Merge pull request #10 from jordiprats/master

fuck sles
NTTCom-MS · Sep 28, 2018 · 4f5a16c · 4f5a16c
2 parents 4d6a137 + f2da5ca
commit 4f5a16c
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 7 deletions.
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -85,14 +85,14 @@
 
           exec { 'set apparmor enforce':
             #command => "aa-enforce /etc/apparmor.d/*; exit 0",
-            command => 'bash -c \'for i in $(find /etc/apparmor.d -maxdepth 1 -type f); do aa-enforce $i; done; exit 0\'',
+            command => "bash -c 'for i in $(find ${apparmor::params::apparmor_dir} -maxdepth 1 -type f); do aa-enforce $i; done; exit 0'",
             require => Package['apparmor-utils'],
             unless  => 'apparmor_status | grep -E \'0 profiles are loaded.\$\'',
           }
 
           exec { "set apparmor ${mode}":
             #command => "aa-${mode} /etc/apparmor.d/*",
-            command => "bash -c 'for i in $(find /etc/apparmor.d -maxdepth 1 -type f); do aa-${mode} \$i; done; exit 0'",
+            command => "bash -c 'for i in $(find ${apparmor::params::apparmor_dir} -maxdepth 1 -type f); do aa-${mode} \$i; done; exit 0'",
             require => Exec['set apparmor enforce'],
             unless  => 'apparmor_status | grep -E \'0 profiles are loaded.\$\'',
           }
@@ -106,20 +106,20 @@
         'disabled':
         {
           exec { 'set apparmor enforce':
-            command => 'aa-enforce /etc/apparmor.d/*',
+            command => "aa-enforce ${apparmor::params::apparmor_dir}/*",
             require => Package['apparmor-utils'],
           }
 
           exec { "set apparmor ${mode}":
-            command => "aa-${mode} /etc/apparmor.d/*",
+            command => "aa-${mode} ${apparmor::params::apparmor_dir}/*",
             require => Exec['set apparmor enforce'],
             onlyif  => "apparmor_status | grep -vE '0 profiles are loaded.\$' | grep -E ' profiles are loaded.\$| profiles are in ${mode} mode.\$' | awk '{ print \$1 }' | uniq | wc -l | grep 2",
           }
         }
         default:
         {
           exec { "set apparmor ${mode}":
-            command => "aa-${mode} /etc/apparmor.d/*",
+            command => "aa-${mode} ${apparmor::params::apparmor_dir}/*",
             require => Package['apparmor-utils'],
             onlyif  => "apparmor_status | grep -vE '0 profiles are loaded.\$' | grep -E ' profiles are loaded.\$| profiles are in ${mode} mode.\$' | awk '{ print \$1 }' | uniq | wc -l | grep 2",
           }
@@ -129,7 +129,7 @@
     'enforce':
     {
       exec { "set apparmor ${mode}":
-        command => "aa-${mode} /etc/apparmor.d/*",
+        command => "aa-${mode} ${apparmor::params::apparmor_dir}/*",
         require => Package['apparmor-utils'],
         onlyif  => "apparmor_status | grep -vE '0 profiles are loaded.\$' | grep -E ' profiles are loaded.\$| profiles are in ${mode} mode.\$' | awk '{ print \$1 }' | uniq | wc -l | grep 2",
       }

diff --git a/manifests/params.pp b/manifests/params.pp
@@ -16,6 +16,7 @@
           {
             /^1[468].*/:
             {
+              $apparmor_dir = '/etc/apparmor.d'
               $default_mode='disable'
             }
             default: { fail("Unsupported Ubuntu version! - ${::operatingsystemrelease}")  }
@@ -35,10 +36,12 @@
           {
             '11.3':
             {
+              $apparmor_dir = '/etc/apparmor.d'
               $default_mode='complain'
             }
             '12.3':
             {
+              $apparmor_dir = '/etc/apparmor'
               $default_mode='complain'
             }
             default: { fail("Unsupported SLES version ${::operatingsystem} ${::operatingsystemrelease}") }

diff --git a/metadata.json b/metadata.json
@@ -17,7 +17,7 @@
     },
     {
       "operatingsystem": "SLES",
-      "operatingsystemrelease": [ "11.3" ]
+      "operatingsystemrelease": [ "11.3", "12.3" ]
     }
   ],
   "requirements": [