From: Silvio Rhatto <rhatto@riseup.net>
Date: Thu, 9 Mar 2017 13:54:32 +0000 (-0300)
Subject: Adds order param at nodo::subsystem::grsec
X-Git-Url: https://gitweb.fluxo.info/?a=commitdiff_plain;h=36c0149f58efb23e0cf3f50a6c649f0957366f5e;p=puppet-nodo.git

Adds order param at nodo::subsystem::grsec
---

diff --git a/manifests/subsystem/grsec.pp b/manifests/subsystem/grsec.pp
index 185454f..9cc8ba6 100644
--- a/manifests/subsystem/grsec.pp
+++ b/manifests/subsystem/grsec.pp
@@ -1,11 +1,18 @@
 class nodo::subsystem::grsec {
   include nodo::utils::security::grsec
 
+  nodo::subsystem::sysctl::entry { 'kernel.grsecurity.grsec_lock':
+    order => 'zz',
+    value => 1,
+  }
+
   nodo::subsystem::sysctl::entry { 'kernel.grsecurity.rwxmap_logging':
+    order => 'xx',
     value => 0,
   }
 
-  nodo::subsystem::sysctl::entry { 'kernel.grsecurity.grsec_lock':
-    value => 1,
+  # Old configs
+  file { [ '/etc/sysctl.d/kernel.grsecurity.rwxmap_logging.conf', '/etc/sysctl.d/kernel.grsecurity.grsec_lock.conf' ]:
+    ensure => absent,
   }
 }