From aa86d15696245c6ded59ca51ceff8f6eaf3119c5 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 16 Oct 2013 12:18:15 -0400 Subject: syslog: add rsyslog::snippet to anonymize logs it is necessary to install the fixed package from the leap.se repository until it is available in wheezy-backports, so install the apt preferences to pull it from there, and add its necessary library dependency from wheezy-backports Change-Id: I379ff2ceaac1a978143715d3a7ced0011ca0d747 --- puppet/modules/site_config/manifests/syslog.pp | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/syslog.pp b/puppet/modules/site_config/manifests/syslog.pp index c7c55c34..6a9da460 100644 --- a/puppet/modules/site_config/manifests/syslog.pp +++ b/puppet/modules/site_config/manifests/syslog.pp @@ -1,6 +1,28 @@ class site_config::syslog { - class { 'rsyslog::client': log_remote => false, log_local => true } + # we need to pull in rsyslog from the leap repository until it is availbale in + # wheezy-backports + apt::preferences_snippet { 'fixed_rsyslog_anon_package': + package => 'rsyslog', + priority => '999', + pin => 'release o=leap.se', + before => Class['rsyslog::install'] + } -} + apt::preferences_snippet { 'rsyslog_anon_libestr0': + package => 'libestr0', + priority => '999', + pin => 'release a=wheezy-backports', + before => Class['rsyslog::install'] + } + + class { 'rsyslog::client': + log_remote => false, + log_local => true + } + rsyslog::snippet { '00-anonymize_logs': + content => '$ModLoad mmanon +action(type="mmanon" ipv4.bits="32" mode="rewrite")' + } +} -- cgit v1.2.3