Commit 13e4017b authored by Joshua Timberman's avatar Joshua Timberman
Browse files

Merge pull request #5 from rjw1/master

[COOK-1678] Set default attributes for users depending on version and platform. 
parents 25972ad1 f831e0f3
......@@ -52,6 +52,11 @@ See `attributes/default.rb` for default values.
template statements in `35-server-per-host.conf`. Default value is
the previous cookbook version's value, to preserve compatibility.
See __server__ recipe below.
* `node['rsyslog']['user']` - Specify the user to run and write files as.
* `node['rsyslog']['group']` - Specify the group to run and write files as.
* `node['rsyslog']['priv_seperation']` - Whether to use privilege seperation or
not.
Recipes
......
......@@ -25,3 +25,26 @@ default["rsyslog"]["server_ip"] = nil
default["rsyslog"]["server_search"] = "role:loghost"
default["rsyslog"]["remote_logs"] = true
default["rsyslog"]["per_host_dir"] = "%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%"
case platform
when "debian"
default["rsyslog"]["user"] = "root"
default["rsyslog"]["group"] = "adm"
default["rsyslog"]["priv_seperation"] = false
when "ubuntu"
# syslog user introduced with natty package
if node['platform_version'].to_f >= 10.10 then
default["rsyslog"]["user"] = "root"
default["rsyslog"]["group"] = "adm"
default["rsyslog"]["priv_seperation"] = false
else
default["rsyslog"]["user"] = "syslog"
default["rsyslog"]["group"] = "adm"
default["rsyslog"]["priv_seperation"] = true
end
else
#values for fedora at least
default["rsyslog"]["user"] = "root"
default["rsyslog"]["group"] = "root"
default["rsyslog"]["priv_seperation"] = false
end
......@@ -47,8 +47,8 @@ directory "/etc/rsyslog.d" do
end
directory "/var/spool/rsyslog" do
owner "syslog"
group "adm"
owner node['rsyslog']['user']
group node['rsyslog']['group']
mode 0755
end
......
......@@ -30,8 +30,8 @@ directory ::File.dirname(node['rsyslog']['log_dir']) do
end
directory node['rsyslog']['log_dir'] do
owner "syslog"
group "adm"
owner node['rsyslog']['user']
group node['rsyslog']['group']
mode 0755
end
......
# Generated by Chef
# Local modifications will be overwritten
$DirGroup adm
$DirGroup <%= node['rsyslog']['group'] %>
$DirCreateMode 0755
$FileGroup adm
$FileGroup <%= node['rsyslog']['group'] %>
$template PerHostAuth,"<%= @log_dir %>/<%= @per_host_dir %>/auth.log"
$template PerHostCron,"<%= @log_dir %>/<%= @per_host_dir %>/cron.log"
......
......@@ -45,14 +45,15 @@ $WorkDirectory /var/spool/rsyslog
#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileOwner <%= node['rsyslog']['user'] %>
$FileGroup <%= node['rsyslog']['group'] %>
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup adm
<% if node['rsyslog']['priv_seperation'] %>
$PrivDropToUser <%= node['rsyslog']['user'] %>
$PrivDropToGroup <%= node['rsyslog']['group'] %>
<% end %>
#
# Include all config files in /etc/rsyslog.d/
#
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment