Skip to content
Snippets Groups Projects
Commit da647e68 authored by Bill MacAllister's avatar Bill MacAllister
Browse files

Add base::noipmi

This allows "odd" machines to suppress loading ipmi support and
running the exec that disables cipher zero.
parent 53c51952
No related branches found
No related tags found
No related merge requests found
release/003.033 (2014-08-31)
Add base::noipmi. This allows "odd" machines to suppress loading ipmi
support and running the exec that disables cipher zero. (whm)
release/003.032 (2014-08-27)
Remove yuelu from filter syslog exceptions. (whm)
......
# ipmi class to load ipmi client modules except on VMware platforms
# base::ipmi and base::noipmi
#
# ipmi classes to load, and suppress loading, ipmi client modules.
# Loading of ipmi is automatically suppressed on VMware platforms.
class base::ipmi {
......@@ -94,9 +97,23 @@ class base::ipmi {
# Disable cipher zero. Some IPMI report the ciphers backwards so we work
# around it. Puppet 2.6.3 doesn't support provider param for exec.
# Working around it.
# Working around it. The signal file /etc/noipmi allows this execution to
# be suppressed on systems that don't have ipmi.
exec { 'ipmitool lan set 1 cipher_privs XaaaaaaaaaaaaaX':
unless => 'bash -c \'if ! `ipmitool lan print | grep -q "Cipher Suite Priv Max : Not Available"`; then ipmitool lan print | grep "Cipher Suite Priv Max" | cut -d: -f2 | egrep -q "^ XaaaaaaaaaaaaaX"; fi\'',
unless => 'bash -c \'if [ ! -e /etc/noipmi ] && ! `ipmitool lan print | grep -q "Cipher Suite Priv Max : Not Available"`; then ipmitool lan print | grep "Cipher Suite Priv Max" | cut -d: -f2 | egrep -q "^ XaaaaaaaaaaaaaX"; fi\'',
}
}
}
class base::noipmi inherits base::ipmi {
Base::Os::Kernel-module['ipmi_si'] { ensure => absent }
Base::Os::Kernel-module['ipmi_devintf'] { ensure => absent }
File['/etc/default/ipmievd'] { ensure => absent }
Service['ipmievd'] { ensure => stopped }
file { '/etc/noipmi':
mode => '0644',
content => "ipmi is not supported on this system\n",
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment