linux

Manage main Linux configurations in a single module.
Marco Tulio

Marco Tulio

mtulio

9,599 downloads

7,982 latest version

4.3 quality score

Version information

  • 1.1.1 (latest)
  • 1.1.0
  • 1.0.3
  • 1.0.2
  • 1.0.1
  • 1.0.0
  • 0.1.0
released Jul 3rd 2019
This version is compatible with:
  • Puppet Enterprise 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 3.0.0 < 5.0.0
  • RedHat
    ,
    CentOS

Start using this module

Documentation

mtulio/linux — version 1.1.1 Jul 3rd 2019

Linux

Table of Contents

  1. Overview
  2. Module Description
  3. Setup
  4. Usage
  5. Reference
  6. Limitations
  7. Development
  8. Release Notes

1. Overview

This module is a 'all-in-one' module to manage main Linux configurations including basic and security options

2. Module Description

This module is a 'all-in-one' module to manage main Linux configurations, that includes:

Security administration:

  • SELinux config

Basic Sysadmin administration:

  • motd
  • ntpdate
  • hosts
  • timezone
  • resolv.conf
  • sudoers

3. Setup

What module affects

  • This module can change all the behavior of the Linux Operational System, mostly the security classes

Setup Requirements

Install module:

  • puppet module install mtulio-linux

Beginning

This is a great module to configure your OS Linux. This module can be called from a profile module, and it was created to be easy to manage the simple Linux configurations.

4. Usage

Check usage of each class:

Base Class: NTPdate

  • Schedulle at contab an ntpdate execution using custom ntp servers:
 class {'linux::base::ntpdate' :
   ntpserver => 'pool.ntp.br',
 }

Base Class: MOTD

  • Create a default 'Message of the Day':
 class {'linux::base::motd' : }
  • Create a custom message:
 class {'linux::base::motd' : 
   content => 'Custom motd message',
 }
  • Create a custom esb template file:
 class {'linux::base::motd' :
   content => 'custom/path/to/motd.esb',
 }

Base Class: HOSTS

  • Update hots file:
 class {'linux::base::hosts' : }

Base Class: TIMEZONE

  • Update system timezone, using default timezone [linux::params]:
 class {'linux::base::timezone' : }
  • Update system timezone from system, usgin custom timezone:
 class {'linux::base::timezone' : 
   timezone => 'America/Recife',
 }

Base Class: RESOLV_CONF

  • Update /etc/resolv.conf from [linux::params]:
 class {'linux::base::resolv_conf' : }
  • Update /etc/resolv.conf of custom servers:
 class {'linux::base::resolv_conf' : 
   nameservers = ['8.8.8.8'],
 }

Base Class: SUDOERS

  • Update /etc/sudoers from default template :
 class {'linux::base::resolv_conf' : }
  • Update /etc/sudoers from custom template:
 class {'linux::base::resolv_conf' : 
   template => '/path/to/your/template/sudoers',
 }

Base Function: USER

  • Add local user [tests/base_user_add.pp]:
include linux
linux::base::user {'marco.braga':
  ensure           => present,
  user             => 'marco.braga',
  comment          => 'Test add user',
  home             => '/home/marco.braga',
  password         => 'teste',
  gid              => 'marco.braga',
  groups           => ['users','g2'],
  shell            => '/bin/bash',
  manage_home      => true,
  password_max_age => '99999',
  password_min_age => '0',
  group_ensure     => 'present'
}
  • Remove user from system [tests/base_user_rem.pp]:
include linux
linux::base::user {'marco.braga':
  ensure => absent
}

Security Class: SELinux

  • Set to permissive mode:
 class {'linux::security::selinux' :
   mode => permissive,
 }
  • Set to enforced mode:
class {'linux::security::selinux' :
  mode => enforced,
}
  • Set to 'disabled' mode:
 class {'linux::security::selinux' :
   mode => disabled,
 }
  • Config from your own custom template:
 class {'linux::security::selinux' :
   template_conf => 'module/selinux/config.erb',
 }

5. Reference

Base Class: NTPdate

  • Description: Schedulle to update System Time using ntpdate
  • Default ntp server: 'a.ntp.br'
  • Files affected:
/etc/crontab

Base Class: MOTD

  • Description: Create a custom 'Message of the Day'
  • Files affected:
 /etc/motd

Base Class: Hosts

  • Description: Update hosts file with your local IP address and domain
  • Files affected:
/etc/hosts

Base Class: TIMEZONE

  • Description: Update system timezone
  • Files affected:
/etc/localtime
/etc/timezone

Base Class: RESOLV_CONF

  • Description: Update DNS local resolver configuration
  • Files affected:
/etc/resolv.conf

Base Class: SUDOERS

  • Description: Update SUDOERS file to manage grant right for users on Linux System
  • Files affected:
/etc/sudoers

Feature User: Base/USER

  • Description: Add or remove local users on Linux System
  • Files affected:
/etc/passwd
/etc/shadow
/etc/groups

Security Class: SELinux

  • Description: Configure SELinux to enforcing, permissive or disabled mode
  • Files affected:
/etc/selinux/config

6. Limitations

OS compatibility:

  • Red Hat family 7+

We're working to support more OS.

7. Development

See project page at https://github.com/mtulio/puppet-linux

8. Release Notes

[1.1.1]

  • Fix metadata dependences

[1.1.0]

  • New feature: 'linux::base::user' - Manage and delete users

[1.0.1] - [1.0.3]

  • Documentation review and fix
  • Coding style review

[1.0.0]

  • Add module: linux::base::sudoers
  • Review documentation e project description

[0.1.0]

  • Add class security::selinux
  • Add class base::ntpdate