This helps protecting users privacy since /var/run/utmp cannot be deleted.
Default: lastlog is disabled.
When set to a false, non-empty value, lastlog is not changed.
+$ramdisk_on_var_run
+-------------------
+
+Default: have the initscripts mount a ramdisk on /var/run.
+When set to a false, non-empty value, the mounting of a ramdisk on
+/var/run is disabled.
+
+Please note that the changes only take effect on reboot. When enabling
+this feature, you probably want to get rid of any file previously
+stored on the files (such as utmp) stored in the non-ramdisk
+underlying /var/run directory.
+
Copyright
=========
class{'loginrecords::wtmp::enable': }
}
+ if $loginrecords::ramdisk_on_var_run {
+ class{'loginrecords::ramrun::enable': }
+ } else {
+ class{'loginrecords::ramrun::disable': }
+ }
+
}
$disable_faillog = true,
$disable_lastlog = true,
$protect_utmp = true,
- $disable_wtmp = true
+ $disable_wtmp = true,
+ $ramdisk_on_var_run = true
){
# Include main class
case $kernel {
--- /dev/null
+class loginrecords::ramrun::disable inherits loginrecords::ramrun::enable {
+
+ Augeas { "ramdisk-on-var-run":
+ changes => "set RAMRUN yes",
+ }
+
+}
--- /dev/null
+class loginrecords::ramrun::enable {
+
+ augeas { "ramdisk-on-var-run":
+ context => "/files/etc/default/rcS",
+ changes => "set RAMRUN yes",
+ }
+
+}
projects / puppet-loginrecords.git / commitdiff