starlingx/stx-puppet
Code Issues Proposed changes

Puppet configuration for audit service parameter

Browse Source 
Add puppet configuration for the auditd grub parameter, "audit".
Puppet configuration will be used to update the kernel parameter
when is being set using the service parameter mechanism.

Story: 2008849
Task: 43365

Change-Id: I813ab5be84f052572dab133e0d066a0c118e652e
Signed-off-by: Carmen Rata <carmen.rata@windriver.com>
This commit is contained in:
Carmen Rata 2021-09-20 09:54:20 -04:00
parent 6f23470482
commit 01f5756361
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
puppet-manifests/src/modules/platform/manifests/compute.pp
View File

@ -36,7 +36,8 @@ class platform::compute::grub::params (
$m_hugepages = 'hugepagesz=2M hugepages=0',
$g_hugepages = '',
$default_pgsz = '',
$default_audit = 'audit=1 audit_backlog_limit=8192',
$g_audit = '',
$g_audit_backlog_limit = 'audit_backlog_limit=8192',
$keys = [
'kvm-intel.eptad',
'default_hugepagesz',
@ -58,7 +59,8 @@ class platform::compute::grub::params (
$eptad = ''
}
$grub_updates = strip("${eptad} ${g_hugepages} ${m_hugepages} ${default_pgsz} ${cpu_options} ${default_audit}")
$updated_audit = "audit=${g_audit}"
$grub_updates = strip("${eptad} ${g_hugepages} ${m_hugepages} ${default_pgsz} ${cpu_options} ${updated_audit} ${g_audit_backlog_limit}")
}
class platform::compute::grub::update