' %>
+HostbasedAuthentication <%= @hostbased ? 'yes' : 'no' %>

 # Allow password authentication via PAM, but not empty passwords.
 ChallengeResponseAuthentication yes
@@ -115,7 +115,7 @@ Subsystem sftp /usr/libexec/openssh/sftp-server
 <% else -%>
 Subsystem sftp /usr/lib/openssh/sftp-server
 <% end -%>
-<% if gitolite then -%>
+<% if @gitolite then -%>

 # gitolite user should run through a wrapper to map it to actual user.
 Match User gitolite

--- a/templates/syslog/rsyslog.conf.erb
+++ b/templates/syslog/rsyslog.conf.erb
@@ -42,7 +42,7 @@ $KLogPermitNonKernelFacility on
 $SystemLogRateLimitInterval 0

 <% end -%>
-<% unless use_syslog_conf == 'false' || !use_syslog_conf -%>
+<% unless @use_syslog_conf == 'false' || !@use_syslog_conf -%>
 # Include the syslog rules first so they can be overriden by rsyslog.d.
 $IncludeConfig /etc/syslog.conf


--- a/templates/xinetd/config.erb
+++ b/templates/xinetd/config.erb
 # Managed by Puppet via xinetd::config class
 # default: on
-# description: <%= description %>
-service <%= service %>
+# description: <%= @description %>
+service <%= @service %>
 {
        disable         = no
-<% if name != service then -%>
-        id              = <%= name %>
+<% if @name != @service then -%>
+        id              = <%= @name %>
 <% end -%>
-<% if server_type != '' then -%>
-        type            = <%= server_type %>
+<% if @server_type != '' then -%>
+        type            = <%= @server_type %>
 <% end -%>
-<% if protocol != '' then -%>
-        protocol        = <%= protocol %>
+<% if @protocol != '' then -%>
+        protocol        = <%= @protocol %>
 <% end -%>
-<% if port != '' then -%>
-        port            = <%= port %>
+<% if @port != '' then -%>
+        port            = <%= @port %>
 <% end -%>
-<% if protocol == 'udp' then -%>
+<% if @protocol == 'udp' then -%>
        socket_type     = dgram
        wait            = yes
 <% else -%>
        socket_type     = stream
        wait            = no
 <% end -%>
-<% if flags != '' then -%>
-        flags           = <%= flags %>
+<% if @flags != '' then -%>
+        flags           = <%= @flags %>
 <% end -%>
-        user            = <%= user %>
-        group           = <%= group %>
-<% if server_type !~ /INTERNAL/ then -%>
-        server          = <%= server %>
-<%   if server_args != '' then -%>
-        server_args     = <%= server_args %>
+        user            = <%= @user %>
+        group           = <%= @group %>
+<% if @server_type !~ /INTERNAL/ then -%>
+        server          = <%= @server %>
+<%   if @server_args != '' then -%>
+        server_args     = <%= @server_args %>
 <%   end -%>
-        libwrap         = <%= server[/[^\/]+$/] %>
+<%- libwrap = @server[/[^\/]+$/] -%>
+        libwrap         = <%= libwrap %>
 <% end -%>
-<% if cps != '' then -%>
-        cps             = <%= cps %>
+<% if @cps != '' then -%>
+        cps             = <%= @cps %>
 <% end -%>
-<% if per_source != '' then -%>
-        per_source      = <%= per_source %>
+<% if @per_source != '' then -%>
+        per_source      = <%= @per_source %>
 <% end -%>
-<% if instances != '' then -%>
-        instances       = <%= instances %>
+<% if @instances != '' then -%>
+        instances       = <%= @instances %>
 <% end -%>
-<% if env != '' then -%>
-        env             = <%= env %>
+<% if @env != '' then -%>
+        env             = <%= @env %>
 <% end -%>
-<% if log_type != 'NONE' then
-     if (server_type !~ /INTERNAL/) and (protocol != 'udp') then
-       if log_type != '' then -%>
-        log_type        = SYSLOG <%= log_type %>
+<% if @log_type != 'NONE' then
+     if (@server_type !~ /INTERNAL/) and (@protocol != 'udp') then
+       if @log_type != '' then -%>
+        log_type        = SYSLOG <%= @log_type %>
 <%     else -%>
        log_type        = SYSLOG daemon
 <%     end -%>