diff options
author | Micah Anderson <micah@leap.se> | 2013-10-16 12:18:15 -0400 |
---|---|---|
committer | Micah Anderson <micah@leap.se> | 2013-10-16 12:57:32 -0400 |
commit | aa86d15696245c6ded59ca51ceff8f6eaf3119c5 (patch) | |
tree | 777e5b758bde063000f72a9faf21b5aa0d1ecdf5 /puppet/modules | |
parent | de8fe441e1c07b63f1c02aa231a8a56c9a9448ec (diff) |
syslog: add rsyslog::snippet to anonymize logs
it is necessary to install the fixed package from the leap.se repository until it is available in wheezy-backports, so install the apt preferences to pull it from there, and add its necessary library dependency from wheezy-backports
Change-Id: I379ff2ceaac1a978143715d3a7ced0011ca0d747
Diffstat (limited to 'puppet/modules')
-rw-r--r-- | puppet/modules/site_config/manifests/syslog.pp | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/puppet/modules/site_config/manifests/syslog.pp b/puppet/modules/site_config/manifests/syslog.pp index c7c55c34..6a9da460 100644 --- a/puppet/modules/site_config/manifests/syslog.pp +++ b/puppet/modules/site_config/manifests/syslog.pp @@ -1,6 +1,28 @@ class site_config::syslog { - class { 'rsyslog::client': log_remote => false, log_local => true } + # we need to pull in rsyslog from the leap repository until it is availbale in + # wheezy-backports + apt::preferences_snippet { 'fixed_rsyslog_anon_package': + package => 'rsyslog', + priority => '999', + pin => 'release o=leap.se', + before => Class['rsyslog::install'] + } -} + apt::preferences_snippet { 'rsyslog_anon_libestr0': + package => 'libestr0', + priority => '999', + pin => 'release a=wheezy-backports', + before => Class['rsyslog::install'] + } + + class { 'rsyslog::client': + log_remote => false, + log_local => true + } + rsyslog::snippet { '00-anonymize_logs': + content => '$ModLoad mmanon +action(type="mmanon" ipv4.bits="32" mode="rewrite")' + } +} |